← Horiz Logo

A Tech Adoption Guide for Lawyers

in partnership with Legal Tech Publishing

Technology

The Legal Tech-To-English Dictionary: Cybersecurity

Still don't know your PID from your WISP? It's your lucky day.

Ed. note: This is the latest installment of The Legal Tech-to-English Dictionary, part of our Non-Event for Tech-Perplexed Lawyers. Jared Correia is the host of the Non-Eventcast.

There’s a term for when attorneys use Latin and other arcane languages to describe legal processes to consumers: “legalese.”

But there’s no similar term for when vendors use technical and other arcane languages to describe their legal software operations to lawyers.

True, this dynamic may seem unfair. But now we have The Legal Tech-to-English Dictionary to help us cope.

Read on for the latest installment, where we translate data security-related topics to plain English.

And for more commentary on legal tech, check out the latest installment of the Non-Event for Tech Perplexed Lawyers.

PID

1. “Personal identifying data,” or confidential information and information sets that can identify an individual or business and sensitive data related to that individual or business.
2.
Statutorily protected data or data sets to which businesses must apply a heightened level of security.

Client: Great!  I’m looking forward to working with you.

Lawyer: Can you just email me your credit card information, so I can process your retainer?

Client: Um, I’ll get back to you …

Cf. American Bar Association Formal Ethics Opinion 477, which indicates that much of a lawyer’s responsibility surrounding data security relates back to state law rules.

WISP

1. “Written information security program,” that identifies sensitive data within a business, loopholes that could exist for unauthorized parties to access the sensitive data and how those loopholes are closed.
2.
A data security program.

Lawyer 1: Okay, I finished the WISP.

Lawyer 2: Great, bring it in, and I’ll take a look.

. . .

Lawyer 2: Um, what is this?

Lawyer 1: Waffles in strawberry puree (WISP).

Lawyer 2: Alex, did you even go to law school?

Cf. This guide from the Massachusetts government for creation of a data security program can be a useful starting point for law firms in drafting a WISP.

Cf. For many law firms, as mysterious as the “will-o’-the” version.

Malware

1. Software intentionally designed to cause damage to a computer system.
2.
A contraction of “malicious software.”

Lawyer 1: Malicious software? This is why I was against the internet to begin with, Sharon.

Lawyer 2: Um, there’s software that recognizes and prevents malware, and we can also implement training for employees to help them identify potential malware.

. . .

Lawyer 2: What are you doing, Lester? Are those pruning shears?

Lawyer 1: I’m cutting the internet cable in my office.

Lawyer 2: You’re connected by Wi-Fi.

Cf. Ransomware is a particularly obstinate form of malware, coupled with a ransom demand, as in the Colonial Pipeline hack.

Password Management

1. The process by which businesses and individuals create, store and input system passwords.
2.
A program for managing passwords in a business.

Lawyer 1: Hey, Alice . . . that bright red book on your desk that says ‘PASSWORDS’ in gold leaf . . . Does that actually contain your passwords?

Lawyer 2: No.

Lawyer 1: Oh, good.

Lawyer 2: I used to do that, because I had so many different passwords to try to remember. Now, I just use one password for everything. It’s my dog’s name, Cecilia.

Lawyer 2: Here’s a bunch of posts I made about her on social media.

Lawyer 1: Oh, lord.

Cf. Password management tools like LastPass make the creation and management of passwords for individuals and businesses much simpler.

Data Breach

1. Unauthorized access to confidential or private information.
2.
An incident in which confidential information is accessed or used without authorization.

Lawyer 1: There’s no easy way to say this, Jim, but, I think our systems have been breached.

Lawyer 2: Okay, okay. I’ve got this.

Lawyer 2: Nobody needs to find out about any of this. Burn all the desktops.

Lawyer 1: Most of our data is in the cloud.

Lawyer 2: Then, BURN THE CLOUD.

Lawyer 1: I’m not sure you understand how this works.

Cf. Almost every state in the U.S. has a notification law, that indicates which persons and entities a business must inform in the case of a data breach.  Then, burn the cloud.


Jared Correia, a consultant and legal technology expert, is the host of the Non-Eventcast, the featured podcast of the Above the Law Non-Event for Tech-Perplexed Lawyers.