Barristers warned US authorities can access confidential information in cloud storage
BARRISTERS are being warned that confidential client information in 'cloud' storage could be accessed without their permission.
US legislation has the potential to allow its authorities to access information held in the cloud or on external backup services which are stored on computers owned by American companies.
And if such a breach happens, the barristers who have been holding the information could be deemed to have broken UK Data Protection laws.
The England and Wales Bar Council's IT panel flagged up to its members that such information could be accessed even if the data is subject to legal privilege in UK courts.
The Northern Ireland Bar Council has informed its members via social media of this loophole which could jeopardise the confidentiality of legally privileged information.
The issue specifically relates to information which could be - even inadvertently - being held in digital storage services with a US parent company.
Under these circumstances additional encryption would be required to ensure it could not be easily accessed during a trawl or specific request by US authorities.
Microsoft is currently fighting against the American government at the US Supreme Court over demands it hand over emails stored in its data centre in Dublin.
A US court ruled that the request to access them by government agencies, which claim some of the emails refer to the sale of illegal drugs, is legal.
Microsoft is arguing that the request infringes the Republic's sovereignty.
The NI Bar Council is still recommending that members use Microsoft's Office 365 rather than free platforms such as Dropbox and Google and will update its advice at the conclusion of the case.
It has also recommended that information is encrypted.
Ulster University law lecturer Rosemary Craig said both barristers and solicitors hold highly confidential information on clients that even courts have no automatic right to access.
"Anyone can hack and you need to be very, very careful," she said.
"At a certain point everything needs to be disclosed to the trial, to both sides, but you could have a case where it is accessed earlier.
"However, also concerning, there is information that is not `discoverable'. Court orders are needed to access such information and you are talking about a situation where information could be accessed without a court order, circumventing due process of law.
"This will especially be of concern in commercial matters, but also with prisoners who wouldn't want the authorities to be able to hack in and get information on them that in this jurisdiction is not open to them."