Ghost Posts. Or are yours real?

To borrow a phrase from Larry David and Teri Hatcher, my blog posts are real and they’re spectacular!  Apparently not all law blogs can truthfully say the former.

Last month, the ABA Journal posted Ghostwriting for law blogs? Ethics are murkyIt’s a topic that’s new to me, one not raised in any of the ethics inquiries or formal disciplinary complaints that I’ve responded to and reviewed over the years.  The ABA Journal post includes insight from some of the more well-known voices on both professional responsibility and tech ethics.

But let’s back up for a moment.  You might be asking your self: “self, what is Mike even talking about?”  Good question.

The ABA’s post references this article that Kailee Goold posted to Ohio + Legal Ethics in June 2014. In it, Attorney Goold wrote:

  • “What are We Talking About?

    The ghost-blogging I’m talking about is when an attorney pays someone else (a non-attorney) to write articles published under the attorney’s name on the attorney or law firm’s website. As a result, the world thinks the attorney wrote it when the attorney had little to no part in its creation.”

Again, not an issue I’ve encountered.  But, an issue that raises ethics concerns.

Many law blogs are part of a lawyer’s website.  Websites communicate information about the services that the lawyer provides. Per V.R.Pr.C. 7.1,

  • “A lawyer shall not make a false or misleading communication about the lawyer or the lawyer’s services.  A communication is false or misleading if it contains a material misrepresentation of fact or law, or omits a fact necessary to make the statement as a whole not materially misleading.”

The final sentence of Comment [1] is “whatever means are used to make known a lawyer’s services, statements about them must be truthful.”

Also, V.R.Pr.C. 8.4(c) prohibits a lawyer from engaging in conduct that involves “dishonesty, fraud, deceit or misrepresentation.”

So, let’s say that a firm focuses on Practice Area.  And let’s say that the firm’s website includes a blog dedicated to Practice Area.  Does the firm violate the rules by paying a content developer to ghostwrite the posts and then posting them under the “byline” of one of the firm’s lawyers?

My gut reaction was “is it really THAT misleading?” But then I paused.  Because whenever we start asking whether something “is really THAT misleading,” we’ve established that it is, in fact, misleading.

In that it never arises, I don’t want to belabor the issue.  Suffice to say, if your website or blog includes posts that you paid someone else to ghostwrite, check out the articles referenced above.

Finally, I proof read by reading aloud.  Reading this blog about law blogs aloud reminded me of two things.

First, it reminded me of Elizabeth Kruska & Wesley Lawrence, perennial members of the #fiveforfriday Honor Roll in Legal Ethics.

Why them?

Because, like me, I know they’re fans of the second thing that reading today’s post aloud reminded me of: the world’s greatest law blog – The Bob Loblaw Law Blog.

See the source image

 

Judges & Facebook Redux

In November, I posted Judges & their Facebook Friends.  

The post highlighted the Florida Supreme Court’s conclusion”that an allegation that a trial judge is a Facebook ‘friend’ with an attorney appearing before the judge, standing alone, does not constitute a legally sufficient basis for disqualification.”  I blogged that I agreed, but concluded with:

  • “Finally, remember: just like real-life relationships, a Facebook friendship or other social media connection might create an appearance that provides a basis to inquire further.  So maybe it’s best to avoid such connections.”

At the time, I didn’t think it necessary to add “for instance, a judge shouldn’t accept a FB friend request from a litigant a week after a contested hearing, but before the judge has issued a ruling.”  Seems obvious, right?  Apparently not to all.

Yesterday, Kevin Lumpkin tipped me off to this opinion from an appellate court in Wisconsin.  Besides being timely – the opinion only issued yesterday – Kevin is also a regular member of the #fiveforfriday Honor Roll in legal ethics.

Kevin – thanks for the tip!

Here’s what happened.

In 2011, Angela and Timothy stipulated to an order granting them joint legal custody of their child. In 2016, Angela moved to modify the order.  A hearing on the motion took place in June 2017.  Among other things, Angela argued that Timothy had physically abused her.  The judge allowed the parties 10 days to file post-hearing memoranda and took the matter under advisement.

The critical section of the timeline:

  • June 16: Angela and Timothy each filed post-hearing memos.
  • June 19: the judge accepted a Facebook friend request from Angela.
  • June 19-July 14: Angela “liked” 18 of the judge’s Facebook posts and commented on two of them.  She had also liked or shared multiple third-party posts related to domestic violence.
  • July 14: the judge issued his ruling.

The judge granted Angela’s motion.  He concluded that had established that Timothy’s pattern of domestic abuse was a substantial change in circumstances that warranted a modification of the order.

Angela’s Facebook friendship with the judge eventually came to light.  Timothy appealed, arguing that, at the very least, the e-relationship created an “appearance of partiality.”

The appellate court agreed that it had.  Indeed, given the facts peculiar to the case, the court saw no need to address when, exactly, a social media relationship requires disqualification. As they say, it was a no-brainer.  The court reversed and remanded the judge’s decision, and directed that a different judge consider Angela’s original motion.

I remain of the opinion that a social relationship, standing alone and whether electronic or “real life,” is not a sufficient basis to disqualify a lawyer from appearing before a judge.  I also remain of the opinion that such relationships merit further inquiry before proceeding.

But the Wisconsin case did not involve a pre-existing relationship.  Angela actively sought the judge’s electronic friendship while her motion remained pending! As the Wisconsin appellate court noted:

  • “First, the time when [the judge] and [Angela] became Facebook ‘friends’ would cause a reasonable person to question the judge’s partiality. Although [the judge] apparently had thousands of Facebook ‘friends,’ [Angela] was not simply one of the many people who ‘friended’ him prior to this litigation. Rather, [Angela] was a current litigant who reached out to [the judge] and requested to become his Facebook ‘friend’ after testifying at a contested hearing, at which [the judge] was the sole decision-maker. [The judge] then took the affirmative step to accept this ‘friend’ request before issuing his decision in this case.

Take social media out of it.  The result – an  appearance of partiality – is no different than if the judge had agreed to buy a ticket to a calcutta to raise money for Angela’s kid’s school trip.  Or accepted an invitation to join her gym.

As I blogged a few weeks ago, don’t fear tech.  Instead, use common sense.

Finally, the decision makes me wonder: does the duty of competence include advising clients NOT to forge social media relationships with judges while a matter is pending?

If you know the client intends to? Yes. Generally, probably not. But it’s worth keeping in mind.

Social Media

 

 

Competence, Confidences and PDFs

In my view, Rules 1.1 and 1.6 impose a duty to act competently to prevent the unauthorized access to or disclosure of information relating to the representation of a client.  I’ve blogged on this issue many times:

Next week, I’m presenting two seminars at the YLD Mid-Winter Thaw in Montreal.  In the first, I’m on a panel with Judge Hayes and the Judiciary’s Andy Stone.  Judge Hayes and Andy will introduce lawyers to the Judiciary’s new case management system.  My job will be to chime in on ethics issues that might arise with electronic filing.   My thoughts will focus on tech competence.

expos

Imagine this scenario: whether in a filing or a communication to opposing counsel, a lawyer includes a PDF.  Prior to transmission, the lawyer redacted the PDF to keep certain information confidential.  Alas, the lawyer did not properly redact the PDF.  By highlighting the redacted the portions and pasting them into a new document, opposing counsel, or anyone else with access to the PDF, can discover what the lawyer intended to obscure.  The filing is here.

Did the lawyer take reasonable precautions to protect the information?  Was it a one-time mistake that doesn’t rise to the level of an ethics violation?  What if it was information that the court had ordered remain confidential and now is public?

Earlier this week, lawyers for Paul Manafort, President Trump’s former campaign chair, filed a response to special counsel Robert Mueller’s allegation that Manafort lied to Mueller’s investigators.  Due to what the ABA Journal described as a “technical oversight,” the filing was not properly redacted.  As such, the media was able to discover that Manafort is accused of sharing polling data with a Russian business person.  The story has been covered by the ABA Journal, BuzzFeed, Fox News, and the Washington Post.

(Update at 1:16 PM on January 10:  Above The Law’s Joe Patrice has a great recap here.)

Go back to the scenario I posited above: what if that’s you in a Vermont case?  What if you meant to redact a client’s proprietary information, or a witness’s mental health records, or a confidential informant’s identity? What if you didn’t do it right?

