For a while there, it looked as if the State Bar was going to require all law firms using any kind of personal mobile technology to adopt a BYOD (Bring Your Own Device) policy. Ethics Committee members and others, however, expressed concern that a Formal Ethics Opinion would serve to micromanage lawyers. Furthermore, because technology was changing so rapidly, any ethics opinion, trying to direct how attorneys should protect mobile devices containing client confidential information, could become obsolete in a short time frame. Besides, lawyers already have a duty to stay abreast of changes in technology as part of Rule 1.1 (Competence). So, at its January 2016 meeting, the Ethics Committee instead voted to publish an article, in lieu of an ethics opinion, providing guidance to attorneys on how protect client confidential information on mobile devices by adopting such a policy.
One thing I learned from sitting in on the Ethics Committee meetings, was that the “apps” or applications that you download (think Facebook, LinkedIn, etc.) can access your contacts if you let them. There are some applications that specifically ask if you will allow them to access your contacts, but there are others that may not. That’s a bit scary. If you are like me, you may have your client contact information on your smartphone. I had not previously given much thought to my applications, although my M.O. is to say no to everything: can we access your location? – NO; can we access your contacts? – NO; can we access your pictures? – HECK NO.
Stay tuned for this ethics article in your State Bar Journal that will provide lots of insight and advice on protecting your mobile device and your client’s information. In the meantime, when in doubt, just say NO.