In case you haven’t heard, over the weekend a whole bunch of celebrities got hacked and nude photos of them leaked onto the internet. Let me just start out by saying that hacking into a celebrity’s phone and stealing her nude photos is just a horrible thing. It’s not a funny joke. It’s not something hackers should be high fiving over. Celebrities have the right to live private lives like everyone else and they have the right to take and keep private photos. On top of the embarrassment of having their private photos available to their parents and all of their fans and every pervert with an internet connection, it could seriously damage their careers. This should be another big warning slap in the face to everyone who stores private or confidential things on the internet, especially lawyers.
What lessons can lawyers learn from this unfortunate episode?
Over the course of the past few years, law school personnel have found it especially difficult to keep their students’ personal information private. In April 2012, someone at Baylor Law School sent out an email containing a trove of admissions data — from names, to grades, to LSAT scores — to every student admitted to the Class of 2015. In March 2014, Loyola Law School in Los Angeles sent out an email with a heap of financial information for the entire graduating class — up to and including Social Security numbers and loan amounts — to some members of the Class of 2014.
Today, we’ve got another email screw-up for you, and this is one of the juiciest and most prestigious accidental data dumps we’ve seen yet. Someone at a T14 law school “inadvertently” sent out every piece of vital information possible about its clerkship applicants — from GPA, to class rank, to work experience, to recommenders, right down to where their girlfriends live — to everyone on its clerkship listserv.
If you’d like to see how you stack up against elite law students, now you can. We’ve got all the data…
A few months ago, I went to an MCLE seminar on cybersecurity. The 90-minute presentation hit topics such as public wifi, cloud computing, thumb drives, and password strength. The goal of the presentation was of course to scare everyone into being more vigilant in their firm policies regarding cybersecurity. The recommendations included:
Never use cloud computing. Always store your data on onsite servers.
Don’t use thumb drives on company computers.
Never use any mobile devices to store firm information (including emails).
After the presentation, we ate dinner, and everyone and my table came to the same conclusion: “Screw that. We are going to use thumb drives while checking our business email on our phones while client files upload to Dropbox.” That’s because some things are just too convenient to give up. As a solo, I might not want a server that I have to maintain. And I like getting my emails on my phone and on my watch because it makes my life easier.
Now, I don’t want to make light of cybersecurity because it is a very serious issue. But, the fact remains that if your data exists in a tangible form, people can steal it and it is vulnerable….
There is a popular conception, within and without the legal industry, of lawyers as Luddites. If this is true, there is a massive disconnect between the burgeoning legal technology industry — on abundant display at the recent LegalTech New York Conference — and its would-be clientele, lawyers themselves. Can it be that while legal tech entrepreneurs and innovators are racing to create a more efficient and productive future, there is widespread indifference on the part of the attorneys toward these emerging technologies? Considering that these technologies are promising (threatening?) to transform the profession and practice of law, this would be a curious attitude.
On attending this year’s LegalTech panel on the findings of the ILTA Tech Survey, Joe Patrice could not help but conclude that there is a “profound lack of technological savvy among law firms.” To cite but a few examples: 80% of lawyers do not record time on a mobile device. Nearly 90% of firms do not maximize their cybersecurity capabilities. Nearly one-third of firms are using a version of Word that’s seven or more years old. And so on. The survey’s findings do little to contradict the idea that “technology leaps, the law creeps.”
Further reinforcing this “Luddite” notion is the Flaherty/Suffolk University Law School tech audit. This tool tests a range of fundamental technical competencies of law firm associates and the results can be construed as evidence of a lack thereof common to law firms. According to Casey Flaherty, an in-house counsel at Kia Motors and the creator of the audit, the failure rate of associates attempting the test is, thus far, one hundred percent.
A couple weeks back, we conducted a little survey of the ATL audience concerning your familiarity with some legal tech concepts. These ranged from the most “basic” (from the perspective of the tech world) to the somewhat more obscure (e.g., “dark data”). Besides your familiarity (or not) with these concepts, how relevant are they to your current or future practice? How successfully is your employer addressing these issues?
Ed. note: This post appears courtesy of our friends at Techdirt. We’ll be sharing law-related posts from Techdirt from time to time in these pages.
The US government is already fighting wars on several fronts, including the perpetual War on Terror. “War is the health of the state,” as Randolph Bourne stated, and the state has never been healthier, using this variety of opponents as excuses to increase surveillance, curtail rights and expand power.
On Monday, my roommate came home griping that his Zappos.com account, which he had not used in a year, had been hacked. Instead of feeling sympathetic, I started wondering how I might write about it. Data breaches are a dime a dozen these days.
It seems almost every company loses control of their customers’ sensitive data at some point. Someone almost always sues after the news breaks. But the lawsuits are rarely successful, unless customers can show real harm caused by the breach.
Most often, companies do not give up full credit card or Social Security numbers. This week, Zappos said it only suffered unauthorized access to somewhat less sensitive information. It’s a bit unnerving, but not the end of the world.
Did that stop some opportunistic consumer from taking action against the online shoe retailer?
Of course not. And we didn’t have to wait very long. A Texas woman filed a class-action lawsuit against Amazon, which owns Zappos, the same day the breach was announced. Is her lawsuit premature, vague, and a bit silly? Probably. Will it go anywhere? Probably not. But c’mon, you gotta love melodramatic, eager-beaver, consumer litigation.
So what, exactly, did Zappos lose? And how many people’s data was compromised? (Hint: it’s a lot.) Let’s mosey on past the jump and find out….
I write about hacking and data security periodically, even though sometimes I get the feeling legal professionals try hard not to think about the subjects. But the stories in this realm bear repeating. Corporate data security is a real concern for many, many corporate attorneys, and especially in-house counsel.
Data security problems used to stem most frequently from weak firewalls or unencrypted equipment. But more and more, the biggest sources of risk and liability are just dumb or technologically overeager employees.
What kind of computer trouble are you and everyone you know getting your company or firm into? Let’s see….
Average law school debt for graduates of private universities hovered around $122,000 last year. With only 57% of new attorneys actually obtaining real lawyer jobs, recent graduates have a lot to consider when it comes to managing their student loan payments. Thanks to our friends at SoFi, today’s infographic takes a look at student loan debt, including the possible benefits of refinancing for JDs…
Kinney Recruiting’sEvan Jowers is currently in Hong Kong for client meetings and still has a few slots available through October 22. Evan will also be in Hong Kong November 14 to December 15. Further, Robert Kinney has been in Frankfurt and Munich this week and is available for meetings with our Germany based readers.
One of our key law firm clients has referred us to one of their important clients in the US, Europe and China – a leading global technology supplier for the auto industry – in order to handle their search for a new Asia General Counsel and Asia Chief Compliance Officer.
Kinney is exclusively handling this in-house search.
This position will have a lot of responsibility and include supervision of eight attorneys underneath them in the Asia in-house team. The new hire will report directly to the global general counsel and global chief compliance officer, who is based in the US. The new hire’s ability to make judgement calls is going to be as important as their technical skill set background.
The position is based in Shanghai and will deal with the company’s operations all over Asia and also in India, including frequent acquisitions in the region.
It is expected that the new hire will come from a top US firm’s Shanghai, Beijing or Hong Kong offices, currently in a top flight corporate practice at the senior associate, counsel or partner level. Of course, the candidate can be currently in a relevant in-house role.
The JOBS Act created new tools for companies to publicly advertise securities deals online. As a result, thousands of new deals have hit the market and hundreds of millions in capital has been raised, spurring a wealth of new business development opportunities for attorneys.
Fund deals, startup capital raises, PIPE deals and loan syndicates are just a handful of the transactions benefiting from the JOBS Act. InvestorID FirmTM is a platform designed to help attorneys equip their clients with the workflow, marketing and compliance tools to publicly solicit a securities offering online. By providing clients with the tools to painlessly navigate the regulatory landscape of general solicitation, InvestorID FirmTM helps attorneys add value above just legal services.
The Jumpstart Our Business Startups Act (JOBS Act) went into effect in 2013 and permits Regulation D offerings of securities to be advertised publicly. This means that funds and companies can now use social media, emails and web sites to market transactions to new “accredited” investors.
However, with these new powers come new pain points. InvestorID FirmTM provides a secure, fully hosted, cloud-based platform with a breadth of tools for your clients, including: