Vermont Supreme Court suspends lawyer for improper use & disclosure of information relating to the representation of current & former clients.


In a disciplinary proceeding, the attorney’s state of mind – negligent, knowing, or intentional – is a critical factor in determining the appropriate sanction. Misconduct born of negligence generally results in a lesser sanction than knowing or intentional misconduct.  A few years ago, I blogged about the process by which the Vermont Supreme Court and hearing panels of the Professional Responsibility Board decide the sanction to impose.

Today’s Blog Post

Whether via inquiry or at a CLE, I’ve often cautioned lawyers about taking cases that may require them to depose or cross-examine a former client.  A common reply is “But, Mike, any information I might use against my former client is public record.”

Again “it’s public record,” is NOT one of the exceptions to the prohibition against using information relating to the representation of a current or former client to their disadvantage.  Simply, lawyers who believe that it is are mistaken.  And, as the Vermont Supreme Court indicated last week, it’s a mistake that might not mitigate in favor of a more lenient sanction if disciplinary charges are filed against the lawyer who makes it.

Please read the opinion.  There’s no substitute for doing so.

All I will say is this: at the trial level, a hearing panel of the Professional Responsibility Board concluded that the lawyer violated Rules 1.8(b)and 1.9(c)(2) of the Vermont Rules of Professional Conduct.  The former prohibits lawyers from using information relating to the representation of a current client to the client’s disadvantage.  The latter prohibits lawyers from revealing information relating to the representation of a former client.  Concluding that the violations were “knowing,” the panel suspended the lawyer’s law license for 3 months.

On appeal, the lawyer conceded having violated Rule 1.9(c)(2). However, the lawyer argued that he mistakenly believed that the public nature of the former client’s proceeding relieved him of a duty to keep the information confidential.  Thus, he argued, the violation was “negligent”, not “knowing”, and that his state of mind mitigated in favor of a lesser sanction that would not affect his privilege to practice.

The Court affirmed the hearing panel.  In so doing, the Court stated that lawyers are expected to know the rules.  In essence, ignorance of the rules is no defense to Disciplinary Counsel’s enforcement thereof.  Then, the Court stated that the lawyer:

  • “acted knowingly in revealing details of former client’s divorce to [others]. His mistaken belief that the disclosure was appropriate under the Rules does nothing to change the fact that he knowingly disclosed the information.”

It would be a mistake to conclude that the public nature of information relating to the representation of a current or former client relieves a lawyer of the duty not to use the information to the current or former client’s disadvantage.  A mistake that may not mitigate in favor of a lesser sanction.


Related Posts

 For more on the “generally known” exception to Rule 1.9(c)(2), see ABA Formal Opinion 479.


ABA Issues Guidance on Responding to Online Criticism

I haven’t blogged since before Christmas. Alas, like tragic ancient romances, all good things must come to an end.

I’m going to ease back into it with a topic familiar to regular readers: a lawyer’s duties when responding to online criticism.  It’s an issue I’ve discussed often.  Links to my prior posts are below.  Here’s the nutshell version:

  • when considering if or how to respond to a negative review, a lawyer should be as careful as Elmer Fudd was quiet when hunting rabbits: very, very.

Yesterday, the ABA’s Standing Committee on Ethics and Professional Responsibility issued Formal Opinion 496: Responding to Online Criticism.  I like the opinion and urge you to read it.  Here are my thoughts.

In Vermont, Rule 1.6 prohibits a lawyer from disclosing information relating to the representation of client.  Our rule on former clients, Rule 1.9, incorporates Rule 1.6 by reference.

There are exceptions to the general prohibition. Of the exceptions, the so-called “self-defense” exception is most often cited as permitting a lawyer to disclose other confidential information in response to a negative review.  As I’ve long pointed out, it doesn’t.

