By Michael Greene, Bloomberg BNA
Attorneys crossing the U.S. border now have more guidance on how they should protect confidential client information stored on electronic devices from the prying eyes of customs and immigration agents.
A formal opinion issued July 25 by the New York City Bar’s ethics committee identifies some measures attorneys who travel internationally may take to satisfy their ethical obligations, in light of broad powers that U.S. Customs and Border Protection (CBP) agents assert they have to inspect travelers’ electronic devices.
“The Opinion provides helpful guidance to lawyers on an important and timely issue,” Bruce Green, a professor at Fordham law school and chair of the committee that issued the opinion, told Bloomberg BNA. “In this day and age lawyers are constantly in possession of confidential information on their computers and smartphones and have an ethical obligation to reasonably protect this information.”
The ethics opinion appears to be the first to address the topic and comes at time when there has been uptick in U.S. border electronic devices searches by CBP agents.
There were nearly 15,000 electronic devices searched during the first six month of the CBP’s 2017 fiscal year, compared to only just over 8,000 searches during the previous six months, according to CBP statistics released in April.
As the number of searches of electronic devices has increased, many major law firms are reevaluating what policies they should have in place in order to protect confidential information, Steven Puiszis, a Chicago-based partner at Hinshaw & Culbertson LLP, who is his firm’s general counsel for privacy, security & compliance, told Bloomberg BNA.
While the percentage of travelers whose electronic devices have been searched remains very small (less one hundredth of one percent), the growing number of searches is prompting some concerns. In January, a U.S.-born NASA engineer made headlines by saying that CBP officers in detained him at a Houston airport until he unlocked his work phone.
The American Bar Association has also raised concerns about the handling of privileged and confidential legal materials during border searches.
In May, the ABA sent a letter to the Department of Homeland Security, asking it to revise directives on the standards and procedures that CBP and Immigration and Customs Enforcement agents must follow before the contents of a lawyer’s electronic device can be searched or seized at the border.
ABA asserted that DHS’s interpretation of the directives has “resulted in CBP Officers and ICE Special Agents exercising sweeping powers to search electronic devices at the border, with or without reasonable suspicion of any wrongdoing.” ABA urged that DHS revise the directives to state that privileged or confidential electronic documents and files on a device cannot be read, duplicated, seized, or shared unless a subpoena or warrant is first obtained.
The ethics committee’s opinion addresses steps attorneys can take prior to crossing the U.S. border, during border searches, and after a CBP agent reviews confidential information.
The opinion provides some practical guidance and highlights an issue that attorneys should be aware of, J. Alexander Lawrence, a New York-based partner at Morrison & Foerster LLP and co-chair of its eDiscovery Task Force, told Bloomberg BNA.
Moreover, it will cause lawyers to think twice about whether they are adequately safeguarding their client’s confidential information when arriving at the U.S. border, he added.
Safeguards include avoiding electronic transportation by using blank “burner” phones or laptops, using software to securely delete information, and disconnecting from cloud- and web-based services.
“New York City Bar’s thoughtful opinion shows just how much advance planning is required to comply with [New York Rules of Professional Conduct,” Roy Simon, a legal ethics advisor to law firms and professor emeritus at Hofstra law, told Bloomberg BNA.
The increasing threats to electronically stored information along with recent changes to ethic rules “should motivate attorneys to take proactive measures to avoid improper disclosure, not merely reactive measures when something goes wrong,” and the opinion offers valuable suggestions about how to take those proactive measures, Simon said.
Objecting to a Search
The opinion also says that attorneys must take reasonable measures to prevent disclosure of confidential client information, in the event that a government agent seeks to search an electronic device.
Among the actions an attorney can take include informing agents that the device contains privileged information, requesting that such material not be search or copied, and asking to speak to a supervisor, according to the opinion.
It also says that lawyers can add “credence to their claim of attorney-client privilege” by carrying proof of bar membership or a business card, at the very least.
No One- Size- Fits- All Approach
The committee notes that there isn’t a “one-size-fits-all” approach to protecting confidential information. Instead, it recommends attorneys consider adopting certain safeguards, and what safeguards an attorney should adopt can vary depending on the sensitivity of the information involved.
This ethics opinion, like others that have addressed protecting client data, recognizes that the more sensitive the information, the less risk a lawyer should take in how the information is handled, Puiszis said.
While it provides helpful guidance, there are still a lot of unanswered questions about how attorneys should deal with this issue, he said.
For example, the opinion suggests that attorney shouldn’t travel with confidential information unless there is a professional need to do so.
However, drawing that distinction may difficult for attorneys who feel they must be accessible to their clients at all times, he said.
To contact the reporter on this story: Michael Greene in Washington at mGreene@bna.com
To contact the editor responsible for this story: S. Ethan Bowers at firstname.lastname@example.org
The case is: N.Y.C. Bar Ass’n Comm. on Prof’l Ethics, Op. 2017-5, 7/25/17.