Intra-office emails create professional liability risks for law firms and other organizations that deploy ethical screens. For those unfamiliar with the concept, an ethical screen (also known as an "ethical wall" or a "cone of silence") is set up by a firm to block one or more of their lawyers from receiving information about an engagement of the firm in which they have a conflict of interest.
A breach of an ethical screen can put a client's confidential information at risk. In Spur Products Corporation v. Stoel Rives LLP (153 P.3d 1158 (2007)), Portland, Oregon-based law firm Stoel Rives found itself in trouble when a confidential memorandum about a client was sent by email to a screened-off lawyer. The lawyer had previously represented the affiliate of another company adverse to the client. It’s easy to imagine how the mistake had been made: the lawyer had been screened off because of his role as counsel for the affiliate, but the email was sent to him in his capacity as a member of the firm’s Professional Response Practice Group. In fact, it hadn’t even been sent to the lawyer individually but to a distribution group that included him. Without safeguards for alerting lawyers to potential risks, even the most conscientious lawyers can easily make such mistakes.
ReplyToSome can help firms maintain ethical screens through our custom Intruder Alert feature. Intruder Alert color codes email addresses according to their status as “insiders” or “outsiders”. By default, all members of a firm deploying ReplyToSome are considered “insiders”. However, you can use the custom settings to make exceptions to this rule. Here’s how:
Step 1: Open the Intruder Alert Settings dialog box from the ReplyToSome ribbon.
Step 2: Change the settings from “Default” to “Custom”.
Step 3: Add the domain of your organization in the “Insiders” column.
Step 4: Add the addresses of any screened-off individuals to the “Outsiders” column.
Similarly, you can screen off a particular member of a distribution list that you have previously saved. Follow the steps above, and for Step 3 enter the name of the distribution list rather than the domain of your organization.