Call Us: (800) 367-2577

Again with the Metadata? Enough Already!

I have been writing and lecturing about metadata for years. (And in case you have forgotten, metadata is the “hidden” information about the electronic documents we create that we’re all supposed to be worried about.) I guess for some of late, I’ve run on with the topic long enough because a few have started to say “enough already.” Then this happened.

Earlier this year I was on the road visiting a dozen or so law firms over the course of two weeks and learned that several attorneys at two different firms were routinely emailing documents out to other attorneys without first removing the associated metadata. Making matters worse, in many instances the attorneys who were in receipt of these documents didn’t have to do anything to view the metadata. In other words, there was no metadata mining going on, no digging for it. All they had to do was open the document and they would find interesting and useful information staring them in the face. Think tracked changes as an example. Now here’s the kicker, no one was saying anything to anyone in order to keep the information coming. After all, this is a gift that keeps on giving. “Enough already.” I don’t think so.

Let’s talk ethics for a minute. There are basically two issues in play when it comes to metadata. The first is an attorney’s obligation to maintain client confidences, some of which can be metadata based. There is no exception in the confidentiality rule that says an attorney needn’t worry about maintaining client confidences if an electronic document is in use. This is why firms routinely require that all electronic documents be either scrubbed clean of metadata or converted to a pdf format prior to sending. Our professional conduct rules mandate this outcome. In fact, I can assure you that the two firms where the above mentioned problem attorneys practice have such a rule in place.

The second, and in my mind more interesting issue, concerns the viewing of metadata. At its most basic, if an attorney receives electronic documents with associated metadata intact, may the attorney view it? Suffice it to say that the issued ethics opinions on the subject run the gamut. Some opinions state it’s fine to take your advantages where you find them. At the other extreme you will find ones that say nope, can’t do it. But here’s where it gets interesting. If you read the opinions that come down on the side of saying an attorney should not view metadata, you often find an analysis that mirrors the analysis used with opinions issued over misdirected faxes back in the day. You find terms including the likes of inadvertent disclosure driving the analysis which takes me back to my story.

I can imagine that some of you reading this might be troubled by the story above. The fact that no attorney was willing to do the right thing and speak up seems so unfair. After all, the attorneys who sent the documents were simply unaware. Apparently they didn’t understand what metadata was all about, let alone what to do about it. Well I beg to differ. The attorneys receiving the useful information didn’t speak up because they understood there was nothing inadvertent about the actions of the attorneys who were sending out the documents.

Again, the Rules of Professional Conduct are in play. As attorneys we are to maintain client confidences. And in today’s world, professional competency means having an understanding about what computers and applications like word processing programs do and don’t do. This isn’t optional. You see, I understand why the attorneys receiving the documents kept their mouths shut. I actually think they made the correct decision because the ongoing disclosures were not inadvertent. A number of years ago, I might have called the disclosures innocent or naive, but not today. Today, I would label the attorneys who continue to routinely send out documents with the associated metadata intact incompetent. Yes, that may seem harsh, but it is true nonetheless.

If you aren’t already responsibly addressing the issues surrounding metadata on a daily basis, all I can say is now is the time and here’s why. There are firms that are using software tools that literally mine for metadata and sometimes they hit real pay dirt. Should opposing counsel ever do that to you, do you really want to try to argue that your routine delivery of the metadata was an unintentional act? I suspect that any impacted client would be less than impressed with that approach. In fact, I think they would call it what it is, just as I did, incompetent.

Related Posts:

How to Avoid Conflicts with Individual Attorney E-mail Hyperlinks

Try Not To Fall Into The Comfort Trap

As a Risk Manager for ALPS, Mark Bassingthwaighte. Esq. is responsible for developing and delivering new risk management and CLE products and services, risk management consulting, law firm risk evaluations, and writing content for the ALPS 411 blog at: In his tenure with the company, Mark has conducted over 1,000 law firm risk management assessment visits, presented numerous continuing legal education seminars throughout the United States and written extensively on risk management and technology. Mark received his J.D. from Drake Law School. He can be contacted at:

Comments for Again with the Metadata? Enough Already!

Name: Daniel E. Cassidy
Time: Friday, August 12, 2016

I use Word for documents and save a copy as PDF. I only email the PDF copy. Is this all I have to do?
Believe me, your comments are important to me. I don't say Enough Already, but what else can I do???? Thanks.

Name: Mark
Time: Tuesday, August 16, 2016

Daniel - changing the format from Word to PDF and emailing that does appropriately address the problem. If for some reason you need to send a document in Word or perhaps a court requires documents to be submitted in Word format, you would need to learn how to remove the metadata prior to the document leaving your control. In current versions of Word, this is done using the inspect document function in Word. In the alternative you can use a free standing software tool referred to as a metadata scrubber.

Name: stuart saunders
Time: Tuesday, August 16, 2016

I assume that the metadata contains corrections that we have made to a document and is contained in the word document. If we save the word document to PDF, does that mean that the metadata can't be mined? what about the email, which we prepare, then look at and make changes. can that be mined for metadata? If so, how do we protect that email from being mined for useful tidbits of information.

Do you have a favorite article that explains the problem in simple non computer terms that a dinosaur, such as myself, can understand. Personal Computers did not exist when I came along, so I didn't grow up with the tools that are now available.

Stuart Saunders

Name: Mark
Time: Wednesday, August 17, 2016

Stuart - as noted above, changing the format to PDF does address the problem. Your question about email, however, takes this to a level that's quickly getting beyond my level of expertise. As I understand it, there are situations where the text of the email itself can be mined for metadata; but that's about all I know. The best advice I can give you is to never put substantive information in the text of an email. I prefer using attachments to email to pass along any sunstantive information because I can remove the metadata from the attachment and I can encrypt the attachment through the use of a password so that if it email ever ends up in the wrong hands the information in the attachment is still protected.

Leave a comment