Last updated on February 20th, 2022 at 02:43 pm
Thank you for reading this post, don't forget to subscribe!
It’s the season of gratitude and celebration, gratitude and celebration for getting through all this so far. (You know what “this” is!) Like a lot of you, I am still working remotely. I miss my walk to work, the office kibbitzing, lunches, the in-person bar committee meetings. But the time saved commuting and communing has given me the opportunity to slow down a bit and observe some trends in my practice. One of these trends reflects a phrase that I often find myself repeating: “an ounce of prevention is worth a pound of cure.” So this year, my annual “New Year’s Resolutions” column is focused on prevention, rather than curing. I realize it’s a bit early for New Years—but it’s never too soon to start fresh!
Along with the benefits of remote work are the technology risks that come with it. Comment 8 to Rule of Professional Conduct 1.1, describes familiarity with “the benefits and risks of relevant technology” as a component of maintaining the “requisite knowledge and skill” to comply with your duty of competency. In today’s world, that now means preventing cyberattacks. Cyberattacks are becoming prevalent for big and small firms alike, but you can take steps to prevent them. The most important step is training. Train your staff on the prevalence of phishing emails and the danger of opening pdfs and clicking on links. Also, make sure that every attorney with a laptop can connect to wireless through VPN security. Just weeks ago, the Pennsylvania Supreme Court decided Commonwealth v. Dunkins, 2021 Pa. LEXIS 3994, *14, which held that a student who consents to the terms of use of the Moravian College WiFi network “cannot … have any expectation of privacy with regard to any data … created or stored on computers within or connected to the institution’s network.” How this holding can be extended to a lawyer’s use of WiFi at a coffeeshop, on a train, or in another firm’s conference room, is now in question. Connecting through VPN software is an easy and practical answer to avoiding this very consequential risk.
Other steps you can take are: install software updates that often include security patches; encrypt email; install anti-virus/malware; use a password vault and two-factor authentication whenever possible; back up your data to a server that is disconnected from your network. For a more thorough discussion of these issues and how they implicate the Rules of Professional Conduct, I recommend you read Pennsylvania Bar Association Ethics Formal Opinion 2020:300, “Ethical Obligations for Lawyers Working Remotely.”
First, (don’t laugh) make sure your license is in good standing. A failure to fulfill your annual registration requirement or complete your CLEs can lead to what’s known as an administrative suspension. This is not discipline but it is a halt to your practice. In fact, your continued practice while administratively suspended violates Rule of Professional Conduct 5.5 and can lead to public discipline and —yes—another suspension. I know you are saying—this could never happen to me—but I have seen it happen to many wonderful, dedicated attorneys with excellent credentials and well-managed caseloads. Maybe you delegate your registration requirement to an administrate assistant, or you haven’t checked to ensure that all your remote CLEs have been properly credited. Surprisingly, when this happens, the Office of Attorney Registration will not email you. Instead, they will send you an old-fashioned letter, certified to be sure, but if they don’t have the correct address, or it gets lost in what is now laughingly called our postal system, it may not reach you in time. No matter, you will still be in trouble. As an attorney, you are charged with the responsibility of maintaining your registration and CLE requirements and your lack of awareness of an issue is not a defense. So please take 30 seconds and check these websites to ensure your compliance: https://www.padisciplinaryboard.org/for-the-public/find-attorney; https://www.pacle.org/.
While all these steps to prevent cyberattacks are important, you should consider one more step: cyber insurance. Your discussions with a carrier can provide an opportunity to identify strategies that can make the insurance more affordable and provide better protection. Be sure to check that the insurance covers theft, extortion payments, replacement of computer equipment, forensic recovery and ensuing lawsuits. As a complicating factor, FinCen has recently issued guidance warning against paying ransom to criminal actors, as such payments can be deemed facilitation of criminal activity. This will likely affect the insurability of ransomware payments.
This next issue is a pet peeve of mine and I have been speaking and writing about it a great deal over the past few years. See Risky Business, For the Defense, Volume 4, Issue 4. If you accept flat or “nonrefundable” fees and deposit them in your operating account, you may be violating Rule of Professional Conduct 1.15, the complicated and important rule governing the handling of client money. RPC 1.15 (i) states “legal fees … that have been paid in advance to be withdrawn by the lawyer only as fees are earned” must be “deposited into a trust account unless the client gives their informed consent, confirmed in writing, to the handling of fees … in a different manner.” In ODC v. Ostrowski, 135 DB 2008 (2009) and cases following it, the Disciplinary Board has interpreted a flat fee as paid in “advance” thus requiring it to be deposited into the IOLTA account until the work is done. To avoid this use of the IOLTA, if you are negotiating a flat, non-refundable fee—first, describe the fee in your retainer agreement as “earned upon receipt.”
Theoretically, at least, a fee that is earned upon receipt is not paid in advance and therefore, eligible to be placed in your operating account. However, I strongly recommend that you include the following language in your fee agreement and then have your client counter-sign it: “We have agreed that the fee in this matter is a flat, nonrefundable fee which is earned upon receipt and covers the following work (insert scope of the engagement.) As such, it will not be placed in an attorney trust account to be billed against.” This language conforms to the Rule and dispenses with the issue of whether the fee is paid “in advance” or not. You should also be aware that, while you say that the fee is “nonrefundable” it is still subject to Rule 1.5’s requirement that the fee not be “excessive.”
Check your web-presence. Review your website and make sure all your addresses and admissions information is up-to-date. Be cautious in your description of the geographical reach of your practice. You are responsible for ensuring that clients are not misled about where you practice law. Do this for any site that you use to promote your business, from LinkedIn to Avvo. While we’re on the subject, think about your web marketing strategy and how it can be improved. Lately, I have found myself re-reading this helpful and practical piece from fellow contributor, Meg Pritchard, https://www.law.com/thelegalintelligencer/2021/10/25/aint-nobody-got-time-for-that-3-ways-to-leverage-your-time-for-marketing-success/.
Technology has freed us in many ways, but for some of us its become the freedom to work all the time. In a time when lawyers are coping with the stress of constant demands, setting a limit on the workday is practically a political manifesto! It also sets a positive example for your associates. Tell your clients and your colleagues that your workday has limits. I’m very fond of my out-of-office message for this purpose. Just set a response that says when you’ll return the email and how to contact you in case of emergency.
As we face another year of uncertainty, do not forget that we are here to help each other. Whether you call your local county bar association, the Philadelphia Bar Association Ethics Hotline, the Pennsylvania Bar Association Ethics Hotline or Lawyers Concerned for Lawyers, help is available. And for that, we can all be grateful.
Ellen C. Brotman, of Brotman Law in Philadelphia, represents individuals before licensing boards, providing effective, caring and efficient assistance. She has served as an assistant federal defender in Philadelphia and practiced in small, medium and large firms with a focus on criminal defense, appellate advocacy, professional responsibility and ethics.
Reprinted with permission from the November 30, 2021 issue of The Legal Intelligencer. © 2021 ALM Media Properties, LLC. Further duplication without permission is prohibited. All rights reserved.
You can also find this article, as published, here.