Just as technology has evolved rapidly in recent years, so too has the need to address ethical ramifications surrounding new technologies. Recently, state ethical committees, as well as the American Bar Association, have been tasked with considering the ethical questions surrounding cloud-based storage. Cloud-based storage involves saving data and software on servers owned by third parties. Such storage has the potential to save law practices a great deal of money, and is often more convenient than traditional storage methods.
Looming in the background of the benefits, however, is the potential cybersecurity risks. Accordingly, ethics commissions have been tasked with determining the appropriate balance between allowing law practices to take advantage of cloud-based storage, while still protecting confidential client data. In balancing the competing factors, state associations, as well as the American Bar Association, have universally approved the use of cloud-based storage. However, the allowance is not without restriction.
For example, the American Bar Association, after addressing cloud computing during an annual meeting, recently amended Model Rule 1.6, adding a subpart that requires lawyers to “make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” Although the American Bar Association did not disapprove of cloud-based storage, law practices using third-party storage services are cautioned to carefully consider safety mechanisms offered by potential providers, as well as their ethical obligations, before entering into service agreements.