Would it surprise you to learn that lawyers talk a good game, but rarely follow through substantively? Well, in that case here’s a dog-bites-man story for you: lawyers are quick to share their concern about maintaining the security of their clients’ files and not so quick to invest in the technology required to do so.
This comes days after the Justice Department announced that the Chinese Army was engaged in digital espionage and that they were specifically targeting law firms as the soft underbelly of data protection.
How big is the disconnect between word and deed?
LexisNexis conducted a survey asking about these very issues. The good news for clients is that 81.2 percent of those surveyed feel that a breach would be either consequential or very consequential. The bad news for clients is that the primary mechanism firms employ to protect client data is a confidentiality statement.
“Please don’t steal our client’s intellectual property. K thanks!”
Relying on a mere statement of confidentiality when sharing privileged communications by email is a weak measure – and further it might protect the law firm but affords very little protection for the client.
That was attorney Christopher T. Anderson of LexisNexis with a masterful understatement. From the lawyers’ perspective, they’re still caught in the past where the most significant risk to the client was the other side seeing privileged communications, not competitors or foreign powers stealing intellectual property. And even though I’m the first to remind everyone that the hacking threat is not as extreme as the government or the media would have you believe, it is still out there and this is the world we live in. Lawyers need to learn to practice in it.
Only 22 percent of respondents encrypt their emails. Placing password protection on attachments or storing attachments solely on a secure site have some popularity — around 13 percent of respondents for each — but by and large, client data is just left out there. And right about now you have to wonder exactly how secure are secure sites?
So take a look in the mirror, lawyers. If you think your client’s data is important, ask yourself what you’re prepared to do about it. Or at least beef up your confidentiality statement to cover you asses better.
Be sure to check out all the inside angles of the study here.
Study tells a Story about Law Firm File Sharing [Lexis Nexis]
Problematic Portrait of File Sharing In Law Firms [Pinterest]
Your Legal Documents Are Exposed To Heartbleed Too [ATL Redline]