Why lawyers should be paranoid about client confidentiality

Print This Post

11 December 2017

Posted by Teresa Matich, a writer for Legal Futures Associate Clio

Facebook: Risk of inadvertent disclosure

In April 2016, a lawsuit was filed claiming one Chicago-based law firm had failed to protect confidential client information.

The suit didn’t accuse lawyers at the firm of inadvertently sharing client information. In fact, according to The American Lawyer, “[t]he complaint makes no claim that data was stolen or used against clients.” The claim solely focused on the fact that lax data security could have put client information at risk.

In other words, fail to take proper precautions to protect client confidentiality, and you could find yourself in hot water – whether your lack of preparedness breaches confidentiality or not.

All lawyers are, of course, under a professional obligation to uphold client confidentiality. However, adhering to those rules is anything but basic, especially in the modern era.

More information gets shared on social media each day. Consider: Facebook users send 31.25 million messages per minute; Twitter users send nearly 350,000 tweets per minute; Instagram users post almost 50,000 photos each minute.

If you’re a lawyer, you need to take extra care when using social media. There are plenty of ways your tweets or posts could inadvertently breach client confidentiality.

For instance, if you use Swarm to check in at a coffee shop during a client meeting, you could inadvertently disclose your client’s location as well. This may be an issue if your client wishes to remain anonymous, or if they don’t want it to be known that they’re using legal representation.

Photos can also be problematic. You may be more mindful than lawyer and politician Kris Kobach, who accidentally revealed notes on proposed immigration policy in a photo with Donald Trump. You should always be hyper-aware of what might be in the eye of a camera lens.

Your daughter could take an impromptu photo while you’re catching up on some work at the dining room table; if there’s any sensitive information is visible in the image, you need to make sure that photo doesn’t get posted online (and does get deleted from her device).

Does this mean you need to stop using social media? No. But you do need to reconcile the norm of sharing information online with the need to keep client information confidential.

Here are a few things you can do to ensure you’re protecting client information:

  • Go private on Facebook. This is a simple step for all lawyers (and for anyone using Facebook, for that matter). Go to ‘Settings’, then ‘Privacy’, and set all of the visibility options so that only ‘Friends’ can see your profile. If you want to market your law firm on Facebook, set up a separate Facebook page – and be extra mindful of the information you’re sharing on it.
  • Use two-factor authentication. Using two-factor authentication to protect your online accounts is one of the most effective steps you can take to protect client information. Read about why it works and how to implement it in this list of mobile security tips (two-factor authentication is number four on the list).
  • Be wary of live mic technology. Someone’s always listening. Amazon hasn’t given up user data in this now-infamous murder case from late 2016, but you should still be aware of when and where you’re discussing client information.

In short, you want to do everything you can to prevent unauthorised access to client information. As we head into 2018, that means a lot more than just closing the door each time you meet with clients.

The tips outlined here make up just the tip of the iceberg when it comes to client confidentiality. Clio’s lawyer in residence, Joshua Lenon, together with Alli Gerkman, director of Educating Tomorrow’s Lawyers, gave a much more in-depth overview of the subject in this webinar, Client Confidentiality in the Digital Age. You can watch it for free here.

Don’t get caught disclosing confidential information – even inadvertently.

One Response to “Why lawyers should be paranoid about client confidentiality”

  1. Interesting that you do not mention the Legal directory submissions, when a whole lot of client information is passed to commercial publishing companies.

  2. SD on December 15th, 2017 at 6:55 pm

Leave a comment

* Denotes required field

All comments will be moderated before posting. Please see our Terms and Conditions

Legal Futures Blog

Three reasons why you should be more vigilant about the emails you send in 2018

Ben Mitchell DocsCorp

In December 2017, the Information Commissioner’s Office (reported that data security incidents between April and June 2017 had increased by 15% compared to the previous year. This is nothing new – data breaches have been on the rise for years. Yet law firms are often more concerned about protecting sensitive information from external threats than from a far more likely cause: human error. Human error was behind the forwarding of confidential plans from The Bank of England to The Guardian. The sender included the wrong recipient in the email and, ever since, autocomplete has been disabled and staff at the UK’s main financial regulator must now enter every single address manually.

January 17th, 2018