Think about all the things you’ve done today. After silencing your alarm, you undoubtedly looked at your phone to see whether you had any messages or missed calls. Maybe you checked Facebook, LinkedIn, and your email or read some news articles. On your way to work, perhaps you mapped out your workday and necessary tasks. Probably the last thing on your mind is all the technology you need to represent your clients throughout the day.
As people continue to rely on technology and applications to run their daily lives, they must be aware of the information being captured. Lawyers must pay close attention to the various technologies they use to communicate, interact with, or manage client files. Often, information from various technology sources is not placed in the client file. The information could be text and social media messages, emails, or phone calls. There are several reasons that this information may not make it into the client file: the lawyer might be too busy at the time to transfer the information from the source to the client file; the lawyer might lack an efficient way to transfer the information; or the lawyer’s firm might not have a clear policy on the types of information that should be included in the client file.
While much has been written lately about what information must be surrendered to the client upon termination of representation, little has been written about what information should be placed in the client file. For example, a recent Wisconsin ethics opinion noted that the requirement to provide information to the client upon termination of representation should not be construed as a requirement to include that information in the file during representation (Formal Opinion EF-16-03 Amended (March 8, 2017)). This article discusses the information that should be part of every firm’s file management policy.
Contents of the Client File
A recent Wisconsin Lawyer article, “Ethics: What Comprises a Client File?,”1 provides an overview of the conundrum lawyers face when determining which information must be provided to the client. Simply stated, SCR 20:1.16(d) requires, “[u]pon termination of representation, a lawyer shall … surrender[] papers and property to which the client is entitled….” (emphasis added). “This duty to surrender the file arises when the client or successor counsel request the file upon or after termination of the representation.”2 “The Rule does not define ‘papers and property to which the client is entitled,’ and jurisdictions differ in how they interpret this duty.”3 Critically, “[w]hile discipline is frequently imposed for failing to surrender a file, the Wisconsin Supreme Court has never defined what ‘papers and property’ the lawyer must surrender upon termination.”4
Christopher C. Shattuck, Univ. of La Verne College of Law 2009, M.B.A. U.W.-Oshkosh 2015, is manager of Practice411™, the State Bar’s law practice assistance program. If you have questions about the business aspects of your practice, call (800) 957-4670.
Lawyers have a duty, upon termination and request by the client or successor counsel, to surrender to the client the papers and property the client is allowed to have, with papers and property being an undefined term. Although the term is undefined, Formal Ethics Opinion EF-16-03, citing ABA Formal Op. 471, sets forth a nonexhaustive list of items a lawyer must provide: “[c]orrespondence issued or received by the lawyer in connection with the representation of the client on relevant issues, including, emails, texts, and other electronic correspondence that have been retained ....”5
SCR 20:1.1 and SCR 5.1 provide guidance concerning a firm’s file management policy. SCR 20:1.1 indicates, “[a] lawyer shall provide competent representation to a client. Competent representation requires the legal knowledge, skill, thoroughness and preparation reasonably necessary for the representation.” Formal Ethics Opinion EF-15-01, Cloud Computing Amended, expanded upon the rule and cited ABA comment [5] to SCR 20:1.1, “recogni[zing] that competency also requires the ‘use of methods and procedures meeting the standards of competent practitioners.’” SCR 20:5.1 requires a lawyer with “managerial authority” to make “reasonable efforts to ensure that the firm has in effect measures giving reasonable assurance that all lawyers in the firm conform to the Rules of Professional Conduct.”
Read together, competence and the duty to conform to the Rules of Professional Conduct require lawyers to ensure that reasonable methods are being used to retain documents pursuant to the firm’s file management policy.
To sum up, lawyers must retain communications with clients pursuant to the firms’ file management policy, and the rules require firms to have a formal file management policy. Although communications have been the primary focus, it’s important to add that, “[i]f a lawyer’s notes contain both factual information and personal impressions, the notes may be redacted or summarized to protect the interest of both the lawyer and the client.”6 Stated differently, lawyers must provide their notes that pertain to factual information necessary for the representation of the client that the attorney preserved pursuant to the firm’s file management policy.
Although there are several other categories of information that must be provided to the client, the remaining focus will be on the communication mediums (applications, software, or devices) lawyers use to communicate or take notes for their clients. In addition to preserving physical messages and notes, lawyers must also be aware of their obligation to protect7 and possible obligation to store the metadata (embedded information contained in electronic documents8) of their communication mediums. The preservation of information may provide assistance in the defense of an Office of Lawyer Regulation (OLR) action for violation of the Supreme Court Rules.
Materials That Must Be Provided to the Former Client
In a formal ethics opinion, the State Bar’s Professional Ethics Committee noted some of the items a lawyer must provide to a former client:
“The following [non-exhaustive list of] materials that must be provided to the former client, unless prohibited by other law:
-
Any materials that were provided to the lawyer by the client;
-
Legal documents filed with a tribunal or those completed, ready to be filed, but not yet filed;
-
Discovery, including interrogatories and their answers, deposition transcripts, expert witness reports, witness statements, and exhibits;
-
Orders and other records of a tribunal;
-
Executed instruments such as contracts, wills, trusts, corporate records, and similar records prepared for the client’s actual use;
-
Correspondence issued or received by the lawyer in connection with the representation of the client on relevant issues, including emails, texts, and other electronic correspondence that have been retained …;
-
Legal opinions issued at the request of the client;
-
Third-party assessments, evaluations, investigative reports or records paid for by the client;
-
Legal research and drafts of documents that are relevant to the matter; and
-
Any materials for which the client has been billed, either directly or through lawyer or staff time.”
(Internal citations omitted). See State Bar of Wisconsin Professional Ethics Committee, Formal Opinion EF-16-03 Amended (March 8, 2017).
Facebook: Sword or Shield for SCR Violation?
An article in a recent issue of Wisconsin Lawyer discussed Facebook’s storage of every message sent through the Messenger application, unless deleted by both users, and the metadata data contained in users’ profiles.9 The article also suggested that if Facebook’s Messenger application was being used for a client communication, physical messages also should be stored pursuant to the firm’s file management policy. Taking that one step further, I recommend that the metadata obtained by downloading the data Facebook has stored on your account should also be stored pursuant to the firm’s file management policy.
The preservation of metadata becomes helpful if a lawyer deletes and does not preserve physical copies of message exchanges, and the client reproduces a portion of the PDF message history in an attempt to claim the lawyer was not responsive and provided inadequate advice. Had the lawyer downloaded and preserved the metadata of the Facebook profile before deleting the message, the lawyer would be able to use the metadata as a shield against an allegation of a rule violation (assuming the lawyer timely responded and provided competent advice in the unproduced portion of the PDF message history) for failing to preserve the client file, keeping the client reasonably informed, or violating the duty of competence. It’s also worth noting that Wis. Stat. section 804.09 requires the production of electronically stored information that has been retained.
Facebook can also be used as a sword by clients seeking the prosecution of a lawyer for a rule violation. For instance, if the lawyer used Facebook Messenger, did not keep the phone secured, stayed logged in on the Facebook application, and then lost the phone, and unprotected client information was breached by a person who ultimately came into possession of the unprotected phone, the lawyer might face an allegation that he or she violated the SCR 20:1.6 duty to protect information relating to the representation of the client. In such an instance, a lawyer using an unsecured phone for client communications would have a difficult time supporting an argument that the lawyer made reasonable efforts to prevent the unauthorized access to client information.
Step-by-Step Guide for Reviewing Terms of Service and Retaining Client Information
Here are tips for reading and understanding terms of service of various software applications and online services and applying them to your client-information retention policies.
-
Read the terms of service.
-
Determine the information you are allowing the application, software, or device to access.
-
Consider whether the information and metadata should be stored pursuant to the firm’s file management policy.
-
Understand the security protocols and how data may be shared by the device or service you are using.
-
Do not use services and hardware that are prone to breaches.
-
Consider the cost of reasonable alternatives with stronger safeguards.
-
If unsure, contact the State Bar of Wisconsin Practice411 or Ethics Hotline for confidential assistance.
Beyond Facebook: Terms of Service for Applications, Software, and Devices
One of the questions left open in recent articles on this topic is whether lawyers truly understand the terms of service for the various communication mediums (applications, software, or devices) often used to communicate with clients or take client notes. Let’s consider, for example, a lawyer who uses an iPhone. The lawyer records voice notes on the iPhone and sends the voice note from the lawyer’s personal Gmail account to the lawyer’s work email account that uses Office365. Thereafter, the lawyer drags the email into a cloud-based case management software. Do you think the lawyer read the terms of service for each product before sending the note and understands the data security and privacy standards outlined in the terms of service?
As a reminder, a Formal Ethics Opinion states that lawyers can use cloud computing, “as long as the lawyer makes reasonable efforts to adequately address the potential risks associated with it.”10 It should go without saying that reasonable efforts to adequately address the potential risks associated with cloud computing encompass understanding the terms of service for the cloud computing service, especially as the terms relate to data protection, disclosure, and service.
A lawyer might want to use a “free” product that has somewhat decent security protections. However, once the Wisconsin Supreme Court takes a case concerning a lawyer’s conduct pertaining to a violation of the Supreme Court Rules or determines the duty of care for protecting data stored in the cloud in a malpractice action, my guess is that the supreme court will inquire whether the lawyer understood the terms of service and researched the cost of reasonable alternatives. Often, a reasonable alternative to a free product, which has higher security standards and better terms of service, can be reasonably obtained.
Using questionable free products could mean being the first lawyer to have to justify data security protocols for cloud-based computing as a matter of first impression for the Wisconsin Supreme Court. I know of no one who would want that distinction.
Imputing Nonlawyer’s Behavior to Lawyer
A proper file retention policy, by itself, is not enough to ensure compliance with the rules. Pursuant to SCR 20:5.3(c)(2), a lawyer who is a partner or has comparable managerial authority over a nonlawyer can be held responsible for the nonlawyer’s violation of the Rules of Professional Conduct if the lawyer “knows of the conduct at a time when its consequences can be avoided or mitigated but fails to take reasonable remedial action.”
An example of this occurs when the lawyer supervises and knows the nonlawyer is inconsistently following the firm’s file retention policy, leading to gaps in client files. Another example is a lawyer who is friends with a nonlawyer on social media and sees photos taken in the workplace showing files on the nonlawyer’s desk. If someone outside the firm were to zoom in on the workstation photos or catch a glimpse of confidential information in the background photo, the lawyer could be accused of violating SCR 20:1.6 by failing to adequately supervise the nonlawyer. Moreover, some clients might forbid the use of personal devices in the workplace and might decide that they also are uncomfortable with their lawyers’ allowing workstation photos and use this as a basis to terminate the lawyer’s representation.
A Note on Preservation
Much of this discussion focuses on what should be retained as part of the firm’s file management policy. Some states, see, e.g., California Opinion 2001-157, Maine Opinion 187, and Missouri Opinion 2004-0052, take the additional step of stating the items that must be preserved as part of the client file.11 Accordingly, care was taken in this article to recommend the documents or metadata to retain pursuant to the firm’s file management policy and not to indicate which items must be preserved. However, if the items are preserved pursuant to the firm’s file management policy, then the rules are activated to require certain items to be produced to the client.12
Conclusion
Readers need to understand the various mediums of client information to store as part of the firm’s file management policy. To do so, read the formal ethics opinions referenced in this article; this article is not a substitute for the information contained in those opinions.
Remember to: think about the various technologies you use in your practice, preserve communications and notes pursuant to your firm’s file management policy, use proper safeguards to protect client information, and read and understand the terms of service for third-parties that process or store your client information. If you feel unsure or have questions, contact Practice411™ or the Ethics Hotline for confidential assistance.
Endnotes
1 Dean R. Dietrich, Ethics: What Comprises a Client File?, 83 Wis. Law. __ (Aug. 2010).
2 State Bar of Wisconsin Professional Ethics Committee, Formal Opinion EF-16-03 Amended (March 8, 2017).
3 Id.
4 Id.
5 Id.
6 Id.
7 State Bar of Wisconsin Professional Ethics Committee, Formal Opinion EF-12-01 (June 15, 2012).
8 Id.
9 Aviva Kaiser & Christopher Shattuck, Social Media: Who’s Got Your Data? 91 Wis. Law. 37 (May 2018).
10 State Bar of Wisconsin Professional Ethics Committee, Formal Opinion EF-15-01 Amended (Sept. 8, 2017).
11 See Materials on Client File Retention, ABA Center for Professional Responsibility (last visited May 8, 2018).
12 See State Bar of Wisconsin Professional Ethics Committee, Formal Opinion EF-16-03 Amended (March 8, 2017).