It is hard to believe that we have been in the pandemic for almost a year. It has been a long and arduous journey and unfortunately there is no immediate end in sight. The good news is that, overall, attorneys have adapted quite well to the demands of social distancing and the unpredictability of the pandemic by adding new cloud-based tools to their law firms’ tech arsenals that will enable them to transition remotely work when necessary.
However, as many attorneys have learned along the way, the practical aspects of remote working must necessarily be in line with their ethical obligations because of their confidentiality. Fortunately, in the early stages of the pandemic, various bar associations have turned to the board and provided lawyers with ethical guidelines to ease the transition to remote working and ensure lawyers protect their clients’ confidential information no matter where they are at one work specific day. For example, I recently wrote about some of the ethical opinions about working remotely and also summarized the recent developments regarding secure communication when working remotely.
Since I wrote these blog posts, the State Bar of Wisconsin has added their two cents and issued Wisconsin Formal Ethics Statement EF-21-02 in mid-January. This opinion offers advice on a number of different issues related to the remote exercise of law, including the duty to be technologically literate and the duty of attorneys to protect confidentiality and communicate securely.
Importantly, at the beginning of the opinion, the Committee was careful to note that, as technology is constantly changing, it does not have specific requirements for remote working and instead offers more elastic, overarching guidelines.
Then the committee admitted that one of the more notable effects of the pandemic, which was to dramatically accelerate the adoption of technology by lawyers, would likely continue after the COVID. The committee said, “Technological advances have replaced many of these face-to-face interactions, as well as other aspects of practice such as the transmission and storage of customer information. In addition, like other professionals, lawyers are expected to continue working remotely in some form after the pandemic. “
The committee next looked at the duty of technology literacy, stressing the need for lawyers to ensure they stay abreast of technological advances. In the EESC’s view, basic technological competence should at least include “knowledge of the types of equipment for which Communications, software options for communicating, preparing, transmitting, and storing documents and other information, and the means to keep the devices and the information they transmit and store secure and private. “
After focusing on a number of other high-level ethical obligations that were generated when attorneys worked remotely, including due diligence, oversight and unauthorized legal practice, the committee moved on to more practical advice. In particular, they provided guidance in three areas: cybersecurity, training and monitoring, and customer preparation.
As this section of the opinion is a bit lengthy, I will focus on the cybersecurity guidelines. To that end, below is an edited version of the committee’s very useful list of cybersecurity best practices. Note that while I’ve provided an abbreviated summary of the list, there are many more that came from it. So, read the entire opinion for lots of great advice and guidance on the pros and cons of running a virtual law on festivals.
Without further ado, here is the full list of cybersecurity best practices:
You need strong passwords to protect data and access devices. Use two-factor or multifactor authentication to access corporate information and corporate networks. Avoid using unsecured or public Wi-Fi when accessing or transmitting client information. Use a virtual private network (VPN) when accessing or transmitting client information. Use and keep the latest anti-virus and anti-malware software. Keep all software up to date: Install updates immediately. Make sure employees are using secure and encrypted laptops. Do not use USB drives or other external devices unless they are company owned or provided by a trusted source. Specify how and where remotely created data will be stored and how it will be backed up. Save data permanently only in the office network, not on personal devices. Use reputable cloud service providers. Encrypt emails or use other security measures to protect confidential information from unauthorized disclosure. Encrypt electronic records, including backups, that contain sensitive information such as personal data. Don’t open suspicious attachments or click on unusual links in messages, emails, tweets, posts, or online ads. Whenever possible, use websites with improved security. Do not have work-related conversations using smart devices such as voice assistants.
Finally, the committee concluded the opinion with a full summary of where we are, how we got here and where the legal profession will head in the future: “The COVID-19 pandemic has dramatically changed the way lawyers work and represent their attorneys. Some of these changes may be temporary, while others are likely part of a movement towards greater reliance on technology in legal practice. As remote working has become the new normal, lawyers need to develop new skills and knowledge to perform their core duties. “
Nicole Black is a lawyer in Rochester, New York and Director of Business and Community Relations at My case, web-based management software for law firms. she has been to blog since 2005 one has written weekly column for the Daily Record since 2007 is the author of Cloud computing for lawyers, Co-authors Social media for lawyers: the next frontierand co-authors Criminal Law in New York. She is easily distracted from the potential of bright and shiny tech, good food and wine. You can follow her on Twitter at @ Nikiblack and she can be reached at [email protected].