We’ve noted before that just because information relating to your representation of a client might be publicly available, your duty of confidentiality means that you can’t disclose it if it is not “generally known.”  The two concepts — public availability and being “generally known” —  are not the same, as a New Jersey lawyer learned

Disclosing client information on Facebook has gotten yet another lawyer in trouble.  A Massachusetts attorney was publicly reprimanded earlier this month for posting details of a guardianship case on the social media site, in violation of the Bay State’s version of Model Rule 1.6 (“Confidentiality of Information”).  The Board imposed a public reprimand, rejecting an

The outlines of the attorney-client privilege and work-product doctrine are well-established. But how should they apply when an organizational client suffers a cybersecurity event or other intrusion that results in a data breach?  Should information about the company’s security policies pre-breach and its post-breach response be given any enhanced protection? Under what circumstances?

The questions

Many litigation lawyers know about the “litigation privilege” (sometimes called the “judicial privilege”).  The doctrine operates to immunize lawyers from liability for statements  made during the litigation process that are related to the litigation, even if they injure an opposing party.  (Here’s a 2015 Hofstra Law Review article that provides an overview.)

But lawyers

As we’ve noted before (here and here), the ethical duty of confidentiality is broad, and can even cover publicly available information.  Now comes a reminder that based on the confidentiality rule you should obtain consent  before using your client’s name in marketing materials — and that some jurisdictions go even farther.  For instance,

We’ve written before about “web bugs” — tracking devices consisting of an object embedded in a web page or e-mail, that unobtrusively (usually invisibly) reveal whether and how a user has accessed the content.  Three jurisdictions (Alaska, New York and, most recently, Illinois) have issued opinions pointing to the ethics

Everyone knows that we have an ethical duty of competence, and in most jurisdictions this includes a duty to be aware of the “benefits and risks” of relevant technology.  Examples of possible technology issues affecting our practices:  encryption (and cyber-security in general), cloud storage, e-mail handling, the internet of things — there

A federal district court refused last week to disqualify a Connecticut lawyer in a suit against Yale University, even though finding a violation of the state’s version of Model Rule 4.2, the “no contact rule.”  Although ruling that disqualification was too extreme a sanction, the court ordered the turnover of interview notes from the