Is the Legal Industry taking Client Confidentiality Seriously?

Published May 03, 2018 by Xiph

When it is time to call a lawyer, you know you are at rock bottom. Nothing makes us feel more vulnerable than having to ask a professional to come to our defence. However, we are reassured by the idea that at the end of the day we can trust our lawyer to protect us from danger or embarrassment. The confidentiality between a lawyer and their client is a well-known agreement, but does your lawyer do enough to protect your private information from outside attack?

Is the Legal Industry taking Client Confidentiality Seriously?

When it is time to call a lawyer, you know you are at rock bottom. Nothing makes us feel more vulnerable than having to ask a professional to come to our defence. However, we are reassured by the idea that at the end of the day we can trust our lawyer to protect us from danger or embarrassment. The confidentiality between a lawyer and their client is a well-known agreement, but does your lawyer do enough to protect your private information from outside attack?

During your period of vulnerability, when you are counting on the support of a legal professional, you are encouraged to completely entrust them with your privacy. We willingly give information such as address, phone number, email address, financial information, information regarding medical and criminal history, religion, sexuality and relationships. All information that could be used for blackmail or identity theft if accessed by the wrong people.

With no technology standards for law firms in Australia, there are no guidelines for how Australian law firms are meant to protect private client data from cybercrime including Cryptolocker viruses, Bitlocker viruses and Phishing attacks. According to the ‘Guide to Information Security’ provided by the Office of the Australian Information Commissioner, private businesses are required to take ‘reasonable steps’ to secure your information. However, these reasonable steps are not clearly defined nor updated to keep up with changing technology. Law Firms are left on their own to determine how to best protect their systems and collected data. With more automated systems and intricate software than ever, lawyers and law administrators really aren’t equipped with the expertise to know how exactly to manage their own cyber security.

According to Tech Republic, in December 2016 three Chinese citizens were charged by federal prosecutors after hacking into more than two New York law firms and using that information to make $US4 million through insider trading. The US is leading the way by modifying its Model Rules of Professional Conduct to reflect the reality of technology use in the Legal industry. With over two thirds of US law firms reporting a cyber breach in 2016-2017 and 95% reportedly not following their own cyber policies, this change was well and truly overdue. Is this something that Australia should be paying attention to?

With document automation just one of the many technological advances making the legal industry more efficient, now is the time to really understand how our data is being stored and more importantly, who is stopping it from being accessed by cyber criminals.

The answers are very clear. Employing the proper cyber security and technical advances could allow the legal industry to ensure their client’s privacy and the safety of their confidential information. It’s time to remove the risk from the Legal Industry. Ncryptcellular are here to help.


Posted in: Security