MTC: The Filing Cabinet Renaissance - Why Lawyers Still Need Physical Storage in the Digital Age 📁💼

/ The Tech-Savvy Lawyer.Page/

Balancing Tradition and Tech: Today’s lawyer needs to integrate filing cabinets and cloud storage in modern legal practice.

In the era of cloud storage and digital documents, the humble filing cabinet might seem like a relic of the past. However, for lawyers, these sturdy metal boxes remain an essential tool in managing sensitive information and maintaining compliance with legal standards. Today, let’s discuss why filing cabinets continue to play a crucial role in modern law practices and how to strike the perfect balance between digital and physical document management. 🖥️📄

The Enduring Value of Tangible Documents

Despite the push towards paperless offices, many lawyers find themselves in a hybrid world where both digital and physical documents coexist. There are several reasons for this:

  • Regulatory Requirements: 📜 Certain legal documents must be retained in their original, physical form to comply with regulations or to maintain their legal validity. These may include original contracts, notarized documents, or court-filed papers.

  • Client Preferences: 🤝 Some clients, particularly older ones, may prefer physical copies of important documents. Having a filing cabinet allows lawyers to cater to these preferences while still maintaining digital records. Tip💡:  This may be mitigated by a well-drafted, bar compliant engagement letter.

  • Backup and Redundancy: 🔒 In an age of cybersecurity threats, having physical copies of critical documents serves as an additional layer of protection against data loss or digital breaches.

The Evolution of Filing Cabinet Usage

My personal journey with filing cabinets reflects the changing landscape of document management in law firms. Initially, I expanded from one four-drawer horizontal filing cabinet and one two-drawer mini cabinets to three four-drawer horizontals and two two-drawer minis. This growth mirrored the increasing complexity and volume of cases I handled. 📈

Lawyers can thrive with document retention by blending tradition with modern tech.

However, as digital solutions became more prevalent and sophisticated, I found myself able to reduce my physical storage needs (thank goodness for my Fujitsu Scansnap!). I now maintain one four-drawer horizontal filing cabinet and two two-drawer mini cabinets. This reduction was made possible by:

  • Implementing a robust digital document management system 💻

  • Scanning and digitizing older files 📸

  • Adopting a more selective approach to what documents require physical storage 🔍

Striking the Right Balance

The key to effective document management in modern law practice is finding the right balance between digital and physical storage. Here's how lawyers can optimize their use of filing cabinets:

Prioritize Critical Documents: 🏆 Reserve physical storage for documents that must be kept in their original form or those that are frequently accessed.

Implement a Hybrid System: 🔄 Use digital storage for the bulk of your documents, but maintain a streamlined filing cabinet system for essential physical records.

Regular Purging: 🗑️ Periodically review and purge unnecessary physical documents, converting them to digital format when possible. Tip💡: Check your bar ethic requirements and terms in our contracts - Are you allowed to purge certain former clients after a period of time if they have not claimed their old files (you may want to try to contact them first and ask them if they want them back) or have they simply disappeared.

Enhance Security: 🔐 Invest in high-quality, lockable filing cabinets to ensure the security of sensitive physical documents.

A Hybrid Document Management is The perfect blend of physical and digital solutions for law firms.

Adopt a Shred or Return Policy: 📄✂️ Incorporate clauses in your contracts that allow for the shredding or return of certain documents after a specified period. This practice helps manage physical storage space and ensures compliance with data protection regulations.

File Retention Requirements: Navigating the ABA Model Rules of Ethics

Understanding and adhering to file retention requirements is crucial for lawyers. The American Bar Association (ABA) Model Rules of Professional Conduct provide guidance on this matter:

Lawyers are required to be competent regarding their use of technology. They need to how to use and be using technology that has the basic safe guards of protecting their client data from prying eyes and have redundant copies should their system fail (see my discussion on the “3-2-1” back up system). Remember, lawyers need not be experts in the fields. They just need to be reasonably competent in their use. For more complex issues, they should hire a reputable expert.

This rule requires lawyers to keep client files for a reasonable period after the representation has concluded. The definition of "reasonable" can vary depending on the nature of the case and local regulations.

  • Rule 1.16: Declining or Terminating Representation 🚪

Upon termination of representation, lawyers must take steps to protect a client's interests, including surrendering papers and property to which the client is entitled.

