Computer technology has been a boon to the practice of law. From the advent of word-processing (sorry, typewriters) to sophisticated eDiscovery software, we now have the capability to process expansive amounts of information faster, more efficiently, and with greater accuracy. As an intellectual property lawyer who handles a great deal of technology matters for my clients, I can tell you from first-hand experience that such technological innovation has been exciting to witness and even more exciting to implement in my practice. That said, it is not without its unique challenges. The advent of software-as-a-service (SaaS) models represent one of these challenges, and if you are not careful, such “cloud” services may end up raining on your practice and your client’s valuable information (and not in a good way).
Schenck Price Works Smarter with Lexis+ AI and Protégé
LexisNexis sat down with John Ursin, Managing Partner at Schenck Price, to learn how the firm is using legal AI to strengthen client service and daily legal work.
AI Built for Litigation. Verified by Design.
Grounded in authoritative content and verified at every step, Protégé is the only legal AI tool that delivers work you can trust—without exception.
- Beware of Free SaaS Services. It is easy to fall victim to the lure of “free” services that provide valuable time-saving features for your practice — these services do not guarantee that the content you upload will be safe. Worse, these services have almost all been hacked to some degree. As result, I would argue that any practitioner that uses such services to store and access client confidential information may be in breach of their ethical duty to maintain the confidentiality of client information and communications. Why? Because they either know or should know that such cloud services have been breached. If you like the cloud service, then look to pay for the premium versions that provide heightened authentication and protections.
- Encrypt, Encrypt, Encrypt. For the record, I remain uncomfortable with placing client confidential information that represents valuable client IP within any cloud service. The terms of use for such services do not (and cannot) guarantee against breach, do not provide mechanisms to indemnify you (or your client) from any claims resulting from the breach, and almost always limit the liability of the provider in the process. That said, if you seek to do so, look for platforms that will encrypt the data — encryption will render the data useless without the appropriate access key. This provides not only a “safe harbor” from data breach notifications should an incident occur, but also helps ensure that client confidential information doesn’t fall into the wrong hands.
- Be Aware of How You Use Cloud Services. This may surprise you, but a vast majority of the time the risk to client confidential information in the cloud is not from hackers, but you. That’s right — you. I cannot stress this enough — strictly guard passwords to access such services. To the extent assistants are provided access, they must adhere to strict policies and procedures governing access and use. Use dual-factor authentication where available. This is especially important where information may be accessed from devices that are not under the control of the firm. Again, I would argue that a failure to do so does not adhere to a reasonable standard of care for the handling of such client confidential information, thereby running afoul of your professional obligations.
Tom Kulik is an Intellectual Property & Information Technology Partner at the Dallas-based law firm of Scheef & Stone, LLP. In private practice for over 20 years, Tom is a sought-after technology lawyer who uses his industry experience as a former computer systems engineer to creatively counsel and help his clients navigate the complexities of law and technology in their business. News outlets reach out to Tom for his insight, and he has been quoted by national media organizations. Get in touch with Tom on Twitter (@LegalIntangibls) or Facebook (www.facebook.com/technologylawyer), or contact him directly at [email protected].