Britain’s Information Commissioner’s Office has sounded the alarm for attorneys to keep personal information security following multiple data breaches involving client information.
The ICO in England can sanction a firm with up to a half-million pound fine for breaches of the Datta Protection Act if substantial damage — or distress — was caused. Often the penalties are levied on companies and public agencies, but lawyers are usually classed as data controllers and already legally responsible for any personal information they process for clients.
The ICO is reporting that fifteen incidents of data breaches have been reported. Each mishap involved client data used by attorneys. Lawyers’ habits of carrying around vast amounts of information in folders, files and laptops such as when taking them to and from court increase the risk of a severe data breach.
Christopher Graham, the nation’s Information Commissioner, said: “The number of breaches may not seem high, but given the sensitive data they handle, that number is troubling.”
Following the September 2017 Equifax data breach in America, many are wondering if identities and personal data are secure. While not a new issue there appears to be further data breaches each week with every occurrence being worse than the previous.
Making matters worse in the U.S. are the antiquated privacy laws — many remain unchanged since before the 1980s. The increased prevalence of ‘smart devices’ and technology advance complicate the situation even more. Each day more users are using more devices using software with lengthy user agreements — which no one reads — which deprive users of traditional property rights and privacy.
As Joshua A. T. Fairfield answers in his book, “Owned Property: Privacy and the New Digital Serfdom,” rapid technological advancements have a drastic and deleterious effect on privacy rights.
Fairfield suggests the solution to the digital privacy dilemma is to extend traditional property rights and precautions to the digital world. Consumers and clients will be protected, and the concept of privacy simplified — physical or digital.
Nicholas Wooldridge, a noted Las Vegas attorney studying digital privacy believes that eventually the laws corroding privacy interests will fall and the Stored Communications Act, which allows snooping on email will be abandoned and rewritten.
Las Vegas is taking the lead in standing up for digital privacy. “Sin City” recently hosted the Electronic Frontier Foundation which included numerous talks and presentations surrounding encryption controls, mass surveillance and related topics.
EFF lawyers guided participants through the murky waters of how to protect client privacy and hosted multiple on site discussion forums.
While there is not a ‘one-size-fits-all’ solution to protecting digital privacy, common sense still needs to be exercised.
“There are just some documents which should never be stored on an Internet-connected device,” says Wooldridge. “Until — and unless — encryption improves, there will be the chance for more data breaches.”