I have been writing this monthly column for well over a decade now, and each month I have provided what I believe to be answers to questions brought into the legal realm by the ascendance of digital media and communications. For this month’s column, however, I am posing a question to which I have no answer: Do law firms do what they should to protect digital media and communications from being vulnerable to hacking, a virus or some other form of adverse intrusion by a third party so as to avoid being the target of litigation by clients should any such firm find itself having been so victimized? I am raising the issue because I have not seen much discussion on it and would rather raise it before it becomes, and to help avoid it becoming, a widely discussed problem.

Background

It is fundamental to our jurisprudence that communications to and by a law firm, as well as documents—whether digital, on paper or in some other media—are protected by attorney-client privilege. This protection cuts two ways (at least). Third parties, such as an opposing party, law enforcement or some other governmental entity, news media, people generally, etc., have no right to demand any such protected communications or documents. As well, the protection creates an obligation on the part of lawyers not to reveal any protected communications or documents to any third parties except as required by law or after determining that such revelation is in the best interest of the client.