As highlighted in The Tech-Savvy Lawyer.Page blog, implementing a clear file retention policy that complies with these rules is essential. This policy should outline:

Modern Legal Teamwork: today’s Lawyers need to manage files and digital records.

  • The types of documents to be retained 📋

  • The duration of retention for different document categories ⏳

  • The method of storage (physical vs. digital) 💾

  • The process for document destruction or return to clients 🔥

By having a well-defined policy, lawyers can effectively manage their physical and digital storage while ensuring ethical compliance.

My Final Thoughts 🧐

While the legal profession continues to embrace digital solutions, the filing cabinet remains a valuable tool in a lawyer's arsenal. Its role has evolved from being the primary storage solution to a complementary system that works in tandem with digital storage. By thoughtfully integrating physical and digital document management, lawyers can create a more efficient, secure, and compliant practice. 🎯

My journey from expanding to three large filing cabinets and then scaling back to just one reflects the broader trend in the legal industry. It's not about completely eliminating physical storage, but rather about finding the optimal balance that serves both practical needs and regulatory requirements. In this digital age, the filing cabinet stands as a testament to the enduring value of tangible documents in the practice of law. 🏛️⚖️

MTC

MTC/BOLO: 🚨 Cybersecurity Alert: Chinese Hack Exposes Vulnerabilities in Mobile Data 🚨

/ The Tech-Savvy Lawyer.Page/

A massive Chinese espionage campaign has recently targeted major U.S. telecommunications companies, compromising data from hundreds of thousands of American mobile phone users. This unprecedented cyber assault, dubbed "Salt Typhoon," has affected at least eight major telecom providers, including Verizon and AT&T, ranking among the most extensive intelligence breaches in American history. 📱💻

The Scope of the Breach 🔍

The Chinese hackers exploited weaknesses in the communications networks of top telecommunications companies. They gained access to a vast amount of data, including:

  • Who mobile phone users were talking to

  • When conversations took place

  • User locations

  • In some cases, audio calls and text messages

Initially focusing on the national capital region, the hackers narrowed their targets to high-profile Americans, including:

  • Top government officials in the Biden administration

  • At least one cabinet secretary

  • A top White House Homeland Security Adviser

  • President-elect Donald Trump

  • Vice President-elect JD Vance

  • Staff of Senator Chuck Schumer

The breach also compromised data about sensitive Department of Justice warrants. 🏛️

Ongoing Threat and Uncertain Timeline

U.S. officials warn that the breach is ongoing. They cannot confirm that the hackers have been fully removed from the affected networks. The FBI and Cybersecurity and Infrastructure Security Agency (CISA) are still trying to understand the full scope of this activity. There is no clear timeline for when telecommunications companies will be fully secure. 🕵️‍♀️

Ethical Obligations for Lawyers 📜⚖️

For lawyers and legal professionals, the ethical obligation to protect client data extends beyond general cybersecurity practices. The American Bar Association (ABA) Model Rules of Professional Conduct provide specific guidance on this matter.

1. Duty of Competence 🧠

ABA Model Rule 1.1 requires lawyers to provide competent representation to clients. This includes staying current with technology. Comment 8 to Rule 1.1 explicitly states that lawyers must understand "the benefits and risks associated with relevant technology". This means lawyers must:

  • Understand the technologies they use in their practice

  • Stay informed about evolving cybersecurity threats

  • Implement appropriate security measures

2. Duty of Confidentiality 🤐

Rule 1.6(c) mandates that lawyers "make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client". This rule directly applies to electronic communications and data storage. Lawyers must:

  • Assess the sensitivity of client information

  • Implement appropriate security measures based on the nature of the data

  • Regularly review and update security protocols

3. Communicating with Clients 💬

Under Rule 1.4, lawyers have a duty to communicate with clients about the means by which their objectives are to be accomplished. This includes discussing:

  • Risks associated with various communication methods

  • Potential need for enhanced security measures

  • Client preferences regarding communication methods

Recommendations for Securing Mobile Data 🔒

In light of this breach and to meet ethical obligations, lawyers, their clients, and the general public should take the following steps to secure their mobile data:

1. Use Encrypted Communication Apps 🔐

U.S. officials strongly recommend using encrypted communication apps like Signal. These apps offer end-to-end encryption, making it extremely difficult for hackers to intercept messages or calls.

2. Enable Multi-Factor Authentication (MFA) 🔑

Turn on MFA for all your accounts. This adds an extra layer of security beyond just a password, significantly reducing the risk of unauthorized access.

3. Use Strong Passwords and Biometric Authentication 👆

Create complex, unique passwords for each account. Consider using a password manager. Enable biometric authentication methods like fingerprint or facial recognition where available.

4. Keep Software Updated 🔄

Regularly update your device's operating system and apps. These updates often include critical security patches.

5. Be Cautious with Public Wi-Fi 📶

Avoid using unsecured public Wi-Fi networks. If necessary, use a VPN to encrypt your internet traffic.

6. Only Download Apps from Trusted Sources 📲

Stick to official app stores like Google Play or the Apple App Store. Avoid downloading apps from unknown websites or sources.

7. Implement Device Encryption 🔒

Ensure your device's storage is encrypted. Most modern smartphones offer built-in encryption options.

8. Use Secure Cloud Storage ☁️

Store sensitive documents in secure, encrypted cloud storage services.

See my earlier post:  “How too …”: 🔒 Securing Cloud Storage for Lawyers: Best Practices and Ethical Considerations!.

9. Enable Remote Wipe Capabilities 🧹

Set up the ability to remotely wipe your device if it's lost or stolen.

See my earlier post:  "How to ....": Enable Remote Wipe Capabilities 🧹 (Mobile Phone📱/Tablet Edition).

10. Be Wary of Phishing Attempts 🎣

Stay alert for phishing emails or messages. Verify the sender's identity before sharing any sensitive information.

Special Considerations for Lawyers 👨‍⚖️👩‍⚖️

In some cases, standard security measures may not be sufficient. The ABA Opinion 477R suggests that lawyers may need to take special precautions when:

  • Handling particularly sensitive client information

  • Complying with specific client instructions or agreements

  • Adhering to regulatory requirements (e.g., HIPAA, GDPR)

In such instances, lawyers might need to employ:

  • End-to-end encryption for all communications

  • Multi-factor authentication for all systems

  • Regular third-party security audits

My Final Thoughts 🏁

The recent and ongoing Chinese hack of major U.S. telecom providers highlights the critical need for robust mobile security measures. For lawyers, maintaining technological competence and protecting client data is not just a matter of good practice—it's an ethical imperative. By staying informed about cybersecurity risks, implementing robust security measures, and communicating clearly with clients about these issues, lawyers can fulfill their ethical obligations and protect their clients' interests in the digital age.

Remember, cybersecurity is an ongoing process. Stay vigilant and regularly review and update your security practices. In today's digital landscape, protecting your mobile data is not just a matter of personal privacy—it's a professional and ethical obligation, especially for those handling sensitive client information. 🛡️📱💼

MTC

🚨BOLO: AI Malpractice🚨: Texas Lawyer Fined for AI-Generated Fake Citations! 😮

/ The Tech-Savvy Lawyer.Page/

We’ve been reporting on lawyers incorrectly using AI in their work; but, the lesson has not yet reached all practicing lawyers: Here is another cautionary tale for legal professionals!

No lawyer wants to be disciplined for using generative ai incorrectly - check your work!

A Texas lawyer, Brandon Monk, has been fined $2,000 for using AI to generate fake case citations in a court filing. U.S. District Judge Marcia Crone of the Eastern District of Texas imposed the penalty and ordered Monk to complete a continuing legal education course on generative AI. This incident occurred in a wrongful termination case against Goodyear Tire & Rubber Co., where Monk submitted a brief containing non-existent cases and fabricated quotes. Concernedly, he was using Lexis AI function in his work - check out the report card a Canadian law professor gave Lexis+ AI in my editorial here. The case highlights the ethical challenges and potential pitfalls of using AI in legal practice.

The judge's ruling emphasizes that attorneys remain accountable for the accuracy of their submissions, regardless of the tools used.

Read the full article on Reuters for an in-depth look at this landmark case and its implications for the legal profession.

Be careful out there!

Wednesday "How to ....": Enable Remote Wipe Capabilities 🧹 (Mobile Phone📱/Tablet Edition)

/ The Tech-Savvy Lawyer.Page/

Setting up remote wipe capabilities is crucial for protecting your data on both phones and tablets if they're lost or stolen. Here's how to enable this feature across iOS and Android devices:

For iPhone and iPad 🍎

The process is identical for both iPhones and iPads:

1. Enable "Find My":

  •   Go to Settings > [Your Name] > Find My

  •   Toggle on "Find My iPhone" (or "Find My iPad")

  •   Enable "Send Last Location" for better tracking

2. To remotely wipe your device:

  •   Visit iCloud.com/find on a computer or another device

  •   Sign in with your Apple ID

  •   Select your lost device from the list

  •   Click "Erase iPhone/iPad"

  •   Confirm the action

For Android Phones and Tablets 🤖

The process is similar for Android phones and tablets:

1. Enable Find My Device:

  •    Go to Settings > Security > Find My Device

  •    Toggle it on if not already enabled

2. To remotely wipe your device:

  •    Visit android.com/find on a computer or another device

  •    Sign in with the Google Account associated with your lost device

  •    Select your device (phone or tablet)

  •    Choose "Erase device"

  •    Confirm the action

Tablet-Specific Considerations 📱

For tablets that don't have cellular connectivity:

  • Ensure your tablet is connected to Wi-Fi regularly

  • Set up automatic connections to known Wi-Fi networks

  • For iPads, enable "Find My network" to locate your device even when it's offline

For Android tablets:

  • Some may require you to download the "Find My Device" app from the Google Play Store

  • Ensure Location services are enabled for better tracking

Additional Tips for Both Phones and Tablets 💡

  • Regularly update your device's operating system

  • Use strong, unique passcodes or biometric locks

  • Back up your data frequently to cloud services

  • For work devices, consult your IT department about Mobile Device Management (MDM) solutions

By enabling these features on all your mobile devices - phones and tablets alike - you'll have a safety net in place to protect your data if any of your devices are lost or stolen. Remember, remote wiping should be used as a last resort when you're certain you can't recover your device.

MTC: Can Lawyers Ethically Use Generative AI with Public Documents? 🤔 Navigating Competence, Confidentiality, and Caution! ⚖️✨

/ The Tech-Savvy Lawyer.Page/

Lawyers need to be concerned with their legal ethics requirements when using AI in their work!

After my recent interview with Jayne Reardon on The Tech-Savvy Lawyer.Page Podcast 🎙️ Episode 99, it made me think: “Can or can we not use public generative AI in our legal work for clients by only using publicly filed documents?” This question has become increasingly relevant as tools like ChatGPT, Google's Gemini, and Perplexity AI gain popularity and sophistication. While these technologies offer tantalizing possibilities for improving efficiency and analysis in legal practice, they also raise significant ethical concerns that lawyers must carefully navigate.

The American Bar Association (ABA) Model Rules of Professional Conduct (MRPC) provide a framework for considering the ethical implications of using generative AI in legal practice. Rule 1.1 on competence is particularly relevant, as it requires lawyers to provide competent representation to clients. Many state bar associations provide that lawyers should keep abreast of the benefits and risks associated with relevant technology. This scrutiny highlights AI’s growing importance in the legal profession.

However, the application of this rule to generative AI is not straightforward. On one hand, using AI tools to analyze publicly filed documents and assist in brief writing could be seen as enhancing a lawyer's competence by leveraging advanced technology to improve research and analysis. On the other hand, relying too heavily on AI without understanding its limitations and potential biases could be seen as a failure to provide competent representation.

The use of generative ai can have complex ethic's’ requirements.

The duty of confidentiality, outlined in 1.1, presents another significant challenge when considering the use of public generative AI tools. Lawyers must ensure that client information remains confidential, which can be difficult when using public AI platforms that may store or learn from the data input into them. As discussed in our October 29th editorial, The AI Revolution in Law: Adapt or Be Left Behind (& where the bar associations are on the topic), state bar associations are beginning (if not already begun) scrutinizing lawyers use of generative AI. Furthermore, as Jayne Reardon astutely pointed out in our recent interview, even if a lawyer anonymizes the client's personally identifiable information (PII), inputting the client's facts into a public generative AI tool may still violate the rule of confidentiality. This is because the public may be able to deduce that the entry pertains to a specific client based on the context and details provided, even if they are "whitewashed." This raises important questions about the extent to which lawyers can use public AI tools without compromising client confidentiality, even when taking precautions to remove identifying information.

State bar associations have taken varying approaches to these issues. For example, the Colorado Supreme Court has formed a subcommittee to consider recommendations for amendments to their Rules of Professional Conduct to address attorney use of AI tools. Meanwhile, the Iowa State Bar Association has published resources on AI for lawyers, emphasizing the need for safeguards and human oversight.

The potential benefits of using generative AI in legal practice are significant. As Troy Doucet discussed in 🎙️Episode 92 of The Tech-Savvy Lawyer.Page Podcast, AI-driven document drafting systems can empower attorneys to efficiently create complex legal documents without needing advanced technical skills. Similarly, Mathew Kerbis highlighted in 🎙️ Episode 85 how AI can be leveraged to provide more accessible legal services through subscription models.

Do you know what your generative ai program is sharing with the public?

However, the risks are equally significant. AI hallucinations - where the AI generates false or misleading information - have led to disciplinary actions against lawyers who relied on AI-generated content without proper verification. See my editorial post My Two Cents: If you are going to use ChatGTP and its cousins to write a brief, Shepardize!!! Chief Justice John Roberts warned in his 2023 Year-End Report on the Federal Judiciary that "any use of AI requires caution and humility".

Given these considerations, a balanced approach to using generative AI in legal practice is necessary. Lawyers can potentially use these tools to analyze publicly filed documents and assist in brief writing, but with several important caveats:

1. Verification: All AI-generated content must be thoroughly verified for accuracy. Lawyers cannot abdicate their professional responsibility to ensure the correctness of legal arguments and citations.

2. Confidentiality: Extreme caution must be exercised to ensure that no confidential client information is input into public AI platforms.

3. Transparency: Lawyers should consider disclosing their use of AI tools to clients and courts, as appropriate.

The convergence of ai, its use in the practice of law, and legal ethics is here now1

4. Understanding limitations: Lawyers must have a solid understanding of the capabilities and limitations of the AI tools they use.

5. Human oversight: AI should be used as a tool to augment human expertise, not replace it.

This blog and podcast has consistently emphasized the importance of these principles. In our discussion with Katherine Porter in 🎙️ Episode 88, we explored how to maximize legal tech while avoiding common pitfalls. In my various posting, there has always been an emphasis on the need for critical thinking and careful consideration before adopting new AI tools.

It's worth noting that the legal industry is still in the early stages of grappling with these issues. As Jayne Reardon explored in 🎙️ Episode 99 of our podcast, the ethical concerns surrounding lawyers' use of AI are complex and evolving. The legal profession will need to continue to adapt its ethical guidelines as AI technology advances.

While generative AI tools offer exciting possibilities for enhancing legal practice, their use must be carefully balanced against ethical obligations. Lawyers can potentially use these tools to analyze publicly filed documents and assist in brief writing, but they must do so with a clear understanding of the risks and limitations involved. As the technology evolves, so too must our approach to using it ethically and effectively in legal practice.

MTC

🎙️Ep. 99: Navigating the Intersection of Law Ethics and Technology with Jayne Reardon.

/ The Tech-Savvy Lawyer.Page/

Meet Jayne Reardon, a nationally renowned expert on legal ethics and professionalism who provides ethics, risk management, and regulatory advice to lawyers and legal service providers. Jayne is an experienced trial lawyer who has tried cases in state and federal courts across Illinois and on appeal up to the United States Supreme Court. She also sits on the national roster of the American Arbitration Association for Commercial and Consumer Arbitration. Moreover, she is a certified neutral in the Early Dispute Resolution Process. Jayne's experience includes service as Executive Director of the Illinois Supreme Court Commission on Professionalism, an organization dedicated to promoting ethics and professionalism among lawyers and judges, and disciplinary counsel for the Illinois Attorney Registration and Disciplinary Commission.

In today's conversation, Jayne explores ethical concerns for lawyers using AI, focusing on ABA Model Rules. She also discusses billing ethics, advising transparency in engagement letters and time tracking. Furthermore, Jayne highlights online civility, warning against impulsive posts and labeling, and real-life cases to underscore the importance of ethical vigilance in AI-integrated legal practice.

Join Jane and me as we discuss the following three questions and more!

  1. What are your top three warnings to lawyers about using AI in line with the ABA model rules of ethics?

  2. Some lawyers are creating DIY services online through chatbots, AI for clients, through chatbots and AI for clients to handle their legal affairs. What are the top three ethical concerns these lawyers should be wary of when creating these services?

  3. What are your top three suggestions about lawyers being civil to one another and others online?

In our conversation, we cover the following:

[01:11] Jayne's Current Tech Setup

[04:50] Handling Tech Devices and Daily Usage

[08:51] Ethical Considerations for AI in Legal Practice

[19:21] Ethical Considerations for AI-Assisted Services

[26:37] Civility in Online Interactions

[30:58] Connect with Jayne

Resources:

Connect with Jayne:

Hardware mentioned in the conversation:

Software & Cloud Services mentioned in the conversation:

* the “W-Calendar” program I refered to apparently is no longer an active software program available for purchase.

MTC: What is the common sense approach lawyers can learn from 23andMe’s recent client data breach?

/ The Tech-Savvy Lawyer.Page/

What can 23andme’s client data breach teach lawyers about keeping their own client’s data secure?

I can’t stress enough that as legal professionals, we bear a dual responsibility when it comes to personal identification information (PII): safeguarding our own data and protecting our clients' sensitive information. 

The 23andMe Incident: A Wake-Up Call

Last week’s report of the 23andMe breach serves as a stark reminder of the vulnerabilities inherent in storing sensitive personal information online. Hackers gained access to user profiles, including genetic data, names, birth years, and ancestry report. This incident underscores the need for heightened awareness and caution when sharing personal identification information (PII) with online companies. THIS data breach serves as a perfect reminder of the critical importance of data security in our increasingly digital world, especially for those of us in the legal field.

Legal Ethics and Client Confidentiality

The cornerstone of the attorney-client relationship is confidentiality, extending far beyond our physical offices in today's digital age. We are bound by ethical rules mandating the protection of client information. The American Bar Association's Model Rule 1.6(c) explicitly states that "A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” But our legal ethics responsibilities just don’t stop there!

Even small law firms are not immune from cyberattacks!

ABA Model Rule 1.1 Comment 8 (Rule 1.1[8]) requires lawyers to stay informed about changes in the law and its practice, including the benefits and risks associated with relevant technology. This comment explicitly recognizes that competent representation in today's legal landscape involves understanding and effectively using pertinent technology. Lawyers must be aware of the security levels, general operational status, and potential risks and actual data breaches of the services and software they use, both in-office and cloud-based. While the goal isn't to transform lawyers into tech experts, it's crucial that we can leverage technology (even with the assistance of more technically proficient experts) to provide efficient, effective, and ethical legal services to our clients.

Implications of Data Breaches

The 23andMe incident highlights the potential consequences of a data breach, which for lawyers could include:

  1. Violation of ethical obligations

  2. Potential malpractice claims

  3. Loss of client trust and reputation damage

  4. Regulatory penalties and sanctions

Protecting Client and Our Own Information in the Digital Age

To fulfill our ethical obligations and protect our clients' PII, we must implement robust data security measures:

Secure Data Storage and Transmission

Utilize encrypted cloud storage solutions and secure file transfer protocols when handling client data. Avoid using public Wi-Fi networks for accessing or transmitting sensitive information. And if you do, be sure to use a reliable Virtual Private Network (VPN) when on public Wi-Fi.

Client Communication Practices

Lawyers need not be tech experts but they need to know how to use tech to not only for their clients but use it to protect their client’s Data.

Implement secure client portals for document sharing and communication. Educate clients on the risks of sending sensitive information via unsecured email, and advise them on what information should never be shared electronically.

Vendor Due Diligence

Carefully vet third-party service providers, ensuring they adhere to stringent data protection standards. This includes practice management software, e-discovery platforms, and cloud storage providers.

Here are Some Best Practices for Personal and Professional Data Protection

  1. Implement strong authentication: Use multi-factor authentication for all professional and personal accounts. Consider using a password manager that creates and stores complex passwords.

  2. Separate personal and professional online presence: Maintain distinct profiles and accounts for personal and professional use.

  3. Regularly update security measures: Stay informed about the latest cybersecurity threats and update your protection strategies accordingly.

  4. Minimize data sharing: Critically assess what personal information is truly necessary to share online, and refrain from providing sensitive data unless absolutely essential.

Lawyers Are Important Participants to the Future Legal Landscape 

The 23andMe breach raises important questions about the adequacy of current data protection laws. As legal professionals, we have a responsibility to:

  1. Advocate for stronger data protection legislation: Support and contribute to the development of comprehensive data privacy laws that protect individuals and businesses.

  2. Stay informed on data privacy regulations: Keep abreast of evolving laws such as The European Union's General Data Protection Regulation (GDPR) and California's Consumer Privacy Act (CCPA), and industry-specific regulations like Health Insurance Portability and Accountability Act (HIPAA).

  3. Advise clients on data protection: Provide guidance on compliance with data protection laws and best practices for safeguarding sensitive information, including when to refrain from sharing certain types of data altogether.

maybe we don’t need to put all of our information on the internet?

The Fundamental Lesson: Some Data Should Never Be Shared

Perhaps the most crucial takeaway from the 23andMe incident is that certain types of information are so sensitive and personal that they may not belong in anyone else's hands, regardless of the security measures in place. This is particularly true for genetic data, which is immutable and deeply personal. As lawyers, we must critically evaluate what information truly needs to be shared or stored externally, always erring on the side of caution.

My Final Thoughts

The 23andMe incident serves as a critical reminder of the vulnerabilities inherent in our digital ecosystem and the importance of discerning what information should never be shared. As lawyers, we must be at the forefront of data protection efforts, not only to safeguard our own information but also to uphold our ethical obligations to our clients. By implementing robust security measures, staying informed about evolving threats and regulations, and advocating for stronger data protection laws, we can help mitigate the risks associated with sharing PII in our increasingly interconnected world.

In this digital age, protecting personal identification information is not just a matter of individual privacy—it's a fundamental aspect of legal ethics and professional responsibility. As tech-savvy lawyers, we must lead by example in implementing and promoting best practices for data security, ensuring that we maintain the trust and confidentiality that form the bedrock of our profession. Most importantly, we must always question whether certain information needs to be shared at all, recognizing that the best protection sometimes lies in not disseminating sensitive data in the first place.

MTC

🎙️ Episode #94, Mastering Legal Tech & Protecting Your Firm’s “Brand”: From WordPress to Trademarks with Andrea Sager!

/ The Tech-Savvy Lawyer.Page/

Andrea Sager, Founder and CEO of Legalpreneur, is revolutionizing legal services for small business owners and attorneys. With experience as a BigLaw attorney, small business owner, and small business attorney, Andrea combines her passion for empowerment with expertise, ranking 27th among 40,000 trademark attorneys in the U.S., driving accessible, innovative legal solutions.

Throughout our conversation, Andrea explains why lawyers should trademark their work. Also, she provides essential podcasting tech tips and discusses strategies to stay compliant with State Bar rules and avoid UPL.

Join Andrea and me as we discuss the following three questions and more!

  1. What are the top three reasons a lawyer needs to trademark their business, blog, or podcast?

  2. What are your top three tech tips (hardware and software) to make your podcast stand out?

  3. What are your top three tips for ensuring a lawyer does not encroach on State Bar scrutiny with UPL (Unauthorized Practice of Law), etc.?

In our conversation, we cover the following:

[00:08] Andrea's Current Tech Setup

[07:08] Top 3 Reasons Lawyers Should Trademark Their Business, Blog, or Podcast

[10:53] Tech Tips for Podcasting

[14:46] Ensuring Compliance with State Bar Rules

[19:53] Connect with Andrea

Resources:

Connect with Andrea:

Software & Cloud Services mentioned in the conversation:

My Two Cents: Lessons from ABA's Formal Opinion 512 - A Follow-Up!

/ The Tech-Savvy Lawyer.Page/

there will be many Collaborative discussions on ABA Formal Opinion 512's impact on legal practice!

This post is a follow-up to last week's editorial on my experience with the AI sessions at the American Bar Association's (ABA) 2024 Annual meeting. Today, I'll delve deeper into ABA's Formal Opinion 512 and explore its implications for legal practitioners.

Building on Prior Model Rules

ABA's Formal Opinion 512 builds on several foundational Model Rules of Professional Conduct. These include:

 Breakdown of ABA Formal Opinion 512 

Tech-savvy lawyer reviews ethical implications of AI under ABA Opinion 512.

 1. Competence

Formal Opinion 512 emphasizes that competence in legal practice now extends to a lawyer's understanding and use of technology. Lawyers must stay informed about changes in technology that affect their practice areas. This includes:

  • Understanding AI Capabilities: Lawyers must understand the capabilities and limitations of AI tools they use.

  • Continuing Education: Lawyers should engage in ongoing education about technological advancements relevant to their practice.

 2. Confidentiality

The opinion underscores the importance of maintaining client confidentiality when using AI tools. Key points include:

  • Risk Assessment: Lawyers must assess the risks associated with using AI tools, particularly concerning data security and privacy.

  • Vendor Due Diligence: Lawyers should conduct due diligence on AI vendors to ensure they comply with confidentiality obligations.

Lawyers will be Debating AI ethics and compliance for the foreseeable future!

 3. Supervision

Lawyers are responsible for supervising the AI tools and ensuring they are used ethically. This includes:

  • Oversight: Lawyers must oversee the AI tools to ensure they are used appropriately and do not compromise ethical standards.

  • Accountability: Lawyers remain accountable for the outcomes of AI-assisted tasks, ensuring that AI tools do not replace human judgment.

 4. Communication

Effective communication with clients about the use of AI is crucial. Lawyers should:

  • Inform Clients: Clearly inform clients about the use of AI tools in their cases.

  • Obtain Consent: Obtain informed consent from clients regarding the use of AI, especially when it involves sensitive data.

ABA's Formal Opinion 512 signals that AI is now essential in legal practice, but it also underscores the importance of maintaining ethical standards when using it.

Final Thoughts

ABA's Formal Opinion 512 is a significant step in ensuring that lawyers remain competent and ethical in an increasingly digital world. By emphasizing the need for technological proficiency, confidentiality, supervision, and clear communication, the ABA reinforces that staying updated with technology is not optional—it's a matter of maintaining one's bar license. Lawyers must embrace these guidelines to provide the best possible representation in the modern legal landscape.

Lawyers who do not keep up with the evolving AI landscape will be left behind by those who do!

🚨

Lawyers who do not keep up with the evolving AI landscape will be left behind by those who do! 🚨

My Two Cents: With AI Creeping Into Our Computers, Tablets, and Smartphones, Lawyers Need to Be Diligent About The Software They Use.

/ The Tech-Savvy Lawyer.Page/

Lawyers need to be weary about the computer company behind the curtin as to what information they are taking from your data!

As Apple is anticipated to announce a new iPhone with AI baked into its operating system, lawyers, like Dorothy in the Wizard of Oz, can no longer stand idly by and trust that the person behind the curtain, i.e., the software creator or owner of their software product, is both trustworthy and not going to use the customer’s data in ways inconsistent with the data owners’ objectives or to protect their data personal identification information. Per ABA Model Rule 1.6(a), lawyers must reasonably ensure that their client’s Personal Identification Information (PII) is protected. And recent events are providing a bit of a minefield for not just lawyers.

I use a popular subscription service application called SetApp. It’s a subscription service that gives me access to over 240 applications. I use many of them daily. But one of its applications, Bartender (which helps clean up and manage your Mac computer’s toolbar), was recently but secretively purchased by a private company. The problem is that little is known about the company. There is a very legitimate concern that Bartender may be improperly using its customer’s computer data – apparently (but not confirmed to be) making unauthorized screenshots. (Note that this is not a critique of SetApp, but I am going to reevaluate my use of Bartender – here are some alternatives you may want to check out.) But this general concern does not end with just “unknown” Wizards.

Lawyers need to be weary about the computer company behind the curtin as to what information they are taking from your data!

It was recently discovered that Adobe changed customer's terms of service. Lawyers should be deeply concerned about Adobe's updated terms of use for Photoshop, which grant the company broad rights to access and remove users' cloud-stored content. This raises significant privacy and confidentiality issues, particularly for legal professionals handling sensitive client data under non-disclosure agreements (NDAs), protecting PII, and trial strategies. Adobe's ability to view and potentially mishandle files covered by NDAs could lead to damaging leaks and breaches of client trust. You can “opt out” of this by going to your account’s privacy settings, going to “Content analysis,” and making sure the “Allow my content to be analyzed by Adobe for product improvement and development purposes” option is not selected. You can also not upload your material to Adobe’s could service – these steps may provide an extra layer of protection, but no one is 100% sure.

As custodians of confidential information, lawyers have an ethical duty to safeguard client secrets. Adobe's overreaching policy raises significant concerns for the legal community. These concerns extend beyond software, as computer companies now integrate AI into their hardware systems.

Many Windows machines are developing their computers to work inherently with MS Windows' own AI, Copilot. At the time of this writing, Apple is expected to announce a new operating system with an AI built into it to work with its new M4 chip. In other words, hardware and software companies work together to have their machines work naturally with operating systems that have AI built into their software. The biggest concern that should be on lawyers' minds is how their data is being used to train a company’s AI. What protections are being built into the systems? Can users opt-out? What does this all mean for us lawyers?

This means that lawyers at any computer skill level must pay attention to the Terms of Service (ToS) for the computers and software they use for work. The warning signs are there. So, stay tuned to your Tech-Savvy Lawyer as we navigate through this together!

MTC