LEGAL ETHICS & MALPRACTICE REPORTER
Vol. 1 April 30, 2020 No. 5
TABLE OF CONTENTS
Featured Topic: Ethics & Law Office Management
New Authority: Outsourcing & Temporary Lawyers
Tech Tip: Encryption
Ethics and Malpractice Research Tip: History of Rules of Professional Conduct
A Blast from the Past: The Lawyers’ Code of Ethics: A Satire by Valmaer
ETHICS & LAW OFFICE MANAGEMENT
Although the majority of ethical rules incorporated into the Kansas Rules of Professional Conduct apply to individual lawyers, Chapter 5 of the KRPC (and the Model Rules) focuses on the special ethical issues that arise in the law firm context. These rules apply to every law firm that employs more than a single individual—including even solo practitioners who employ support staff. The primary focus of Chapter 5 is on the necessity for lawyers, both those in positions of supervisory or managerial responsibility and those who are subject to supervision, to take responsibility for ensuring that all employees of a law firm comply with all of the rules of professional responsibility. Every law firm must establish (and, preferably, codify) rules and procedures in compliance with Rules 5.1-5.5 and ensure that all lawyers and staff members are fully aware of their responsibilities under these rules.
Rule 5.1 sets out the general rule of responsibility of lawyers in a law firm:
(a) A partner in a law firm and a lawyer who individually or together with other lawyers possesses comparable managerial authority in a law firm shall make reasonable efforts to ensure that the firm has in effect measures giving reasonable assurance that all lawyers in the firm conform to the rules of professional conduct.
(b) A lawyer having direct supervisory authority over another lawyer shall make reasonable efforts to ensure that the other lawyer con- forms to the rules of professional conduct.
(c) A lawyer shall be responsible for another lawyer’s violation of the rules of professional conduct if:
1. (1) the lawyer orders or, with knowledge of the specific conduct, ratifies the conduct involved; or
2. (2) the lawyer is a partner or has comparable managerial authority in the law firm in which the other lawyer practices, or has direct supervisory authority over the other lawyer, and knows of the conduct at a time when its consequences can be avoided or mitigated but fails to take reasonable re- medial action.
Rule 5.1(a) imposes an obligation on any lawyers who serves as managing partner or as a member of the management committee of a law firm to ensure that the firm takes “reasonable” efforts to make sure that the firm has adopted measures to “reasonably” assure that all lawyers in the law firm comply with the rules of professional conduct. What constitutes such “reasonable efforts”? Comment 2 to Rule 5.1(a) states that such efforts include adoption of “policies and procedures include those designed to detect and resolve conflicts of interest, identify dates by which actions must be taken in pending matters, account for client funds and property and ensure that inexperienced lawyers are properly supervised.” Thus, lawyer-managers will bear a burden to ensure that the law firm has policies that will guarantee that client funds will be protected under Rule 1.15, provide for mechanisms to resolve conflicts within the firm before they become problematic, ensure
that lawyers in the firm meet all obligations at the times required, and ensure that inexperienced lawyers in the firm are adequately supervised by more experienced lawyers so that they do not commit ethical violations. Although the rule and comments do not explicitly state that law firms must codify these rules and policies, including them in written manuals available to all firm employees is the safest course to follow.
In practical terms, law firms may comply with details of Rule 5.1(a) in various ways depending on the size and structural complexity of the law firm. For instance, in most firms, client funds, client trust accounts, and other activities that fall with the purview of Rule 1.15 should be handled either by senior lawyers or financial staff who are supervised by managing partners and possess the knowledge and expertise needed for full compliance. In most cases, this will require centralization of financial functions in the firm so that every lawyer is not responsible for dealing with client funds and Rule 1.15 compliance.
As regards establishing policies and procedures to ensure that the lawyers in the firm comply with the conflicts rules contained primarily in Rules 1.7 to 1.12 of the KRPC, firms need to adopt measures to prevent conflicts among clients at client intake. Today, much of this conflict prevention work can be done by computer programs before a new client is accepted for representation. Additionally, larger firms may well want to appoint either one partner or a committee of partners to resolve potential conflicts problems as they arise. Finally, Comment 3 to Rule 5.1(a) also suggests that firms might, for example, “have a procedure whereby junior lawyers can make confidential referral of ethical problems directly to a designated senior partner or special committee.” Some firms explicitly appoint one partner as the firm’s “ethics counsel.”
It is important to note that a firm may violate Rule 5.1 simply by failing to establish the required policies and procedures, even though no other rule violation results. Similarly, if a violation of other rules does occur, a failure to have in place the policies and procedures required by Rule 5.1 may add additional counts to an eventual disciplinary complaint. Here, again, having these policies and procedures in written form will make proving their existence far easier.
Rule 5.1(b) establishes the general rule that a partner having “supervisory authority” over another lawyer “shall make reasonable efforts” to assure that the supervised lawyer “makes reasonable efforts to conform to the rules of professional conduct.” This rule means in practice that a supervising lawyer cannot adopt a laissez faire attitude to supervision of junior attorneys. The supervising lawyer must at least be reasonably aware of the junior lawyer’s actions so as to be able to prevent or mitigate unethical behavior of a junior lawyer. Even a senior associate, no matter how experienced, falls within this rubric.
Firms may deal with this obligation in various ways. A firm might adopt guidelines for attorney supervision. Or it might leave the details of such supervision to each supervising attorney, if the firm is confident
that the supervising lawyers will adequately fulfill the requirements of Rule 5.1(b). Comment 3 to rule 5.1(a), however, contains a stark statement about what assumptions a firm may make about general compliance with the rule:
In any event, the ethical atmosphere of a firm can influence the conduct of all its members and the partners may not assume that all lawyers associated with the firm will inevitably conform to the Rules.
This makes it very clear that Rule 5.1 requires that firms take affirmative action to ensure compliance with its requirements and cannot just “assume” that all of its lawyers will behave ethically without guidance from the firm.
In many respects, Rule 5.1(c) is the most radical of the rules in this chapter. Rule 5.1(c) imposes liability on a lawyer for the actions of another lawyer if:
1. the lawyer orders or, with knowledge of the specific conduct, ratifies the conduct involved; or
2. the lawyer is a partner or has comparable managerial authority in the law firm in which the other lawyer practices, or has direct supervisory authority over the other lawyer, and knows of the conduct at a time when its consequences can be avoided or mitigated but fails to take reasonable re- medial action.
In both of these cases, lawyers in a firm will be responsible for another lawyer’s actions if they either ordered or ratified the other lawyer’s actions. Thus, if one lawyer orders another lawyer to act in violation of the Rules, then that lawyer who orders the actions will be responsible for the other lawyer’s violation. Similarly, if a lawyer learns of an unethical action by another lawyer in the firm, she will also bear responsibility if she “ratifies” that behavior.
A lawyer who is a managing partner in a law firm or a supervisory lawyer who becomes aware of another lawyer’s violation of the rules will also be held to have violated Rule 5.1(c) if: (1) there is time to stop or mitigate the effect of an unethical action; and (2) she does not take reasonable remedial action to mitigate or to prevent the ethical violation. Thus, even if a lawyer does not order or ratify unethical behavior in a law firm, a lawyer with managerial or supervisory responsibility may be in trouble. Again, this requires the adoption of firm procedures that will insure that lawyers with such responsibility are able to stay informed about other lawyers’ actions and have the ability to prevent or mitigate the effects of such actions if they violate the KRPC. Comment 7 to the rule also reminds lawyers of their correlative responsibility to report all violations of the rules of professional responsibility pursuant to Rule 8.4(a).
The general rules set forth in Rule 5.1(c) impose significant burdens on lawyers holding managerial and supervisory positions over other lawyers employed by the firm. Failure to adopt necessary
procedures and practices or to closely monitor the actions of all lawyers in a firm may well result in disciplinary actions against those lawyers in positions of law firm power and responsibility. While this is obviously an undesirable result, it should be avoidable with some effort.
OUTSOURCING & TEMPORARY LAWYERS
The current coronavirus pandemic is wreaking havoc in the United States—both in human terms and economically. Businesses across the nation find themselves taking various measures to ensure their financial stability, including employee layoffs, furloughs, and hiring freezes. Law firms are not immune to these financial strains, and many are being forced to resort to similar tactics. The ABA Journal and Bloomberg Law report that many law firms across the country are already cutting salaries, reducing partner compensation, and furloughing or laying off employees.
