Luddite: a person opposed to increased industrialization or new technology.
As we’ve heard time and time again, many lawyers are averse to becoming knowledgeable about modern technology. Older attorneys often do not want to learn a computer-based management tool and feel as though they can hire someone to manage the security and encryption of their sensitive information. Often, even having a young lawyer in the firm can seem like a solution since they will most likely have grown up with a certain level of technology knowledge. But none of these are valid excuses to a proper level of technological education. The luddite lawyers need to face the ethical implications of their ignorance.
In this episode of The Digital Edge, Sharon Nelson and Jim Calloway interview lawyer and legal technology blogger Sam Glover about when technology became an issue for attorneys, how they can get in trouble due to ignorance, and what all attorneys need to know about hackers, cloud services, and the resulting ethical duties. First, Glover explains that lawyers are getting into trouble in the courtroom by not knowing about how technologies like Twitter work, therefore losing cases that could be easily won. Concerning cyber security, Glover discusses the many reasons lawyers cannot simply outsource technology knowledge:
- Without a certain amount of tech knowledge, you cannot adequately hire a security consultant.
- Basic technology competency is not taught in law school or college, and is not self-explanatory.
- Amateur hackers can easily access your client data in in public places like coffee shops through open, unsecure networks.
- Whether they like it or not, all lawyers are in the cloud, so they need to learn about encryption and secure servers.
Simply put, you cannot avoid technology as a lawyer anymore. There are courses, blogs, webinars, books, and many other ways to become educated about legal technology.
Sam Glover is a lawyer and the CEO and Editor-in-Chief of Lawyerist.com, an online magazine and reference manual for solo and small firm lawyers. He has been writing about technology, law practice management, marketing, and other legal information on Lawyerist since he started it in 2007.
The Digital Edge: The Ethical Misadventures of Luddite Lawyers – 2/22/2015
Advertiser: Welcome to The Digital Edge with Sharon Nelson and Jim Calloway. Your hosts, both legal technologists, authors and lecturers, invite industry professionals to discuss a new topic related to lawyers and technology. You’re listening to Legal Talk Network.
Sharon D. Nelson: Welcome to the 85th edition of The Digital Edge, lawyers and technology. We’re glad to have you with us. I’m Sharon Nelson, president of Sensei Enterprises.
Jim Calloway: And I’m Jim Calloway, director of the Oklahoma Bar Association management assistance program. Today our topic is the ethical misadventures of luddite lawyers. We are happy to welcome Sam Glover today. Sam has been writing about technology, law practice management, marketing, and much other stuff on Lawyerist since he started the site in 2007. He also writes about productivity hacks, utmost important tasks, and occasionally updates his personal blog. You can follow him on Twitter, @SamGlover, or email him at [email protected]. Thanks for joining us today, Sam.
Sam Glover: Thanks so much for having me.
Sharon D. Nelson: Well, to get into our subject, Sam, I have had many a lawyer ask me, “When did technology become an ethics issue?” With despair in their eyes, they say, “When did it become not okay to be a luddite?”
Sam Glover: Well I think it’s always been an ethics issue and it’s never been okay to be a luddite, it’s just that technology hasn’t played such an essential role before. When technology was a typewriter and the mail, it was a very different situation than when technology is dabbled into smartphones and servers and things. And lawyers were just starting to get to the point where all of those things have reverberations in the actual practice of law, it’s not just a peripheral thing anymore.
Sharon D. Nelson: Well that’s really true, I started out as a 16 year old legal secretary and I know that my boss didn’t use any technology except for have some kind of dictation device, and that was it. That was all the technology he used. He didn’t even run the typewriter, so.
Sam Glover: Right. There’s still stories, everybody’s got a story about a lawyer whose secretary prints out the emails and the lawyer uses a pencil to draft the response or something along those lines. And those lawyers are certainly out of here, but it’s not okay anymore. You can’t do it that way.
Jim Calloway: Well Sam, I think that’s a perfect lead in. Why don’t you give us some of your more interested examples you’ve heard of of lawyers getting into trouble with their technology.
Sam Glover: There are plenty but one of the ones that comes immediately to mind is not so much lawyers getting into trouble, but lawyers who are getting into trouble with the clients is when you’re not up on technology, it takes you longer to do things and your work product is not as good. And I don’t mean not as good in the sense of your arguments are less effective, but let’s say you’re trying to build a big contract for a company and maybe it’s one for just this one deal and lots of people have to have their hands in it, or maybe it’s a contract that this company’s going to reuse again and again and again. Well, if you don’t know how to construct a Word document properly, it’s going to take a lot longer for that contract to get finished. For example, if you’re manually doing all of the numbering instead of making it automatic as the contract gets updated, it’s going to be a lot harder for your client to use that document, which makes it an objectively poor legal document. This is why Casey Flaherty, who the former corporate counsel at Kia Motors, administered an audit to all of his outside counsel and docked their rates if they didn’t pass. And of course, they all failed; some more spectacularly than others. So that’s just an example of where competence runs into the client relationship, but there are plenty of examples of lawyers who are actually getting into trouble because of technology. And getting into trouble, just meaning in some cases, just not doing a very good job. I don’t know if you recall that George Zimmerman trial, the guy who shot Trayvon Martin and then went to trial. And one of the issues was the star witness – one of the main witnesses – was Jenna Lauer, and the prosecutor accused her of following Zimmerman’s brother on the stand. He was trying to show that she had a conflict or that she was somehow interested in Zimmerman’s family, I guess. And the problem was that he was right. She actually was following him on Twitter. She didn’t know it, and he didn’t understand the platform well enough to challenge her on that. So she actually got out of that cross examination with the conclusion that she was not following him on Twitter and there was no conflict and the prosecutor was an idiot. Which it turned out, the prosecutor was an idiot when it came to Twitter because he didn’t even understand the platform well enough to come into trial and make his case. Which is somewhat like not understanding the mailbox rule in this day and age. Your client,s your witnesses, everybody uses these tools, and if you’re going to be competent in court, you need to use them too.
Sharon D. Nelson: Well, I certainly agree with you, but I hear all the time lawyers whining, “Can’t I just hire somebody to do this technology stuff for me?” How would you answer that question, Sam?
Sam Glover: First of all, most lawyers who hire people think that they already have. Most lawyers seem to think that young lawyers, just because they grew up with Facebook and Twitter and Instagram, are somehow competent when it comes to business technology. Which is just, on its face, silly when you think about it. But you can’t hire it out and the main reason you can’t hire it out is because let’s say you hire a consultant to secure your systems. And there’s all kinds of ethical implications tied up in how secure you’re making your client’s information, which is almost always stored on a server or in the Cloud or something in that plane. And so your consultant comes back and makes a recommendation for you. But if you don’t even understand the basics of the technology you’re discussing, you cannot make an intelligent decision whether or not to accept your consultant’s proposal. And I think sooner rather than later, ethics boards are going to say it’s not okay to just say well, she told me that this was going to be alright. I think that if you don’t have a basic understanding of, for example, how and when your data is encrypted. When it’s stored, is it encrypted at rest, is it transferred to the servers, encrypted, do you have protections on your employee’s computer so that everything requires a password to access; do you get what you’re doing. If you don’t have that basic fundamental understanding, you can’t even have a conversation with a consultant. So I’m not saying you can’t hire out, you certainly can work with consultants. The problem is, if you don’t have the basic understanding of the technology that you’re talking about with that consultant, then I don’t think you can make a competent hiring decision or a competent decision to accept the advice of that consultant.
Sharon D. Nelson: You’re reminding me, Sam, that I recently saw a post on Tumblr by a student – maybe a college student – who said, “If Tumblr, Facebook and Twitter were school subjects, my parents would have been so proud of me.”
Sam Glover: That sounds about right.
Sharon D. Nelson: And it’s true because they don’t necessarily come into the legal profession with knowledge outside of what they do socially.
Sam Glover: Well, at least they have a working knowledge of those things. Most lawyers don’t have any idea how to use Tumblr or even what it is. And so they would look just as silly as the prosecutor in the Zimmerman case, if and when they get somebody on the stand and those things come up. And this isn’t a marketing thing. Social media is almost always brought up in the marketing context. Sharon, it may have even been with you. At a conference I was listening to a presentation about preserving a tweet for discovery purposes. And it’s obviously so much more than the sentence, the 140 characters of the tweets. It’s the time, it’s what websites may have looked like at the date and time that the tweet was made so that you know what the person was talking about with some precision. It’s where the tweet was made from, what kind of a Twitter client was used to make a tweet. And so if you don’t even have a basic understanding of how messages work online and how tweets work online, you might just grab a screenshot and think that’s good enough, and that might not be enough in your case and by the time you need to use it, the information may be gone. It’s just so crucial to have that fundamental understanding. But hey, at least the kids might have that understanding, or at least have a closer appreciation of it in the same way the fogies know how to use the U.S. mail. I don’t think I’m making a stretch to say that Twitter and Tumblr and Facebook, for many people, are the modern equivalent of the U.S. mail.
