On January 26, 2012, the North Carolina State Bar Ethics Committee met and finally approved the revised opinion on the use of cloud computing or software as a service. Of course we’re all using this technology already (do you use a smart phone?), so you might think the Ethics Committee is a bit slow on the uptake. Believe it or not, other states have been waiting and watching us for guidance. The newly adopted final ethics opinion, 2011 Formal Ethics Opinion 6, permits the use of cloud computing, or software as a service, so long as the lawyer uses reasonable care to safeguard confidential client information. This time the opinion really does leave it to the attorney’s discretion and good judgment to determine what cloud vendor to use and how to go about taking precautions to help ensure no client information is lost or taken. Gone are the 23 questions that a lawyer had to be able to answer about the vendor before proceeding into the cloud. Instead, the opinion lists a manageable five (5) recommended security measures that a lawyer may consider when shopping around for a cloud vendor. Given that this is a rapidly changing and evolving technology, the general reasonableness approach makes sense and ensures that the opinion won’t be obsolete in say. . . 28 minutes from now.
At the time of this post, the ethics opinion can be found here.