Electronic Privacy, Privilege, and Confidentiality

Maintaining electronic privacy (confidentiality) in communications between attorney and client requires active and ongoing effort, especially in the age of electronic communications and electronic surveillance.

I will leave old-fashioned physical security for another article. Today I want to focus on electronic communication and how to keep it safe and secure, but also reasonably convenient at the same time.

Most of us like the ease of texting, the convenience of emails, and the speed of communicating by phone conversations. All of these can be hijacked or eavesdropped electronically. To keep our private conversations private, be they with clients, family, or other attorneys, I have a few recommendations for you.

Options to Improve Privacy

1. Use a client portal tool that provides privacy through encrypted storage and delivery. There are several offerings available. My firm uses Clio. These services, for a monthly fee, provide encrypted storage and document delivery.
2. Use encrypted chat services instead of SMS. I use Signal. Signal is open source and fully encrypted for texting, video, files, and voice. There are other options, such as Telegram and WhatsApp, but these are not open source. Why Open Source? Briefly, Open Source means everyone can see the code, which means bugs are found and fixed. Private code has only its owner looking at it. Open Source has everyone looking at it.
3. Use a VPN. A Virtual Private Network means different things to different users, but in this context, I am referring to an encrypted IP tunnel that keeps your ISP from looking at your data packets. This is not a 100% solution, but it adds a layer of security to all of your Internet activity. I use Express VPN.
4. Use Duck Duck Go for searches on the Internet. DDG doesn’t track what you do.
5. Use the Tor Browser if you want even more privacy on browsing.
6. Use encrypted email. Now, to be sure, this can get a bit cumbersome, but there are some good options out there to help you avoid all the tech details of encryption. I use ProtonMail, a Swiss company, that provides some strong privacy, has secure servers, and–the big plus–if the emails go to another protonmail user, the entire email exchange is encrypted.

Things to Avoid

1. Fax machines. These are just tones over a phone line. Yes, there are some fax machines that wait for a code before they print out, but, really, this technology is old and easy to snoop.
2. Attachments in emails. Emails are not secure in any way, and the attachments are at risk of interception, either accidentally or through hacking.
3. Broad distributions of info. Don’t Cc anyone unless they _really_ need to be included. Don’t use group chats. Keep conversations, by whatever medium, to the absolute minimum number of participants.
4. Speaker phones. People can _absolutely_ overhear a conversation. Make the call using the phone normally, or with headphones or earbuds/airpods. Even better, make the call on Signal. If you use earbuds or airpods, make sure they are encrypted on the bluetooth channel.

I hope that starts you in the right direction with privacy. If you are an attorney and would like to have a more in-depth discussion on any of these topics, feel free to contact me. If you are a client of mine, please don’t hesitate to talk to me about any privacy questions or concerns you may have.