Skip to content

menu

Proskauer Rose LLP logo
HomeAbout UsOur TeamContactSubscribe All Topics
Search
Close

Minding Your Business

Proskauer's perspective on commercial litigation trends and legal developments

Lawyers Beware: Sending Native File Documents to Third Parties May Violate Your Ethical Obligations

By Ronald A. Valenzuela on January 5, 2017

The rules governing discovery of electronically stored information, though not fully developed, have matured enough to provide the basic “do’s and don’ts” for attorneys. Frequently, a party must produce electronic documents, such as Word documents, in their native format, rather than producing paper copies, in response to discovery requests; this obligation includes producing the document’s metadata, the data automatically embedded in an electronic file that contain information about the document, such as its origin and history of revisions. But what are a lawyer’s responsibilities concerning the transmission or receipt of metadata outside of the discovery context? A recent ethics opinion from the State Bar of Texas offers some guidance—and a stern warning: attorneys risk violating state rules of professional conduct if they mishandle metadata.

According to one source, the number of business e-mails sent and received worldwide each day is expected to exceed 120 billion this year. Attorneys have taken advantage of the speed, ease, and low cost of transmitting documents via e-mail; they share drafts of motions and pleadings with clients or co-counsel, for example, and exchange draft agreements with opposing counsel. When these documents are transmitted in their native format, they may include, unbeknownst to some senders or recipients, metadata containing confidential information.

The Professional Ethics Committee for the State Bar of Texas recently concluded that a lawyer must take “reasonable measures” to avoid transmitting metadata containing a client’s confidential information to persons to whom such confidential information shouldn’t be disclosed. See Professional Ethics Committee for the State Bar of Texas, Opinion No. 665, at 2 (Dec. 2016). This obligation, according to the committee, springs from two duties imposed under Texas rules of professional conduct: the duties of competence and confidentiality. Id.

These professional duties are not unique to Texas, so it is unsurprising that other states similarly require attorneys to handle metadata carefully. Lawyers in New York, for example, must exercise “reasonable care” to prevent the disclosure of metadata containing confidential information. See Committee on Professional Ethics, New York State Bar Association, Opinion No. 782 (Dec. 2004). Similar rules exist in Alabama, Arizona, Colorado, Florida, Maine, Maryland, Minnesota, Mississippi, New Hampshire, New Jersey, North Carolina, Oregon, Pennsylvania, Vermont, Washington, West Virginia, Wisconsin, and the District of Columbia.

But not every state has formally addressed the issue, and those that have taken it up have adopted different rules regarding the obligations of an attorney who receives electronic documents containing metadata. In Arizona, for example, a lawyer who receives an electronic communication may not examine, or “mine,” the document for metadata. See State Bar of Arizona Ethics Committee, Opinion No. 07-03 (Nov. 2007). Further, an attorney who inadvertently discovers metadata that she knows, or reasonably should know, reveals confidential information must not review it and must notify the sender. Id. The state bars of Florida, New York, New Hampshire, North Carolina, West Virginia, and the District of Columbia have adopted a similar position.

By contrast, attorneys in Colorado, Maryland, New Jersey, Oregon, Vermont, Washington, and Wisconsin are generally permitted to review or mine metadata, though there are important qualifications in many of these states. In Washington, for example, an attorney may not use special software to examine metadata that is not readily accessible. See Washington State Bar Association, Advisory Opinion No. 2216 (2012). Other states, such as Minnesota and Pennsylvania, have adopted a case-by-case approach rather than a bright-line rule.

Given this patchwork of rules, what steps can be taken to avoid violating them? State bars have not precisely defined what constitutes “reasonable measures” for protecting against transmitting metadata containing confidential information. The “reasonableness” of the lawyer’s conduct depends upon the factual circumstances, including the information’s sensitivity and the intended recipient. Still, there are relatively straightforward precautions that can be taken that may go a long way in meeting this standard.

  • Consult with an information technology expert to obtain software that removes the metadata. Of course, software is only effective if used correctly. Some programs may prompt the user to choose whether or not to “scrub” the metadata before transmitting the document. If the program’s default is not set to remove the data, blindly “clicking through” the program queries could result in the inadvertent transmission of metadata.
  • Convert the electronic document to a read-only PDF, or print the document and scan it as a PDF, and transmit the PDF version. The PDF is itself an electronic document, so it may include metadata, though not necessarily the same data embedded in the original electronic document.
  • Transmit the document the old fashion way: print the electronic document and send the paper copy by fax, mail, or courier.

The answer to avoiding ethical violations by the recipient of metadata is less straightforward given the different state rules. Recipients who take a better-safe-than-sorry approach by ignoring metadata in all instances might not be choosing the right course, as failing to thoroughly review documents obtained from opposing counsel could itself be a violation of an attorney’s duties of competence and diligence. See, e.g., Vermont Bar Association Professional Responsibility Section, Opinion No. 2009-1 (2009). Attorneys, therefore, must carefully review the rules in their own state. Failure to do so could have significant consequences.

Posted in Use of Technology for Advocacy
Tags: Confidential Information, Discovery, Electronic Documents, electronically stored information, Ethics, Metadata, Native File Documents
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Related Posts
DOJ Targets AI Pricing Algorithms: RealPage Case Signals Potential Shift in Antitrust Enforcement
November 6, 2024
Taylor Swift and Congress Have “Bad Blood” with AI Deepfakes
September 27, 2024
AI Got It Wrong, Doesn’t Mean We Are Right: Practical Considerations for the Use of Generative AI for Commercial Litigators
March 20, 2024
Subscribe to the Minding Your Business Blog
Subscribe to this Blog
The Proskauer Blog Network
View All Proskauer Blogs

Minding Your Business

Proskauer Rose LLP logo
Boca Raton|Boston|Chicago|Hong Kong|London|Los Angeles|New Orleans|New York|Paris|São Paulo|Washington, DC
Twitter linkedin RSS
Privacy PolicyDisclaimer

About Proskauer Rose LLP

We are 800+ lawyers serving clients from offices located in the leading financial and business centers in the Americas, Europe and Asia. The world’s leading organizations, companies and corporations choose us to be their representatives in their most critical situations. Moreover, they consider Proskauer a strategic partner to drive their business forward. We work with asset managers, private equity and venture capital firms, Fortune 500 companies, major sports leagues, entertainment industry legends and other industry-redefining companies.

Visit Proskauer.com

Topics

Archives

Copyright ©2025, Proskauer Rose LLP. All Rights Reserved.
Law blog design & platform by LexBlog LexBlog Logo

Proskauer and our platform provider LexBlog each use cookies to personalize content and ads, to provide social media features and to analyze traffic. Each of us also share information about your use of our site with our social media, advertising and analytics partners. If you are happy for us to store these cookies on your device please click ‘Accept Cookies.' For more information, please see here and here.

OK