Attorney–client privilege is the very premise which grants the special and strong character to the relationship between an attorney and his client. In essence it casts a positive obligation upon the attorney to ensure that all communication between the client and the attorney shall not be revealed to any other person. The concept has been sanctified in some way or the other by jurisdictions across the globe1. The issue gains immense importance once again in light of newer technological changes which are bringing about a gradual shift in the traditional ways of the legal industry. The paper analyses this issue from an objective point of view to understand it’s implications with respect to outsourcing.
Legal outsourcing has been around for over half a decade now and one issue that has forever retained attention and constantly been a source of apprehension amongst attorneys/firms willing to outsource is the treatment of attorney–client privilege and whether or not outsourcing amounts to a breach which may leave them legally vulnerable to suits.
On a closer look this apprehension might appear to be an obvious offshoot of the wider issue pertaining to data-protection. Clients have forever maintained the sacrosanct nature and requirements for data protection as a mandatory pre-requisite for outsourcing. Legal process, however takes this issue to the next level, owing to the very fundamental reason that jurisdictions cast a duty upon the attorneys to protect all communication provided to them by the clients.
The concern amongst attorneys and firms is founded on the simple premise – whether the duty to confidentiality can be effectively enforced upon the outsourcing vendor with the same vigor as they abide by. Clients also face the same dilemma, as to whether or not the outsourcing vendor be as careful and protective of his confidential information as the firm/attorney, especially in the absence of a legal necessity for them to uphold this duty.
While the issues are well founded, they have more or less been lent redundant as all LPO vendors have stuck with the highest levels of confidentiality even in the absence of a specific law.
It is also pertinent to note here that some of the committees formed in the United States at the highest levels confirmed to this stand and gave a regulatory green light on the matter, much to the relief of firms/attorneys looking to gain the cost advantage.
The case of United States of America
In the United States, laws governing client confidentiality are subject to the State jurisdiction and different States have differing approaches, yet none of these State laws perceive outsourcing as a threat to client confidentiality.
To this date there have been six Bar Association Ethics Committees along with such heavy weight opinions as that of the the Supreme Court of Ohio Board of Commissioners on Grievances and Discipline and the American Bar Association Standing Committee on Ethics and Professional Responsibility.
While all these committees discussed the issue from one point or the other, all were unanimous on one conclusion. All of the Opinions have concluded that a lawyer in the U.S. can outsource legal work without defeating his or her ethical obligations. However, one report that outshines most others is the opinion from the American Bar Association as released in August 2008. Almost all the reports have had a reconciliatory tone and clearly understand the operational efficiencies that can be achieved through outsourcing.
The simple and the most straightforward way out of this legal ambiguity is by allowing law firms to extend the client confidentiality to the vendors, effectively making them one with the firm/attorney’s practice. This is akin to the lawyer dictating notes to his secretary or a partner instructing his juniors. In all these cases there is an implicit extension of the doctrine and such is the case with LPOs also. This is also the case when LPOs are hired by attorney/firm for providing specific services.
Thus, the principle doctrine that applies to the US Law Firms also applies, in extension, to their vendors overseas. This is made possible in application by authorizing and enabling secure internet connections and having stringent security measures in place. Some of the security measures taken to protect attorney-client privilege issues include:
- Controlled access of data by password protection
- Implementation of firewalls and encryptions
- Use of Virtual Private Networks
Another important point to note here is the effectiveness of the Service Level Agreements. By incorporating a duty to uphold confidentiality in the applicable service level agreements with the vendors, attorneys/firms can effectively ensure that data protection and confidentiality measures are adhered to.
One of the concerns, as expressed by many vendors is the apparent lack of Indian laws related to data protection.
The Indian position
In India, professional communications between attorneys and clients are protected as ‘privileged communications’ under the Indian Evidence Act, 1972 (the "Evidence Act").2
The Evidence Act provides that no attorney shall be permitted to:
- disclose any communication made to him in the course of or for the purpose of his employment as such attorney, by or on behalf of his client;
- state the contents or condition of any document with which he has become acquainted in the course of and for the purpose of his professional employment; or
- disclose any advice given by him to his client in the course and for the purpose of such employment.
This attorney-client privilege continues even after the employment has ceased. However, there are certain limitations to the aforesaid privilege and the law does not protect the following from disclosure:
- disclosures made with the client’s express consent;
- any such communication made in furtherance of any illegal purpose; or
- any fact observed by any attorney in the course of his employment, showing that any crime or fraud has been committed since the commencement of his employment. It is immaterial whether the attention of the attorney was or was not directed to such fact by or on behalf of his client.
While India has an expressly laid out provision related to attorney client privilege, it cannot be adopted for the purposes of legal outsourcing, as it restricts itself to the communication between an Indian – lawyer and clients. Additionally, this is inadequate in so far as it does not create an obligation on the LPO vendors.
Therefore, the best and the most effective way remains ensuring confidentiality provisions through the SLAs. Indian vendors have stood the test of time in so far as data protection measures are concerned and the industry players have collectively and resolutely delivered in this direction. There also seems to be no reason why in future the regulators/legislators should change their policy stand, unless moved by protectionist measures – which would come at a definite price in terms of efficiency.
[1] The policy underlying this privilege is that of encouraging open and honest communication between clients and attorneys, which is thought to promote obedience to law and reduce the chance of illegal behavior, whether intentional or inadvertent. As such, the attorney-client privilege is considered as one of the strongest privileges available under law.http://en.wikipedia.org/wiki/Attorney-client_privilege [2] https://www.lexmundi.com/.../AttyClient/...Client.../At_Client_INDIA.pdf
Attorney Client Privilege occupies the top most spot in any legal process and specially document review and there is absolutely and I reaffirm absolutely no scope of error in it.
ReplyDeleteI believe special trainings with extra emphasis on this aspect would prove to be quite useful.