Court Martials, Web Bugs, and Tech Competence

This blog was built on the idea that competence includes tech competence.  As I’ve hammered home that point over the years, I’ve touched upon the ethics issues associated with web bugs.

My most recent post on the issue is here: Don’t Let the Web Bugs Bite.  It discusses an advisory opinion issued by the Illinois State Bar Association. I wrote:

• “The ISBA concluded that an attorney who uses email tracking software engages in dishonest & deceitful conduct, and impermissibly intrudes on opposing counsel’s attorney-client relationship.  As such, the use web bugs violates Rules 8.4(c) and 4.4(a). The ISBA’s conclusions track (pun intended) conclusions reached by New York, Alaska, and Pennsylvania.”

Web bugs and legal ethics are in the news this week.  Navy lawyers prosecuting the high-profile court martials two former SEALS allegedly inserted email tracking software into emails sent to the defense team and media outlets.  The Military Times, the ABA Journal, the Guardian, and the Associated Press covered the story.

First, what’s a web bug?  For the purposes of this post, a web bug is email tracking software.

Ok, so why is that important?  Read the articles on the Navy cases.  The ABA Journal headline sums it up: “Defense lawyers accuse military prosecutor of sending them emails with tracking software.”

More specifically, imagine yourself representing one of the accused. Now, further imagine yourself receiving an email from the prosecutor.  An email that includes the type of tracking software at issue in the ISBA advisory opinion.  Per the ISBA:

• “The present inquiry involves the use of email ‘tracking’ software, applications that
  permit the sender of an email message to secretly monitor the receipt and subsequent handling of the message, including any attachments.  The specific technology, operation, and other features of such software appear to vary among vendors. Typically, however, tracking software inserts an invisible image or code into an email message that is automatically activated when the email is opened. Once activated, the software reports to the sender, without the knowledge of the recipient, detailed information regarding the recipient’s use of the message. Depending on the vendor, the information reported back to the sender may include: when the email was opened; who opened the email; the type of device used to open the email; how long the email was open; whether and how long any attachments, or individual pages of an attachment, were opened; when and how often the email or any attachments, or individual pages of an attachment, were reopened; whether and what attachments were downloaded; whether and when the email or any attachments were forwarded; the email address of any subsequent recipient; and the general geographic location of the device that received the forwarded message or attachment.”

A few thoughts.

To date, nearly everyone agrees that it’s a violation of the Rules of Professional Conduct to insert web bugs into emails sent to an opposing party or counsel.

The SEAL story raises a perfect example of tech competence.   Earlier this month, one of the lead defense attorneys received an email from the prosecutor.  Unlike prior emails from the prosecutor, it contained an unusual logo below the prosecutor’s signature.  The logo was of a bald eagle and American flag perched on the scales of justice.  The image aroused the attorney’s suspicions.  So much so that he wrote to the prosecutor:

• “I am writing regarding your emails from yesterday, which contained an embedded image that was not contained in any of your previous emails. At the risk of sounding paranoid, this image is not an attachment, but rather a link to an unsecured server which, if downloaded, can be used to track emails, including forwards. I would hope that you aren’t looking to track emails of defense counsel, so I wanted to make sure there wasn’t a security breach on your end. Given the leaks in this case, I am sure you can understand.”

Well, here we are.  Sometimes they are out to get you.

Finally, I want to reiterate a point I made when I first blogged about the Illinois advisory opinion.

I do not disagree with any of the four opinions that have concluded that a lawyer’s surreptitious intrusion into a privileged relationship violates the rules. However, I differ with one aspect of the Illinois opinion.

The ISBA noted that “there do not appear to be any generally available or consistently reliable devices or programs capable of detecting or blocking email tracking software.”  As I stated then, I am not certain that I agree.  Indeed, shortly after I posted my blog, several tech vendors who follow me on social media either commented on the post or reached out to me privately.  Without exception, they agreed that there are a host of reasonably available countermeasures for law firms to employ against web bugs.

Moreover, I think it’s risky for a lawyer to rely on the old “well, they shouldn’t be unethically spying on me.”

I agree, nobody should be spying on you. And, when it comes to web bugs and email traacking software, the spies might always remain one step ahead.

But that does not relieve you of the duty to stay abreast of developments in technology and to take reasonable precautions against the unauthorized access to or inadvertent disclosure of information related to the representation of a client.

 

 

 

Talking culture, compliance, confidences & candor.

Flashback to 1994:  I was a brand new attorney.  Another attorney in my office mentioned Shelley Hill.  I asked, “who’s Shelley Hill?”  The attorney responded, “someone you never want to hear from.”

Back then, Shelley was Vermont’s disciplinary prosecutor.  The attorney’s answer to my question was the extent of the ethics guidance I received in my first ever job as a lawyer.

We’ve come a long way.  It’s no longer taboo to talk legal ethics.  We talk it.  A lot.  Not only does it help us do better for our clients, it improves the image of the profession.  To that end, one of my goals as bar counsel is to foster an ongoing and open dialogue about legal ethics and professional responsibility that helps to build a culture of compliance that we put out there for the world to see.

Reflective of the today’s world, the conversation happens in many forums.**  Today, I woke to having been mentioned in a tweet by a lawyer who was concerned by the news that Nikolas Cruz’s public defender disclosed Cruz’s potential inheritance in a motion to withdraw from representing him in the criminal case.  The lawyer tweeted:

“i would be interested to learn the circumstances of the public defender of Nikolas Cruz disclosing to the court in Mtn to Withdraw and on the record that his client inherited $430,000 (VERY vulnerable to civil suit if not exempt) – seems a bit problematic, eh @VTBarCounsel?”

The entire string is here.

Look at us.  We are talking legal ethics in public! THAT is professional responsibility.

I’ve blogged often on client confidences and Rule 1.6.  Basically, my position is that lawyers should STFU.  Or, to borrow a quote from Thomas Edison that my Dad instilled in me as a kid:

“You will have many opportunities
to keep your mouth shut.
You should take advantage
of everyone of them.”

Obviously, it’s far wiser to take my Dad out in public than his eldest son.

Anyhow, as indicated in my reply Tweet this morning, I don’t comment without hearing all sides to a story, not to mention that I have no idea what Florida’s rules are.  But it’s a great construct to use as a mini-refresher on Vermont’s rules.

By rule, “information relating to the representation of a client” is confidential.  The scope is broader than the privilege and includes all information related to the representation no matter the source.  Comment [3].  Such information shall not be disclosed unless:

• the client gives informed consent to the disclosure;
• disclosure is impliedly authorized to carry out the representation;
• disclosure is required by paragraph (b);
• disclosure is permitted by paragraph (c).

Returning to the Parkland case, if Vermont’s rules applied, the first possibility is that Cruz gave informed consent for his public defender to make the disclosure.

I’d be surprised if any of exceptions in paragraph (b) applied.  However, it’s possible that one of the exceptions in paragraph (c) applies.  That is, disclosure of the inheritance might be authorized by another rule.  Stay with me here.

This morning I did something rare: I did some research before I tweeted.  I learned that, as reported by the South Florida SunSentinel, a year ago Cruz’s inheritance was the subject of a hearing as to whether he qualified for public defender services.  Per the report, it appears as if it was represented to the court that Cruz stood to inherit far less than recent developments indicate.

If so, and again if Vermont’s rules applied, it’s possible that the new information required the public defender to make the disclosure pursuant to Rule 3.3.  The rule, entitled “Candor to a Tribunal,” requires a lawyer to correct a prior material statement of fact that was false.  Were the statements made in last year’s hearing on Cruz’s eligibility for public defender services “material” and “false?”  If so, one might argue that the public defender was required to make the disclosure in the motion to withdraw.

Finally, reading today’s reports left me with the impression that Cruz’s public defenders believe that, given the inheritance, the law precludes him from being eligible for their services.  Thus, it appears to me that they argued that they are required to withdraw.

In Vermont, Rule 1.16 governs withdrawal.  Perhaps most relevant here, Rule 1.16(a)(1) requires withdrawal when “the representation will result in violation of the rules of professional conduct or other law.”  So, it looks to me as if the argument is “by law, the inheritance prohibits us from representing him, thus withdrawal is required.”  The Florida courts will decide.

Aside: as some of you know from having called me or heard me speak.  When it comes to a motion to withdraw, I think it best to limit the motion to citing the text of whichever provision(s) of Rule 1.6 you’re arguing.  Then, if the court asks for more information, respond, but in such a way as to disclose no more information than is necessary to answer the court’s question.  Being mindful, the entire time, of a larger duty not to harm to your client’s interests on your way out.  Others may disagree with me, but that’s fine.

Indeed, that’s why it’s so important to continue to discuss legal ethics and professional responsibility.  The discussion makes us do better by our clients, the courts, and the profession.

Talk on.

** I couldn’t decide whether to go with “fora” or “forums.”  Flipped a coin.

 

Competence & ESI: Consider a Protocol

I’ve not said it in a while:  competence includes tech competence.

Almost 18 months ago, I posted Competence, ESI, and E-Discovery.  In it, I posed a question on the duty of competence that I often ask at CLEs:

• To me, the duty includes:
  • knowing that “it” exists,
  • knowing that clients, their adversaries, and witnesses have “it;” and,
  • knowing how to protect, preserve, produce, request, review, and use “it.”
• What is “it?

As many regular readers know, “it” is ESI, electronically stored information.

In 2015, the State Bar of California’s Standing Committee on Professional Responsibility and Conduct issued Formal Opinion 2015-193.  The opinion responds to the question “[w]hat are an attorney’s ethical duties in the handling of discovery of electronically stored information?”  Here’s the first sentence of the digest:

• “Attorney competence related to litigation generally requires, among other things, and at a minimum, a basic understanding of, and facility with, issues relating to e-discovery, including the discovery of electronically stored information (‘ESI’).”

Four years later, I sense that the issue continues to worry some lawyers.  It should.  Our world is replete with ESI.  As such, and to the extent that the outcome of client matters turns on “information,” ESI can be incredibly important to clients and their matters.  Especially litigation matters.

Tonight, browsing through Above The Law before I divide my focus between the Red Sox and the Sweet 16, I came across 5 Advantages of Having An ESI Protocol For Your Matter.  It’s by Kelly Twigger and includes some great tips.  I suggest giving it read.  To me, the subtitle says it all:

“The exercise of thinking through everything that will be needed for your case in discovery is invaluable.”

That’s competence.

 

The 6th C: Commingling

A few weeks ago, I blogged about the 5 Cs of ethics:

• Competence
• Communication
• Confidentiality
• Conflicts
• Candor

It’s difficult to remember all of the rules and their nuances.  Keeping the 5 Cs in mind is easier and goes a long way towards the ultimate C:  compliance.

Still, some might argue that the 5 Cs don’t address trust accounting.  To me, the duty of competence includes acting competently to account for and safeguard client funds. Still, it’s true that not one of the 5 C’s specifically addresses trust account management.

Hence, the 6th C:  Commingling.

I understand that most of us aren’t accountants or trained in bookkeeping.  Still, we’re fiduciaries who, by virtue of our law licenses, hold money that does not belong to us.  With the privilege comes responsibilities, most of which are set out in Rules 1.15 and 1.15A.

Again, I’m aware that many lawyers find the rules complicated.  As I’ve previously blogged, don’t overcomplicate them.  In a way, trust accounting boils down to a few key concepts.

1. Money held for or on behalf of a client must be in trust.
2. Money that is yours must not be in trust.
3. Deliver funds that are due a client.
4. At all times, know how much money is in your trust account and to whom it belongs.

In my experience, lawyers are very good at numbers 1, 3 and 4.  However, #2 seems to pose problems.  That’s right: lawyers aren’t the best at paying themselves.

It’s not a problem borne of evil intent.  More often than not it’s a lawyer who no matter how diligent about paying clients and third parties treats paying herself as something that she’ll get to when she gets to, even if well beyond that month’s reconcilation.

While not one of evil intent, it’s still a problem.  There’s a word for leaving money that you’ve earned in trust: commingling.  The 6th C.

Commingling is prohibited by Rule 1.15(a).  The notion that it’s misconduct isn’t new.  Indeed, today’s rules can be traced back to David Hofffman’s Fifty Resolutons in Regard to Professional Deportment.  He published them in 1836.  Check out #26:

• “26.    I will on no occasion blend with my own my client’s money. If kept distinctly as his it will be less liable to be considered as my own.”

That’s commingling.

Not only is commingling misconduct, it’s serious.  In 2008, the Vermont Supreme Court reprimanded a lawyer who, without an iota of ill intent or selfish motive, commingled funds.  Echoing Hoffman’s Resolution 26, the Court stated:

• “Commingling personal property with client property is a serious offense because of the likely negative consequences that may result to an attorney’s clients. As another court explained: ‘The rule against commingling has three principal objectives: to preserve the identityof client funds, to eliminate the risk that client funds might be taken by the attorney’s creditors, and most importantly, to prevent lawyers from misusing/misappropriating client funds, whether intentionally or inadvertently.’ ” (citation omitted).

The Court added:

• “In addition to the potential pecuniary harm to respondent’s clients, ‘lawyer misconduct in handling and protecting client trust accounts does injure both the public at large and the profession by increasing public suspicion and distrust of lawyers. ‘ ” (citation omitted).

I can hear you now: “but Mike, how was I supposed to know it was a violation not to pay myself right away?”

1. Now you know.
2. Those who don’t, won’t be excused.

As the Court noted:

• “Furthermore, while recognizing that respondent did not act selfishly, we will not
  minimize his infraction merely because he was unaware that his acts violated the rules of professional conduct. ‘If a failure to understand the most central Rules of Professional Conduct could be an acceptable defense for a charged violation, even in cases of good faith mistake, the public’s confidence in the bar, and more importantly, the public’s protection against lawyer overreaching would diminish considerably.’ The prohibition against lawyers commingling private monies with client funds is a fundamental precept. ‘[M]istake about the applicability of an ethical rule cannot excuse or even mitigate misconduct when the lawyer has violated a rule fundamental to governance of the legal profession.'” (citations omitted).

There’s one exception to the rule that prohibits commingling. It’s in Rule 1.15(b):

• “A lawyer may deposit the lawyer’s own funds [into trust] for the sole purpose of paying service charges or fees on that account, but only in an amount reasonably necessary for that purpose.”

Don’t guess.  Figure out what the normal charges and fees are or are likely to be and deposit that amount.  Randomly tossing in $500 or $1000 could lead to discipline.

Commingling is serious.  That’s why I’m assigning it the 6th C.  Too many Cs? Ok.  Your money is an apple.  Client money is an orange.  Apples and oranges don’t belong in the same bin.

Don’t commingle.

 

 

 

 

 

 

Wellness Wednesday: an action plan

On March 3, 2016, I posted my first blog on attorney wellness: Lawyers Helping Lawyers.  Since, I’ve raised the issue as often as possible on this blog and at continuing legal education seminars.  Today, I’m pleased to report that the Vermont Commission on the Well-Being of the Legal Profession recently issued its State Action Plan.

The Vermont Supreme Court created the Commission in response to a report from the National Task Force on Lawyer Well-Being.  That report, The Path to Well-Being: Practical Recommendations for Positive Change, made a series of recommendations in response to a study that found staggering rates of behavioral health issues among lawyers.  Relevant to my job as bar counsel, the national report noted:

• “To be a good lawyer, one has to be a healthy lawyer.  Sadly, our profession is falling short when it comes to well-being.  The two studies referenced above reveal that too many lawyers and law students experience chronic stress and high rates of depression and substance abuse.  These findings are incompatible with a sustainable legal profession, and they raise troubling implications for many lawyers’ basic competence.”

Competence is the first professional duty set out in the Rules of Professional Conduct.

Again, Vermont’s state action plan is here.  When you have time, give it a read.  Here’s the concluding paragraph from the introduction:

• “Our profession has a duty to deliver competent legal and judicial services that will serve to uphold the integrity of the justice system. We recognize that the recommendations that follow may impose costs on the profession. We are certain, however, that the benefits of these proposals outweigh the modest cost of implementing them. Neglecting the truths of the national report that issued and its focus on the elevated risks for mental illness and substance abuse will, we believe, impose greater, more damaging costs—both on our profession, the public and its confidence in the rule of law. We hope that these proposals will be recognized as responsibilities fundamental to the privilege of practicing law.”

I agree 100%  We cannot neglect the issue.  As a profession, we must follow-up on the action items.  We cannot congratulate ourselves on the Commission’s fantastic work only to relegate the plan to the digital equivalent of a shelf where it collects electronic dust until that long-off day when someone finds an archived version and says “Wow.  Great ideas. I wonder what ever became of them?”

If you’re new to this topic, here are my various posts:

• Lawyers Helping Lawyers
• Lawyers Helping Lawyers Part 2
• Lawyers Helping Lawyers: Keep it on the front burner
• Lawyer Well-Being: a call to action
• Anxiety, Stress & Work-Life Balance for Lawyers
• Make time for what matters
• Lawyer Wellness: resolve to find 6 minutes for yourself
• 108 is way too many
• Workplace Happiness
• HELP: Resources on addiction and mental health
• Make Wellness a Habit
• A pledge by legal employers to focus on lawyer well-being
• Legal Ethics & the Water Cooler
• Wellness Wednesday: Island Vines
• Wellness Wednesday: on ponds, puffery and paltering
• Wellness Wednesday: Neil Diamond, the Lock Screen, and National Mental Health Day for Law Students
• Wellness Wednesday: Meet Jennifer O’Connor
• Wellness Wednesday: The Heady Trotter 4 Miler
• Wellness Wednesday:  Judge McCaffrey
• Wellness Wednesday: Family Time
• Wellness Wednesday: Enough
• Wellness Wednesday: Meet Heather Moreau
• Wellness Wednesday: You are not an impostor
• Wellness Wednesday: “N O” is “O K”
• Wellness Wednesday: Stop it!

 

 

 

Competence, Confidences and PDFs

In my view, Rules 1.1 and 1.6 impose a duty to act competently to prevent the unauthorized access to or disclosure of information relating to the representation of a client.  I’ve blogged on this issue many times:

• Protecting Client Data
• Encryption & The Evolving Duty to Safeguard Client Information
• The Cloud: What are Reasonable Precautions?

Next week, I’m presenting two seminars at the YLD Mid-Winter Thaw in Montreal.  In the first, I’m on a panel with Judge Hayes and the Judiciary’s Andy Stone.  Judge Hayes and Andy will introduce lawyers to the Judiciary’s new case management system.  My job will be to chime in on ethics issues that might arise with electronic filing.   My thoughts will focus on tech competence.

Imagine this scenario: whether in a filing or a communication to opposing counsel, a lawyer includes a PDF.  Prior to transmission, the lawyer redacted the PDF to keep certain information confidential.  Alas, the lawyer did not properly redact the PDF.  By highlighting the redacted the portions and pasting them into a new document, opposing counsel, or anyone else with access to the PDF, can discover what the lawyer intended to obscure.  The filing is here.

Did the lawyer take reasonable precautions to protect the information?  Was it a one-time mistake that doesn’t rise to the level of an ethics violation?  What if it was information that the court had ordered remain confidential and now is public?

Earlier this week, lawyers for Paul Manafort, President Trump’s former campaign chair, filed a response to special counsel Robert Mueller’s allegation that Manafort lied to Mueller’s investigators.  Due to what the ABA Journal described as a “technical oversight,” the filing was not properly redacted.  As such, the media was able to discover that Manafort is accused of sharing polling data with a Russian business person.  The story has been covered by the ABA Journal, BuzzFeed, Fox News, and the Washington Post.

(Update at 1:16 PM on January 10:  Above The Law’s Joe Patrice has a great recap here.)

Go back to the scenario I posited above: what if that’s you in a Vermont case?  What if you meant to redact a client’s proprietary information, or a witness’s mental health records, or a confidential informant’s identity? What if you didn’t do it right?

Jason Tashea writes for the ABA Journal. Today, he posted How to redact a PDF and protect your clients.  If this is an area of tech competence that interests or concerns you, I’d suggest giving Jason’s post a read.

 

TBT: Counsel Clients on Social Media Use

The post below is a cut & paste job.  The original ran several months ago.  I’m re-running it because I recently heard from two different attorneys whose clients posted damning information to social media.

Summary: I think you can make an argument that the duty of competence includes advising a client that the opposing party & lawyer will likely look for and use any information that the client posts to social media.

*****

Earlier this month, the ABA Journal posted a blog in its “ethics” section: Celebrity attorneys face challenges, ethical pitfalls.   I enjoyed it as much from the pop culture slant as I did from the “it’s my job” slant.

However, speaking of the “it’s my job” slant, I want to discuss two things.

First, over the past year, the news has been filled with lawyers making public statements about their clients and former clients.  So much so that several times I’ve been asked what I think about it.

Regular readers know what I think it.  I’m a big believer in two concepts:

1. Hey Lawyers! STFU!!!
2. Can’t Keep Quiet? Try Harder.  

As Thomas Edison said:

“You will have many opportunities
to keep your mouth shut.
You should take advantage
of everyone of them.”

(aside: choosing not to blog is probably one of the opportunities of which I should take advantage.)

Second, while most of the article discusses trial publicity and Rule 3.6, there’s a little nugget that, in my view, is great advice not just for lawyers who represent celebrities, but for lawyers who represent, well, clients.

Referring to lawyers who represent famous people, the article says:

• “Client and entourage use of social media can compromise a defense. Ethically, attorneys have to make sure their clients and their team understand ground rules and place limitations on social media use related to the case.”

Trust me, I understand that very few of my readers represent the Vinny Chases of the world.  Nonetheless, I think the second sentence is critically important even for lawyers whose clients don’t have their own versions of E, Turtle, and Johnny Drama.

Why?

Because these days, entourage or not, what client isn’t on social media???  And that’s where the very next paragraph in the ABA Journal post comes in.  Quoting Ann Murphy, a professor at Gonzaga University School of Law, the post notes:

• ” ‘Attorneys, as part of their ethical duties, must now counsel their clients on the use of social media,’ Murphy says. ‘Once it is out there, it is out there. Even if someone deletes a Facebook post—it likely has been saved as a screenshot and is of course subject to discovery,’ she adds. ‘Personally, I think the best advice is tell the client that any posts about his or her case must be viewed in advance by the attorney.’ “

That’s a fantastic tip.  Professor Murphy – if perchance you find this blog, In Few I Trust. Go Zags! 2019 national champs!

Now, I can hear some of you now – “mike, am I supposed to know what my client puts on social media?”

Well, opposing counsel will.  So unless you’re comfortable finding out about that damning tweet or post at deposition or in mediation, my response is:

At the very least – and by “very least” I mean “barest of bare minimums” – I think lawyers have a duty to communicate to their clients the risks associated with posting info to a public forum.

In sum, while the ABA Journal article focuses on the risks associated with representing famous clients, it includes a tidbit that applies to any lawyer who has a client on social media: what happens on social media rarely stays on social media.

Tech competence.  It’s a thing.

By the way, among my friends, I’m definitely E.  My brother is almost definitely Drama.  Alas, while we have several candidates for Turtle, not many for Vinny.   And at risk of offending my friends, the “many” in that previous sentence?  It’s pronounced with a silent “m.”

Five for Friday #140

Quick: without thinking, name a song by The Eagles.

Now, hold that thought.

I don’t particularly enjoy writing about music.  Nonetheless, when I do, I receive more feedback than on virtually any other topic that I cover.  The #fiveforfriday posts Beatles v. Stones and T. Petty & T. Swift are the most read in the history of the quiz.  The tribute to Prince is in the top 5.

Even this month’s ode to M.C. Hammer, Don’t Post That, generated significantly more response than most of my posts. Albeit with a complaint that my musical references are too dated.

What can I say?  I AM dated!

Still, for younger readers, when it comes to posting client confidences online, think of Maroon 5 Girls Like You, ft. Cardi B.  In particular, Cardi B’s:

“red light, red light, stop!”

Anyhow, since I can’t think of anything related to “140,” I’m resorting to writing about something that happened on a November 30 of yesteryear.  Specifically, a musical event that I’ll try to relate to legal ethics.

Michael Jackson’s album Thriller was released 36 years ago today.  A few weeks ago, I heard a story about the best-selling album of all-time.

It’s not Thriller.

For whatever reason, that surprised me. I’m not a big fan of Michael Jackson’s music, but like most of us, I’m generally aware of a lot of his songs.  I just kind of assumed that Thriller was the top-selling album ever.

Nope.  Measured by U.S. sales, The Eagles hold the top spot.  Earlier this year, Their Greatest Hits (1971- 1975) overtook Thriller.

Now, back to my original question.  Name a song by The Eagles.

As I suspect you said “red hammer,” I’m willing to bet you picked “Hotel California.”

The Eagles released Hotel California after they released Their Greatest Hits (1971-1975).  Maybe it’s just me, but I find that mind-boggling. The song that, arguably, is the band’s greatest is not on the band’s album that happens to be the best-selling of all-time.

Take a look at the track list: the songs on Their Greatest Hits (1971-1975) are solid songs and, obviously, quite popular.  But, I’d argue that none is Hotel California.  And maybe that says something about competence.

I often preach Rule 1.1 and a lawyer’s duty of competence.  Remember: the rule doesn’t require you to be a superstar. It requires you to be competent.  Over and over again.  For each and every client.

Consistent competence.

Early in their career, The Eagles were competent, over and over again.  The result: before the band did its best work, it did a lot of good work that, when compiled, went on to be the best-selling album of all-time. To me, the whole was greater than the sum of its parts.

So, as lawyers, maybe our goal shouldn’t be the legal equivalent of creating Hotel California. Rather, maybe our goal should be consistent competence.  We should strive to be competent over & over & over again.  Knowing that consistent competence might have a greater impact than being a rock star in any single case.

Onto the quiz.

Rules

• None.  Open book, open search engine, text/phone/email-a-friend.
• Exception – but one that is loosely enforced – #5 (“loosely” = “aspirational”)
• Unless stated otherwise, the Vermont Rules of Professional Conduct apply
• Team entries welcome, creative team names even more welcome.
• E-mail answers to michael.kennedy@vermont.gov
• I’ll post the answers & Honor Roll on Monday
• Please don’t use the “comment” feature to post your answers
• Please consider sharing the quiz with friends & colleagues
• Please consider sharing the quiz on social media.  Hashtag it – #fiveforfriday

Question 1

At a CLE, you wake from a brief nap to hear me using the terms “concurrent,” “former,” and “prospective.”  I’m talking about the:

• A.  rules on conflicts of interest
• B.  trust accounting rules
• C.  advertising rules
• D.  rule on client confidences insofar as it relates to encrypting e-mail

Question 2

By rule, the interest on your pooled interest-bearing trust account goes to:

• A.  Clients
• B.  The Vermont Bar Foundation
• C.  A or B
• D.  B, but only with client consent

Question 3

“Impliedly authorized to carry out the representation” is an exception to the rule that prohibits:

• A.   Conflicts of interest
• B.   Commingling of funds
• C.    Contacting a represented person without the permission of the person’s lawyer
• D.   Disclosing information relating to the representation of the client

Question 4

True or false.

An associate does not violate the rules if the associate acts in accordance with a partner’s reasonable resolution of an arguable question of a professional duty, even if the partner’s resolution turns out to be wrong.

Question 5

Sydney Carton was a brilliant lawyer who struggled with alcohol & depression.  His most famous client was Darnay.

While not explicitly clear from the historical record, I’m pretty sure that Darnay filed a disciplinary complaint against Carton.   In it, he alleged that Carton failed to provide him with competent & diligent representation in a criminal trial that resulted in a death sentence for Darnay.

The complaint became moot when Carton, who bore an uncanny resemblance to his client, switched places with Darnay just before the execution.  Carton’s final words before the guillotine fell:

• “It is a far, far better thing that I do, than I have ever done; it is a far, far better rest that I go to than I have ever known.”

Name the book.

Bonus: name the lawyer who “mentored” Carton.

On a serious note, if you know a lawyer who, like Carton, is dealing with substance abuse or mental health issues, please read this.

 

 

 

ABA Addresses an Attorney’s Obligations in Response to a Data Breach

I’ve blogged often on a lawyer’s duty to act competently to safeguard client data.  Generally, an attorney must take reasonable precautions to protect against inadvertent or unauthorized disclosure of client information.  Some of my posts:

• Protecting Client Data
• Encryption & The Evolving Duty to Safeguard Client Information
• The Cloud: What are Reasonable Precautions?

Last month, the ABA’s Standing Committee on Ethics & Professional Responsibility issued Formal Opinion 483.  It sets out a lawyer’s obligations following an electronic data breach or cyber attack.

The opinion is detailed and technical.  It’s worth reading, or, at the very least, sharing with your IT support staff.  Also, various outlets have reported on the opinion, including The National Law Review, Louisiana Legal Ethics, and The ABA Journal.  I suggest each.

I’m going to try to stick to a summary.

•  Prior to a breach, a lawyer has a duty to act competently to safeguard client property and information.  This likely includes adopting an “incident response plan” that will kick in once a breach occurs.
• The duty includes an obligation “to monitor the security of electronically stored client property and information.”  In other words, there’s a duty to take reasonable efforts to monitor for and detect unauthorized access. This includes reasonable steps to ensure that vendors act in accordance with the lawyer’s professional obligations.
• A breach is not necessarily evidence that the lawyer failed to act competently to safeguard client information.
• If a breach occurs, a lawyer must take reasonable steps to stop it and mitigate the damage that results.
• If a breach occurs, a lawyer must assess its scope.  This includes determining what information, if any, was lost or accessed.
• A lawyer must notify current clients if the breach:
  • involves material, confidential client information; or,
  • impairs or prevents the lawyer from representing the client. For example, as would be the case in a ransomware attack.
• Lawyers must be aware that their ethical obligations are independent of any post-breach obligations imposed by law.  Compliance with professional obligations is not necessarily compliance with other law, and vice versa.

Again, the full opinion is here.

As usual, I like to analogize to non-tech issues.  For instance, when it comes to paper files, most lawyers probably know that there’s a duty to take reasonable safeguards to protect them.  Locked file cabinets.  Locked rooms.  Secure office space.

If a lawyer arrives at work and realizes that the office has been broken into, I imagine the lawyer would intuitively understand the need to determine what, if anything, was viewed or taken.  Then, as appropriate, will notify clients. I also imagine that the lawyer would replace the broken locks, doors, and windows.

Thus, in my view, the ABA opinion clarifies that very standards that most of us already apply to clients’ paper files also applies to their electronic files.

 

 

 

 

Estate Planning: Crypto Competence

I blog often on the duty of competence.  It’s in the very first rule.

Until today, I’d not considered Rule 1.1’s application to lawyers who provide estate planning services to clients who own cryptocurrencies.  Rather, with cryptocurrency, I’d only considered the ethics issues associated with accepting it as payment for legal fees.

Today, I came across this post in the ABA Journal.  It includes tips for lawyers who want to provide estate planning services to clients who own crypto assets.

My gut tells me that limiting an estate plan to a client’s non-crypto assets likely isn’t a reasonable limitation.  Even if it was, as a practical matter, I don’t know that many clients would be interested in an estate plan that excludes some of their assets.  Thus, it strikes me that, if it isn’t already, “crypto competence” soon will be a thing for lawyers who provide estate planning services.