Duty of Confidentiality Notes

Duty of Confidentiality

Confidential Information

  • Confidential information includes any information related to the representation that is not generally known.
  • The scope is very broad.
  • It is not limited by the source or when the information was obtained.
  • Information gained even after the representation has concluded is considered confidential.
  • Information is not confidential if it is "generally known."
    • Generally known means widely known by the public in the geographical area or in the client's industry or business.
    • The fact that information is available in public records does not automatically mean it is generally known.

Public Policy

  • Protecting confidential information is important.
  • Discussed in People v. Belgy (the "buried bodies case") involving lawyers Francis Belgy and Frank Armeny and the comment to Model Rule 1.6.

Defining the Duty of Confidentiality

  • The basic principle: keep the information secret.
  • This duty is expressed in three different rules:
    • Model Rule 1.6: Duty owed to clients.
    • Rule 1.9: Duty owed to former clients; continues after the representation ends.
    • Rule 1.18: Duty owed to prospective clients.
      • Applies when the prospective client provides information to the lawyer with a reasonable expectation of confidentiality.
      • An objective standard of reasonableness is used to determine if information should be considered confidential.
      • Consequences of a mistake or misunderstanding will be suffered by the person who caused it.
      • Refer to the comment to Model Rule 1.18 for more details.

Duration of the Duty

  • The general rule: the duty lasts forever, unless an exception applies.

Additional Duties

  • Keeping information secret is not the only duty.
  • There is also a duty to take reasonable measures to prevent accidental or unauthorized disclosure or access to confidential information.
  • This duty is related to the duty of competence as it relates to technology.
    • Example: If a law firm's client files are hacked due to a lack of computer software security, there may be violations of both the duty of competence and the duty of confidentiality.
  • Since the duty involves taking reasonable measures, accidental disclosure is not by itself evidence of a violation.
    • The comment to the rule provides a list of factors to consider.
    • A lawyer might argue that a computer system was hacked despite reasonable efforts, and therefore the lawyer did not violate their duties.

Email Disclaimers

  • A common practice is to include a disclaimer at the end of emails stating that the message may contain confidential information.
  • Problem: The disclaimer is at the end of the message, meaning the information is already disclosed by the time the recipient reads it.
  • A disclaimer is not an enforceable rule.
  • Even the model rule only imposes a duty to notify the sender if a message is wrongly sent.
  • If the message is read, the information has been disclosed and consequences may follow.

Duty Not to Use Information

  • Along with the duty not to disclose, there is a duty not to use confidential information.
  • This is articulated in rules 1.8(b), 1.9(c), and 1.18(b).
    • One rule each for clients, former clients, and prospective clients.
  • The duty not to use confidential information to the disadvantage of a client relates to a lawyer's fiduciary duty to the client (intent v. herring).

Exceptions to the Duty of Confidentiality

  • The next lecture will cover the general principles related to the exceptions to the duty of confidentiality.