LIVING IN THE CLOUD:
LAWYERS, TECHNOLOGY
AND ETHICS
HON. MITCH DEMBIN
U. S. MAGISTRATE JUDGE
SAN DIEGO
STARTING POINT
• Rule 3-110, California Rules of Professional Conduct
• A member of the bar shall not intentionally, recklessly, or repeatedly fail to perform
legal services with “competence.”
• “Competence = diligence, learning and skill, and mental, emotional and physical
ability reasonably necessary to perform the task.” (New Rule 1.1)
• If without sufficient learning and skill, the lawyer may perform the service by
associating with or consulting with a skilled lawyer or by acquiring the skills.
• Duty of competence includes the duty to supervise the work of subordinate
attorneys and non-attorney employees or agents.
• As of Nov 1, new Rule 5.3 codifies requirement that lawyers are responsible for
violations of lawyer’s ethical responsibilities by non-lawyer assistants (not limited to
technology).
RELATED DUTY OF CONFIDENTIALITY
• Rule 3-100: A member shall not reveal information protected from disclosure
by Business and Professions Code section 6068, subdivision (e)(1) without the
informed consent of the client . . . . (new Rule 1.6).
• Storing and accessing client data
• Communications with client
GUIDANCE FROM THE BAR
• Formal Opinion 2010-179: Duty of Confidentiality.
• Associate lawyer uses laptop containing client data to work and to communicate
with client from public wifi and home.
• Factors to consider: Attorney’s ability to assess the security afforded the technology
being used; Legal ramifications to 3d parties for obtaining unauthorized access;
Sensitivity of the information; Impact to client if information compromised; Urgency
of the situation; and, Client instructions.
• Findings: Use of public wifi problematic; Use of laptop at home not problematic if
home wifi appropriately secured.
MORE GUIDANCE FROM THE BAR
• Formal opinion 2015-193: Competence requires attorney to: Promptly assess
eDiscovery needs and issues; Advise client regarding preservation options and
implement appropriate ESI preservation; Understand client’s systems and
storage; Identify ESI custodians; Meet and confer with opposing counsel
regarding eDiscovery plan; Perform data searches; Collect responsive ESI
reasonably.
• Failure to supervise client’s IT staff problematic.
• Failure adequately to protect privileged information problematic.
BAD MOON ON THE RISE
• Dropbox and similar, insecure technologies
• Reversible Redactions
• Vendor Contracts and Supervision
• Working from Home
• Bad User!
• Ransomware
PRACTICAL ADVICE
• Consider using NDCA ESI Meet and Confer Checklist
• Useful for discussions with client, not just opposing counsel.
• Develop repeatable processes
• See a problem? Address it!
• Consider legal tech CLEs
• Learn on your own
• Become an asset
QUESTIONS?