Tag Archives: Online Storage

Saving Gmail to PDF Using Zapier

Posted on by
1

Google Calendar in one hourAre you a Gmail user?  Many lawyers are.

Gmail and Google Calendar [sometimes coupled with Google Apps] is a popular alternative to Outlook.  But there is a key issue with using web-based email that lawyers often overlook: messages stored online simply don’t make it to your client file.  If you prefer web-based email and rebel against the idea of downloading messages to a local program on your desktop or laptop, how can you document your file?

This has been a challenge.  Until now.

The Bad Old Days: Saving Messages as Individual PDF Files

Gmail – as stand-alone web-based email – does not offer an easy way to capture a group of messages labeled or stored in a folder online.  If you want to save client emails, you must do so one at a time by printing each message to PDF (or scanning each message to PDF).  This is so incredibly tedious that most lawyers never do it.  Messages are saved online and nowhere else, resulting in non-cohesive client records.

Today’s solution: Zapier

Zapier is one way to solve this problem.  It automatically files Gmail by moving messages for you.  The only trick is the destination, which must be another web-based service or account.  Google Drive and Dropbox are two examples of locations where mail can be saved.  Here is a simple explanation of how the service works.

If you are paperless and storing your client records at one of the supported online destinations, then Zapier can make your client file cohesive.  Everything is in one location and your records are complete.  One of the most popular approaches is to use Zapier to save client email to Dropbox.

Parting Thoughts

“Zapping” your Gmail to the same online location where you keep your other client records seems like a good way to go.  As with any cloud-based solution, there are ethical concerns.

  1. Is Zapier secure?  Zapier stores the data it is moving on your behalf for 7 days, then purges it.  Your credentials are protected by bank-level encryption.  HTTPS or SSL connections are used whenever possible [If the destination app you are connecting to is not HTTPS or SSLZapier cannot “force” that type of connection.]  Users can monitor the task history of Zapier for the life of their accounts to verify activity and data transfer. Read more here.
  2. Is it a good idea to keep confidential and privileged client records in Dropbox, Google Drive, Box, or One Drive?  Yes, provided you supplement the built-in protection of your online accounts with a private [client side] encryption product like Viivo.  Problem solved.
  3. Won’t I just be safer if I store files on my own computer?  This is another way to go, but you’ll be stuck with the one-at-a-time process of saving email as described above.  Additionally, the tide of expert thought is shifting to the belief that cloud-based solutions are superior.  See The great IT myth: is cloud really less secure than on-premise?

 

All Rights Reserved [2016] Beverly Michaelis

The Ethical Minefield of Using Social Media for Investigation

Posted on by
4

imagesIn late February, the Oregon State Bar Board of Governors approved OSB Formal Opinion No. 2013-189.  Following in the footsteps of opinions about metadata (187) and cloud computing (188), the bar seeks to address the ethical minefield of using social media to investigate an opposing party, a witness, or a juror.

The scenario is as follows:

Lawyer wishes to investigate an opposing party, a witness, or a juror by accessing the person’s social networking website. While viewing the publicly available information on the website, Lawyer learns that there is additional information that the person has kept from public view through privacy settings and that is available by submitting a request through the person’s website.

  1. May Lawyer review a person’s publicly available information on a social networking website?
  2. May Lawyer, or an agent on behalf of Lawyer, request access to a person’s non-public information?
  3. May Lawyer, or an agent on behalf of Lawyer, use a computer username or other alias that does not identify Lawyer when requesting permission from the account holder to view non-public information?

Public Information is Up for Grabs

“Accessing the publicly available information on a person’s social networking website is not a “communication” prohibited by Oregon RPC 4.2. OSB Formal Opinion No. 2005-164 discusses the propriety of a lawyer accessing the public portions of an adversary’s website and concludes that doing so is not “communicating” with the site owner within the meaning of Oregon RPC 4.2. The Opinion compared accessing a website to reading a magazine article or purchasing a book written by an adversary. The same analysis applies to publicly available information on a person’s social networking web pages.”

Lawyers May Ethically “Friend” Non-Represented Parties

  • A lawyer may request access to a person’s non-public personal information provided the lawyer has no actual knowledge that the person is represented on the subject matter by counsel. OSB Formal Opinion 2004-164.
  • If the holder of the social networking account requests additional information to identify the lawyer, the lawyer must comply or withdraw the request.
  • If the lawyer has reason to believe the holder of the social networking account misunderstands the lawyers role, the lawyer must provide additional information or withdraw the request.

Lawyers May Not Ethically “Friend” Represented Parties

If the holder of a social networking account is represented, the “friend” or contact request must be made through the account holder’s counsel or with the counsel’s prior consent.  Oregon RPC 4.2.

Contacting Jurors

“Although a lawyer may review a juror’s publicly available information on social networking websites, communication with jurors before, during, and after a proceeding is generally prohibited. Accordingly, a lawyer may not send a request to a juror to access non-public personal information on a social networking website, nor may a lawyer ask an agent do to do so.”

The Rationale Behind “Friending” Non-Represented Parties

The opinion includes an interesting discussion about the rationale for allowing lawyers to contact non-represented parties.

On the one hand, Oregon RPC 4.3 prohibits a lawyer from stating or implying that the lawyer is disinterested when making contact with an unrepresented party.  Further, if the lawyer knows or reasonably should know the unrepresented party misunderstand’s the lawyer’s role, he or she is obliged to correct that misunderstanding.  [See the second and third bullet points above, under Lawyers May Ethically “Friend” Non-Represented Parties.]

The opinion acknowledges that sending a request for contact means the “… lawyer is interested in the person’s social networking information.”  So how is it that contact is permitted under Oregon RPC 4.3?  Here is the explanation:

  • A Lawyer’s request for access to non-public information does not in and of itself make a representation about the Lawyer’s role.
  • The holder of the [social networking] account has full control over who views the information available on his or her pages.
  • The account holder can accept or reject requests for access.
  • The account holder’s failure to inquire further about the identity or purpose of unknown access requestors is not the equivalent of misunderstanding Lawyer’s role in the matter.

Deceptive Access to Non-Public Information

The opinion also addresses the use of subterfuge to shield the lawyer’s identity when making a request for access to non-public information.  Aliases or “fake” usernames are generally not permitted in this context, unless the “covert activity” exception applies.  See Oregon Formal Opinion No. 2005-173 for a full discussion.

What this Opinion Does NOT Address

Formal Opinion No. 2013-189 addresses the ethical implications of using social networking sites for investigation.  It does not discuss the Stored Communications Act (SCA).  For a very brief overview of the implications of the SCA, see this post.  If in doubt, research the applicability of SCA issues before proceeding with social networking investigation activities.  If you practice employment law, be aware of Traps for the Unwary Employer (using social networking and related digital resources to screen potential employees).

All Rights Reserved 2013 Beverly Michaelis

Oregon Approves Ethics Opinion on “Cloud Computing”

Posted on by
8

May a lawyer contract with a third-party vendor to store client files and documents online, allowing for remote access by the lawyer or her clients?

Yes, so sayeth the Oregon State Bar in newly issued Formal Opinion No. 2011-188 Information Relating to Representation of a Client: Third-Party Electronic Storage of Client Materials.

Here are the details from the opinion:

A lawyer may store client materials on a third-party server so long as Lawyer complies with the duties of competence and confidentiality to reasonably keep the client’s information secure within a given situation.

Keeping client information secure means taking reasonable steps to ensure that the storage company will reliably secure client data and keep information confidential. Under certain circumstances, this may be satisfied though a third-party vendor’s compliance with industry standards relating to confidentiality and security, provided that those industry standards meet the minimum requirements imposed on the Lawyer by the Oregon RPCs. This may include, among other things:

  • Ensuring the service agreement requires the vendor to preserve the confidentiality and security of the materials.
  • It may also require that vendor notify Lawyer of any nonauthorized third-party access to the materials.
  • The lawyer should also investigate how the vendor backs up and stores its data and metadata to ensure compliance with the lawyer’s duties.

Although the third-party vendor may have reasonable protective measures in place to safeguard the client materials, the reasonableness of the steps taken will be measured against the technology “available at the time to secure data against unintentional disclosure.”  As technology advances, the third-party vendor’s protective measures may become less secure or obsolete over time.  Accordingly, Lawyer may be required to reevaluate the protective measures used by the third party vendor to safeguard the client materials.

No File Left Behind! Great offer from Carbonite

Posted on by
Reply

Have you been procrastinating about a back-up system?  Check out this great offer from Carbonite:

You can win a year of online backup and a laptop in the #BackItUp2012 giveaway.  Visit Carbonite’s Facebook page to enter.

If you get just two friends to sign up, you’ll be entered to win one of:

  • Two finalist prizes: A $100 Visa gift card with a Carbonite Home subscription– so, you can purchase your favorite computer accessory or other item of choice.
  • One GRAND PRIZE: A $100 Visa gift card and a laptop complete with a Carbonite Home subscription!