From: Daily Report
During its annual meeting, the ABA House of Delegates adopted a resolution calling for laws preventing, deterring, and punishing cyberattacks on lawyers’ and law firms’ computers and networks.
By Victor Li
Citing a growing need to protect client confidentiality in the face of dangerous and sophisticated hackers and cybercriminals, the American Bar Association’s House of Delegates passed a resolution on August 12 calling on federal, state, and local governments to pass strong laws combating unauthorized intrusion into lawyers’ computers and networks.
The house of delegates, which sat for two days during the ABA’s annual meeting taking place in San Francisco through August 13, also urged lawyers and law firms to do their part to preserve their clients’ confidentiality by keeping abreast of technological advances and complying with cybersecurity safeguards. The resolution urged the United States government to work with other nations to create “legal mechanisms, norms and policies” punishing and deterring cyberattacks against law firms and lawyers, and encouraged lawyers to keep their clients reasonably informed in the event of a breach.
“[A]s technology advances, the legal profession must adapt to meet the demands of clients and ensure that cornerstones of the profession, such as confidentiality, remain intact,” wrote ABA cybersecurity legal task force co-chairs Judith Miller and Harvey Rishikof, in a report accompanying the proposed resolution.
Miller, who served as co-chair of the task force, told Law Technology News the adopted resolution was significantly broader than the one that was originally proposed. For instance, the original resolution condemns “intrusions by foreign governments, organizations, and individuals.” The adopted resolution, however, removes the reference to “foreign governments” and condemns unauthorized intrusions by all governments — presumably including the U.S. Likewise, a provision urging the U.S. government “to work with other nations and international organizations” to develop legal mechanisms punishing and deterring cybercrime, was modified to urge the government to “work with other nations and organizations in both the public and private sectors.”
“The house thought it was important that we focus on entities of all stripes, in order to deter them from invading law firm networks,” said Miller. “It was a broader principle and I thought it made sense for the house to do that.”
Outgoing ABA president Laurel Bellows says she came up with the idea for the task force because she was concerned at the prospect of being unprepared for a cyberattack. “I became aware of the extraordinary number of cyberattacks being pushed back by our government and by private corporations,” said Bellows, whose term as president ended during the annual meeting. “I realized that this was a real threat and I was concerned that we, as a country and as lawyers, had not really addressed the sanctity of our confidential information.”
Miller and Bellows both said that they hoped the resolution would be the first of several dealing with the issue of cybersecurity. “The house has never really considered cybersecurity before, so this was a good first step,” said Miller. “We wanted to highlight for lawyers and clients that this is a significant issue.” Miller encouraged lawyers to review the ABA cybersecurity handbook released August 5.
The task force will continue to meet under incoming president James Silkenat of Sullivan & Worcester. Bellows says that she would like to see the task force tackle broader issues relating to cybersecurity, including the legal scope of governmental surveillance and what level of privacy currently exists. “We must come to a conclusion as to what our priorities are in this area,” said Bellows. “However, I have every confidence we will find solutions to the problems we face today.”
Leave a Reply