Wednesday, September 30, 2009

Can Lawyers Use Gmail Despite the Content-Based Ads Suggesting A Breach of Confidentiality?

If you use Gmail, you have surely noticed that Google makes its profit by displaying - on the sidebar - advertisements that are directly related to the content of your emails. This presents an ethical question for lawyers who use Gmail (or other such providers) to communicate with clients because of the apparent breach of confidentiality and the possibility that it constitutes a violation of the Rules of Professional Conduct.

Rule 1.6 of the new New York Rules of Professional Conduct - which went into effect April 1, 2009 - provides:

(a) A lawyer shall not knowingly reveal confidential information, as defined in this Rule, or use such information to the disadvantage of a client or for the advantage of the lawyer or a third person, unless:
(1) the client gives informed consent, as defined in Rule 1.0(j);
(2) the disclosure is impliedly authorized to advance the best interests of the client and is either reasonable under the circumstances or customary in the professional community; or
(3) the disclosure is permitted by paragraph (b).

[Paragraph (b) lists exceptions that are not relevant to our discussion - S.L.]

And Rule 1.6(c) states:
A lawyer shall exercise reasonable care to prevent the lawyer’s employees, associates, and others whose services are utilized by the lawyer from disclosing or using confidential information of a client.
Considering these Rules, the issue is may a lawyer use an email service provider that scans emails by computer for keywords and then sends or displays instantaneously computer-generated advertisements to users of the service based on the e-mail communications?

In 2008, the New York State Bar Association's Committee on Professional Ethics published an opinion addressing this question. The opinion notes that in recent years, email providers (such as Google) have offered free or low-cost e-mail services in which, in exchange for providing the user with email services, the provider’s computers scan emails and send or display targeted advertising to the user of the service. The Committee held that this process is not a breach of confidentiality because it is the provider's computers that identify the presumed interests of the user by scanning for keywords, and then sending advertising that reflects the keywords.

The NY State Bar Committee explained that if the particular email provider’s published privacy policies ensure that no individuals other than email senders and recipients read the email messages, the targeted advertising does not constitute a breach of confidentiality:
Consequently, when the e-mail service provider sends or generates instantaneous computer-generated advertising based on computer scans of the lawyer’s e-mails with clients, the risks posed to client confidentiality are not meaningfully different from the risks in using other e-mail service providers that do not employ this practice.
The Committee hypothesized, however, that they would reach the opposite conclusion if the emails were reviewed by human beings or if the service provider reserved the right to disclose the emails or the substance of the communications to third parties without the sender’s permission (or a lawful judicial order). It is the duty of the lawyer (and recommended practice for anyone dealing with confidential matters) to exercise due care in selecting an email service provider to ensure that its policies and stated practices protect client confidentiality.

Conclusion: A lawyer may use an email service provider that conducts computer scans of emails to generate computer advertising, provided the emails are not reviewed by or disclosed to other individuals. Although this opinion is formally a binding authority only with regards to New York-licensed lawyers, it would probably have persuasive authority in other jurisdictions as well.