🚨 Breaking News! Federal Courts Implement Enhanced Security Measures for Sealed Documents Following Sophisticated Nation-State Cyberattacks! What Lawyers Must Know Now!!!

/ The Tech-Savvy Lawyer.Page/

Federal courts have launched sweeping new protocols restricting electronic access to sealed documents after a widespread cyberattack linked to Russian actors exposed critical vulnerabilities in the federal judiciary’s decades-old digital infrastructure. As previously reported here, the breach compromised highly confidential information—such as sealed indictments and informant data—across numerous districts, prompting courts to eliminate electronic viewing of sealed filings and require paper-only procedures for sensitive court documents.

what do lawyers need to do as Federal courts respond to cyber attacks?

Why is this happening?
Nation-state cyber threats and outdated systems left federal courts open to attack, as repeatedly warned by The Tech-Savvy Lawyer.Page. The blog has consistently flagged the risks associated with aging technology, weak authentication, and the need for law firms to adopt advanced cybersecurity practices. The recent breach brings these warnings to life, forcing immediate changes for all legal professionals.

What lawyers must do:
Attorneys must now file sealed documents according to new court protocols—usually paper filings—and cannot access them electronically. This transformation demands lawyers take proactive steps to secure confidential information at all times, in line with ABA Model Rule 1.6. Practitioners should review The Tech-Savvy Lawyer.Page for practical tips on ethical compliance and digital preparedness, such as those featured in its “go bag” guide for legal professionals.

Most importantly, consult your local federal court’s website or clerk for the latest procedures, as requirements may vary by district. Safeguarding client confidentiality remains central to legal ethics—stay vigilant, stay informed, and stay tech-savvy.

MTC:  Federal Circuit's Drop Box Relocation Sends a Signal Threatening Access to Justice: Why Paper Filing Options Must Remain Accessible 📝⚖️

/ The Tech-Savvy Lawyer.Page/

Midnight Filing Rights Under Threat by Federal Court Drop Box Move.

The Federal Circuit's recent decision to relocate its paper filing drop box from outside the courthouse to inside the building, with restricted hours of 8:30 AM to 7:00 PM, represents a concerning step backward for legal accessibility. This policy change, effective October 20, 2025, fundamentally undermines decades of established legal practice and creates unnecessary barriers to justice that disproportionately impact solo practitioners, small firms, and self-represented litigants.

The Critical Role of 24/7 Drop Box Access 🕐

For generations, the legal profession has relied on midnight filing capabilities as an essential safety net. The traditional 24-hour drop box access has served as a crucial backup system when electronic filing systems fail, internet connectivity issues arise, or attorneys face last-minute technical emergencies. Federal courts have long recognized that electronic filing deadlines extend until midnight in the court's time zone, acknowledging that legal work often continues around the clock and in different time zones across the globe.

The ability to file papers at any hour has been particularly vital for attorneys handling time-sensitive matters such as emergency motions, appeals with strict deadlines, and patent applications where timing can be critical to a client's rights. Research shows that approximately 10% of federal court filings occur after 5:00 PM, with many of these representing urgent legal matters that cannot wait until the next business day.

Technology's Promise and Perils ⚙️

While electronic filing systems have revolutionized legal practice, they are far from infallible. Court system outages occur with concerning regularity - as recently demonstrated by Washington State's two-week court system shutdown due to unauthorized network activity. When CM/ECF systems go offline, attorneys must have reliable alternative filing methods to meet critical deadlines.

The Federal Circuit's own procedures acknowledge this reality, noting that their CM/ECF system undergoes scheduled maintenance and may experience unexpected outages. During these periods, having accessible backup filing options becomes essential for maintaining the integrity of the legal process. The relocation of the drop box inside the building with limited hours eliminates this crucial failsafe, potentially leaving attorneys with no viable filing option during system emergencies outside business hours.

Digital Divide and Access to Justice Concerns 📱

Tech-Savvy Lawyer Battles Drop Box Access and Justice Barrier.

The restricted drop box access exacerbates existing digital equity issues within the legal system. While large law firms have robust IT infrastructure and technical support, solo practitioners and small firms often lack these resources. Self-represented litigants, who represent approximately 75-95% of parties in many civil cases, face even greater challenges navigating electronic filing requirements.

Studies have shown that technology adoption in courts has disproportionately benefited well-resourced parties while creating additional barriers for vulnerable populations. The Federal Circuit's policy change continues this troubling trend by prioritizing operational convenience over equal access to justice.

Legal Practice Realities 💼

The Federal Circuit's restricted hours—8:30 AM to 7:00 PM, Monday through Friday—fail to recognize the realities of modern legal practice. Patent attorneys, who frequently practice before this court, often work across multiple time zones and may need to file documents outside traditional business hours due to client demands or international coordination requirements.

Moreover, the new policy requires documents to be date-stamped and security-screened before deposit, adding additional procedural steps that could create delays and complications. These requirements, while perhaps well-intentioned from a security perspective, create practical obstacles that could prevent the timely filing of critical documents.

Recommendations for Balanced Approach ✅

The Federal Circuit should reconsider this policy change and adopt a more balanced approach that strikes a balance between security and access to justice. Recommended alternatives include:

Hybrid access model: Maintain extended drop box hours (perhaps 6:00 AM to 10:00 PM) to accommodate working attorneys while addressing security concerns.

Emergency filing provisions: Establish clear procedures for after-hours emergency filings when deadlines cannot be met due to the restricted schedule.

Enhanced electronic backup systems: Invest in more robust CM/ECF infrastructure and backup systems to reduce the likelihood of system outages that would necessitate paper filing.

Stakeholder consultation: Engage with the patent bar and other frequent court users to develop solutions that balance operational needs with practitioner requirements.

Preserving the Foundation of Legal Practice ⚖️

Drop Box Limits Highlight Digital Divide in Federal Courthouse Access.

The Federal Circuit's drop box policy change represents more than an administrative adjustment - it undermines a fundamental principle that the courthouse doors should remain open to all who seek justice. The legal profession has long operated on the understanding that filing deadlines are absolute, and courts have historically provided mechanisms to ensure compliance even under challenging circumstances.

By restricting drop box access, the Federal Circuit sends a troubling message that convenience trumps accessibility. This policy particularly harms the very practitioners who help maintain the patent system's vitality - innovative small businesses, independent inventors, and emerging technology companies that rely on accessible filing procedures.

The court should reverse this decision and either restore 24-hour drop box access or, at a minimum, extend the hours to serve the legal community and the public better. In an era where access to justice faces mounting challenges, courts must resist policies that create additional barriers to legal participation. The integrity of our judicial system depends on maintaining pathways for all parties to present their cases, regardless of their technological capabilities or the timing of their legal needs.

MTC

📖 Word of the Week: RAG (Retrieval-Augmented Generation) - The Legal AI Breakthrough Eliminating Hallucinations. 📚⚖️

/ The Tech-Savvy Lawyer.Page/

What is RAG?

USEd responsibly, rag can be a great tool for lawyers!

Retrieval-Augmented Generation (RAG) is a groundbreaking artificial intelligence technique that combines information retrieval with text generation. Unlike traditional AI systems that rely solely on pre-trained data, RAG dynamically retrieves relevant information from external legal databases before generating responses.

Why RAG Matters for Legal Practice

RAG addresses the most significant concern with legal AI: fabricated citations and "hallucinations." By grounding AI responses in verified legal sources, RAG systems dramatically reduce the risk of generating fictional case law. Recent studies show RAG-powered legal tools produce hallucination rates comparable to human-only work.

Key Benefits

RAG technology offers several advantages for legal professionals:

Enhanced Accuracy: RAG systems pull from authoritative legal databases, ensuring responses are based on actual statutes, cases, and regulations rather than statistical patterns.

Real-Time Updates: Unlike static AI models, RAG can access current legal information, making it valuable for rapidly evolving areas of law.

Source Attribution: RAG provides clear citations and references, enabling attorneys to verify and build upon AI-generated research.

Practical Applications

lawyers who don’t use ai technology like rag will be replaced those who do!

Law firms are implementing RAG for case law research, contract analysis, and legal memo drafting. The technology excels at tasks requiring specific legal authorities and performs best when presented with clearly defined legal issues.

Professional Responsibility Under ABA Model Rules

ABA Model Rule 1.1 (Competence): Comment 8 requires lawyers to "keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology." This mandates understanding RAG capabilities and limitations before use.

ABA Model Rule 1.6 (Confidentiality): Lawyers must "make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client." When using RAG systems, attorneys must verify data security measures and understand how client information is processed and stored.

ABA Model Rule 5.3 (Supervision of Nonlawyer Assistants): ABA Formal Opinion 512 clarifies that AI tools may be considered "nonlawyer assistants" requiring supervision. Lawyers must establish clear policies for RAG usage and ensure proper training on ethical obligations.

ABA Formal Opinion 512: This 2024 guidance emphasizes that lawyers cannot abdicate professional judgment to AI systems. While RAG systems offer improved reliability over general AI tools, attorneys remain responsible for verifying outputs and maintaining competent oversight.

Final Thoughts: Implementation Considerations

lawyers must consider their ethical responsibilities when using generative ai, large language models, and rag.

While RAG significantly improves AI reliability, attorneys must still verify outputs and exercise professional judgment. The technology enhances rather than replaces legal expertise. Lawyers should understand terms of service, consult technical experts when needed, and maintain "human-in-the-loop" oversight consistent with professional responsibility requirements.

RAG represents a crucial step toward trustworthy legal AI, offering attorneys powerful research capabilities while maintaining the accuracy standards essential to legal practice and compliance with ABA Model Rules. Just make sure you use it correctly and check your work!

MTC: Is Puerto Rico’s Professional Responsibility Rule 1.19 Really Necessary? A Technology Competence Perspective.

/ The Tech-Savvy Lawyer.Page/

Is PR’s Rule 1.19 necessary?

The legal profession stands at a crossroads regarding technological competence requirements. With forty states already adopting Comment 8 to Model Rule 1.1, which mandates lawyers "keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology," the question emerges: do we need additional rules like PR Rule 1.19?

Comment 8 to Rule 1.1 establishes clear parameters for technological competence. This amendment, adopted by the ABA in 2012, expanded the traditional duty of competence beyond legal knowledge to encompass technological proficiency. The Rule requires lawyers to understand the "benefits and risks associated with relevant technology" in their practice areas.

The existing framework appears comprehensive. Comment 8 already addresses core technological competencies, including e-discovery, cybersecurity, and client communication systems. Under Rule 1.1 (Comment 5), legal professionals must evaluate whether their technological skills meet "the standards of competent practitioners" without requiring additional regulatory layers.

However, implementation challenges persist. Many attorneys struggle with the vague standard of "relevant technology". The rule's elasticity means that competence requirements continuously evolve in response to technological advancements. Some jurisdictions, like Puerto Rico (see PR’s Supreme Court’s Order ER-2025-02 approving adoption of its full set of Rules of Professional Conduct, have created dedicated technology competence rules (Rule 1.19) to provide clearer guidance.

The verdict: redundancy without added value. Rather than creating overlapping rules, the legal profession should focus on robust implementation of existing Comment 8 requirements. Enhanced continuing legal education mandates, clearer interpretive guidance, and practical competency frameworks would better serve practitioners than additional regulatory complexity.

Technology competence is essential, but regulatory efficiency should guide our approach. 🚀

🎙️ Bonus Episode: TSL Lab’s Notebook.AI Commentary on June 23, 2025, TSL Editorial!

/ The Tech-Savvy Lawyer.Page/

Hey everyone, welcome to this bonus episode!

