History’s best “worst” song, and tips on acting reasonably to safeguard client data.

Yesterday was this blog’s 7th birthday.  We entered the world with Competence Includes Tech Competence.  The theme dominated back then.  Indeed, one could reasonably argue that tech competence is to this blog, as rock & roll is to Starship’s city.[1]

The rules related to tech competence have evolved since then.  In 2018, we adopted language that makes clear that maintaining competence includes keeping “abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology.”[2] More recently, we amended V.R.Pr.C. 1.6, the confidentiality rule, to include this paragraph:

  • (d) A lawyer shall make reasonable efforts to prevent the inadvertent disclosure of, or unauthorized access to, information relating to the representation of a client.

The amendment, which takes effect next week, addresses the duty to act competently to safeguard client information, no matter the format in which the information is stored.  Here’s the Reporter’s Note:

  • “Subdivision (d) is added to reflect that the modern practice of law includes possession of information related to the representation of client in many forms, including information that is stored electronically or digitally. A lawyer is under a duty to act competently to safeguard client information, no matter its format. See V.R.Pr.C. 1.1. Paragraph (d) tracks the ABA Model Rule, clarifies that V.R.Pr.C. 1.6 applies to the electronic transmission and storage of information relating to a representation, and makes explicit that the duty under Rule 1.6 is broader than avoiding affirmative disclosures of information relating to the representation of a client.”

With the new rule, a question that arises is “what are reasonable efforts?”  As I indicated here, it’s not my role to issue a formal opinion as to what’s reasonable and what isn’t.  My stance finds support in ABA Formal Opinion 477.  Among other things, the opinion concludes that “[w]hat constitutes reasonable efforts is not susceptible to a hard and fast rule, but rather is contingent upon a set of factors.”  It goes on to state that “the reasonable efforts standard:

  • “. . . rejects requirements for specific security measures (such as firewalls, passwords, and the like) and instead adopts a fact-specific approach to business security obligations that requires a ‘process’ to assess risks, identify and implement
    appropriate security measures responsive to those risks, verify that they are effectively implemented, and ensure that they are continually updated in response to new developments.

That said, it’s undisputed that my role includes providing guidance.  To that end, here are two resources.

In September, Jim Knapp and I presented “Tech Competence & Cybersecurity” at the VBA’s Annual Meeting.  I began with a short overview of the new rule, then Jim provided a boatload of cyber and tech tips.  You can access the material here.

In addition, Catherine Reach is the Director of the North Carolina Bar Association’s Center for Practice Management.  Two days ago, Catherine posted “Protecting Portable Devices.”  Like Jim’s material, Catherine’s post is chock full o’ helpful tips on securing data.

As always, let’s be careful out there.

[1] Those of you who remember the 80s music scene might question including We Built This City in a post on competence. Your skepticism is warranted. After all, a few years ago, GQ named it “the Worst Song of All Time.” However, I’ll say this: on the rare occasion that I listen to the song, I turn the volume to 11, sing along enthusiastically, and find myself particularly thrilled to belt out (with proper intonation that doesn’t come through in a blog post) “knee deep in the hoopla” and “Marconi plays the Mamba.”  So, for giggles, a trip down memory lane is here.

[2] V.R.Pr.C. 1.1, Cmt. [8].


Remember reruns?  In the age of streaming content, I don’t know if reruns are even a thing anymore.  If not, good riddance!!

Seriously, was there anything as disappointing as waiting all week for the next episode of your favorite show only to have it be a rerun?

Aside: yes, we used to have wait all week for the next episode of our favorite shows.

As much as I despised reruns as a viewer, I love them as a blogger.  They’re the perfect antidote to writer’s block. So, here goes.

The VBA’s Tech Day is next month.  The agenda is fantastic.  It includes seminars on several topics upon which I’ve blogged in my nauseating ongoing effort to remind lawyers that the duty of competence includes tech competence.

Missed my posts?  Thank goodness for reruns.

Last October, I posted Competence, ESI, and E-DiscoveryIt referenced several topics, including:

  • admitting social media posts into evidence;
  • an attorney’s duties related to a client “taking down” or “scrubbing” social media posts;
  • practical tips on preservation letters regarding ESI.

VBA Tech Day includes seminars on each.

Last September, I posted Protecting Data: Cybersecurity TipsI followed up in February with  ABA Journal Provides Cybersecurity TipsEach post refers back to my post on the electronic transmission & storage of client information: The Cloud: What are Reasonable Precautions? Indeed, I’ve often blogged on Encryption & The Evolving Duty to Safeguard Client Information.

VBA Tech day includes seminars on encryption, cybersecurity, & data security.

Finally, I’ve blogged on using technology to become more efficient.  My post Fees. Is there an App for that? refers to an ABA Journal post that discusses how technology can help lawyers bill more than 2.24 hours per day that, on average, they currently bill.  And, in Tech Competence: It includes more than you might think, I cautioned that a lawyer who isn’t competent in basic tech runs the risk of violating Rule 1.5 by over-billing clients.

VBA Tech Day includes seminars on using technology to become more efficient at billing.

I think the networks might have used reruns to build anticipation for the final few episodes of a show’s season.  Most of those episodes ran in May.

Well, I’ve posted some reruns here today. Hopefully they build anticipation for VBA Tech Day.  A terrific conference on tech-related issues that will take place in, you guessed it, May.

See the source image


Smalls & Solos: Tech Competence Can Help Keep the Train on the Tracks

Do any of these sound familiar?

  • your office’s e-mail server is AOL
  • you use folders within Microsoft Word as your case/document management system
  • you print out hard copies of “important” e-mails & documents
  • your “tech consultant” is someone a friend recommended
  • you haven’t learned much about tech because it’s not “lawyering” and keeps you from focusing on helping clients to solve their problems

If your answer is “yes, Mike, at least one of those sounds familiar,” I’m not here to say that you’ve violated the rules.  I am, however, here to say that I have a story for you to read.

The story is a cautionary tale entitled How Technology Illiteracy Can Cost Solos Big Money.  It’s by Carolyn Elefant and appears on the Above The Law blog.

Don’t have a lot of time?  Ok.  At least check out the part where Carolyn writes “I want to commend every solo and small firm lawyer to read this train wreck of a decision closely to learn how not to run a law office.”  The decision was issued last month by the United States District Court for the Eastern District of New York. If you don’t have time to read the decision, Carolyn’s blog summarizes it nicely.

Take the time to read the blog and the decision.  The money (and law license) that you save might be yours.

Train Tracks


Monday Morning Answers – Week 29

Only one thought for you NBA fans: Kyrie Irving didn’t play in last year’s finals.  Thank goodness. Otherwise the phrase “three-peat” would be all over the airwaves today.

Friday’s questions are HERE.

Honor Roll (*= perfect score)

  • Matt Anderson, Pratt Vreeland
  • Andrew Delaney, Martin Associates
  • Robert Grundstein*
  • Keith Kasper, McCormick Fitzpatrick Kasper & Burchard
  • Team Liberty*, ACLU of Connecticut
  • Hal Miller*, First American
  • Ian Sullivan*, Rutland County State’s Attorney’s Office
  • Ben Traverse*, Downs Rachlin Martin


Question 1

As long-time readers know, the duty of competence includes tech competence.  With that in mind, what’s the most common basis for a court to issue a sanction for a discovery violation related to Electronically Stored Information?

  • A.  Failure to preserve.   In VT, V.R.C.P. 34 applies (as does F.R.C.P. 34).  For an analysis of an attorney’s dutie with respect to ESI, see this opinion from the Cal State Bar or this opinion from the San Diego County Bar Association. My general tip to lawyers is that the duty of competence includes a duty to understand how to request, review, and introduce ESI, as well as a duty to understand how and when to advise a client to preserve ESI.
  • B.  Failure to produce
  • C.  Failure to produce in usable format
  • D.  Overly broad requests for ESI

Question 2

At a seminar I did earlier this week, I explained that “the rule used to be that no matter what you called it, it had to go into trust until earned.  That rule has been somewhat relaxed.”

What is “it”?

I need a rather specific answer here.  “Client money” won’t cut it.

Fees paid in advance (or flat fees).  See new Rule 1.5(f).

Question 3


The ethical duty of competence also includes knowing how to introduce (or object to) evidence.  In a case it decided this year, the Vermont Supreme Court stated that:

  • Unlike a past recollection recorded, a declarant need not specifically avow to the reliability of an excited utterance in order for it to be admitted.Rather, the fact that the statement was caused by a “startling event” generally is sufficient.
    • State v. Kelley, 2016 VT 58, ¶27

Question 4

A former client posts a negative review of you online.  Which is most accurate?

  • A.   The rules prohibit you from replying or commenting
  • B.  You may reply or comment, but you may not do so in way that violates the rules.
  • C. The prohibition on the disclosure of information relating to  the representation no longer applies.  The client waived it.

