Why lawyers should be paranoid about client confidentiality

Posted by Teresa Matich, a writer for Legal Futures Associate Clio

Facebook: Risk of inadvertent disclosure

In April 2016, a lawsuit was filed claiming one Chicago-based law firm had failed to protect confidential client information.

The suit didn’t accuse lawyers at the firm of inadvertently sharing client information. In fact, according to The American Lawyer, “[t]he complaint makes no claim that data was stolen or used against clients.” The claim solely focused on the fact that lax data security could have put client information at risk.

In other words, fail to take proper precautions to protect client confidentiality, and you could find yourself in hot water – whether your lack of preparedness breaches confidentiality or not.

All lawyers are, of course, under a professional obligation to uphold client confidentiality. However, adhering to those rules is anything but basic, especially in the modern era.

More information gets shared on social media each day. Consider: Facebook users send 31.25 million messages per minute; Twitter users send nearly 350,000 tweets per minute; Instagram users post almost 50,000 photos each minute.

If you’re a lawyer, you need to take extra care when using social media. There are plenty of ways your tweets or posts could inadvertently breach client confidentiality.

For instance, if you use Swarm to check in at a coffee shop during a client meeting, you could inadvertently disclose your client’s location as well. This may be an issue if your client wishes to remain anonymous, or if they don’t want it to be known that they’re using legal representation.

Photos can also be problematic. You may be more mindful than lawyer and politician Kris Kobach, who accidentally revealed notes on proposed immigration policy in a photo with Donald Trump. You should always be hyper-aware of what might be in the eye of a camera lens.

Your daughter could take an impromptu photo while you’re catching up on some work at the dining room table; if there’s any sensitive information is visible in the image, you need to make sure that photo doesn’t get posted online (and does get deleted from her device).

Does this mean you need to stop using social media? No. But you do need to reconcile the norm of sharing information online with the need to keep client information confidential.

Here are a few things you can do to ensure you’re protecting client information:

  • Go private on Facebook. This is a simple step for all lawyers (and for anyone using Facebook, for that matter). Go to ‘Settings’, then ‘Privacy’, and set all of the visibility options so that only ‘Friends’ can see your profile. If you want to market your law firm on Facebook, set up a separate Facebook page – and be extra mindful of the information you’re sharing on it.
  • Use two-factor authentication. Using two-factor authentication to protect your online accounts is one of the most effective steps you can take to protect client information. Read about why it works and how to implement it in this list of mobile security tips (two-factor authentication is number four on the list).
  • Be wary of live mic technology. Someone’s always listening. Amazon hasn’t given up user data in this now-infamous murder case from late 2016, but you should still be aware of when and where you’re discussing client information.

In short, you want to do everything you can to prevent unauthorised access to client information. As we head into 2018, that means a lot more than just closing the door each time you meet with clients.

The tips outlined here make up just the tip of the iceberg when it comes to client confidentiality. Clio’s lawyer in residence, Joshua Lenon, together with Alli Gerkman, director of Educating Tomorrow’s Lawyers, gave a much more in-depth overview of the subject in this webinar, Client Confidentiality in the Digital Age. You can watch it for free here.

Don’t get caught disclosing confidential information – even inadvertently.

    Readers Comments

  • SD says:

    Interesting that you do not mention the Legal directory submissions, when a whole lot of client information is passed to commercial publishing companies.

Leave a Comment

By clicking Submit you consent to Legal Futures storing your personal data and confirm you have read our Privacy Policy and section 5 of our Terms & Conditions which deals with user-generated content. All comments will be moderated before posting.

Required fields are marked *
Email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.