Threading the Needle: Protecting Client Information From U.S. Border Searches
Professional Responsibility columnist Anthony E. Davis explores potential threats to lawyers whenever they travel internationally while carrying electronic devices containing client confidential information: official border searches, as well as either private- or state-sponsored hacking. What is the scope of the duty to protect client information when on the move, and what steps do lawyers need to take to comply?
September 01, 2017 at 02:03 PM
8 minute read
This article explores a potential threat to lawyers whenever they travel internationally while carrying electronic devices containing client confidential information. The recent New York ethics opinion that is the primary focus of this article addresses only one aspect of the problem: What happens when overseas travelers return to the United States. While the scope of the risks for lawyers at that point is by no means clear, the problem of re-entry pales in comparison to the risks of taking devices containing client confidential information into foreign countries. Obviously, the risks of either private- or state-sponsored hacking, as well as official border searches, varies depending on the jurisdiction visited. The dimensions of the threat must be assessed in the context of lawyers' duties to protect client confidential information generally, implicating two questions: What is the scope of those duties when information is on the move in an electronic device, rather than stationary in the lawyer's office, and what steps do lawyers need to take to comply with these duties? Into this quagmire bravely marched the New York City Bar Association's Committee on Professional Ethics with its Formal Opinion 2017-5 “An Attorney's Ethical Duties Regarding U.S. Border Searches of Electronic Devices Containing Clients' Confidential Information” (Opinion 2017-5).
In assessing the risk that lawyers may face in protecting data on devices they bring into the United States, in footnote 3, Opinion 2017-5 refers to U.S. Customs and Border Patrol, Snapshot: A Summary of CBP Facts and Figures (2017). While the number of electronic devices searched at the U.S. border has significantly increased, the percentage of travelers whose devices are searched is miniscule, and there are no statistics as to what proportion of those devices belong to lawyers. The scope of the government's authority to search the contents of devices is also addressed in footnotes, principally notes 3 and 7, and the latter sums up the Committee's view that at this time “[t]he legality of a border search of an electronic device is apparently unsettled.”
Reasonableness
Regarding lawyers' duties to protect confidential client information, Opinion 2017-5 properly refers to New York Rule of Professional Conduct (NYRPC) 1.6(c) “which requires 'reasonable efforts to prevent … unauthorized access to' clients' confidential information,” and to the duty of competence under NYRPC 1.1, which necessarily includes “a responsibility to take reasonable protective measures when … electronically storing clients' confidential information,” as set out in prior ABA, New York State Bar and other ethics opinions.
Opinion 2017-5 correctly articulates the key questions: What do the requirements to take “reasonable efforts,” and “reasonable protective measures” actually mean? It gamely tries to answer these questions, but unfortunately—and understandably—can do no more than refer to what is already stated in Comment 16 to NYRPC 1.6. It explains: “'Reasonableness' by its nature depends on the multiple facts and circumstances of a given situation and does not lend itself to categorical or bright-line rules,” and that lawyers should refer to the non-exclusive list of factors to be considered in determining the reasonableness of an attorney's efforts. Thus, Opinion 2017-5 falls short of materially advancing what, in practice, is ethically required.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All
Trending Stories
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
