Judges and their Facebook Friends

Last year, I blogged on the Florida case in which a lower level court held that, standing alone, a judge’s Facebook friendship with a lawyer is not sufficient to disqualify the judge from a matter in which the lawyer appears.

I wrote:

This makes sense to me.  As with almost everything tech-related, I try to use analogies to non-tech stuff.  For example, if you learned that a lawyer who regularly appeared before a judge belonged to the same health club, or went to the same church, or was in the same law school class as the judge my guess is that you wouldn’t reflexively yell “conflict! disqualify the judge!”

No, you might ask something as simple as, “do they actually know each other? If so, how well? Do they do stuff together?”

In my view, Facebook is no different.  Florida’s Third District Court of Appeal agrees. The opinion presents a fantastic analysis of what it means, if anything, to be Facebook friends with someone.

The decision directly conflicted with another from a different Florida district.  So, the Florida Supreme Court agreed to resolve the issue.

Today, the Court issued its opinion.  For those of you who like to cut to the case, here you go:

  • “We hold that an allegation that a trial judge is a Facebook ‘friend’ with an
    attorney appearing before the judge, standing alone, does not constitute a legally
    sufficient basis for disqualification.”

I like the opinion.  I like it because it resolves a “tech” issue by analogizing to how we did things pre-tech.  To summarize:

  1. Since well before Facebook and social media, Florida law has recognized “that an allegation of mere friendship between a judge and a litigant or attorney appearing before the judge, standing alone, does not constitute a legally sufficient basis for disqualification.”
  2. There’s no reason to treat a Facebook friendship any differently than a “traditional” friendships.  In fact, it’s likely that Facebook friends are less friendly than traditional friends.
  • “In short, the mere fact that a Facebook friendship’ exists provides no
    significant information about the nature of any relationship between the Facebook
    ‘friends.’ Therefore, the mere existence of a Facebook ‘friendship’ between a
    judge and an attorney appearing before the judge, without more, does not
    reasonably convey to others the impression of an inherently close or intimate
    relationship. No reasonably prudent person would fear that she could not receive a
    fair and impartial trial based solely on the fact that a judge and an attorney
    appearing before the judge are Facebook ‘friends’ with a relationship of an
    indeterminate nature.”

From there, the Florida Supreme Court observed that its decision is consistent with the majority of states that have addressed the issue.

Finally, remember: just like real-life relationships, a Facebook friendship or other social media connection might create an appearance that provides a basis to inquire further.  So maybe it’s best to avoid such connections.

For now, here’s the final paragraph from the Florida opinion:

  • “In some circumstances, the relationship between a judge and a litigant,
    lawyer, or other person involved in a case will be a basis for disqualification of the
    judge. Particular friendship relationships may present such circumstances
    requiring disqualification. But our case law clearly establishes that not every
    relationship characterized as a friendship provides a basis for disqualification. And
    there is no reason that Facebook ‘friendships’—which regularly involve
    strangers—should be singled out and subjected to a per se rule of disqualification.”

Regular readers know my response:

Image result for facebook like symbol

 

Advertisements

Court Adopts Comment on Tech Competence

The first rule in the Vermont Rules of Professional Conduct requires lawyers to provide clients with competent representation.  I’ve long argued that Rule 1.1’s duty of competence includes tech competence.

Last week, the Vermont supreme Court promulgated amendments to Rule 1.1.  The amendments add three new comments, including one that makes it clear that, in fact, the duty of competence includes tech competence.  As amended, Comment [8] now reads:

Maintaining Competence

[8] To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technologygy, engage in continuing study and education and comply with all continuing legal education requirements to which a lawyer is subject.

As reported by Robert Ambrogi’s LawSitesBlog, Vermont becomes the 32nd state to adopt the duty of tech competence.

Take a look at the picture that Bob uses on his blog:

Image result for lawyer technology competence

No more.

Don’t confuse the meaning of the new comment. It does not require lawyers to know how to use every new gizmo, gadget, or app.  It’s far more practical than that.

For instance, do you understand the risks and benefits of using certain technologies to transmit confidential communications? Or the risks and benefits of mobile payment services? Have you thought about disabling autocomplete? Do you advise clients against being too social?

Also, don’t sleep on the other new comments. As legal outsourcing becomes more prevalent, the new comments provide helpful guidance.

The new comments take effect on December 10.

Related Posts

 

 

Secure Communications

Tech competence is an ever present theme on this blog.  Regular readers know the refrain:  “competence includes tech competence.”

The duty includes acting competently to protect the confidentiality of electronic communications.  I’ve blogged twice on e-mail encryption:

At seminars, including this morning’s for the VBA’s Basic Skills Program, I’ve stated my opinion that lawyers should at least consider client portals.  Thus, it was with great joy that I stumbled upon this post in the ABA Journal:

Give it a read. It’s a good intro to portals and other alternatives to e-mail.

Finally, don’t forget that it’s often the simple things that result in the accidental or inadvertent disclosure of client confidences.  For instance, not disabling auto-complete, or, exposing a client to the perils of an unintentional “reply-all.”

Safeguarding data

Social Clients

Earlier this month, the ABA Journal posted a blog in its “ethics” section: Celebrity attorneys face challenges, ethical pitfalls.   I enjoyed it as much from the pop culture slant as I did from the “it’s my job” slant.

However, speaking of the “it’s my job” slant, I want to mention three things.

First, over the past year, the news has been filled with lawyers making public statements about their clients and former clients.  So much so that several times I’ve been asked what I think about it.

Regular readers know what I think it.  I’m a big believer in two concepts:

  1. Hey Lawyers! STFU!!!
  2. Can’t Keep Quiet? Try Harder.  

As Thomas Edison said:

“You will have many opportunities
to keep your mouth shut.
You should take advantage
of everyone of them.”

(aside: choosing not to blog is probably one of the opportunities of which I should take advantage.)

Second, despite my big belief that silence is a virtue, I was intrigued by two arguments in the ABA Journal’s post.  Specifically, the arguments that (1) at times, the duties of competence & diligence require a lawyer to speak out in a client’s defense;  and (2) the rules prohibiting such conduct run afoul of the First Amendment.  Alas, I can count on 2 fingers the number of Rule 3.6 complaints we’ve received in the past 15 years.  So, I am not so intrigued to do more than mention my intrigue.

Finally, there’s a little nugget in the article that, in my view, is great advice not just for lawyers who represent celebrities, but for lawyers who represent, well, clients.

Referring to lawyers who represent famous people, the article says:

  • “Client and entourage use of social media can compromise a defense. Ethically, attorneys have to make sure their clients and their team understand ground rules and place limitations on social media use related to the case.”

Trust me, I understand that very few of my readers represent the Vinny Chases of the world.  Nonetheless, I think the second sentence is critically important even for lawyers whose clients don’t have their own versions of E, Turtle, and Johnny Drama.

Why?

Because these days, entourage or not, what client isn’t on social media???  And that’s where the very next paragraph in the ABA Journal post comes in.  Quoting Ann Murphy, a professor at Gonzaga University School of Law, the post notes:

  • ” ‘Attorneys, as part of their ethical duties, must now counsel their clients on the use of social media,’ Murphy says. ‘Once it is out there, it is out there. Even if someone deletes a Facebook post—it likely has been saved as a screenshot and is of course subject to discovery,’ she adds. ‘Personally, I think the best advice is tell the client that any posts about his or her case must be viewed in advance by the attorney.’ “

That’s a fantastic tip.  Professor Murphy – if perchance you find this blog, In Few I Trust. Go Zags! 2019 national champs!

See the source image

Now, I can hear some of you now – “mike, am I supposed to know what my client puts on social media?”

Well, opposing counsel will.  So unless you’re comfortable finding out about that damning tweet or post at deposition or in mediation, then my response is:

See the source image

At the very least – and by “very least” I mean “barest of bare minimums” – I think lawyers have a duty to communicate to their clients the risks associated with posting info to a public forum.

Hmm…I guess this is where I can finally reference Hall & Oates.  When it comes to advising clients on the risks of posting too much to social media, it might be this:

  • Private eyes, they’re watching you.  They see your every move.  And they definitely see what you put out there to be seen.

Anyhow, while the ABA Journal article focuses on the risks associated with representing famous clients, it includes a tidbit that applies to any lawyer who has a client on social media: what happens on social media rarely stays on social media.

Tech competence.  It’s a thing.

By the way, among my friends, I’m definitely E.  My brother is almost definitely Drama.  Alas, while we have several candidates for Turtle, not many for Vinny.   And at risk of offending my friends, the “many” in that previous sentence?  It’s pronounced with a silent “m.”

Hint: this post doesn’t mention Ari Gold.  Which means his name might be of utmost importance later in the week.

Image result for entourage

 

 

Cybersecurity for Lawyers: learn from other professions

I’ve blogged often on tech competence and the duty to safeguard client data.  In short, lawyers have a duty to take reasonable precautions against the inadvertent disclosure of or unauthorized access to confidential client information.

So, people often ask “what are reasonable precautions?”

It depends.

Nobody likes that answer.  But it’s correct.

For instance, do you mean “what are reasonable precautions when it comes to cloud storage?”  Or, are you asking whether a lawyer has a duty to encrypt e-mail? Wait, maybe you’re talking about your duties when crossing the border? No, no, I get it now:  you’re asking if a lawyer has a duty to disable auto-complete. Oh my gosh, no – you’re referring to the hallmarks of trust account scams.

No matter the mode of communication, no matter the place that information is stored, a lawyer must safeguard client information. And, as I explained here, it makes perfect sense not to get into the habit of re-evaulating a lawyer’s duty with every new technology.  Whatever the next new thing is, a lawyer’s duty will remain the same: to take reasonable precautions against the inadvertent disclosure of or unauthorized access to client information.

But, as this post in the ABA Journal points out, lawyers and law firms aren’t sailing into uncharted waters.  There are lessons to be drawn from other professions.  Per the post, those lessons include:

  • Encryption is important.  I’d even venture to opine that if it isn’t already, we aren’t long for the day when the failure to encrypt is tantamount to a failure to take reasonable precautions.
  • Partners and more senior lawyers have to follow the same rules as everyone else. “I don’t do tech” isn’t reasonable. It’s no different from saying “I don’t do ‘protecting client information.’ “
  • Employees and 3rd party vendors need to be trained on the importance of data security.

There’s a great quote in the article. It’s from Michael Mason, chief of security for Verizon Communications: law firms should foster, grow, and ” ‘develop a culture of security.’ ”

A culture premised on “we hope it doesn’t happen to us” is not a culture of security.

With “it” being a breach, the dreaded “it” has happened not just to lawyers and law firms, but to many other professions.  As the ABA Journal suggests, lawyers would be wise to take heed of the lessons learned by those other professions.

Image result for data security

The Interwebs

Good morning!

So, later today, I’m presenting a CLE to the Washington County Bar Association.  The august group’s leaders asked that I talk about some of the ethical issues that arise from lawyers’ failure to understand use of social media.

Prepping for the seminar, I was struck by two things.

Some of you are quietly hoping they were both lightning bolts.   Nope.

Rather, I realized that for all I write about tech competence, (1) in college, I bought a Betamax, siding with Sony in the Format War against VHS; and (2) more recently, I thought Blockbuster would squash that little upstart called Netflix.

img_2031

Anyhow, for those of you interested in the topic, the folks over at Internet for Lawyer maintain this great list of the various advisory ethics opinions on social media.  As for me, I’ve blogged often on the subject  This post – Friends, Followers, and Legal Ethics – sums up my thoughts.

Finally, at the CLE, I’m going to mention this opinion from the titanic clash of Oracle v. Google.  As I reviewed it yesterday afternoon, I wondered whether the judge considered ending the opening sentence after the words “trial lawyers.”

  • “Trial judges have such respect for juries — reverential respect would not be too strongto say — that it must pain them to contemplate that, in addition to the sacrifice jurors make for our country, they must suffer trial lawyers and jury consultants scouring over their Facebook and other profiles to dissect their politics, religion, relationships, preferences, friends, photographs, and other personal information.”

Social Media

 

Bouchons, Cybersecurity & Ransomware

Yesterday, I met with lawyers from the Lamoille County Bar Association.  Leslie Black, president-emeritus (by my proclamation) of the LCBA, had me up to talk legal ethics.

As an aside, Leslie stole the show by showing up with a fresh batch of bouchons.  You might have heard of Thomas Keller and the Bouchon Bakery.   Fine stuff, I’m sure.

Well, Leslie’s lemon bouchons, with a hint of cinnamon, are better.  And that, my friends, is not mere puffery.   The trick, je pense, is her brown butter recipe.

Leslie – les bouchons etait magnifique!

Now, back to business.

First off, I hope I’ve dispelled those who are less tech competent than others of the notion that “bouchon” has something to do with cybersecurity & ransomware.

Next, yesterday, we had an interesting discussion on cybersecurity & ransomware.  I’ve blogged previously on the issue here.  I’m blogging again for a few reasons.  Mainly, to stress a key point that David Polow made at the CLE:  back-up.  Storing info only in the cloud isn’t enough.

My prior blog post includes links to several helpful articles.  I failed to link to this one from the ABA Journal: Ransomware is a growing threat, but there are things you can do to protect your firm.  A critical point in the article echoes David:

  • ” The panelists say that the core of ransomware protection is a robust backup system. However, Simek said that backups need to be tested on a periodic basis.If a firm’s backup is in the cloud, then redundancies of that backup system should be made as well—in other words, one backup is insufficient. For the truly business-critical data, McNew said a backup should be stored offsite and ‘air gapped,’ meaning it is not able to connect to the internet.”

Or, as Jim Knapp says, when it comes to backup “onsite, online, air-gap.”

Are you likely to be targeted? I don’t know.  It happened to one of the nation’s largest firms.  And, a Vermont firm was targeted in April.  The firm did not have sufficient back-up and data was at risk.

If it’s an issue that concerns you, talk to someone with a tech background.  Here are a few links from my original post that might be helpful:

As always, let’s be careful out there.

Ransomware & Cybersecurity Insurance

As I’ve often blogged, Rules 1.1 and 1.6 require lawyers to act competently to safeguard client data.

Last month, I became aware of a law firm that was the subject of a ransomware attack. The cyber attacker blocked the firm’s access to client files and demanded a ransom.

Reminder: if a lawyer’s electronic files are compromised in a cyber attack, the question of whether the lawyer violated the Rules of Professional Conduct will likely turn on whether the lawyer took reasonable precautions to safeguard against the unauthorized access of client data.  In other words, being the victim of an attack is not, in & of itself, an ethics violation.

For example, consider two scenarios.

Scenario 1:  Lawyer operates a solo practice.  Lawyer employs a state-of-the art security system.  Nevertheless, a determined criminal uses C-4 to detonate into the office, into the safe, and then steals Lawyer’s files.

Scenario 2:  Attorney operates a solo practice.  Attorney keeps client files in an unlocked cabinet that’s on the front porch.  A lazy criminal walks up the steps, opens a drawer, and takes some of Attorney’s files.

Between the two, my guess is that a hearing panel is more likely to conclude that Lawyer is the one who took reasonable precautions against the inadvertent or unauthorized disclosure of confidential information.

In any event, on the subject of ransomware, here are few thoughts:

As always, let’s be careful out there.

Hill Street Blues

 

 

 

ESI: there’s risk in failing to preserve.

Say it with me: competence includes tech competence.

In most of my posts on the topic, the unstated message is that a lawyer who fails to satisfy the duty of competence violates Rule 1.1 and risks having a sanction imposed against his or her license.

Here’s my post on Competence, ESI, and E-Discovery.  In it, I wrote that the duty of (tech) competence includes:

  • knowing that “it” exists,
  • knowing that clients, their adversaries, and witnesses have “it;” and,
  • knowing how to protect, preserve, produce, request, review, and use “it.”

What is “it?” It is Electronically Stored Information (“ESI”).

In addition, I cited to an advisory opinion from the State Bar of California that includes the following quote:

  • “Attorney competence related to litigation generally requires, among other things, and at a minimum, a basic understanding of, and facility with, issues relating to e-discovery, including the discovery of electronically stored information (“ESI”).”

Today, I blog to call your attention to other risks. Namely, the risk of having a court impose severe sanctions against you and your clients if you fail to preserve ESI.

Melinda Levitt and Peter Vogel are partners at Foley & Lardner.  Yesterday, The National Law Review posted their article Bad Preservation in eDiscovery is Still Very Costly! 

Give it read.

The article begins by reporting that there is both “good news” and “bad news” when it comes to discovery sanctions for failures to preserve ESI.

The good news is that relative recent amendments to the civil rules reserve the most severe sanctions for situations in which the failure to preserve resulted from an “intent to deprive.” As the authors note, “the ‘bad news’ is that bad preservation behavior continues.”

Next, the authors point out that:

  • “[i]t has been twelve years now since the federal rules were first amended and explicitly came to recognize ‘ESI’ – that is emails, electronic documents, excel spreadsheets, PowerPoints, and a myriad of other electronic materials – as documents” within the meaning of the discovery rules.”

They also point out that, over those 12 years, all of us have become increasingly reliant on technology, without necessarily developing any clue how it works.

Nevertheless,

  • ” . . . there are some basic things that people at least in the business community should have come to understand over the last 12 years. Among them are if litigation is occurring or is about to occur, a company is obligated to take reasonable steps to ensure that its relevant (or potentially relevant) ESI is preserved. That means getting out the word quickly – whether by way of a formal written litigation hold or otherwise – that employees and electronic systems managers/overseers need to take steps to stop either conscious or system-wide deletions or purges of potentially relevant ESI. By now, business owners, their IT employees, and their in-house and outside counsel really should have no doubt about this obligation and how to accomplish it. Granted, meeting this obligation can get dicey and difficult when it comes to things such as employee text messages, social media postings, telephone messages, and structured data. However, in terms of emails and basic electronic documents – the mainstays of business life – there should be no question or hesitation about what needs to be done.  

Then, the meat of their message:

  • “And yet . . . and yet, very recent decisions demonstrate that executives, managers and yes, even lawyers, either remain willfully ignorant of how these business systems work or are determined to pass the buck, having assumed that some mysterious “someone else” in the company was handling things. Well, while courts no longer can impose the most draconian of sanctions, no one should kid him or herself – judges continue to have very potent sanctions options available and are very willing to use them when confronted with preservation misconduct borne of ignorance, indifference or good old-fashioned boneheadness. The following are a few telling examples – and were issued in just the last few weeks – and each leaves us with the question – what were they thinking?”

From there, the article goes on to recount several cases in which significant discovery sanctions were imposed against lawyers and their clients as a result of failures to preserve ESI.  Some might strike a nerve.  If so, there’s still time to sign up for tomorrow’s first-ever VBA Tech Show.

Tech competence.  The lack thereof impacts much more than a lawyer’s license.

E Discovery