Posted on September 9, 2011 by Christopher Wolf

No Expectation of Privacy in Workplace E-mail Leads ABA to Impose Duty on Lawyers to Warn Clients

ABA logoEmployers have a right, and in some cases a duty, to monitor the e-mail communications of their employees that are sent from the employer's e-mail system. As a general matter, employees have no expectation of privacy in e-mails sent through their workplace system. Since employees who communicate with their personal lawyers through their employer's e-mail are subject to employer monitoring, the American Bar Association has issued a formal ethics opinion stating that lawyers have a duty to warn such employees that their e-mails may not be confidential. 

The Opinion expressly reserves on the question of whether the breach of confidentiality  would vitiate the attorney-client privilege, declaring "the law appears to be evolving." But the cases cited in the ethics opinion on when employee communications with counsel through workplace e-mail will remain privileged show that the circumstances are limited when the privilege is likely to survive, leading to this observation:

Nevertheless, we consider the ethical implications posed by the risks that these communications will be reviewed by others and held admissible in legal proceedings.

Thus, the ABA concluded that a lawyer has an ethical obligation to advise a client of the risks of sending attorney-client communications via workplace e-mail.

The ABA ethics opinion raises the question of whether lawyers who know that their clients are using modes of communication that may not be secure, and may be subject to interception and review by others (thus jeopardizing the privilege) have an ethical duty to warn their clients beyond the context of workplace e-mail

In 2008, the New York State Bar opined that the use of Gmail for attorney-client communications, even though e-mails sent through Gmail are subject to scanning by Google computers for the delivery of contextual advertising, retained the attorney-client privilege. But with the advent of many new means of electronic communication, from Facebook to Twitter and beyond, and with smart mobile devices becoming a dominant method of communication, and with varying individual privacy and data security practices on the part of clients, quaere whether a lawyer has an ethical duty to evaluate a client's communications practices and to advise on the risks that confidentiality may be lost. The ABA Opinion opens the door to such an inquiry. 

Tags: , , ,
Posted on May 28, 2010 by Timothy Tobin

FTC Red Flags Rule Enforcement Delayed Again (and New Legal Challenge)

The FTC announced today that it is delaying enforcement of its FACTA Red Flags Rule yet again, this time through December 31, 2010. This is the fifth time the FTC has delayed enforcement of its beleaguered red flag rule, which it originally had planned to enforce beginning November 1, 2008. This latest delay, just like the previous one, comes at the request of members of Congress who plan to amend the FACTA red flag provisions to narrow the scope of the entities that are covered. On May 25, 2010, members of Congress introduced S. 3416, which would exclude health care, accounting and law practices with fewer than 20 employees as well as certain other small businesses. 

 

 

The further delay comes as FTC Chairman Leibowitz acknowledges the agency’s Rule’s shortcomings: “Congress needs to fix the unintended consequences of the legislation establishing the Red Flags Rule – and to fix this problem quickly.”

As previously covered in the Chronicle, the last delay occurred on October 30, 2009 when the FTC announced it would not begin enforcing the rule until June 1, 2010. That delay followed U.S. District Court for the District of Columbia's ruling that the Red Flags Rule does not apply to lawyers (for analysis of that decision, click here). It also followed the House of Representatives' unanimous passage in late October of HR 3763, which proposes to amend FCRA to exempt certain small businesses from the Red Flags Rule. Subsequently, in November 2009, the American Institute of Certified Public Accountants (AICPA) filed a lawsuit against the FTC challenging the applicability of the Red Flag Rule to Certified Public Accountants

Now the Red Flag Rule is facing a new legal challenge. On May 21, 2010, the American Medical Association (AMA), the American Osteopathic Association and the Medical Society of the District of Columbia filed a lawsuit against the FTC in the U.S. District Court for the District of Columbia challenging the Red Flag Rule and citing the court’s earlier decision regarding the applicability of the Rule to lawyers. In the latest lawsuit, these medical organizations argue that the Rule, which is applicable to financial institutions and creditors, unjustifiably "treats physician practices like banks, credit card companies and mortgage lenders."

 
Tags: , , , , , , , , , , , , , , , , , ,