NSA surveillance policies raise questions about the viability of the attorney-client privilege
Press reports earlier this year indicating that communications between at least one U.S. law firm and a foreign government had been monitored by the Australian equivalent of the U.S. National Security Agency triggered a series of diplomatic exchanges between the ABA and the NSA, focusing on the extent to which government surveillance will recognize the protections of the attorney-client privilege.
On Feb. 15, the New York Times published a story under the headline “Spying by NSA Ally Entangled U.S. Law Firm.” The article recounted that a top-secret document obtained by former NSA contractor Edward J. Snowden shows the Australian Signals Directorate had monitored communications between the government of Indonesia and an American law firm it retained for help in trade talks with the U.S. government. The Australians did not identify the law firm, but the article noted that Mayer Brown, a global firm based in Chicago, was advising the Indonesian government on trade issues at the time the communications were monitored.
On Feb. 20, then-ABA President James R. Silkenat wrote to retired Gen. Keith B. Alexander—the NSA’s director at the time—and agency general counsel Rajesh De “to express our concerns over allegations raised in recent press reports concerning possible foreign government surveillance of American lawyers’ confidential communications with their overseas clients, the subsequent sharing of privileged information from those communications with the National Security Agency, and the possible use of that information by the U.S. government or third parties.” Silkenat’s term ended in August at the close of the 2014 ABA Annual Meeting.
In his letter (PDF), Silkenat, a partner at Sullivan & Worcester in New York City, emphasized that the attorney-client privilege “is a bedrock legal principle of our free society and is important in both the civil and criminal contexts. It enables both individual and organizational clients to communicate with their lawyers in confidence, which is essential to preserving all clients’ fundamental rights to effective counsel. The privilege also encourages clients to seek out and obtain guidance to conform their conduct to the law, facilitates self-investigation into past conduct to identify shortcomings and remedy problems, and enables lawyers to fulfill their ethical duties to their clients—all of which benefit society at large.”
The dilemma, Silkenat suggested, is that while the NSA is prohibited from conducting surveillance of U.S. citizens, law firms or other organizations without a warrant, the agency may be authorized under certain circumstances to intercept the communications of U.S. citizens and organizations if they are in contact with foreign intelligence targets abroad, subject to specific minimization rules designed to protect their privacy.
“The ABA understands the critical role that NSA plays in gathering intelligence information and protecting our national security,” Silkenat wrote, “and we acknowledge that during the course of those activities, it is inevitable that certain communications between U.S. law firms and their clients may be collected or otherwise obtained by the agency.”
But he urged the NSA “not to actively seek confidential communications between U.S. law firms and their clients.” And if it does receive such information inadvertently, or from a foreign intelligence service or other source, “we would expect NSA to respect the privilege and take all appropriate steps to ensure that any such privileged information is not further disseminated to other agencies or any other third parties.”
BOLSTERING THE PRIVILEGE
The position Silkenat articulated is consistent with other recent actions by the ABA seeking to bolster the attorney-client privilege. In 2012, the association’s policymaking House of Delegates added a provision to Rule 1.6 of the ABA Model Rules of Professional Conduct stating that “a lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” Language also was added to the comment to the rule offering guidance on what constitutes “reasonable efforts.” The amendments were recommended by the Commission on Ethics 20/20 as part of its review of the impact of technology and globalization on the Model Rules.
In August 2013 the House adopted a policy (PDF) that “condemns unauthorized, illegal governmental, organizational and individual intrusions … into the computer systems and networks utilized by lawyers and law firms.” The measure, whose lead sponsor was the Cybersecurity Legal Task Force, also urges the U.S. government to work with other nations and organizations to develop legal mechanisms and policies to prevent and punish such illegal intrusions.
The NSA responded to Silkenat on March 10 in a letter (PDF) from Alexander that expressed the agency’s own commitment to “the bedrock legal principle of attorney-client privilege” while appearing to acknowledge that there have been cases in which privileged communications between attorneys and clients have become available to the agency.
“Given the inevitability of incidental collection of U.S. person information during the course of NSA’s lawful foreign intelligence mission—to include potentially privileged information—the issue is how to provide appropriate protections for any such information when it may be acquired,” Alexander wrote.
“Let me be absolutely clear,” stated Alexander, whose letter detailed the steps put into place to protect privileged information. “NSA has afforded, and will continue to afford, appropriate protection to privileged attorney-client communications acquired during its lawful foreign intelligence mission in accordance with privacy procedures required by Congress, approved by the attorney general and, as appropriate, reviewed by the Foreign Intelligence Surveillance Court. Moreover, NSA cannot and does not ask its foreign partners to conduct any intelligence activity that it would be prohibited from conducting itself in accordance with U.S. law.”
The dialogue continued in May, when Silkenat met with De in Washington, D.C. But there appears to be room for more discussions. “Although we appreciate and support many of the steps that NSA and other agencies have taken in this regard,” said Silkenat in a statement on May 28, “we believe that more can be done—and should be done—to preserve fundamental attorney-client privilege protections and help restore public confidence in the privacy of privileged communications. We expect that our discussions with NSA and other government agencies on these issues will continue.”
CAUSE FOR CONCERN
Some experts say the NSA has not shed nearly enough light on how lawyers are being affected by surveillance activities.
“The NSA’s response to the ABA’s recent inquiry did not address many important details, so it is difficult to know how concerned lawyers should be about this issue,” says Andrew M. Perlman, who served as chief reporter for the Ethics 20/20 Commission. “The ABA’s inquiry was quite appropriate, but the NSA’s response left open more questions than it answered. The devil is very much in the details, and the NSA revealed very few details.” Perlman is director of the Institute on Law Practice Technology and Innovation at Suffolk University Law School.
“For example,” Perlman says, “it is unclear how often privileged information is collected and reviewed. We don’t know the particulars of the NSA’s mitigation procedures. We don’t know the specific types of situations when the privileged information is disseminated outside the NSA. We also do not know what types of clients and matters are most likely to draw the NSA’s attention. Without the answers to these and other questions, it is difficult to know how concerned lawyers should be.”
Some experts say the legal profession should be very concerned. “The idea that the NSA has been infringing on this important right is chilling. The entire client-attorney relationship is premised on the idea that communications are strictly confidential, and that clients should freely discuss legal issues with their lawyers,” says Peter A. Joy, a law professor at Washington University in St. Louis.
Passage of the USA Freedom Act might provide a response to some of these concerns, although some opponents of current surveillance policies say a version of the bill that was passed by the House of Representatives in late May does not go far enough. The bipartisan bill, introduced by Rep. F. James Sensenbrenner Jr., R-Wis., and Sen. Patrick J. Leahy, D-Vt., is awaiting action by the Senate. Advocates say the measure would impose more requirements on requests by the NSA to conduct surveillance and bring more transparency to the process.
In the meantime, Perlman says, lawyers should follow the revised provisions of Model Rule 1.6 as adopted in their states. “The rule requires ‘reasonable precautions,’ but what’s reasonable is going to vary depending on the circumstances,” he says. Meeting in person with foreign clients is an “extreme option” that “may be desirable in some situations, but it is probably not ethically required.” Another approach, encrypting email, “is not a perfect solution, but it is better than nothing,” says Perlman. “Another option might be best described as the Walter White solution [after the character in the Breaking Bad television series], where you and your client purchase prepaid phones that are used only for lawyer-client conversations.”
The bottom line, Perlman says, is that “there is no perfect solution, and the method of communications chosen is going to have to turn on quite a few variables.”
This article originally appeared in the September 2014 issue of the ABA Journal with this headline: “Listen Up: NSA surveillance policies raise questions about the viability of the attorney-client privilege.”