Vol. 81, No. 6, June
Avoiding the Dangers of Metadata
Not paying attention to metadata in
electronic files can cause embarrassment and serious damage to your
practice and reputation. You must keep
confidential information confidential. Here's why.
by Thomas J. Watson
Practicing law these days is nothing like it was 25 years ago or even
10 years ago. Thanks to technology,
everything moves faster. We communicate with clients faster, we transmit
information faster, and we
can draft motions and briefs faster. Our word processing software has
changed the way letters
and other documents are created.
It should come as no surprise to any lawyer that most software
hidden information. Such information is called metadata, and it can
cause embarrassment and
serious damage to your reputation.
Probably the most infamous example of embarrassment and damage
to one's reputation is
a report on Iraq's security and intelligence organizations published by
the U.K. government
in 2003. This report was cited by Secretary of State Colin Powell in his
address to the
United Nations the same month. It was quickly discovered that much of
the material in the
report actually was plagiarized from work of a U.S. researcher on Iraq.
The U.K. government made
one additional mistake: It published the report as a Microsoft
WordTM file on the government's Web site. That allowed anyone
who downloaded the report to review the metadata in the document
and discover the plagiarism.
What Constitutes Metadata
Simply put, metadata is the hidden information that is created
embedded in a computer file. For lawyers, word processing software poses
the highest risk.
Typical metadata found within a Word document, for example, may include
your name, your firm name,
the file or network location where you saved the document, the names of
other people who worked
on the document, the amount of time spent on the document, and the
history of revisions made
in the document. Lawyers face problems with metadata when they share
files as attachments
via email, over a network, or even on a compact disc. Sharing files in
these ways can present
at least two significant threats to you as a lawyer.
First, the presence of metadata could compromise your negotiating
position. If you send
a document to the other side that contains information that you thought
had been removed
and that you do not want the other side to know, you may compromise your
negotiating position. This would naturally lead to two consequences that
would not be good for your
practice: Your client would not be happy with you, and you then might be
the target of a
Second, it could lead to embarrassment and damage to your
reputation. Sending out a
document containing damaging metadata can demonstrate a lack of care on
your part as a
practitioner and a lack of technical competence, in addition to bad
Reid Trautz, a law practice advisory attorney in Alexandria,
Va., says he is aware
of cases in which lawyers have had some explaining to do to their
clients. "Metadata shows
how much time has been spent on the document. The clients needed only to
compare the editing
time to the time claimed on their bill to raise the embarrassing issue
with their lawyer." In
some cases, clients have brought disciplinary complaints against lawyers
for their billing
practices because of information revealed by metadata.
Thomas J. Watson, Marquette 2002, is senior vice president and
director of communications at Wisconsin Lawyers Mutual Insurance Co.,
Avoiding Metadata Problems
Being aware of metadata is only the beginning. You also must take the
to reduce or eliminate it. Trautz says whatever you do, do not ignore
"Microsoft now has a metadata reduction tool that strips
out some metadata. There
are several other products now on the market as well."
But maybe the best approach, Trautz says, is simply to not send
Wordperfect files. "You can convert the document to a PDF file,
which strips most of the metadata, and
it is safer in an email anyway. PDFs are harder, and in some cases
impossible, for people
to edit. Only send Word documents when you need the recipient to help
edit them and you know
it's safe. It's even better to just have the recipient, whether it's a
client or opposing
counsel, just add comments to a PDF document."
Green Bay attorney Mark Pennow says PDFs are the solution in his
office. "We do not
send Word files, Excel files, or any other files electronically besides
PDFs. We print out our
Word documents and scan the pages to be sent as PDF attachments."
Some lawyers have complained that they cannot edit or make
changes to PDF files.
But Pennow says that is not the case. "Our optical character
recognition (OCR) software
easily translates the PDF into a Word file, and I can make changes that
Sending only PDFs sounds like an easy solution, but Pennow says
it is amazing how
many lawyers do not do so because they are still unaware that metadata
exists in Word files. "I
get them sent to me by other lawyers all the time, often from people who
should know better.
So far, I have not run into serious problems in my practice with this.
But I could easily
envision the problems that could arise in the course of a collaborative
involving adverse parties. This almost came up in a federal case I
handled a couple of years ago
when the defense attorneys thought about working online together to come
up with a settlement
document that accommodated everyone's concerns. We decided instead to
trade paper by mail."
If you do not want to bother converting files to PDFs, there is
an alternative. It
is possible, according to Microsoft, to strip off much of the metadata
before transmitting a
Word or other Office document. Pennow says, however, that "some of
the procedures suggested
on [Microsoft's] Web site are not very intuitive to the user. Different
metadata require different removal techniques."
Pennow says a wide variety of "metadata stripper"
software is available, with cost
varying from more than $1,000 to dirt cheap. "It will require the
lawyer to know how to use
this software. I'm not sure this is the sort of thing the typical busy
lawyer wants to undertake."
Technology, of course, makes instant communication for lawyers
easy - and as a
result, electronic communication has become the norm these days. Baldwin
attorney Tom Schumacher
says, however, that although technology has changed his law practice
over the past several
years, sometimes using the old-fashioned techniques can avoid problems.
And that is particularly
true when it comes to the threat of metadata. "Sending electronic
documents, or communicating
with clients or opposing counsel is obviously so much faster and easier.
But what if you send
the wrong document, send the wrong draft, or send it to the wrong party?
I sometimes think,
`why do I send documents electronically anyway?'"
Train Your Staff
While you, as a lawyer, must carefully track what you are sending out
to clients, opposing counsel, and others, and understand the risks of
metadata and other
electronic mistakes, it is just as important that your staff members
have the same understanding.
Schumacher says a mistake by an employee can cost you just as
much or more as your
own mistake when it comes to sending out electronic documents.
"Have a way to manage email so
you can track what is happening. Email manager is as important as
document manager software."
Trautz says, "Lawyers need to not only understand metadata and
the risks it presents,
but they must also continually work with their staff to ensure that all
employees who have
the responsibility of sending out documents are properly trained. This
can avoid many
headaches and sleepless nights down the road."
Sending electronic documents may be faster and easier, but if
you're not sure of
what you're doing, it can cause more problems later on. If you have any
doubts, do not send
electronic documents at all. Mark Pennow takes a page from Johnny
Cochran's book, summing it
up this way: "When in doubt, print it out." He adds, "Why
mess around with an overly
technical and possibly complicated solution when the scanner is right
down the hall?"