This article explores a potential threat to lawyers whenever they travel internationally while carrying electronic devices containing client confidential information. The recent New York ethics opinion that is the primary focus of this article addresses only one aspect of the problem: What happens when overseas travelers return to the United States. While the scope of the risks for lawyers at that point is by no means clear, the problem of re-entry pales in comparison to the risks of taking devices containing client confidential information into foreign countries. Obviously, the risks of either private- or state-sponsored hacking, as well as official border searches, varies depending on the jurisdiction visited. The dimensions of the threat must be assessed in the context of lawyers’ duties to protect client confidential information generally, implicating two questions: What is the scope of those duties when information is on the move in an electronic device, rather than stationary in the lawyer’s office, and what steps do lawyers need to take to comply with these duties? Into this quagmire bravely marched the New York City Bar Association’s Committee on Professional Ethics with its Formal Opinion 2017-5 “An Attorney’s Ethical Duties Regarding U.S. Border Searches of Electronic Devices Containing Clients’ Confidential Information” (Opinion 2017-5).
In assessing the risk that lawyers may face in protecting data on devices they bring into the United States, in footnote 3, Opinion 2017-5 refers to U.S. Customs and Border Patrol, Snapshot: A Summary of CBP Facts and Figures (2017). While the number of electronic devices searched at the U.S. border has significantly increased, the percentage of travelers whose devices are searched is miniscule, and there are no statistics as to what proportion of those devices belong to lawyers. The scope of the government’s authority to search the contents of devices is also addressed in footnotes, principally notes 3 and 7, and the latter sums up the Committee’s view that at this time “[t]he legality of a border search of an electronic device is apparently unsettled.”
