../oct99/ABA%20Home%20Page

BLAST
Section of Science and Technology
750 North Lake Shore Dr.
Chicago, IL 60610

 

Editor-in-Chief
pebailey@icfkaiser.com

Associate Print Editor
ljohnson@roylance.com

Associate Online Editor
sanyin_siang@hotmail.com

 

Contact Section
sciencetech@abanet.org

 

Section of Science and Technology Officers

Chair
smedinghoff@bakernet.com

Chair-Elect
bfought@connectix.com

Vice Chair
rocampo@worldnet.att.net

Secretary
sam_byassee@shmm.com

Budget Officer
rbutler@wrf.com

Section Delegate
eflannery@cov.com

Immediate Past Section Chair
scott_partridge@bakerbotts.com

Section Past Chair Liaison
blackb@hughesluce.com
The Bulletin of Law, Science and Technology
The ABA Section of Science and Technology
Main Page Current Issue Current Issue Page 1Current Issue Page 2Current Issue Page 3Current Issue Page 4 Archives
     

IN THIS ISSUE MAY 2000

SPECIAL INSERT:
EMAIL COMMUNICATION FOR CLIENT MATTERS - A MULTINATIONED SURVEY

By Lance Johnson, Kojiro Furusawa, Juan Carlos Ojám, Steven L. Nemetz, Andrew Braithwaite, and John Dean

Communications via computer network messaging (popularly known as "email") have become widely used in the U.S. and are expanding throughout the world as the Internet computer network expands. Where multinational corporations and law firm previously required specialized telephone or satellite links, the Internet network can eliminate the need for these additional costs. The same is true for law firms in practice areas with international needs (IP law, international trade, etc.) that have developed a network of associated local firms to meet those needs. Documents must often be sent between or among offices quickly in order to meet deadlines and establish filing dates.

But do the documents retain a "confidential" status when moved through the Internet network as attachments to email? Is confidentiality affected if the email communications are sent between countries (a situation often encountered in patent, trademark, and international licensing matters)? Can clients ask their lawyers for advice in an email? Can the lawyer reply by email? Those who provide advice and counsel as a living must pay particular attention to the form of communication used to discuss matters with clients. Use of an unsecured communication method can waive any privilege associated with the communication and may subject counsel to allegations of ethical violations.

The following is a survey of the status accorded confidential communications sent by email.

UNITED STATES
By: Lance Johnson Roylance, Abrams, Berdo & Goodman Washington, D.C. LJohnson@Roylance.com

Email communications by U.S. lawyers are governed by the ethical obligation to protect confidential client information according to Model Rule 1.6. The issue is whether email communi-cations handed computer-to-computer through a network of individual machines under the control of unknown corporations and individuals retain an expectation of confidentiality for the message contents. The unsecured nature of such an infrastructure means that interception of a message in transit is tech-nically possible albeit logistically difficult.

Email communications initially faced skepticism and criticism in a couple of summary opinions from a handful of state bar ethics opinions. Most held that email could be used only with advance written permission from the client or some form of encryption. See, South Carolina Ethics Advisory Opinion 94-27. Bar counsel from other states issued their own opinions, often with opposite results. Email could be used freely between attorneys and their clients without advance approval or encryption. See Vermont Bar Ethics Opinion 97-5. (A collection of links to State bar counsel ethics opinions on email can be found at http://www.legalethics.com.)

Thus, the United States was a fractured landscape when it came to email communications. Clients in some states could use email communications with an expectation of confidentiality, while those in other states could not without additional steps. One could only speculate about the status of communications sent internationally. protect cellular telephone communi-cations, the Electronic Communications Privacy Act of 1986 (Pub. Law 99-508 codified at 18 U.S.C. §§ 1367, 2510-2521, 2701-2710, and 3121-3126). The language pertaining to email interception is found at 18 U.S.C. §§ 2701(a) and 2702(a). This law bars the interception of electronic communications in transit to their designated destination with language broad enough to cover cellular phone transmissions as well as email communications.

The Electronic Communications Privacy Act established a standard of conduct for a presumption of lawful behavior in connection with electronic communications. In its wake, state bar opinions have been changed and now reflect a consensus that regular internet email can be used for privileged client communications without need for specialized encryption systems. Compare South Carolina Ethics Opinion 94-27 (email not permitted) with South Carolina Ethics Opinion 97-08 (email permitted without encryption specifically citing the Electronic Communications Privacy Act).

The American Bar Association also has issued an extensive and well reasoned opinion (Formal Opinion 99-413 dated March 10, 1999) approving of email for confidential and privileged communications:

The Committee believes that e-mail com-munications, including those sent unencrypted over the Internet, pose no greater risk of interception or disclosure than other modes of communication commonly relied upon as having a reasonable expectation of privacy. The level of legal protection accorded e-mail transmissions, like that accorded other modes of electronic communication, also supports the reasonableness of an expectation of privacy for unencrypted e-mail transmissions. The risk of unauthorized interception and disclosure exists in every medium of com-munication, including e-mail. It is not, however, reasonable to require that a mode of communicating information must be avoided simply because interception is technologically possible, especially when unauthorized interception or dissemination of the informa-tion is a violation of law.

The Committee concludes, based upon current technology and law as we are informed of it, that a lawyer sending con-fidential client information by unencrypted e-mail does not violate Model Rule 1.6(a) in choosing that mode to communicate. This is principally because there is a reasonable expectation of privacy in its use.

UNITED KINGDOM
By Andrew Braithwaite Osborne Clarke Bristol, England andrew.braithwaite@osborneclarke.com and John Dean Withers & Rogers Bristol, England john_dean@withersrog.com

The UK Government has set itself a target: 25% of its services should be available electronically by 2002. Is this an aim Solicitors and Patent and Trade Mark Attorneys should strive for as well? In the U.S., the issue of confidentiality and professional privilege have been debated, and the American Bar Association has opined. Here in the UK, the pro-fessionals have been left to make up their own minds.

PRIVILEGE AND CONFIDENTIALITY
As a general rule letters and communications are protected by legal privilege if they are: between a client and his solicitor; made confidentially; and written to or by a solicitor in his professional capacity for the purpose of requesting or receiving legal advice.

For communication to be made "confidentially" it cannot be made in the presence of strangers unless it was intended to be confidential or made in the presence of a third party as a matter of necessity. Is com-munication by e-mail made in the presence of a third party because it will pass through one or more servers owned and controlled by parties outside the client-solicitor relationship? In theory, it is possible for these third parties to access the information before it reaches its final destination. However, how does this make it any different from a letter which passes through the hands of a number of individuals before it is delivered to the addressee? Should an e-mail encoded by encryption not be considered safer than a letter which is covered only by a paper envelope?

The question of whether e-mail communication attracts privilege or is in breach of the Solicitors' duty of confidentiality cannot be answered conclusively, until the UK Courts have delivered a judgement on this point. For the time being the guidelines published by The Law Society on "Professional Ethics and IT" advise Solicitors to take measures which, according to their professional judgement, are "reasonable to ensure confidentiality of their clients' affairs". Although in the guidelines it is admitted that "Internet e-mail is probably as secure as many other ways Solicitors choose to communicate", it is recommended to take clients' instructions as to the best means of communication and to transmit highly confidential or sensitive material by means other than e-mail.

Using encryption seems to be a service solicitors should offer their clients as it prevents unintentional disclosure, prevents arguments about an implied waiver of privilege for being transmitted via a public medium, and thus ensures that a solicitor has complied with his duty of confidentiality.

Another option, not mentioned in the guidelines, which may fulfill the same objective as encryption, would be to extend client's extranets to include legal advisers and create a secure transmission link.

In so far as other professionals are concerned, communications between patent or trade mark attorneys and their clients in relation to their field of professional activity attract the same level of privilege as do communications between solicitors and their clients for the purposes of legal proceedings in the UK.

PRESENTATION AND PROFESSIONAL REGULATION
Professional firms should guard against sloppy presentation, as the informal nature of e-mail is liable to encourage a climate of disregard for conventions. Perhaps presentation and style guidelines can be implemented, to complement those applicable to written correspondence. There also exists a danger that e-mail correspondence is not subjected to the usual professional review checks.

At present the UK Law Society Rules have limited application to use of e-mail:

Practice Rule 13: Rule 13 imposes a duty on solicitors that a law firm should be properly supervised according to certain minimum standards, including the arrangement made for principals to see incoming mail. Although it is appreciated that there is no duty for any principal to see all incoming mail, the Law Society recommends that principals should have in place an arrangement enabling them to monitor incoming e-mail from time to time in order to avoid a potential breach of Practice Rule 13.

Publicity Code: Although the Law Society is currently of the opinion that e-mails are not professional stationery, it is recommended to ensure that the Solicitor's practising address is given to any third party communicated to via e-mail at an early stage. Whether e-mails are considered to fall within the definition of "publicity" depends on the e-mail's contents. Mail shots and other material promoting the firm or individuals to businesses could amount to advertising and would therefore be subject to the Publicity Code. Unlike unsolicited phone calls, unsolicited e-mails are not prohibited by the Publicity Code due to their less intrusive nature.

