Much electronic ink has been spilled in the pages of Slaw over the need for lawyers to up their game when it comes to using technology. In a previous column, I argued that “while technological competence might once have been properly seen as a helpful but optional skill set,….[it] is now essential to delivering effective and ethical legal services”, but then hedged, “[e]xactly what type of technological competence a lawyer needs to have has been debated and, presumably, will constantly evolve as technology itself evolves.” Both of these observations seem unavoidably true. The problem is, however, they only take us so far.
Left underexplored is a key question: what do we mean on a conceptual level when we talk about an ethical duty of technological competence? Slaw contributors have provided helpful guidance on what technological competence might mean in a practical sense. For instance, Mitch Kowalski and Omar Ha-Redeye have explored minimum tech standards for lawyers and emphasized, among other things, the importance of basic competence with word processing software and the need to use appropriate password protection. Dan Pinnington has highlighted various technological risks that lawyers face (like cyber-extortion and phishing scams). David Whelan and David Bilinsky have kept us apprised of developments cloud computing and the use of encryption technology (among many other things!). It is clear that lots of people are thinking practically about how lawyers should use technology. But how does this practical guidance relate to the way we might conceive of an ethical duty to use technology competently? How should lawyer regulators understand what they are regulating when they regulate lawyer technological competence?
Extrapolating from the topics discussed above, we might posit that an ethical duty to use technology competently requires: (1) the incorporation of certain technologies in a law practice to ensure effective and efficient client service, and (2) awareness of and safeguarding against external technological threats. These two requirements seem reasonable and, indeed, are consistent with existing ethical duties regarding quality of service and confidentiality.
Simple enough? Maybe not. As with many things lawyerly, added complexity is not hard to summon up. One thing complicating matters is the fact that different kinds of legal practice will require different technological solutions. A recent survey of the 30 largest Canada-based law firms produced by the Law Firm Risk Roundtable reports that on average such firms manage between 500-1000 conflicts-driven ethical screens and information barriers. The technological needs of these large firms in terms of managing conflicts are obviously quite different than those of a solo practitioner operating a small practice. The client perspective must also be considered. A 2014 resolution passed by the Canadian Bar Association concluded, “for people with literacy challenges, or those with limited access to or familiarity with technology, technological tools may be less useful or even disempowering without actual ‘human help’”. Just as there is no one-size-fits-all-firms solution when it comes to technology, there is no one-size-fits-all-clients solution either.
Our current general definitions of lawyer competence do not offer much assistance out of the weeds. At the most general level, law society professional codes of conduct discuss lawyer competence in terms of having and applying relevant knowledge, skills and attributes in an appropriate manner (see, for example, Rule 3.1-1 of the Federation of Law Societies of Canada’s Model Code of Professional Conduct). In civil malpractice claims, the standard of care is understood as being that “of the reasonably competent solicitor, ordinary competent solicitor and the ordinary prudent solicitor.” While tethering competence to “relevant”, “appropriate” or “ordinary” practice might make sense when it comes to well-worn techniques or behaviours within a professional community, it doesn’t easily extend to technological competence where the average level of knowledge and skill among lawyers is variable and generally seen as “woefully deficient”. Gravitating towards the average also doesn’t seem to make sense when it comes to technology and the need for bespoke solutions depending on firm size and client need.
What might be a better way forward? Some hope lies in compliance-based regulation. As described in a recent report from the Law Society of Upper Canada’s Professional Regulation Committee, compliance-based regulation is “an outcomes-focused approach to regulation….[whereby] [t]he regulator sets out expected outcomes and provides flexibility to firms as to how the outcomes are achieved.” Such an approach could accommodate, for example, the need of large and small firms to employ differing approaches to using technology to manage conflicts. It would also allow firms to tailor their use of practice technology to specific client needs.
However, given that a compliance-based approach allows lawyers to chart their own paths in order to meet ethical obligations, a necessary first step must be increasing the technological literacy of most lawyers. Lawyers won’t be in a position to craft tailored technological solutions to ensure compliance with ethical duties if they don’t understand the technology or risks at issue. The task of increasing technological literacy is not a small one – a number of stakeholders must all take some responsibility. One idea: why not make Technology 101 part of law school and/or lawyer licensing curriculum, if not a required CPD course for currently licensed lawyers? With so much for us all to learn in the area of technological competence, we don’t have the luxury of being resistant to or afraid of making the teaching of it a priority.