Design firms have changed their practice management procedures because of pandemic-related restrictions placed on office settings, travel, and in-person meetings with clients, government offices, contractors, and others involved in putting a capital asset in place. Video conferencing through various productivity tools has become part of the new normal for internal and project communications. But there are increased risks to consider.
Video conferencing is now routinely utilized to address matters that would have been handled in person or by phone call The consensus among design firms is that the use of video-conferencing through tools including Zoom, WebEx, and Microsoft Teams will continue for the foreseeable future.
Increased Video Conferencing Creates New Exposures
As often happens with new technology, risk management best practices are still catching up; this is particularly true with the ability to record video conferences. Many of these software programs advertise easy recording and sharing of meetings as a benefit, but that feature also carries security and legal risks.
Video conferencing technology makes it easy to record what in the past might have been informal discussions that left no “paper trail.” Firms are using Zoom and similar services for all manner of important meetings, including contract negotiation discussions, project status reports, employment practices issues, and, at times, analyses of how the firm could have operated in a more productive or professional manner. However, there should be significant concern. Zoom and all similar video-conferencing tools allow the organizer to decide whether a meeting will be recorded—and surprisingly often, little notice of recording is given to meeting participants. It is not uncommon for some firms to set Zoom to record every video-conference so that such recordings are available to document and clarify group decisions.
When a memo or email about a discussion is created, most professionals are cautious in the views that are expressed or the language used. Part of this is the common knowledge that a digital document never disappears and could show up in ways that will create problems. Leading the concern is discovery, the reliance on the preserved digital communication during litigation. However, the spontaneity of teleconferences and feeling of almost being in a private room make for creative and less guarded conversations, which could be the definition of something a firm does not want produced during discovery. So indiscriminate recording of video conferences could lead to problems.
All Electronically Stored Information is Discoverable
Design firms should be concerned about legal adversaries gaining access to meeting recordings as part of discovery in litigation. The sweeping e-discovery requests seen in professional liability lawsuits can include video conferences as easily as they do documents and emails.
Under the Federal Rules of Civil Procedure and in similar state rules, a party must produce information in response to a proper request. Federal Rule 34 states that “any designated documents or electronically stored information” needs to be produced. And the rule is intended to be broad enough to cover all current types of computer-based information and flexible enough to encompass future changes and developments. In case there is any doubt, a video conference recording is discoverable. This reality leads to a host of data-management and record-retention issues.
A firm might have to produce all recordings of a project team’s video conferences during discovery for a lawsuit by a client alleging damages from breach of contract or from the client or a third party alleging harm from a firm’s negligent performance of professional services. Such recordings could include documentation of participants discussing various self-critical issues, including legal risks associated with performance that might not meet contractual requirements or professional standards. Efforts by the firm to improve its internal operations could be used to establish negligence in the firm’s current performance of professional services. The opportunities for statements made during video conferences about internal quality control procedures or contractual performance to be mischaracterized and distorted during negotiations or adjudication are abundant.
A design firm that does not address the proper use of videoconferencing can increase its risk. In the absence of a policy regarding the proper use of videoconferencing, and more specifically, the recording of videoconferencing sessions, a firm could be faced with many problems, including:
When litigation arises, the employer will not know whether relevant recordings of video conferences exist, and it will not be in a position to preserve such recordings. If employees are permitted to use personal, rather than company-provided, videoconferencing accounts to conduct business-related meetings, the design firm may have no way of determining whether potentially damaging recordings exist.
In the course of litigation, when responding to discovery requests, there will be no efficient and cost-effective way to review recordings to determine if they are responsive—it will be necessary to review recordings from start to finish to determine responsiveness or to surrender all recordings.
During litigation, assuming the firm can identify recordings of relevant video conferences, it will then be left to manage the impacts of that evidence on the claims asserted.
Attorney-Client Privilege May Not Apply
Video conferences may be privileged, and therefore beyond the scope of discovery, if in-house or outside counsel is present, but, more often than not, discussions are held without the involvement of legal counsel. So, the possibility of attorney-client privilege is lost. While having an attorney participate in the video conference may lend attorney-client privilege to a meeting, firms should not take that for granted. There are exceptions to this rule, and a firm can expect an adversary to push hard to convince a judge to remove the cloak of privilege. If there is no attorney-client privilege, a firm can be sure that the meeting recording will have little chance of remaining off-limits in discovery.
Use All the Security Protections Available
Select the right program
The first decision is to determine what software to use. Convenience and features are important, but security should be key in making the decision. Programs that do not have end-to-end encryption or that do not require a password that is known only to the users to open it should be avoided. A program that enables the host to limit recording by others seems essential. A firm’s in-house data experts should be assigned to identify the most secure program available and to track innovation that creates other encryption and security features. A firm should make it policy that there is no freelancing allowed by users who prefer to use other software.
Limiting risks with best practices
All design and construction firms using videoconferencing should start by setting up a policy for users and criteria for what calls are subject to recording. Lawyers should have the last word on this policy, but a firm’s data security experts also should be involved in the decision.
Consent should be transparent
Consent-to-record laws vary by state, but without a clear opinion from a firm’s legal advisor, it is not recommended that a firm ever rely on a one-party consent policy or otherwise record without notification. Some states require two-party consent because participants deserve to know if they are being recorded. From a legal and ethical standpoint, no meeting participant should be recorded without consent. If a meeting organizer plans to record, affirmative consent should be given by all participants. If there is a concern that participants might record the meeting through the use of a cell phone or other recording device, the disclaimer at the beginning of the meeting should include an agreement that nobody but the host is allowed to record.
Have retention and destruction policies
Just like with other digital records, a firm should have a policy for how video conferences will be maintained, preserved, or destroyed in accordance with policies governing the storage of other electronic files. Having a records retention policy in place will allow a firm to destroy recordings after a suitable period of time, and thus remove them from the reach of discovery.
It certainly does not seem possible or desirable to prohibit videoconferencing or to ban recording of video conferences in all instances. A design firm’s best protection against the misuse of recording is to have a written policy that includes expectations with respect to the use of videoconferencing technology.
Video conferencing is a powerful tool that can help design firms make the best of a pandemic when on-site meetings are not feasible. Firms need to make sure this technology is working for them and not setting them up for exposure to other problems.
Victor and CNA work with the AIA Trust to offer AIA members quality risk management coverage through the AIA Trust Professional Liability Insurance Program, Business Owners Program, and Cyber Liability Insurance program to address the challenges that architects face today and in the future. Detailed information about both these programs may be found on the AIA Trust website, TheAIATrust.com.