Rules for the
AS LAWYERS and clients speed down the Infobahn, the need for established rules of the road becomes increasingly apparent. If pulled over by a cybercop or client, savvy lawyers should have answers to the following questions.
1. Should your Internet e-mail be encrypted?
Encryption greatly heightens the security of e-mail and prevents an unauthorized person from reading a message if it is mistakenly sent to the wrong e-mail box. Also, a digital signature confirms that an e-mail message was sent by the person whose name is on it and that the message was not altered in transit.
Both of these tools are readily available at reasonable or no cost to e-mail users. Some lawyers are using them, but most are not and probably won't unless required to so do, either by a state bar ethics committee or by a court finding a colleague negligent for not encrypting highly sensitive material.
But clients may be getting the message (pun intended). "The big interesting roll-out this year is that corporate counsel appear to be finally developing awareness of the risks of unencrypted Internet e-mail," says Charles R. Merrill, who chairs the computer and high-tech practice group at Newark, N.J.'s McCarter & English. He uses four encryption programs but prefers Netscape, which happens to be the program that a major client requires outside counsel to use. The program comes bundled with the latest versions of the Netscape browser and is lawyer-friendly. Users encrypt an e-mail message by clicking on the word "encrypt" before sending the message.
But there is an enormous spectrum of technology users-- and nonusers. "I have clients who don't even use e-mail at all," says Kenneth C. Bass III, a litigator in the Washington, D.C., office of Venable, Baetjer, Howard and Civiletti L.L.P., who has a high-tech practice. "From an ethics or privileged standpoint, I do not believe that encryption is mandatory to preserve privilege...because the e-mail is protected by the same wiretapping statute as telephones." Yet, he says, all lawyers should encrypt e-mail. "I said 'should,' not 'are.' There are all sorts of things that lawyers should do, but don't. There's no reason not to encrypt. It is low-cost, and universally available," he says, adding, "If we were all doing things right, we would be digitally signing all our e-mail." Mr. Bass prefers PGP, or Pretty Good Privacy, to other encryption methods, because it is most compatible with his international clients.
2. You say you were not giving legal advice online? Does your disclaimer say that?
People place disclaimers at the top or bottom of e-mail and Web sites and hope for the best. Kevin J. Connolly, of counsel to New York's Eaton & Van Winkle, uses a concise disclaimer on his e-mail: "If this were legal advice, it would come with an invoice."
Atlanta's King & Spalding posts a disclaimer of more than 400 words on its Web site, at www.kslaw.com/disclaim.htm. Are these disclaimers worth the paper they're not printed on? "If you have a disclaimer on all e-mail automatically, I think it becomes meaningless," says Mr. Merrill, who does not use a disclaimer. But if you put the disclaimer on some mail, and leave it off others, "you might leave it off accidentally on the one place where it matters," he concedes.
Even if you're confident that your disclaimer is ironclad, remember the three rules to legal comment online: competence, conflicts and confidentiality. Are you competent in the area you're e-mailing about? Will espousing a view potentially put you in conflict with a client? And, remember, nothing is confidential--e-mail is widely circulated.
3. Is this e-mail for real?
Educate yourself and your clients about the hoaxes and scams that circulate via e-mail. The Computer Virus Myths Home page is at http://kumite.com/myths. The Mining Company also tries to debunk hoaxes and phony, alarming news stories, at http://urbanlegends.miningco.com.
Actual computer security risks are tracked by the U.S. Department of Energy at http://ciac.llnl.gov/ciac.
4. What's up with the ".us" domain?
On the Internet, many nations use domain names, or Internet addresses, that are country-specific, such as ".fr" for France. American companies generally do not, instead turning to ".com." The fate of the neglected ".us" domain needs to be determined. The National Telecommunications and Information Administration is seeking comments, until Oct. 5, on the administration of the ".us" domain. E-mail them from www.ntia.doc.gov. And be careful out there.
This article is reprinted with permission from the September 21, 1998 edition of The National Law Journal. © 1998 NLP IP Company.