Cloud Computing: Secure Client Communications And Security At The Border

30
Aug
2017

Nicole Black

The practice of law has changed significantly over the past decade, in large part due to technological innovation. One major factor contributing to the rapid pace of change has been the rise of mobile and cloud computing. With the iPhone’s release in 2007, it was suddenly possible for lawyers to practice law and access important case-related information stored in the cloud from anywhere at anytime.

Since then, law firms have embraced the convenience and flexibility of cloud computing, using their mobile devices to track billable time, access documents, view contact and calendar information, and securely communicate with clients. Because the ability to practice law from anywhere offers so many benefits, it’s no surprise that the number of law firms incorporating these tools into their technology arsenals has increased significantly year over year. 

Another reason more law firms are using cloud computing software is for security and ethical reasons. With the rapid advancements in technology, the cloud is often the most secure way to protect confidential client information. 

For example, the effects of this rapidly changing technological landscape were recognized earlier this summer by the American Bar Association when it issued Formal Opinion 477. In this opinion, the ABA Standing Committee on Ethics and Professional Responsibility concluded that because there are more secure electronic communication methods available in 2017 than in year’s past, lawyers will need to consider avoiding email for some client communications and use other, more secure electronic methods instead.

As explained in the opinion, lawyers must take into consideration a number of different factors when determining the best, most secure method for communicating with clients. This determination must be made on a case-by-case basis and issues to be considered include:

• the sensitivity of the information;
• the likelihood of disclosure if additional safeguards are not employed;
• the cost of employing additional safeguards;
• the difficulty of implementing the safeguards; and
• the extent to which the safeguards adversely affect the lawyer’s ability to represent clients (e.g., by making a device or important piece of software excessively difficult to use).

The Committee explained that “(a) fact-based analysis means that particularly strong protective measures, like encryption, are warranted in some circumstances.” The Committee also cautioned that while using unencrypted email may be appropriate for routine or low sensitivity communications, due to “cyber-threats and (the fact that) the proliferation of electronic communications devices have changed the landscape…it is not always reasonable to rely on the use of unencrypted email.”

One option offered by the Committee to ensure secure communication with clients is to use a cloud-based client portal: “A lawyer has a variety of options to safeguard communications including, for example, using secure internet access methods to communicate, access and store client information (such as…(a) secure internet portal).”

Similarly, the New York City Bar Association recently opined on the benefits of lawyers using cloud computing in Formal Opinion 2017-5. In this opinion, the Professional Ethics Committee addressed the ethical obligation of lawyers to “protect confidential information prior to crossing a U.S. border, during border searches, and thereafter.” 

In part, the Committee concluded that before crossing the U.S. border, attorneys must undertake reasonable efforts to protect confidential information. Notably, the Committee explained that one of the best ways to protect client data from disclosure is to ensure that no data is stored locally on mobile devices. 

The Committee then recommended two methods to keep data off of mobile devices: encrypt the devices or store the data in cloud. The Committee opined: “A lawyer…who handles more sensitive information should consider technological solutions that permit secure remote access to confidential information without creating local copies on the device; storing confidential information and communications in secure online locations rather than locally on the device; or using encrypted software to attempt to restrict access to mobile devices.”

In other words, as cloud-based technology changes and improves, what was once considered a security risk is now the solution to many security concerns. Cloud computing software for lawyers is ethical and, in many cases, is the most secure method for storing confidential client data and communications. Times are changing. Is your law firm keeping up?