 |
| Ronald Toledano |
To date, a number of law firms (including ours), doctors and government commissions have started to use Zoom, Webex or other videoconference applications for their meetings, consultations and even mediations. Some have gone very smoothly and others … well …not so.
My most recent mediation went extremely well where a mediator with one of Quebec’s commissions used the Zoom webinar and allowed the parties at times to have “breakout rooms” and later reconvene. It was quite seamless and very efficient (especially since we reached a relatively quick settlement).
That said, not all videoconferences are created equally. However, what is common to each application is that they all involve certain risks regarding privacy breaches, phishing attacks and other potential liabilities to the users. Despite these risks, many of us have no alternative and must work within these constraints.
For doctors using the technology for telehealth (if permitted by their medical regulatory authority), a patient’s personal health information must at all times be protected, but there are a number of other issues to be concerned with, not the least of which is to determine whether a videoconference consultation is appropriate and will enable the physician to meet the standard of care. A doctor’s liability grows with each consultation and expands when considering a prescription for a patient.
For lawyers, we must remember that we are also bound by our professional duty to hold in strict confidence all information concerning the business and affairs of our clients in the course of the professional relationship. This duty would naturally extend to the tools we choose to use when communicating with our clients and with others in confidence about our clients.
Presumably, the retainer agreement used with our clients will incorporate an authorization to use electronic communications (via the Internet and cloud-based technologies) and include a limitation of liability clause as to the security features and risks involved. While helpful, this does not necessarily absolve lawyers from taking certain steps to address the potential security risks where it is reasonably possible to do so.
Here are some advance measures and precautions that are recommended when using videoconferences:
1. Make sure you have suitable technology, including proper audiovisual connections and high-speed Internet. Dropped invitees or choppy connections are never pleasant experiences.
2. Review how the videoconference recordings work, data retention clauses from the provider and pay attention to risks involved such as video bombing (where uninvited strangers crash a meeting).
3. Prepare a list of backup phone numbers for each invitee, in case the event communications are interrupted.
4. In your e-mail invitation, include the following:
a. The link to the conference app (such as Zoom, Webex, Microsoft Teams, etc). There are many fake applications around that are actually dangerous malware.
b. A warranty exclusion and limitation of liability clause that includes:
i. Warnings regarding the risk for hacking and “video bombing.”
ii. warnings regarding the risks of intellectual property infringement.
iii. A limitation of liability clause that identifies and limits your liability for other possible risks.
ii. warnings regarding the risks of intellectual property infringement.
iii. A limitation of liability clause that identifies and limits your liability for other possible risks.
c. A recommendation to avoid exhibiting documents and instead send them through secure encrypted e-mail.
d. A notification to participants that they may not record or redistribute anything provided in the videoconference (including when the whiteboarding feature is used).
e. A notification to participants not to specifically show or allow others to view any third-party copyrighted material, trademarks or other proprietary rights without first obtaining the prior written consent of the owner. (However, there can be ways to share copyrighted work without necessarily infringing, including posting insubstantial excerpts or using the fair dealings exception.)
5. Take reasonable steps to protect your video from video bombing, including:
a. Only send out links to already known e-mail addresses.
b. Make sure you are using a reputable videoconference provider.
c. As the administrator of the conference, you should:
i. Take advantage of the “waiting room” feature, if available.
ii. Use strong passwords and avoid sharing meeting links.
iii. Constantly pay attention during the session that no uninvited guest is joining.
iv. Avoid screen sharing unless absolutely necessary, since this risks having others view your confidential e-mails or documents. If you must use screen sharing, make certain e-mail and other applications are closed — including your pop-up e-mail notification! (That’s a sure way to accidentally disclose the identity and possible mandate of a client.)
ii. Use strong passwords and avoid sharing meeting links.
iii. Constantly pay attention during the session that no uninvited guest is joining.
iv. Avoid screen sharing unless absolutely necessary, since this risks having others view your confidential e-mails or documents. If you must use screen sharing, make certain e-mail and other applications are closed — including your pop-up e-mail notification! (That’s a sure way to accidentally disclose the identity and possible mandate of a client.)
Videoconferencing can help boost productivity, save time and reduce expenses. By taking certain reasonable and relatively easily implemented precautions, you can benefit from the technology while avoiding an embarrassing moment that may also involve your potential liability.
Ronald Toledano is a lawyer and trademark agent at Spiegel Sohmer Inc.
Photo Credit / Khosrork ISTOCKPHOTO.COM
Interested in writing for us? To learn more about how you can add your voice to The Lawyer's Daily, contact Analysis Editor Peter Carter at peter.carter@lexisnexis.ca or call 647-776-6740.