Columns

Texting clients: Is your signal in the dust?

April 2025

by Alecia Chandler | Michigan Bar Journal

Texting clients or messaging through applications such as WhatsApp or Signal is a reality for most lawyers. Some lawyers refuse to communicate with clients via text; they are usually met with a response like, “OK, Boomer!” by those who do.

The Michigan Rules of Professional Conduct (MRPC) requires lawyers to understand technology.¹ Therefore, lawyers choosing to communicate with clients via text must consider additional ethical duties related to confidentiality, security, and preservation.

During the current AI renaissance, or RenAIssance, texting no longer refers to traditional short message service (SMS) or multimedia messaging service (MMS) transmissions from one mobile device to another. Now, texting refers to a host of app-driven communications through SMS, rich communication services (RCS)² or advanced messaging, and various messaging apps — all of which has led to a new frontier for legal ethics.

Forbes magazine in December reported that the FBI and CISA, the U.S. cyber defense agency, warned Americans to use encrypted messaging and phone calls amidst Chinese efforts to hack U.S. networks³ and encouraged people to use encrypted messaging services to prevent data theft — data lawyers are required to protect under MRPC 1.6.

Since its widespread use became common in the mid-1990s, lawyers have been communicating with clients via text. So why are we still talking about using a 30-year-old technology? The landscape has changed, and ensuring communication is secure and ethical is no longer a simple task.

MESSAGING APPS

The story of the creation of Dust is fascinating. In 2008, billionaire businessman Mark Cuban was required to provide all of his emails and messages after being charged with insider trading.⁴ In response, he created Cyber Dust. Released in 2014 and now simply known as Dust, the messaging app preserved data in the cloud for 24 hours, after which it turned to “dust.”⁵ During the same time period, Signal’s predecessor, Snapchat, and WhatsApp were gaining steam around the world. Secure messages with end-to-end encryption that would disappear upon transmission or shortly thereafter — and that are not accessible by hackers or anyone else after a short period — are intriguing to those of us required to maintain strict confidentiality.

Secure messaging apps should be reviewed to ensure both lawyer and client are using secure communication channels and necessary communications are preserved as required.

CONFIDENTIALITY AND END-TO-END ENCRYPTION

Depending on the service provider, texting may not be confidential. No matter which service you use to communicate with clients, if the communication includes any confidence or secret, lawyers and staff⁶ should use end-to-end encryption.⁷ Per Ethics Opinion RI-381,⁸ lawyers have a duty to understand technology and take reasonable steps to implement security measures, especially in the wake of federal warnings.

PRESERVING TEXT MESSAGES BETWEEN CLIENTS AND ATTORNEYS

Text message communication between clients and attorneys should be preserved, with certain messages requiring mandatory preserva

tion. Upon withdrawal, lawyers are required to provide clients with access to their files. If the contents of text messages are required to be maintained, lawyers must do so. Even if preservation is not required, lawyers should consider whether keeping text messages is prudent just in case a client files a malpractice action or grievance.⁹

LITIGATION HOLDS AND PRESERVATION OF ELECTRONIC COMMUNICATIONS

Last year, the federal Securities and Exchange Commission (SEC) filed numerous charges for widespread use of what it termed “off-channel communications” in an effort “to ensure that all regulated entities comply with the recordkeeping requirements ... essential to our ability to monitor and enforce compliance with the federal securities laws[.]”¹⁰ While this has not yet impacted law firms, it should be considered when communicating with clients whose messages may require preservation.

Lawyers representing clients with electronic records under a litigation hold should evaluate whether substantive communications should be sent electronically, as they may be disclosed to opposing counsel by an employer or service provider during discovery.

PRESERVING MESSAGES

Several apps archive preserved texts or similar messages.¹¹ Most of these apps are geared toward corporations subject to Financial Industry Regulatory Authority (FINRA) and SEC compliance. Some service providers maintain records that may be downloaded before expiration. If you choose this option for preservation, make sure you save messages before they expire — many expire after 30 days.

Also, client portals, some Voice over Internet Protocol phone systems, and messaging apps have established retention policies. Note that the messages must be retained in a format that is accessible; it can’t be simply data.

SMISHING

Smishing, or scam text messages, is also an issue for law firms. Just like opening a malware-infected document corrupts your computer and the connected systems, opening a malware attachment in a text message can infect your device and all connected devices, potentially taking down your firm’s entire network. Lawyers must remain vigilant against these scams; a single compromised device can jeopardize client confidentiality and the firm’s operations as a whole. Implementing robust cybersecurity protocols and educating staff about smishing attempts are essential precautions. For more on cybersecurity, visit the State Bar of Michigan Cybersecurity FAQs web page at https://www.michbar.org/opinions/ethics/cybersecurityFAQs.

LAWYERS: CUSTODIANS OF PRIVILEGED INFORMATION, GATEKEEPERS TO SECURE CHANNELS

Lawyers, especially those in small firms, have become targets for cybercriminals big and small. Accessing a small firm’s computer system can provide backdoor access to larger networks such as PACER or MiCOURT. Small firms tend to have less security and, therefore, become easier targets for backdoor access to governmental systems. Appropriate training and security protocols are imperative to ensure ethical compliance.

LAW FIRM CONSIDERATIONS

Messaging apps: The following are among the most important factors for law firms of all sizes to consider with regard to messaging apps:

Carefully reviewing the terms of service for each messaging app the firm uses to ensure proper security.
Establishing end-to-end encryption. For each client, you must attempt to ensure he or she also establishes end-to-end encryption.
Determining a retention policy for required data.
Considering a phone service that provides for texting from a direct number in which data is retained and can be accessed by an administrator.

Bring your own device policies:¹² This is HUGE! Even if you only have one part-time staff person who uses their own device to access firm records or communicate with clients, you need a policy. Unfortunately, the majority of callers to the SBM Ethics Helpline who are victims of hacking were exposed due to a legal assistant’s mistake or a device being infected with malware, compromising the firm’s entire system.

Text communication policy: If you choose to communicate with clients via text about non-substantive matters only, that policy should be in writing and communicated to clients and staff.

Record retention policy: A record retention policy is required¹³ and should include retention of text messages.

Training in policies and smishing: Preventing smishing attacks¹⁴ requires both user education and technology. Artificial intelligence can be used to create realistic text messages mimicking those from clients or companies like the U.S. Postal Service.¹⁵

Manage client expectations: Advise clients of when texting is appropriate, which information should and should not be included, anticipated response times,¹⁶ and how clients will be billed for messaging.

Final tip for lawyers: Be professional in text messages with clients. Do not give immediate, incomplete answers on substantive issues via text. Be careful of using emojis in responses; emojis are creating their own area of case law, and the implications can be detrimental.¹⁷

Remember: Dance like nobody is watching, and text and email as if it will be read aloud in court.

“Ethical Perspective” is a regular column providing the drafter’s opinion regarding the application of the Michigan Rules of Professional Conduct. It is not legal advice. To contribute an article, please contact SBM Ethics at ethics@michbar.org.

ENDNOTES

1. See SBM Ethics Opinion RI-381 (February 21, 2020). https://www.michbar.org/ opinions/ethics/numbered_opinions/RI-381 (all websites accessed March 13, 2025).

2. Rich communication services or advanced messaging provides support for read receipts, typing indicators, advance group chat functioning, and transmitting high-resolution images, video, and audio.

3. Zak Doffman, FBI Warns iPhone And Android Users—Stop Sending Texts, Forbes (December 6, 2024) [https://perma.cc/J24P-RHQ7].

4. Mark Cuban Litigation Release No. 20810, US Securities and Exchange Commission https://www.sec.gov/enforcement-litigation/litigation-releases/lr-20810.

5. Dan Gray, 60 Seconds with Mark Cuban: Cyber Dust and Data Security, Dataconomy [https://perma.cc/ER2B-FT6F] (posted December 20, 2014).

6. MRPC 5.3.

7. Cybersecurity—Frequently Asked Questions: What is encryption and when should I use it?, SBM https://www.michbar.org/opinions/ethics/cybersecurityFAQs#encryption.

8. Ethics Opinion RI-381, supra n 1.

9. Lawyers should also be mindful that spoliation has been argued when parties fail to preserve messages generated with so-called “ephemeral” messaging apps. Waymo LLC, v Uber Technologies, Inc, et al., opinion of the United States District Court for the Northern District of California, issued January 28, 2018 (Case No. 17-00939- WHA) (involving use of “Wickr”).

10. Sixteen Firms to Pay More Than $81 Million Combined to Settle Charges for Widespread Recordkeeping Failures, US Securities and Exchange Commission https://www.sec.gov/newsroom/press-releases/2024-18 (last updated February 9, 2024).

11. Please see Record Retention Kit for information regarding time frames for maintaining records: File Retention, SBM https://www.michbar.org/opinions/ethics/recordretention/home (published March 2022).

12. Cybersecurity—Frequently Asked Questions: Bring Your Own Devices (BYOD), SBM https://www.michbar.org/opinions/ethics/cybersecurityFAQs#BYOD.

13. SBM Ethics Opinion R-5 (December 15, 1989) https://www.michbar.org/opinions/ethics/numbered_opinions/r-005.

14. See David Ries, Cybersecurity for Attorneys: Addressing the People Part of Security, ABA (November 9, 2022) https://www.americanbar.org/groups/law_practice/resources/law-practice-today/2022-november/cybersecurity-for-attorneys-addressing-the-people-part-of-security/; and David Ries, Cybersecurity for Attorneys: Ethically Avoiding Fraud and Scams, ABA (December 16, 2024) https:// www.americanbar.org/groups/law_practice/resources/law-practice-today/2024/december-2024/ethically-avoiding-fraud-and-scams/ for more information. See also Best Practices for Professional Electronic Communication, The Florida Bar [https://perma.cc/DAL6-HDWW].

15. Matt Durr, Get a text about a package that can’t be delivered? U.S. Postal Service says it might be a scam, MLive.com (December 26, 2024) [https://perma.cc/L4ZR-YDS9]; Greta Cross, USPS warns about package tracking ‘smishing’ text messages: Here’s what to know, USA Today (December 23, 2024) [https://perma.cc/4ZZK-YG8B].

16. Clients often expect immediate responses to messages, but lawyers should set boundaries, such as that text messages will only receive responses during open office hours.

17. Pamela Langham, Emojified Communications! The Emoji’s Role in Modern Law, Maryland State Bar Association (October 10, 2023) [https://perma.cc/6WZ6-JANQ]; Kathryn Cole, Legal Implications of Emojis, The National Law Review (October 10, 2023) [https://perma.cc/5S5Y-GJZB].

Alecia Chandler is the Professional Responsibility Programs Director at the State Bar of Michigan.