This post was authored by Eric Pesale, a soon-to-be attorney who recently graduated from the New York Law School. Eric contributes regularly to the Logikcull blog, focusing on the legal impact of emerging technologies. He can be reached at epesale@gmail.com or on Twitter at @ericpesale.
On September 30, Florida became the 25th state to codify technological competency requirements for its bar members. According to the Florida Supreme Court, members of the Florida bar are now required to take 3 CLE credit hours per year on technology-related topics. More significantly, the requirement puts attorneys on notice that they risk malpractice if they fail to competently navigate technology-related issues, such as properly safeguarding confidential electronic communications or engaging non-legal technical advisers when necessary.
Florida’s new tech-focused rules highlight an overdue but increasingly popular approach by state bar associations to address a glaring competency problem that has beset a profession still dependent on Windows XP, fax machines, and, yes, typewriters.
As of today, 25 states have adopted technology competency requirements for attorneys in the three years since Delaware and Connecticut became the first to do so. This trend will likely prove beneficial -- if hard medicine -- not only for the 62% of practicing attorneys age 45 or older who did not grow up with computers and similar modern technology, but also for new associates and solo practitioners whose only experience with legal technology involves using Westlaw Next or Lexis Advance.
At this point, you’re probably wondering what technological skills are necessary to ensure competent practice. While the Federal Rules of Civil Procedure give guidance, if not hard-and-fast standards, this issue can only otherwise be answered on a state-by-state basis -- and many states do not provide technical competency requirements that are as specific or detailed as Florida’s. Nonetheless, a review of various state formal opinions and cases involving ESI highlight certain technical skills you likely should know to help ensure you are providing competent representation.
The impact of ABA Model Rule 1.1. Comment 8
Technological competency falls under the purview of ABA Model Rule 1.1, which has been adopted in various flavors by all 50 states. The rule states that an attorney is required to provide competent representation to their clients, a catchall meaning the attorney must possess the legal knowledge, skill, thoroughness and preparation reasonably necessary to represent a client.
Model Rule 1.1 remained unchanged through the 1990s and 2000s, in part because -- as one ABA primer from 2006 revealed -- technology-related malpractice issues were limited to email metadata issues, portable drives, and stolen laptops.
However, a number of cases, most notably the Zubulake decisions, held that attorneys have various duties to comply with eDiscovery best practices, ESI preservation, and to learn emerging litigation and legal software. Those decisions prompted the ABA to amend Comment 8 to Rule 1.1 in 2012. The comment now states that attorneys “should keep abreast of changes in the law and its practice, including the benefits and risk associated with relevant technology” as a prerequisite of fulfilling their duty to provide competent representation (emphasis added).
While the ABA says the revised Comment 8 tells lawyers they have a duty to be up to speed on relevant technology developments, the ABA curiously used the word “should” -- typically used to express a recommendation -- in its revised language, rather than the words “shall” or “will,” which are normally used to express a duty. Furthermore, the rule does not outline what technology skills a lawyer should actually know in order to provide competent representation. As the ABA Model Rules are merely recommendations regarding what state bar associations should adopt, the issue of what constitutes competent practice is left to the states to determine.
What states have said about competence
While some state bar associations have merely copied and pasted Comment 8 into their own versions of Rule 1.1, other states have provided more information regarding the technological skills they expect attorneys to know. Currently, state bar associations appear to highly value knowledge of eDiscovery, ESI preservation, and client data protection as necessary to meet thresholds of competence.
California has perhaps gone the furthest, issuing a detailed formal opinion stating that attorneys need to either possess an understanding of several eDiscovery-related tasks, or retain an experienced lawyer or non-lawyer technology expert who does. Those tasks include:
- initially assessing e-discovery needs and issues,
- implementing or causing to implement appropriate ESI preservation procedures,
- analyzing and understanding a client’s ESI systems and storage,
- advising the client on available options for the collection and preservation of ESI,
- identifying custodians of potentially relevant ESI,
- adequately conferring with opposing counsel on managing eDiscovery plans,
- performing data searches,
- collecting responsive ESI in a manner that preserves the integrity of that ESI, and
- producing non-privileged ESI in a recognized and appropriate manner.
In addition to eDiscovery, other states have also codified rules regarding the protection of client data and electronic communications stored on law firm servers. Connecticut, for example, considers a number of factors in determining whether a lawyer has made reasonable efforts to prevent unauthorized access to client documents and communications, such as the nature, complexity and cost of various technical safeguards the attorney and his or her firm used. This requirement, at the very least, demands that attorneys have knowledge of the kinds of software appropriate for encrypting and protecting client data, and be able to either implement this software or find an expert who can.
Even jurisdictions that have not adopted technical competency requirements have also cautioned attorneys to focus on eDiscovery and client data protection best practices. While the District of Columbia’s bar association, for example, has only addressed technological competency issues involving metadata, it has also stated that attorneys should be able to sufficiently understand whatever software their firms use to properly protect client data.
In the end, learning eDiscovery, ESI preservation, and client data protection best practices will help you get started on the right track toward achieving the level of technological competence bars are looking for and clients demand. Be sure to check your state’s technological competency guidelines for more detailed information.