COMMITTEE OF FLORIDA BAR MOVES AGAINST METADATA . . . In Florida, the Ethics Committee of the Florida Bar has issued a proposed advisory opinion about metadata that instructs lawyers to take “reasonable steps” to safeguard metadata in documents and instructs lawyers receiving documents not to view metadata if they know or should know that "the information is not intended for the recipient.” The proposed rule specifically excludes metadata “that is discoverable under applicable rules or is admissible in a trial or arbitration.”
For background about the meaning of "metadata," see "Mining the Value from Metadata," a column at DiscoveryResources.org by Dennis Kennedy, Tom Mighell, and me, and "What's a Little Metadata Mining Between Colleagues?" by Jessica M. Walker. For a longer list of resources about metadata, see Ben Cowgill's "Making sense of metadata: a mega-list of links for lawyers."
The proposed Florida rule states, in part:
In order to maintain confidentiality under Rule 4-1.6(a), Florida lawyers must take reasonable steps to protect client confidences in all types of documents and information that leave the lawyers’ offices, including electronic documents and electronic communications with other lawyers and third parties. The duties of a lawyer when sending an electronic document to another lawyer and when receiving an electronic document from another lawyer are as follows:
(1) It is the sending lawyer’s obligation to take reasonable steps to safeguard the confidentiality of all communications sent by electronic means to other lawyers and third parties and to protect from other lawyers and third parties all confidential information, including information contained in metadata, that may be included in such electronic communications.
(2) It is the recipient lawyer’s concomitant obligation, upon receiving an electronic communication or document from another lawyer, not to try to obtain from metadata information relating to the representation of the sender’s client where the recipient knows or should know that the information is not intended for the recipient. Any such metadata is to be considered by the receiving lawyer as confidential information which the sending lawyer did not intend to transmit.
Here are a few preliminary thoughts about the proposed rule, particularly its second subpart:
- The proposed rule will not keep lawyers from looking at metadata, since the ban only applies when "the recipient knows or should know that the information is not intended for the recipient." How can you tell anything about the sender's intent without seeing the metadata first? Though the ethics committee tried to write a rule that keeps lawyers away from metadata, the rule cannot be applied unless lawyers do just the opposite.
- In allowing lawyers to look at metadata only in exceptional circumstances, the proposed rule treats metadata as a useless byproduct of word-processing technology, a particularly troublesome type of electronic trash. In fact, metadata is generated as a feature of word-processing programs to assist authors in tracking many different types of information about their documents. Thus the proposed rule is founded upon a misunderstanding of what metadata is.
- The misunderstanding upon which the rule is based is also evident in the way that it defines metadata as a subcategory of "confidential" information. The proposed rule is based on the premise that metadata is hard to get to without a struggle. Metadata must be “mined” in order to be seen. But the metaphor isn’t apt. For example, in Word and Word Perfect, you simply have to follow a few menu items in order to see metadata. The software is designed to make metadata easily visible, not hidden.
- To call metadata “confidential” and “hidden” when it isn’t is to create fictions about software that just aren’t true. To restrict lawyers from acting based on these fictions is to create rules that puts the human users of software at cross purposes with the human designers of software.
- Reading between the lines of the proposed rule, it seems that the Florida Bar doesn’t trust its lawyers enough to let them alone with word-processing software that might create metadata that they don't know about. The proposed rule is fueled by a fear of technology. Though the proposed rule tries to create a safe harbor for the technology inept by putting the onus on recipients (telling them not to look), the onus should lie on whoever creates the document. That's the point of the first subclause of the rule, which would suffice to accomplish what I think the Florida Bar is trying to accomplish.
- Finally, I wonder if people ever choose lawyers based on the ethical rules of the state where those lawyers practice. Given a choice between hiring a lawyer in Florida, where lawyers may not be allowed to use technology as it was intended, and hiring a lawyer somewhere else, why would anyone choose the lawyer from Florida?
Thanks to Dennis Kennedy for giving me a heads up about the proposed Florida rule. For related posts on this weblog, see "Florida Bar Baffled and Upset by Metadata" and "The Legal Underground Podcast Episode #45."
Evan, Are you saying that lawyers should be off the hook ethically whenever software designers make it easy to violate what we formerly thought of as zones of privacy? [hmm, software designers as ethical role models for professionals!] Or, are you saying that it is foolish to have an ethical rule for behavior that very few lawyers are likely to engage in?
Given the fact that some tech-savvy lawyers have already stated that NOT taking advantage of metadata secrets and clues might amount to an unethical lack of diligence, it doesn't seem all that strange to me for a bar association to specifically tell its lawyers not to engage in such practices. The fact that it is easy to do, or that you or other lawyers you know and admire have been doing such "mining," doesn't make it appropriate.
Posted by: David Giacalone | May 09, 2006 at 04:00 PM
David: I think you start from a false premise when you assume that a "zone of privacy" attaches or should attach to metadata. Perhaps you think it should, but that probably just means that you and I don't agree about what metadata is. An example of metadata is the information in a Word document about who the "author" of the document is. Another example of metadata is the id3 tags in mp3 files that display in a mp3 player--"author," "title," and so on. Still another example is the information in a library card catalog, which contains metadata about the books in the library.
Where is the zone of privacy in these examples? I don't see it. Of course, it's possible that when the Florida Bar says "metadata," they are giving the word some private meaning, e.g., "metadata is information about a file that would embarrass the author of the file if it became publicly known." A workable rule about metadata cannot be fashioned based on such a flawed definition.
I also don't agree with the assumption in the first sentence of your comment that metadata was something that existed in computer files but was generally hidden until software designers came along and made it easy to see it. In the examples I just gave of metadata, the ability to store the metadata and the ability to see it took place concurrently.
Posted by: Evan | May 09, 2006 at 07:37 PM
Software Designers make their software so that it serves the greatest benefit to the largest number of people. They aren't intentionally trying to hammer lawyers or anybody else. They have found that providing such information is more useful than it isn't.
If you don't like metadata the thing to do is to start sending letters/emails to Micrsoft's applications division asking for a "finished product" feature that will remove all metadata that doesn't relate to the formating of the document. Or a feature that turns off non formating metadata to begin with.
Posted by: John M | May 16, 2006 at 12:34 PM
A lawyer who uses technology has the burden to ensure it does not jeopardize client confidentiality or otherwise interfere with the lawyer's duties to the client. From time to time, lawyers will accidentally disclose confidential information and the recipient ought not to take unfair advantage of such accidental disclosure, but the burden on every lawyer is to take adequate safeguards with our clients' confidences, not to pretend we can't see what's right there on our computer screens.
Imagine if the Florida Bar had applied THAT principle. What effect might that have on software developers? I can tell you that phone book ad salesmen are very accommodating to our disclosure requirements; wouldn't Adobe and Microsoft have to accommodate us as well?
Posted by: Mike W. | May 23, 2006 at 11:51 AM