This Article was originally published in the June 2005 issue of GPSOLO Magazine.
The emergence of the Internet over the past decade as a conventional communications, research and law practice management tool has resulted in greater awareness of the ethical consequences of its use by lawyers and the organized bar. Although technology continues to outpace the rules that govern lawyers, the existing rules, with minor revisions, have generally been able to accommodate the use of the Internet in law practice.
There has also been a steady growth of articles and ethics opinions to guide lawyers in the use of the Internet. Although a handful of early ethics opinions became outdated as the technology changed, most opinions provide a useful resource in applying ethical standards to the use of the Internet. Over time, it has become clear that many of the ethical risks can be managed through training, the use of technical support and the exercise of professional judgment. Along the way, some states, and more recently Congress, passed laws on the use of e-mail and the Internet. Although lawyers are beginning to see a gradual relaxation in the rules restricting cross-border practice, careful attention must still be given to the specific rules in jurisdictions in which lawyers seek to communicate electronically and deliver on-line legal services.
Initially, it was thought that the Internet was an optional tool for lawyers who were technically proficient and who could afford the technology. Today, lawyers in virtually every area of practice have discovered the necessity of online access to research and information as well as the ability to communicate electronically with clients, courts and the public. The Internet is rapidly advancing the law and has significantly increased the public’s access to legal services.
Although the point has not yet been reached where lawyers must use the Internet to be competent, it is not out of the question that the use of the Internet may some day be included in the evaluation of a lawyer’s competence, or at least, a factor by which a lawyer’s conduct is measured against the accepted standard of care for purposes of professional liability. A lawyer’s duty of competence involves not only the skill and learning reasonably necessary to represent the client but also the thoroughness and preparation in handling a particular matter which includes the use of methods and procedures meeting the standards of competent practitioners.
There has been much debate on whether Internet communications are less secure than using traditional forms of communication. It was thought by some that lawyers communicating on the Internet with or about clients without encrypting their transmissions violated the principle of confidentiality. The prevailing view today is that e-mail communications pose no greater risk of interception or disclosure than commercial mail, land-line telephones and faxes. Most states agree that a communication between an attorney and client does not lose confidentiality solely because it is transmitted by the Internet or by other electronic mail. The vulnerability of privileged communications to theft and interception exist, but most states recognize that parties to electronic communications have a reasonable expectation of privacy. State and federal laws today impose civil and criminal penalties for the unauthorized use and interception of electronic communications. See 18 U.S.C. §§ 2510-2521.
The protections afforded by state and federal law do not alleviate the lawyer’s responsibility to manage the security and privacy risks inherent in electronically-generated communications. The overriding principle is that communicating electronically requires the same level of concern for protecting confidentiality and preserving the client’s privilege as are normally expected of lawyers using other forms of communication. Although lawyers are not required to always use encrypted e-mail, encryption software may be required if information communicated by electronic means is sufficiently sensitive that it is in the client’s interest to employ encryption as a greater level of security.
Lawyers must have a clear understanding of the different characteristics of e-mail systems and to employ security measures that are appropriate to the particular system in transmitting sensitive client information. Lawyers were recently advised, for example, to exercise reasonable care to prevent the disclosure of client confidential information contained in hidden “metadata” in electronically communicated documents to opposing counsel or other third parties. New York State Bar Association Formal Opinion 782 (2004). It is good practice to discuss the means by which a lawyer and client will communicate confidential information and choose a compatible electronic means of communication that is suitable for the client and the client’s matter.
Installing a software firewall, establishing a private Internet site for communications with a particular client and password-protected confidential files are commonly used techniques to preserve confidentiality in the use of the Internet. Firewalls have become increasingly important as lawyers spend more time with their computers logged onto the Internet. Firewalls and passwords are particularly appropriate when a lawyer shares space with other lawyers or communicates through the use of the Internet in an unsecured environment. Developing destruction plans for electronic information has also become a necessary tool in preserving confidentiality. Lawyers have learned, sometimes the hard way, that simply deleting a file or an e-mail is not sufficient.
The frequent use of the Internet and its many applications has resulted in an increase in the inadvertent transmission of information to one other than the intended recipient. Most lawyers typically include a notice in their e-mail communications that the message is confidential and is only intended to be read by the recipient. However, these confidentiality notices may not be adequate and overuse may reduce their effectiveness. Courts and bar association ethics committees have wrestled with the ethical obligations of an attorney who inadvertently receives an opposing party’s confidential information. Some courts have taken the view that an attorney who obtains confidential information innocently without misconduct on the attorney’s part is under no ethical obligation to return the materials to or notify opposing counsel. However, the more generally accepted view is that a lawyer who receives a document relating to the representation of the lawyer’s client and who knows or reasonably should know that the document was inadvertently sent must promptly notify the sender. See ABA Model Rule 4.4(b). The importance of preserving the attorney-client privilege and maintaining confidentiality and fairness outweighs the burden imposed on the sender in waiving the privilege and imposes on the recipient attorney an ethical obligation to promptly notify the sender and allow that attorney to take protective measures. Whether the receiving attorney has the additional obligation to return the documents or information to the sender, or whether the privilege has been waived, are beyond the scope of Model Rule 4.4(b).