As you know, in this podcast we explore the future of law through engaging interviews with lawyers, judges, and legal tech professionals on the cutting edge of legal innovation. As part of our Labs initiative, I am experimenting with AI-generated discussions—this episode features two Google Notebook.AI hosts who dive deep into our latest Editorial: "Lawyers, Generative AI, and the Right to Privacy: Navigating Ethics, Client Confidentiality, and Public Data in the Digital Age." If you’re a busy legal professional, join us for an insightful, AI-powered conversation that unpacks the editorial’s key themes, ethical challenges, and practical strategies for safeguarding privacy in the digital era.

Enjoy!

In our conversation, the "Bots" covered the following:

00:00 Introduction to the Bonus Episode

01:01 Exploring Generative AI in Law

01:24 Ethical Challenges and Client Confidentiality

01:42 Deep Dive into the Editorial

09:31 Practical Strategies for Lawyers

13:03 Conclusion and Final Thoughts

Resources:

Google Notebook.AI - https://notebooklm.google/

MTC: Lawyers, Generative AI, and the Right to Privacy: Navigating Ethics, Client Confidentiality, and Public Data in the Digital Age

/ The Tech-Savvy Lawyer.Page/

Modern attorneys need to tackle AI ethics and privacy risks.

The legal profession stands at a critical crossroads as generative AI tools like ChatGPT become increasingly integrated into daily practice. While these technologies offer unprecedented efficiency and insight, they also raise urgent questions about client privacy, data security, and professional ethics—questions that every lawyer, regardless of technical proficiency, must confront.

Recent developments have brought these issues into sharp focus. OpenAI, the company behind ChatGPT, was recently compelled to preserve all user chats for legal review, highlighting how data entered into generative AI systems can be stored, accessed, and potentially scrutinized by third parties. For lawyers, this is not a theoretical risk; it is a direct challenge to the core obligations of client confidentiality and the right to privacy.

The ABA Model Rules and Generative AI

The American Bar Association’s Model Rules of Professional Conduct are clear: Rule 1.6 requires lawyers to “act competently to safeguard information relating to the representation of a client against unauthorized access by third parties and against inadvertent or unauthorized disclosure”. This duty extends beyond existing clients to former and prospective clients under Rules 1.9 and 1.18. Crucially, the obligation applies even to information that is publicly accessible or contained in public records, unless disclosure is authorized or consented to by the client.

Attorneys need to explain generative AI privacy concerns to client.

The ABA’s recent Formal Opinion 512 underscores these concerns in the context of generative AI. Lawyers must fully consider their ethical obligations, including competence, confidentiality, informed consent, and reasonable fees when using AI tools. Notably, the opinion warns that boilerplate consent in engagement letters is not sufficient; clients must be properly informed about how their data may be used and stored by AI systems.

Risks of Generative AI: PII, Case Details, and Public Data

Generative AI tools, especially those that are self-learning, can retain and reuse input data, including Personally Identifiable Information (PII) and case-specific details. This creates a risk that confidential information could be inadvertently disclosed or cross-used in other cases, even within a closed firm system. In March 2023, a ChatGPT data leak allowed users to view chat histories of others, illustrating the real-world dangers of data exposure.

Moreover, lawyers may be tempted to use client public data—such as court filings or news reports—in AI-powered research or drafting. However, ABA guidance and multiple ethics opinions make it clear: confidentiality obligations apply even to information that is “generally known” or publicly accessible, unless the client has given informed consent or an exception applies. The act of further publicizing such data, especially through AI tools that may store and process it, can itself breach confidentiality.

Practical Guidance for the Tech-Savvy (and Not-So-Savvy) Lawyer

Lawyers can face disciplinary hearing over unethical use of generative AI.

The Tech-Savvy Lawyer.Page Podcast Episode 99, “Navigating the Intersection of Law Ethics and Technology with Jayne Reardon and other The Tech-Savvy Lawyer.Page postings offer practical insights for lawyers with limited to moderate tech skills. The message is clear: lawyers must be strategic, not just enthusiastic, about legal tech adoption. This means:

  • Vetting AI Tools: Choose AI platforms with robust privacy protections, clear data handling policies, and transparent security measures.

  • Obtaining Informed Consent: Clearly explain to clients how their information may be used, stored, or processed by AI systems—especially if public data or PII is involved.

  • Limiting Data Input: Avoid entering sensitive client details, PII, or case specifics into generative AI tools unless absolutely necessary and with explicit client consent.

  • Monitoring for Updates: Stay informed about evolving ABA guidance, state bar opinions, and the technical capabilities of AI tools.

  • Training and Policies: Invest in ongoing education and firm-wide policies to ensure all staff understand the risks and responsibilities associated with AI use.

Conclusion

The promise of generative AI in law is real, but so are the risks. As OpenAI’s recent legal challenges and the ABA’s evolving guidance make clear, lawyers must prioritize privacy, confidentiality, and ethics at every step. By embracing technology with caution, transparency, and respect for client rights, legal professionals can harness AI’s benefits without compromising the foundational trust at the heart of the attorney-client relationship.

MTC

BOLO: LexisNexis Data Breach: What Legal Professionals Need to Know Now—and Why All Lexis Products Deserve Scrutiny!

/ The Tech-Savvy Lawyer.Page/

LAWYERS NEED TO BE BOTH TECH-SAVVY AND Cyber-SavvY!

On December 25, 2024, LexisNexis Risk Solutions (LNRS)—a major data broker and subsidiary of LexisNexis—suffered a significant data breach that exposed the personal information of over 364,000 individuals. This incident, which went undetected until April 2025, highlights urgent concerns for legal professionals who rely on LexisNexis and its related products for research, analytics, and client management.

What Happened in the LexisNexis Breach?

Attackers accessed sensitive data through a third-party software development platform (GitHub), not LexisNexis’s internal systems. The compromised information includes names, contact details, Social Security numbers, driver’s license numbers, and dates of birth. Although LexisNexis asserts that no financial or credit card data was involved and that its main systems remain secure, the breach raises red flags about the security of data handled across all Lexis-branded platforms.

Why Should You Worry About Other Lexis Products?

LexisNexis Risk Solutions is just one division under the LexisNexis and RELX umbrella, which offers a suite of legal, analytics, and data products widely used by law firms, courts, and corporate legal departments. The breach demonstrates that vulnerabilities may not be limited to one product or platform; third-party integrations, development tools, and shared infrastructure can all present risks. If you use LexisNexis for legal research, client intake, or case management, your clients’ confidential data could be at risk—even if the breach did not directly affect your specific product.

Ethical Implications: ABA Model Rules of Professional Conduct

ALL LawyerS NEED TO BE PREPARED TO FighT Data LeakS!

The American Bar Association’s Model Rules of Professional Conduct require lawyers to safeguard client information and maintain competence in technology. Rule 1.6(c) mandates that attorneys “make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” Rule 1.1 further obligates lawyers to keep abreast of changes in law and its practice, including the benefits and risks associated with relevant technology.

In light of the LexisNexis breach, lawyers must:

  • Assess the security of all third-party vendors, including legal research and data analytics providers.

  • Promptly notify clients if their data may have been compromised, as required by ethical and sometimes statutory obligations.

  • Implement additional safeguards, such as multi-factor authentication and regular vendor risk assessments.

  • Stay informed about ongoing investigations and legal actions stemming from the breach.

What Should Legal Professionals Do Next?

  • Review your firm’s use of LexisNexis and related products.

  • Ask vendors for updated security protocols and breach response plans.

  • Consider offering affected clients identity protection services.

  • Update internal policies to reflect heightened risks associated with third-party platforms.

The Bottom Line

The LexisNexis breach is a wake-up call for the legal profession. Even if your primary Lexis product was not directly affected, the interconnected nature of modern legal technology means your clients’ data could still be at risk. Proactive risk management and ethical vigilance are now more critical than ever.