When I suggested ten years ago that email would become the principal means by which clients and lawyers would communicate, many people suggested I was dangerous, that I was possibly insane, that I should not be allowed to speak in public, and that I certainly did not understand anything about security or confidentiality but [email] technology and many other emerging technologies have now firmly taken hold.
So much has changed in a relatively short period of time when it comes to our use of technology in delivering legal services. As noted by Richard Susskind above, the use of email by lawyers, once seen as controversial, is now ubiquitous. The question is no longer whether we will use technology to serve clients but whether we will use it effectively. And, so far, we do not seem to be doing very well on this front.
Take, for example, a simple and widespread technology such as email. Canadian law societies and professional indemnity insurers now regularly take to the internet to warn lawyers about colleagues who have unsuspectingly clicked on a malicious email attachment or website link and have, consequently, had their files locked by ransomware with an accompanying demand for payment in order for the files to be released. Indeed, lawyers are such notorious targets (or, less charitably, dupes) for such schemes that ransomware got its very own plot line in TV lawyer drama The Good Wife.
In addition to such malicious risks, there are legitimate worries about negligent use of email by lawyers. How many lawyers, for example, guard client confidentiality by using proper encryption and protecting privileged metadata from disclosure? How many lawyers even know what “encryption” and “metadata” are? When appropriate safeguards are not in place, clients’ confidential data risks being inadvertently disclosed with potentially enormous consequences for them and for the reputation of the firm.
Many more examples could be given regarding poor use of technology by lawyers and the increased risks that this poses to clients. There is also a whole other set of questions about how emerging technological tools, like legal analytics, relate to lawyers’ ethical obligations to provide competent and efficient legal services. What tools must a lawyer avail himself or herself of in order to provide the appropriate quality of service at a fair and reasonable price?
If not using technologically effectively is a problem, what is the solution? As I and others have previously written on Slaw, a good first step would be for Canadian law societies to include an ethical duty to use technology competently in their professional codes of conduct. Such a duty now is recognized in 27 American states, following 2012 amendments to this effect in the American Bar Association’s Model Rules of Professional Conduct.
Here, the Federation of Law Societies of Canada is now consulting on a change to its Model Code which would see the commentary to the general rule on lawyer competence amended to add the following statement:
[5A] To maintain the required level of competence, a lawyer should develop and maintain a facility with technology relevant to the nature and area of the lawyer’s practice and responsibilities. A lawyer should understand the benefits and risks associated with relevant technology, recognizing the lawyer’s duty to protect confidential information set out in section 3.3.
The Federation should be commended for advancing this proposed rule change. Hopefully, those interested in the subject will take up the Federation’s call for feedback (deadline May 30, 2017).
To be sure, there are limits to what a rule change in this area can and should do. This isn’t an area, like communication or fees, which is likely to attract a large amount of client complaints and thus, significantly initiate the disciplinary arm of Canadian law societies. Nor would it be productive or popular for law societies to proactively embark on an aggressive campaign to discipline lawyers for poor technological practices, like, for example, using weak passwords.
The primary value in a rule change is not to generate more opportunities for discipline, but, rather, to signal the importance of this issue to the profession. In order to be maximally effective, this signal needs to be accompanied by increased resources and opportunities that would permit lawyers to gain the technological competence they need for their specific practices.
Some possible mechanisms for this could be developing more practice resources in this area (some good resources already exist but more would be better), mandating technology CPD hours or courses (similar to what was approved in Florida in 2016), expanding current law society mentorship and coaching programs to include targeted training and advice on technology use, and providing tools to lawyers that would allow them to self-assess their technological competence and point them towards potential best practices.
Hopefully, the Federation adopts amendments to specifically mention technological competence in its Model Code and law societies follow suit. But a rule change should be seen as just the beginning of a mandate for law societies to more robustly and proactively foster this skill among lawyers. It is one thing to tell lawyers what competence means but another to help them live up to the standard being set.
 Susskind R., “Legal informatics – a personal appraisal of context and progress”, in European Journal of Law and Technology, Vol. 1, Issue 1, 2010. In the interests of full disclosure, I should note that I was alerted to this quotation when reading a more recent blog by Casey Flaherty.