In November 2005, The Law Society published a document entitled
Email guidelines for solicitors. (You can download the original document
here, or download our copy from
here.)
When we designed Topaz Filer, we specifically wanted to make it work for law firms. It stands to reason then that our product should adhere to the guidelines laid down by The Law Society. But as well as that, as we had much additional experience in other industries we wanted to bring together ideas from the legal professional with ideas from other professional service firms.
This document takes readers through the guidelines from The Law Society (hereafter simply “guidelines”) together with things that we feel could be improved.
General Purpose of the Guidelines
For us, email management is all about the process of ensuring that the records a firm keeps against a matter are complete. The guidelines cover a range of different topics around email management but the general purpose of them appears to be creating a general purpose "acceptable use policy" document that one might use from an HR perspective. One of the appendixes of the document provides a sample policy that can be used.
As our bailiwick in terms of thesolution we offer with Topaz Filer primarily relates to record keeping, in the remainder of this document we discuss email management aspects related to record keeping and aspects not related to record keeping separately.
Sections Not Related to Record Keeping
Section 1 of the guidelines discusses context – essentially that emails are commonly used for email communication. It goes on to say that there are new “vectors” for risks into the firm, e.g. electronic risks such as viruses but also risks in terms of accidental disclosure or problems with compliance.
Section 2 of the guidelines discusses the purpose of the document, i.e. to allow the firm to draw up an email policy.
Section 3 discusses how email should be used, and forms the bulk of the guidelines.
Clauses 3.1 through
3.6 talks about how all solicitors need to be “good solicitors” and discusses how the availability and application of an email policy can help with this goal. In particular the last two clauses talk about monitoring of communications – which is covered in a later section.
Clause 3.7 states that an email is not a letter, but if it looks like a letter requirements pertaining to “professional stationery” apply. Not mentioned in the guidelines is that in the UK all emails sent from a business must state the business’ name and trading address.
Clauses 3.8 through
3.13 go into some detail about confidentiality and privilege with regards to communication. They allude to the fact that email is similar to fax in terms of how it can be easily intercepted, both accidentally and maliciously and offers guidance in terms of what to do if communications are accidentally intercepted.
Clauses 3.14 through
3.16 discusses how correspondence received by email needs to be handled in a timely fashion (i.e. as if it were any other form of correspondence). They helpfully point out that firms may not have a system for dealing with emails received when the recipient is absent (holiday, etc) and that such a system ideally needs to be put into place.
Clauses 3.17 through
3.20 discusses emails in terms of record keeping. These clauses are discussed in the next section.
Section 4 discusses statutory provisions related to email, specifically The Data Protection Act 1988 (DPA) and The Regulation of Investigatory Powers Act 2000 (RIPA). (Because these are statutory, we have nothing specific to offer in this document in relation to this.)
Section 5 discusses best practice.
Clauses 5.1 through
5.3 discuss professional undertakings. Specifically it discusses how it is possible to fake the content and a sender of an email when receiving instructions and how “typing a name into an electronic document… is a form of electronic signature”.
Clause 5.4 points reminds lawyers that copyright-protected materials remain copyright-protected even when transmitted over email.
Clauses 5.5 through
5.8 are quite interesting. The Law Society’s take is that if a lawyer provides services electronically from or within the EU, a particular EU directive with regards to e-commerce applies (Directive 2000/31/EC – The E-Commerce Directive). Therefore there are a number of things that need to be done in order to comply. In clause 5.6 The law Society themselves states that the requirements are “not entirely clear”.
Clauses 5.9 through
5.12 discuss the issue of spam. Clause 5.10 suggests making sure that clients know that spam filters may end up discarding important communications and that as such important communications should be followed up with another method. Whilst in an ideal world no important business communication would get flagged as spam when it was not, this would seem a sensible suggestion. (However we wonder whether a client would ever read such a warning and hence question the practical value.)
Finally,
clause 6.1 contains a concluding paragraph reminding the reader as to what he has just read.
Sections Related to Record Keeping
As discussed above,
clauses 3.17 through
3.19 are the most interesting insofar as building an email filing solution with Topaz Filer are concerned.
Clause 3.17 reads:
Most firms print emails and file a copy in their paper records, although by doing so, evidence contained in the email header is lost. Electronic storage solutions are increasingly becoming available that retain the whole email — and firms should consider actively monitoring the availability of such systems, because greater use of electronic communications will continue to expand by both firms and their clients, and the cost of storing emails on paper will outweigh the cost of storing email correspondence in its native format. Firms tend to use them to back-up paper files and only a few firms are wholly electronic.
We find this a slightly odd statement, because it appears to be talking about two things.
Inside your email system, against each message a considerable amount of data is stored that ordinarily you do not see. An example might be the name of the email server that sent you the email or other routing information. If you print out an email and store it in a paper file, only a very small amount of this information is rendered on the printout. (“Evidence contained in the email header is lost”.)
Electronic storage systems can be configured to grab the entire email, including all of this hidden data that you do not ordinarily see. This means that if it transpires some of that hidden data is actually evidential or otherwise desirable to keep, if you have an electronic copy – great, but if you only have a printout you will have lost this now-understood-to-be-important information. The default operation of Topaz Filer is to communicate with electronic stores of email so that the entire message is stored (“Electronic storage solutions are increasingly becoming available that retain the whole email.”)
The clause goes on to talk about “firms should consider actively monitoring the availability of such systems”. This statement, we think, is an artefact of the fact that what with being published in November 2005 the guidelines document is actually very old. All document management systems can be configured to store a faithful reproduction of the entire email, including the hidden infromation. Even saving emails directly onto a network share (by using the
File - Save As option in Outlook), saves the hidden information providing the correct file type is selected.
Clause 3.18 reads:
Firms should take a pragmatic and risk-based approach to records of emails. That is, significant and substantive emails (including emails that are subject to statutory retention periods) should be stored in a suitably managed electronic storage system or printed and stored, but those that are ephemeral can be left to expire from electronic storage in the ordinary course of events.
Notice there that the guidelines refers to a “managed electronic storage system”. Our reading of this is that this refers to what is more classically know in IT circles as a document management system.
This clause is interesting because it is the only clause in the guidelines that shows what should be stored, but in our opinion is actually not good advice. The reference “significant and substantive emails” we feel is a way of The Law Society accommodating the fact that most filing systems that work with email are very clunky and as a were they to mandate that all email communication should be stored in the matter file most firms would probably complain that the guidance was unworkable because of the level of administrative work would, using ordinary filing solutions, be substantial. (There is a downside in having a lot of information in that it places a demand for you to have good quality tools for mining the store of data, but that is a separate problem.)
The Law Society ends up in a position where lawyers and administrative staff are having to be a judgement as to what goes on file and what does not go on file. This almost certainly cannot be correct by the simple expedient that it would not apply to other classifications of documentation. It would never be appropriate to pick and choose which, for example, copies of deeds made it into a client file because the risk of missing something is important is too high.
It’s not directly our intention to make this document very “sales-y”, but instead to concentrate on what guidance has been provided by The Law Society, but with a product like Topaz Filer, because filing emails is so fast and efficient and does not put a huge burden on administrative staff, using a system like it would mean that you could file all emails without it being a total headache.
Clause 3.19 reads:
Where some correspondence about a matter is stored electronically and the rest is on paper, firms should ensure that none of the material will be overlooked if responsibility for a matter is transferred (perhaps temporarily). Firms should also be confident that they know what information their systems record. If not, an audit may be appropriate.
This clause is clear – if you transfer documentation from A to B, make sure nothing gets lost.
We’re unsure about the last clause with regards to confidence about what information their systems record. It seems spurious – surely any firm would know what information is in the matter files? (But, as The Law Society says, if you have doubts whether you do know, run an audit.)
The final clause in this section, clause 3.20, reads:
In the longer-term, firms should be aware that electronic storage media can become inaccessible for a variety of reasons, including the obsolescence of, or changes to, equipment and software. The National Archive's Digital Preservation Guidance Notes provide advice on specific topics related to the preservation and management of electronic records (www.nationalarchives.gov.uk).
This is actually an extremely good point, although it applies to all electronic records not just email records. The fact is that what feels like a very long time in IT systems is a very short time in other systems, particularly legislative and regulatory frameworks. It is easy for the storage systems you use to become obsolete, or the electronic media used to decay. (This last point is particularly relevant to firms that store archives on optical media, such as CD or DVD.) This is why it is important to be to base IT strategy on open systems - it removes the dependence on a single vendor and increases the chances that your archive will remain accessible.
Security
The last section in the guidelines contains topics related to security. Whilst we stand by what is written here, our view is that the guidelines are now too old having been published in November 2005 for this security guidance to be of any use. It would be wiser to seek more up-to-date advice with regards to email security and use the information in the guidelines relating to security as background information.
Conclusion
Although we designed Topaz Filer specifically for law firms, the reality is that any professional service firm (architects, IT suppliers, anything) have a requirement to properly manage emails coming into the firm and we applaud The Law Society in putting forward a set of guidelines as to how they can be managed.
We are disappointed that the focus of the guidelines is on record keeping, as nearly all organisations of all types that take HR advice will be provided with an acceptable use policy (“AUP”) for email systems that would encompass most of the guidelines offered here. In fact, we would strongly suggest that any law firm using the guidelines looks to have a policy constructed by HR specialists and ask them to consider the guidelines in formulating your policy. Likewise with the security – specialist IT advice should be sought and the guidelines used to inform decisions.
With regards to the record keeping, we do not feel the advice to keep “significant and substantive” goes far enough. To create a definitive store of email communications with all parties involved with client matters all emails should be stored electronically within a DMS. As you know by now, Topaz Filer can go a long way to helping you do that without creating a crippling administrative burden.
