Is the Attorney-Client Privilege Safe?
California Lawyer

Is the Attorney-Client Privilege Safe?

May 2014

Despite advances in encryption-and the ever-lengthening notes at the end of attorneys' emails-many legal ethicists and lawyers worry that the erosion of electronic privacy is threatening the attorney-client privilege and confidentiality.

After news reports in February showed that government agencies may be listening in on lawyers' conversations with their clients, the American Bar Association wrote to the National Security Agency asking about information the agency accepted from Australian counterparts who eavesdropped on a U.S. law firm's calls with a client. ABA president James R. Silkenat asked the NSA to explain how it protects the attorney-client privilege when it "collects or receives" information. General Keith B. Alexander, U.S. Army director of the NSA, wrote back in March that NSA's procedures "are designed to minimize the acquisition, retention, and dissemination of information to, from, or about U.S. persons," which can include companies, law firms, and other organizations. Alexander said the NSA must destroy any nonpertinent information, privileged or not, and may not disseminate information about U.S. persons unless it is necessary to understand foreign intelligence; is evidence of a crime; or indicates a threat of death or serious harm.

But some attorneys were disturbed to learn the NSA may have peeked in on a law firm's communications with a client over trade strategy-though eavesdropping has always been a danger for lawyers doing international work, says Thomas M. Shoesmith, a partner in Pillsbury Winthrop Shaw Pittman's Silicon Valley office who specializes in international corporate transactions.

"You could take normal precautions and protect yourself against anybody below the state level, but we're talking about our own government," says Shoesmith. "It's terrifying for us lawyers. There's nothing we can do about it. Scramblers, I suppose?"

Experts worry that international espionage and even some corporate monitoring of email within the United States might compromise attorney-client confidentiality for all kinds of clients-not just criminal suspects and alleged terrorists-and even violate attorney-client privilege. The privilege protects information that clients share with their lawyers in order to obtain legal representation. (See Cal. Evid. Code § 952.)

The California State Bar issued a formal opinion in 2010 urging attorneys to take care when using technology to transmit or store privileged information, but it offered no specific advice. (Cal. St. Bar Stndg. Comm. on Prof'l Resp. and Conduct, Formal Opn. No. 2010-179.) And, unlike some states, California has no official rules on the matter. (Members of the State Bar's ethics committee don't comment publicly on issues they may be considering.)

Richard Zitrin, a former committee chair who now lectures at UC Hastings law school, says lawyers may need to exercise a whole new level of care to protect privileged and confidential conversations. "The way I talk to other lawyers about it is to say, 'If you're talking about secret trial strategy, you may want to go beyond what is admissible in court,' " Zitrin says. " 'You may want to go out in a dinghy in the middle of Lake Tahoe to have the conversation.' " The NSA has acknowledged it has surveillance programs to monitor foreign governments and people and anyone suspected of terrorism. Documents leaked by former NSA contractor Edward Snowden show the agency collects information about the phone records, Internet browsing history, and email messages of American citizens with (and without) the help of phone companies, tech giants like Facebook and Microsoft, and even the makers of popular online video games.

The ABA's Silkenat said in his letter that the press reports on information sharing between U.S. and Australian intelligence organizations might not be accurate, "given the [NSA] principles of 'minimization' " under the law (see 50 U.S.C. § 1881a)-the agency is to stop listening in on attorney-client communications if the client is under indictment in the United States and the lawyer talking is representing him or her on that matter. But the NSA can record attorney-client communication in other cases. And Silkenat said damage to the "full and frank" discussion "essential for effective legal representation" could seriously undermine the privilege "because, as the U.S. Supreme Court noted in Upjohn Co. v. United States, 449 U.S. 383, 393 (1981), 'an uncertain privilege ... is little better than no privilege at all.' "

Stewart Baker, a partner at Steptoe & Johnson and a former assistant secretary for policy at the Department of Homeland Security, says concerns about the NSA and privilege are overblown. "I would say that intercepts by the NSA ought to be lower on the priority list that law firms worry about." He says firms should focus instead on the threat to confidentiality posed by the activities of all foreign countries' intelligence operations, particularly China's. Lawyers at four other firms with major international practices declined to comment.

In the case of communications by Americans who aren't criminal suspects, the NSA says it tracks only metadata-that is, who sent a message, who received it, when, and often where the parties were. But Rex Perschbacher, a former dean at the UC Davis School of Law and a professor of civil procedure and ethics, is not reassured. "I simply would not accept any claim by the government that they were protecting attorney-client communications," Perschbacher says. "It is too difficult [for the NSA] even to begin to understand when these [conversations] take place, which requires listening to them."

For her part, Cindy Cohn, legal director at the Electronic Frontier Foundation, often uses Pretty Good Privacy, a free program that encrypts her communications. "I don't like thinking of the attorney-client privilege as some kind of a game, where if you play correctly you get it and if you lose you don't."

Norman Abrams, professor emeritus of law and a former chancellor at UCLA, says the situation will continue until Congress, the executive branch, the Defense Department, or some other agency offers a clear standard. "What's really needed-and I think everybody agrees to this-is some rules." Certainly, expectations of privacy and confidentiality have evolved, but the quickening pace of technological advances has left lawyers to fend for themselves on privilege. The ABA told members in 2011 that they must warn clients about the risks to confidentiality that communicating electronically presents; it noted particularly the right of employers to inspect email. (See ABA Stndg. Comm. on Ethics and Prof'l Resp., Formal Op. 11-459 (2011).) That advice is at least more cautious than the ABA's formal opinion in 1999-five years before Google's Gmail was introduced-that email affords a reasonable expectation of privacy. But 15 years later, we are equally hard-pressed to imagine the future of communications.

David Ferry writes from San Francisco about the law, social issues, and technology.

We welcome your comments!


E-mail: (will not be published)

By submitting a comment, you agree to abide by our comment policy.

Enter the characters on the left: