Ride the Lightning

Snowden Says Lawyers Should Be Encrypting Client Data

August 4, 2014

In fact, he said all professionals should be encrypting client data. In his Moscow interview with The Guardian, he included priests, journalists, doctors, accountants and others.

Snowden said professionals were failing in their obligations to their clients, sources, patients and parishioners in what he described as a new and challenging world.

"What last year's revelations showed us was irrefutable evidence that unencrypted communications on the Internet are no longer safe. Any communications should be encrypted by default," he said.

As you might imagine, we agree. And we are heartened to see renewed interest in encyption among lawyers, at large firms in particular. But do we believe that the ethical rules will be changed? Not soon. There is is a lot of resistance to encumbering (wrong word, but that's how it is seen) solo and small firms with technical requirements.

Putting sensitive data in an encrypted e-mail attachment is child's play – it only requires a password, which can be given to the recipient by phone.

When will the rules change? We've been asked that question many times and believe that the rules will change only when there has been a significant and well-publicized data breach which could have been easily avoided by encyption. But to us, that doesn't change the fact that the Snowden revelations have altered the meaning of competence in Rule 1.1 or the risks that must be balanced in Rule 1.6. The ground has shifted under our feet, leaving encryption the only rational way to protect our clients' data.

E-mail:    Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq