In a recent blog post, Canadian lawyer and legal technology blogger Nathaniel Russell defined Lawmageddon as “the imminent confluence of events that will change lawyers’ lives forever.” This most likely includes technologies such as cybersecurity, cloud-based systems, encryption, and social media, which influence the legal sphere in a way that lawyers cannot opt out of....
Nate Russell is a Canadian lawyer and blogger with a passion for technology, law, access to justice and civil...
Sharon D. Nelson is president of the digital forensics, information technology, and information security firm Sensei Enterprises. In addition...
John W. Simek is vice president of the digital forensics and security firm Sensei Enterprises. He is a nationally...
In a recent blog post, Canadian lawyer and legal technology blogger Nathaniel Russell defined Lawmageddon as “the imminent confluence of events that will change lawyers’ lives forever.” This most likely includes technologies such as cybersecurity, cloud-based systems, encryption, and social media, which influence the legal sphere in a way that lawyers cannot opt out of. Why are lawyers as a profession so hesitant to adapt to these changes in technology, what will it take for the legal profession to eventually come around, and how are different jurisdictions effecting the necessary changes? It is important to discuss these questions, even if we can only hypothesize answers.
In this episode of Digital Detectives, Sharon Nelson and John Simek interview Nathaniel Russell about his definition of Lawmageddon, what the legal profession needs to embrace these changes, and the consequences lawyers face if they fail the tests of Lawmageddon. In the second half of the podcast, Russell discusses what can happen if lawyers ignore the presence of social media as evidence and the ethical responsibility all lawyers have to their clients with regard to social media and due diligence.
Nate Russell is a Canadian lawyer and blogger with a passion for technology, law, access to justice and civil liberties, especially where they intersect. He works with Courthouse Libraries BC, a non-profit serving legal information and training to lawyers and the public, and is a recovered family lawyer and civil litigator. Additionally Russell consults and does legal research on the side.
Digital Detectives: Lawmageddon and How to Prepare for Social Media in the Courtroom – 6/15/2015
Advertiser: Welcome to Digital Detectives, reports from the battlefront. We’ll discuss computer forensics, electronic discovery and information security issues and what’s really happening in the trenches. Not theory, but practical information that you could use in your law practice. Right here on the Legal Talk Network.
Sharon D. Nelson: Welcome to the 57th edition of Digital Detectives, we’re glad to have you with us. I’m Sharon Nelson, president of Sensei Enterprises.
John W. Simek: And I’m John Simek, vice president of Sensei Enterprises. Today on Digital Detectives, our topic is, is lawmageddon coming, plus social media reflections. We’re delighted to welcome Nathan Russell as our guest today. Nathan is a Canadian lawyer and blogger with a passion for technology, law, access to justice and civil liberties, especially where they intersect. He works with Courthouse Libraries BC, a non-profit serving legal information and training to lawyers and the public, and is a recovered family lawyer and civil litigator. He consults and does legal research on the side.Thanks for joining us today, Nate.
Nathan Russell: Thanks to both of you for having me today.
Sharon D. Nelson: Well Nate, I know what armageddon is because since I’m married to John, I have watched it at least 150 times. But I don’t know what lawmageddon is, so tell me what that means.
Nathan Russell: I suppose what it brings to mind for me is any change marked by fear in the legal sphere; so fear being that key ingredient. Probably, mostly for attorneys and not necessarily anyone else, it has to be something more than anxiety and different than outright panic because we’re not talking about changes that came out of nowhere, they’re not ambush changes. I see this lawmageddon concept as a thing that has been growing slowly. Something that’s happened or is happening that is disruptive, it’s a disruption, it’s powerful, and lawyers don’t understand it. But they feel that there are challenges in their step against the profession. And probably worse, it might be changes, it probably is, things that we have overlooked, maybe for a long time dismissed. So the event of lawmageddon would be consequences that we put our head in the sand for. So change is mostly technology-driven. We fear that they impact the business of law, and maybe even worse that they demean us and embarrass us as a profession because these are changes that may in the end make us look like we’ve missed something. We become foolish, we become chumps. And at the end from a professional’s point of view and lawyers being in some concept anyway the quintessential professional, the professional’s professional, there’s lots of credibility to be apocalyptic. So is it a helpful term? It’s definitely somewhat mocking, maybe it’s a bit catchy, it’s sort of a cute portmanteau; but I think it offers one term at least in contradistinction to the term like the evolution of law practice. Because evolution feels, to me anyway, like more positive and manageable change. Stuff that lawyers welcome or feel safe around. Chats about gadgetry and trial support tools for iPads, better speech recognition, et cetera; these are cool things to talk about. But they don’t produce so much anxiety as the more dangerous changes that we can’t opt out of. Things that lawyers really can’t safely ignore.
Sharon D. Nelson: They do seem to think that lawmageddon gives them a sense of doom, and we’ve seen a lot of lawyers who have that doom-like sense.
Nathan Russell: Yeah, that’s what I get too. I think you see the panicky tone in some of the commentary around certain topics and you realize there’s something more disturbing and something that makes lawyers more restless in their core than just discussions about how do you improve practice management.
John W. Simek: Well Nate, can you give us some specific examples of lawmageddon and I know you wanted me to ask you about who the writers of the lawpocalypse specifically are.
Nathan Russell: These just keep showing up, these very armageddon law combinations.
John W. Simek: It’s not easy to pronounce that, I’ll have you know.
Sharon D. Nelson: They don’t exactly roll trippingly off the tongue, I must say.
Nathan Russell: It may be the only time we hear them, on this podcast, but that’s fine. I think that’s another good word, but actually, apocalypse in Greek means to uncover, unlist a veil for discovery, really, that’s the literal translation. So maybe that’s even a better one because what most of the profession is worried about are things that exist that are sort of innovative and cool disruptions for discoveries, at least at the tech level. So let’s get into what some of those agents would be. I think topics, definitely cyber security, Cloud computing, encryption, and all the ways that you can mess that up in a globally-connected digital world. I think the alternative business structures and DIY legal services market, things that are enabled by lean technologies that represent the demonopolization of legal services and drive away from the regular perceptions monopoly. This is what you would see with what ecommerce did to retail or more specifically how you can buy your contact lenses online or your eye products. What has that done to the storefront optometrist? It’s put a certain type of provider into survival mode there. Another type of rider at the lawpocalypse would be artificial intelligence, which I guess some recent commentary suggests is part of the greater apocalypse so we’re in good company with that and cognitive computing. So we have IBM’s Watson, which seems to be making some people nervous. One of the biggest limits it seems so far is that the CSET for data, when Watson’s been applied to the legal context, that CSET has been somewhat limited and Ross is a program up here – further to the East – in Toronto. It’s a University of Toronto project that Ross is a finalist in in IBM’s contest to see who could make the coolest application of Watson. And we saw they didn’t quite have the CSET of intellectual capital that publishers would hold more tightly. But we can expect a tipping point might happen when investors to this innovative and disruptive AI tool could out-muscle the self-protecting owners of this intellectual capital. And maybe a last one I’d throw in there is social networking generally or transactions of information and now even money happening all over the internet. And this year, what I would call non-optional ubiquity of this network data, all that. On the first one, the cyber security and Cloud computing encryption side of things, I’m thinking of systems like how lawyers store their files and how they communicate and how their networks are secured. And this idea of privacy and security is scary because I think it’s fair to see we conceive those, innately, at a very primal level. So when we have physical things, we trust our feelings around privacy and security like a caveman would. Know that the rock that’s covered his dwelling is heavy enough not to be moved aside by a prowling saber tooth or have you. Or more concretely, this lock; it feels tough, this chain feels strong, I feel safe. But when it’s information or when it’s information that’s not locked into physical paper, we don’t really understand how it can be fixed and guarded. And when it can be sucked out of your laptop by invisible signals in the air, that’s a level of abstraction that accentuates a fear. I used to work for a couple of law firms before and I remember we were located in two different ones, located in an old bank. And we used the physical vaults to store files and there were alarms on the entry points and the original tumblers were disabled so that we didn’t have bank-grade physical security. But we you had fireproofing and you had a sense of security with those files with the doors shut and the alarms on. It was pretty easy to conclude that this might be a reasonable measure to protect client information. And if files ever left the office, they did so in a briefcase, and we weren’t storing things on USBs so much. I might be anachronistic even for when I was coming up in the 2000s, but that was still the case. I would also say as far as analogies go, we have more fears around the recent anecdote of that Arkansas lawyer. I don’t know if you caught onto that where there was some police department whistleblowers he was representing and he received a computer hard drive on discovery from the other side that he caught because he used a computer security expert that audited it. And he found malicious trojans on there designed to steal passwords and get control of his computer over to an external entity. And these are anecdotes that are really new to a lawyer’s psyche. I don’t think we can conceive of this sort of as having an analogy in the analog realm.
John W. Simek: Yeah, I did remember that, Nate, as well. And I think what the red flag that went up for the attorney went up was that he never received discovery data before on a hard drive from the police or the law enforcement or whatever previously. So that’s kind of why he had his security guy come and check it out.
Sharon D. Nelson: What stops more lawyers from taking these issues seriously? These are very big changes, they’re very real, we all know they’re happening, we hear about them on the news and in our CLEs. They require, I think, a conservative response, so why is the profession so darn plodding and slow to adapt?
Nathan Russell: Well this is a psychology question, I think, as much as any, and someone once did a study on the personality traits of lawyers. I remember the results being produced in a paper or a report that had the term “HURT,” in caps in there. And it was a fellow named Dr. Larry Richards who did this, who at least presented this data. And the data might be about 15 years old or so, but it pointed to the conclusion that lawyers had traits that you would expect and maybe some others that you wouldn’t. And ones you would expect to be are high degree of skepticism over the norm, more than average empathy, highly autonomous and independent thinking qualities. But oddly enough, attorneys average fairly low on ego resilience. Meaning that as a group, we’re outwardly confident, but inwardly maybe more defensive and self-protective. I think we all know lawyers who have dismissed technological literacy as being something for the backoff as other people to deal with and a mere detail. Maybe the stereotype doesn’t understand or doesn’t want to understand how something like social media might work or why people even bother to share their information or digital footprints all over the place. And this stereotype has adapted to computers and word processing over the last 25 years for business reasons only and is fairly comfortable believe that, for example, a folder desktop document analogy is perfectly suitable between computer and the offline world. But in truth, the old paper world and the new digital world are not as analogous as all that, not at the bits and bites level. Data can be stolen, as I mentioned, in much more troubling ways through computer networks versus physical breaches. And to this mindset I think the realization that technology was more than it seemed and the risks were more than they seemed triggered a not so productive cultural reaction; like a head in the sand approach where you can grumble and stall from talking about it if it seems your peers are content to pretend some of these disruptions are not as imminent if they may be. So maybe it’s about insecurity, and maybe some cognitive dissonance riding underneath that layer of skepticism. Something in the minds of lawyers, maybe in the DNA of them.
John W. Simek: Well Nathan, what do you think has to happen before lawyers start addressing these types of changes?
Nathan Russell: Well I think like any apocalyptic metaphor requires a cataclysmic event. So I think a cataclysmic event of some kind that will require the law societies to shoulder more of the responsibility. I can imagine it might be a crime ring that exploits a vulnerable home network to some attorneys to snag emails in transit. This actually came to mind because yesterday I saw on someone’s LinkedIn update that a UK solicitor that was helping some clients sell property – and that was his business doing the conveyancing and distributing sale proceeds – had his email compromised ,the client’s email was compromised, and somewhere a crook inserted themselves into the communications chain and provided false banking information. So this was a very targeted attack because between lawyers and their clients, sometimes money flows and you can imagine it might be information stolen from a cyber criminal ring or it could be a foreign government and maybe something happens to a refugee claimant that would not have happened if the lawyer’s data had been better protected or encrypted. Maybe a hostile foreign government has intercepted something or hacked into a poorly secured store of client files and obtained information that resulted in someone maybe losing a life, even. So it would be something that puts the public’s trust for lawyers as an institution and as a profession into jeopardy in a real and immediate way. Something that most societies will have to stand up and address, I suspect.
Sharon D. Nelson: We all know that lawyers are kind of highbound by reputation. They do not have the reputation of jumping towards change and embracing it, certainly. So what kind of examples do we have, if any, of lawyers making fast changes to the legal profession?
Nathan Russell: Right, well I suppose it’s like a frog in the water when there’s a jump when it’s boiling. We have an example here in DC, this happened with trust accounts about 13 years ago. We had a fraudulent lawyer and a real estate developer, two people, manipulate a large fraud to the tune of $40 million back in 2002. So the $40 million loss shouldered by a profession of about ten thousand people. And we call that the Weirich claim, in honor of the fraudulent lawyer who perpetrated it or helped to. And the law society of DC back in that time circled the wagons as the carnage became known. And it instituted a payback plan that all ten thousand of us paid into for many years until really quite recently, we finally paid off that huge loss. But the law society also implemented strict protocols around trust accounting. Training at the very baby lawyer level, part of the Bar exam involved knowing trust accounting rules. And there’s penalties and reporting requirements that attach to all lawyers who deal with trust accounts. Those things are really beefed up, those protocols really beefed up after that, needless to say. That was a cataclysmic event that didn’t necessarily involve technology but trust reporting. And I think if we’re looking forward to what things we might look forward to things in change would be maybe proactive guidance for individual lawyers, even if that means more hand holding. And I think there’s a reluctance on the part of lawyers to accept hand holding as a gesture, as a form of support, although there’s precedence for it. Actually I was just thinking about this in a completely different context, there’s precedence for. We have a lawyers assistance program in this province which I think it costs us around $60 a year. Each one of us has a line item on our practice fee. And it goes to support a program for lawyers who are dealing with mental health or addiction issues. So for the law society’s point of view, that’s a great point to step in if there’s going to be harm befalling the public from a lawyer falling off the rail for one reason or another, and it’s a good measure to put in place. But it very much is a very nanny tactic, it’s a very hand holding one, and it accepts the risks that inherently people and maybe high stress professions will fall prey to those stresses and become dysfunctional. Well we have to look at technological competency as a similar form of a weakness or at least a risk that we need to help derisk. More proactive training, certification maybe, as specific tech solutions are Cloud services. Something I’ve spoken out a little bit about was I think that there’s a place for a regulator, even relating that activity to the public interest and protecting of the public interest to say provide more proactive of a device on Cloud services and maybe even approved configurations of equipment and encryption tools that lawyers could practically take off the shelf and use. Maybe arrange them so you’re not putting all your eggs in one basket as far as solution goes. It’s something that’s measured to the size of a practice and the type of firm. And this kind of proactive strategy would be great. Whether it becomes a reactive strategy, to me, that’s the doubt.
John W. Simek: Well, we know the different jurisdictions coming at the lawmageddon problem in kind of different ways. How is that helping or is it actually hindering?
Nathan Russell: It helps from the point of view that many people working on a problem in different ways might come up with a solution that works. So you have 70 different labs trying to come up with a cure versus one working very hard with all of the same resources. But in the interim, it creates a lot of fragmentation, so you have a lot of different protocols in respect to how do you justify searching disclosed information from metadata? You’ll have different protocols or different ethical guidelines and different jurisdictions in the US, I know. Whether or not you’re even allowed to mine for metadata or not. Other instances would be there’s a uniform legislation that isn’t uniform and maybe makes sense and should be. I think it creates a lot of dialogue and I just don’t know if as many lawyers are paying as much attention to the universe of results that are being produced that make all those experiments truly valuable. It would be great to see some more coordination for protocols including admission of electronic records. You all work heavily in that area.
John W. Simek: Yeah, we’d like to see that ourselves down here. Well, before we move onto the next segment, let’s take a quick commercial break.
John W. Simek: This is normally the spot in our show where we hear words from our sponsors. This potentially represents a unique opportunity for you. Digital Detectives is seeking sponsors. You can hear your advertisement right here. If you’re interested, contact the team at Legal Talk Network at [email protected].
Sharon D. Nelson: Welcome back to Digital Detectives on the Legal Talk Network. Today our topic is, is lawmageddon coming, plus social media reflections. Our guest is Nathan Russell, a Canadian lawyer and blogger with a passion for technology, law, access to justice and civil liberties, especially where they intersect. Nate, social media evidence lawyers of litigation, where is counsel in the judiciary in Canada with respect to social media evidence?
Nathan Russell: I think it’s fair to say that it’s all over the place and I was reading up on a good article by John Gregory, another Canadian and fellow blog contributor, who’s instrumental in coming up with or helping to come up with our uniform evidence. Which isn’t, as I mentioned in a previous answer, it’s a good example of something that isn’t in place uniformly. So there’s different rules of evidence when it comes to producing social media evidence in BC versus in say, Saskatchewan or Ontario or Quebec. And I think that criminal courts here have some of the jurisprudence I’ve seen demonstrates a stricter interest in the nuts and bolts of adducing social media evidence because of course there’s a liberty interest at stake and making sure the evidence fits I think is a higher bar to me. But in the civil context, you really see things all over the place. So it is still all over the place. We have a good starting point in uniform evidence, in fact, we have some pretty good principles coming out of it. But one of the problems is even if that uniform law was across the board, you would have differences in practice in practical problems, such as what is a good standard for the integrity of a record system. We have a Canadian standard that no one knows about, but it’s been in place for almost ten years. And apparently, most lawyers have never heard it and even IT people who support lawyers don’t know bout it. So there’s an education component, even if the protocols are there, we’re still disconnected.
John W. Simek: Well Nate, I understand that there’s a Canadian case, Beattie v. Beattie, which is a kind of a fun case to study. Can you tell our listeners what that’s about and what does that represent and teach us?
Nathan Russell: Yeah, so this Beattie v. Beattie case is a 2013 Saskatchewan case here in Canada, and it involves a woman, an ex-wife, who moved up to the West Coast. She moved to Victoria and she claimed to be on disability benefits and claimed to be in a bit more dire restraints and saw the continuation of spousal support payments from her ex who still lived back on the prairies. The children were grown so this was a case that was really just about spousal support. But it all fell apart for her when a barrage of tweets were uncovered, assumably by the ex husband’s counselor or someone of his interest there, bragging kind of obscenely about a jetset lifestyle. And Sharon, you’ve read the case. You’ll never really see the word Lexus used so many times in a family law case hobnobbing at swanky functions and humble bragging about philanthropy. I like the tweet, one of them in there was she’s saying, “I’m on the inner harbor killing pitchers of raspberry mojitos and people-watching.”
Sharon D. Nelson: She didn’t exactly sound like she was living the highlife that she was, she didn’t exactly sound like she was depriving herself of anything.
Nathan Russell: No, in fact it was multiple Lexuses involved – Lexii.
Sharon D. Nelson: Lexii, yes. We did decide the plural of Lexus is Lexii, I believe we had a conversation about that online.
Nathan Russell: I was such a case that seldom you would need to create a term that captures the aggregate for Lexus. But in this case, it required that. And the judge wrote a good decision dismissing her claims. And I think this is a good case, not because the facts are funny although it really helps to make this a learning point, but for one thing, it’s not really at all clear in that case how the tweets even came in as evidence, it wasn’t addressed in the judgement. Clearly, what she was saying in tweets or what someone was saying in tweets was admitted for the proof of its contents, because that’s the only way that that evidence would be material to the question of the ex wife’s need for support as whether or not she was in fact not in need. So the truth of the contents were really at the basis of that evidence and we did see an analysis near its turns as admission as exception to hearsay, maybe it was an admission counter to her own interests. There might be some rules that you sort of reverse engineer, but it wasn’t apparent why that wasn’t all in or why it wasn’t thought about. And it’s also an attribution problem because social media can arise out of an account that you may not know how many people have access to the account. And in this case, you did have the judge recognizing that it was an account controlled by the ex wife and her new partner, who was a business person. So there was no real testing of the attribution of those comments, there was no testing of the merits of that evidence from a hearsay perspective. And lastly, I think maybe is the most important comment, is that who didn’t catch this before it went to reasons? How could you have been blindsided by this? It’s completely the nail in the claims coffin. And to me that raises issues of technological competency and the fact that every counsel has to consider the existence of social media and social evidence.
Sharon D. Nelson: Yeah, that was an especially fun case, Nate, I enjoyed reading that a lot, so I commend it to the audience to looking that up. So Nate, what will a tool look like that helps lawyers capture and use social media evidence?
Nathan Russell: There are a couple of tools out there, there’s two that I personally tried. One is X1 Social, it’s a very deep and expensive tool. It’s used by law enforcement and bigger agencies to get a very deep texture of social media activity. But there’s also a more quick and easy tool that I’ve seen coming out of a startup here in Vancouver called WebPreserver and it’s a Google Chrome plugin right now. Now I think if they can get the costing right on that, what it does is you’re on a website could be looking at a tweet on Twitter and you can take a screengrab of that. Now obviously, screengrab would be basically free, but what this does is it hashes that information in timestamps and so there’s a record for that third party that this activity had happened and this file is generated and that provides a lot more reliability. If you got the price point right on a tool like that, it’s convenient as it would be to ride as an extension or a browser or some other app. I think you would want to have that encouraged and be adapted and then judges or masters of the courtroom would see this evidence come in with a much better degree of reliability because of this authenticity component. And I think it would drive the best practices and you could make this tool on sort of a premium model then I think that could be a successful product than if it became standard. It has to be lean and simple.
John W. Simek: Yeah, I agree with that. But we’ve got all these other apps that are part of social media; the yik yaks of the world, the Instagrams and all that stuff. How do we capture and use those, because those are real troublesome depending on what social media platform you’re going after.
Nathan Russell: Yeah, well obviously that comes to the best practices as the outset of opening a file you want to investigate and there’s a checklist that tells you this. Think about the type of issue you’re dealing with, who the other side is, and even what kind of culture or ethnicity they come from, a specific trade maybe. And see what’s likely to be there, the social media picture. And from that point, and there’s going to be the fringe cases like – maybe you can call yik yak a fringe case – the major instances we have are Facebook and Twitter, they’re kind of leaders. But there’s going to be these fringe cases and I think for anything – and of course moving forward there will be others that we don’t even know of yet. So I don’t think we can ever take humans out of the equation as far as treating social media evidence as any other kind of digital evidence. You might need forensic analysis of mobile devices too, which can usually yield metadata if you have some linked. You have to obviously know who you’re suing, so you’ll have some reason to suspect the individual, and from there you can use witnesses to establish the connection between that person, alleged activity in social media, draw comparisons between, say, slang they’ve used and Facebook posts or text messages here and there, and say this is of a style that relates to what’s happening here in this defamatory post on yik yik or what have you. But I wouldn’t rule out the human elements in this, it becomes part of the balance.
Sharon D. Nelson: Let’s go back just one last time to lawmageddon, because it’s such a fun word. So what are the consequences, Nate, when lawyers and regulators fail the tests of lawmageddon?
Nathan Russell: Well law society – I think this is a universal statement to say that they regulate the fashion on the behalf of the public. They regulate for the public interest. And the public has a very real – although not always appreciated – interest in the rule of law. And the best guardians we know of for the rule of law or an open court system and an independent judiciary and an independent Bar, I think that if lawmageddon happens, the risk is that lawyers lose relevance and credibility. If we let ego and tradition get in the way of being proactive about facing the challenges, even fearful change, then these changes will sweep over. I think definitely the consequence of failing the test of lawmageddon is an erosion of ultimately the rule of law, potentially, kind of the bigger consequence; certainly not trivial.
Sharon D. Nelson: Thank you very much for joining us today. You wrote a really nice blog post, I enjoyed reading it a lot and that’s what spurred inviting you to join us. So thank you for sharing your wit and wisdom with us today, we really enjoyed having you.
Nathan Russell: Well thanks for characterizing me as having either of those qualities, that’s an honor. And it’s been great chatting with you both.
John W. Simek: Well that does it for this edition of Digital Detectives; and remember, you can subscribe to all of the editions of this podcasts at LegalTalkNetwork.com, or in iTunes. if you enjoyed this podcast, please review us on iTunes.
Sharon D. Nelson: And you could find out more about Sensei’s digital forensics, technology and security services at www.senseient.com. We’ll see you next time on Digital Detectives.
Advertiser: Thanks for listening to Digital Detectives on the Legal Talk Network. Check out some of our other podcasts on LegalTalkNetwork.com and in iTunes.
[End of Transcript]
Sharon D. Nelson and John W. Simek invite experts to discuss computer forensics as well as information security issues.
Craig Ball shares what it’s like to have the lawyers of the President of the U.S. use your words in one of his preservation...
Sophia Cope talks about the EFF and ACLU challenge against the government’s warrantless searches of cell phones and other devices at the border.
David Ries talks about whether Kaspersky Lab is safe for lawyers to use, diving into where the controversy started and what the results have...
This legal technology podcast covers the Equifax breach including who was affected, the resulting lawsuits, and whether or not the hack was preventable.
Ben Kusmin talks about the proper handling and format of spreadsheets.
In this legal technology podcast, Brian Wommack talks about the correct way to handle a data breach.