By Meredith P. Montrose and Andrew A. Servais
Since Gov. Gavin Newsom issued the Shelter-in-Place Order on March 19, 2020 in response to the Coronavirus Pandemic, many lawyers have transitioned to a virtual practice. Despite current uncertainty and chaos, lawyers’ ethical duties to their clients remain the same. Perhaps no duty carries with it more challenges during the pandemic than the Duty of Confidentiality as outlined in California Rule of Professional Conduct 1.6, specifically as it pertains to the technology used by lawyers to continue practicing law remotely.
A tool which has become increasingly popular since the social distancing measures were put in place is videoconferencing. While this technology has proven useful in facilitating virtual mediations and depositions, it comes with a new set of obstacles for lawyers in maintaining duties of confidentiality. Unprepared lawyers unfamiliar with the technology may be susceptible to inadvertent disclosures of confidential information. Lawyers should understand the technology before using it to avoid breaching duties of confidentiality.
For example, the popular platform, Zoom, allows the host of a videoconference to record and monitor the videoconference. Zoom also allows private messaging between individual participants. What many users are not aware of is if the host has recorded the meeting, those private communications are saved in a “meeting minutes” folder along with recording the videoconference. Then, anyone with access to the folder can review the chat. A lawyer should be mindful that any “private” communications in the chat function of the app may not be as private as they seem. Not only should lawyers themselves know the technology before using it, but a prudent lawyer should advise his client of potential lack of privacy on these platforms.
If a lawyer does want to record a meeting, she must get clear consent from all parties on the videoconference. California Penal Code section 632 criminalizes the recording of any confidential communication without the consent of all parties. While any participant is required to state if they were recording a videoconference, out of abundance of caution, it would be prudent to clarify during the conference whether a participant is recording.
Another way confidential information might be shared on videoconferencing apps is through screensharing. Screensharing is a useful function that allows a participant to display his screen with the other participants in the conference, but there is a risk of screensharing and displaying a confidential document to the entire videoconference. To err on the side of caution, lawyers should make sure to close all unnecessary windows to avoid inadvertently screensharing any confidential information and warn their clients to do the same.
The increased use of videoconferencing technology has come with an increase of hackers hijacking videoconferences. Videoconference hijacking became a significant enough problem to warrant the attention of the FBI, which issued a warning about hacking on March 30, 2020. The FBI recommended users try to mitigate teleconference hijacking threats including making the meeting private, requiring a password to control the admittance of guests, providing the meeting link directly to specific people, managing screensharing options and ensuring users are using the updated version of remote access/meeting applications. While it may seem an unlikely scenario, protecting your videoconference from a hacker is an easy adjustment and worth the time.
As the legal profession adjusts to the “new normal” while working from home, it is the lawyer’s responsibility to learn how to ethically use new technology and navigate the potential pitfalls to avoid violating the duty of confidentiality.
Meredith P. Montrose is an Associate at Wingert, Grebing, Brubaker & Juskie LLP.
Andrew A. Servais is a Partner at Wingert, Grebing, Brubaker & Juskie LLP.
This article was original published on the SDCBA website. Click here to view.
**No portion of this summary is intended to constitute legal advice. Be sure to perform independent research and analysis. Any views expressed are those of the author only and not of the SDCBA or its Legal Ethics Committee.**