The short answer is, yes — lawyers can use the cloud. To date, every state Ethics Committee to take up the issue of cloud computing has concluded that the use of cloud systems is permitted by their version of Model Rule of Professional Conduct 1.6, which addresses Confidentiality. Model Rule 1.6 states (in part), “A lawyer shall not reveal information relating to the representation of a client unless the client gives informed consent…”. While each state has enacted its own version of Model Rule 1.6, the differences are minor and the meaning is the same. Take, for example, New York Rule 1.6 (arguably the most heavily modified of all versions of the Model Rule) which, as cited in N.Y. State 842 (2010), states,
“A lawyer shall not knowingly reveal confidential information … or use such information to the disadvantage of a client or for the advantage of a lawyer or a third person, unless:
(1) The client gives informed consent, as defined in Rule 1.0(J)…”
Clearly, and as every lawyer knows, the confidential nature of our clients’ information as a part of the attorney-client privilege is sacrosanct. As such, lawyers throughout the US (and indeed the world) are held to high standards when it comes to protecting that information. As the vast majority of Ethics Opinions dealing with attorney-client privilege and confidentiality in the general point out, law firms are not just prohibited from disclosing this information. They must “diligently preserve the client’s confidences, whether reduced to digital format, paper or otherwise.” See N.Y. County 733 (2004).
However, regardless of whether they are addressing the preservation of client confidences in general or in the context of some new technology, Ethics Committees throughout the country recognize that no practice management solution is perfect. The New Jersey Advisory Committee on Professional Ethics neatly captured the reality of the situation by stating that maintaining confidences,
“does not mean that the lawyer absolutely and strictly guarantees that the information will be utterly invulnerable against all unauthorized access. Such a guarantee is impossible, and a lawyer can no more guarantee against unauthorized access to electronic information than he can guarantee that a burglar will not break into his file room, or that someone will not illegally intercept his mail or steal a fax.” N.J. Opinion 701 (2006)