In Vermont, the “self-defense” exception appears in Rule 1.6(c)(3).  It permits a lawyer to disclose information relating to the representation:

  • to establish a claim or defense on behalf of the lawyer in a controversy between the lawyer and the client;
  • to establish a defense to a criminal charge or civil claim against the lawyer based upon conduct in which the client was involved; or,
  • to respond to allegations in any proceeding concerning the lawyer’s representation of the client.

As ABA Opinion 496 further makes clear, a negative review is not “a controversy” or “proceeding” that triggers the “self-defense” exception.

In short, “my client criticized me online” does not fall within the exceptions to the general prohibition on disclosure.

Finally, while I haven’t received many inquires about how to respond to online reviews, those I’ve received consistently include the lawyer saying something like “the client’s post waives the privilege, so I can respond, right?”

Hold up!!

Your ethical obligation is not to disclose information relating to the representation of a client or former client.  The obligation encompasses all information relating to the representation, no matter the source.  As such, it is much broader than the attorney-client privilege.

In addition, the privilege is asserted in response to demands that compel production of confidential information.  For example, discovery requests or a request to testify under oath.  Whether a client’s online review constitutes a waiver of an evidentiary privilege is for a court to decide. It is not for the lawyer to decide in posting a reply.  Or, as the committee notes at the very beginning of its analysis in Formal Opinion 496:

  • “[t]he scope of the attorney-client privilege, as opposed to confidentiality, is a legal question that this Committee will not address in this opinion.”

So, what can a lawyer do when criticized online? Opinion 496 includes guidance.  From the summary:

  • As a best practice, lawyers should consider not responding to a negative post or review, because doing so may draw more attention to it and invite further response from an already unhappy critic. Lawyers may request that the website or search engine host remove the information. Lawyers who choose to respond online must not disclose information that relates to a client matter, or that could reasonably lead to the discovery of confidential information by another, in the response. Lawyers may post an invitation to contact the lawyer privately to resolve the matter. Another permissible online response would be to indicate that professional considerations preclude a response.”

Negative online reviews will happen.  Fight the urge! Think and long & hard before you respond.



 My Blog Posts

Negative Online Review? How Not to Respond

Negative Online Review? Restrain Yourself!

Other Blog Posts

ABA Journal, How to ethically respond to negative reviews from clientsCynthia Sharp (friend of this blog)

Responding to Negative Online Reviews, Catherine Reach, North Carolina Bar Association Center for Practice Management

Advisory Opinions

 North Carolina State Bar, Proposed Opinion 2020-1

New York State Bar Association Ethics Opinion 1032

The Bar Association of San Francisco, Ethics Opinion 2014-1

Los Angeles County Bar Association Ethics Opinion 525



Facebook Post Leads to Public Reprimand

I’ve blogged often on the risk associated with disclosing information relating to the representation of a client.  At times, I sense that lawyers think I’m exaggerating to make a point.

I’m not.

Earlier this week, the Legal Profession Blog posted Public Discipline For Facebook Posts That Violated Duty Of ConfidentialityThe post shares this opinion from the Massachusetts Board of Bar Overseers.

Briefly, a lawyer represented Jane Doe in connection with a petition for guardianship of her grandson.  Following a confidential juvenile hearing, the lawyer posted the following on his personal Facebook wall:

“I am back in the Boston office after appearing in Berkshire
Juvenile Court in Pittsfield on behalf of a grandmother who
was seeking guardianship of her six year old grandson and
was opposed by DCF yesterday. Next date-10/23.”

Two people commented.

The first asked the grounds on which DCF opposed the petition.  The lawyer replied:

“GM [grandmother] will not be able to ‘control’
her daughter, the biological mother, and DCF has ‘concerns.’ Unspecific.” 

The second asked if DCF preferred foster care.  The lawyer replied:

“The grandson is in his fourth placement in foster care since his removal from GM [grandmother]’s residence in late July. I will discover what DCF is doing or not doing as to why DCF opposes the GM [grandmother] as guardian. More to come.”

Eventually, Jane Doe’s daughter saw the post and comments and told Jane Doe about them. Doe sent the lawyer an email in which she stated that he

“seem[ ed] to think that discussing my custody case (and who knows what else) with your Face book [sic] buddies on an open account … is okay and at the least just [a] mistake. I beg to differ. Posting client information on Face book [sic] is a violation of the attorney client law.”

The lawyer replied that he had not disclosed protected information and that his post indicated “from where I was returning and DCF’s position only.”

The MA disciplinary prosecutor charged the lawyer with violating Rule 1.6(a) of the Massachusetts Rules of Professional Conduct.  With few exceptions, none of which were present, the rule states that a lawyer “shall not reveal confidential information relating to the representation of a client.”

(I emphasized confidential.  Why?  Because Vermont’s rule isn’t as narrow.  Vermont’s rule states that a lawyer “shall not reveal information relating to the representation of a client.”)

Anyhow, the MA rules defines “confidential information” as “information gained during or relating to the representation of a client, whatever its source, that is (a) protected by the attorney-client privilege, (b) is likely to be embarrassing or detrimental to the client if disclosed, or ( c) information that the lawyer has agreed to keep confidential.”

At the trial level, the disciplinary prosecutor argued (b).  That is, that the Facebook post revealed information that was likely to be embarrassing or detrimental to Jane Doe if disclosed.

The hearing committee recommended dismissal of the disciplinary charges.  Upon review, the Board of Bar Overseers characterized the committee’s decision as follows:

  • “In recommending dismissal of the petition for discipline, the hearing committee
    concluded that, ‘the information at issue could only be embarrassing or detrimental to Doe if it could reasonably be linked to her.’ Based on its reading of [the rule] the hearing committee concluded that, ‘there must be enough revealed to get to a certain threshold, some identifiable or linear nexus reasonably connecting the information to a particular person.’ Thus, in recommending dismissal of the petition, the hearing committee found that, ‘There is no reasonable likelihood that the client could have been recognized.'”

The Board disagreed.

First, the Board concluded that the Facebook post was “confidential” because the disclosure that Jane Doe and her grandson were involved in a DCF matter was likely be embarrassing or detrimental to Jane Doe.

Next, the Board noted it was enough that Jane Doe and her daughter had recognized the post as referring to the lawyer’s representation of Jane Doe.  More specifically, the Board rejected the hearing committee’s conclusion that “there must be enough revealed to get to a certain threshold, some identifiable or linear nexus reasonably connecting the information to a particular person.”  Rather, after concluding that the daughter, who was not the lawyer’s client, figured out the the post was about her mother, the Board wrote:

  • “Even if there were no evidence that a third party actually recognized the client in the post, we would still conclude that the respondent had violated Rule l.6(a). There is no requirement that a third party actually connect the dots. If it would be reasonably likely that a third party could do so, the disclosure runs afoul of the rule. In addition to her daughter knowing about the case, Doe could have mentioned to a friend that the respondent was representing her in a case (perhaps in connection with making a referral). If the friend looked up the respondent on Facebook, the friend would learn about the ’grandmother’ and her litigation with DCF. There are numerous other reasonable scenarios.”

Now, I know what you’re thinking:  if that’s the rule, how can I ever run anything by another lawyer who isn’t in the same office as I am? The Board’s answer:

  • “In posting on Facebook, the respondent did not seek advice from other lawyers, nor can we discern any other purpose that would have served his fiduciary duty to his client. There is no legitimate analogy between seeking advice from other lawyers and the respondent’s Facebook post.”

Turning to the appropriate sanction, the Board publicly reprimanded the lawyer. While dissenting members urged a private admonition, the Board stated:

  • “The post is no different than publishing the facts in a newspaper or broadcasting them on television. Furthermore, the matter discussed by the respondent here was a sensitive child custody case that our legislature has deemed to be worthy of confidential protection by statute [citation omitted]. The respondent’s conduct ignored not only the basic tenets of Rule 1.6, but the basic confidentiality requirements that all attorneys who handle these sort of child custody and protection matters should honor.”

