Law Practice: Lucian, how well did the Model Rules fare as we all moved to work from home (WFH) at the start of the pandemic?
Lucian Pera: Remarkably well, actually. The first big challenge was cybersecurity. Working from home, of course, confined most of us to a familiar environment where we had to do things we weren’t used to doing there. How do you have a client call with toddlers or a dog underfoot? How do you maintain confidentiality of client communications in your living room or your basement?
Soon after many of us went home to work, several things became very clear.
Lawyers were very much aware of the challenges, from basic confidentiality—Where can I talk with clients privately from my family?—to the increased threats of phishing and other scammers preying on those of us working in an unfamiliar environment. That awareness was crucial.
Lawyers also radically accelerated their adoption of new tech, from Zoom to Microsoft 365, to make WFH possible and effective. As Legal Evolution’s Dan Currell has written, necessity is the mother of adoption, not innovation. In doing so, the vast majority of lawyers, despite our many Zoom gaffes, knew of their need for confidentiality and security. In my early-pan- demic CLEs on cybersecurity, I saw hordes of lawyers eager to figure this out and do the right thing.
And they were able to do so, largely because bar ethics committees, especially the ABA, had laid the groundwork, in well-thought-out and well-written opinions, for thinking about how to handle technology and cybersecurity, both in terms of competence and security. ABA Formal Opinions 477R on cybersecurity generally, Opinion 482 on disasters and planning for them, and Opinion 483 on cyber breaches and incidents, plus a host of other state bar opinions, laid a fairly complete foundation for lawyers to understand what the ethics rules meant in daily tech life. And by the way, for lawyers conscious of the need to tweak their software toward more security—think two-factor authorization—offerings like Microsoft 365 and other well-built cloud products have allowed lawyers to “outsource” their cybersecurity to vendors who do it better than we can.