Don’t Let the Web Bugs Bite

I hadn’t heard of this one before.  Late last month, the Alaska Bar Association’s Board of Governors adopted an ethics opinion that deals with “web bugs.”  Per the opinion, it is not  “ethically permissible for a lawyer to use a ‘web bug’ or other tracking device to track the location and use of emails and documents sent to opposing counsel.”

The opinion is HERE.  I suggest reading it instead of relying on my summary.

Essentially, a “web bug” is technology that allows the sender of an email to track whether, how often, and how long a recipient reviews and forwards the email and its attachments. Per the opinion, a web bug allows the sender to track:

  • “when the email was opened;
  • how long the email was reviewed (including whether it was in the foreground or background while the user worked on other activities);
  • how many times the email was opened;
  • whether the recipient opened attachments to the email;
  • how long the attachment (or a page of the attachment) was reviewed;
  • whether and when the subject email or attachment was forwarded; and
  • the rough geographical location of the recipient.”

Web bug providers often allow senders to disable a feature that notifies the recipient of the web bug’s presence. The Alaska Bar Association concluded that a lawyer who includes a web bug in an email to opposing counsel and who disables the notification violates Alaska’s rule that prohibits lawyers from engaging in conduct involving dishonesty, deceit, misrepresentation and fraud.  Vermont’s has the same rule. It’s Rule 8.4(c).

Distinguishing the use of web bugs from phone calls & conversations in which there is no implied assertion that the conversation is not being surreptitiously recorded, the Alaska Bar concluded that “it is entirely reasonable for a lawyer to assume that emails, documents and other electronic communications received from an opposing lawyer will not be “bugged.'”

The opinion goes on to state that:

  • “As just one example, assume that a client informs her lawyer that she has moved to another state but does not want her whereabouts disclosed to anyone else for any number of reasons.  Opposing counsel sends a bugged email to the client’s lawyer that includes an attached document for the client’s signature.  When that email is forwarded to the client, the tracking device could improperly obtain and deliver to the sending lawyer confidential information about the client’s general location.  Or, assume that the parties are in settlement negotiations and one lawyer sends a bugged email with a draft settlement agreement.  Based on the report from the tracking device, the sending lawyer learns that the lawyer focused most of her time on the third page; the lawyer then forwarded the document to a city where the client lives; this recipient focused on the sixth page and then sent the document back to the lawyer; and the lawyer subsequently focused solely on the sixth page of the draft.  This gives the sending lawyer access to attorney-client protected information and extraordinary insight as to which sections of a document the lawyer and her client found most important.”

Finally, the Alaska Bar concluded it’s not just the surreptitious use of web bugs that is troubling.

  • “While the surreptitious use of tracking devices is especially troubling, even the disclosed use of a tracking device when communicating with opposing counsel is not permissible.  Insofar as the tracking device allows the sending lawyer to intrude upon the attorney’s work product by tracking the attorney’s use of that document, it constitutes an unwarranted intrusion into the attorney-client relationship. Seeking to invade that relationship through the use of tracking devices (whether disclosed or not) is dishonest and unethical.  And, it is entirely possible that a busy receiving lawyer may not notice the disclosure, may not fully appreciate what it means, or consider whether client consent is necessary before agreeing (expressly or implicitly) to opposing counsel putting an electronic tracking device on documents.”

From there, the Alaska Bar opined that the use of a web bug impermissibly interferes with the recipient lawyer’s duty to take reasonable precautions to protect information related to the representation from unauthorized disclosure to unintended recipients.  Specifically,

  • “[t]he Committee does not interpret this duty as requiring the lawyer to presume that opposing lawyer will seek to ‘bug’ communications and requiring the lawyer to take active steps to detect and prevent such tracking devices.  As a practical matter, with rapidly changing technology and software that may be impractical or even impossible for the receiving lawyer to accomplish.  The Committee believes that the only reasonable means of protecting attorney-client communications and work product in this situation is to bar the lawyer sending the communication from using these types of tracking devices.”

I find this final point somewhat interesting.  It’s quite different from the evolving view of a lawyer’s duties with respect to the electronic storage and transmission of client information.  It’s also the exact opposite of what we’re telling lawyers with respect to metadata & track changes.

With metadata & track changes, we’ve clearly stated that it’s perfectly okay to look for information that goes to the heart of the attorney-client relationship.  In so doing, we’ve said that if you don’t know about metadata and don’t take steps to prevent it from being accessed, it’s your problem, not the lawyer’s who looks for it without telling you that she’s looking.

No, I’m not arguing that a lawyer has a duty to sweep the office for bugs or listening devices once opposing counsel departs after visiting.  Rather, I simply wonder whether technology soon will have evolved to the point where it is not unreasonable for a lawyer to check an email for a web bug.

Anyhow, yet another tech issue to be aware of.





2 thoughts on “Don’t Let the Web Bugs Bite

Comments are closed.