'Did the National Security Agency Destroy the Prospects For Confidentiality and Privilege When Lawyers Store Clients' Files in the Cloud — And What, If Anything, Can Lawyers and Law Firms Realistically Do in Response?' by Sarah Jane Hughes in (2014) 41(3)
Northern Kentucky Law Review comments
Since the first commentaries about the range and depth of the National Security Agency’s (NSA) metadata-gathering from telephone calls, emails, and other uses of the Internet in 2013, less has been written about important collateral consequences of the NSA’s work. This article looks at two of these consequences -- threats posed to confidential and privileged information that communications between lawyers and clients often contain that is overheard by NSA and its cadre of contractors such as Edward Snowden and may be shared with U.S. government agencies for purposes many would not have connected to national security or counter-terrorism/counter-intelligence, and NSA’s deployment of “back-door” tools to de-encrypt encrypted data.
The article also looks at challenges to confidentiality and privilege stemming from the storage of clients’ data in hosted clouds, building upon an article that Professor Hughes wrote with Roland L. Trope, entitled 'Red Skies in the Morning -- Professional Ethics at the Dawn of Cloud Computing' 38 William Mitchell Law Review 111 (2011). It also looks to the August 2012 amendment to American Bar Association’s Model Rules of Professional Conduct, with particular attention to Rules 1.1, 1.4, 1.6, and 1.15. The conclusion advocates a mix of cyber-smart steps as well as old-fashioned, non-cyber methods to reduce the risks that clients’ confidential and privileged information is properly protected by lawyers.