Crossing the Border? Consider Bringing Only What You Really Need.

There’s a lot going on in Montreal.

The city is celebrating its 375th anniversary.  The Impact and Alouettes have opened their seasons.  Guns N’ Roses plays Parc Jean Drapeau in a few weeks, and hopefully things go better than at the Big O in 1992.  The Museum of Fine Arts has Revolution.  The Lachine Rapids are a great way to beat the August heat.

Whatever draws you north, think twice about bringing electronic devices that contain client information.

A few weeks ago, I posted an update on protecting client information while returning to the U.S. from abroad.  In it,  I included this quote from another blogger: “I wish I could conclude this post with easy answers, but it appears that there are none at the moment.”

Moments change.

On July 27, the New York City Bar Association issued Formal Opinion 2017-5.  In short, and as reported by the ABA Journal, lawyers should take reasonable precautions to avoid disclosure of client information during a border crossing.

Here are some highlights from the NYC Opinion:

  • Rules 1.1 (competence) and 1.6 (confidences) impose a duty to act competently to safeguard client information.
  • The duty includes taking reasonable precautions against disclosing information that should not be disclosed.
  • The duty requires “attorneys to make reasonable efforts prior to crossing the U.S. border to avoid or minimize the risk that government agents will review or seize client confidences that are carried on, or accessible on, electronic devices that attorneys carry across the border.”
  • What are reasonable efforts/precautions? It’ll depend on a variety of factors.
  • Those factors suggest “that an attorney should not carry clients’ confidential information on an electronic device across the border except where there is a professional need to do so.”
  • The factors also suggest that “attorneys should not carry clients’ highly sensitive information except where the professional need is compelling.”

The opinion goes on to provide some detail on how to evaluate the risk that confidential information will be reviewed at the border. (It’s low).  The opinion also sets out safeguards to implement, with “the simplest option with the lowest risk [being] not to carry any confidential information across the border.”  (emphasis mine)

Importantly, the opinion suggests that an attorney does not violate New York’s rules by complying “with a border agent’s demand, under a claim of lawful authority, for an electronic device containing confidential information during a border search.”   Key, however, is that the opinion stresses that an attorney must first undertake “reasonable efforts to dissuade border agents from reviewing clients’ confidential information or to persuade them to limit the extent of their review.”

Finally, the opinion states that if client information is reviewed during a border crossing, Rule 1.4’s duty of communication requires the lawyer to inform each affected client.

I cannot give you “yes” or “no” answers for every conceivable possibility related to client information, electronic devices, and border searches.  I’ll leave it at this: if devices containing client information are searched – and that’s a big if – will you sleep easier knowing that you took precautions against it happening?

Remember, not every unauthorized access creates ethics liablity for the attorney.  “Reasonable precautions” does not mean “fool-proof.”  However, the failure to take precautions might be viewed as clear & convincing proof of foolishness – a determination that might lead to sleepless nights.

Whatever you do before you travel to Canada with devices that contain client information, do whatever will help you (and your clients) sleep best after you return.

Electronic Devices


Online Legal Research: is there an affirmative duty to use more than one research platform?

Earlier this week, Robert Ambrogi posted Turns Out Legal Research Services Vary Widely in Results.  Ambrogi, one of the leading commentators on legal technology, wrote:

  • “Call me naive, but I would have thought that entering the identical search query on, say, both Westlaw and Lexis Advance would return fairly similar results, at least among the cases ranked highest for relevance. After all, shouldn’t the cases that are most relevant to the query be largely the same, regardless of the research platform?”

Then, he added:

  • “Turns out, the results they deliver vary widely — not just between Westlaw and Lexis Advance, but among several legal research platforms. In fact, in a comparison of six leading research platforms — Casetext, Fastcase, Google Scholar, Lexis Advance, Ravel and Westlaw — there was hardly any overlap in the cases that appeared in the top-10 results returned by each database.”

Ambrogi’s post referred to Susan Nevelow Mart’s research paper The Algorithm as a Human Artifact: Implications for Legal {Re}search.   Mart is the Director of the Law Library and an Associate Professor at the University of Colorado Law School.

In this column that he wrote for Above The Law, Ambrogi dove deeper in Professor Mart’s findings.  Before I talk about the findings, I want to go back to my post Are Robots Nonlawyer Assistants.  

In my post, I suggested that lawyers who use artificial intelligence to perform “mundane legal tasks” might have an affirmative duty under the Rules of Professional Conduct “to have some sort of understanding of the coder’s qualifications.”  Well, as it turns out, a similar notion underpins Professor Mart’s research.

As Ambrogi reports, several years ago, a senior VP at Westlaw informed Professor Mart that the company’s “algorithms are created by humans.”  Mart, then, theorized that the choices that a human makes in creating an algorithm will necessarily influence the results delivered by the algorithm.  In other words, that the coder’s biases & assumptions will find their way into the algorithm and impact the results.  She set out to study her hypothesis.

Mart’s findings are eye-opening.  Using the same query across 6 providers – Casetext, Fastcase, Google Scholar, LexisAdvance, Ravel and Westlaw – she found that among the top 10 cases returned by each:

  • on average, 40% of the cases were returned by only 1 provider;
  • 7% of the cases were returned by all 6 providers.

I could go on & on.  Here’s the upshot, in an excerpt of the abstract from Professor Mart’s paper:

  • When legal researchers search in online databases for the information they need to solve a legal problem, they need to remember that the algorithms that are returning results to them were designed by humans. The world of legal research is a human-constructed world, and the biases and assumptions the teams of humans that construct the online world bring to the task are imported into the systems we use for research. This article takes a look at what happens when six different teams of humans set out to solve the same problem: how to return results relevant to a searcher’s query in a case database. When comparing the top ten results for the same search entered into the same jurisdictional case database in Casetext, Fastcase, Google Scholar, Lexis Advance, Ravel, and Westlaw, the results are a remarkable testament to the variability of human problem solving. There is hardly any overlap in the cases that appear in the top ten results returned by each database. An average of forty percent of the cases were unique to one database, and only about 7% of the cases were returned in search results in all six databases. It is fair to say that each different set of engineers brought very different biases and assumptions to the creation of each search algorithm. One of the most surprising results was the clustering among the databases in terms of the percentage of relevant results. The oldest database providers, Westlaw and Lexis, had the highest percentages of relevant results, at 67% and 57%, respectively. The newer legal database providers, Fastcase, Google Scholar, Casetext, and Ravel, were also clustered together at a lower relevance rate, returning approximately 40% relevant results.

Most importantly, here’s the ethics hook:  Rules 1.1 & 1.3 require lawyers to provide competent & diligent representation. Knowing that results vary widely by provider, do Rules 1.1 and 1.3 require lawyers to use more than one provider when conducting online legal research?

Although I’ve not yet had my daily requirement of coffee, my initial reaction is that it’d be much easier to argue “yes” than to argue “no.”  Actually, the real answer might be that it’s neither competent nor diligent for a lawyer to limit research to the first 10 results to a single query.

Indeed, in the abstract to her paper, Professor Mart notes:

  • “Legal research has always been an endeavor that required redundancy in searching; one resource does not usually provide a full answer, just as one search will not provide every necessary result. The study clearly demonstrates that the need for redundancy in searches and resources has not faded with the rise of the algorithm. From the law professor seeking to set up a corpus of cases to study, the trial lawyer seeking that one elusive case, the legal research professor showing students the limitations of algorithms, researchers who want full results will need to mine multiple resources with multiple searches.”

Anyhow, I was excited to post this, but now I can’t think of a creative way to wrap it up or to make a point.  I guess my point is this: know that online legal research services aren’t perfect.

Finally, maybe Professor Mart’s findings are a new twist on something that’s been going on forever.   I’m reminded of thinking “what the _____?” when I pulled a case that did not “follow” the case that I’d been thrilled to find, even though Shepard’s had promised me (with an “f”) that it would.  The human who coded it was, in fact, only human.



Update: Protecting Client Information at the U.S. Border

Two months ago, I posted Protect Client Info When Traveling Abroad.

Earlier this week, Jeff Richardson posted New information on your iPhone being searched by Customs at the border.  If you’re heading to Montreal this summer, it might be worth a read.

For those of you who reflexively avoid any tech-related post, do so at your own risk. Here’s the concluding paragraph from Jeff’s post:

  • “I wish I could conclude this post with easy answers, but it appears that there are none at the moment.  I don’t know how you should weigh the usefulness of having your iPhone and iPad with you outside of the country versus the risk that a border agent will try to search the device as you enter the country.  And remember, we are just talking about U.S. border agents right now; you may also find yourself facing an official in another country who demands access to your device and who has no regard for the Rules of Professional Conduct or the Rules of Evidence governing privilege.” (emphasis added)

By the way, Jeff’s blog is a helpful resource (think “tech competence“) for lawyers who use iPhones and iPads.


Chatbots as Associates?

I’ve been on a hiatus from blogging.  To those of you who missed having quizzes today and last Friday, I apologize. The #fiveforfriday quiz will return next week.

Also next week, I intend to explore the distinction between conduct that should be considered “unethical” and conduct that “violates the rules as they are written.”  I’ll do so through the lens of New Jersey’s recent advisory opinion on Avvo’s Legal Services Program.  For an excellent primer on the topic, check out this post from Above The Law.

Now, on to chatbots.


A few months ago, I asked whether robots are non-lawyer assistants.  Referring to the idea that lawyers have a duty to ensure that their nonlawyer assistants comply with rules, I wrote:

  • “As I’ve often said, Rule 1.1’s duty of competence includes tech competence.  Read together, do Rules 1.1 and 5.3 require lawyers who use robots to have some sort of understanding of the coder’s qualifications?  Perhaps we will eventually treat the purchase of robots as we do the selection of a cloud vendor and hold that ‘a lawyer must take reasonable precautions in choosing a robot that will perform mundane legal tasks.'”

It probably seemed far-fetched.

It’s not.

Today, Robert Ambrogi’s LawSites blog posted DoNotPay Launches Service to Let Anyone Create a Legal Bot.  Essentially, the service allows a lawyer to create a robot assistant.

As I’ve often said, do not fear technology.  Advances in technology are not inherently unethical.  Think of the ways you use technology today that were not imaginable, or available, 20 years ago.

For example, compare (1) a secure email with a password-protected attachment & read-receipt, to, (2) a stamped letter, dropped off at 5:27 PM on a Friday, with a return-receipt requested.

Whether Monty Hall or Wayne Brady, I’ll take Door Number 1.

Would you rather that the rules be interpreted so as to require use of the U.S Mail?

Technological advances create opportunities for lawyers & firms to operate more efficiently and to provide wider access to cheaper legal services.


Competence & Legal Analytics

Rule 1.1 requires lawyers to provide clients with competent representation.  Per the rule, “[c]ompetent representation requires the legal knowledge, skill, thoroughness, and preparation reasonably necessary for the representation.”

Comment [5] indicates that competence “includes inquiry into and analysis of the factual and legal elements of the problem, and use of methods and procedures meeting the standards of competent practitioners.  It also includes adequate preparation.”

Last December, citing Moneyball, I wondered whether Rule 1.1 soon will require lawyers to scout judges.  The post references Ravel Law’s “Court Analytics,” a tool that, among other things, enables lawyers to research the cases & authorities that a particular judge finds most persuasive and cites to most often.

The use of a data-driven legal analytics continues to grow.

This morning, I came across Above The Law’s Profiles in Innovation: An Interview with Owen Byrd of Lex Machina.

Lex Machina recently launched a platform that brings legal analytics to federal commercial litigation.  Here’s an excerpt from Byrd’s interview with Above The Law:

  • We now have a system that captures every federal case with a breach of contract claim, a business tort claim, or both. 

    This lets us give commercial litigators incredible insights about those cases — for example, how often a certain judge decides contract breach cases, how she tends to resolve them, how long such cases typically take from filing to resolution, and which law firms and lawyers have appeared — and prevailed — most frequently before that judge.”

Would having this information sound like “adequate preparation” that is “reasonably necessary for the representation?  Let me ask it another way: if you don’t have the information, what will your response be when a client complains that you didn’t?

As I mentioned, for now, Lex Machina is focused on federal commercial litigation. However, as you’ll see in the interview, it won’t be long until similar analytics are available on a state-law level and in a wide range of practice areas.

As technology evolves, so does a lawyer’s duty of competence.

Legal Analytics




Tech Competence, Legal Research, and Color-Coded Citations

I’ve often referred readers to Robert Ambrogi’s LawSites blog.  It’s a fantastic resource on issues that lie at the intersection of law & technology.

Today, Ambrogi posted a blog entited Judicata Brings A New Dimension to Legal Research: Color.  The post refers to Judicata’s announcement of a new tool that uses color as an aid in legal research.  The tool’s name: Color.  

I find Color fascinating.   I recommend taking 5 minutes or so to read both Judicata’s annoucment & Ambrogi’s blog post.

Here are a few screen shots.

An excerpt from a Color-coded opinion:


Now, the “code.”

Color Code


Smalls & Solos: Tech Competence Can Help Keep the Train on the Tracks

Do any of these sound familiar?

  • your office’s e-mail server is AOL
  • you use folders within Microsoft Word as your case/document management system
  • you print out hard copies of “important” e-mails & documents
  • your “tech consultant” is someone a friend recommended
  • you haven’t learned much about tech because it’s not “lawyering” and keeps you from focusing on helping clients to solve their problems

If your answer is “yes, Mike, at least one of those sounds familiar,” I’m not here to say that you’ve violated the rules.  I am, however, here to say that I have a story for you to read.

The story is a cautionary tale entitled How Technology Illiteracy Can Cost Solos Big Money.  It’s by Carolyn Elefant and appears on the Above The Law blog.

Don’t have a lot of time?  Ok.  At least check out the part where Carolyn writes “I want to commend every solo and small firm lawyer to read this train wreck of a decision closely to learn how not to run a law office.”  The decision was issued last month by the United States District Court for the Eastern District of New York. If you don’t have time to read the decision, Carolyn’s blog summarizes it nicely.

Take the time to read the blog and the decision.  The money (and law license) that you save might be yours.

Train Tracks


Encryption & The Evolving Duty to Safeguard Client Information

In December 2015, I posted To Encrypt or not to Encrypt?   

The post began with an analysis of how Rules 1.1 and 1.6 work together to impose a duty to act competently to safeguard client information, including information that is stored and transmitted by electronic means.

From there, I walked readers through a series  advisory ethics opinions.  Over time, the opinions moved from concluding that the duty to act competently to safeguard client information did not include a duty to encrypt to concluding that it might.

I stated that, at the very least, lawyers had a duty to warn clients about the risks associated with unencrypted electronic communications.  Then, I wrote:

  • “My sense is that we will soon reach, if we haven’t already reached, a day upon which it will not be considered reasonable to transmit client information via unencrypted email.  Encryption is not as difficult or expensive as it used to be and more secure alternatives are readily available.”

Last week, that day drew closer.

On May 11, the ABA’s Standing Committee on Ethics & Professional Responsibility issued Formal Opinion 477: Securing Communication of Protected Client Information. The opinion analyzes the duties imposed by Rules 1.1 and 1.6.  It reviews a series of advisory ethics opinions and discusses the trend towards requiring lawyers to encrypt electronic client communications.

Opinion 477 concludes that lawyers must make reasonable efforts to safeguard client information.  It states that “[w]hat constitutes reasonable efforts is not susceptible to a hard and fast rule, but rather is contingent upon a set of factors.”  That is, lawyers must employ a “fact-based analysis” when transmitting & storing client information.  Factors in the analysis include:

  • the sensitivity of the information,
  • the likelihood of disclosure if special safeguards are not used,
  • the cost of using special safeguards, and
  • the difficulty of using special safeguards.

With respect to these factors, the opinion concludes that lawyers must, on a case-by-case basis, constantly analyze how they communicate electronically about client matters . . . to determine what effort is reasonable.”

The opinion makes clear that lawyers must remain cognizant that the analysis will change as technology evolves. In other words, what’s reasonable today might not be reasonable in 2020.

More importantly, what was unreasonable in 1997 might be reasonable today.  For example, as the opinion notes, “a fact-based analysis means that particularly strong protective measures, like encryption, are warranted in some circumstances.”

The opinion suggests that the duty to safeguard client communications likely requires lawyers to:

  • Understand the nature of the threat,
  • Understand how information is transmitted & where it is stored,
  • Understand & use reasonable electronic security measures,
  • Determine how electronic communications should be protected,
  • Label communications as “privileged & confidential,”
  • Train partners, associates, and nonlawyer assistants in information security, and
  • Exercise due diligence when choosing a vendor.

For more on each, see pages 5-9 of formal opinion 477.

In my view, the opinion sends a strong signal that the failure to use basic and widely available tools violates the duties imposed by Rules 1.1 and 1.6.  Those tools include:

  • Within an office, using adequate login passwords
  • Changing those passwords on a regular basis
  • Password protecting email attachments
  • Using secure WiFi (as in, not the coffee shop’s Wifi)
  • Installing & updating firewalls, anti-malware, anti-spyware, and anti-virus software
  • Using client portals instead of email
  • Using established & secure cloud-based file storage vendors to send, exchange, and view documents
  • Remembering that client information is on, or has been accessed from, multiple devices: cell phones, tablets, remote log-ins

If you take anything away from this, as usual, let it be my refrain that “competence includes tech competence.”  For, if you find yourself in times of trouble, it will not be acceptable to respond “but that tech stuff is too complicated!”

