Client Confidentiality and WiFi

Posted on February 6, 2008 by Susan C. Salmon

The next time you log into your work email from the corner coffee shop on a sunny Sunday morning, or from your hotel room or a seat at the airport in the midst of business travels, this article from The Legal Intelligencer may give you pause. 

"Free" WiFi "hotspots" are springing up everywhere.  But they may cost more than we think:  when we take advantage of unsecured wireless access, the information we input does not go directly from our laptops to the nearest connection.  Instead, it floats out there in the air (I believe that is the technical term...) for a radius of up to 500 feet.  Highly tech-savvy miscreants (ok, hackers) can misroute these transmissions to their own "Evil Twin" wireless access sites, and capture the confidential information of unsuspecting users, with devastating consequences.  Of course this raises concerns about data security generally, but it also could implicate - or compromise - the attorney-client privilege and work product protections, and land attorneys in ethical trouble. 

Fortunately, the article provides some helpful tips on how to secure your computer and avoid misappropriation of your clients' - or your own - confidential data.

On a more whimsical note....I like to think that when I stopped for my morning latte in Los Angeles, dialogue from 2010's Best Picture could have been floating in the air right past my head.

Tags: , , ,

Employer Policy Regarding Email for Personal Use Trumps Attorney-Client Privilege

Posted on January 10, 2008 by Joe Wilson

 A recent New York appellate court decision offers some guidance on the interplay among an employer's right to monitor email traffic, an employee's expectation of privacy in their email and the attorney-client privilege.  In a decision by the Supreme Court for New York County, the Plaintiff, Dr. Scott, was fired by Beth Israel Medical Center and sued for $14 million in severance payments.  Dr. Scott got a bit ahead of himself, though, and sent several emails about the impending suit to his lawyers while still employed by the hospital, using his work email account and a hospital computer.  When the hospital informed his attorneys that it had the emails, Dr. Scott moved for a protective order preventing their use in litigation.

The question, then, was what took precedence, the attorney-client and work product privileges, or the hospital's email policy, which provided that the hospital's email system was not for personal use and that the hospital reserved the right to access emails at any time.

The court found that "A 'no personal use' policy combined with a policy allowing for employer monitoring and the employee's knowledge of these two policies diminishes any expectation of privacy," and the combined effect "is to have the employer looking over your shoulder every time you send an e-mail."  Thus, the court held that the emails were not protected, and were properly discoverable in litigation.  The full decision appears here: Scott v. Beth Israel Medical Center.
Tags: , , , ,