Even state bar associations, the entities that regulate lawyers, are struggling with the cloud. Specifically, the \u201cbig\u201d question is \u201cif a lawyer stores attorney-client privileged information in the cloud, will that result in a waiver of that privilege.\u201d Remarkably, only a very few bar associations have directly addressed this issue.Arizona, New Jersey, and New York bar associations have all issued guidances for lawyers regarding cloud storage of sensitive attorney-client information. In general, they find the practice is permissible if reasonable care is used to vet and monitor the cloud provider\u2019s security measures. For example, the New York bar stated, \u201c[A] lawyer may use an online \u2018cloud\u2019 computer data backup system to store client files provided that the lawyer takes reasonable care to ensure that the system is secure and that client confidentiality will be maintained.\u201d New York State Ethics Op. 842.The question, of course, is \u201cwhat constitutes reasonable care?\u201d For example, if a cloud provider has a good record of security and has a great SAS 70 Type II audit report, but specifically disclaims any liability for security breaches and offers only minimal confidentiality protection, is this good enough to satisfy the \u201creasonable care\u201d requirement? No one knows. What is clear is that, just like all other businesses, lawyers must be cautious in this area and thoroughly vet their cloud providers.