At its August 2012 Annual Meeting, the American Bar Association approved a number of amendments to the ABA’s Model Rules of Professional Conduct (RPC) related to the increasing role of technology in legal practice and, specifically, litigation. Some of these rules bear directly on a litigator’s obligations in connection with electronic discovery. While none of the changes purport to establish any new obligations, they certainly highlight what have come to be regarded as “best practices” in law-practice risk management as well as litigation—in other words, although to be effective, these changes to the model rules will have to be adopted by individual states, the litigator will ignore these rules changes at his or her peril.
February 14, 2013 Articles
Technology-Related Ethics Rules Changes Litigators Must Understand
New changes to the Model Rules of Professional Conduct take into account e-discovery challenges.
By Seth H. Row
Change 1: The Duty of “Competence”
The first change has been the most discussed—but it is also the most subtle and open to interpretation. Model Rule 1.1 has established, since the Model Rules were first promulgated, a duty to provide competent representation. As with many rules, it is the comments that provide the most information. The comments to Rule 1.1 have long stated that lawyers must “keep abreast of changes in the law and its practice” and “engage in continuing study and education.” That comment (formerly Comment 6, now Comment 8) has now been amended to add the phrase “including the benefits and risks associated with relevant technology” after “keep abreast of changes in the law . . .”
What does it mean to keep abreast of the “benefits and risks associated with relevant technology”? For every lawyer, that will include all of the technology that we and our firms use in the daily practice of law: email, document-management systems, file storage, billing software, websites, remote-computing capabilities, and portable devices. Outsourcing—a practice made possible, or certainly much easier, by technology—was one major concern to the “Commission on Ethics 20/20” that was responsible for these changes. Lawyers must conduct due diligence on who they are outsourcing to, including the competence of the vendor, the security and other controls in place, and the ability for the attorney to terminate the arrangement and ensure that all information has been retrieved. Also of concern to the committee was cloud storage—again, the rule would appear to require a careful assessment of the risks, along with the benefits, of storing client data or even client-related data (such as billing information) in the cloud. These concerns are specific manifestations of a concern about data security generally (whether in the “cloud,” on the server in the attorney’s office, or on the attorneys’ smartphone) in an era of increasing hacks and data theft.
Some of the concerns associated with those technologies or technology-related practices are treated more specifically in the change to Model Rule 1.6 (confidentiality), discussed below, and there is no doubt considerable interplay between those two changes as it pertains to everyday practice management.
The change to Rule 1.1 has the most significance for litigators, as it applies to electronic discovery. The report from the ABA’s Ethics 20/20 commission that accompanied the recommendations to the ABA House of Delegates expresses the hope that this change will spur those litigators who have attempted to avoid it to dive into the world of electronic discovery—or at least to educate themselves about it. By requiring consideration of the benefits of relevant technology, the rule calls out those “Luddites” among us—it will no longer be acceptable to rely on old habits and methods of practice without reflection. To give the most basic example, litigators must assess whether it would be to the client’s benefit (strategically, economically, or otherwise) not to print out all of those responsive emails, but to gather, process, and produce them electronically. And more toward the cutting edge, the rule could be seen as requiring a consideration of newer technologies such as “computer assisted review” (CAR)—sometimes referred to as “predictive coding” or “automated analysis”—if older technologies (such as keyword searching) would not best serve the client’s interests. Of course, by requiring consideration of the risks of technology, Model Rule 1.1 requires also that the litigator be up to speed on the potential problems with using a particular vendor, technology, or approach, and requires some level of due diligence.
Change 2: Outsourcing to Lawyers and Nonlawyers
Several of the Model Rules saw changes relating to outsourcing. Model Rule 1.1 (competence) had two paragraphs of comments added relating to outsourcing to other lawyers; the changes require client consent, and the attorney must weigh several factors before engaging “nonfirm” lawyers. For litigators, this change has the most application to retaining “contract” attorney document reviewers, a common practice in large-document cases. One of the factors that must be considered: “the education, experience, and reputation of the nonfirm lawyers” means that it will likely not be permissible to rely on a staffing agency to choose what contract lawyers work on a review. Another factor: “the legal protections, professional conduct rules, and ethical environments of the jurisdictions in which the services will be performed, particularly related to confidential information” appears to be aimed at “offshoring” of document review to other countries that may impose lesser restrictions on their attorneys.