The Board concluded:

  • “Confidentiality is a central tenet of our profession.  If nothing else, the public knows that attorneys are obligated to protect their confidences.  This obligation exists to encourage clients to be truthful and to place great trust in their counsel.  By posting information about his client on Facebook, the respondent jeopardized that trust.  Public discipline is warranted.”

When it comes to disclosing information relating to the representation of a client, my thoughts remain the same.  Unless required or permitted by the rule, don’t.  As this case proves, “not much” can be “too much.”


 Related Posts:

Client alleges you did wrong? Still, don’t talk too much.

When it comes to client confidences, I think lawyers would be well served to remember lessons imparted by Run-DMC: it’s not tricky, don’t talk too much.

Information relating to the representation of a client, no matter the source, is confidential.  Per Rule 1.6, such information can only be disclosed if:

  • the client gives informed consent to the disclosure;
  • disclosure is impliedly authorized to carry out the representation;
  • disclosure is required by Rule 1.6(b); or,
  • disclosure is permitted by Rule 1.6(c).

Today, I want to look at one of the instances in which paragraph (c) permits disclosure of otherwise confidential information.  I’m going to refer to (1) an ineffective assistance of counsel claim made by a criminal defendant against a defense attorney; and, (2) an ABA advisory opinion on the extent to which Rule 1.6 applies to claims of ineffective assistance.

Don’t tune out simply because you don’t do criminal defense.  There’s a larger point: the mere fact that the client alleges that you did something wrong does not give you license to disclose anything and everything that the client ever shared with you.

Rule 1.6(c)(3) permits (but does not require) a lawyer to reveal information relating to the representation if the lawyer reasonably believes that disclosure is necessary:

  • to establish a claim or defense on behalf of the lawyer in a controversy between the lawyer and the client;
  • to establish a defense to a criminal charge or civil claim against the lawyer based upon conduct in which the client was involved; or,
  • to respond to allegations in any proceeding concerning the lawyer’s representation of the client.

Per Comment [14], if a lawyer reasonably believes that (c)(3) permits disclosure, disclosure is nonetheless limited to “the extent the lawyer reasonably believes the disclosure is necessary to accomplish one of the purposes specified.”  It continues:

  • “[D]isclosure adverse to the client’s interest should be no greater than the lawyer reasonably believes necessary to accomplish the purpose.  If the disclosure is made in connection with a judicial proceeding, the disclosure should be made in a manner that limits access to the information to the tribunal or other persons having a need to know it and appropriate protective orders or other arrangements should be sought by the lawyer to the fullest extent practicable.”

In simple terms, do what you advise your clients to do in depositions and on the witness stand: listen to the question and answer only the question.   Actually, a federal magistrate recently stated it far more succinctly.

Yesterday, I came across this post in the ABA Journal.  The opening paragraph:

  • “A federal magistrate judge has ordered a West Virginia lawyer accused of ineffective assistance of counsel to respond to his one-time client’s allegations in a way that limits disclosure of confidential information.”

The magistrate’s opinion is here.  The analysis includes reference to Rule 1.6 and ABA Formal Opinion 10-456.  The magistrate’s succinct conclusion:

  • “Simply put, the filing of an ineffective assistance of counsel claim does not operate as an unfettered waiver of all privileged communications.”

I’ll stop there otherwise I risk sudden onset of carpal tunnel syndrome.

Suffice to say, even when a client puts your representation into issue, don’t talk too much.

After all, who wants to be this guy? (80’s lyrics are the best!)

“Everywhere that you go, no matter where you at
I said you talk about this, and you talk about that
When the cat took your tongue, I say you took it right back
Your mouth is so big, one bite would kill a Big Mac.”

~ Run-DMC, “You Talk Too Much,” King of Rock, Track 3, 1985.

Image result for run dmc talk too much images

Related Posts

Redacting Confidential Info

In January, Paul Manafort’s lawyers made headlines for failing to take proper steps to redact a document.  Myriad outlets covered the story, including The Atlantic, BBC, and Legal Tech News.

