Jane Pribek, The Daily Record Newswire
It seems that since email revolutionized lawyer-client communications in the 1990s, technology CLE speakers have been advocating for encryption, yet no one’s doing it.
Instead, it appears most either ask clients whether they’re OK with unencrypted email or put disclaimers on all emails about how unintended recipients shouldn’t read them — at the bottom of the emails, after they’ve been read.
I respectfully submit that it’s time for you and your clients to take email security to the next level.
In August, the American Bar Association House of Delegates passed changes to the Model Rules.
New, additional language to the black letter of 1.6, Confidentiality, states: “A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.”
New comments further state there’s no violation if the lawyer has made “reasonable efforts” to prevent the unauthorized disclosure or access. While the rules don’t explicitly mention encryption — ethics rules don’t like to mention specific technologies — it’s fair to assume that encrypting your client emails likely would be considered a “reasonable effort.”
And on an intuitive level doesn’t encryption send the appropriate message to clients? It tells them your advice is important and you care about confidentiality. It also conveys a degree of tech savvy.
It’s important to note, though, you’ll have to talk with clients about any extras steps and time encryption will require. We’ve gotten so used to the immediacy of unencrypted email, texting and chatting but encrypted email generally isn’t like that.
Take Lockbin, for example, which has a free, Web-based version of its encryption services available as a download for Outlook or as a desktop app for Windows, Mac or Linux. To read an encrypted email through the service, the client must click through an emailed link to the Lockbin website, where they are directed to enter a “secret key” that you’ve given them by means other than unsecure email, I hope. They can then access the encrypted message.
It works. But, I imagine both the attorney and client alike might get annoyed at having to enter those scrambled letters in funny fonts in addition to remembering the “secret key” and agreeing to the terms of service, with every email. You also can’t send one email to multiple recipients, which is a big drawback, in my opinion.
I prefer Hushmail, which was easier to use. It sets up your own free encrypted email account, such as janepribek@hushmail. com. It allows one email with multiple recipients and it remembers email addresses. It’s especially easy on the recipient and it looks more like the email programs everyone’s used to.
Yet another alternative is Enlocked, a plug-in that works across a variety of platforms. If you opt to “send secure” through Enlocked, your recipient, who also must have the download, can read the message without entering security codes or the like.
Enlocked still is in Beta, and when I tried it with Outlook 2007 it crashed Outlook — multiple times — so I disabled it. However, my recipient, using Outlook 2010, had no problems.
None of these solutions is perfect, and to get better ease-of-use, you’ll have to open your wallet for a better service. But the services above are secure and worth a look for those interested in encrypting on the cheap.