Rule 1.6 of course requires a lawyer to maintain the confidentiality of client information. But does it require a lawyer who digitally stores and communicates information to use über-security measures like encryption or multi-factor authentication? Does it prohibit a lawyer from using a public Wi-Fi network at Starbucks or at an airport?
A September 10, 2013 decision from the Ninth Circuit Court of Appeals should give comfort to even the most confidentially-minded of lawyers. In Joffe v. Google, Inc., the Ninth Circuit considered whether the federal Wiretap Act covers communications over Wi-Fi networks. That act imposes liability on anyone who “intentionally intercepts . . . any wire, oral, or electronic communication,” subject to some exceptions. See 18 U.S.C. § 2511(1)(a). Google argued that one of those exceptions carved out public Wi-Fi networks because they were, among other things, “accessible to the general public.” The court rejected Google’s argument and held as follows:
Wi-Fi transmissions are not “readily accessible” to the “general public” because most of the general public lacks the expertise to intercept and decode payload data transmitted over a Wi-Fi network. Even if it is commonplace for members of the general public to connect to a neighbor’s unencrypted Wi-Fi network, members of the general public do not typically mistakenly intercept, store, and decode data transmitted by other devices on the network. Consequently, we conclude that Wi-Fi communications are sufficiently inaccessible that they do not constitute an “electronic communication . . . readily accessible to the general public” under 18 U.S.C. § 2511(2)(g)(i) as the phrase is ordinarily understood.
This decision not only is sensible, but also has important implications for lawyers. The rules of professional conduct require only that a lawyer “make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” See ABA Model Rule 1.6(c). In the wake of the Joffe v. Google opinion, it is now “reasonable” for a lawyer to assume that the communication of client information over a Wi-Fi network is “confidential”—after all, any interception by a would-be interceptor would violate the federal Wiretap Act. Therefore, it is no less reasonable for a lawyer to communicate over (now) federally-protected Wi-Fi networks than to communicate over federally-protected wireless phone networks, landlines and fax lines. In all cases, of course, fit the means of communication to the sensitivity of the information.
So, relax, take slurp of that venti double chocolate chip mocha Frappuccino, and send your email. It’s okay.