The Ethical Duties of Lawyers Flashcards
Competence
The ABA proposes that lawyers must:
“…maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology, engage in continuing study and education and comply with all continuing legal education requirements to which the lawyer is subject.”
While the above is only proposed by the ABA, meaning that this isn’t a requirement for all lawyers in the US, lawyers must abide by the regulations of their state bar associations. Some bar associations do have a requirement for lawyers to stay on top of relevant technology.
Confidentiality
Lawyers and firms must demonstrate that they’ve taken a reasonable effort to prevent inadvertent and unauthorized disclosure of information related to their representation of clients. There are consequences for inadvertent and unauthorized disclosure but what is considered to be a “reasonable effort” changes over time and can vary based on multiple factors
It can be easier to demonstrate this reasonable effort by using cloud tools, but firms cannot rely on the word of the vendor alone. Thankfully, the cost and difficulty of implementing safeguards are diminishing. For example, implementing 2-factor authentication can be enabled without waiting for a vendor or developer to build something
Responsibility of oversight
Lawyers frequently work with non-lawyer staff and those staff must conduct themselves in a way that’s compatible with the professional obligation of lawyers. Again, reasonable efforts must be made. These same standards apply to external non-lawyers who are working with lawyers
Ethics Opinions
Cloud ethics opinions vary from bar to bar. Lawyers will need to check with their bar and regulator on what their responsibilities are and if there are any educational requirements they are subject to.
For example, the state of Massachusetts has the following ethics opinion:
- must review and revisit terms of service, restrictions on data access, data portability, and vendor security practices
- must follow client’s instructions regarding cloud technology use to store or transmit data
- must obtain client approval before using the internet to store or transfer sensitive client information
Compliance concerns
Lawyers often overlook the need to comply with both ethical and regulatory concerns. Some examples of compliance concern include:
- HIPAA-Health Insurance Portability and Accountability Act
- Privacy Shield
- IRS-Internal Revenue Service
- PIPEDA-Personal Information Protection and Electronic Documents Act
- GDPR-General Data Protection Regulation
Competent cloud vendors can make it easy to comply with compliance regulations like the above for relatively cheap