By Nicole Hyland and James Mariani

Every day, clients entrust their lawyers with confidential information.  Whether in a matrimonial dispute, high-stakes corporate acquisition, commercial litigation, criminal defense matter, or any other sensitive legal issue, clients rely on their lawyers to safeguard information that could be detrimental or embarrassing to the client if disclosed.  A lawyer’s ethical obligation to protect such confidential information is embodied in Rule 1.6 of the Rules of Professional Conduct (“RPCs”), which states in relevant part that “a lawyer shall not knowingly reveal confidential information.” The duty of confidentiality is not limited, however, to intentional disclosures.  Rule 1.6(c) also requires a lawyer to “make reasonable efforts to prevent the inadvertent or unauthorized disclosure or use of, or unauthorized access to” confidential information.
Continue Reading Once More Unto the Breach: A Timely Lawsuit Raises Questions About the Duty to Notify Clients of a Data Breach

Shortly before the New Year, the United States Attorney for the Southern District of New York unsealed an indictment against three Chinese hackers who allegedly stole information from two prominent U.S. law firms.  According to the indictment the hackers stole upwards of 50 gigabytes of data from the two firms, which related to impending mergers of large public companies.  The indictment alleges that the hackers subsequently traded on the non-public information related to the mergers and reaped profits of more than $2 million.  Regardless of how this case unfolds, it is an important cautionary tale for both lawyers and clients about the risks of the practice of law in the digital age.
Continue Reading Don’t Fall Asleep at the Switch: The Ethical Risks of Law Firm Data Breach