ISBA’s Ethics and Practice Guidelines Committee has issued a new ethics opinion,
14-01, clarifying the responsibility attorneys have for safeguarding client
information. The opinion provides guidance in light of Microsoft’s announcement
that it will stop supporting the Windows XP operating system on April 8.
security firms are concerned that hackers may take advantage of the company’s
discontinued support, including security patches, for the 12-year-old operating
system. A survey by the International Legal Technology Association estimates
that 37 percent of law firms still use Windows XP, in part because many of the
software programs they use are not compatible with later versions of the
Windows operating system.
new opinion refers back to Ethics Opinion 11-01. That opinion requires lawyers
to engage in a "due diligence process which assesses the realistic potential
for risk, the damage which could be caused thereby and the estimated cost of
14-01 points out that the security status change for the Microsoft XP operating
system "highlights the fact that the duty of due diligence in assessing system
security is an ongoing one; programs and procedures which were secure two years
ago may not be secure now,” and places the responsibility for needed changes in
the hands of individual law firms.
the complete opinion.