Published 13 April 2020, The Daily Tribune
Most companies and service providers — like law firms — in the country right now are forced to work from home and away from staff and co-workers. In this time of national health emergency brought about by the COVID-19 pandemic, we need to adapt to continue providing services to our clients.
In our law firm, we conduct meetings using online video-conferencing platforms or applications. It is in fact getting to be the new norm. Many of our clients do conduct online meetings, too. Why not? It is easy to set up, lets a number of participants join a meeting for free, and you can even share slides or notes during the meeting. It works perfectly for our purposes. For first-timers, there is glee seeing their faces onscreen with the other participants.
Word of caution, though. Read the privacy policy of the video-conferencing platform or application you will be using. Does it give it the right to do whatever it sees fit with any user’s personal data — including sharing it with Facebook or other advertisers? Otherwise, unknowing users can become easy targets of “targeted advertising.”
Lawyer-client privileged communication is a sacrosanct pillar of the legal profession. This requires that all our meetings involving client’s cases must be confidential and in utmost privacy.
Precautionary measures should therefore be put in place to ensure that the host (the one who organized the meeting and sent out the passwords — usually the IT guy or any other knowledgeable staff) cannot actually record the entire meeting without the knowledge or consent of anyone in the meeting. Please note that the conversations in the entire meeting itself can even be transcribed — and the uninitiated participants can be unaware.
Another feature built-in for some applications is that any participant in the meeting can make a screenshot of the video call (which will capture the faces of those in the meeting) without their knowledge or consent. Also, ask your IT guy, if you do not know how to do it yourself, to install security features to prevent troublemakers to “bomb” open online meetings — now popularly known as “zoombombing” — where hackers just crash into the meeting and join the conversation or worse, disrupt it. Also, there were many instances reported where hackers were able to inject malware into devices running video-con platform applications and virtually enslaved these gadgets (iPads, tablets or cell phones) or laptops and converted them into tools for voyeurism (hackers can then turn on the built-in camera of your device and spy on you without you knowing it). This has not yet happened in any of our meetings and we are committed to keep it that way.
I understand that a couple of telecom companies recently issued an inter-office memo blocking the use of one video conference platform for all of their company devices and meetings. If the application you are using allows for intrusion of your privacy without your consent, or if security features cannot be installed to prevent data privacy breach, shift to more secure platforms.
Another privacy issue that came up is on disclosures of the identity of COVID-19-positive employees. Can the employer disclose to other employees the name of his employee who tested positive for COVID-19 for purposes of contact tracing? Is the employer required to inform the Department of Health if any of his employees tests positive for COVID-19?
The answers to these questions will be in the second part of this article. Meanwhile, Happy Easter.
For comments and questions, please send an email to cabdo@divinalaw.com.