Some state courts require immediate notification and return of clearly privileged documents. This was the view adopted earlier in ABA Formal Opinions 92-368 and 94-382. Whether the revisions to Rule 4.4(b) supersede the obligation to return the privileged information as opposed to simply notifying the sender remains to be seen. Lawyers are cautioned to check the rules, ethics opinions and case law in jurisdictions in which they are authorized to practice.
The Internet is capable of reaching more people more efficiently who are in need of legal advice and services. Internet law practice or e-lawyering includes on-line legal advice and preparing documents and legal products for consumers. Law firms are discovering that the Internet makes it easy to provide limited task-based legal services, also known as “unbundling.” Consumers can peruse a menu of products and services and request limited task-based services at a reduced cost. Lawyers can team with an Internet provider to provide interactive forms for consumers with the lawyer providing the professional content and the Internet provider providing the medium in which the forms are accessed. The legal services the lawyer provides are “unbundled” from other traditional legal services lawyers offer clients.
Several states permit rendering on-line legal services subject to the same constraints that govern other methods of delivering legal services. Some states have developed ethical guidelines for on-line practice, including (i) placing an on-line intake form on the attorney’s website that allows for a conflicts check before responding to a legal inquiry, (ii) protecting confidential information submitted on-line by a prospective client as well as e-mail clients the lawyer has agreed to undertake, (iii) requiring that the lawyer render on-line legal advice with competence and (iv) precluding legal advice on-line to clients in jurisdictions in which the lawyer is not licensed to practice unless permitted by the rules of that jurisdiction.
As technology has become more sophisticated, legal services are now available through various Internet applications, including the use of application service providers and extranets. An extranet provides a web-based interface for clients to check the status of their case or legal matter, review documents, access databases and interact with their attorneys. Application service providers or ASPs provide a variety of legal products and services on the Internet including on-line document assembly, collaboration tools, e-mail and file storage.
A fair amount has been written on the ethical risks in the use of ASPs. Ethical concerns include attorney-client confidentiality, conflicts of interest, competence, impermissible fee sharing, and proper diligence. So far, there has been little guidance from courts or bar associations on the use of ASPs. However, it is unlikely that lawyers and law firms will be precluded from utilizing ASPs and other internet applications in the delivery of legal services. Instead, lawyers utilizing web-based technologies will remain ultimately responsible for insuring that the use is compatible with applicable ethics standards. Reasonable precautions include disclosing to the client the capabilities and limitations of the particular web-based service being offered, implementing procedures to protect client files and information, backing up data and avoiding conflicts of interest where the ASP provides similar services to other parties involved in the client’s case or legal matter.
Law Office Support Services
The Internet also affords lawyers with access to an increasing variety of back-office functions. Examples include web-based calendaring systems, case management and litigation support programs, time and billing services, document management and accounting services. Most of these capabilities involve the outsourcing of confidential data and information and raise questions regarding the security and reliability of the Internet service provider as well as the functionality of the law office support services being offered.
These web-based services are presently in use and more law firms, both large and small, will foreseeably access these applications in the future. The improving technology and benefits, particularly to solo and small firms, are significantly significant that it is not realistic to conclude that the ethical risks will invariably outweigh the use of these Internet applications.
However, lawyers taking advantage of Internet technology in the management and operation of their law practices will have to be increasingly skilled in mastering the technological aspects of the particular application being considered, negotiate appropriate contracts with vendors and diligently supervise the on-line support services to the same extent lawyers traditionally have done with respect to support services performed in-house.
The increased use of the Internet has had an impact, for example, on the lawyer’s responsibilities in maintaining the client “file.” Traditional notions of what constitutes the client file are changing and lawyers are required to consider what information belongs to the client and must be accessible to the client during the representation and what information must be delivered to the client or the client’s successor counsel upon termination of the engagement. Lawyers are learning, sometimes by an unfortunate experience, that electronic storage and retrieval of client documents and information can be complicated and that file materials belonging to the client can be misplaced or lost. Storing and maintaining client documents and information electronically must not only be secure but must also be accessible and retrievable over time.
The use of the Internet as a means of providing information regarding the availability of legal services has spawned a series of disparate rules and statutes across the country. Some of the state law governing lawyer advertising has become outdated and is in need of revision. The California legislature, for example, passed a series of laws in 1993 regulating electronic media advertising primarily in response to concerns over television advertisements. See California Business and Professions Code § 6157 – 6159.2. However, because the statutes refer to the use of “computer networks,” the penalties and other provisions apply to attorney websites.