This week’s “model answer” goes to Ian Sullivan from the Rutland County State’s Attorney’s office. Referring to option C (and rule 1.6(c)) Ian correctly pointed out that:

1.6(c) allows disclosure if there is a court case. The court of public opinion does not qualify. I suppose there may be a way to respond without disclosing confidential information. For example, “The Shangri-la Law Firm strives to provide high-quality legal representation that is tailored to our client’s goals. If your experience fell short of our firm’s standards, please contact our managing director G. Edward Percival, IV, Esq.

For more on online reputation management, see the cites that I’ve pasted in below the answer to Question 5.

Question 5

Speaking of technology and evidence, a trial that’s taking place in LA made the news this week.    The issue at trial is whether a band “stole” a rift from another writer’s song and used the rift in one of the most (over)played songs in classic rock history.  During his opening statement, the plaintiff’s attorney played a video that showed a musician playing the plaintiff’s song, then the defendant’s.   The video was not on the exhibit list. The trial continues, but by playing a video that wasn’t on the exhibit list, plaintiff’s attorney might cause a mistrial.

Name the band that’s on trial.

Led Zeppelin.  An account of the opening statement is HERE. Bonus to Hal Miller for knowing the song at issue is “Stairway to Heaven.”


Here’s the outline I use for issues related to Online Reputation Management

Disciplinary Cases

In re the Matter of David J. Steele, Ind. Supreme Court No. 49S00-1509-DI-527 (Ind. 2015) (among other violations, Indiana lawyer disbarred for, by his own description, “actively manipulate[ing his] Avvo reviews by monetarily incentivizing positive reviews, and punishing clients who wr[o]te negative reviews by publicly exposing confidential information about them.” Responses to the negative reviews included numerous false statements)

• People v. James C. Underhill Jr., 2015 WL 4944102 (Colo. 2015) (Colorado lawyer suspended for 18 months for, among other violations, disclosing confidential information in response to internet complaints about his fees and services)

• In the Matter of Tsamis, Ill. Att’y Registration and Disciplinary Comm’n, Comm’n No. 2013PR00095 (Ill. 2014) (Chicago lawyer reprimanded for revealing confidential information when responding to a negative review on the legal information website Avvo)

• In the Matter of Margrett A. Skinner, 295 Ga. 217, 758 S.E.2d 788 (Ga. 2014) (Georgia lawyer publicly reprimanded for improper disclosures in response to negative online review)

• In re Petition for Disciplinary Action Against Allison Wiles Maxim Carlson, Supreme Court A13-1091 (Minn. 2013) (Minnesota lawyer reprimanded for falsely posing as a former client of opposing counsel and posting a negative review about opposing counsel on a website. See also Petition for Disciplinary Action)

• In re Quillian, 20 DB Rptr 288 (Or. 2006) (Oregon lawyer suspended for 90 days for publishing confidential information about former client in listserv post)

Ethics Opinions

• Wash. St. B. Ass’n, Advisory Op. 2014-02 (2014) (lawyer who claims information on a website listing becomes responsible for ensuring that info in the list conforms to the RPC; lawyer must delete false or misleading comments or endorsements attached to lawyer’s profile; and lawyer may endorse another lawyer only if the endorsement is accurate)

• B. Ass’n of San Francisco, Ethics Op. 2014-1 (2014) (stating that while lawyers may respond to an online review, the duty of confidentiality still prevents any disclosure of confidential information without the client’s consent)

• Pa. B. Ass’n, Formal Op. 2014-300 (2014) (lawyer may not give detailed response to on-line criticism of the lawyer by a client; lawyers also may just ignore the on-line criticism; the self-defense exception is not triggered by a negative on-line review)

• N.Y. St. B. Ass’n, Op. 1032 (2014) (lawyer may not disclose confidential client information solely to respond to former client’s criticism of the lawyer posted on a lawyer-rating website)

• Los Angeles County B. Ass’n, Ethics Op. No. 525 (2012) (lawyer may publicly respond to comments published by a former client if (1) no confidential information is disclosed, (2) the response does not injure the former client in any matter involving the prior representation, and (3) the response is proportionate and restrained)

• S.C. B, Ethics Advisory Op. 09-10 (2010) (once lawyer claims website listing, information contained therein are subject to rules governing communication and advertising; lawyer may invite peer reviews and comments but such comments are governed by the RPC and the lawyer is responsible for the content)

