Is Threat of Surveillance New Reality for Law Firms?

, The Am Law Daily

   |1 Comments

For many lawyers who represent foreign governments, the recent revelation that the U.S. National Security Agency's Australian ally has been privy to communications between an American law firm and its international client comes as no surprise.

"Every domestic industry trade lawyer in Washington has had their systems hacked by the government of China," says one Washington, D.C.–based Am Law 200 lawyer. "Those of us who work in this area try to take as much precaution as possible, but we’re all realistic that international communications—and even domestic communications—are simply not secure. … We have to accept that there's international espionage going on."

Washington attorney Bart Fisher, who has represented Sudan since 2011, said he assumes that the United States spies on the African nation and may monitor the country's communications with him. Sudan hired Fisher to get it off the U.S. Department of State's list of state sponsors of terrorism, among other issues, according to U.S. Department of Justice records on agents of foreign entities.

"In this day and age, it would be idiotic not to assume conversations aren't being listened to by the government," he said.

The comments come in response to a New York Times article that reported on the Australian Signals Directorate's monitoring of communications between a U.S. firm and its client, the government of Indonesia, while the firm was assisting the country in trade disputes with the United States. A top-secret document obtained by former NSA contractor Edward Snowden that formed the basis of the story did not name the firm being monitored, but the Times pointed to Mayer Brown as the law firm that represented the Indonesian government at the time.

Australia's spy agency, according to the Times, alerted NSA that the monitoring was underway, saying in the document that "information covered by attorney-client privilege may be included" in the surveillance. After discussions with the NSA's general counsel to seek guidance on the spying, the Australians continued "to cover the talks, providing highly useful intelligence for interested U.S. customers," according to the document.

In a statement, Mayer Brown said, in part, that "there is no indication, either in the media reports or from our internal systems and controls, that the alleged surveillance occurred at the firm. Nor has there been any suggestion that Mayer Brown was in any way the subject of the alleged scrutiny."

Some industry observers say the Times article should not be immediate cause for alarm.

Cybersecurity expert Richard Bejtlich, pointing to a post on security blog LawFare, said a few facts make the Australia agency's actions more palatable, including that the surveillance doesn't appear to have taken place within the U.S.; that the agency targeted Indonesian government officials engaged in trade talks with the U.S., not the law firm itself; and that Australia alerted the NSA that it was monitoring U.S. citizens. "This is an example of the system working," says Bejtlich, who serves as chief security strategist at cybersecurity company FireEye, which works with some large law firms. "It's not this really nefarious thing," he says, adding that unlike allies of the U.S. that follow protocol to omit citizens' information when they can, countries like China and Russia do not give the same courtesies when snooping into American systems.

Still, the Times article has put some lawyers decidedly on edge and has reminded others that even in an age when messages can be transmitted across the world in seconds, precautions need to be taken.

"I honestly was shocked. Absolutely shocked," says Carolyn Lamm, an international dispute resolution partner at White & Case and former American Bar Association president. "I think one of the tenets of our legal system, of course, is lawyer-client privilege and confidentiality. To have someone just eavesdropping is totally inappropriate."

As sibling publication The National Law Journal reports, conservative watchdog group Freedom Watch is using the Times story to bolster a legal challenge to the NSA's surveillance practices. The report, Freedom Watch founder Larry Klayman said in a Monday court filing, helps demonstrate that his attorney-client communications had been subject to government surveillance and that he should have standing to sue over NSA's practices.

Fisher, who represents Sudan, said lawyers providing counsel to foreign governments have to be "very careful and cautious," possibly forgoing telephone and email communications with these clients if they want their conversations to remain private.

"The surest way to avoid surprise is to have face-to-face meetings with the client," he said.

Seconded the D.C. trade attorney: "We've gone back to doing hard copies" of communications, in some instances. "We'll do faxes over emails because it's more secure."

Bejtlich says law firms have become susceptible to international hacking by foreign entities, who are often interested in their clients' intellectual property, because the investment needed to properly secure a system often doesn't make sense in companies with fewer than 10,000 employees.

Many Am Law firms were unwilling to talk Tuesday about the implications of government spying. Requests for comment sent to lawyers at nearly two dozen firms registered with the Justice Department as agents of foreign entities turned up mostly radio silence. At seven of those firms—Akin Gump Strauss Hauer & Feld, Alston & Bird, Covington & Burling, Hogan Lovells, McGuireWoods, Sidley Austin, and Steptoe & Johnson—representatives said lawyers at the firm could not comment.

As a Steptoe spokeswoman put it: "While we do have a large and talented international department, not to mention a terrific cybersecurity practice, we’re declining any comment on this topic."

What's being said

  • not available

    There are three broad parts to surveillance: Overall, Focused, Intrinsic 1.- Overall surveillance is performed to shed light on domestic security; from perspectives of domestic and international sources. 2.- Focused broad business surveillance is to glean information about foreign economic relationships concerning partnership structures of multinational corporations and their theoretical risk outcome projections. 3. Intrinsic surveillance of prime candidate individuals involved in formulating business and legal strategies which will impact the host country conducting the surveillance.Surveillance here may take on a more sinister aspect, which may involve the targeting of key individuals; namely the lawyers that are involved in secret ( simply for competitive advantage) contractual arrangements. The `crossing-the-line`` aspect occurs when telecommunications monitoring isn`t sufficient for the surveillance analysts and personal `tele-bio` feedback control mechanisms are needed to be physically installed in targeted individuals via microchips. The `clandestine`` methodologies for installation and monitoring are too sophisticated to outline here and therefore advise all lawyers who are involved in secret but legal corporate activities to scan themselves with a multi-range micro frequency indicator – especially after visiting a medical clinic for any reason in another country or even in the U.S.A. or Canada. Microchips can be inserted and be almost invisible to the eye, under the skin, scalp, lower back or elsewhere to resemble ie. cartilage, implantable with a syringe . They vary in size and function and all have high tech capability for much greater than simply tracking purposes. Typically the more sophisticated ones resemble human tissue as the layers of silicone microchip circuitry ( chip stacking) enveloped in a protein based substance are hermetically sealed and thus less likely for rejection by the immune system upon insertion. The reality is that it is happening and these control mechanisms do affect the human `bio`` systems including thought processes. They are totally illegal without permission or a court order but the `cover-up `capability` is beyond comprehension to most....for now..Fact : The microchip industry has a vast arsenal-inventory of variable multi-use human implantable microchips and there are insufficient laws to protect the public and specifically from key targeted individuals.Capt. Gary Kassbaum M.M.

Comments are not moderated. To report offensive comments, click here.

Preparing comment abuse report for Article# 1202643519884

Thank you!

This article's comments will be reviewed.