Only a third of lawyers use encryption when sending confidential or privileged documents to their clients. Instead, the great majority of lawyers rely on a confidentiality statement in the message body to protect the email’s privacy.
According to the 2015 edition of the annual Legal Technology Survey Report, compiled by the American Bar Association’s Legal Technology Resource Center. only 35% of lawyers use email encryption. That percentage has remained virtually unchanged over the last four years of the survey, even as understanding of the need for encryption has grown throughout the professional and business worlds.
When the survey asked lawyers what security precautions they use when sending confidential or privileged communications to clients via email, the answer given by 71% of lawyers was that they rely on the confidentiality statement in the message body.
I simply do not understand the logic of this. If the confidentiality statement is inside the email, then by the time anyone sees it, they’ve seen the email. It is akin to putting a note inside a box that says, “Do not open this box.”
Other ways lawyers say they protect client email include:
- A confidentiality statement in the subject line.
- Requiring clients to provide written or oral consent.
- Password protecting documents.
- Using registered email.
It gets worse. Of the lawyers who say they use encryption, fully a third cannot say what kind of encryption they use. Those who could say what type of encryption they use most commonly identified it as a general purpose software with encryption features that required the recipient to be sent a separate password.
Lawyers in larger firms are most likely to use email encryption. More than half of lawyers in firms of 500 or more and 41% of lawyers in firms of 100-499 use it. Among solos, only 24% encrypt their emails.