Things You Should Know About Free Email & File Sharing Cloud Services
By: Karla J. Eckardt, Practice Management Advisor
The Florida Bar’s Standing Committee on Technology has annotated The Legal Cloud Computing Association’s (LCCA) standards for lawyers to consider when conducting due diligence of a cloud service provider (CSP) as required by Florida Bar Ethics Opinions. Ethics Opinion 12-3 specifically states that “[l]awyers may use cloud computing if they take reasonable precautions to ensure that confidentiality of client information is maintained, that the service provider maintains adequate security, and that the lawyer has adequate access to the information stored remotely. The lawyer should research the service provider to be used.” (emphasis added).
It has always been our position here at The Practice Resource Center not to recommend any specific products to our members, but rather provide them with the resources they need to choose the products that best conform to their practice’s operational needs. However, given the volume of questions we get about popular email and file sharing services, we thought we’d get you started on some of that research.
In April of 2018, Oath updated and unified the privacy policies for all of its brands, including Yahoo and AOL. The new policy grants Oath the right to collect information about your devices as well as your comments, posts, videos, emails, messages and attachments. Oath also reserves the right to share the information it collects with its parent company, Verizon. This may not be a surprise to Yahoo Mail users whose emails have been scanned since 2013. However, AOL had not previously engaged in this practice. Much like Gmail, Oath allows legacy Yahoo and AOL users to set certain privacy controls but some information will always be collected. This update doesn’t bode well for Yahoo users whose account data was stolen back in 2013. In October of 2017, Yahoo announced that “all [three billion] Yahoo user accounts were affected by the August 2013 theft,” more than the one billion originally reported. So, if you’re a Yahoo Mail user, your account has definitely been compromised. For more information about the breach, visit the Yahoo 2013 Account Security Update FAQs page, https://yahoo.com/security-update.
All-in-all, both Google Drive and DropBox are still viable free solutions once you’ve revoked third-party permissions, enabled two-factor authentication (2FA), and used a service like Boxcryptor to encrypt your data so no one, not even Google or DropBox, can access it.
What are your alternatives? Here are a few to consider:
- Microsoft Office 365 For Business
- G Suite Business
- ProtonMail (email only)
- SpiderOak (file sharing & backup)
Needless to say, we ALWAYS recommend that members go with paid business class cloud service subscriptions over any free service offerings. Free products may meet your needs, but they often come at a high cost, access to your data. Please be sure to read your CSP’s privacy policies and terms of service to ensure that your firm and client data is adequately protected.
For more resources, visit our Cloud Computing page.