Representing Clients Ethically in the Digital Age

While technical competence is the ethical standard for attorneys, what may be less clear is how to achieve it. How do lawyers become familiar with the basic features of technologies and their benefits and risks? How do they understand the complexities of ESI and the underlying metadata? The short answer is that just as attorneys are expected to keep current with legal developments in substantive or procedural areas of the law, Comment 8 advises attorneys to “engage in continuing study and education,” including CLEs. There was a time when attorneys could throw up their hands and tell a court, “I don't even know what 'native format' means!” and the court would nod in sympathy. But those times are past. A California judge, unamused, recently shot back: “You'll have to find out. I know. Apparently [opposing counsel] knows. You're going to have to get educated in the world of ' electronic discovery. ESI is here to stay, and these are terms you're just going to have to learn.” Ellis v. Toshiba Am. Info. Sys., Inc., 160 Cal. Rptr. 3d 557, 859 n. 4 (Cal. Ct. App. 2013).

The importance of understanding technology becomes obvious when considering the discovery process. Attorneys who do not understand technology themselves may be tempted to let their clients define the preservation and discovery obligations for ESI, but is easy to imagine the repercussions of leaving clients in the driver's seat on these issues ' spoliation of evidence, creation of harmful evidence, and waiver of the attorney-client privilege, to name a few. Beyond discussing generic document retention policies and the existence of network servers with a client, attorneys must explore with their clients questions like who are the custodians of potentially relevant electronic information, where are hard drives located, what other forms of technology and social media platforms are used, what information may be stored on the cloud, and whether non-company computers may contain data within your client's custody, possession, or control. The answers will inform the Rule 26(f) conference, since the Federal Rules of Civil Procedure anticipate that ESI will be discussed with opposing counsel early on in litigation.

A Starting Point

The Sedona Conference has developed a helpful outline that attorneys can use as a starting point for these conversations with clients and opposing counsel. (See The Sedona Conference “Jumpstart Outline”: Questions to Ask Your Client & Your Adversary to Prepare for Preservation, Rule 26 Obligations, Court Conference & Requests for Production (Mar. 2011), available at http://bit.ly/18Ugu5W).

Preserving Client Confidentiality

Litigation is not the only context where technological competence is required; in the digital age, almost every client interaction is shaped by technology. Calls are scheduled and files are transferred via e-mail, voicemail is saved digitally and is accessible across a variety of platforms, documents are hosted and accessed through the cloud, and notes are maintained electronically via computer, tablet, or smart phone. Regardless of the technology used, attorneys must be mindful of their obligations to maintain client confidentiality ' the obligation to protect client information is an active and affirmative one.

Recent hacks, like those against Anthem, Sony, Home Depot and JPMorgan, highlight the importance of taking steps to ensure the security of client information and communications. In 2012, the ABA introduced new guidelines for protecting client confidences and case information by adding a new subsection to Model Rule 1.6: “A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” Model Rule 1.6(c). New Comment 18 to Model Rule 1.6 specifies that attorneys should “act competently to safeguard information relating to the representation of a client against unauthorized access by third parties and against inadvertent or unauthorized disclosure” by the attorney or others participating in the representation or under the attorney's supervision. If a lawyer “has made reasonable efforts to prevent the access or disclosure,” however, “unauthorized access to, or the inadvertent or unauthorized disclosure of, information relating to the representation of a client” does not constitute a violation of Model Rule 1.6(c).

Factors to be considered in determining the “reasonableness” of the lawyer's efforts under Model Rule 1.6(c) include “the sensitivity of the information, the likelihood of disclosure if additional safeguards are not employed, the cost of employing additional safeguards, the difficulty of implementing the safeguards, and the extent to which the safeguards adversely affect the lawyer's ability to represent clients (e.g., by making a device or important piece of software excessively difficult to use),” but are not limited to these considerations. Comment 18 to Model Rule 1.6. Thus, a client may require the lawyer to implement special security measures not required by the Model Rules, or may agree (after being apprised of the risks in doing so) to forgo security measures otherwise required by Model Rule 1.6.

The means by which attorneys and clients choose to communicate may implicate Model Rule 1.6. For instance, clients that use company-issued computers to communicate with their attorneys may unintentionally waive the attorney-client privilege. Courts have reached inconsistent conclusions when analyzing whether the attorney-client privilege has been waived by virtue of an employee using an employer's computer or other equipment to communicate with counsel. An Idaho federal court recently held that e-mails between an individual and her attorney from her work e-mail address were not privileged because the employer had a policy of e-mail monitoring and storage that was clearly in effect in the workplace, and that undermined any expectation of privacy she may have had. Alamar Ranch, LLC v. County of Boise, No. CV'09'004, 2009 WL 3669741 at **3'4 (D. Idaho Nov. 2, 2009). But other courts have held that if employees e-mail their attorneys from work computers using a personal e-mail account, then attorney-client privilege was not waived. See Stengart v. Loving Care Agency, 201 N.J. 300, 322'23 (N.J. 2010) (noting employee's intent that the e-mails remain private); Curto v. Medical World, No. 03-CV-6327, 2006 WL 1318387 (E.D.N.Y. May 15, 2006) (noting ambiguity in the employer's policy that it “may use human or automated means to monitor use of computer resources.”). Therefore, attorneys must take precautions when they know or have reason to believe that a client is using his or her employer's devices to send or access privileged client-attorney communications, according to one ethics opinion. ABA Standing Commission on Ethics and Professional Responsibility, Formal Op. 11-459, Aug. 4, 2011. Further, counsel should research the case law for their jurisdiction so that they can give accurate advice to clients about potential risks associated with communicating electronically.

The means by which attorneys create and store client information also may implicate Model Rule 1.6. With each new advance in technology, the volume of information created increases exponentially. According to the University of California at Berkeley, the volume of information created in 2010 alone was 1,350 exabytes, or the equivalent of 9,990,000 new Libraries of Congress. Unsurprisingly, much of this information is stored electronically or on the cloud.

Attorneys who use Gmail, Yahoo or DropBox for online storage or communications should be familiar with cloud computing, which allows individuals to access applications and store information remotely, without physically buying and installing software or saving to a local storage device. The professional rules create an obligation to protect client confidences with respect to the largest infrastructural commitment by any law practice: storage of client data. Cloud computing undoubtedly offers a number of benefits to law practices of all sizes, including reduced cost and increased accessibility from any location with an Internet connection, but law firms must take steps to ensure the integrity and security of any information stored on the cloud.

Despite how prevalent cloud computing is among law firms today, no nationwide best practices or standards have been developed. So far, 19 states have issued ethics opinions on the use of cloud computing, all of which permit its use so long as the attorneys apply reasonable care. See Am. Bar Ass'n, Cloud Ethics Opinions Around the U.S., http://bit.ly/1aMZaR5. Many of these opinions require or recommend that the attorneys assess various criteria including storage, security (password protection and encryption), and confidentiality (limitations on third-party access). Some opinions recommend consulting an expert or verifying company ownership.

The ABA advises, in Comment 19 to ABA Model Rule 1.6:

[w]hen transmitting a communication that includes information relating to the representation of a client, the lawyer must take reasonable precautions to prevent the information from coming into the hands of unintended recipients.

The ABA also has amended Model Rule 5.3, regarding lawyers' responsibilities when relying upon non-lawyer assistance, to require lawyers to “make reasonable efforts to ensure” that services are provided in a manner compatible with the lawyer's professional obligations. This includes electronic storage service provided by third-party vendors or cloud computing platforms. Thus, selecting a cloud vendor requires a deeper understanding of the various ways in which that vendor will allow attorneys to meet their ethical obligations.

One expert recommends that attorneys consider the following when evaluating cloud computing services:

• Will I have unrestricted access to the stored data?
• Have I stored the data elsewhere so that if access to my data is denied I can acquire the data via another source?
• Have I performed due diligence regarding the company that will be storing my data?
• Is it a solid company with a good operating record, and is its service recommended by others in the field?
• In which country and state is it located, and where does it do business?
• Does its end user's licensing agreement (EULA) contain legal restrictions regarding its responsibility or liability, choice of law or forum, or limitation on damages?
• Likewise, does its EULA grant it proprietary or user rights over my data?
• What is the cost of the service, how is it paid, and what happens in the event of nonpayment?
• In the event of a financial default, will I lose access to the data, does it become the property of the company, or is the data destroyed?
• How do I terminate the relationship with the company?
• What type of notice does the EULA require?
• How do I retrieve my data, and does the company retain copies?
• Are passwords required to access the program that contains my data?
• Who has access to the passwords?
• Will the public have access to my data?
• If I allow non-clients access to a portion of the data, will they have access to other data that I want protected?
• Recognizing that some data will require a higher degree of protection than other data, will I have the ability to encrypt certain data using higher level encryption tools of my choosing?

Nicole Black, Ethics of Cloud Computing for Lawyers, http://bit.ly/1B7uSSM.

Avoiding Ethical Pitfalls in Social Media

Technology, in the form of social media, has provided new avenues of informal discovery for attorneys. While most attorneys understand their ethical obligations regarding traditional discovery, recent disciplinary proceedings illustrate how attorneys may be more likely to disregard ethical obligations when it comes to online communications, whether in the form of personal websites or social media accounts. These ethical obligations include truthfulness in statements to others or communications with individuals other than one's own clients.

Social media serves as a new repository of potentially relevant information. Conversations that would have taken place by e-mail 10 years ago, and around the water cooler 20 years ago, now happen via Facebook and Twitter. Photos, which may contain incriminating images, are memorialized and conveniently “tagged.” By simply “friending” a potential witness or following a Twitter feed, an attorney can gain access to information contained on those social media sites. Informal discovery has long been an accepted (or encouraged) means of gathering evidence and information.

Informal discovery is not without limits, however. Model Rules 4.1, 4.2, and 4.3 all set forth guidelines for engaging in informal discovery. Model Rule 4.1 prohibits and attorney from making a false statement or material misrepresentation in the course of representing a client. ABA Model Rule 4.1(a). Model Rule 4.2 prohibits ex parte communications with a represented party, unless the represented party's attorney has given consent or the communication is authorized by law or court order. ABA Model Rule 4.2. Model Rule 4.3 prohibits attorneys from stating or implying that they are disinterested when communicating with an unrepresented person. ABA Model Rule 4.3.

Ethical opinions generally agree that there is nothing untoward in a lawyer browsing a website available to the general public. See, e.g., N.Y. State Bar Ass'n Comm. on Prof'l Ethics, Op 843 (2010). Thus, a lawyer may look at public social media websites to investigate a potential witness. But the guidelines are not so clear when the lawyer wants to access the private information available on a potential witness's social media account by “friending” or “following” that individual.

What if the lawyer sends a social media request that discloses the requester's true name, but not the fact that the lawyer has a role in a pending legal matter? Advisory opinions from Philadelphia and New Hampshire found that type of solicitation to be deceitful because it omits material information. The Philadelphia Bar Association Professional Guidance Committee was asked whether a lawyer could engage the services of a third party to attempt to gain access to the witness by “friending” the witness on Facebook and MySpace, but without revealing that the third party would be mining for information to give to the attorney. Phila. Bar Ass'n Prof'l Guidance Comm., Op. 2009-02 (2009). The Committee's reply was unequivocal: “[d]eception is deception” and that includes “friending” under false pretenses Id. at 3. In finding the proposed acts deceitful, the Advisory Committee likened the social media networks as “private areas” closed to the general public, as opposed to public areas, such as outside surveillance videos of plaintiffs litigating a tort action. Id. Thus, the proposed contact would violate Rules 8.4 (prohibiting dishonesty, fraud, deceit or misrepresentation), 4.1 (truthfulness in statements to others), and 5.3 (supervision of third-party non-lawyers).

When the New Hampshire Ethics Advisory Committee addressed a similar question, on behalf of attorneys who proposed to disclose their real names but not their role through a Facebook or Twitter request, the Committee also found the lawyers' failure to disclose their full identity and role in pending litigation is intended to deceive. N.H. Ethics Comm., Advisory Op. 2012-13/05 (2012). Neither the New Hampshire nor the Philadelphia opinion found that that the proposed contact would violate Rule 4.3's prohibition against an attorney implying to an unrepresented party that the attorney is disinterested, ostensibly because Rule 8.3's prohibition against deception is sufficiently broad. Phila. Bar Ass'n Prof'l Guidance Comm., Op. 2009-02 at 4, n.1.

The New York City Bar Association's Committee on Professional Ethics reached a somewhat different conclusion when considering whether an attorney “may resort to trickery via the Internet to gain access to an otherwise secure social networking page and the potentially helpful information it holds.” N.Y.C. Bar Ass'n Comm. on Prof'l Ethics, Formal Op. 2010-2 (2010). The Committee concluded that if an attorney or investigator “friends” a witness using only truthful information (i.e., the requestor's real name and profile), subject to compliance with all other ethical rules, the requestor is not obligated to disclose the reasons for making the “friend” request.

Conclusion

As technology develops, attorneys will have at their disposal additional means of communicating with clients, storing information, and conducting discovery or witness research. Harnessing advances in technology to complement traditional lawyering methods may even provide litigators with a tactical advantage for clients. But attorneys must exercise caution and remember that while technologies change, the ethics rules still apply and their basic principles (competence, due diligence, honesty, and fairness) remain the same.

Cara E. Greene, a member of this newsletter's Board of Editors, is a partner at Outten & Golden LLP in New York City, where she represents partners and employees exclusively, with a special emphasis on representing attorneys in their partnership and employment matters. Shirley Lin is an associate at the firm.

'

SPECIAL OFFER: Twitter, LinkedIn, Facebook and Google+ followers can get an online subscription to Law Firm Partnership & Benefits Report for only $299. Click here, select Digital Only and use promo code LFPBOL299 at checkout. This offer is valid for new subscribers only.

'

The days are gone when all that attorneys needed to practice law was a typewriter and a telephone. As soon as an attorney breathes a sigh of relief for learning what “TIFF” and “ESI” stand for (that's “tagged image file format” and “electronically stored information,” by the way), the legal landscape shifts as the technology changes yet again. While technology is constantly evolving, attorneys' ethical duties to provide competent representation and preserve confidentiality remain the same. From initial intake through litigation, technical competence is required.

Tech Competence As an Ethical Requirement

In 2012, the ABA modernized several of its Model Rules of Professional Conduct to account for changes in technology, starting with Model Rule 1.1 ' Competence. The ABA amended the Comments to Model Rule 1.1 to state that a lawyer “should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology.” Comment 8 to ABA Model Rule 1.1.

While technical competence is the ethical standard for attorneys, what may be less clear is how to achieve it. How do lawyers become familiar with the basic features of technologies and their benefits and risks? How do they understand the complexities of ESI and the underlying metadata? The short answer is that just as attorneys are expected to keep current with legal developments in substantive or procedural areas of the law, Comment 8 advises attorneys to “engage in continuing study and education,” including CLEs. There was a time when attorneys could throw up their hands and tell a court, “I don't even know what 'native format' means!” and the court would nod in sympathy. But those times are past. A California judge, unamused, recently shot back: “You'll have to find out. I know. Apparently [opposing counsel] knows. You're going to have to get educated in the world of ' electronic discovery. ESI is here to stay, and these are terms you're just going to have to learn.” Ellis v. Toshiba Am. Info. Sys., Inc. , 160 Cal. Rptr. 3d 557, 859 n. 4 (Cal. Ct. App. 2013).

The importance of understanding technology becomes obvious when considering the discovery process. Attorneys who do not understand technology themselves may be tempted to let their clients define the preservation and discovery obligations for ESI, but is easy to imagine the repercussions of leaving clients in the driver's seat on these issues ' spoliation of evidence, creation of harmful evidence, and waiver of the attorney-client privilege, to name a few. Beyond discussing generic document retention policies and the existence of network servers with a client, attorneys must explore with their clients questions like who are the custodians of potentially relevant electronic information, where are hard drives located, what other forms of technology and social media platforms are used, what information may be stored on the cloud, and whether non-company computers may contain data within your client's custody, possession, or control. The answers will inform the Rule 26(f) conference, since the Federal Rules of Civil Procedure anticipate that ESI will be discussed with opposing counsel early on in litigation.

A Starting Point

The Sedona Conference has developed a helpful outline that attorneys can use as a starting point for these conversations with clients and opposing counsel. (See The Sedona Conference “Jumpstart Outline”: Questions to Ask Your Client & Your Adversary to Prepare for Preservation, Rule 26 Obligations, Court Conference & Requests for Production (Mar. 2011), available at http://bit.ly/18Ugu5W).

Preserving Client Confidentiality

Litigation is not the only context where technological competence is required; in the digital age, almost every client interaction is shaped by technology. Calls are scheduled and files are transferred via e-mail, voicemail is saved digitally and is accessible across a variety of platforms, documents are hosted and accessed through the cloud, and notes are maintained electronically via computer, tablet, or smart phone. Regardless of the technology used, attorneys must be mindful of their obligations to maintain client confidentiality ' the obligation to protect client information is an active and affirmative one.

Recent hacks, like those against Anthem, Sony, Home Depot and JPMorgan, highlight the importance of taking steps to ensure the security of client information and communications. In 2012, the ABA introduced new guidelines for protecting client confidences and case information by adding a new subsection to Model Rule 1.6: “A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” Model Rule 1.6(c). New Comment 18 to Model Rule 1.6 specifies that attorneys should “act competently to safeguard information relating to the representation of a client against unauthorized access by third parties and against inadvertent or unauthorized disclosure” by the attorney or others participating in the representation or under the attorney's supervision. If a lawyer “has made reasonable efforts to prevent the access or disclosure,” however, “unauthorized access to, or the inadvertent or unauthorized disclosure of, information relating to the representation of a client” does not constitute a violation of Model Rule 1.6(c).

Factors to be considered in determining the “reasonableness” of the lawyer's efforts under Model Rule 1.6(c) include “the sensitivity of the information, the likelihood of disclosure if additional safeguards are not employed, the cost of employing additional safeguards, the difficulty of implementing the safeguards, and the extent to which the safeguards adversely affect the lawyer's ability to represent clients (e.g., by making a device or important piece of software excessively difficult to use),” but are not limited to these considerations. Comment 18 to Model Rule 1.6. Thus, a client may require the lawyer to implement special security measures not required by the Model Rules, or may agree (after being apprised of the risks in doing so) to forgo security measures otherwise required by Model Rule 1.6.

The means by which attorneys and clients choose to communicate may implicate Model Rule 1.6. For instance, clients that use company-issued computers to communicate with their attorneys may unintentionally waive the attorney-client privilege. Courts have reached inconsistent conclusions when analyzing whether the attorney-client privilege has been waived by virtue of an employee using an employer's computer or other equipment to communicate with counsel. An Idaho federal court recently held that e-mails between an individual and her attorney from her work e-mail address were not privileged because the employer had a policy of e-mail monitoring and storage that was clearly in effect in the workplace, and that undermined any expectation of privacy she may have had. Alamar Ranch, LLC v. County of Boise, No. CV'09'004, 2009 WL 3669741 at **3'4 (D. Idaho Nov. 2, 2009). But other courts have held that if employees e-mail their attorneys from work computers using a personal e-mail account, then attorney-client privilege was not waived. See Stengart v. Loving Care Agency , 201 N.J. 300, 322'23 (N.J. 2010) (noting employee's intent that the e-mails remain private); Curto v. Medical World, No. 03-CV-6327, 2006 WL 1318387 (E.D.N.Y. May 15, 2006) (noting ambiguity in the employer's policy that it “may use human or automated means to monitor use of computer resources.”). Therefore, attorneys must take precautions when they know or have reason to believe that a client is using his or her employer's devices to send or access privileged client-attorney communications, according to one ethics opinion. ABA Standing Commission on Ethics and Professional Responsibility, Formal Op. 11-459, Aug. 4, 2011. Further, counsel should research the case law for their jurisdiction so that they can give accurate advice to clients about potential risks associated with communicating electronically.

The means by which attorneys create and store client information also may implicate Model Rule 1.6. With each new advance in technology, the volume of information created increases exponentially. According to the University of California at Berkeley, the volume of information created in 2010 alone was 1,350 exabytes, or the equivalent of 9,990,000 new Libraries of Congress. Unsurprisingly, much of this information is stored electronically or on the cloud.

Attorneys who use Gmail, Yahoo or DropBox for online storage or communications should be familiar with cloud computing, which allows individuals to access applications and store information remotely, without physically buying and installing software or saving to a local storage device. The professional rules create an obligation to protect client confidences with respect to the largest infrastructural commitment by any law practice: storage of client data. Cloud computing undoubtedly offers a number of benefits to law practices of all sizes, including reduced cost and increased accessibility from any location with an Internet connection, but law firms must take steps to ensure the integrity and security of any information stored on the cloud.

Despite how prevalent cloud computing is among law firms today, no nationwide best practices or standards have been developed. So far, 19 states have issued ethics opinions on the use of cloud computing, all of which permit its use so long as the attorneys apply reasonable care. See Am. Bar Ass'n, Cloud Ethics Opinions Around the U.S., http://bit.ly/1aMZaR5. Many of these opinions require or recommend that the attorneys assess various criteria including storage, security (password protection and encryption), and confidentiality (limitations on third-party access). Some opinions recommend consulting an expert or verifying company ownership.

The ABA advises, in Comment 19 to ABA Model Rule 1.6:

[w]hen transmitting a communication that includes information relating to the representation of a client, the lawyer must take reasonable precautions to prevent the information from coming into the hands of unintended recipients.

The ABA also has amended Model Rule 5.3, regarding lawyers' responsibilities when relying upon non-lawyer assistance, to require lawyers to “make reasonable efforts to ensure” that services are provided in a manner compatible with the lawyer's professional obligations. This includes electronic storage service provided by third-party vendors or cloud computing platforms. Thus, selecting a cloud vendor requires a deeper understanding of the various ways in which that vendor will allow attorneys to meet their ethical obligations.

One expert recommends that attorneys consider the following when evaluating cloud computing services:

• Will I have unrestricted access to the stored data?
• Have I stored the data elsewhere so that if access to my data is denied I can acquire the data via another source?
• Have I performed due diligence regarding the company that will be storing my data?
• Is it a solid company with a good operating record, and is its service recommended by others in the field?
• In which country and state is it located, and where does it do business?
• Does its end user's licensing agreement (EULA) contain legal restrictions regarding its responsibility or liability, choice of law or forum, or limitation on damages?
• Likewise, does its EULA grant it proprietary or user rights over my data?
• What is the cost of the service, how is it paid, and what happens in the event of nonpayment?
• In the event of a financial default, will I lose access to the data, does it become the property of the company, or is the data destroyed?
• How do I terminate the relationship with the company?
• What type of notice does the EULA require?
• How do I retrieve my data, and does the company retain copies?
• Are passwords required to access the program that contains my data?
• Who has access to the passwords?
• Will the public have access to my data?
• If I allow non-clients access to a portion of the data, will they have access to other data that I want protected?
• Recognizing that some data will require a higher degree of protection than other data, will I have the ability to encrypt certain data using higher level encryption tools of my choosing?

Nicole Black, Ethics of Cloud Computing for Lawyers, http://bit.ly/1B7uSSM.

Avoiding Ethical Pitfalls in Social Media

Technology, in the form of social media, has provided new avenues of informal discovery for attorneys. While most attorneys understand their ethical obligations regarding traditional discovery, recent disciplinary proceedings illustrate how attorneys may be more likely to disregard ethical obligations when it comes to online communications, whether in the form of personal websites or social media accounts. These ethical obligations include truthfulness in statements to others or communications with individuals other than one's own clients.

Social media serves as a new repository of potentially relevant information. Conversations that would have taken place by e-mail 10 years ago, and around the water cooler 20 years ago, now happen via Facebook and Twitter. Photos, which may contain incriminating images, are memorialized and conveniently “tagged.” By simply “friending” a potential witness or following a Twitter feed, an attorney can gain access to information contained on those social media sites. Informal discovery has long been an accepted (or encouraged) means of gathering evidence and information.