Lawyers will continue to have to reconcile a host of differing ethical standards in seeking to advertise on the Internet in more than one jurisdiction. Despite these disparate rules, several common themes have emerged. It is generally accepted that lawyer websites are advertising under the state ethics rules and electronic advertising is permitted subject to the particular state counterparts to Model Rule 7.1 – 7.5. The primary touchstone is that a communication concerning a lawyer’s services must not be false or misleading, which generally means that it must not contain a material misrepresentation of fact or law or omit a fact necessary to make the statement, considered as a whole, not materially misleading. Disclaimers and disclosures in Internet communications are generally recommended to notify users where the communicating attorneys is authorized to practice and who the intended recipients of the communication are in order to avoid unauthorized practice of law concerns.
Many states require e-mail advertisements like regular mail to be labeled as “Advertising Materials” at the beginning and ending of the communication. E-mail is also generally treated as regular mail in requiring that the communication include the name and office address of at least one lawyer or law firm responsible for its content. Some states require filing a web site “home page” with the state bar while others require filing changes (or “material” changes) to the site.
Most states require lawyers to keep copies of their electronic communications for a specific period of time, although the ABA recently deleted this archiving requirement in Model Rule 7.2(b). It is also generally accepted that an attorney must exercise reasonable control over the content of information about the attorney in a commercial website or legal directory operated by a application service provider that markets the particular lawyer’s services.
A number of advertising issues remain unresolved. For example, Model Rule 7.3(b) was changed in 2002 to prohibit a lawyer from soliciting professional employment from a prospective client by “real time” electronic contact (unless the person contacted is a lawyer or a family member or one who has a close personal or prior professional relationship with the contacting lawyer). Ethics opinions in a number of states, including Florida, Michigan, Oregon, Utah, Virginia and West Virginia have reached the same conclusion. Other states either have not addressed the issue or, like California, have concluded that Internet chat-room communications with prospective clients do not invariably constitute prohibited solicitation. See California State Bar Formal Opinion 2004-166.
The use of a “domain name” as an electronic address or as a firm or trade name has not been fully resolved, although the Model Rules were amended in 2002 to treat a domain name as a communication under the advertising rules. See Model Rule 7.5. Lawyers have not been provided with sufficient guidance on the use of metatags, which can affect the results of a search for information on the Internet. The extent to which a lawyer or law firm is responsible for the content of hyperlinks also remains unresolved.
What rules apply to Internet advertising outside the jurisdiction in which the communicating lawyer is admitted to practice can raise complex questions. Finally, the effectiveness of disclaimers in keeping an attorney’s website from being deemed an advertisement or a vehicle for unauthorized practice of law in other jurisdictions remains to be seen.
Today, lawyers can no longer simply look to state ethics rules to determine what is permissible advertising on the Internet. Effective January 1, 2004, marketing and advertising e-mails sent by attorneys are regulated by the federal CAN SPAM Act of 2003 (“Controlling the Assault on Non-Solicited Pornography Marketing Act of 2003) [15 USC § 7701 et seq.]. The Act applies to any commercial electronic mail message whose primary purpose is commercial advertising or promotion of a commercial product or service, including the content of an Internet website operated for commercial purposes. The Act regulates both senders of “spam” and those that procure “spamming services.” Thus, an attorney’s knowing failure to prevent “spammers” from promoting the attorney’s services can result in liability under the Act.
Along with other restrictions, the Act requires e-mail advertisements to include a valid return address, a physical postal address and an indication that the e-mail is a solicitation. Commercial e-mails must also include an opt-out mechanism and must not have false or misleading “header” information or deceptive subject lines. The Act expressly preempts state laws that regulate commercial e-mail, except to the extent state laws or rules prohibit false or deceptive electronic mail messages or attached information.
As the on-line delivery of legal services becomes more commonplace, it is foreseeable there will be increased tension with respect to rules regulating the practice of law and rules preventing the sharing of legal fees with non-lawyers and the integration of legal and non-legal services to the public. The challenge for the legal profession will be to manage the use of the Internet in serving clients to preserve the integrity of the attorney-client relationship, protect confidentiality of client information and render legal services with the same level of competence and professional independence that is required in the more traditional in-person environment.
About the Author
Mark L. Tuft is a partner with Cooper, White & Cooper LLP, in San Francisco, where he specializes in representing attorneys and law firms on professional responsibility and liability matters. He is a vice chair of the California State Bar Commission for the Revision of the Rules of Professional Conduct and is an adjunct professor at the University of San Francisco School of Law where he teaches legal ethics. He is also a co-author of the California Practice Guide on Professional Responsibility. Mr. Tuft can be reached at email@example.com.