Take a moment to consider the many ways we use the internet and other telecommunications tools in our daily work as legal professionals. Phone calls, scheduling and calendaring, legal research, online filings, our omnipresent emails, and more generically, “Googling” for everything from court addresses to legislation to the phone number of that pizza place that feeds us on a late night deadline-driven drafting marathon.
We’ve all read articles (and perhaps even attended at conferences) focusing on security in the cloud. We’ve all been warned about the perils of the guy who might be peering over your shoulder or using some black-app to intercept your wireless data at Starbucks.
Given recent disclosures, however, regarding the US National Security Agency’s various global data-mining activities, it is no longer a question of whether our data is secure.
We now know with reasonable certainty that virtually all of our confidential data and communications is subject to undisclosed, warrantless interception, eavesdropping and archiving by the US government.
As noted in an article today by lawyer Glenn Greenwald at The Guardian, a secret NSA program called XKeyscore assures that virtually all internet activity is collected by the United States government:
A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden.
…”I, sitting at my desk,” said Snowden, could “wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email”.
While the political justifications for these widespread activities may or may not have merit (and that’s a discussion for another day and time), the professional implications for lawyers and our regulators of the NSA disclosures cannot be simply rationalized away.
We have now entered into an era where our assurances of confidentiality must always be asterisked. All of our professional communications continue to be confidential and privileged, but this will be subject, of course, to national security-related activity – domestic and international – over which we have no input, information or control.
No firewalls or security-proofing can change this. So today’s SlawTip is this: Consider adding an asterisk to your assurances of confidentiality.
It’s time for our regulators to speak.
– Garry J. Wise, Toronto