Pennsylvania Ethics Advisory Opinion on Cloud Computing

In January 2011, the Pennsylvania Bar Association released an advisory (non-binding) ethics opinion addressing cloud computing issues. [FN1] The short, advisory opinion cautiously concludes that current, Pennsylvania ethics rules do not preclude storing client, confidential information at off-site, “cloud computing” vendors. However, the opinion emphasizes the attorney’s duty to reasonably protect the confidentiality of client data (Rule 1.6) that is stored off-site and implies special attention to an attorney’s oversight duty in such situations.[FN2] The opinion also summarizes common sense precautions such as data backups, assuring access to the remote data, security plans, encryption, etc.

While only an advisory opinion by a single member (non-binding), the opinion provides some initial guidance to Pennsylvania attorneys struggling with the ethical implications of deploying
“cloud services.”

Update & Resources for Pennsylvania Lawyers on Cloud Computing

If you are interested in cloud computing for Pennsylvania lawyers, see also:


Check back frequently for additional articles on this and similar emerging issues.

Footnotes

FN1—Inquiry 2010-60 (January 10, 2011).
FN2—The advisory opinions cites Rule 5.1. While this rule may certainly apply, Rule 5.3 (Responsibilities Regarding Nonlawyer Assistants) may also be relevant (although not specifically cited by the opinion). [Clarification: 27 March 2011—The opinion states Rules 1.6 and 5.1, among others, may apply.]

Original Publication: 22 March 2011
Updated: 27 March 2011