This article will rivet home, regardless of what has been told to attorneys and professionals in the past that makes them feel warm and cozy with the concept that encryption of e-mail is not necessary because e-mail carries with it the reasonable expectation of privacy, that the known technological vulnerabilities of unencrypted e-mail make this presumption an old wives’ tale at best.

In a very practical sense, we are in business, and clients should reasonably expect that the professionals know how to protect the privilege and work product before the courts determine it is too late after the damage has been done.² That being said, e-mail is the common denominator connecting bankruptcy professionals and clients, and once e-mail and related attachments are sent out, you just do not know where they may end up.

Prof. Arthur R. Miller of Harvard was quoted as saying: “Today, as computers document almost every aspect of our clients’ professional and personal lives, electronic discovery becomes essential in every type of legal case.”³ Miller, a pioneer of early cyber law, made that observation several years ago,⁴ and indeed the reality of that statement shall be felt on Dec. 1, 2006, when the new proposed changes to the Federal Rules of Civil Procedure (FRCP) on electronic discovery become law.

Discarding Yesterday’s Concepts

Much has taken place since the first encrypted message was sent over the telegraph by Secretary of State William Seward in 1866 as he “clothe[d] its communications with that privacy without which, oftentimes, they would become valueless.” Just like the era of the first encrypted message, the concept that when a global email disclaimer⁵ or footer is attached to e-mail that the problem is going to go away indicates a change is perhaps necessary.

One thing we can perhaps all agree on is that the following message is not going to be well-received by clients, and in all seriousness professionals are not about to use it, but bankruptcy professionals may indeed need to read it more than once.

Warning—
This e-mail, including all attachments is not encrypted. Accordingly, it is possible for others to read and use this confidential information. We take no responsibility for using unencrypted e-mail and this e-mail and related attachments may be deemed by the court to be a waiver of the attorney-client privilege and work-product doctrine.
Example—
The “clear text” found in the “subject line” of e-mail travels the Internet and discloses issues that may be privileged.

Impuissance Aside

We all need to put our shoes on before we hit the floor running; the same is true for e-mail and the use of encryption to protect the privilege and work doctrine.⁶ Bearing in mind the unfavorable consequence that may occur during electronic discovery related to disclosure of purported privileged e-mail and work product to the opponent is just one of the many ramifications when encryption is not used.

Just like with e-mail, it’s illegal to “break in” an office building, but we use locks and security systems. We protect our families and personal property by installing alarm systems in our homes because we intuitively know what may happen—after all, that is only common sense. Because when you send encrypted e-mail, it inhibits others from obtaining access to that confidential information.

Bankruptcy professionals should be just as interested in protecting the confidentiality and privacy of e-mail and other forms of electronic communication as they do their own property. Sharing of e-mails and electronic communications is common today, and that includes “BCC” and “CC” e-mails. In business, it has become common practice to use collaboration technologies for electronic communications; just be aware that this form of technology is rapidly overtaking the use of e-mail. That includes instant messaging, streaming video conferencing and other forms of electronic communications, and this is why insiders, creditors, professionals and attorneys that play in this game may lose. Does anyone want to take a guess at how many millions of individuals were notified that their personal financial information was compromised in 2005 because of electronic information residing on computer servers and electronic media that was not encrypted? We can continue to blame the crooks, but that will not likely stop them anytime soon, and the corporations⁷ making those disclosures paid the price for being slipshod and not using the “best practices” to protect what was entrusted to them.

Accept the Technology

Attorney Frank P. Andreano indicated in his article, “Security and the Legal Profession: A Beginner’s Guide,” that “attorneys traditionally do not embrace technological change with vigor. In fact, we generally lag well behind the business community when it comes to new technologies. Attorneys are not always the models of sound business practices. We are often too busy, or simply not inclined to think of our practices as businesses that need to follow certain rules. If one of our clients were injured by a business that followed inadequate security protocols, we would be outraged. If we objectively judged our own security protocols by those same standards, however, many of us would likely find our measures woefully inadequate.”⁸

In the March 2002 article “Ethics: Revisiting the Question of Attorney/ Client Internet E-Mail Encryption,” Internet Newsletter NLP IP Co., Attorney Charles Merrill stated that “if the legal profession, an ‘entire calling,’ unduly delays its adoption of new and available devices capable of avoiding—for a trivial cost—the risk posed by the interception of clients’ confidential information, a modern-day Learned Hand might well remind them someday that he who ignores history may be doomed to relive it.” The T.J. Hooper v. Northern Barge Corp., 60 F.2d 737, (2d Cir. 1932) (L. Hand, J.).

I received the following comments from Philip H. Albert,⁹ a patent attorney and partner at Townsend and Townsend, regarding the use of unencrypted e-mail that speaks to this issue. In general, patent attorneys have an implicit need to be technical, and this becomes a bull’s-eye regarding the use of encryption. This becomes very clear when you look at his practice area, which includes patent prosecution for software, digital signal and image processing, electronic com-merce technology and cryptography.

Well, we use MS Outlook, which is inherently insecure. Actually, we worry a lot about communication security. As lawyers who handle patents, we also have to worry about discovery, so we are very mindful about what goes into an e-mail and assume that its contents could appear as an exhibit in court. We assume that every unencrypted e-mail gets intercepted and treat it accordingly.

Solution for E-Mail Insecurity

Providing a solution for secure communications becomes the next logical step for the bankruptcy professional, because unless encryption is used confidential information remains unprotected from “prying eyes” and that e-mail can easily find itself in the wrong hands. Often professionals become concerned with their risks, but clients need to be educated in the fact that technology is not the issue; rather, it is the solution.

Should the client not ask the bankruptcy attorney for advice on how to protect the privilege and work product regarding the use of encryption in the 21st Century? Bankruptcy attorneys and professionals will find themselves involved like it or not; just remember it is less expensive for the client to keep out of trouble and protect the privilege using encryption technology.

This author has tested and used numerous e-mail encryption solutions, and Secured eMail is the one I use. The Professional Edition includes an automatic compression feature for attached files, and this solution is easy for the recipient and easy for the end user. Perhaps this is an offer that cannot be refused or duplicated, because when you go to www.securede-mail.com/jackseward you will receive a free Professional Edition license to e-mail security.¹⁰

Secured eMail provides full product manuals and training materials in pdf format. Questions about the product can be directed to [email protected], and they generally respond in less than 24 hours, but please do take the time and read the materials.

Secured eMail enables users to send secured as easily as traditional, nonencrypted messaging. The only difference the user will see is a “Send secured” button in Outlook. With a single click of the button, e-mails will be secured from point to point. The software has full send-to-anyone capability, and the recipient can simply download and install the free Secured eMail Reader in order to read Secured eMails. The recipient then has the ability to reply to the secured e-mail for free if they are using Outlook.

Secured eMail Professional Edition provides full functionality in minutes. After creating the “secret” and sharing it with the client, the secret (password/passphrase) is not necessary to send or read the secured e-mail. The Enterprise Edition of Secured eMail is industrial strength and allows for the administration of all e-mail accounts in a company/firm within minutes.

Conclusion

Given the relatively insignificant costs of encryption technology for bankruptcy professionals as compared to client risks, an appropriate encryption solution should be selected. Bankruptcy professionals using this technology should earn their clients’ admiration for insisting on using the “best practices” to protect privileged and confidential information in the 21st Century. n

 

---

Footnotes

1 Jack Seward is a contributing editor for Norton Bankruptcy Law and Practice 2d by Thompson West, and the ABI Journal’s “Straight & Narrow” and “Beyond the Quill” columns. He has written and spoken extensively on the subject of protecting and retrieving digital electronic information. He may be contacted at (917) 450-9328 and by fax at (212) 656-1486 or [email protected].

2 Mr. Seward was the co-presenter and co-author of “Protecting Client-CPA-Attorney Information in the Electronic Age” before the American Accounting Association’s Northeast Regional Meeting in 2005 urging the use of encryption to protect the privilege and work-product doctrine.

3 See the software solution “Lawyer Scan—Computer Forensic Software Designed for Attorney and Their Clients.”

4 Wright, Charles Alan, and Miller, Arthur R., Federal Practice and Procedure (2d. Ed. 1987)

5 Notice: This electronic mail transmission may constitute an attorney-client communication that is privileged at law. It is not intended for transmission to, or receipt by, any unauthorized persons. If you have received this electronic mail transmission in error, please delete it from your system without copying it and notify the sender by reply e-mail so that our address record can be corrected.

6 Seward, Jack.“Practice Tip: Stop Your E-mail Risk—Now!,” LJN’s Legal Tech Newsletter www.ljnonline.com, July 2004.

7 LexisNexis and CardCops.com, as well as breaches reported by Newsweek in the July 4, 2005 issue, including: CitiFinancial, Bank of America, Commerce Bank, CardSystems, Time Warner, Choice Point, MCI, DSW Shoe Warehouse, BJ’s Wholesale Club and UC Berkley.

8 www2.mnbar.org/benchandbar/2000/nov00/security.htm.

9 [email protected]; www.townsend.com with offices in with offices in CA, WA, and CO.

10 Free offer is limited to first 3,000 Professional Edition licenses of Secured eEail from the www.securede-mail.com/jackseward site. Mr. Seward, a user of Secured eMail, has not and will not be compensated for this testimonial. See www.securedemail.com for additional information.