As everyone knows, IT professionals and lawyers often
want to stab each other’s faces with butter knives have a little trouble seeing eye-to-eye. Practitioners of both the law and computer sorcery tend to be headstrong and preternaturally assured that they are correct 100 percent of the time.
It only makes sense then, that several of Wednesday’s panels at the Legal Technology Leadership Summit dealt with the crucial and interdependent relationship between law dogs and mysterious IT folks. Throughout the day, discussion leaders from both sides of the aisle discussed ways to avoid (or at least mitigate) data breaches and to use technological tools to ease billing nightmares. One session was dedicated to lamenting the top ways IT staff and attorneys drive each other nuts.
For reasons why your boss isn’t thrilled about your sweet new 128 gigabyte flash drive and some classic ha-ha-lawyers-don’t-understand-technology anecdotes, keep on reading….
Yesterday’s data breach panel had two main thrusts: First, in-house counsel — and, by proxy, their vendors and outside counsel — cannot get “compliance complacent.” You can’t look at a security element once and think it’s OK forever. Technology changes so quickly; encryption that used to be acceptable can now be cracked in five minutes, said Anthony Knaapen, Manager of Litigation Discovery at Chevron Corp.
Likewise, legal departments need to constantly pay attention to the ways vendors, insurance policies and new contracts handle data security so there is a plan in place for when — not if, panelists emphasized — the company gets breached.
Second, a company’s security technology is no better than the way its people use it. All the encryptions, certifications, security badges, and trained goblins in the world won’t help if employees still open spear phishing emails, walk off with trade secrets stored on their personal thumb drives, or access sensitive data from insecure places, like a home office. These are super-simple risks to avoid, but they require training, enforcement, auditing, and reporting.
That’s where IT comes in. Panel members strongly suggested giving more support to corporate records and information management, so there are resources to educate employees (legal or otherwise) about the basic stuff that causes so many breaches.
There are a lot of other basic concepts that might not cause data breaches, but that do make it hard for IT and legal to work together.
Robert Galvin, the Chief Technology Officer for the New York City Department of Education, has been repeatedly stymied in his attempts to institute electronic signatures within the department. An audience member at the “Top 10 Things Lawyers Do to Drive IT Crazy” described the blank stares and confusion she’s seen when trying to send files via FTP. Nishan DeSilva, Director of Information Management and Compliance at Microsoft, mentioned the near absurdity of having less-than-savvy lawyers try to manage litigation centered around 20-year-old whiz kids designing games on Xbox.
That said, the computer shamans in the room also acknowledged that they can be too enthusiastic about technology’s benefits with understanding the risks. They forget lawyers have to be more worried about risks.
When it comes down to it, panelists said, IT staff need accept what they don’t know about law — and talk to their attorneys about it. The reverse goes for lawyers. Counsel need to ask questions, too, and not worry about asking stupid ones. (“Humility?” said all the attorneys at once. “What’s that?”)
A third panel, which served as a more positive example of lawyers teaming up with technology, dealt with emerging e-billing and matter management strategies.
Dori Kuchinsky, Senior Litigation and Global Privacy Counsel at W.R. Grace, told a horror story about a case that spiraled out of control when a judge approved an international e-discovery request. Even after settling, she had a tough time explaining where all the specific e-discovery costs were coming from. It was virtually impossible to do any metrics on 100-page bills from outside counsel — the billing codes were unspecific, and the document itself was unwieldy.
So Kuchinsky and David Bain, Associate General Counsel of Datacert, discussed the ways e-billing and matter management can help legal departments manage costs, allocate work better, and make outside counsel more efficient and effective. The knowledge also becomes more available within the company, Bain said. It’s no longer locked within the head of one attorney who may go on vacation or leave the organization.
It actually has been cool hearing people from the IT and legal sides talking relatively openly about their different perspectives. It’s the kind of summer-camp openness that rarely survives back in the real world, but here’s to hoping.
Christopher Danzig is a writer in Oakland, California. He previously covered legal technology for InsideCounsel magazine. Follow Chris on Twitter @chrisdanzig or email him at firstname.lastname@example.org. You can read more of his work at chrisdanzig.com.