Skip Navigation

 
The Florida Bar
www.floridabar.org
PROFESSIONAL ETHICS OF THE FLORIDA BAR

OPINION 06-2
September 15, 2006

A lawyer who is sending an electronic document should take care to ensure the confidentiality of all information contained in the document, including metadata. A lawyer receiving an electronic document should not try to obtain information from metadata that the lawyer knows or should know is not intended for the receiving lawyer. A lawyer who inadvertently receives information via metadata in an electronic document should notify the sender of the information's receipt. The opinion is not intended to address metadata in the context of discovery documents.

RPC: 4-1.1, 4-1.2, 4-1.4, 4-1.6, 4-4.4(b)
Opinions: 93-3, New York Opinion 749, New York Opinion 782
Case: Williams v. Sprint/United Management Company, 230 F.R.D. 640, 96 Fair Empl.Prac.Cas. (BNA) 1775 (2005)
Misc: David Hricik and Robert B. Jueneman, “The Transmission and Receipt of Invisible Confidential Information,” 15 The Professional Lawyer No. 1, p. 18 (Spring 2004), The Sedona Guidelines: Best Practice Guidelines and Commentary for Managing Information and Records in the Electronic Age, Appendix F (The Sedona Conference Working Group Series, Sept. 2005 Series), Michael Silver, “Microsoft Office metadata: What you don't see can hurt you” Tech Republic Gartner 2001, Brian D. Zall, "Metadata: Hidden Information in Microsoft Work Documents and its Ethical Implications," 33 Colo. Lawyer No.10, p. 53 (Oct. 2004)

The Board of Governors of The Florida Bar has directed the committee to issue an opinion to determine ethical duties when lawyers send and receive electronic documents in the course of representing their clients. These ethical responsibilities are now becoming issues in the practice of law where lawyers may be able to “mine” metadata from electronic documents. Lawyers may also receive electronic documents that reveal metadata without any effort on the part of the receiving attorney. Metadata is information about information and has been defined as “information describing the history, tracking, or management of an electronic document.” The Sedona Guidelines: Best Practice Guidelines and Commentary for Managing Information and Records in the Electronic Age, Appendix F (The Sedona Conference Working Group Series, Sept. 2005 Series), available at http://www.thesedonaconference.org. The Microsoft Word and Microsoft Office online sites also contain detailed information about metadata, showing examples of metadata that may be stored in Microsoft applications and explaining how to remove this information from a final document. Examples of metadata that may be hidden in Microsoft documents include the name of the author, the identification of the computer on which the document was typed, the names of previous document authors and revisions to the document, including prior versions of a final document.

Metadata can contain information about the author of a document, and can show, among other things, the changes made to a document during its drafting, including what was deleted from or added to the final version of the document, as well as comments of the various reviewers of the document. Metadata may thereby reveal confidential and privileged client information that the sender of the document or electronic communication does not wish to be revealed. Further references regarding metadata and eliminating metadata from documents may be found on Microsoft’s user support websites at http://support.microsoft.com/kb/290945 and http://support.microsoft.com/kb/q223790/. See also, Michael Silver, “Microsoft Office metadata: What you don't see can hurt you” Tech Republic Gartner 2001 http://techrepublic.com.com/5100-1035_11-5034376.html. The court’s discussion of metadata in Williams v. Sprint/United Management Company, 230 F.R.D. 640, 96 Fair Empl.Prac.Cas. (BNA) 1775 (2005) is also very helpful.


This opinion does not address metadata in the context of documents that are subject to discovery under applicable rules of court or law. For example, the opinion does not address the role of the lawyer acting as a conduit to produce documents in response to a discovery request.

The Florida Rules of Professional Conduct require lawyers to protect information that relates to the representation of a client. Rule 4-1.6(a) provides as follows:

(a) Consent Required to Reveal Information. A lawyer shall not reveal information relating to representation of a client except as stated in subdivisions (b), (c), and (d), unless the client gives informed consent.

