The Virginia State bar has proposed new ethics rules on a duty to be informed of the risks and dangers of specific technologies. Virginia Lawyer's Weekly calls it "an explicit duty to be familiar with modern computer technology and to avoid digital secutiry blunders," and their headline says it "would mandate tech savvy." That kind of press coverage will probably influence the comon understanding and application of the new rules, if they are adopted.
Comments on the new rules will be accepted through September 2, 2014 by Karen A. Gould, the Executive Director of the Virginia State Bar.
Text of Proposed Changes
In the Comment to Rule 1.1 (Competence), in Comment part , "Maintaining Competence", after
"To maintain the requisite knowledge and skill, a lawyer should engage in continuing study and education,"
including the benefits and risks associated with technology relevant to the lawyer’s practice.
In 1.6 (Confidentiality), ADD a new subpart of the Rule:
(d) A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information protected under this Rule.
AND A NEW COMMENT:
Acting Reasonably to Preserve Confidentiality
 Paragraph (d) requires a lawyer to act reasonably to safeguard information protected under this Rule against unauthorized access by third parties and against inadvertent or unauthorized disclosure by the lawyer or other persons who are participating in the representation of the client or who are subject to the lawyer’s supervision. See Rules 1.1, 5.1 and 5.3. The unauthorized access to, or the inadvertent or unauthorized disclosure of confidential information does not constitute a violation of this Rule if the lawyer has made reasonable efforts to prevent the access or disclosure. Factors to be considered in determining the reasonableness of the lawyer’s efforts include, but are not limited to, the sensitivity of the information, the likelihood of disclosure if additional safeguards are not employed, the cost of employing additional safeguards, the difficulty of implementing the safeguards, and the extent to which the safeguards adversely affect the lawyer’s ability to represent clients (e.g., by making a device or important piece of software excessively difficult to use). A client may require the lawyer to implement special security measures or may give informed consent to forego security measures that would otherwise be appropriate under this Rule. Whether a lawyer may be required to take additional steps to safeguard a client’s information in order to comply with other laws, such as state and federal laws that govern data privacy or that impose notification requirements upon the loss of, or unauthorized access to, electronic information, is beyond the scope of these Rules.