I no longer use dropbox in my practice and apparently, I was smart to jettison it. A new report indicates that Dropbox left all user accounts open for several hours this weekend. For lawyers who have sensitive client information, this sort of breach can not only be a hassle, but a serious disaster for their clients. As a friend noted, “It definitely is an interesting question as to whether it is an ethics violation. Lawyers can’t be expected to be tech geniuses, and small practice/individual lawyers can’t be expected to host their own data. But then some precaution would be expected. Hard to see where the line is, and it is probably always moving (I would figure toward more security being required, as technology develops and becomes more accessible).”
This issue is still under debate, and I take the position that lawyers should be expected to keep electronic files as safe as possible, it would be wrong to penalize lawyers for entrusting data to a trusted internet site, which then falls victim to a major privacy/security lapse that the lawyer had no control over. Lawyers should be obligated to make informed choices (just as we are in protecting physical items and information on behalf of clients), but should not be responsible for the lapses of others that were not foreseeable or preventable. Such an outcome would force lawyers to avoid the many benefits available to them and their clients on the internet and in the cloud.