In April 2016, a lawsuit was filed claiming one Chicago-based law firm had failed to protect confidential client information.
The suit didn’t accuse lawyers at the firm of inadvertently sharing client information. In fact, according to The American Lawyer, “[t]he complaint makes no claim that data was stolen or used against clients.” The claim solely focusses on the fact that lax data security could have put client information at risk.
In other words, fail to take proper precautions to protect client confidentiality, and you could find yourself in hot water—whether your lack of preparedness breaches confidentiality or not.
All lawyers must take client confidentiality seriously. However, adhering to those rules is anything but basic, especially in the modern era.
Client confidentiality in the information age
More information gets shared on social media each day. Consider:
- Facebook users send 31.25 million messages per minute
- Twitter users send nearly 350,000 tweets per minute
- Instagram users post almost 50,000 photos each minute
If you’re a lawyer, you need to take extra care when using social media. There are plenty of ways your tweets or posts could inadvertently breach client confidentiality.
For instance, if you use Swarm to check in at a coffee shop during a client meeting, you could inadvertently disclose your client’s location as well. This may be an issue if your client wishes to remain anonymous, or if they don’t want it to be known that they’re using legal representation.
Photos can also be problematic. You may be more mindful than lawyer and politician Kris Kobach, who accidentally revealed notes on proposed immigration policy in a photo with Donald Trump. You should always be hyper-aware of what might be in the eye of a camera lens. Your daughter could take an impromptu photo while you’re catching up on some work at the dining room table; if there’s any sensitive information is visible in the image, you need to make sure that photo doesn’t get posted online (and does get deleted from her device).
Steps lawyers need to take
Does this mean you need to stop using social media? No. But you do need to reconcile the norm of sharing information online with the need to keep client information confidential.
Here are a few things you can do to ensure you’re protecting client information:
- Go private on Facebook. This is a simple step for all lawyers (and for anyone using Facebook, for that matter). Go to “Settings,”, then “Privacy,” and set all of the visibility options so that only “Friends” can see your profile. If you want to market your law firm on Facebook, set up a separate Facebook page—and be extra mindful of the information you’re sharing on it.
- Use two-factor authentication. Using two-factor authentication to protect your online accounts is one of the most effective steps you can take to protect client information. Read about why it works and how to implement it in this list of mobile security tips (two-factor authentication is number four on the list).
- Don’t use live mic technology. Someone’s always listening. Amazon hasn’t given up user data in this now-infamous murder case from late 2016 (so far), but that doesn’t mean you should put client information at risk by keeping an Echo or an equivalent device inside your office.
In short, you want to do everything you can to prevent unauthorized access to client information. In 2017, that means a lot more than just closing the door each time you meet with clients.
We published this blog post in January 2017. Last updated: .
Categorized in: Business