Model Rule 5.3, dealing with nonlawyer outsourcing, also saw a change. In particular, new Comment 3 states that lawyers should give directions to “give reasonable assurance” that conduct by any nonlawyer outside the firm retained on a matter is “compatible with the professional obligation” of the lawyer. In other words, it would no longer appear to be acceptable to simply “turn loose” a nonlawyer vendor of any sort (all the way from an e-discovery consultant to a private investigator) on a project without giving direction to the vendor about confidentiality, ethical conduct, and so on. The comment does indicate that the extent of the obligation to “give direction” depends upon circumstances such as prior arrangements with the vendor, the experience and reputation of the vendor, and the legal and ethical requirements that exist for the vendor in the jurisdiction.
Also, importantly for litigators, Comment 4 was added to Model Rule 5.3, addressing the increasingly common phenomenon of clients selecting outside vendors with whom they have some sort of “preferred provider” connection. The rule cautions that “the lawyer ordinarily should agree with the client concerning the allocation of responsibility for monitoring as between the client and the lawyer.” This is obviously a best practice in the e-discovery field where vendor mistakes have landed some firms, and their clients, in hot water for inadvertent disclosure of privileged material. This Ethics 20/20 report accompanied this change.
Change 3: Reasonable Efforts Required to Protect Inadvertent Disclosure
If that doesn’t sound like much of a change, you are right. Model Rule 1.6 has always required that lawyers not reveal confidential information. What is new (in new paragraph c of the rule) is the express addition of a prophylactic requirement: a requirement to take “reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” The comment to the new paragraph (Comment 16) gives something of a safe harbor in the event of an inadvertent disclosure if the lawyer “has made reasonable efforts to prevent the access or disclosure.” The comment also gives a number of factors that may be taken into account in assessing whether the lawyer’s efforts were “reasonable.”
This change was aimed squarely at such everyday problems as disclosure of metadata in emailed word-processing documents. Many firms already employ a metadata “scrubber” within their email programs to attempt to prevent hidden data from being sent outside the firm, and this rule will no doubt prompt further examination of similar technologies, such as additional encryption for email and cloud-accessible data. It also impacts the increasingly common “café lawyer” technologies that allow us to work wherever we are. This rule was designed to prompt an examination both of the risks of “cyber-snooping” and hacking inherent in working outside of a firewall environment, the technological steps that should be implemented to deal with those risks, and also what policies firms should create to mandate that attorneys do not, through inadvertence, expose client confidences to marauders.
Technology Is Not Just for Your Teenagers
The changes to the Model Rules need to be adopted by individual states to be effective, and some states may modify the rules or decline to adopt some aspects. Nevertheless, for litigators, these rules changes enshrine what many have promoted as “best practices” in managing document-intensive cases, including careful controls over outsourcing of legal and non-legal work, and assessment of whether use of the latest and greatest in what vendors have to offer is in the client’s interest. And the changes require all lawyers to be cognizant of our special obligation to ensure that, having adopted the technological innovations that our colleagues in the nonlawyer businesses community use to enhance productivity, we have not and do not jeopardize client confidentiality.
Note: The Pretrial Practice & Discovery website contains many sample forms and additional articles on many of the e-discovery issues discussed in this article.
Keywords: litigation, pretrial practice, discovery, ethics, e-discovery
Seth H. Row is a partner at Parsons Farnell & Grein LLP in Portland, Oregon.
Copyright © 2013, American Bar Association. All rights reserved. This information or any portion thereof may not be copied or disseminated in any form or by any means or downloaded or stored in an electronic database or retrieval system without the express written consent of the American Bar Association. The views expressed in this article are those of the author(s) and do not necessarily reflect the positions or policies of the American Bar Association, the Section of Litigation, this committee, or the employer(s) of the author(s).