The Legal Professional: English solicitors told to face up to Facebook, etc.

When Miss H posted a note to her Facebook page recently, new default settings told everyone that she had uploaded it from her mobile and gave her location and the time she was there.

That, says the Law Society of England and Wales (not citing that specific example) is one way in which social media could cause a breach of the principles of Client Confidentiality.

Actually, it's not quite what the LawSoc says: it focusses on actual posting of information saying "For example: If you comment on Twitter that you are in a certain location at a certain time, you may unintentionally disclose that you are working with a client and breach outcome (4.1) in chapter 4 on Confidentiality and disclosure 'you must keep the affairs of clients confidential unless disclosure is required or permitted by law or the client consents.'

It's taken the legal profession some years to come to terms with Web 2.0 and although it's not groping around in the dark, there is still a somewhat superficial grasp of just how invasive some social media sites are. But LawSoc and other professional bodies cannot be blamed for that: even seasoned users find that each new release (including those that appear without a large announcement) of social media sites brings new privacy challenges.

The Practice Note tries to follow, broadly, the existing rules on advertising and PR, rules that are routinely broken by even the largest firms. It says "For example: You may be engaged in a general discussion about access to justice issues and, while posting a comment about your previous experiences, disclose information about a previous case you have worked on, thus breaching client confidentiality." The general marketing rules say that a solicitor may not refer to his success rate but as cases are increasingly fought out in the media, and as getting new clients is as much a matter of a web / media presence as anything else, it is commonplace to see names of clients and details of cases or deals issued by firms who argue that a tombstone announcement (Firm X acted for Client Y) are matters of record not of marketing. It's difficult to see that as incorrect, particularly as documents filed in government offices such as courts, the land registry and even Stock Exchange records are public.

The Note says that default settings for privacy at, in particular, Facebook and Twitter, allow widespread readership, beyond contacts and "you as the user are responsible for actively adjusting the privacy settings of your account."

The Note is aimed at solicitors but it is a very good guide for all those in any business who need an overview of the risks that the use of social media sites - by the company or its employees - causes. Many businesses have found that an employee, posting in a personal account, has given details of confidential information. The CEO of a major public company (which we will not name here) seems unable not to give market sensitive information via Twitter, even while he is sitting in meetings. A junior sales person in another organisation told her "Friends" about a man who had been horrible when she made a cold call - complete with his name and company details.

The Note also warns about the inadvertent release of information intended to be sent to one person but actually sent to many. That's been a common problem with e-mail and there have been several cases of e.g. politicians releasing information they would have preferred to have kept private amongst "friends."

The Practice Note can be found, in full, at http://www.lawsociety.org.uk/productsandservices/practicenotes/socialmedia/5049.article