The Comment to Rule 4-1.6 further provides:

A fundamental principle in the client-lawyer relationship is that the lawyer maintain confidentiality of information relating to the representation. The client is thereby encouraged to communicate fully and frankly with the lawyer even as to embarrassing or legally damaging subject matter.

In order to maintain confidentiality under Rule 4-1.6(a), Florida lawyers must take reasonable steps to protect confidential information in all types of documents and information that leave the lawyers’ offices, including electronic documents and electronic communications with other lawyers and third parties.

Rule 4-4.4(b) addresses inadvertent disclosure of information and provides as follows:

A lawyer who receives a document relating to the representation of the lawyer's client and knows or reasonably should know that the document was inadvertently sent shall promptly notify the sender.

The comment to rule 4-4.4 provides additional guidance:

Subdivision (b) recognizes that lawyers sometimes receive documents that were mistakenly sent or produced by opposing parties or their lawyers. If a lawyer knows or reasonably should know that such a document was sent inadvertently, then this rule requires the lawyer to promptly notify the sender in order to permit that person to take protective measures. Whether the lawyer is required to take additional steps, such as returning the original document, is a matter of law beyond the scope of these rules, as is the question of whether the privileged status of a document has been waived. Similarly, this rule does not address the legal duties of a lawyer who receives a document that the lawyer knows or reasonably should know may have been wrongfully obtained by the sending person. For purposes of this rule, "document" includes e-mail or other electronic modes of transmission subject to being read or put into readable form.

Some lawyers may choose to return a document unread, for example, when the lawyer learns before receiving the document that it was inadvertently sent to the wrong address. Where a lawyer is not required by applicable law to do so, the decision to voluntarily return such a document is a matter of professional judgment ordinarily reserved to the lawyer. See rules 4-1.2 and 4-1.4.

The duties of a lawyer when sending an electronic document to another lawyer and when receiving an electronic document from another lawyer are as follows:

(1) It is the sending lawyer’s obligation to take reasonable steps to safeguard the confidentiality of all communications sent by electronic means to other lawyers and third parties and to protect from other lawyers and third parties all confidential information, including information contained in metadata, that may be included in such electronic communications.

(2) It is the recipient lawyer’s concomitant obligation, upon receiving an electronic communication or document from another lawyer, not to try to obtain from metadata information relating to the representation of the sender’s client that the recipient knows or should know is not intended for the recipient. Any such metadata is to be considered by the receiving lawyer as confidential information which the sending lawyer did not intend to transmit. See, Ethics Opinion 93-3 and Rule 4-4.4(b), Florida Rules of Professional Conduct, effective May 22, 2006. The ethical implications of such hidden information in electronic documents have been discussed in legal journals and ethics opinions in other states, The New York Bar Association has issued Opinion 749 (2001), which concluded that attorneys may not ethically use computer software applications to surreptitiously “mine” documents or to trace e-mail. New York Ethics Opinion 782 (2004), further concluded that New York lawyers have a duty to use reasonable care when transmitting documents by e-mail to prevent the disclosure of metadata containing client confidences or secrets. Legal commentators have published articles about ethical issues involving metadata. David Hricik and Robert B. Jueneman, “The Transmission and Receipt of Invisible Confidential Information,” 15 The Professional Lawyer No. 1, p. 18 (Spring 2004). See also, Brian D. Zall, "Metadata: Hidden Information in Microsoft Work Documents and its Ethical Implications," 33 Colo. Lawyer No.10, p. 53 (Oct. 2004).


(3) If the recipient lawyer inadvertently obtains information from metadata that the recipient knows or should know was not intended for the recipient, the lawyer must “promptly notify the sender.” Id.

The foregoing obligations may necessitate a lawyer’s continuing training and education in the use of technology in transmitting and receiving electronic documents in order to protect client information under Rule 4-1.6(a). As set forth in the Comment to Rule 4-1.1, regarding competency:

To maintain the requisite knowledge and skill [for competent representation], a lawyer should engage in continuing study and education.

[Revised: 08-24-2011]