During the American Bar Association’s Midyear Meeting, held Feb. 5 to Feb. 10 in Chicago, a Saturday Feb. 8 panel entitled “Critical Cyber Issues Affecting you Today” will tackle “applicable laws and the relevant ethical standards” related to digital threats.
While experts point out the existing threats to law firms are generally no worse than other corporations, retail outlets and the government, the potential for information falling into the wrong hands could yield myriad privacy, ethical, security and business concerns for law firms.
“One challenge unique to lawyers is that part of the ethical obligations of a lawyer is to keep client information confidential. A law firm that ignores cybersecurity may not be in a position to promise its clients that their communications and sensitive … will be kept confidential,” Sills said.
“Major law firms have previously been breached and had private e-mails leaked. Law firms are rich targets because they receive sensitive data from clients in many different industries. They hold data regarding upcoming plans, including mergers and acquisitions, contract negotiations, and patent applications for new technologies, as just a few examples.”
Law firms also face substantial long-term risks, Sills said, as sometimes breaches go undetected. Once a client’s information is stolen, the law firm’s reputation may be tarnished preventing that firm from picking up new clients, he said.
Jill D. Rhodes, vice president and chief information security officer for Trustmark Companies, and author of "The ABA Cybersecurity Handbook: A Resource for Attorneys, Law Firms, and Business Professionals," warns the threat of cyber attacks is applicable to “anyone who is attached to a computer, a system, and the Internet.”
She said: “Often, smaller organizations think that they are immune from the threat due to their size and the ‘why would anyone want to hurt us’ thinking. In fact, the perpetrators of cyber crimes don't necessarily care about the specific organization they are attacking. They want to find data, and attack computers in a way that will allow them to take over networks, steal information, and conduct additional attacks on what would appear to be coming from the organization they have actually infiltrated.”
Ruth Hill Bro, 2008-2009 Chair of the ABA Section of Science & Technology Law and current chair of SciTech Section's Membership and Diversity Committee said law firms may be less prepared to handle cyber threats, given that other companies and the government have had more attention and media coverage, and ultimately more awareness of the issue, and have spent more time dealing with the threats.
She also said one of the keys to addressing the problem is realizing the ethical responsibility to protect clients’ data. “The stakes are high for any entity facing a cyber attack, but lawyers have obligations to protect data that go beyond the bottom line. All lawyers have an ethical duty to safeguard their clients' confidential information,” she said.
“Moreover, a lot of what a lawyer does has to do with keeping client confidences, reviewing sensitive data, and providing advice subject to attorney-client privilege," she continues. "A data breach can shatter the trust between a business and its clientele. It's harder to rebuild that trust where the very nature of the relationship depends on confidentiality and safeguarding information-- as opposed to a business whose relationship with the customer is built on selling office supplies or fashionable clothing.”
Other topics covered at the Midyear Meeting include the Defense of Marriage Act, LGBT rights, the Sochi winter Olympics and legal education. There will also be a meeting of the ABA House of Delegates, the association’s policymaking entity, at 9 a.m., Feb. 10 at the Hyatt Regency in Chicago.
Dan Sabbatino is an award winning journalist whose accolades include a New York Press Association award for a series of articles he wrote dealing with a small upstate town’s battle over the implications of letting a “big-box” retailer locate within its borders. He has worked as a reporter and editor since 2007 primarily covering state and local politics for a number off publications.Last modified on Monday, 03 February 2014