The SRA has recently introduced changes to the part of the Solicitors’ Code of Conduct 2007 and associated guidance which deals with confi dentiality and disclosure.
Under rule 4.01 a solicitor is under a duty to keep the affairs of a client or former client confi dential. Rule 4.02 creates an obligation to disclose all information which the solicitor is aware of and which is material to the client’s matter. The duty of disclosure in rule 4.02 is subject to the duty of confidentiality in rule 4.01 and does not apply where the disclosure is prohibited by law or it is agreed with the client.
In addition, rule 4.03 creates a duty not to put confi dentiality at risk by acting for a client where the fi rm or a solicitor personally holds confi dential information about another client or former client and risks breaching that confi dentiality by acting or continuing to act for the new client. Rule 4.04 sets out circumstances in which firms can act despite having relevant confidential information. It involves obtaining the informed consent of both clients and (by implication) implementing an information barrier.
The combination of rule 4.03 and 4.04 meant that clients and former clients could prevent a fi rm taking on a new instruction for another client where the firm held confi dential information that was relevant to the proposed new retainer. This allowed clients and former clients to abuse that power and veto the new retainer for whatever reason they liked. There was no reason in principle why this should have been so. The firm could have acted entirely lawfully (at common law) by implementing a compliant information barrier but still be prevented from acting at the whim of the former client.
There was some relaxation of the harshness of rules 4.03 and 4.04 in rule 4.05, which permitted a fi rm to continue to act on existing instructions without the former client’s informed consent. This would apply, for example, where the risk of disclosure had only been noticed once the retainer had been accepted.
This bizarre anomaly has been the subject of criticism for over four years by a number of commentators. In July 2010 it was fi nally corrected when the SRA amended rule 4.05 to permit firms to accept new instructions where they have tried and failed to obtain informed consent of the original client (in accordance with rule 4.04) and have put in place a legally compliant information barrier.
So, overall, the position is now more favourable for solicitors. Under rule 4.04 the requirements are that:
- The clients know that your fi rm, or one of its partners or lawyers, holds or might hold confi dential information in relation to their matter, which they cannot disclose
- The firm has a reasonable belief that both clients understand the relevant issues after these have been brought to their attention
- Both clients have agreed to the conditions under which the firm will act or continue to act
- It is reasonable in the circumstances to do so
If it is not possible to obtain informed consent, the fi rm must put in place a legally compliant information barrier. The requirements for an effective information barrier are set out in the guidance to rule 4 (Note 44) and include:
- Written acknowledgment by the relevant client that the confi dential information held by the firm will not be given to them
- All members of the firm who hold the confi dential information must be identified and have no involvement with or for the other client
- No member of the restricted group may be managed or supervised in relation to that matter, by someone outside the restricted group
- All members of the restricted group must confirm at the outset of the engagement that they understand that they possess, or may come to possess, confidential information; that they must not discuss that information with members of the firm outside the restricted group; and that this obligation is an ongoing one
- When the information barrier is established each member of the restricted group must confirm that they have not done anything which would amount to a breach of it
- Only members of the restricted group may have access to documents containing the confi dential information
The guidance contains several further suggested arrangements which may also be appropriate or even necessary in order to establish an effective information barrier, ranging from arrangements for the physical separation of the restricted group, to the implementation of systems for receipt and opening of communications to members of the restricted group. Unsurprisingly the SRA has stressed that most firms will not have the infrastructure in place to meet the stringent rules regarding the use of information barriers. Such measures should therefore be used with caution.
The changes to the rules mean that firms are no longer at the mercy of previous clients when taking on new instructions where confi dential information is an issue, and are welcome, although long overdue.