It isn’t.

As technology evolves, so evolves the standard of “reasonable efforts to safeguard client information.”

Have you evolved?

Electronic Communication





Tech Competence: It includes more than you might think.

Last week I stepped off my e-soapbox and blogged that Tech Competence Isn’t Everything: Soft Skills Matter.

Today I’m e-jumping back onto the e-soapbox.  (Sadly, my e-vertical is infinitely higher than my real vertical was in my playing days.)

Tech encompasses things less techy than you think.

The Legal Rebels section of the ABA Journal has a very interesting new post from Ivy Grey.  It’s here:  Not competent in basic tech? You could be overbilling your clients – and be on shaky ground.

I recommend reading the entire post.  But, here are 3 sections that caught my eye.

  • “Data security and e-discovery may get attention in the press, but lawyers should not neglect learning about the mundane tools that they use every day. Document preparation, drafting, and polishing consumes a significant amount of every lawyer’s time regardless of practice area. And MS Word is more sophisticated with greater capabilities for meeting our complex needs than you might otherwise think. It is an area ripe for learning. Ignoring that touches on bigger issues like unearned fees.”
  • “Technology competence is broad. However, its definition must include the tools that lawyers use to practice law, such as case management software, document management software, billing software, email, a PDF system with redacting capabilities, and the MS Office Suite, particularly MS Word. Any lawyer who does not develop basic skills in these six types of programs will risk ethical rebuke”
  • “By remaining technologically incompetent, lawyers are knowingly wasting clients’ time and money due to lack of computer skills. That is unacceptable. It is time to recognize that inefficient use of technology, such as MS Word, could mean overbilling a client. When lawyers choose not to learn technology because the old way of doing things leads to more billable hours, they are not serving their clients fairly.”

Here’s my takeaway.

Rule 1.1 mandates competence.  Rule 1.5 prohibits unreasonable fees.  At some point, an inability to use the most basic tech tools causes an attorney to spend an unreasonable amount of time on a task.  Billing for that time might violate Rule 1.5.

Food for thought.


Social Media Sanction! Except, Not Really

Regulators, practicing attorneys, and those who opine on legal ethics seem to wait with bated breath for any sort of disciplinary sanction involving a lawyer’s use or misuse of social media.

In my view, the collective anticipation causes an anxiety that leads lawyers to distrust, if not avoid, social media.  That’s too bad.  Lawyers who distrust & avoid social media tend not to develop the level of tech competence required in today’s practice.

Here’s a test: you’re having coffee, procrastinating about getting the work day started. You have time to read ONE article.  You see these two links:

  1. Lawyer who advised client to ‘relax’ in response to Facebook inquiries gets suspension.
  2. Nebraska lawyer suspended for failing to properly communicate with client.

Which do you choose? Everyone who chose #1, raise your hand.

As I expected, lots of hands.

The links are to the exact same story.  #1 ran in the ABA Journal, #2 in the Omaha World-Herald. To borrow a phrase, social media sells.  Are you telling me that my choice is “lawyer suspended for using Facebook!” or “lawyer fails to communicate with client?” Ha! I’ll take social media 11 times out of 10!

Here’s another test for my lawyer readers: raise your hand if, even without reading the story, you thought “See, I knew Facebook could get me in trouble.”

Again, lots of hands.

Now, read the opinion from the Nebraska Supreme Court.  In reality, the lawyer’s violation had very little to do with Facebook.  The lawyer’s responses to his client likely would’ve violated Nebraska’s rules whether transmited via Messenger, e-mail, phone call, or U.S. Mail.

In other words, a failure to communicate is a failure to communicate regardless of the medium.  The lawyer who fails to engage in a reasonable level of communication via Messenger in 2017 is as guilty of misconduct as the lawyer who, way before Nirvana, failed to engage in a reasonable level of communication in 1985.

This violation had nothing to do with social media.  Don’t fear social media.

Social Media

P.S.: talk about burying the lede.  The lawyer intentionally sued the wrong defendant in order to access deep pockets!!  To me, that’s a bit more disturbing than a garden-variety failure to communicate.