Informal discovery is not without limits, however. Model Rules 4.1, 4.2, and 4.3 all set forth guidelines for engaging in informal discovery. Model Rule 4.1 prohibits and attorney from making a false statement or material misrepresentation in the course of representing a client. ABA Model Rule 4.1(a). Model Rule 4.2 prohibits ex parte communications with a represented party, unless the represented party's attorney has given consent or the communication is authorized by law or court order. ABA Model Rule 4.2. Model Rule 4.3 prohibits attorneys from stating or implying that they are disinterested when communicating with an unrepresented person. ABA Model Rule 4.3.

Ethical opinions generally agree that there is nothing untoward in a lawyer browsing a website available to the general public. See, e.g., N.Y. State Bar Ass'n Comm. on Prof'l Ethics, Op 843 (2010). Thus, a lawyer may look at public social media websites to investigate a potential witness. But the guidelines are not so clear when the lawyer wants to access the private information available on a potential witness's social media account by “friending” or “following” that individual.

What if the lawyer sends a social media request that discloses the requester's true name, but not the fact that the lawyer has a role in a pending legal matter? Advisory opinions from Philadelphia and New Hampshire found that type of solicitation to be deceitful because it omits material information. The Philadelphia Bar Association Professional Guidance Committee was asked whether a lawyer could engage the services of a third party to attempt to gain access to the witness by “friending” the witness on Facebook and MySpace, but without revealing that the third party would be mining for information to give to the attorney. Phila. Bar Ass'n Prof'l Guidance Comm., Op. 2009-02 (2009). The Committee's reply was unequivocal: “[d]eception is deception” and that includes “friending” under false pretenses Id. at 3. In finding the proposed acts deceitful, the Advisory Committee likened the social media networks as “private areas” closed to the general public, as opposed to public areas, such as outside surveillance videos of plaintiffs litigating a tort action. Id. Thus, the proposed contact would violate Rules 8.4 (prohibiting dishonesty, fraud, deceit or misrepresentation), 4.1 (truthfulness in statements to others), and 5.3 (supervision of third-party non-lawyers).

When the New Hampshire Ethics Advisory Committee addressed a similar question, on behalf of attorneys who proposed to disclose their real names but not their role through a Facebook or Twitter request, the Committee also found the lawyers' failure to disclose their full identity and role in pending litigation is intended to deceive. N.H. Ethics Comm., Advisory Op. 2012-13/05 (2012). Neither the New Hampshire nor the Philadelphia opinion found that that the proposed contact would violate Rule 4.3's prohibition against an attorney implying to an unrepresented party that the attorney is disinterested, ostensibly because Rule 8.3's prohibition against deception is sufficiently broad. Phila. Bar Ass'n Prof'l Guidance Comm., Op. 2009-02 at 4, n.1.

The New York City Bar Association's Committee on Professional Ethics reached a somewhat different conclusion when considering whether an attorney “may resort to trickery via the Internet to gain access to an otherwise secure social networking page and the potentially helpful information it holds.” N.Y.C. Bar Ass'n Comm. on Prof'l Ethics, Formal Op. 2010-2 (2010). The Committee concluded that if an attorney or investigator “friends” a witness using only truthful information (i.e., the requestor's real name and profile), subject to compliance with all other ethical rules, the requestor is not obligated to disclose the reasons for making the “friend” request.

Conclusion

As technology develops, attorneys will have at their disposal additional means of communicating with clients, storing information, and conducting discovery or witness research. Harnessing advances in technology to complement traditional lawyering methods may even provide litigators with a tactical advantage for clients. But attorneys must exercise caution and remember that while technologies change, the ethics rules still apply and their basic principles (competence, due diligence, honesty, and fairness) remain the same.

Cara E. Greene, a member of this newsletter's Board of Editors, is a partner at Outten & Golden LLP in New York City, where she represents partners and employees exclusively, with a special emphasis on representing attorneys in their partnership and employment matters. Shirley Lin is an associate at the firm.

'