SAFEGUARDING CONFIDENCES AND AVOIDING MALPRACTICE LIABILITY

Unlike other jurisdictions, California has always had a heightened protection for attorney-client communications.

In addition to the evidentiary privilege set forth in California Evidence Code sections 952 et seq., California Business & Profession Code section 6068(e), also imposes a separate duty to preserve client secrets "at every peril" to the attorney. Additionally, the California Rules of Professional Conduct, Rule 1.6 makes it a disciplinary offense for a lawyer to willfully fail to preserve a client's confidences and privileged communications. Notwithstanding these unequivocal duties placed upon California lawyers, there are limitations on a lawyer's ability to refuse to identify a current or former client. These limitations create a serious dilemma when the client instructs the lawyer to refuse to identify the client to another party or to a governmental agency: should the lawyer unilaterally comply with the request to identify the client, or face potential civil liability and a potential State Bar complaint for revealing the information over the client's objection?

The issue of safeguarding client confidences was vigorously debated when the 2002 Sarbanes-Oxley (SOX) federal legislation was adopted in an effort to control corporate concealment of unlawful activity. SOX regulations require a lawyer for an organizational entity to report material evidence of illegal activity "up and out" of the organization when a reasonably prudent lawyer would conclude that the lawyer has personal knowledge that the organization or a constituent of the organization is engaged in a material violation of law. California lawyers posited that the disclosure of a client's past unlawful acts, when communicated to the lawyer during the relationship, would constitute a direct violation of the attorney-client privilege and the statutory duty to preserve client secrets. California lawyers faced a dilemma whether to violate duties to report under SOX and thereby violate confidentiality duties under California law, thereby breaching duties to the client. This dilemma was only partially resolved by the SEC's adoption of regulations in 2003 that permitted a lawyer to withdraw from representation in the event the corporate client refuses to comply with the SOX reporting and disclosure requirements.

Notwithstanding the SEC's implicit acknowledgement in post-SOX regulations that a lawyer must be provided the safe harbor option of withdrawal from representation, the SEC has recently renewed incursion into the area of privileged attorney-client information. Currently, the SEC is demanding that a law firm disclose the identities of nearly 300 of its clients, which the SEC is investigating in connection with cyber-attacks on the clients' computer database(s). The SEC claims it needs the client names to investigate whether the hackers engaged in illicit trading using "material non-public information." Reportedly, the SEC intends to use the information to determine whether any publicly traded companies failed to disclose "material cybersecurity events" in violation of federal securities laws. The law firm is refusing to disclose the clients' identities, asserting that to do so would be a clear violation of ethics, and will harm the clients' interests.

Some jurisdictions have long held that there is no attorney-client privilege as to client identity, e.g. In re Grand Jury, 680 F.2d 1026, 1027 (1982); Hays v. Wood 25 Cal.3d 772, 785 (1979). ("It is well established that the attorney-client privilege, designed to protect communications between them, does not ordinarily protect the client's identity"). A limited exception to this rule has been recognized in some cases where the identity of a client implicates that client in unlawful activities and might expose the client to criminal or civil liability. (See Ex parte McDonough, 170 Cal. 230, 236-237 (1915); Baird v. Koerner, 279 F.2d 623, 630 (1960); In re Grand Jury Proceedings, 517 F.2d 666, 670-671 (1975).

In other jurisdictions, it has been held that the duty of confidentiality is broad enough to prevent disclosure of the identity of a client who is a potential source of information about a crime. See, e.g., People v. Sullivan, 271 Cal. App. 2d 531, 545-546 (1969); (attorney who testified at robbery trial about guns that he obtained using a claim check received from a client need not provide client's name); In re Stolar, 397 F. Supp. 520 (SDNY 1975) (grand jury subpoena quashed for address and telephone numbers of client who IRS believed had information about location of person charged with violating the law); In re Kozlov, 398 A.2d 882 (NJ Sup. Ct. 1979) (attorney not required to reveal name of client who revealed juror misconduct in confidence). Some ethics opinions provide that disclosure may not be made of information embarrassing to client: ABA Informal Opinions 1287 (1974) (client's identifying information are 'secrets' within the meaning of DR 4-101 because revelation may embarrass the client) and Opinion 1186 (1971) (disclosure of clients' names for research study not permitted if disclosure likely to embarrass or harm clients or if client requests identity be kept confidential).

The issue of the scope of attorney client privilege was in the forefront of United States Supreme Court review in In Re: Grand Jury, addressing the appropriate standard for application of the attorney-client privilege to communications with mixed legal and non-legal purposes. However, SCOTUS suddenly dismissed the appeal after full briefing and after oral argument, on the ground that appeal had been "improvidently granted." The dismissal of the appeal leaves in place the ruling of the 9th circuit Court of Appeals, that the privilege rests on whether the "primary purpose" of the communication was for a legal purpose; other communications, such as "normal tax return preparation assistance" would not be primarily for legal advice. Many lawyers are disappointed that SCOTUS did not resolve the issue consistent with the D.C. Circuit's competing "significant purpose" test, which is more expansive and protects a wider scope of attorney-client communications.

The takeaway for California lawyers is: beware of requests to reveal client identity and other information communicated in the course of an attorney-client relationship. The parameters of the duty of confidentiality are nuanced and revealing client secrets may result in civil liability or even disciplinary action.

Ellen A. Pansky is the founder of Pansky Markle Attorneys at Law.