Technologist - The FindLaw Legal Technology Blog

ABA's New Email Opinion: A Quick Primer

After Yahoo announced hackers got into 1.5 billion email accounts last year, you had to know it was coming: new rules for lawyers to protect email communications with clients.

The American Bar Association has issued an ethics opinion, which says that attorneys need to consider more secure methods for electronic communications. It is basically a self-test, focusing on the sensitivity of the information and need for additional safeguards on a case-by-case basis.

"[F]act-based analysis means that particularly strong protective measures, like encryption, are warranted in some circumstances," the Standing Committee on Ethics and Professional Responsibility said.

Tales from the Encrypted

It may be frightening to some -- especially cash-strapped, time-starved lawyers -- that they may have to invest in encryption technology to protect client communications. But it is not as bad as it sounds.

The committee said that unencrypted email may be appropriate for routine or low sensitivity communications. However, they cautioned that "cyber-threats and (the fact that) the proliferation of electronic communications devices have changed the landscape...it is not always reasonable to rely on the use of unencrypted email."

Nicole Black, writing for Above the Law, said new standards have been a long time coming. The ABA and state bar associations have raised the cybersecurity issue for years.

"In due course, I expect that many other states will soon do the same," she said.

Cybersecurity 101

Fortunately, most email services provide encryption for email as a routine matter. The Electronic Frontier Foundation offers a primer on such end-to-end encryption, which is secure communications between two users.

For example, web browsers like Chrome and Firefox support HTTPS, or transport-layer encryption for accessing email remotely. You can see it in the URL line, i.e. https://mail.google.com

"You can tell that your email provider supports HTTPS if you log in to your webmail and the URL at the top of your browser begins with the letters HTTPS instead of HTTP," says the EFF.

The safest way to communicate -- without hackers or eavesdroppers listening -- is probably in-person. That is an option, too, under the new ethics opinion because the rules "do not impose greater or different duties of confidentiality based upon the method by which a lawyer communicates with a client."

Want information on effective advertising? Let the experts at FindLaw's Lawyer Marketing give you a hand.

Related Resources: