This past week the President of the BC Law Society created a big stir when people reported comments she made to a Cloud Computing Seminar. Apparently she said that BC Lawyers could only use cloud computing if the cloud was located in BC. The President has since backed away from that statement, but does insist that lawyers must comply with the new BC rules and as always, with Canadian Privacy Rules.
We’re an Ontario law firm, so the BC Rules do not directly impact us. However, we’ve always been cautious when dealing with servers and insist that they be Canadian based if we’re using them for client data. We avoid the Cloud for client related matters as currently, we are unaware of any Cloud based storage servers located solely in Canada.
The biggest concern we have is that any USA based server is subject to the ever watching eyes of the USA government due to the Patriot Act.
Imagine, if you’re a tax lawyer in Toronto, consulted by a Canadian individual who has both USA and Canadian Tax issues and you store all your client notes, including financial data, on Dropbox. Dropbox servers are located in the USA. Do you really think that the USA government cyber sleuthing might not pick up on your notes?
Have you just breached lawyer/client confidentiality by storing to a non-Canadian cloud? I’m going to suggest you have.
Our firm considers these issues in all of our technology decisions. We ensure our servers and our backup servers are located in Canada. We do our best to protect our client’s confidentiality and uphold our obligations as lawyers.
Cloud computing is great: it is convenient and yes, however, as lawyers convenience must take a back seat to our obligation for lawyer/client privilege.