The various professional bodies governing the practice of Chartered and European Patent Attorneys and Trade Mark Attorneys do not deal with the question of whether Internet e-mail is a proper form of communication between such attorneys and their clients.

E-Commerce Bill
Although, as mentioned above, the subject of e-mail and privilege/confidentiality remains unsettled in the UK Courts, the UK Government has attempted to provide guidance in some areas in the Electronic Communications Bill, which is currently being debated by Parliament.

Despite the Government's target mentioned above, to provide services electronically, its approach taken with regard to the regulation of e-commerce has been highly criticised by British Industry who believe that the proposed Bill imposes unnecessary regulation not beneficial to promoting e-commerce.

With regard to encryption, the Bill originally envisaged a scheme for statutory regulation for providers of encryption services. It has now been announced that these authentication services will be self-regulating.

This will hopefully make these encryption services readily available to all solicitors who are not prepared to take the risk and wait for the UK courts to decide whether e-mails are confidential or protected by professional privilege, but who are keen to protect their clients' interest by giving them the choice of communicating via encrypted e-mails.

AUTHENTICITY AND DISCOVERY
Although e-mail has not been specifically considered by the UK Courts, it is likely that a scanned electronic version of a signature may be acceptable authority on behalf of the sender of a fax. However, the recipient of e-mail is always going to question the authenticity of the message until the introduction of digital signatures, accompanied by authentication certificates.

Finally, an often ignored aspect of the common use of e-mail in the professional office is how it has replaced discussion. If an e-mail is used to replace an internal unguarded conversation, it will create a written record that may be subject to legal disclosure. This could give rise to some damaging material that was intended only for internal consumption.

INTERNET E-MAIL AS A PUBLIC DISCLOSURE?
Of particular concern to patent attorneys in the UK and Europe is the question of whether communication of details of an invention in an Internet e-mail before the filing of a patent application constitutes a public disclosure that could invalidate a subsequent patent obtained from the British or European Patent Offices. Both Patent Offices require absolute novelty i.e., except for certain limited exceptions, an invention must not be publicly-disclosed before a patent application is filed. Given that it takes an active step to intercept Internet e-mail it may be considered unlikely that such details would be considered to be publicly-disclosed but this point has apparently not yet been tested in either the Patent Office or the Courts in the UK. In the meantime the use of encryption or the development of extranets including the client and its advisors would minimize the risk of information leaking out. [C]onfidential information given by attorneys to, and held by, clients does not enjoy any special legal protection.

Certainly a finding that the contents of an Internet e-mail constituted a public disclosure would instantly render invalid many patents already obtained by organizations such as Universities and start-ups in the high technology fields which have been major users of Internet e-mail for some time.

Where it comes to light that an e-mail has been intercepted and the contents made publicly-available, a patent application should be filed within 6 months of the disclosure as it may be considered an "evident abuse in relation to the applicant or his legal predecessor"(Article 55 European Patent Convention) or to have "been obtained unlawfully or in breach of confidence" (Section 2 The Patents Act 1977).

Although the British and European Patent Offices are allowing some communications with Examiners and other staff through Internet e-mail, currently the filing of documents in connection with patent applications through Internet e-mail is not allowed in the UK and European Patent Offices. The EPO is expected to bring in an encryption based system for filing applications through the Internet shortly.

JAPAN
By: Kojiro Furusawa Yuasa and Hara Tokyo, Japan KOJIROFU@YUASA-HARA.COM

In Japan, there is no statutory or de facto standard rule regulating the use of e-mail by attorneys for communications with their clients. To our knowledge, neither the Japanese Supreme Court, the Diet, nor the government and professional associations such as the Japan Federation of Bar Associations and local Bar Associations (collectively, Public Bodies) has any special view or concern about this matter.

Japanese attorneys are subject to statutory and moral obligations to protect the confidential information of their clients. Confidential information given by clients to, and held by, attorneys is exempted from duties to disclose before the court under the Japanese Civil Procedure Code (Law No. 108; June 26, 1996). However, confidential information given by attorneys to, and held by, clients does not enjoy any special legal protection.

The Public Bodies are unlikely to be concerned about confidential information included in e-mail communications between attorneys and clients. Thus, the use of e-mail by attorneys for communications with their clients is left to the care of each attorney and client. Attorneys, clients, and the Public Bodies all understand, however, that the internet-based, e-mail communication system in use currently does not have a sound and reliable security system and may be illegally intercepted.

In Japan, the Telecommunications Business Law (Law No. 86; December 25, 1984) and the Wire Telecommunications Law (Law No. 96; July 31, 1953) prohibit interception or interference of communications using electronic devices. The former protects telephone communications including mobile phones, and the latter protects other telecommunications using a wire, for example, Internet communications via cabled networks, such as those used for television and/or data. Although these regulations were enacted prior to the establishment of e-mail communication systems, such statutory protection covers e-mail communications.

ARGENTINA
By Juan Carlos Ojám Clarke, Modet & Co. Buenos Aires, Argentina JCOJAM@CLARKE-MODET.COM.AR

Article 18 of the National Constitution establishes that mailed correspondence is inviolable. One of the punishable offenses established by the Penal Code is the violation of secrets. Section 153 establishes the penalty of imprisonment for anyone who unduly opens mail, even though it may not be sealed. In Section 155, the Penal Code establishes a fine for those who, being in possession of mail other than advertising, made it public even if addressed to themselves, if such deed should cause or might cause damage to third parties.

Section 13 of the Law Practice Act No. 22.192 establishes that one of the duties of lawyers is to maintain professional confidentiality. Additionally, section 6 of the Law Practice Act No. 23.187 of the Federal District establishes that one of the duties of lawyers is to adhere to the principle of professional secrecy, except where reliably authorized by the party concerned.

There are no statutes regulating the use of electronic mail by lawyers in their communications with their clients. The only applicable rule is the duty to keep professional secrecy with respect to their clients' confidential information and the Penal Code rules regarding the violation of secrets.

The only precedent found in case-law with respect to electronic mail (Criminal and Correctional National Court of Appeals, Division IV, March 4, 1999 - Lanata Jorge, on case dismissal), does not deal with a breach of the professional secrecy duty; instead it refers to undue appropriation of correspondence sent by electronic mail and applies sections 153 through 155 of the Penal Code, stating that electronic mail actually is an up-dated version of mail.

The duty to keep professional secrecy appears to imply that lawyers should take the necessary precautions of diligent, prudent action in order to prevent the disclosure of their clients' confidential information. On that understanding, a lawyer shall take reasonable measures to maintain all secret and confidential information properly safeguarded.

Just as information is kept in safe-deposit boxes or private, confidential papers are carried in briefcases locked with security codes, or confidential conversations over cordless or cellular telephones are avoided, reasonable precautions should be taken with respect to the e-mail.

In this sense, it would be appropriate to advise clients of the confidentiality risks that may be involved in e-mail communications and to suggest they convey any confidential information using encrypting methods. On the other hand, it is appropriate to have "firewalls" to prevent hackers' access to confidential information sent by clients to the lawyer's or law firm's servers.

CANADA
By Steven L. Nemetz Sim, Hughes, Ashton & McKay Toronto, Canada NEMETZ@SIM-HUGHES.COM

Guidelines are currently being formulated in Canada regarding the use of e-mail by lawyers for communication with their clients. Properly used, e-mail is an efficient form of communication. The Canadian Bar Association recognized early on that the Internet can provide an inexpensive communication vehicle between clients and their counsel, and is particularly helpful for long distance communications between varying time zones; the latter factors being features of both domestic and global law practices. As experience with new technology accumulates, however, new challenges, such as the protection of solicitor and client confidentiality, have arisen.

The legal profession in Canada is self-regulated by governing bodies constituted by statute in each of Canada's ten provinces and three territories. The codes of professional conduct of the various provincial law societies in Canada require that a lawyer keep client information confidential. The ethical rule requiring a lawyer to hold in strict confidence all information concerning a client's business and affairs acquired in the course of the professional relationship is distinguished from the evidentiary rule of lawyer and client privilege with respect to oral or documentary communications passing between the client and the lawyer. The ethical rule is recognized as being wider and as applying without regard to the nature or source of the information or the fact that others may share the knowledge. For lawyers to be conscientious about their duty with regard to confidentiality of information, they must be aware of where any risks to confidentiality might lie through the uses and manipulation of technology. Implicit in this duty of confidentiality is the requirement for the lawyer to guard the security and integrity of information being communicated, be it by e-mail or by some other means of communication.

