The sigh of relief that greeted the American Bar Association’s recent ethics opinion dealing with e-mail encryption, No. 99-413, was almost audible. The 10 members of the ABA’s Standing Committee on Ethics and Professional Responsibility found that “a lawyer may transmit information relating to the representation of a client by unencrypted e-mail” without violating the 1998 Model Rules of Professional Conduct. Plain, unencrypted e-mail “affords a reasonable expectation of privacy from a technological and legal standpoint,” wrote the committee.
“I’m afraid that the opinion will be interpreted simply as saying that attorneys don’t have to worry about the security of e-mail. This is not what the ABA opinion says at all,” says Jerry Lawson, a legal technology consultant in Burke, Va. His warning may be lost in the pop of champagne corks: The ABA says we don’t have to encrypt!