Crossing the Border? Consider Bringing Only What You Really Need.

There’s a lot going on in Montreal.

The city is celebrating its 375th anniversary.  The Impact and Alouettes have opened their seasons.  Guns N’ Roses plays Parc Jean Drapeau in a few weeks, and hopefully things go better than at the Big O in 1992.  The Museum of Fine Arts has Revolution.  The Lachine Rapids are a great way to beat the August heat.

Whatever draws you north, think twice about bringing electronic devices that contain client information.

A few weeks ago, I posted an update on protecting client information while returning to the U.S. from abroad.  In it,  I included this quote from another blogger: “I wish I could conclude this post with easy answers, but it appears that there are none at the moment.”

Moments change.

On July 27, the New York City Bar Association issued Formal Opinion 2017-5.  In short, and as reported by the ABA Journal, lawyers should take reasonable precautions to avoid disclosure of client information during a border crossing.

Here are some highlights from the NYC Opinion:

  • Rules 1.1 (competence) and 1.6 (confidences) impose a duty to act competently to safeguard client information.
  • The duty includes taking reasonable precautions against disclosing information that should not be disclosed.
  • The duty requires “attorneys to make reasonable efforts prior to crossing the U.S. border to avoid or minimize the risk that government agents will review or seize client confidences that are carried on, or accessible on, electronic devices that attorneys carry across the border.”
  • What are reasonable efforts/precautions? It’ll depend on a variety of factors.
  • Those factors suggest “that an attorney should not carry clients’ confidential information on an electronic device across the border except where there is a professional need to do so.”
  • The factors also suggest that “attorneys should not carry clients’ highly sensitive information except where the professional need is compelling.”

The opinion goes on to provide some detail on how to evaluate the risk that confidential information will be reviewed at the border. (It’s low).  The opinion also sets out safeguards to implement, with “the simplest option with the lowest risk [being] not to carry any confidential information across the border.”  (emphasis mine)

Importantly, the opinion suggests that an attorney does not violate New York’s rules by complying “with a border agent’s demand, under a claim of lawful authority, for an electronic device containing confidential information during a border search.”   Key, however, is that the opinion stresses that an attorney must first undertake “reasonable efforts to dissuade border agents from reviewing clients’ confidential information or to persuade them to limit the extent of their review.”

Finally, the opinion states that if client information is reviewed during a border crossing, Rule 1.4’s duty of communication requires the lawyer to inform each affected client.

I cannot give you “yes” or “no” answers for every conceivable possibility related to client information, electronic devices, and border searches.  I’ll leave it at this: if devices containing client information are searched – and that’s a big if – will you sleep easier knowing that you took precautions against it happening?

Remember, not every unauthorized access creates ethics liablity for the attorney.  “Reasonable precautions” does not mean “fool-proof.”  However, the failure to take precautions might be viewed as clear & convincing proof of foolishness – a determination that might lead to sleepless nights.

Whatever you do before you travel to Canada with devices that contain client information, do whatever will help you (and your clients) sleep best after you return.

Electronic Devices