Other Sources

• Joseph A. Corsmeier, Colorado Lawyer Suspended for 18 Months for Disclosing Confidential Information in Response to Client Internet Criticism, LAWYER ETHICS ALERT BLOGS (Aug. 28, 2015 4:02 PM), https://jcorsmeier.wordpress.com/category/lawyer-revealing-client-confidential-information-on-internet/

• Cassandra Burke Robertson, Online Reputation Management in Attorney Regulation, Social Science Research Network (May 1, 2015), http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2611326## (forthcoming in the Georgetown J. of Legal Ethics)


The Future is Here – Update for the Wary

Thanks to an attentive reader, I have a follow-up to this morning’s post.  I’ll paste in the post here:


For over a year, Kevin Ryan and I have been talking about, some might say ‘warning of’, looming changes to the legal profession.  Kevin was the first person I heard speak of the “uberization of the law.”  Since then, we’ve mentioned at it at every seminar we’ve presented together.  We usually don’t get much of a response beyond “that’s cool, can we move on to the practical stuff now.”

  • Well, many people consider apps to be practical.

And, from Robert Ambrogi’s LawSites blog, here’s the latest on apps and the “uberization of the law.”


Now, for the update.

I understand the app isn’t yet available. However, when it is, a few thoughts.

According to the article, the developer of the app, Jason Velez,

  • “foresees the app being used to answer quick and simple legal questions at no charge. The incentive for attorneys to participate is to establish relationships with users that could then lead to fee-generating services and referrals.”

That’s great and, generally, there’s nothing wrong with answering quick and simple legal questions at no cost.  But, a few things to keep in mind:

  1. There’s no minimum length of time required to form an attorney-client relationship. Nor is there any requirement that a fee be charged or collected in order for an a/c relationship to form.  An attorney who provides a quick and simple answer to a legal question does so, arguably, in the context of an attorney-client relationship.  If so, once the connection is terminated, the app user is a “former client” to whom Rule 1.9 applies.
  2. Even now, lawyers have the ability to answer short & simple questions at no cost.  Perhaps by e-mail, or maybe on one of those machines that my aunt calls a “telephone,” or, heaven forbid, if a client walks in the front door.   And what do most lawyers do before responding to unsolicited e-mails or doling out advice to cold callers and walk-ins?  They check for conflicts.  That quick chat at no cost might be a great lead generator, but what if the person with whom you connected is adverse to a current or former client?

I’ve mentioned this in other contexts:  Rule 6.5 relaxes the conflicts rules when lawyers provide short-term legal services, with no expectation of continuing representation, in nonprofit & court-annexed limited legal services programs.  One might argue that providing free or low-cost advice to generate good will & leads is not the same as volunteering at a Saturday morning legal clinic.

In short, embrace technology, especially to the extent it can streamline your practice and make you a better and more efficient lawyer.  But remember, the rules continue to apply.





The Future is Here

For over a year, Kevin Ryan and I have been talking about, some might say ‘warning of’, looming changes to the legal profession.  Kevin was the first person I heard speak of the “uberization of the law.”  Since then, we’ve mentioned at it at every seminar we’ve presented together.  We usually don’t get much of a response beyond “that’s cool, can we move on to the practical stuff now.”

Well, many people consider apps to be practical.

And, from Robert Ambrogi’s LawSites blog, here’s the latest on apps and the “uberization of the law.”

Tech Updates

A few updates on issues related to tech ethics.

In other words, I’m suffering from writer’s block and don’t have an original thought to post today.

A few weeks ago, I blogged on cloud storage.  Many lawyers want a recommendation as to the best cloud storage vendors.  That’s not something I’m supposed to do.

However, I can point you to this:  Robert Ambrogi is one of nation’s leading commentators on legal technology, with his LawSites blog consistently one of the best.  Earlier this week, he reviewed Citrix Sharefile.  The review is HERE.

Also, for those of you who were in Montreal, you’ll recall that I mentioned that Ravel Law and Harvard Law Library had partnered to make HLL’s entire collection available for free online.  When it was announced last fall, the project was heralded as a significant change in the access to justice landscape.  As Ambrogi updates,  Ravel and Harvard have the complete collection of California caselaw online.

Speaking of legal technology and access to justice, if you’d like to contribute to A2J while at the same time honoring Bob Paolini’s service to the VBA, check out this post from a few days ago.

Thank you to everyone who offered their condolences on the Steelers playoff loss.  I’m over it and am looking forward to next season, when I’ll resume climbing the Stairway to Seven.