Attorney ethics question - if a software application or third-party tool (like Clio or Outlook) changes its terms of use so you are allowing it to collect information from your calendar, email, files, etc. for AI training data, have you waived the attorney-client privilege if that data gets hacked and those files, emails, etc. that were supposed to be confidential are now out there in the wild? Or if the government subpoenas that data as part of an investigation?

#law #ethics

@gulovsen I don't know about the law side, but from a technical side, you absolutely should not be sending/receiving sensitive information via email if you can help it. Even in the best of circumstances, it's not a secure method of communication.

@LouisIngenthron @gulovsen these days email is not that bad: bulk of email is either inside one provider (say gmail to gmail) or between 2 large providers (e.g. gmail to outlook hosted by microsoft) using encrypted SMTP or similar over 1 hop. so the security is in practice pretty close to more formally "secure by default" systems. accidental leakage of anything cloud, or even anything local visible to a prying app, seems a more pressing concern.

Follow

@pepita Yeah, but there are still a fair number of people using local mail clients with insecure SMTP over insecure public networks, especially on mobile hardware. This is especially true for employees of small businesses who want their own domain name, but outsource the mail hosting to a cheap unreliable company to save money.

It's certainly not the most common attack vector anymore, but for sensitive legal and medical information, I'd still lean towards something like a secure document portal.

Sign in to participate in the conversation
CleverLibre Social

CleverLibre Social is an inclusive social instance for open discussion, learning, and community.
All cultures welcome.
Hate speech and harassment strictly forbidden.