While the cause of the country’s stresses is new, the stresses themselves are not greatly different from those felt by law firms during the Great Recession of 2008 and the many other financial downturns that have occurred in the past one hundred years. During these periods of economic downturn, many firms were slow to rehire lawyers on a permanent basis as the economy improved and business picked up again. Instead of rehiring regular, full-time lawyers, many law firms chose either to hire temporary lawyers as staffing needs arose or to “outsource” both legal and non-legal work to avoid making permanent additions to legal and other staff. In the wake of the Great Recession, both of these management techniques have grown in popularity in the legal profession. Both may become even more popular when the present health and economic crises end and law firms need additional legal staff but are hesitant to make permanent hiring decisions.
In the past few decades, the American Bar Association and various state Bars have issued a series of ethics opinions to ensure that, when law firms do make the choice to employ temporary or “contract” lawyers or to otherwise outsource legal work, they do not violate the rules of professional responsibility. The next few months’ “Authorities” columns will address the basic ethical framework for employing temporary lawyers or outsourcing legal work to non-firm lawyers.
The American Bar Association’s Standing Committee on Ethics and Professional Responsibility has issued several formal opinions on these subjects. The first of note is ABA Formal Opinion 88-356, which discusses the ethics of using contract attorneys and whether a law firm must disclose such use to clients on whose matters they are employed. ABA Formal Opinion 00-420 takes the earlier discussion one step further and discusses disclosure requirements relating to the calculation of fees and the billing of temporary lawyers’ work to clients. In so doing, this opinion also discusses the applicability of an earlier opinion, ABA Formal Opinion 97-379, regarding whether lawyers may
take a profit on third party services performed for clients. ABA Formal Opinion 08-451 discusses the various ethical issues when lawyers choose to outsource specific legal or non-legal tasks to third parties rather than hire temporary lawyers to perform these tasks within the law firm context.
In addition to these ABA opinions, there are also a large number of state ethics committee opinions that either modify or supplement the ABA opinions. For instance, D.C. Bar Opinion 352 discusses the special conflicts problems raised by the use of temporary lawyers.
Next month’s issue of the Legal Ethics & Malpractice Reporter will discuss these various ethics opinions in greater detail, as well as discuss the applicability of specific rules of professional responsibility (e.g., Rule 5.3, Rule 1.7, and Rule 1.1). Those wishing for more information before then should consult the excellent article by Douglas R. Richmond, “Watching Over, Watching Out: Lawyers’ Responsibilities for Nonlawyer Assistants, 61 U. Kan. L. Rev. 661 (2012), which covers a number of these issues.
by Matthew Beal
KPRC 1.6(c) requires that all lawyers “make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” Acting reasonably requires that attorneys do what is in their power to not only implement appropriate protective measures, but also understand what those protective measures can and cannot do. Because so much of clients’ confidential information is stored and transmitted electronically, attorneys will be better poised to establish reasonable and effective protocols if they understand the technologies they are using and the security mechanisms available to them. To that end, this month’s tech tip is devoted to explaining an important component of any law firm’s electronic data security policy: encryption.
Encryption is the process of encoding information so that only authorized parties can decode it. Encryption is accomplished by replacing plaintext data with cyphertext data that is secured by a key. An authorized person who possesses the same key is able to decrypt the data back into its original plaintext version. It is used in infrastructure such as home or office Wi-Fi routers, your computer login, communication such as email or chat, web browsing, cell phone applications, and online banking platforms.
The strength of encryption is based on the bit length of the key. A large key creates more possible combinations, which makes it more resilient. Current standards vary between 128, 192, and 256 bits. In any case, the goal is to minimize the risk of the data being decrypted
by an unauthorized person via brute force attack (the process of guessing all the possible combinations so as to decrypt the data).
There are two predominant methods of encryption: (1) symmetric encryption; and (2) asymmetric, or public key, encryption. Symmetric encryption uses a single key to encrypt or decrypt the data. This contrasts with the asymmetric encryption approach, where one key is used to encrypt the data and a different key is used to decrypt the data. With asymmetric encryption, either key can be used to encrypt or decrypt the communication, and each key only works with its corresponding key.
One place asymmetric encryption is significant is in internet communications. Hypertext Transfer Protocol Secure (HTTPS) is a method of securing your computer’s communication with the website. HTTPS uses an encryption protocol called Transport Layer Security (TLS) to determine if the origin website has a Secure Socket Layer (SSL) certificate installed. Put together, your internet browser will communicate with a secure website if the transport layer security determines that the website has the proper security certificate installed. The security certificate issues its public key encryption algorithm back to the requesting computer, and the computers begin to securely transmit data between themselves based on the received public key. This same process is used to secure email communications between your client’s email server and your email server, as well as your email server and the target server.