In response, the ABA Journal posted How to redact a PDF and protect your clients.  A few days later, I recommended the ABA post in my blog Competence, Confidences and PDFs

Today, the ABA Journal published more helpful information: Redacting confidential client information: The devil is in the detailsThe post points out the risks in failing to understand how property to redact a document.  I recommend it.

One risk? Disciplinary action.  Lawyers have a duty not to disclose information relating to the representation of a client.  There’s also a duty to use reasonable safeguards to protect against unauthorized access to or inadvertent disclosure of confidential information.  In my view, employing a redaction method that fails to keep information confidential is not a reasonable safeguard.

Rather, it’s tech incompetence.

Image result for images of redacting confidential info




Don’t Post That

There was a time in my life when the MTV Video Music Awards were must see tv.  I refer to that era as “law school.”

In my first year of law school, Hammer’s U Can’t Touch This won the VMAs for Best Rap Video & Best Dance Video.  I loved that song.  I wore out my apartment’s carpet dancing to it.

Anyhow, the song came to mind yesterday upon reading the ABA Journal’s story about a lawyer who called a client an “idiot and terrible criminal” in a Facebook post.

Why did the story remind me of the song?

Because last week I announced the theorem Keep Quiet & Lawyer OnToday, I’m announcing its corollary:  Don’t Post That.  It’s pronounced as if you’re singing along with Hammer.

Don’t let the pop culture reference gloss over your eyes.  This is a serious post. The story that prompts it raises concerns about an issuet that troubles me: my perception that we’ve become too willing to share too much.

Here’s the backdrop:

Aaccording to an article in the Des Moines Register, the Associated Press obtained a screenshot of an attorney’s Facebook post. In it, the attorney recounted meeting with a client to prepare for trial on federal gun & drug charges.  The client expressed concern that the “blue-collar jurors” would not connect with the attorney.

Per the AP story, the attorney turned to social media, posting that he was “flabbergasted” that the client would even suggest such a thing.  The post went on to state that the client was an ” ‘(expletive) idiot and a terrible criminal . . . who needed to shut his mouth because he was the dumbest person in the conversation by 100 times.’ ”  The attorney’s post observed ” ‘you wonder why need jails, huh?’ ”

The post speaks for itself and probably wouldn’t require more than 3 seconds at a CLE:  Don’t Post That.  It’s the attorney’s response that I find noteworthy.

The AP interviewed the attorney.  He told the AP that “he shared the post only with his Facebook friends.”

In Vermont, Rule 1.6 addresses client confidences.  The rule sets out the general prohibition against disclosing information relating to the representation of a client, then lists some exceptions.

“You may tell your friends” is not one of the exceptions.  In fact, it’s kind of the point of the rule.

Again, this story presents a stark example and I think most lawyers recognize that there’s no “friends & family” exception to the duty to maintain confidences. But as I noted last week, I think we sometimes get a bit lax in how much we share about our cases and clients.  Even a little is too much.

Finally, the fact that the attorney’s disclosure was made on social media is almost a red herring.  To me, this is not “See! I told you that social media is bad!”  That is, my guess is that lawyers who improperly disclose client confidences on social media would likely do by other means as well.  If you’re willing to post confidences to social media, you’re probably also willing to drop them in casual conversation over dinner.

Don’t.  Remember our postulates:

  • Theorem:  Keep Quiet & Lawyer On.
  • Corollary:  Don’t Post That.

Now, I look forward to spending the weekend revising Hammer’s lyrics to create a parody version entitled Don’t Post That.  Maybe I’ll sing it at my next CLE.

And, if I’m feeling nostalgic, maybe I’ll dig out the parachute pants.

Image result for images of mc hammer can't touch this





Cybersecurity for Lawyers: learn from other professions

I’ve blogged often on tech competence and the duty to safeguard client data.  In short, lawyers have a duty to take reasonable precautions against the inadvertent disclosure of or unauthorized access to confidential client information.

So, people often ask “what are reasonable precautions?”

It depends.

Nobody likes that answer.  But it’s correct.

For instance, do you mean “what are reasonable precautions when it comes to cloud storage?”  Or, are you asking whether a lawyer has a duty to encrypt e-mail? Wait, maybe you’re talking about your duties when crossing the border? No, no, I get it now:  you’re asking if a lawyer has a duty to disable auto-complete. Oh my gosh, no – you’re referring to the hallmarks of trust account scams.

No matter the mode of communication, no matter the place that information is stored, a lawyer must safeguard client information. And, as I explained here, it makes perfect sense not to get into the habit of re-evaulating a lawyer’s duty with every new technology.  Whatever the next new thing is, a lawyer’s duty will remain the same: to take reasonable precautions against the inadvertent disclosure of or unauthorized access to client information.

But, as this post in the ABA Journal points out, lawyers and law firms aren’t sailing into uncharted waters.  There are lessons to be drawn from other professions.  Per the post, those lessons include:

  • Encryption is important.  I’d even venture to opine that if it isn’t already, we aren’t long for the day when the failure to encrypt is tantamount to a failure to take reasonable precautions.
  • Partners and more senior lawyers have to follow the same rules as everyone else. “I don’t do tech” isn’t reasonable. It’s no different from saying “I don’t do ‘protecting client information.’ “
  • Employees and 3rd party vendors need to be trained on the importance of data security.

There’s a great quote in the article. It’s from Michael Mason, chief of security for Verizon Communications: law firms should foster, grow, and ” ‘develop a culture of security.’ ”

A culture premised on “we hope it doesn’t happen to us” is not a culture of security.

With “it” being a breach, the dreaded “it” has happened not just to lawyers and law firms, but to many other professions.  As the ABA Journal suggests, lawyers would be wise to take heed of the lessons learned by those other professions.

Image result for data security


There’s a lot going on in Montreal this summer.  Go! Be a #WellLawyer!

But, if you go, make sure you take reasonable precautions to protect client data at the border.

Today, I’m going to share a few old posts, as well as an updated advisory ethics opinion from the New York City Bar Association.

My old posts:

Last summer, the New York City Bar Association issued Formal Opinion 2017-5.  In short, and as reported by the ABA Journal, lawyers should take reasonable precautions to avoid the disclosure of client information during a border crossing.

Here are some highlights from the NYC Opinion:

  • Rules 1.1 (competence) and 1.6 (confidences) impose a duty to act competently to safeguard client information.
  • The duty includes taking reasonable precautions against disclosing information that should not be disclosed.
  • The duty requires “attorneys to make reasonable efforts prior to crossing the U.S. border to avoid or minimize the risk that government agents will review or seize client confidences that are carried on, or accessible on, electronic devices that attorneys carry across the border.”

Last month, the NYCBA reissued the opinion.  Some other takeaways:

  • Odds that a device will be searched might be low.  But, don’t discount the possibility.
  • The safest way to protect client data is not to bring any.  This might not be feasible given the increasingly blurred lines between “work” and “personal” devices, but it remains an option.
  • If asked to produce a device, an attorney should inform the border agent that it contains confidential & privileged information.  This triggers additional duties by the border agent before the search is conducted.
  • Finally, if a device is searched, an attorney likely has a duty to notify clients.

For more, see the opinion.

Adieu et bon voyage!

See the source image




Avoid the Oopsies: Reply to Some, not All

Last September, I posted on the perils of autocomplete.   The post was prompted by the story of a lawyer who accidentally disclosed confidential client information to a reporter for the Wall Street Journal. How?  By failing to realize that the reporter’s email address had been added to a distribution list.  The ABA Journal has the story here.

Has that happened to you?

Today, I came across a post on Robert Ambrogi’s LawSites blog.  I love the title:

Created By A Lawyer, ReplyToSome Helps Prevent Email Oopsies

Give it read.  It discusses “ReplyToSome,” an add-in to Microsoft Outlook that was created by a lawyer to help lawyers avoid email mistakes.

Image result for oops