Attorneys have long had a love-hate relationship with technology. On the one hand, technology offers an opportunity to leverage a firm’s intellectual capital. It allows lawyers to work smarter instead of harder. And it can provide a strategic advantage in communications and marketing. On the other hand, it can be downright dangerous. Without sufficient training and understanding, lawyers can commit serious blunders, even malpractice, using their computers.
Now some of you may not be aware that certain states are leaders in certain areas. For example, California is a clear leader in human resource issues. Many of us in the trenches in other states think those in CA are rather nutty in terms of the “rights” conferred on workers, to the detriment of employers. But as the saying goes in human resources, what starts in CA ultimately spreads in one form or another to other states.
It seems that Florida is such a leader in terms of ethics and lawyer’s use of technology. First, there was the hue and cry from the FL bar concerning a young lawyer who used metadata to his advantage against a more senior attorney who had no clue his document included metadata. The FL Bar’s Board of Governors wanted to take steps to make use of metadata a violation of professional ethics. As one of my colleagues at another state bar commented:
. . . a younger, more technologically sophisticated lawyer “tricked” an older lawyer he hoped wouldn’t have a clue about metadata into divulging information about the case. It’s no different, and no more or less unethical, than an older lawyer inviting his younger opposing counsel out for a drink the night before a hearing, in the hope that maybe she’ll have one too many and divulge information she shouldn’t, or at least be too hung-over to effectively argue the motion. Perhaps that should be banned, too?
More recently, a rumor was floating among my colleagues that FL was considering a requirement that attorneys pass a test in law firm technology concepts and pitfalls, in addition to the bar exam. My colleague, J.R. Phelps,of the FL Bar Association, assures us that is not the case. But in the interim we had fun imagining FL lawyers with a dual J.D. (juris doctorate) and J.G. (juris geek) degree designation.
What exactly is metadata, and why is it problematic? What other exposures are there out there? What are your requirements in PA to know of these things? Can I really be sued (and lose) for malpractice if I don’t know?
Well, let’s start with the bad news. Yes you can be sued. You need to take reasonable steps to protect and preserve confidential client information. More and more states are coming out with formal and informal opinions as to what this means. For example, take a look at the VA State Bar Opinion 1818 which just scrapes the surface in relation to maintenance of electronic client files and documents.
Thus far reasonable steps have been cited to include use of (currently maintained) anti-virus software, firewall software, passwords for system access, and regular back-up. In addition, if you exchange documents of any type with the outside world, you need to be aware of and take remedial steps to remove metadata.
A recent event I became aware of from several sources highlighted to me that my relatively high level of knowledge is still not adequate. I always associated dangers of metadata with the edited text of the document, and information regarding the document itself. I never realized that a digital photo could reveal as much or more as the remaining document. This story in the Washington Post recounts how a hacker was interviewed under the cloak of anonymity. But if you read further, for example this blog post, you will see that readers used metadata in the photograph to locate almost the exact block of the hacker’s residence. So much for the Post’s guarantee of anonymity. What a monumental blunder.
For great information to assist you in understanding metadata and the associates risks of failing to remove it, check out the following sources:
Jim Calloway’s Law Practice Tips blog has several good posts including one here and here.
Article by colleague Dan Pinnington in ABA’s Law Practice Today.
ABA article entitled “What’s the Meta with Metadata?”
An excellent article entitled “Mining the Value from Metadata” on the Discovery Resources Web site by well known and highly regarded eDiscovery and law firm technology experts Dennis Kennedy, Evan Schaeffer, and Tom Mighell.
There are two points to this post. First, you must educate yourself, and your clients, concerning these risks. Second, you must take reasonable precautions to avoid the risks. I don’t have to tell you where to go for anti-virus, firewall etc. Everyone knows. As to Metadata, let’s start with these available tools for you to explore:
Metadata Scrubber
Workshare Protect
Payne Consulting Metadata Assistant
ezClean
iScrub
==========
To return to the main page of the blog, click here. To return to the blog Index, click here.
[...] This isn’t the last you will be hearing of this issue. Exposure and risk come in all forms. For yet another example, take a look at my recent post on Metadata. Bottom line? You need to keep up on the latest developments in order to understand the issues, and avoid the risks. [...]