Ride the Lightning

Duty of Lawyer Tech Competence Comes to Canada and South Carolina

December 4, 2019

Thanks to Bob Ambrogi for keeping us current on the number of states that have adopted some version of the duty of lawyer tech competence – as he posted, we are now at 38, with South Carolina being the latest state to adopt the duty.

On the day before Thanksgiving, the Supreme Court of South Carolina approved a package of amendments to the state's Rules of Professional Conduct, all based on the 2012 amendments to the ABA Model Rules of Professional Conduct, which included a duty of technology competence as embodied in ABA Model Rule 1.1, Comment 8.

The new South Carolina provision is a modified version of the ABA model rule. It is found in a new Comment 6 to Rule 1.1, and reads:

"To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including a reasonable understanding of the benefits and risks associated with technology the lawyer uses to provide services to clients or to store or transmit information related to the representation of a client, engage in continuing study and education and comply with all continuing legal education requirements to which the lawyer is subject."

In its order, the Supreme Court also amended Rule 1.6, pertaining to confidentiality of information, to add a paragraph (c), which reads:

"A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client."

It also amended Comment 20 to Rule 1.6 to read as follows:

"Paragraph (c) requires a lawyer to act competently to safeguard information relating to the representation of a client against unauthorized access by third parties and against inadvertent or unauthorized disclosure by the lawyer or other persons who are participating in the representation of the client or who are subject to the lawyer's supervision. See Rules 1.1, 5.1 and 5.3. The unauthorized access to, or the inadvertent or unauthorized disclosure of, information relating to the representation of a client does not constitute a violation of paragraph (c) if the lawyer has made reasonable efforts to prevent the access or disclosure. Factors to be considered in determining the reasonableness of the lawyer's efforts include, but are not limited to, the sensitivity of the information, the likelihood of disclosure if additional safeguards are not employed, the cost of employing additional safeguards, the difficulty of implementing the safeguards, and the extent to which the safeguards adversely affect the lawyer's ability to represent clients (e.g., by making a device or important piece of software excessively difficult to use). A client may require the lawyer to implement special security measures not required by this Rule or may give informed consent to forgo security measures that would otherwise be required by this Rule. Whether a lawyer may be required to take additional steps to safeguard a client's information in order to comply with other law, such as state and federal laws that govern data privacy or that impose notification requirements upon the loss of, or unauthorized access to, electronic information, is beyond the scope of these Rules."

As Bob noted, South Carolina's version of the comment differs from the model rule.

The model rule states generally that "a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology."

But the South Carolina rule adds a restrictive clause to that, so that the duty extends only to "technology the lawyer uses to provide services to clients or to store or transmit information related to the representation of a client."

Bob believes – and I agree – that this does a disservice to clients — and to the very issue of competence this rule is intended to address. It is not enough for lawyers to understand the technology they use directly. It is critical that they also understand the technology their clients use and, even more broadly, how other technology issues may impact their clients and their clients' matters.

If you read the handful of ethics and court opinions that have addressed the duty of technology competence, they are clear that a lawyer must have a degree of competence not only in their own technologies, but also in their clients' systems and technologies.

Like Bob, I hope South Carolina takes its language a step further in a future amendment.

A second post notes that lawyer tech competence has also come to Canada. As Bob reported in 2017, the Federation of Law Societies of Canada had proposed changes to its Model Code of Professional Conduct that included a duty of technology competence similar to the ABA rule.

On October 19, the Federation formally amended its Model Code to include a duty of technology competence. Similar to the ABA rule, the Federation's duty is embodied in comments to its rule on maintaining competence, Rule 3.1-2. These new comments say:

"[4A] To maintain the required level of competence, a lawyer should develop an understanding of, and ability to use, technology relevant to the nature and area of the lawyer's practice and responsibilities. A lawyer should understand the benefits and risks associated with relevant technology, recognizing the lawyer's duty to protect confidential information set out in section 3.3.

[4B] The required level of technological competence will depend on whether the use or understanding of technology is necessary to the nature and area of the lawyer's practice and responsibilities and whether the relevant technology is reasonably available to the lawyer. In determining whether technology is reasonably available, consideration should be given to factors including:

(a) The lawyer's or law firm's practice areas;

(b) The geographic locations of the lawyer's or firm's practice; and

(c) The requirements of clients.

Just as individual states must adopt an ABA model rule, the individual Canadian provincial and territorial law societies must adopt this rule.

Writing about this development at the Canadian legal blog Slaw, Amy Salyzyn, a legal ethics expert and associate professor at the University of Ottawa, Faculty of Common Law, says, "In many respects, the new language simply makes explicit what is implied in existing rules." We have heard that said by many legal ethicists in the US as well.

Like Bob, I believe that the act of making it explicit represented a sea change for the U.S. legal profession back in 2012, and that this move by the Federation will have the same effect in Canada.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson