MARYLAND STATE BAR ASSOCIATION, INC.
COMMITTEE ON ETHICS
DOCKET NO. 2021-06
Can a Maryland Entity providing legal and non-legal services include in a central primary database basic contact and demographic information of all Maryland Entity clients?
Is a personal meeting with the current or former legal client of the Maryland Entity required for the Maryland Entity to obtain informed consent to include basic contact and demographic information of the client in a central primary database along with non-legal clients of the Maryland Entity, and to offer the legal client non-legal services?
You are General Counsel to a Maryland non-profit (Maryland Entity) approved by the Maryland Legal Services Corporation to provide legal services to people of limited means and have requested a written opinion concerning the propriety of including in a central primary database the contact and demographic information of Maryland Entity clients who receive legal services, along with those Maryland Entity clients who receive non legal services, where the Maryland Entity employees, including non-attorneys, have access to the database. The Committee on Ethics of the Maryland State Bar Association considered and approved the following as our written opinion on the matter you raised.
STATEMENT OF FACTS
Maryland Entity is a nonprofit organization incorporated in Maryland with a non-attorney CEO and a Board of Directors which includes attorneys and non-attorneys. Maryland Entity is an approved legal services provider by the Maryland Legal Services Corporation under Md. Code Ann Human Resources Article Title 11 and has multiple units which serve the public interest, including a legal services unit, which employs Maryland barred attorneys and non-attorney staff to represent low-income residents in the areas of immigration, family law, and domestic violence orders of protection. Maryland Entity also operates non-legal units which serve the public interest, including, but not limited to, providing housing assistance, social services, food distribution and assisting clients in obtaining access to various community resources and opportunities.
When a person becomes a Maryland Entity client, they are advised that they are a client of the Maryland Entity. The client is transferred to the appropriate unit within the organization based on their individualized needs. For those clients requiring legal services (“legal clients”), they are transferred to the legal unit of Maryland Entity.
Historically, legal clients’ contact information has been kept separately from the other Maryland Entity clients. Maryland Entity has found this to be burdensome and inconsistent with the Maryland Entity’s mission of offering holistic integrated services. Therefore, Maryland Entity intends to transition to one primary database for intake of all Maryland Entity clients, while legal staff will continue to use the Maryland Entity’s legal software for legal services only. The primary database will be confidential, for internal use by Maryland Entity staff only, and will have only basic contact, and demographic information for each client.
Maryland Entity will seek the consent of new legal clients to share their name and contact information so that Maryland Entity through its other units can contact them directly to provide them with general information about Maryland Entity programs and services relating to the client’s identified need and will only contact the client for this reason upon obtaining consent. Maryland Entity intends to obtain the consent of former and current clients to share this same information, as well.
QUESTIONS PRESENTED
Can Maryland Entity contact former clients who obtained legal services from Maryland Entity using a form email to ask for and receive their informed consent, or must their Maryland Entity attorney representative call or meet with them to get their consent?
Can Maryland Entity contact current clients who obtained legal services from Maryland Entity using a form email to ask for and receive their informed consent, or must their Maryland Entity attorney representative call or meet with them to get their consent?
If the central client database is secure and only Maryland Entity employees, attorneys and non-attorneys who are bound by confidentiality as employees of Maryland Entity access the database, is there any reason names, contact information, and basic demographic information of all Maryland Entity clients cannot be kept on the primary database?
BRIEF CONCLUSION
Yes. MRPC do not preclude Maryland Entity from obtaining consent from former clients via a form email communication.
Yes. MRPC do not preclude Maryland Entity from obtaining consent from current clients via a form email communication.
Maybe, as it is unclear whether legal clients are advised that their status as “Maryland Entity clients” means their confidential information is available to non-legal persons and units that may not be bound by the Maryland Rules of Professional Conduct Confidentiality requirements, though they may be bound by the Maryland Entity’s Confidentiality Requirements. However, this ethical concern is adequately addressed when the client provides informed consent.
ANALYSIS/DISCUSSION:
The facts as presented by the requestor show that clients of the Maryland Entity are transferred to appropriate units within Maryland Entity based on their individual needs, including the legal services unit. Maryland Entity plans to advise its clients at intake that their names, contact information, and basic demographic information will be kept in a primary database to which Maryland Entity administrative and social services staff have access and they will be provided with sufficient information to give their informed consent.
Analysis of this issue concerns a review and consideration of Maryland Rules of Professional Conduct (“MRPC”), Rule 19-301.6 (Confidentiality of Information, 1.6) (hereinafter, “Rule 1.6”) and Rule 301.8 (CONFLICT OF INTEREST; CURRENT CLIENTS; SPECIFIC RULES (1.8). Rule 1.6 provides in part:
(a) An attorney shall not reveal information relating to representation of a client unless the client gives informed consent, the disclosure is impliedly authorized in order to carry out the representation, or the disclosure is permitted by section (b) of this Rule.
MRPC 19-301.0 (f) (Rule 1.0) defines “informed consent” as follows:
(f) “Informed consent” denotes the agreement by a person to a proposed course of conduct after the attorney has communicated adequate information and explanation about the material risks of and reasonably available alternatives to the proposed course of conduct.
Rule 1.8 provides in part:
(f) An attorney shall not accept compensation for representing a client from one other than the client unless:
(1) the client gives informed consent;
(2) there is no interference with the attorney's independence of professional judgment or with the client-attorney relationship; and
(3) information relating to representation of a client is protected as required by Rule 19-301.6 (1.6).
Rule 1.8 includes comments that apply to this inquiry. Specifically Comments 11 and 12 address situations where someone is paying the attorney to represent another:
Person Paying for an Attorney's Services--[11] Attorneys are frequently asked to represent a client under circumstances in which a third person will compensate the attorney, in whole or in part. The third person might be a relative or friend, an indemnitor (such as a liability insurance company) or a co-client (such as a corporation sued along with one or more of its employees). Because third-party payers frequently have interests that differ from those of the client, including interests in minimizing the amount spent on the representation and in learning how the representation is progressing, attorneys are prohibited from accepting or continuing such representations unless the attorney determines that there will be no interference with the attorney's independent professional judgment and there is informed consent from the client. See also Rule 19-305.4 (c) (5.4) (prohibiting interference with a attorney's professional judgment by one who recommends, employs or pays the attorney to render legal services for another).
[12] Sometimes, it will be sufficient for the attorney to obtain the client's informed consent regarding the fact of the payment and the identity of the third-party payer. If, however, the fee arrangement creates a conflict of interest for the attorney, then the attorney must comply with Rule 19-301.7 (1.7). The attorney must also conform to the requirements of Rule 19-301.6 (1.6) concerning confidentiality. Under Rule 19-301.7 (a) (1.7), a conflict of interest exists if there is significant risk that the attorney's representation of the client will be materially limited by the attorney's own interest in the fee arrangement or by the attorney's responsibilities to the third-party payer (for example, when the third-party payer is a co-client). Under Rule 19-301.7 (b) (1.7), the attorney may accept or continue the representation with the informed consent of each affected client, unless the conflict is nonconsentable under that section. Under Rule 19-301.7 (b) (1.7), the informed consent must be confirmed in writing.
The confidentiality rule applies to matters communicated in confidence by the client and any information that relates to the legal representation of the client, regardless of the source. See Comment 3 to Rule 1.6. As discussed more fully below, client contact information is information that is deemed confidential and not subject to disclosure, except as permitted by the Maryland Rules of Professional Conduct, and specifically Rule 1.6.
The ABA Standing Committee on Ethics and Professional Responsibility issued Formal Opinion 480 (March 6, 2018), in which the ABA Committee discussed the duty of confidentiality under Model Rule 1.6 (which is largely mirrored in Maryland’s Rule 1.6) in the context of public social media commentary. Therein, the ABA Committee noted that “[e]ven client identity is protected under Model Rule 1.6.”
As stated in the comments to Rule 1.6, “[a] fundamental principle in the client-attorney relationship is that, in the absence of the client's informed consent, the attorney must not reveal information relating to the representation.” Rule 1.6, comment 2.
Particularly in areas of solicitation, even where beneficial services are being offered to the target, it is imperative that clients can trust that their attorneys are not disclosing their contact information for non-legal purposes or purposes not necessary for the provision of legal services.
In this case, it appears possible that a Maryland Entity client may not fully understand that their contact and demographic information is subject to disclosure to other Maryland Entity units, even though the client seeks only legal help, nor is it clear that the client has given the informed consent required by Rule 1.8. Without adequate information and full disclosure, the client could believe their contact information is taken only to refer them to an attorney or legal unit, and for no other reason. Any ethical dilemma about including the Maryland Entity clients in a central primary database to which non legal persons and units have access and using that database to offer Maryland Entity services is resolved by obtaining the clients’ informed consent, which may be accomplished at the outset of the legal representation. Once the client gives informed consent, the Maryland Entity is free to include the clients in a central primary database and disseminate information to the legal clients about the non-legal services or public benefits that may help the clients.
Two of the requestor’s inquiries concern whether the communication of information to the client prior to the latter giving consent requires a personal communication (in person, virtual, telephonic, person to person, for example), rather than a form communication that is emailed to all clients.
The MRPC do not proscribe consulting with the client or providing information for purposes of ensuring informed consent by way of a form electronic communication. The “information” required for Informed Consent is that which is “adequate information” that includes “an explanation about the material risks of and reasonably available alternatives to the proposed course of conduct.”
The MRPC defines “consultation” as follows:
(c) “Consult” or “consultation” denotes communication of information reasonably sufficient to permit the client to appreciate the significance of the matter in question.
See MRPC 19-301.0 (c). This definition does not limit consultation to person-to-person communications. Additionally, Rule 1.6 does not require that the communication of information for purposes of obtaining informed consent be person-to-person communications, as opposed to a form. Nevertheless, an attorney who relies upon email communications with a client must be reasonably assured that the method and manner of communication achieves compliance with the Rules. ABA Opinion 477R discusses the issue regarding the use of email in communicating with a client (primarily, if not exclusively addressing sending emails to the client) and identifies a number of issues for consideration. In addition to those considerations, the communication you propose creates an additional question. Can the attorney assume that an email response is actually from the client? Usually, at the outset of representation an attorney will discuss methods of communication and gain the client’s informed consent regarding use of a specific form, especially one where identification can be difficult.
So, while email communications to gain informed consent are not prohibited, they may carry some substantial risks.
In offering this opinion, the Committee notes that Maryland law seems to conflict with practice and a legislative fix might be in order. Corporations are prohibited from practicing law in Maryland, Md. Code Ann., Corps. & Assn’s § 5-102(a)(2), unless they do so as Professional Services Corporations. Similarly, those who engage in the practice of law must be licensed to do so or be exempt from licensing by way of an exception. Your inquiry describes Maryland Entity non-licensed employees providing other types of legal advice to the Entity’s clients. One of the exceptions authorizes individuals providing services to clients in rent escrow or eviction cases where they are employed by grantees of or other entity recognized by the Maryland Legal Services Corporation. Md. Code Ann., Business & Occupations § 10-206. By way of another exception, the Maryland Court of Appeals allows attorneys licensed in other states to practice law on behalf of an employer under Rule 19-218(c) provided the employer is a grantee of or recognized by the Maryland Legal Services Corporation and is on a list of such entities provided by the Maryland Legal Services Corporation to the Court of Appeals and that is published on the Court’s website. The Committee notes that the Maryland Entity is listed as a grantee of or is recognized by the Maryland Legal Services Corporation and included on the Court’s website as such and the Committee assumes was accorded a grant or recognized based on the services you have described. Thus, Rule 19-218 seems to imply that the Court of Appeals allows a not-for-profit entity to offer legal services despite not being a Professional Services Corporation. So, on the one hand, the law seems to prohibit Maryland Entity from practicing law, while on the other, it is impliedly allowed to do so under the auspices of a program supported by both the legislature and the courts.
Accordingly, this opinion should not be interpreted to approve of conduct that amounts the unauthorized practice of law, but intends to inform you that, should Maryland Entity be in full compliance with Maryland’s requirements for the practice of law, it may address the issues of confidentiality as we have explained.
CONCLUSION
Based on the facts presented, the Maryland Entity should obtain the informed consent of Maryland Entity clients prior to including the latter’s confidential information on a primary database to which non-legal persons and units have access and should include the information necessary to advise the clients of the action to be taken and explain to the client any material risks of and reasonably available alternatives to the proposed course of conduct.
The MRPC does not proscribe or dictate a particular method of communication to former, current, or prospective clients. As to that element of obtaining informed consent, we can only advise that you must assure yourself that you have your client’s informed consent.
Very truly yours,
MSBA COMMITTEE ON ETHICS
(1) We offer no opinion on how federal courts or other states where Maryland attorneys practice may view this issue.
REFERENCES:
Maryland Rules cited:
Md. Rule 19-301.0.
Md. Rule 19-301.6, and comments thereto.
Md. Rule 19-301.8, and comments thereto.
Md. Rule 19-218.
Maryland Code cited:
Md. Code Ann., Corps. & Assn’s § 5-102.
Md. Code Ann., Business & Occupations § 10-206.
Other authority cited:
ABA Formal Opinion 480 (2018).
MODEL RULES OF PROF’L CONDUCT R. 7.2 cmt. [2] (2017).
N.Y. Rules of Prof’l Conduct R. 7.1 (2021).
Wis. Op. EF-17-02 (2017).
Cal. Formal Op. 2011-182 (2011).
State Bar of Nev. Comm’n on Ethics and Prof’l Responsibility Formal Op. 41(2009).
State Bar of Ariz. Comm. on the Rules of Prof’l Conduct Op. 92-04 (1992).
LA County Bar Ass’n Prof’l Responsibility & Ethics Comm’n Op. 456 (1989).