Ethics

Metadata Minefield

Opinions disagree on whether it’s ethical to look at hidden electronic information

Posted Apr 1, 2007 7:11 AM CDT
By Jason Krause

  • Print
  • Reprints
  • Share

One of the first things Vincent Polley does after receiving a document from op­posing counsel is look for metadata, the hidden information embedded in computer files.

“When I get a document, I take a look for a couple of things, like who it was written by and the number of revisions it went through,” says Polley, who practices information technology law at Dickinson Wright in Bloomfield Hills, Mich., and serves on the council of the ABA Section of Business Law. “You can learn a lot about what someone is sending you that you can’t see by just looking at a document.”

The potential value of metadata is hard to ignore. The Pentagon, the British government and a number of public figures were all embarrassed when metadata revealed that their public statements were at odds with private communications.

Drug giant Merck was found to have altered data about its drug Vioxx through metadata mining, which helped plaintiffs in a lawsuit argue that the company had been deceptive about the drug’s safety.

To Polley’s thinking, a lawyer is being remiss if he or she doesn’t look at metadata. But is snooping for hidden data in electronic documents from the other side also unethical, or at least a bit unseemly?

While views on that question are divided, the ABA recently weighed in with an ethics opinion concluding that metadata is essentially fair game.

The ABA Model Rules of Professional Conduct “do not contain any specific prohibition against a lawyer’s reviewing and using embedded information in electronic documents,” states the Standing Committee on Ethics and Professional Responsibility in Formal Opinion 06-442 (Aug. 5, 2006). The Model Rules serve as the basis for most state ethics codes for lawyers.

In reaching that conclusion, the committee points out in its opinion that Rule 4.4(b) is the only provision in the Model Rules that addresses the obligation of lawyers regarding information that they receive inadvertently. Rule 4.4(b), which was added in 2002, states only that a lawyer who receives information that he or she knows or should know was sent inadvertently “shall promptly notify the sender.”

Beyond that, the committee notes, “Rule 4.4(b) is silent as to the ethical propriety of a lawyer’s review or use of such information.”

ABA ethics opinions issued prior to the adoption of Rule 4.4(b) stated that lawyers should not look at information they receive inadvertently from opposing counsel or parties, according to William B. Dunn of Detroit, who chaired the ethics committee during the drafting of the metadata opinion. He notes that the committee rescinded those earlier opinions because they weren’t consistent with revised Rule 4.4.

“We felt the ethics committee is not the ultimate arbiter of moral conduct,” Dunn says. “I don’t think you can have opinions that aren’t supported by the rules.”

Hidden Risks

While reaffirming that lawyers who receive information inadvertently are obligated to notify the sender, the opinion urges lawyers sending electronic information to take steps to eliminate metadata from those documents.

“Without saying so, the clear implication is that if you ignore the issue and disclose client information or adversely affect the client’s position, you run the risk of running afoul of other rules,” says Dunn. “Rule 1.6 on protecting client confidentiality or 1.1 on competence are two that readily come to mind.”

The risk of metadata is that an attorney will unknowingly send an electronic document to opposing counsel that includes confidential, privileged or trade secret information. Word processing software, for example, often includes menu commands that allow someone to see edits and changes that have been made to a document, including text that has been deleted.

The biggest concern may be a comments feature that contains confidential information about a document not meant to be included in the final version.

A lot of people use the comments feature to tell co-workers important information, according to Donna Payne, founder of the Payne Group in Seattle, which makes metadata-stripping software. “But if you leave the comments feature on when you send a document out,” she says, “you’re broadcasting your internal discussions to the other side.”

Polley’s firm has a standing policy on metadata. “In my firm, we scrub our outbound communications,” he says. “Metadata is useful internally to keep track of your documents, but if you’re sending something to opposing counsel, you’d better think about cleaning it up first.”

Of the handful of states that have tackled the metadata issue so far, at least two have taken positions at odds with the ABA opinion.

An opinion issued in 2001 by the New York State Bar Committee on Professional Ethics prohibits attorneys from using computer technology to “surreptitiously obtain privileged or otherwise confidential information” of an opposing party. (Opinion 749, issued Dec. 14, 2001.) The opinion cites New York’s equivalent to ABA Model Rule 8.4, which prohibits a lawyer from engaging in conduct “involving dishonesty, fraud, deceit or misrepresentation” or that is “prejudicial to the administration of justice.”

The ABA’s ethics committee concluded that Model Rule 8.4 does not apply to a lawyer’s use of information that was received inadvertently.

The primary focus of the New York opinion, however, was the use of technology to spy on opposing counsel. A more recent opinion issued by the Florida Bar (Opinion 06-2, issued Sept. 15, 2006) specifically prohibits lawyers from looking for metadata in a document that is sent to them inadvertently.

“When the issue was being discussed here, there were a lot of public comments that likened metadata mining to rifling through someone’s briefcase or flipping through someone’s notebook that they left on a table,” says Elizabeth Tarbert, ethics counsel for the Florida Bar. “You don’t need a rule to tell you that if someone clearly didn’t intend for you to see something that you shouldn’t look at it.”

Meanwhile, the Maryland State Bar Association’s Committee on Ethics issued an opinion concluding, like the ABA opinion, that it is not an ethics violation to look at metadata received from opposing counsel. Opinion 2007-09 (Oct. 19, 2006).

While that conclusion makes some lawyers uneasy, Polley says it reflects the evolving relationship between law practice and technology.

“Basically what the [ABA opinion] said is the old standard was a noble aspiration, but wasn’t practical,” he says. “The new opinion is just more realistic about the way the world works.”

Comments

Add a Comment

We welcome your comments, but please adhere to our comment policy. Flag comment for moderator.

Commenting has expired on this post.