Initially with the advent of e-mail technology, there was much debate concerning the risks to client confidentiality inherent in the technology. Vulnerability identified with the technology included the risk of interception, forgery, and the transmission of computer viruses. Some early critics likened e-mail to sending a postcard, in that anyone handling the mail could read it. Consultants recommended lawyers advise clients about the security risks inherent in using e-mail and the use of encryption software to ensure that only those entrusted with the right key could decode the message.

The governing bodies of the legal profession in Canada have begun to issue guidelines dealing with the use by lawyers of e-mail to communicate confidential client information. In February 1998, the Benchers of the Law Society of Alberta approved a report entitled Guidelines on Ethics and the New Technology. These guidelines include a section addressing the issue of confidentiality and the Internet. They also note that a lawyer using electronic means of communication must ensure that communications with or about a client reflects the same care and concern for matters of privilege and confidentiality normally expected of a lawyer using any other form of communication. The following was noted in these guidelines:

First, both the lawyer and the client can choose to use an electronic means of com-munication, including the Internet, cellular telephones, and fax machines, as a means of communication in the solicitor-client relationship. The use on the part of the client or the lawyer may be said to be an implied invitation to use or respond via the same electronic means.

Second, while initially there seems to have been much debate on this topic, the better view today is that there is no basis to conclude that Internet communications are any less private than those using traditional land-line telephones. There does not seem to be a ready and apparent danger that e-mail is less confidential than fax machines or cellular telephones, so anyone using the Internet to communicate has a reasonable and justified expectation of privacy, and it cannot be said as a simple rule that a lawyer must encrypt anything that the lawyer believes the client would not want to read in the local newspaper.

Third, lawyers communicating on the Internet without encrypting their trans-missions do not violate the principle of confidentiality. While encryption makes theft or interception more difficult, even strong encryption can be technically defeated. The vulnerability to theft and interception therefore remains. However, in ordinary circum-stances, a lawyer is not expected to anticipate the criminal activity of theft of solicitor-client communications on the Internet any more than mail theft.

These guidelines caution lawyers using such tech-nologies to develop and maintain a reasonable awareness of the risks of interception or inadvertent disclosure of confidential messages and how they can be minimized. Encryption software is available and must be used, if electronic means of communication are used, for those confidences that may be so valuable or sensitive that it is in the client's interest to take the extraordinary step of encrypting to protect them. The guidelines conclude that when using electronic means to communicate in confidence with clients or to transmit confidential messages regarding a client, a lawyer must:

(a) develop and maintain an awareness of how technically best to minimize the risks of such communications being disclosed, discovered, or intercepted;

(b) use reasonably appropriate technical means to minimize such risks;

(c) when the information is of extraordinary sensitivity, advise clients to use encryption software to communicate with their lawyer, and use such software;

(d) develop and maintain such law office management practices as offer reasonable protection against inadvertent discovery or disclosure of electronically transmitted confidential messages.

In June 1998, the Ethics Committee of the Law Society of British Columbia advised its members that it was of the opinion that the nature of e-mail transmission on the Internet and the fact that its unauthorized interception is prohibited by law create a high expectation of privacy for the information contained in the message. In their view unless unusually sensitive information is being transmitted that requires enhanced security measures, it is not a violation of a lawyer's duty of confidentiality to transmit confidential, unencrypted client information by e-mail over the Internet.

Nonetheless its lawyer members were advised to take special precautions when transmitting information by e-mail because of the novelty of e-mail transmission for business purposes, uncertainty regarding whether privilege may be lost through interception, and the potential for serious business losses and other losses as a result of an interception. Moreover, lawyers also were advised that confidential infor-mation transmitted by e-mail should contain a clause that claims confidentiality. Additionally, it was recommended that clients should be informed about the potential risks of e-mail transmission and their consent sought to its use, as properly informed clients may wish to protect confidential information by declining to use e-mail or by having e-mail communications encrypted.

More recently the executive committee of the Federation of Law Societies of Canada, the umbrella organization of the thirteen governing bodies of the legal profession in Canada, received for discussion purposes a draft set of guidelines on ethics and new technology which closely follows those approved by the Law Society of Alberta in connection with confidentiality and the use of e-mail. Other provincial law societies in Canada are currently considering this issue and it can be expected that the recent formal opinion issued by the American Bar Association Standing Committee on Ethics and Professional Responsibility, concerning protecting the con-fidentiality of unencrypted e-mail, will be given consideration in the preparation of their guidelines. Of note is the recent recognition by one Canadian court of a reasonable expectation of privacy in Internet e-mail, which is the premise upon which the ABA opinion and other recent guidelines have been developed.