Ethics News Flash: There Is Admirable Ethics News From New York!

New York is the East Coast dead ethics twin of California, one of the most damaging ethics corrupters among the states, and a constant anchor on any efforts to keep the culture from rotting. With one unethical mayor elected in New York City after another, the depressing Andrew Cuomo to Kathy Hochul hand-off in the State House, the corrupt and irresponsible state legislature, two habitually unethical U.S. Senators and the state’s determination to defy U.S. immigration law and the U.S. Constitution (I don’t have time to get into the rest, like the New York Times, Broadway and the Yankees), the entire Empire State has become on ongoing bad ethics pageant. Thus it is a shock, a relief, and a glimmer of hope that the it finally has generated a significant positive ethics development that should prompt the rest of the country to follow its lead.

This month, New York became the first U.S. state to require its attorneys to take continuing legal education courses in cybersecurity, privacy and data protection. The New York State Bar Association’s Committee on Technology and the Legal Profession stated in its 2020 report that a specific requirement was needed over a general one because of the importance of protecting client and law firm data. Lawyers everywhere have been dangerously tardy in becoming sufficiently competent in the technology they must use every day to protect their clients’ confidences and avoid other damaging tech malfunctions and gaffes. (Judges are even worse.) The problem is magnified by the speed with which technology is evolving: there are new developments constantly, and only a relative few lawyers have caught up with the last set of changes.

I urge the attendees to my legal ethics seminars to resolve to take at least a week off every year to study legal practice technology and become proficient enough to justify the trust of clients. (There is no evidence that any lawyer has ever followed that advice.) Tech botches are epidemic. Yet most of the state bar associations have refused to treat the problem with any urgency. The ABA proposed a mild change to the comments in its Model Rules of Professional Conduct that make technology competence a requirement of legal competence. New York adopted the change in 2015; seven years later, many states are still debating it. As a result of the persistent laissez faire attitude of the profession, even simple precautions escape the consciousness of too many lawyers. How hard is it to figure out that one should not leave confidential client information on your cell phone?

The New York requirement, as encouraging as it is, still is ridiculously inadequate. All attorneys must complete just one hour of training every two years in either the ethical obligations surrounding cybersecurity, privacy and data protection, or in the technological and practice-related aspects of protecting data and client communications. Believe me, a single hour is almost nothing in a continuing legal education training session; most instructors will waste half of that in irrelevant anecdotes. One hour every two years is ridiculous, especially since there are frequently enough developments in a single year to create serious perils for the typical tech-ignorant attorney.

But it’s a start. And the other states are still acting as if computers are some newfangled fad that those kids are obsessed with.

Good for New York.

I wonder when I’ll have the opportunity to write that again….


Source: LawSites.

3 thoughts on “Ethics News Flash: There Is Admirable Ethics News From New York!

  1. It has long seemed curious to me that a profession that will go to great lengths to establish the liability of technical incompetence in other institutions is so averse to ensuring its own.
    A friend who was recently elected to a local criminal judgeship made improving technology in, and technological proficiency of, the court a major issue in his successful campaign. The court clerks had been clamoring for upgrades for several years now, and they finally have an ally on the bench to improve not only the security of their data but the efficiency of the court.

  2. “All attorneys must complete just one hour of training every two years in either the ethical obligations surrounding cybersecurity, privacy and data protection, or in the technological and practice-related aspects of protecting data and client communications.”

    Really? I think a quarterly program, for lawyers and taught by 12-year-olds (who know more about cyber tech than anyone else it seems) should be the requirement. And even that would be inadequate.

    As usual, too little and way too late for the ABA. Still think we’re living and practicing in the 1950s, guys?

  3. Every interaction I’ve had with a lawyer would have been examples of data breaches under health care confidentially regulations.
    The paralegal once addressed me as a different client when I established an LLC, and the letter notifying me the filing of my divorce included a different client on the salutation, (dear Mr. CertainlyNotWallPhone,) although my name and address were correctly in other places on the letter.

    That’s a bit better than when applied for a home insurance quote… And received an inch thick packet of all kinds of troubling information about a different home and its inhabitants… And presumably mine supplied to a completely different “customer”.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.