Email and security issues
by Dave Bilinsky, Practice Management Advisor
Communication’s never been
as easy as today
…Now time and distance
No digital delay
And some things
can be written down
that we’re too shy to say…
Lyrics and music by Pet Shop Boys.
Email technology is a double-edged sword — offering speed and ease of reply, but carrying with it a litany of possible problems and miscommunications, which multiply quicker than you can click “send.”
This column identifies some of the practice problems presented by email and computing resources, and offers practical tips on how to handle them.
Do you have all the emails?
It is unusual for anyone to have just one email account. As such, you may have client emails on the office network, on web-based email such as Gmail or Yahoo, and on home email accounts. It is important to gather all those email messages together in one place — either a paper file or an electronic one on your network — ensuring that file contains all communications with the client and other parties.
Do you change passwords regularly and immediately change all passwords for employees who have left? It is not unknown for ex-employees to come back into the office network via remote access protocols to delete information on the system, including any emails they can find. Test your passwords against password checkers (Microsoft has a good one) to ensure that you are using strong passwords. Use a password storage application in order that you are not reusing the same password for multiple applications.
We take email privacy for granted, but there are situations when unencrypted email may not be appropriate. Consider taking the text of the communication and placing it inside an encrypted document that is attached to a covering email which does not say anything other than “please see attached.”
Lost in translation
You may assume that an email was received, but it may have been misaddressed or caught by a spam filter used by the intended recipient. Don’t assume that silence in the face of an email is tacit acceptance of what was set forth. Follow up unanswered emails with a telephone call.
You’ve got mail
Don’t let your email pile up in your inbox. Email applications may have a fixed amount of storage; once over this limit, you may lose all your messages. In some cases there is no warning that this is about to occur. Set up a folder structure on your network and move your email into the appropriate client folder (”save as”) rather than keeping it in your email application.
Capture real-time conversations
Do you use instant messaging to communicate with clients or other lawyers in your office? These IMs may not be logged by your system, and as such these discussions will be lost as soon as you close the application. Consider how to capture these communications in the same way that you capture emails.
Back-up your portable
Emails and other documents stored on laptops or other portable devices could vanish if the device is lost or stolen. Take steps to ensure that these communications are automatically copied to or stored on your office network. Also ensure that they have robust security (such as hard drive encryption) as well as remote “wiping” software to protect client confidentiality.
Protect your system
Ensure that you have trusted and up-to-date anti-virus and anti-malware installed on your system. You do not want to be accused of inadvertently transmitting a virus or trojan to a client or lawyer via email.
For the record
Emails are subject to discovery and can be actionable. Ensure that your staff only uses your email system for your office-related matters. Have an authorized use policy for your office that details appropriate (and inappropriate) use of your email and internet resources.
Don’t email electronic documents without first removing the metadata. Consider using a metadata removal tool or converting documents to PDF (and using the metadata removal tool in Adobe) to ensure that you are only sending information you wish your client or other parties to see. Read the December 2008 “Practice Tips” for more information about metadata.
Securely delete all data on computers that are being retired. You don’t want to see a news headline about lawyer and client data turning up on a discarded computer.
Do not have file sharing applications on any computer that connects to the office network. There is simply no reason for these applications to be within an office network. Ensure that your remote access implementation meets current state of the art security and encryption.
Create an email signature block containing your contact info that is automatically attached to every message. In that signature block, assert a claim of privilege over the contents of the email and attachments.
Clear the air
Firm up your retainer before you give any advice via email.
Mind your manners
While email is very easy and convenient, as lawyers we still need to maintain a professional approach. Most importantly, we need to guard against saying something in an email that we would not consider saying face to face with someone or, worse yet, not like to see in print in the Vancouver Sun.
For additional tips on email, see the latest edition of Insurance Issues: Risk Management, “Email: Preventing a mailstrom.”
The 2009 Pacific Legal Technology Conference was held Friday, October 2, 2009 at the Vancouver Trade & Convention Centre. Record attendance meant standing-room only in some presentations. Dr. Michael Geist, law professor, blogger and columnist, gave an entertaining and thought-provoking keynote on how blogs, Twitter, websites and other internet-driven technologies have changed how governments shape legislation in light of the near-instantaneous commentary and collaboration abilities of the populace using the web.
Other sessions dealt with going paperless, the virtual law office and the latest on e-discovery and e-preparation of litigation files. Privacy, security and iPhones and Blackberries all had their time, as well as time and task management using technology. The conference closed on a exhilarating 60 Tips in 60 Minutes, that managed to squeeze in over 100 tips in all.
Powerpoints used in the presentations can be found at pacificlegaltech.com/sessions.html and the conference papers and materials are available for purchase for $149 + tax. For more information or to place your order, email email@example.com.