Posted Feb 01, 2013 07:50 am CST
When Hurricane Sandy swept across the northeast United States at the end of October, it left more than 8 million homes without electricity across 17 states. Some homeowners, as well as businesses, waited more than two weeks for power to be restored.
But compared to what could happen in a serious cyberattack on the United States, Sandy was like blowing out a candle on the country’s digital infrastructure.
“Just imagine if Superstorm Sandy was a cyberattack,” says ABA President Laurel G. Bellows. “It was nothing compared to an attack that shuts down our grid.”
The scope of such a threat, which would inevitably have legal consequences, is a big reason why Bellows, who is principal of the Bellows Law Group in Chicago, has made cybersecurity one of her presidential priorities. Among her other priorities are human trafficking, gender equality and the continuing funding crisis facing the nation’s state courts.
“I’m very proud that our association is addressing these tough issues,” Bellows said in a recent interview with the ABA Journal as she approached the halfway mark of her one-year term, which will occur in early February at about the time the association holds its 2013 midyear meeting in Dallas. Her term will end in August at the close of the annual meeting in San Francisco.
While a major cyberattack could cause immense damage to the technological capabilities of the United States, Bellows says lawyers also should be concerned about small-scale incursions against them and their clients.
“Cyberattacks are happening thousands of times a day, and some of the most vulnerable targets are law firms, which hold so much information of their clients and serve as ‘gates’ to their clients,” she says. “We’re fooling ourselves if we think there aren’t efforts to reach client information through us.”
The threat to confidential client information from cyberattacks raises ethics concerns that require more attention from lawyers, say a growing numbers of experts on professional conduct issues. That could change, however, as states begin to consider adopting revisions to the ABA Model Rules of Professional Conduct that were adopted by the association’s policymaking House of Delegates in August at the recommendation of the Commission on Ethics 20/20. The commission has been working since 2009 to study the impact of technology and globalization on the legal profession, and to propose revisions to the Model Rules and related standards for lawyers where appropriate.
The recommendations adopted by the House clarify a lawyer’s ethical duty to take reasonable measures to protect the confidentiality of client information, including material stored electronically. New language for Model Rule 1.6 (Confidentiality of Information) affirms that a lawyer has a duty to make reasonable efforts to prevent inadvertent as well as unauthorized disclosure of information relating to client representation. Language was added to the comment to Rule 1.1 (Competence) stating that a lawyer’s efforts to bring competent representation to clients includes keeping up with changes in relevant technology. And language changes were made in several rules to encompass electronically stored information, as well as traditional document forms.
In addition to nudging the Model Rules a little further into the 21st century, the ABA is bolstering its efforts to educate lawyers about the threat of cyberattacks and how to respond to them.
Among other efforts, Bellows says, the ABA is producing a guidebook on how to protect electronic files from cyberattacks. The association also is planning to offer members more CLE programs concerning cybersecurity and is creating a Web portal that will contain educational materials.
Many of these efforts are being coordinated by the Cybersecurity Legal Task Force, created in August by the ABA Board of Governors at Bellows’ request. The steering committee for the task force is co-chaired by Judith A. Miller, an attorney in Washington, D.C., who serves on the Ethics 20/20 Commission and is a past chair of the Section of Litigation; and Harvey Rishikof, a D.C. attorney who is a past chair of the Standing Committee on Law and National Security and now chairs its Advisory Committee.
The task force is working closely with 11 ABA sections and divisions that have committees looking at issues relating to cybersecurity, along with an advisory group made up of representatives from the private sector, Bellows says. “The ABA won’t take a ‘silo approach’ to an issue of such importance,” she says.
In November, the Board of Governors adopted a resolution submitted by the task force that sets forth five guiding principles that should be taken into account by the executive and legislative branches of the federal government in developing policies to improve cybersecurity for the public and private sectors.
The principles emphasize that protecting U.S. assets, infrastructure and economic interests from cyberattacks will require collaboration between the private and government sectors. The principles call for appropriate changes in law and policy to keep up with advances in technology, and they emphasize that privacy and civil liberties must remain a priority in those policies.
“Cybersecurity is a complex issue that requires a holistic approach to address current and future risks,” states the task force in its report to the Board of Governors. “The American Bar Association should play a leadership role in preparing lawyers to contribute to this multidisciplinary discussion and also be prepared to contribute to the national dialogue on cybersecurity.”
On another front, the Board created the Gender Equity Task Force to give more impetus to efforts to break the glass ceiling in the legal profession. The task force is chaired by Roberta D. Liebenberg, a senior partner at Fine, Kaplan and Black in Philadelphia and a past chair of the ABA Commission on Women in the Profession.
But Bellows acknowledges that achieving that goal still is a formidable task. Compared to other countries, she says, “we are not that far ahead on gender equity. We may not be ahead on gender equity. The glass ceiling has shattered on an individual basis. Women are visible everywhere, and in all fields. But visibility does not translate into equity.”
There has been widespread evidence recently that gender-based inequities continue to haunt the legal profession. In early December, for instance, a federal class-action lawsuit seeking $200 million in damages was filed claiming that female lawyers at Greenberg Traurig—a firm with some 1,700 lawyers in offices throughout the U.S. and in several countries overseas—are undercompensated.
The suit claims that this is partly because of a “boys club” in which male lawyers hog credit for originating clients, exclude women from client pitches, and favor themselves in work assignments.
In September, Bellows noted the results of two recent surveys indicating that men tend to do better than women at law firms in terms of pay and advancement. “Whether through implicit bias or a failure of our profession’s system of compensation, top women partners in law firms across the country are not being paid equitably,” Bellows said in a statement issued at the time.
One of the priorities of the Gender Equity Task Force, Bellows told the ABA Journal, is to develop model compensation policies for law firms that will increase transparency in the compensation process, encourage inclusion of women on compensation committees, and ensure that women have the same financial opportunities as men.
The task force also has worked with several foreign bar associations to form the International Women-to-Women Business Networking group, which held its first event Nov. 1 in Dresden, Germany.
Bellows cautions, however, against focusing entirely on the problems women face in pursuing careers in private practice, which she suggested may be a factor in the decisions by some women to opt out. “We talk about how difficult it is to practice law,” she says, “but we don’t often talk about the thrill, the successes and the satisfaction of being a lawyer. We need to do that more.”