Traveling out of the country? Lawyers should consider using 'burner' devices
Photos by Shutterstock.com
Lawyers who travel out of the United States have to consider whether they are risking disclosure of confidential client information.
Lawyers should take precautions if they want to bring electronic devices with them, according to a program hosted Friday at the ABA Annual Meeting in New York City called “Prying Eyes: Think Confidential and Privileged Client Information Is Safe at the Border? Guess Again.”
The Fourth Amendment allows searches at the border without probable cause, although it’s unclear whether those searches can include more than a cursory review of electronic devices, panelists said. “There’s a lot of murkiness” in the case law, according to Maureen Kelly, an assistant general counsel at Northrop Grumman.
Fordham University law professor Bruce Green said he doesn’t think anyone will be disciplined for taking devices with confidential client information out of the country—yet. As lawyers become more aware of the issue, he expects that to change.
Green points to the ABA Model Rules of Professional Conduct that require lawyers to keep abreast of the benefits and risks associated with technology and to make reasonable efforts to prevent the unauthorized disclosure of information that relates to client representations.
A recent ethics opinion by the New York City Bar Association addressed the issue. It said lawyers should take reasonable measures to prevent the disclosure of client data at the border.
Hinshaw & Culbertson partner Steven Puiszis, the firm’s general counsel for privacy, security and compliance, described the precautions taken by lawyers at many large law firms. They typically require lawyers to take “burner” laptops and phones with them that don’t contain client data. Lawyers can connect to the firm’s network through a virtual private network.
Because lawyers at Hinshaw & Culbertson have their own phones, the law firm’s technology personnel will remove email from the phone before a lawyer leaves the country.
Puiszis advises all lawyers to take similar steps. They should question whether they really need a phone or laptop outside the country and, if so, whether they need to keep information on the devices.
Information on the devices should be encrypted and backed up, Puiszis said. The browser history also should be cleared.
The New York City Bar Association ethics opinion has similar advice. At the border, the opinion said, if an agent seeks to search an electronic device that contains confidential data, the lawyer should disclose that the device contains privileged or confidential files and request that the materials not be searched or copied. The next step is to ask to speak to a supervisor.
The ABA also is addressing the issue. ABA President Linda A. Klein sent a May 5 letter to the Department of Homeland Security asking the government to clarify rules for border searches to ensure confidentiality of client information.
Directives issued in 2009 by U.S. Customs and Border Protection and by U.S. Immigration and Customs Enforcement said agents have the power to search devices without reasonable suspicion of wrongdoing, although legal materials are subject to “special handling.”
The directives said border agents have to consult with agency lawyers or prosecutors before they search a device when a claim of privilege is made and the material to be searched may constitute evidence of a crime.
U.S. citizens who refuse to allow searches of devices will be allowed to enter the country, but their devices may be confiscated, panelists said.
If a border agent asks for a password for a device, the lawyer should ask whether the agent is asking for the password or ordering it, Puiszis said. Simply giving the password could be interpreted as a consent to the search.
Follow along with our full coverage of the 2017 ABA Annual Meeting.