The Ethics of Working Remotely
March 24, 2021 by Lincoln Derr
While remote work has been a constant for many over the past year, various restrictions, deadlines, and guidelines have been ever-changing. Has your remote work practice kept up, or are you just trying to keep your head above water? Our ethics obligations follow us wherever we are, so it’s important that you’re set up for success whether you’re at home, in the office, or on the go. Further, on March 10, 2021, the American Bar Association’s Standing Committee on Ethics and Professional Responsibility released Formal Opinion 498 titled “Virtual Practice,” which provides additional guidance on the use of technology when practicing outside of the office.
Confidentiality in Shared Workspaces
No matter how long you have been working from home at this point, the landscape of your home may have changed, and unless you live alone or have a private home office, maintaining client confidentiality may be an obstacle while working remotely. Even if you have an office at home, your kitchen may now double as a classroom with many children still participating in remote learning.
The chaos of a shared home workspace is often unavoidable, but extra security steps need to be considered. Physical files should be kept in a private space to ensure they are safe from prying eyes (or spilled milk). Electronic devices should be set to automatically lock after a period of inactivity or completely remove devices from a common work area when you leave the room. Your traditional law firm office is likely designed with spaces to discuss confidential information, and if you’re out of the office, you should aim to create a similar space.
A Room to Zoom
When you inevitably have to take a call or participate in a virtual meeting, do find a space where your conversations won’t be overheard. Whether in your home office or office home, Zoom calls are an easy way to unknowingly breach confidentiality ethics. Make sure you understand how to change your Zoom settings to ensure secure video calls. Start by reading “5 Ways to Avoid Doom with Zoom” by Lincoln Derr Director of Technology, Scott Addison.
If you have personal assistant devices like Alexa and Echo in your home, turn them off while working or move them to another room. These devices have varying policies surrounding the length of time recordings are kept and how they may be activated, so the safest route is to keep them out of your workspace.
In 2019, it was revealed that Amazon employs people around the world to listen to the voice recordings captured by their devices in order to improve the Alexa digital assistant. Your clients might be comfortable sharing information with you, but does that comfort extend to an Amazon employee? I’d venture to guess, no.
Treat these devices like another person in the room. If it can listen and doesn’t bark, move it out of the room. Be mindful of any mobile apps you’ve given microphone access to and check your settings as confidential business or client information is discussed.
Cybersecurity – Are you Home Alone?
Maintaining cybersecurity is vital, especially if you’re sharing a computer. Make sure you’re taking advantage of two-step verification when available, and you’re using unique passwords or passphrases.
Check the security of your home WiFi network as your home network might have weaker protocols than the network at your office. The four walls of your home are no obstacle for WiFi bandits, especially if you live in an apartment building.
Be mindful of suspicious phishing emails asking you to log in unexpectedly or take action within 24 hours to prevent account lock-out. An email purportedly sent from your IT department might not actually be from your IT department. Ask yourself:
- Was I expecting this email?
- Do I recognize the sender?
- Are there typos in the message?
- Is there a deadline for me to take action?
- Am I being asked to input my login credentials or other sensitive information?
Many of these phishing emails contain links that the “phisherman” wants you to click. A quick way to assess one of these emails is to simply hover your mouse over this link. Hovering will prompt the full URL to display, and you can then determine if the message is legitimate.
While at home, treat your business and clients the same way you do at the office. Protect their information, protect their privacy, and keep their trust.