BOLO: LexisNexis Data Breach: What Legal Professionals Need to Know Now—and Why All Lexis Products Deserve Scrutiny!

/ The Tech-Savvy Lawyer.Page/

LAWYERS NEED TO BE BOTH TECH-SAVVY AND Cyber-SavvY!

On December 25, 2024, LexisNexis Risk Solutions (LNRS)—a major data broker and subsidiary of LexisNexissuffered a significant data breach that exposed the personal information of over 364,000 individuals. This incident, which went undetected until April 2025, highlights urgent concerns for legal professionals who rely on LexisNexis and its related products for research, analytics, and client management.

What Happened in the LexisNexis Breach?

Attackers accessed sensitive data through a third-party software development platform (GitHub), not LexisNexis’s internal systems. The compromised information includes names, contact details, Social Security numbers, driver’s license numbers, and dates of birth. Although LexisNexis asserts that no financial or credit card data was involved and that its main systems remain secure, the breach raises red flags about the security of data handled across all Lexis-branded platforms.

Why Should You Worry About Other Lexis Products?

LexisNexis Risk Solutions is just one division under the LexisNexis and RELX umbrella, which offers a suite of legal, analytics, and data products widely used by law firms, courts, and corporate legal departments. The breach demonstrates that vulnerabilities may not be limited to one product or platform; third-party integrations, development tools, and shared infrastructure can all present risks. If you use LexisNexis for legal research, client intake, or case management, your clients’ confidential data could be at risk—even if the breach did not directly affect your specific product.

Ethical Implications: ABA Model Rules of Professional Conduct

ALL LawyerS NEED TO BE PREPARED TO FighT Data LeakS!

The American Bar Association’s Model Rules of Professional Conduct require lawyers to safeguard client information and maintain competence in technology. Rule 1.6(c) mandates that attorneys “make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” Rule 1.1 further obligates lawyers to keep abreast of changes in law and its practice, including the benefits and risks associated with relevant technology.

In light of the LexisNexis breach, lawyers must:

  • Assess the security of all third-party vendors, including legal research and data analytics providers.

  • Promptly notify clients if their data may have been compromised, as required by ethical and sometimes statutory obligations.

  • Implement additional safeguards, such as multi-factor authentication and regular vendor risk assessments.

  • Stay informed about ongoing investigations and legal actions stemming from the breach.

What Should Legal Professionals Do Next?

  • Review your firm’s use of LexisNexis and related products.

  • Ask vendors for updated security protocols and breach response plans.

  • Consider offering affected clients identity protection services.

  • Update internal policies to reflect heightened risks associated with third-party platforms.

The Bottom Line

The LexisNexis breach is a wake-up call for the legal profession. Even if your primary Lexis product was not directly affected, the interconnected nature of modern legal technology means your clients’ data could still be at risk. Proactive risk management and ethical vigilance are now more critical than ever.

🚨 BOLO: Android Ad Fraud Malware and Your ABA Ethical Duties – What Every Lawyer Must Know in 2025 🚨

/ The Tech-Savvy Lawyer.Page/

Defend Client Data from Malware!

The discovery of the “Kaleidoscope” ad fraud malware targeting Android devices is a wake-up call for legal professionals. This threat, which bombards users with unskippable ads and exploits app permissions, is not just an annoyance - it is a direct risk to client confidentiality, law firm operations, and compliance with the ABA Model Rules of Professional Conduct. Lawyers must recognize that cybersecurity is not optional; it is an ethical mandate under the ABA Model Rules, including Rules 1.1, 1.3, 1.4, 1.6, 5.1, and 5.3.

Why the ABA Model Rules Matter

  • Rule 1.6 (Confidentiality): Lawyers must make reasonable efforts to prevent unauthorized disclosure of client information. A compromised device can leak confidential data, violating this core duty.

  • Rule 1.1 (Competence): Competence now includes understanding and managing technological risks. Lawyers must stay abreast of threats like Kaleidoscope and take appropriate precautions.

  • Rule 1.3 (Diligence): Prompt action is required to investigate and remediate breaches, protecting client interests.

  • Rule 1.4 (Communication): Lawyers must communicate risks and safeguards to clients, including the potential for data breaches and the steps being taken to secure information.

  • Rules 5.1 & 5.3 (Supervision): Law firm leaders must ensure all personnel, including non-lawyers, adhere to cybersecurity protocols.

Practical Steps for Lawyers – Backed by Ethics and The Tech-Savvy Lawyer.Page

Lawyers: Secure Your Practice Now!

  • Download Only from Trusted Sources: Only install apps from the Google Play Store, leveraging its built-in protections. Avoid third-party stores, the main source of Kaleidoscope infections.

  • Review App Permissions: Be vigilant about apps requesting broad permissions, such as “Display over other apps.” These can enable malware to hijack your device.

  • Secure Devices: Use strong, unique passwords, enable multi-factor authentication, and encrypt devices-simple but essential steps emphasized by our blog posts on VPNs and ABA guidance.

  • Update Regularly: Keep your operating system and apps up to date to patch vulnerabilities.

  • Educate and Audit: Train your team about mobile threats and run regular security audits, as highlighted in Cybersecurity Awareness Month posts on The Tech-Savvy Lawyer.Page.

  • Incident Response: Have a plan for responding to breaches, as required by ABA Formal Opinion 483 and best practices.

  • Communicate with Clients: Discuss with clients how their information is protected and notify them promptly in the event of a breach, as required by Rule 1.4 and ABA opinions.

  • Label Confidential Communications: Mark sensitive communications as “privileged” or “confidential,” per ABA guidance.

Advanced Strategies

Lawyers need to have security measures in place to protect client data!

  • Leverage AI-Powered Security: Use advanced tools for real-time threat detection, as recommended by The Tech-Savvy Lawyer.Page.

  • VPN and Secure Networks: Avoid public Wi-Fi. But if/when you do be sure to use VPNs (see The Tech-Savvy Lawyer.Page articles on VPNs) to protect data in transit.

  • Regular Backups: Back up data to mitigate ransomware and other attacks.

By following these steps, lawyers fulfill their ethical duties, protect client data, and safeguard their practice against evolving threats like Kaleidoscope.

MTC: Legal Cybersecurity Crisis - How the CVE System's Defunding Compromises Digital Safety for Law Firms 🚨

/ The Tech-Savvy Lawyer.Page/

In the chaos, Lawyers need to defend client data as CVE shield may be in jeopardy!

CVE Program’s Last-Minute Rescue: What Lawyers Must Learn from the Cybersecurity Near-Crisis 🚨

The legal world narrowly avoided a digital disaster last week week. The Common Vulnerabilities and Exposures (CVE) program—the backbone of global cybersecurity—came within hours of losing its federal funding, sending shockwaves through the legal and cybersecurity communities. In an eleventh-hour move, the Cybersecurity and Infrastructure Security Agency (CISA) extended funding for MITRE to continue operating the CVE program, averting a shutdown that could have left law firms and their clients exposed to unprecedented cyber risk. The episode is a wake-up call for every legal professional: Our reliance on a single, government-funded system for vulnerability intelligence is a vulnerability in itself.

The Alarm: How Close We Came to Losing the CVE Program ⚠️

On April 16, 2025, MITRE, the non-profit that manages the CVE database, announced its contract with the Department of Homeland Security would expire at midnight. The news triggered widespread alarm across the cybersecurity sector, as the CVE program is essential for tracking, cataloging, and sharing information about software vulnerabilities. Legal technology vendors, law firm IT teams, and risk managers all depend on CVE data to prioritize security updates and defend against cyber threats.

The potential consequences were immediate and severe. Experts warned that a lapse in CVE services would delay vulnerability disclosures, disrupt incident response, and create a dangerous window for attackers to exploit unpatched systems. Law firms, which handle highly sensitive client information, would have faced heightened risks of data breaches, malpractice claims, and regulatory penalties.

The Save: CISA Steps In—But Only for Now

CISA’s rescue: Legal cybersecurity lifeline survives—uncertainty remains.

In response to the outcry, CISA executed a last-minute contract extension, ensuring there would be no interruption in CVE services for at least the next 11 months. MITRE confirmed that the funding would keep the program running, and the global cybersecurity community breathed a collective sigh of relief.

Yet, this solution is temporary. The extension lasts less than a year, and the long-term sustainability of the CVE program remains uncertain. The episode has already spurred the formation of a new nonprofit, the CVE Foundation, aimed at ensuring the program’s independence and stability beyond government sponsorship.

Why This Matters for Lawyers and Law Firms ⚖️

The CVE program is more than a technical tool—it is a legal lifeline. The American Bar Association’s Model Rules require lawyers to safeguard client confidentiality, maintain technological competence, and supervise staff and vendors on cybersecurity practices. See MRPC 1.1[8] & 1.6. Without reliable, up-to-date vulnerability intelligence, law firms cannot meet these obligations.

If the CVE program had gone dark, lawyers would have faced:

  • Increased risk of data breaches: Without a unified system for tracking vulnerabilities, attackers would have more time and opportunity to exploit unpatched systems, putting client data at risk.

  • Malpractice exposure: Failing to implement timely security updates could be seen as a breach of the duty of competence and confidentiality, opening the door to claims of negligence or breach of fiduciary duty.

  • Compliance headaches: With regulatory requirements around breach notification and data protection tightening, law firms would struggle to demonstrate they had taken “reasonable efforts” to protect client information.

  • Vendor management chaos: Many legal technology providers rely on CVE identifiers to communicate security patches. Without them, law firms would face confusion and delays in applying critical updates.

Lessons Learned: What Lawyers Should Do Next 🛡️

The CVE funding scare revealed that even the most established cybersecurity programs can be vulnerable. For the legal profession, this is a clear signal to take proactive steps:

Lawyers have a duty to protect their clients’ PII from cyberattacks!

  • Diversify threat intelligence sources: Don’t rely solely on the CVE program. Lawyers and IT teams should monitor additional resources such as the National Vulnerability Database (NVD), CISA Alerts & Advisories, and vendor-specific feeds.

  • Review and update incident response plans: Ensure your breach response protocols account for the possibility of disruptions in vulnerability intelligence. Document your reliance on CVE and alternative sources for compliance purposes.

  • Strengthen vendor contracts: Require legal technology providers to maintain robust vulnerability management practices, even if the CVE system is disrupted.

  • Stay engaged and advocate: Support efforts to make the CVE program sustainable and independent. The legal community should join calls for diverse funding and governance to avoid future crises.

  • Educate staff and clients: Communicate the importance of cybersecurity vigilance and the evolving landscape. Make sure everyone understands their role in protecting client data.

Final Thoughts: A Fragile Peace and a Call for Vigilance 🔍

The CVE program’s last-minute rescue is a relief, but not a resolution. The legal sector must recognize that the stability of our cybersecurity infrastructure is not guaranteed. With only 11 months of assured funding, the risk of another crisis looms. The new CVE Foundation may provide a path forward, but it will require broad support from both public and private sectors.

Lawyers must remain vigilant, proactive, and informed. The next funding scare could come with less warning—and with even higher stakes for client confidentiality, professional responsibility, and the very trust that underpins the legal profession.

MTC

Shout Out: Unlock AI's Potential with Ethics Expertise 🚀💻

/ The Tech-Savvy Lawyer.Page/

Keep up with the constant changing world of AI and Legal ethics!

In the rapidly evolving legal landscape, embracing artificial intelligence (AI) is no longer optional—it's essential 🌟. The upcoming AI and Legal Ethics: A Risk-Benefit Analysis 2025 webinar offers a unique opportunity for lawyers to enhance their practice while navigating the complex ethical considerations surrounding AI use 📚. Join Hilary P. Gerzhoy and Julienne Pasichow of HWG LLP delve into critical areas such as competence in technology, supervision of AI tools, reasonable fees, confidentiality, truth in advertising, and client communication standards 📊.

By attending this webinar, you'll gain practical insights into integrating AI responsibly, ensuring compliance with professional conduct standards, and staying ahead in the legal tech revolution 🚀. Whether you're looking to improve efficiency, enhance client services, or simply stay updated on the latest legal tech trends, this event is a must-attend for any forward-thinking lawyer 🚀.

You can attend this information packed cle virtually!

Don't miss out! Register now and elevate your legal practice with AI expertise 💻👉 https://dcbar.inreachce.com/Details/Information/11092a42-cde2-426d-9dbf-25f270b2df09

I hope to “virtually” see you there!

Shout Out to Robert Ambrogi: AI Legal Research Platforms - A Double-Edged Sword for Tech-Savvy Lawyers 🔍⚖️

/ The Tech-Savvy Lawyer.Page/

The use of ai is a great starting point - but always check your work (especially your citations)!

Robert Ambrogi's recent article on LawNext sheds light on a crucial development in legal tech: the comparison of AI-driven legal research platforms. This "AI smackdown" reveals both the potential and pitfalls of these tools, echoing concerns raised in our previous editorial about Lexis AI's shortcomings.

The Southern California Association of Law Libraries' panel, featuring expert librarians, put Lexis+AI, Westlaw Precision AI, and vLex's Vincent AI to the test. Their findings? While these platforms show promise in answering basic legal questions, they're not without flaws.

Each platform demonstrated unique strengths: Lexis+AI's integration with Shepard's, Westlaw Precision AI's KeyCite features, and Vincent AI's user control options. However, inconsistencies in responses to complex queries and recent legislation underscore a critical point: AI tools are supplements, not replacements, for thorough legal research.

This evaluation aligns with our earlier critique of Lexis AI, reinforcing the need for cautious adoption of AI in legal practice. As the technology evolves, so must our approach to using it.

Mark Gediman's wise words from Bob’s article serve as a fitting conclusion:

Whenever I give the results to an attorney, I always include a disclaimer that this should be the beginning of your research, and you should review the results for relevance and applicability prior to using it, but you should not rely on it as is.
— Mark Gediman

For tech-savvy lawyers, the message is clear: Embrace AI's potential, but never forget the irreplaceable value of human expertise and critical thinking in legal research. 🧠💼

MTC

MTC: AI in Legal Email - Balancing Innovation and Ethics 💼🤖

/ The Tech-Savvy Lawyer.Page/

lawyers have an ethical duty when using ai in their work!

The integration of AI into lawyers' email systems presents both exciting opportunities and significant challenges. As legal professionals navigate this technological frontier, we must carefully weigh the benefits against potential ethical pitfalls.

Advantages of AI in Legal Email 📈

AI-powered email tools offer numerous benefits for law firms:

  • Enhanced efficiency through automation of routine tasks

  • Improved client service and satisfaction

  • Assistance in drafting responses and suggesting relevant case law

  • Flagging important deadlines

  • Improved accuracy in document review and contract analysis

These capabilities allow lawyers to focus on high-value work, potentially improving outcomes for clients and minimizing liabilities for law firms.

AI Email Assistants 🖥️

Several AI email assistants are available for popular email platforms:

  1. Microsoft Outlook:

    • Copilot for Outlook: Enhances email drafting, replying, and management using ChatGPT.

  2. Apple Mail:

  3. Gmail:

    • Gemini 1.5 Pro: Offers email summarization, contextual Q&A, and suggested replies.

  4. Multi-platform:

Always Proofread Your Work and Confirm Citations!

🚨

Always Proofread Your Work and Confirm Citations! 🚨

Ethical Considerations and Challenges 🚧

Confidentiality and Data Privacy

The use of AI in legal email raises several ethical concerns, primarily regarding the duty of confidentiality outlined in ABA Model Rule 1.6. Lawyers must ensure that AI systems do not compromise client information or inadvertently disclose sensitive data to unauthorized parties.

To address this:

lawyers should always check their work; especially when using AI!

  1. Implement robust data security measures

  2. Understand AI providers' data handling practices

  3. Review and retain copies of AI system privacy policies

  4. Make reasonable efforts to prevent unauthorized disclosure

Competence (ABA Model Rule 1.1)

ABA Model Rule 1.1, particularly Comment 8, emphasizes the need for lawyers to understand the benefits and risks associated with relevant technology. This includes:

  • Understanding AI capabilities and limitations

  • Appropriate verification of AI outputs (Check Your Work!)

  • Staying informed about changes in AI technology

  • Considering the potential duty to use AI when benefits outweigh risks

The ABA's Formal Opinion 512 further emphasizes the need for lawyers to understand the AI tools they use to maintain competence.

Client Communication

Maintaining the personal touch in client communications is crucial. While AI can streamline processes, it should not replace nuanced, empathetic interactions. Lawyers should:

  1. Disclose AI use to clients

  2. Address any concerns about privacy and security

  3. Consider including AI use disclosure in fee agreements or retention letters

  4. Read your AI-generated/assisted drafts

Striking the Right Balance ⚖️

To ethically integrate AI into legal email systems, firms should:

  1. Implement robust data security measures to protect client confidentiality

  2. Provide comprehensive training on AI tools to ensure competent use

  3. Establish clear policies on when and how AI should be used in client communications

  4. Regularly review and audit AI systems for accuracy and potential biases

  5. Maintain transparency with clients about the use of AI in their matters

  6. Verify that AI tools are not using email content to train or improve their algorithms

Ai is a tool for work - not a replacement for final judgment!

By carefully navigating ⛵️ these considerations, lawyers can harness the power of AI to enhance their practice while upholding their ethical obligations. The key lies in viewing AI as a tool to augment 🤖 human expertise, not replace it.

As the legal profession evolves, embracing AI in email and other systems will likely become essential for remaining competitive. However, this adoption must always be balanced against the core ethical principles that define the practice of law.

And Remember, Always Proofread Your Work and Confirm Citations BEFORE Sending Your E-mail (w Use of AI or Not)!!!

🎙️Ep. 106: How Lawyers Can Protect Client Data in the Age of AI - A conversation with Erich Dylus!

/ The Tech-Savvy Lawyer.Page/

Our next guest is Erich Dylus, an attorney and programmer who founded Varia Law, a consulting and programming firm focused on autonomous technology, and CamoText, a fully offline text anonymization tool for secure and compliant AI workflows. In this episode, Erich shares practical strategies for protecting client data in the age of AI, explains how CamoText helps lawyers anonymize sensitive information before using large language models (LLMs), and outlines best practices for maintaining confidentiality. He also offers clear advice on choosing the right AI LLM for specific legal tasks.

Tune in for actionable tips and expert insights on safeguarding privacy while leveraging AI in legal practice and more!

Enjoy!

Join Erich and me as we talk about the following questions and more!

What is our guest's top three tips for maintaining privacy and security when using messaging apps like Signal, WhatsApp, Telegram, Messages, etc.?

What are the top three ways CamoText helps lawyers ensure they maintain their clients’ PII?

What is our guest's top three specific ways for solo or small firm lawyers (or maybe any entrepreneur, for that matter) to use LLMs 

In our conversation, we cover:

[00.37] Tech Setup - Erich’s current tech setup.

[04.46] Messenging - The top three privacy and security maintenance tips for messaging apps.

[10.26] Suspicious Links - The importance of being suspicious about links and files received in messaging apps.

[11.45] CamoText – Erich explains the origin of CamoText.

[15.32] Personally Identifiable Information – CamoText’s features for reducing privacy risks.

[21.43] LLM – Erich’s concerns and suggestions for using LLMs (Large Language Models).

[24.32] Recommendations – Erich shares his recommendations for different LLMs, highlighting their strengths and typical uses.

Resources

Connect with Erich Dylus

LinkedIn - linkedin.com/in/erich-dylus/

                  linkedin.com/company/camotext/

                  linkedin.com/company/varia-law/

Website - camotext.ai/

varia.law/            

Equipment Mentioned in the Podcast

Software & Services Mentioned in the Podcast

🚨 MTC: Government Backdoors - A Looming Threat to Attorney-Client Privilege and Data Security 🔐

/ The Tech-Savvy Lawyer.Page/

Legal Cyber Balance: Safeguarding Client Data While Navigating Government Backdoors and Cyber Threats 🚪💻⚖️

The UK government's recent demand for Apple to create a backdoor to iCloud accounts worldwide has sent shockwaves through the legal community. This unprecedented move raises serious concerns for lawyers on both sides of the Atlantic, particularly regarding their ethical obligations to maintain client confidentiality and safeguard sensitive information.

As attorneys, we have a fundamental duty to protect our clients' confidences. The American Bar Association's Model Rule 1.6 explicitly states that lawyers must make "reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client". Similarly, the UK's Solicitors Regulation Authority emphasizes the importance of maintaining client confidentiality.

However, government-mandated backdoors pose a significant threat to these ethical obligations. If implemented, such measures would essentially create a vulnerability that could be exploited not only by law enforcement but also by malicious actors. This puts attorneys in an impossible position: How can we fulfill our duty to safeguard client information when the very systems we rely on are compromised?

Moreover, the implications of such backdoors extend far beyond individual privacy concerns. The attorney-client privilege, a cornerstone of our legal system, could be severely undermined. This privilege exists to encourage open and honest communication between lawyers and their clients, which is essential for effective legal representation. If clients fear that their confidential discussions may be accessed by government agencies, it could have a chilling effect on their willingness to disclose crucial information.

Cybersecurity Crossroads: US & UK Government Interests vs. Hackers vs. Attorney-Client Privilege – The Legal Tightrope in the Digital Age 🌍🔒

To address these challenges, lawyers must take proactive steps to enhance their cybersecurity measures. As discussed in The Tech-Savvy Lawyer.Page Podcast Episode 93, Revolutionizing Law Practice. How Alexander Pakin Leverages Tech 🖥️ for Legal Success! (Part I & Part II), updating security protocols are essential practices for modern law firms. Recall, the ABA MRPC 1.1[8] requires attorneys to be up to date in their use of technology. Additionally, attorneys should consider on-premises storage solutions with zero-trust data access to maintain control over sensitive client data.

It's crucial for legal professionals to stay informed about these developments and advocate for policies that protect client confidentiality. Bar associations and legal organizations should take a strong stance against government-mandated backdoors, emphasizing the potential risks to the justice system and individual rights.

As we navigate this complex landscape, it's clear that the intersection of technology, privacy, and legal ethics will continue to present challenges. However, by remaining vigilant and adapting our practices to meet these challenges, we can uphold our professional responsibilities and protect the fundamental rights of our clients in the digital age.

MTC

MTC: 🔒 Unlocked Laptop, Suspended License: How One Lawyer’s Cybersecurity Blunder Became a Near? Career-Killer (And What You Must Learn).

/ The Tech-Savvy Lawyer.Page/

lawyers, don’t leave your tech unattended and accessible - it could lead to severe bar actions!

I was so astonished when I heard about this case that I needed to share it with you, The Tech-Savvy Lawyer.Page community!

A recent disciplinary case involving a Jefferson County, Missouri prosecutor’s suspension over a prank email highlights the escalating stakes of cybersecurity negligence in legal practice. The incident—where an unattended, unlocked laptop in an empty jury room used by attorneys to do some work, allowed a mischievous actor, a prosecutor nevertheless, to send a fake email to a sheriff about how she looked in khakis—serves as a stark reminder: basic physical safeguards are no longer sufficient in an era of sophisticated digital risks. Below, let’s discuss what NOT to do and the ethical landmines lurking in outdated tech habits.  

What Went Wrong: A Breakdown of Failures

The prosecutor’s missteps reflect a cascade of poor judgments:  

1. Leaving a device unattended and unlocked in a public setting, enabling unauthorized access.  

2. Failing to implement automatic screen locks or password protections during brief absences.  

3. Ignoring encryption tools for sensitive communications, despite ABA guidance.  

This lapse violated core duties under the ABA Model Rules of Professional Conduct:  

  • Rule 1.6 (Confidentiality): Lawyers must take “reasonable precautions” to prevent unauthorized disclosure of client information. An open laptop in a public space falls far short of this standard.  

  • Rule 1.1[8] (Competence): The 2012 amendment to Comment 8 mandates that lawyers understand the “benefits and risks associated with relevant technology”. Ignoring basic device security—a well-known risk—breaches this duty.  

How Tech Security Expectations Have Evolved  

The shift from casual vigilance to rigorous tech protocols is unmistakable:  

The ABA’s Formal Opinion 477R (2017) clarifies that lawyers must assess risks based on factors like data sensitivity and network security. Public Wi-Fi and unattended devices are now red flags requiring mitigation—not mere inconveniences.  

Consequences of Complacency 

The Jefferson County case underscores the professional, legal, and reputation fallout:   

  • Ethical investigations: State bars increasingly treat tech negligence as a violation of competency rules.

  • License suspension: The prosecutor faced disciplinary action for failing to safeguard confidential systems - in this case, an indefinite suspension.

  • Loss of client trust: Even non-malicious breaches erode confidence in a lawyer’s judgment.

* Interestingly, it appears the public defender got off lightly with a slap on the wrist, although the public defender did leave exposed client files and working notes. This led to the prosecuting attorney being moved off 19 cases he and the defense attorney were both working on - someone got lucky! 😲

What NOT to Do: A Checklist ✅

Avoid these critical mistakes:  

Not all nefarious tech interlopers wear masks! Keep your tech secure!

❌ Assume “quick” errands are harmless. Even 30 seconds unlocked can compromise data.

❌ Use unsecured public networks without a VPN.  

❌ Skip software updates, leaving devices vulnerable to exploits.  

❌ Store sensitive data locally without encryption or cloud backups.

❌ Use someone’s unsecured technology for malicious means or even for a prank.

Secure Your Practice: Best Practices  

  1. Enable automatic screen locks (under 5 minutes of inactivity).  

  2. Adopt encryption for emails and files containing client data.  

  3. Train staff on phishing scams and physical security protocols.  

  4. Develop an incident response plan to address breaches swiftly.  

Final Thoughts 🧐

As the Lawyer Behaving Badly Podcast highlighted in their episode Silly Little Goose, even “harmless” pranks can derail careers. In a world where a single unlocked laptop can trigger ethics investigations, proactive tech competence isn’t optional—it’s survival! Lock your devices, encrypt your data, and treat every public space as a potential threat vector. Your license depends on it. 🔒  

MTC

🚨 BOLO: Apple's Latest Update Activates AI - Lawyers, Protect Your Clients' Data! 🚨

/ The Tech-Savvy Lawyer.Page/

Attention tech-savvy lawyers! 📱💼 Apple's recent iOS and macOS updates have automatically enabled Apple Intelligence, raising significant concerns about client confidentiality and data privacy. As legal professionals, we must remain vigilant in protecting our clients' sensitive information. Here's what you need to know:

The Stealth Activation 🕵️‍♂️

In the last 24 hours, Apple released iOS 18.3, iPadOS 18.3, and macOS Sequoia 15.3, which automatically activate Apple Intelligence on compatible devices. This AI-powered suite offers various features, including rewriting text, generating images, and summarizing emails. While these capabilities may seem enticing, they pose potential risks to client confidentiality. 🚨

Privacy Concerns 🔒

Apple claims that Apple Intelligence uses on-device processing to enhance privacy. However, the system still requires 7GB of local storage and may analyze user interactions to refine its functionality. This level of data access and analysis raises red flags for lawyers bound by ethical obligations to protect client information.

Ethical Obligations ⚖️

Check your apple setting if you want to turn off “Apple Intelligence”!

The ABA Model Rules of Professional Conduct, particularly Rule 1.6, emphasize the duty of confidentiality. This rule extends to all forms of client data, including information stored on devices or accessed remotely. As tech-savvy lawyers, we must exercise reasonable care to prevent unauthorized disclosure of client information.

Potential Risks 🚫

Using AI-powered features without fully understanding their implications could lead to inadvertent breaches of client confidentiality. As we've discussed in our previous blog post, "My Two Cents: With AI Creeping Into Our Computers, Tablets, and Smartphones, Lawyers Need to Be Diligent About The Software They Use," lawyers must be cautious about adopting new technologies without proper vetting.

Lawyers MUST maintain reasonable competency in the use of technology! 🚨 ABA MRPC 1.1 [8] 🚨

Lawyers MUST maintain reasonable competency in the use of technology! 🚨 ABA MRPC 1.1 [8] 🚨

Steps to Take 🛡️

  1. Disable Apple Intelligence: Navigate to Settings > Apple Intelligence & Siri to turn off specific features or disable the entire suite.

  2. Educate Your Team: Ensure all staff members are aware of the potential risks associated with AI-powered features.

  3. Review Privacy Policies: Carefully examine Apple's privacy policies and terms of service related to Apple Intelligence.

  4. Implement Additional Safeguards: Consider using encrypted communication tools and secure cloud storage solutions for client data.

Final Thoughts 🧐

As we navigate this rapidly evolving technological landscape, it's essential to balance innovation with ethical obligations. Lawyers can thrive as tech-savvy professionals by embracing technology to enhance their practice while safeguarding client trust. Remember, maintaining reasonable competency in the use of technology is not just advisable—it’s an ethical duty. See Comment, #8, to ABA Model Rule, #1.1.

Subscribe to The Tech-Savvy Lawyer.Page for updates on this developing situation, news on the evolving impact of AI on the practice of law. Together, we can navigate the complexities of legal technology while upholding our professional responsibilities.

Stay safe, stay informed, and stay tech-savvy! 🚀📚💻

Happy Lawyering!