The Perilous Pitfalls of TikTok for Law Firms: A Wake-Up Call for Confidentiality

2024 Feature Nominations

If you’re a lawyer, you know the importance of confidentiality. From highly sensitive lawsuits to top-secret mergers and acquisitions to patents on artificial intelligence, law firms hold some of the most confidential information in the world. But what happens when that confidentiality is compromised by an unlikely culprit – TikTok?

Yes, you read that right. TikTok, the social media platform known for its viral dance challenges and lip-syncing videos, has become a major risk for law firms. The platform’s network access and potential for unauthorized access to highly confidential files and information can be catastrophic for law firms and their clients.


PPC for Legal

It’s about access. TikTok has access to a user’s network connections, which means that the platform can potentially access the user’s contacts, messages, and other files stored on their devices. For law firms, this means that a paralegal watching TikTok in the bathroom, has given the social media platform that is at least partly owned by the Chinese government, access to every attorney’s laptop that is on the same Wi-Fi network!

Think about that. While Europe and the United States have data privacy laws in place to protect their citizens, the Chinese have no such restrictions with your data. Highly confidential files and information about lawsuits, mergers & acquisitions, internal investigations, patents, and other sensitive information can be compromised. Every detail of a client’s trust funds or celebrity divorce can be bought and sold without compunction or consequence.

Additionally, the names of pets, favorite sports teams and family birthdays can easily be accessed – all from the cell phone of the paralegal in the bathroom. This data can also be used to hack passwords and make the entire firm vulnerable to cyber threats, such as hacking, phishing or data breaches.


Injury RX

But it gets worse. TikTok’s user agreement permits the platform to share user data – including their entire browsing history, with its partners and affiliates. Is it possible that one of your partners or associates might have something in their browsing history that might be compromising, unethical or even illegal? If so, that can be sold to dark web “data brokers.” The sharing of this data can easily compromise users’ privacy and potentially put them at risk for identity theft, fraud and even coercion.

For law firms, the potential for major lawsuits is a real threat. Clients trust law firms to keep their confidential information secure and protected, and a data breach can result in significant financial and reputational damage. Clients may file lawsuits against law firms for negligence or breach of contract, claiming that the firms failed to adequately protect their confidential information.

So, what can law firms do to protect their highly confidential data when their employees are inevitably going to be using TikTok? Here are four tips.

No. 1: Restrict Use on Work Devices

Law firms should consider prohibiting the use of TikTok on work devices, particularly those connected to their network. This can help to minimize the risk of unauthorized access to confidential information.


Computer Forensics

No. 2: Train Employees

Law firms should educate their employees on the risks of using TikTok and other social media platforms and provide guidelines on best practices for data privacy and protection. This can help to minimize the risk of employee errors or intentional breaches of confidential data.

No. 3: Use VPNs

Law firms should encourage employees to use Virtual Private Networks (VPNs) when accessing the internet on work devices, particularly when using public Wi-Fi networks. This can help to secure their connection and protect against unauthorized access.

No. 4: Monitor Network Access

Law firms should monitor network access and activity to detect any unauthorized access or unusual behavior that could indicate a data breach or security incident.

In conclusion, TikTok presents a significant risk to law firms and their highly confidential data. Law firms must take the necessary precautions to protect their data and confidentiality, and failure to do so could result in major lawsuits from clients. So, let this be a wake-up call for law firms. It’s time to take data privacy seriously, even on seemingly harmless social media platforms like TikTok.

Frederick Shelton

Frederick Shelton is the CEO of Shelton & Steele (, a national legal recruiting and consulting firm. Since 1993, Frederick has worked with associates, counsel, partners, groups and coordinated law firm mergers & acquisitions.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts