Given a number of recent reports that people's phones are being "searched" by customs officials when entering the US or other countries, it is not surprising to know that the New York City Bar Association recently issued an ethics opinion holding that lawyers must take reasonable precautions to protect confidential information if the lawyer is searched by U.S border/customs agents. You can read the opinion here: NYCBA Opinion 2017-5.
Although the specific context in which the topic is discussed, the actual content of the opinion is nothing new or surprising. It is merely an application of the principle already expressed in Model Rule 1.6(c) which states that "a lawyer shall make reasonable efforts to prevent the inadvertent or
unauthorized disclosure of, or unauthorized access to, information
relating to the representation of a client."
Since the duty is to take reasonable measures to protect the information, the fact that the information is disclosed, by itself, would not result in a violation of the rule. Whether an attorney violates the rule, will depend on the reasonableness of his or her efforts to protect the information, Thus, the key question is what will be considered "reasonable."
On this, the opinion restates the comment to the Model Rule which explains that reasonableness will depend on may factors and that factors to be considered in determining the reasonableness of the
lawyer’s efforts include, but are not limited to, the sensitivity of the
information, the likelihood of disclosure if additional safeguards are
not employed, the cost of employing additional safeguards, the
difficulty of implementing the safeguards, and the extent to which the
safeguards adversely affect the lawyer’s ability to represent clients
(e.g., by making a device or important piece of software excessively
difficult to use).
opinion then adds that the simplest way to avoid a problem is to
not possess any client confidential information when crossing the border
and instead opting for other alternatives such as carrying a “burner” telephone, laptop
computer, or other digital device, removing confidential information
from digital devices, signing out of cloud-based services, uninstalling
applications allowing remote access to confidential information, storing
confidential information in secure online locations rather than locally
on digital devices, and using encrypted software.