Jason Tashea writes for the ABA Journal. Today, he posted How to redact a PDF and protect your clients.  If this is an area of tech competence that interests or concerns you, I’d suggest giving Jason’s post a read.

 

Legal Ethics & Crowdfunding to pay legal fees

Professor Alberto Bernabe often appears on this blog’s #fiveforfriday Honor Roll.  He also has his own blog and, last week,  blogged on an advisory from the DC Bar. The opinion addresses the ethics issues that arise when a lawyer’s client crowdfunds legal fees.

The opinion is here. Professor Bernabe’s blog post is here.  He wrote more extensively on the topic in this article that pre-dates the DC advisory opinion.

I’ve also blogged on the topic. I did so here in response to an advisory opinion from the Philadelphia Bar Association.  I wrote:

  • “That’s why the Philly opinion is great.  It doesn’t treat ‘crowdfunding platforms’ as new creatures that require new rules.  Rather, it reminds lawyers that the rules that apply when using a crowdfunding platform are the same rules that apply to any other representation.”

As Professor Bernabe notes, the DC Bar opinion is consistent with the Philadelphia opinion and others on crowdfunding.

I like the following statement from the DC Bar:

  • “It is not unusual for clients to rely on money collected from family or friends to pay for legal services.”

Indeed, many Vermont lawyers accept payment from someone other than the client.  The most common situation?  A parent pays for a child’s lawyer in a criminal or family case.

When that happens, it’s critical for the lawyer to remember Rule 1.8(f):

  • “A lawyer shall not accept compensation for representing a client from one other than the client unless (1) the client gives informed consent; (2) there is no interference with the lawyer’s independence of professional judgment or with the client-lawyer relationship; and (3) information relating to the representation of a client is protected as required by Rule 1.6.”

In other words, even if Parents are paying Lawyer to represent Child, they don’t get to direct the representation and, absent Child’s consent, Lawyer cannot disclose information relating to the representation to them.

Somewhat related, the DC Bar included a great tip in Ethics Opinion 375:

  • “A lawyer should consider counseling his or her client regarding disclosures to third parties. Crowdfunding typically entails some level of disclosure to third parties about the predicate need for counsel. Because of their financial support, crowdfunding contributors may be interested in the status of or information about the client’s matter. Due to the risk of waiver of the attorney-client privilege, or simply for strategic reasons, a lawyer who knows that a client is crowdfunding should provide the appropriate level of guidance to the client regarding disclosures to third parties, whether such disclosures occur on a social media platform or privately in discussions with friends and family.”

In sum, nothing about using a social media platform to crowdfund legal fees is inherently unethical.  Oh, and as mentioned in both the Philadelphia and D.C. advisory opinions: crowdfunding helps provide access to legal services to those who otherwise might not be able to afford a lawyer.

See the source image

Related:

 

 

 

 

 

 

ABA Addresses an Attorney’s Obligations in Response to a Data Breach

I’ve blogged often on a lawyer’s duty to act competently to safeguard client data.  Generally, an attorney must take reasonable precautions to protect against inadvertent or unauthorized disclosure of client information.  Some of my posts:

Last month, the ABA’s Standing Committee on Ethics & Professional Responsibility issued Formal Opinion 483.  It sets out a lawyer’s obligations following an electronic data breach or cyber attack.

The opinion is detailed and technical.  It’s worth reading, or, at the very least, sharing with your IT support staff.  Also, various outlets have reported on the opinion, including The National Law Review, Louisiana Legal Ethics, and The ABA Journal.  I suggest each.

I’m going to try to stick to a summary.

  •  Prior to a breach, a lawyer has a duty to act competently to safeguard client property and information.  This likely includes adopting an “incident response plan” that will kick in once a breach occurs.
  • The duty includes an obligation “to monitor the security of electronically stored client property and information.”  In other words, there’s a duty to take reasonable efforts to monitor for and detect unauthorized access. This includes reasonable steps to ensure that vendors act in accordance with the lawyer’s professional obligations.
  • A breach is not necessarily evidence that the lawyer failed to act competently to safeguard client information.
  • If a breach occurs, a lawyer must take reasonable steps to stop it and mitigate the damage that results.
  • If a breach occurs, a lawyer must assess its scope.  This includes determining what information, if any, was lost or accessed.
  • A lawyer must notify current clients if the breach:
    • involves material, confidential client information; or,
    • impairs or prevents the lawyer from representing the client. For example, as would be the case in a ransomware attack.
  • Lawyers must be aware that their ethical obligations are independent of any post-breach obligations imposed by law.  Compliance with professional obligations is not necessarily compliance with other law, and vice versa.

Again, the full opinion is here.

As usual, I like to analogize to non-tech issues.  For instance, when it comes to paper files, most lawyers probably know that there’s a duty to take reasonable safeguards to protect them.  Locked file cabinets.  Locked rooms.  Secure office space.

If a lawyer arrives at work and realizes that the office has been broken into, I imagine the lawyer would intuitively understand the need to determine what, if anything, was viewed or taken.  Then, as appropriate, will notify clients. I also imagine that the lawyer would replace the broken locks, doors, and windows.

Thus, in my view, the ABA opinion clarifies that very standards that most of us already apply to clients’ paper files also applies to their electronic files.

Image result for images of a data breach

 

 

 

 

Estate Planning: Crypto Competence

I blog often on the duty of competence.  It’s in the very first rule.

Until today, I’d not considered Rule 1.1’s application to lawyers who provide estate planning services to clients who own cryptocurrencies.  Rather, with cryptocurrency, I’d only considered the ethics issues associated with accepting it as payment for legal fees.

Today, I came across this post in the ABA Journal.  It includes tips for lawyers who want to provide estate planning services to clients who own crypto assets.

My gut tells me that limiting an estate plan to a client’s non-crypto assets likely isn’t a reasonable limitation.  Even if it was, as a practical matter, I don’t know that many clients would be interested in an estate plan that excludes some of their assets.  Thus, it strikes me that, if it isn’t already, “crypto competence” soon will be a thing for lawyers who provide estate planning services.

See the source image

 

 

Siri, Alexa, and Client Confidences

Query: do Siri and Alexa get mad if a human accidentally calls one the other?  I don’t know, but, if not, I think a sarcastically angry response should be added to each’s algorithm.

Anyhow, without even having started yet, I digress.

My recent posts on client confidences spurred additional research.   The research led me to Alberto Bernabe’s Professional Responsibility Blog.  Professor Bernabe is a regular member of this blog’s #fiveforfriday Honor Roll.

Earlier this year, Professor Bernabe posted a link to this article.   The article appeared on the ABA’s Law Technology Today blog and details some of the issues about which lawyers should be aware when using digital voice assistants.  One of those issues: client confidences.  If you or your firm uses a digital voice assistant, I suggest giving the article a read.

Even if you don’t use a DVA, remember, your clients might and the duty of competence includes tech competence.  I can hear you now:  “Mike, how in the world might my client’s digital voice assistant affect the case?

Well, what if your client’s Echo might have recorded a murder?

Side note:  Kathleen Zellner, the defense lawyer quoted in the story about the Amazon Echo murder case, plays a prominent role in the recently released Season 2 of Making a Murderer.

And remember: it’s not just Echos and other digital voice assistants.  Our lives (and our clients’ lives) are replete with devices that record, collect and exchange data over the internet of things.  Data that may impact our clients’ matters.

But, for now, I’ll leave it at client confidences. Issues related to the internet of things can wait for another day.

Well, ok.  Here’s a teaser:

“Hey Siri! Did Encyclopedia Brown investigate the The Case of the Hacked Refrigerator.

 

See the source image

 

 

 

Yes!!!

I’m not a huge fan of the “Throwback Thursday” trope, but I am a huge fan of readers.  So, as it has, when blogger’s block strikes, I resort to the trope.

But not without reason.

I’m heading to Rutland tomorrow.  Two years ago, and a few days after heading to Rutland, I blogged on how I hoped never again to have to assuage lawyers that there’s nothing inherently unethical about storing client information in the cloud.

I’m happy to report that we seem to have accepted the premise.

Yes!!!

Thank you.

That being said, refreshers aren’t inherently bad either. Especially since the effective date of the recent amendment on tech competence is nigh.  So, here goes.

The original post ran on November 10, 2016.

*******************************************

Last Friday, I presented a CLE for the Rutland County Bar Association. My assigned topic: the ethics of storing client information in the cloud.  I started by saying that I hoped it was my final seminar on the topic.  I was serious.

Let’s walk through this.

In general, a lawyer has a duty not to disclose information relating to the representation of a client absent client consent.  See, Rule 1.6.  A lawyer also has a duty to keep client property safe.  See, Rule 1.15.

I view the cloud as the latest in a long line of different places to store information.  In that sense, the cloud is not different than manila folders, boxes, offices, attics, basements, barns, file cabinets, file cabinets with locks, storage facilities, hard drives, floppy disks, CDs, and thumb drives.

No matter where a lawyer stores client information, a lawyer must act competently to protect the information against inadvertent or unauthorized disclosure. See, Rule 1.6, Comment [16].  When transmitting client information, a lawyer must take reasonable precautions to prevent the information from coming into the hands of unintended recipients.  Rule 1.6, Comment [17].

So, think about cloud storage like this:  client information is electronically transmitted to a place where it will be kept.  Thus, a lawyer must take reasonable precautions to protect client information both while it is in transit and while it is at rest.

In fact, that’s almost exactly what the VBA’s Professional Responsibility Committee said – SIX YEARS AGO when it issued Advisory Ethics Opinion 2010-06.  Here’s the digest of the opinion:

  • “Vermont attorneys can utilize Software as a Service in connection with confidential client information, property, and communications, including for storage, processing, transmission, and calendaring of such materials, as long as they take reasonable precautions to protect the confidentiality of and to ensure access to these materials.”

(Aside: for anyone wondering why I included an advisory opinion about “Software as a Service” in a post on cloud computing, I remind you that Rule 1.0’s duty of competence includes tech competence.)

The question I hear most often is this:  “what are reasonable precautions?”  In Rutland, I suggested to the audience that they already know the answer, if only by treating the cloud as if it were a storage facility out on Old County Road. Some questions you might ask when considering that facility:

  • who do you let into this facility?
  • do you require a passcode or badge for the gate?
  • are there locks on the individual units?
  • who besides me has a key or knows the combination?
  • can i get into my unit whenever i want to?
  • what happens to my files if I don’t pay or if you go out of business?

Indeed, take a look at page 6 of the VBA Opinion.  The Committee suggested some of those exact questions when considering a cloud vendor.

Or, take a look at this post from Robert Ambrogi.  He writes that “[s]ome basic questions to ask of a cloud vendor, distilled from various ethics opinions, include:

  • Is it a solid company with a good reputation and record?
  • Can you get access to your data whenever you want, without restrictions?
  • If your service is terminated – by you or by the company – can you retrieve your data?
  • Does it allow use of advanced password protocols and two-step verification?
  • What are its internal policies regarding employee and third-party access to your data?
  • Is your data encrypted both while in transit and while at rest on the company’s servers?
  • How is your data backed up?
  • What security protections are in place at the data centers the company uses?”

Finally, remember that asking the questions isn’t enough.  You need to understand the answers or find someone who does.  For example, imagine this:

  • You:   Will my data be encrypted in transmission and at rest?
  • Vendor:  Yes.  In transmission, we use a BTTF Flux Capacitor.  At rest, we use the latest cloaking technology from Romii.
  • You.  Sounds awesome. Sign me up.

Umm, no.  You just signed up to star in the next entry in Was That Wrong.

In conclusion, you may store client information in the cloud so long as you take reasonable precautions.  This entry includes links that will help you determine what “reasonable precautions” are.  Don’t fear the cloud, but know what you don’t know.

Speaking of which, info on the BTTF Flux Capacitor is HERE. And, for more on Romii cloaking technology, go HERE.

cloud

Court Adopts Comment on Tech Competence

The first rule in the Vermont Rules of Professional Conduct requires lawyers to provide clients with competent representation.  I’ve long argued that Rule 1.1’s duty of competence includes tech competence.

Last week, the Vermont supreme Court promulgated amendments to Rule 1.1.  The amendments add three new comments, including one that makes it clear that, in fact, the duty of competence includes tech competence.  As amended, Comment [8] now reads:

Maintaining Competence

[8] To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technologygy, engage in continuing study and education and comply with all continuing legal education requirements to which a lawyer is subject.

As reported by Robert Ambrogi’s LawSitesBlog, Vermont becomes the 32nd state to adopt the duty of tech competence.

Take a look at the picture that Bob uses on his blog:

Image result for lawyer technology competence

No more.

Don’t confuse the meaning of the new comment. It does not require lawyers to know how to use every new gizmo, gadget, or app.  It’s far more practical than that.

For instance, do you understand the risks and benefits of using certain technologies to transmit confidential communications? Or the risks and benefits of mobile payment services? Have you thought about disabling autocomplete? Do you advise clients against being too social?

Also, don’t sleep on the other new comments. As legal outsourcing becomes more prevalent, the new comments provide helpful guidance.

The new comments take effect on December 10.

Related Posts

 

 

Social Clients

Earlier this month, the ABA Journal posted a blog in its “ethics” section: Celebrity attorneys face challenges, ethical pitfalls.   I enjoyed it as much from the pop culture slant as I did from the “it’s my job” slant.

However, speaking of the “it’s my job” slant, I want to mention three things.

First, over the past year, the news has been filled with lawyers making public statements about their clients and former clients.  So much so that several times I’ve been asked what I think about it.

Regular readers know what I think it.  I’m a big believer in two concepts:

  1. Hey Lawyers! STFU!!!
  2. Can’t Keep Quiet? Try Harder.  

As Thomas Edison said:

“You will have many opportunities
to keep your mouth shut.
You should take advantage
of everyone of them.”

(aside: choosing not to blog is probably one of the opportunities of which I should take advantage.)

Second, despite my big belief that silence is a virtue, I was intrigued by two arguments in the ABA Journal’s post.  Specifically, the arguments that (1) at times, the duties of competence & diligence require a lawyer to speak out in a client’s defense;  and (2) the rules prohibiting such conduct run afoul of the First Amendment.  Alas, I can count on 2 fingers the number of Rule 3.6 complaints we’ve received in the past 15 years.  So, I am not so intrigued to do more than mention my intrigue.

Finally, there’s a little nugget in the article that, in my view, is great advice not just for lawyers who represent celebrities, but for lawyers who represent, well, clients.

Referring to lawyers who represent famous people, the article says:

  • “Client and entourage use of social media can compromise a defense. Ethically, attorneys have to make sure their clients and their team understand ground rules and place limitations on social media use related to the case.”

Trust me, I understand that very few of my readers represent the Vinny Chases of the world.  Nonetheless, I think the second sentence is critically important even for lawyers whose clients don’t have their own versions of E, Turtle, and Johnny Drama.

Why?

Because these days, entourage or not, what client isn’t on social media???  And that’s where the very next paragraph in the ABA Journal post comes in.  Quoting Ann Murphy, a professor at Gonzaga University School of Law, the post notes:

  • ” ‘Attorneys, as part of their ethical duties, must now counsel their clients on the use of social media,’ Murphy says. ‘Once it is out there, it is out there. Even if someone deletes a Facebook post—it likely has been saved as a screenshot and is of course subject to discovery,’ she adds. ‘Personally, I think the best advice is tell the client that any posts about his or her case must be viewed in advance by the attorney.’ “

That’s a fantastic tip.  Professor Murphy – if perchance you find this blog, In Few I Trust. Go Zags! 2019 national champs!

See the source image

Now, I can hear some of you now – “mike, am I supposed to know what my client puts on social media?”

Well, opposing counsel will.  So unless you’re comfortable finding out about that damning tweet or post at deposition or in mediation, then my response is:

See the source image

At the very least – and by “very least” I mean “barest of bare minimums” – I think lawyers have a duty to communicate to their clients the risks associated with posting info to a public forum.

Hmm…I guess this is where I can finally reference Hall & Oates.  When it comes to advising clients on the risks of posting too much to social media, it might be this:

  • Private eyes, they’re watching you.  They see your every move.  And they definitely see what you put out there to be seen.

Anyhow, while the ABA Journal article focuses on the risks associated with representing famous clients, it includes a tidbit that applies to any lawyer who has a client on social media: what happens on social media rarely stays on social media.

Tech competence.  It’s a thing.

By the way, among my friends, I’m definitely E.  My brother is almost definitely Drama.  Alas, while we have several candidates for Turtle, not many for Vinny.   And at risk of offending my friends, the “many” in that previous sentence?  It’s pronounced with a silent “m.”

Hint: this post doesn’t mention Ari Gold.  Which means his name might be of utmost importance later in the week.

Image result for entourage