Generally, a cellular telephone application or website indicates whether it is encrypting communications. This may appear as the image of a paddle lock, HTTPS preceding an internet address, or another indication that SSL is being utilized for the communication.
Data at rest relies on the computer or network encryption. Some operating systems, such as Windows, use a proprietary method for securing data on the drive. Others use applications to encrypt the data. In these instances, accessing the encrypted data in plaintext form may be automatic and based on the credentials provided; at other times, decryption will require a password. These processes of encryption use an asymmetrical encryption method for security as well.
ETHICS & MALPRACTICE RESEARCH TIP
HISTORY OF RULES OF PROFESSIONAL CONDUCT
On occasion, a lawyer may find it useful to research the history of the Rules of Professional Conduct. The rules have evolved over centuries. They have origins in the early nineteenth century works of such jurists as David Hoffman and Judge George Sharswood. The American Bar Association first published rules on legal ethics in 1908, and they have undergone many changes in the past quarter century. By understanding how the rules have developed over time and the
circumstances underlying the changes, a lawyer gains better perspective on the purpose, scope, and meaning of the current rules.
There is no treatise entirely devoted to this subject, but a number of books address it. Though somewhat old, Charles Wolfram’s classic treatise Modern Legal Ethics has useful historical material. So does David Mellinkoff’s The Conscience of a Lawyer.
Among the authors who have written articles on the history of legal ethics, I particularly recommend the work of Professor Michael Ariens of St. Mary’s Law School. His “Lost and Found: David Hoffman and the History of American Legal Ethics,” 67 Ark. L. Rev. 571 (2014), and “Brougham’s Ghost,” 35 No. Ill. U. L. Rev. 263 (2015), are especially worthwhile. For a discussion on the history of the American Bar Association’s efforts to regulate legal ethics, consult John M. Tyson’s “A Short History of the American Bar Association’s Canons of Legal Ethics, Code of Professional Responsibility, and Model Rules of Professional Responsibility, 1908-2008,” 1 Charlotte L. Rev. 9 (2008-2009).
A useful collection of articles on the history of legal ethics was published in 47 U. Kans. L. Rev. (1998-1999). This collection includes one of my articles, “Legal Ethics in the Nineteenth Century-the Other Tradition.” This article explores the history of the ethical limits placed upon zealousness in advocacy.
I have collected important original source materials on the history of legal ethics in the United States in M.H. Hoeflich, Sources on the History of the American Law of Lawyering (2007). And, although not necessarily helpful to resolve practical disciplinary issues, I hope that some readers will find another of my articles thought provoking: M.H. Hoeflich, “On the Christian Origins of American Legal Ethics,” KS. Bar Journal 49 (May 2017).
When I need to research the history of a particular rule, I have found several techniques to be useful. The method I most commonly use is to do a Google search of “history ethics rule [rule number].” This will generally return articles on the history of a particular rule. One can also search “history model rule [rule number]” or “history rule [rule number] KRPC” or variations thereof. In addition, one can do similar searches in either Lexis or Westlaw in the appropriate libraries. Finally, I have found articles that do not appear in these databases by doing these same searches in Hein Online. Most lawyers will not have a subscription to this costly database, but virtually every university does and should be available there.
BLAST FROM THE PAST
THE LAWYERS’ CODE OF ETHICS: A SATIRE BY VALMAER
This month, as the world as we knew it has been changed by the coronavirus pandemic and the health and financial stability of our nation is imperiled, a bit of comic relief might be in order. The following extract comes from Valmaer [Michael Ream], The Lawyers’ Code of Ethics, published in St. Louis, MO in 1887:
Art. 1, Duties of Lawyers to the Clients
Sec.1. The first thing to do is secure your client. How to do that depends very much upon the tact of the lawyer; a client you must have no matter at what cost or how you manage it; and it must be a real, live one. After you have him, to be sure of him, always demand a retainer. Retainers have made many lawyers rich. You can usually do this by telling him it is the rule of your office; and insures good faith on his part. Give him a receipt for it, to insure good faith on your part. If you are a young practitioner, it is a good plan to take down on paper all the circumstances connected with the case; then tell him you are very busy, and, as the case will not need your immediate attention he had better go home and return in a few days. The point is this: it gives you time to look up the authorities, and impresses the client with the fact that you are the busiest man in town…
Sometimes, satire is more revealing of actual practice than real codes of ethics!