Companies that provide services for accessing federal court dockets were caught off guard last week when a number of federal courts began sending notices to attorneys urging them to exercise caution when using such services. Some vendors said that the caution did not apply to them, while others said they were taking steps to address the concern.
The cautions from the courts related to the possibility of attorneys inadvertently providing vendors or others with access to confidential sealed documents. The courts urged attorneys not to share their CM/ECF (Case Management/Electronic Case Files) credentials with vendors. Attorneys use these credentials to access electronic case files and electronically file case documents.
Sent Nov. 15 and 16, the notices came directly from several federal district and bankruptcy courts. The exact text varied, but the gist was the same. For example, a notice from the U.S. Bankruptcy Court for the Eastern District of Oklahoma said in part:
Attorneys should be cautious when using third-party services and software (e.g., PACER Pro, DocketBird, CourtDrive, RECAP, etc.) to collect and organize case filings in matters in which you are involved. It is recommended that you not use such services and software when accessing restricted documents to avoid inadvertently redistributing those documents. Sharing your PACER account credentials with a third-party service provider or designating that provider as a recipient of a Notice of Electronic Filing or Notice of Docket Activity (NEF/NDA) will give it access to sealed case information and documents in violation of court order. You are urged to use caution in your computer security practices to ensure that sealed documents to which you have access are not disclosed. You should also review the Bar Rules to determine if including a third-party service email address is a violation of confidentiality or other obligations. A third-party service also might resell or republish the case documents and information that they obtain. Fee exempt users should not share the documents they obtain from PACER under the exemption because such exemptions apply only for limited purposes and any transfer of data obtained as a result of a fee exemption is prohibited unless expressly authorized by the court.
A notice from the U.S. District Court for South Carolina said:
Occasionally, attorneys and other case participants utilize third-party services (e.g., PACER Pro, DocketBird, CourtDrive, RECAP, etc.) to collect and organize case filings in matters in which they are involved. The CM/ECF filer (e.g., attorney or case participant) might designate the third-party service as a secondary recipient of NEF/NDAs, or share account credentials with the service provider, to enable the provider to download and manage documents on the filer’s behalf.
CM/ECF filers should be aware of the potential to inadvertently share restricted documents when using third-party services or software.
• CurrentGen Court: Sharing CM/ECF filing credentials and PACER account credentials with a third-party service provider or designating that provider as a secondary recipient of a Notice of Electronic Filing or Notice of Docket Activity (NEF/NDA) will give it access to sealed case information and documents in violation of court order. You are urged to use caution in your computer security practices to ensure that sealed documents to which you have access are not disclosed. Fee exempt users should not share the documents they obtain from PACER under the exemption, unless expressly authorized by the court.
• NextGen Court: Sharing your PACER account credentials with a third-party service provider or designating that provider as a secondary recipient of a Notice of Electronic Filing or Notice of Docket Activity (NEF/NDA) will give it access to sealed case information and documents in violation of court order. You are urged to use caution in your computer security practices to ensure that sealed documents to which you have access are not disclosed. Fee exempt users should not share the documents they obtain from PACER under the exemption, unless expressly authorized by the court.
PLEASE NOTE: The USDC for the District of South Carolina is a CurrentGen Court. The Fourth Circuit Court of Appeals is a NextGen Court.
I have reached out to several vendors of docket services for their comment. Here is what they have said.
Gavin McGrane, CEO of PacerPro, told me that this is not an issue for his company. He said that PacerPro does not store or otherwise maintain access to attorneys’ CM/ECF credentials and that it has no access to documents filed under seal.
PacerPro’s policy, McGrane indicated, is to neither store nor maintain CM/ECF credentials or linked ECF/PACER credentials (CM/ECF NextGen credentials) on its software platform. Rather, PacerPro accounts are tied to a law firm’s generic PACER account, only allowing customers to pay for and download publicly available records from PACER.
“PacerPro wholeheartedly agrees with the courts that attorneys should exercise caution about using third-party services that store their credentials,” said PacerPro CEO Gavin McGrane. “At PacerPro, our policy is to never store or compromise our customers’ CM/ECF credentials.”
[Disclosure: I serve on the PacerPro board of advisors, for which I receive compensation.]
Todd Kennedy, founder and CEO of DocketBird, emailed me this statement:
Thanks for your inquiry regarding DocketBird. Some courts have recently circulated notices regarding the sharing of ECF credentials with third party services like DocketBird.
It’s important to DocketBird that its users are in compliance with court policies. Accordingly, DocketBird will not store ECF credentials for these courts, and sealed filings in these courts will not be accessed by DocketBird. We are working diligently on making this transition, and we expect it to be complete within the next few days.
As always, DocketBird will continue to send notifications to its users when filings, including sealed filings, occur in these courts.
Michael Sander, founder of Docket Alarm, which was acquired last year by Fastcase, said in an email that he is actually happy to see the courts finally weigh in on this.
The courts are right to encourage attorneys to scrutinize how technology providers protect attorney confidential information. That scrutiny is warranted for docket and analytics providers, just as it is for e-mail software, discovery platforms, document management services, and even word processing software.
At Docket Alarm, there is nothing we value more than keeping confidential information secure. Our systems do not access sealed documents, let alone store or share them, all sensitive information is encrypted, and we never store attorney filing passwords.
Having strong security is paramount in legal technology, and attorneys are wise to follow the court’s admonition to not blindly sign up for services, but to ask the right questions while researching providers.
Mike Lissner, executive director of the Free Law Project, which operates the RECAP Project, sent me this statement:
We are truly disappointed to see courts issuing warnings about RECAP and other similar tools like PacerPro and DocketBird. These tools help make PACER/ECF useful. Let’s be frank. Technically speaking, PACER/ECF is a bad system. It needs all the help it can get. The judiciary should welcome these tools and should work with the cadre of organizations like ours that tirelessly work to help fulfill PACER’s original mission: Dissemination of public court documents.
The judiciary has said that organizations scraping content from PACER are by far their most prolific users, but it does very little to support organizations like ours. No API access, no bulk data, no access delegation system so that sharing passwords isn’t necessary. After this many years and after making more than $1.3B in revenue, the most we’ve seen are dire warnings like these, and an email list for developers they created last year after we reported a major security vulnerability in PACER.
If a court has identified problems being caused by these tools, it should tell us and it should work with us to solve those problems. It should not try to shut down these tools. We and these other organizations are allies in the judiciary’s Congressionally mandated task of hosting and sharing legal data. We work every day to do what we can to help gather legal data from PACER/ECF so it can be shared with the public. RECAP, DocketBird, and PacerPro should be emphatically embraced by the judiciary.
In the same notice that the judiciary used to warn about these tools, it also reminds recipients of PACER fee waivers that they “should not share documents they retrieve from PACER with third-party service providers.” But why not? It costs the judiciary zero dollars when fee waiver recipients share legal documents. The judiciary is only legally allowed use PACER/ECF fees to break even, not to turn a profit. If that’s the case, why should the judiciary care about freely-obtained documents being shared with others? Wouldn’t that help them achieve Congress’s goal of public dissemination and transparency?
RECAP has been helping PACER/ECF users and the judiciary for almost ten years. Since the beginning, the judiciary has provided no support, and has been warning people not to use these tools for various reasons. After all this time, we aren’t aware of any real problem that we’ve caused. Neither are we aware of any problems caused by fee waiver recipients. After a certain point, it starts to feel like the judiciary has some other problem with RECAP, these other tools, and fee waiver recipients.
If I hear from additional vendors, I will update this post.