Your SlideShare is downloading. ×
Confidentiality in a Wired World
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Confidentiality in a Wired World


Published on

This is an update of a session I have given to lawyers participating in the Law Society of Upper Canada's professional competence course. It looks at managing risk in law practices when dealing with …

This is an update of a session I have given to lawyers participating in the Law Society of Upper Canada's professional competence course. It looks at managing risk in law practices when dealing with confidential client information. Topics include social media, communications and e-mail, ethics opinions and "reasonable" and "competent" standards for lawyer professionalism, endpoint encryption, and physical security.

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Confidentiality in a Wired World The Law Society of Upper Canada Professional Development & Competence David Whelan, Manager, Legal Information • [email_address]
  • 2. Competence (c) the records, systems, or procedures of the lawyer’s professional business
  • 3. Confidentiality A lawyer at all times shall hold in strict confidence all information …
  • 4. “ Oops”
  • 5.  
  • 6.  
  • 7. A lawyer shall … assume complete professional responsibility for his or her practice of law …
  • 8.  
  • 9. Shhhhh!
    • Related topic: Privacy obligations under PIPEDA
      • “ information about an identifiable individual”
      • Broad, includes potential client information
      • Privacy Handbook for Lawyers
    • Watch What You Say!
  • 11.  
  • 12. … conducted what should have been a confidential conversation about pending layoffs at his firm – in a loud voice…, on a crowded Acela train.
  • 13. E-mail?
    • Reasonable expectation of privacy
    • But
      • Easy, free:,
      • May depend on client, subject matter
      • May be better not to send as e-mail
      • Consider informing client, getting signoff on using e-mail
  • 14. One of the outside lawyers …had mistakenly e-mailed confidential information on the talks to Times reporter Alex Berenson instead of Bradford Berenson , her co-counsel…
  • 15. Who is Your Audience?
    • E-mail Recipients
      • Address the e-mail last
      • Verify the recipients
    • Is client’s e-mail private?
      • Web-based e-mail, not employer’s
      • See ABA Formal Opinion 11-459 (8/2011)
    • Social Media (Twitter, Facebook)
    • Passwords and Encryption
  • 17.  
  • 18.  
  • 19. mxyzptlk
  • 20. Strong Passwords, Written Down
    • 8 or more characters
    • UPPER, lower, $peci&l
    • Balance obscure with memorable
      • terms of art becomes t3rm$0f&rt
    • Test it:
    • Store it somewhere safe and secure
  • 21. Your data Encryption layer Encrypted
  • 22. Your data Encryption layer Decrypted Once decrypted, your data is accessible until re-encrypted
  • 23. Encryption at rest
  • 24. Encryption at rest Web search for endpoint encryption iPhone 4+: built-in Blackberry: built-in Android 3: built-in Windows: add-on (free) (McAfee Anti-Theft) (Endpoint Encryption) (Full Disk Encryption) (PGP Whole Disk Encryption) Windows Vista/7 Bitlocker Mac OS File Vault
  • 25. Encryption in motion
    • When you transmit or receive …
      • Password: http s ://
      • Search: http s ://
      • Files: http s ://
    • Firefox: HTTPS Everywhere add-on
      • Defaults over 200 sites to https://
  • 26. Encryption in motion
  • 27. Cloud Computing
    • Software-as-a-Service
      • Use SSL (https://) for connections
      • Content should be encrypted at rest
    • You Better Take It With You
  • 29. Physical Security
  • 30. Physical Security
    • Your locks should reflect your duty
      • Household locks weaker than commercial
      • File cabinets, shed/garage doors weak
    • Use them
      • No doors propped open
      • Keep servers, important tech in locked, well-ventilated room
  • 31. Everything is Portable
  • 32. Secure ALL Your Computers
    • Value is in the case, not the data
    • Your risk is in data
  • 33. Creature of Habit
    • Get into habits of handling devices
      • Put wireless phone, tablet in regular place
      • Easy to check, notice it’s missing
    • Secure devices with password
    • Add remote control, wipe apps
      • Delete device content remotely
      • Locate where device is
  • 34. Conclusion
    • Watch your communications, what, how, and where
    • Secure entry with passwords, locks
    • Protect data with encryption at rest, in motion