Lawyer Ethics, Confidentiality, and Technology

This is a recurring theme on this site if only because I give a regular presentation on the topic for lawyers coming to practice in Ontario from outside the province.  The fundamentals of protecting client data – confidential and private information the lawyer collects during the delivery of legal services – are pretty clear but there are always new examples of lawyers making missteps.  The technology itself shifts, and it was interesting to note that, where in the past I spent a long time talking about encryption, it’s now so integrated into operating systems and devices that it’s mostly a matter of turning it on.

Passwords are another recurring topic.  They’re the front line and there’s still the concern that someone will use a simple – guessable – password to protect their client information.  But the password world is shifting and each new million-password crack that happens on a Web site creates additional scope for intruders.  This means that a password that is re-used in more than one location may get discovered in one place and create a vulnerability in a completely different one.  At least we’re getting away from just talking about not using 123456 as a password.

The paper for the session is available as an e-book or pdf (free). Here are the slides from this latest session: