Edward Clinton recently wrote about a lawyer accused, in disciplinary proceedings, of accessing an opponent's email account. The post is here: https://www.chicagolegalmalpracticelawyerblog.com/2017/09/06/ardc-charges-lawyer-with-wrongfully-accessing-opponents-email-account/.
Unfortunately, a couple of colleagues and I concluded someone may be accessing our accounts or computers. It is a disconcerting prospect, on the other hand, I tend to run my cases in a pretty transparent manner. If my opposing counsel eavesdropped, they would probably suffer from boredom. As an ethical position, I avoid cases where clients are coached, "If the light was yellow, the result will be x; if it was red, y. Now, was it yellow or red?!" My office is tediously dull, devoid of smoking guns. Nonetheless, as a lawyer, I have a right to keep my smoking guns (and those of my clients) to myself if an exciting case come along.
I reached out to a computer type I know, and got back a suggestion I call a forensic specialist. This sounds like a tall and expensive order, though bringing back Jack Klugman on my client's dime would be fun.
As an initial matter, suggesting everyone change their passwords seemed like a good idea. It costs nothing, and could cut the problem right off.
It slowly dawned on me that "everyone" could include me. While the thought of having my email account viewed was disconcerting, the thought of an opponent wading through my voluminous and varied account also seemed like an interesting way to do justice.
Nonetheless, I decided to follow the dictates of common sense. I changed my password. Browsing through the options, I realized the tendency of computer programs to collect a bit more information than we might like could be useful. Sure enough, both my email providers had "recent activity" feeds that allowed me to view the devices accessing my accounts.
Though providers vary, the general steps are:
1. Access the account (usually under the account icon in the upper right-hand corner)
2. Go to safety and security
3. Review the activity
4. Change passwords and think about 2-step verification while there.
This is simple advice and does not replace the forensic examination we will need, but it is a good initial first step in suspected hacking situations.