Jim Calloway: One of the things that I see lawyers get nervous about is this phrase about having a duty to Google. Do lawyers have a duty to Google sometimes, Sam?
Sam Glover: That comes from a case where a plaintiff tried to serve the defendant by publication, I believe. They came in the court and asked for their judgement when there wasn’t a response, and the judge said, “You’ve got to be kidding me. You put this notice in a dead tree publication and waited your requisite two or three or four weeks or whatever and came in here for a default judgement. But I spent 2 seconds Googling the name and found a bunch of family members that you could have contacted to try to get this thing served personally.” And the judge said, “No way, I’m throwing it out, that’s ridiculous.” So there are some suggestions that you may have like that, that you may have a duty to Google; which, to me, just makes sense. It’s this ubiquitous tool that we all have access to. And I don’t think you get to fall back on technicalities like,
Well, I complied with the publication rules, which means I published the notice in a newspaper that nobody reads for 3 weeks, so let me have my default judgement.” That’s ridiculous, especially if you can find the person easily on Google. It comes up in other contexts, too. I think what it basically means is, judges are recognizing that, hey, here are tools that everybody uses, and you don’t not get to use them and then get away with it. We’re going to hold you to the same basic level of competency that we would hold just about any other human being.
Sharon D. Nelson: That actually is the way things are moving in the Cloud computing world. I just ended a lecture webinar earlier on that today. So, tell us what you think that lawyers need to know about the Cloud and Cloud services that they’re using. Or, if you think they even need to use the Cloud and I’ll preface by using whatever you have to say by saying I think half of them use the Cloud and don’t know they’re using the Cloud.
Sam Glover: Absolutely. Everybody uses the Cloud. Lawyers who think they’re not using the Cloud are only displaying their incompetence. Because, if you use email, you’re using the Cloud. If you have a website, if you have a blog, you’re using the Cloud. The Cloud is just a name that we’ve adapted for the collection of servers across the planet, really. You can split hairs about what the Cloud is and what that word means, but basically it means the internet. For most intents and purposes, you can make those interchangeable terms. But there are a couple of things that I think are the most important things to know about the Cloud, and those are what I alluded to earlier, which is how is your data encrypted, how strongly, and when. And those are, is your data encrypted; let’s say you’re storing client files, that’s the easiest example. Whether it’s Dropbox or Clio or whatever, let’s say you’re storing client files. Are your client files encrypted before they leave your computer? Are they transmitted over an encrypted connection? Are they decrypted when they reach the server? Are they left encrypted, or are they encrypted once they get there and how are they stored? I also think that you should take the extra step to find out what sort of a server – well, warehouse, usually – what kind of a server are they stored on and how is that server protected. There is physical security at a lot of server houses, and so you should probably have an idea. Is there a lock around the server? It’s an actual cage, is what you’ll often see. Is there a cage around your server to prevent the employees of the server warehouse who probably have no affiliation with the company that you’re storing your data with. Is there some protocol to keep them from getting into the cage and getting at your data, especially if it’s not stored encrypted. So those are some of the things that I think everybody should know about the Cloud is what state is your data in at all points and how strong is that encryption. And if the answer is that it’s not encrypted at all then I don’t think you should be storing your client data there. But there are different levels of encryption that you should be thinking about and then you need to decide where your comfort level is with those things.
Jim Calloway: I think one of my most entertaining emails is when I get a request from a lawyer and they say, “I don’t want to use any of those Cloud tools, so please don’t talk to me about them – from [email protected]”
Sharon D. Nelson: That’s my favorite one too, Jim.
Sam Glover: Or, the same lawyer has a file server sitting in their office. You’ll never convince me that maintaining a file server in your office is going to be more secure than hosting it with an experienced company in the Cloud that has dealt with hacking and intrusion and has figured out how to secure their systems. unless you have a full time security person on staff. There’s no way that your typical law office is going to be able to beat Google or Dropbox on security.
Sharon D. Nelson: Well, Jim beat me over the head with that argument years ago to some good effect, Jim.
Jim Calloway: And, of course, I think we all have to recognize where we have expertise and where we don’t. But another thing, Sam, is it an urban legend or are there really hackers hanging out at coffee shops?
Sam Glover: There really are. I used to really poopoo this idea. I use Mac now, but I used to use Windows for years and I used to really scoff at people who talked about how you needed anti-virus software and it would slow you down. And for about 5 years, I didn’t even use antivirus software. I would just check my computer about twice a year; never found viruses. Because of that time, that was when the fear of hackers was at its height, but it was almost entirely false; it was almost entirely overblown. Now, we’re not quite as afraid of hackers, although I think that switching – especially now that we have governmental hackers. But if you spend any amount of time at the internet at large, you will hear people talking about wardriving, which is going around and looking for unsecured wireless routers and finding out what people are sharing, that they don’t realize they’re sharing. A couple of weeks ago, I was sitting around and I was thinking about this question. And I wondered how difficult it would be for me to do exactly what the hackers are doing. So I spent about five minutes Googling, copied and pasted a few lines of code into the terminal of my Mac, and started watching the websites that people around me were viewing, scrolling down my terminal. This was with absolutely no expertise. This was with no special tools. I was able to look at the websites that people around me were looking at in coffee shops. All you need is Google. That’s the hacker’s most powerful tool. And it’s absolutely that people are doing it. And it’s absolutely really simple to do. And that’s what’s scary about it, it’s not that hackers are these really skilled computer criminals. The scary part is that any idiot with a laptop can find out what you’re doing at a coffee shop. So I think it’s really important to be aware of that and make sure you’re not doing anything that you would worry about other people sniffing out what you’re doing and you should have some tools at your disposal to prevent that from happening. I’ve been using a VPN called Cloak. There’s one for Android and Windows called Pure VPN and these tools prevent that. You can’t see what I’m doing when I’m at a coffee shop. I’m as safe as I can make my connection. I think lawyers ought to be doing that. What I now realize is if you’re not visiting a secure website, I can see what you’re doing. Even if it’s looking at your client files or looking at your medical records or whatever you have. That was pretty astonishing to me. I was pretty amazed to see how easy it was for me to snoop; and I was doing this in my own house.
Sharon D. Nelson: Yeah. It’s very easy and of course the hackers would prefer that you go to all of your financial institutions that you deal with; that’s their favorite place to watch.
Sam Glover: It is, I mean fortunately most of those are secured connections. But yeah, those could be goofed up too.
Sharon D. Nelson: Well let us pause now for a commercial break, and then we’ll be right back.
Advertiser: Looking for a process server you can trust? Serve-Now.com is a nationwide network of local, prescreened process servers. Serve-Now works with the most professional process servers in the industry, connecting your firm with process servers who embrace technology, have experience with high volume serves and understand the litigation process and rules of properly effectuating service. Find a prescreened process server today. Visit www.Serve-Now.com. We’re glad you’re listening to Legal Talk Network. Check us out on Facebook, Twitter, and LinkedIn Too.
Sharon D. Nelson: Welcome back to The Digital Edge on The Legal Talk Network. Today, our subject is the ethical misadventures of luddite lawyers and our guest is Sam Glover, who is probably best known as the author of the Lawyerist blog. So we have heard, repeatedly, Sam, that encryption is hard. Isn’t my confidentiality statement enough to protect my email? What would you say?
Sam Glover: I would laugh. Confidentiality statements on email have nothing to do with security. They rely entirely on the goodwill of the person who has received your email. But where that comes from is Bob Ambrogi reported on a survey of lawyers, and I think it was the ABA survey, and I think 70% or so of lawyers said the way that they secure their client emails is by putting a confidentiality statement on their email. Most of those disclaimers and statements are just silly and ineffective anyway, but putting a confidentiality statement on your email has absolutely zip-zero to do with security; and no, it does not protect your email. And I think we’re getting to the point where email encryption is a necessary tool in a lawyer’s toolbox. And yes, it’s not trivial, but it’s not that hard anymore either. There are services like Virtue that make it quite a lot easier and I think lawyers just need to add that to their toolbox.
Sharon D. Nelson: Once installed by an expert, all the lawyer has to do is push a button that says encrypt and send. That’s it, they can do that; even lawyers.
Jim Calloway: You mentioned government hackers, surely that was a misstatement. You don’t think the government is a problem really, do you Sam?
Sam Glover: A year ago or so, that would have made me sound like I have my tinfoil hat on. But hopefully I can say that now without anybody shouting out conspiracy theorist, because we know that the Chinese are hacking American systems. We know that the NSA and the FBI are trying to suck up all of the information that’s transmitted through the internet. They probably aren’t doing it very competently, but they are vacuuming up all of the information they can get. Should you worry? I think it depends on the types of cases you have. If you’re representing high-level, federal criminal offenses, then yeah, I think you should worry about it. Potentially even if you’re representing people on the state level because it sounds like the NSA may have had some information sharing agreements in place. But more, I think you should think about that from the perspective of your clients. Do you think your clients are worried about the government? Because I think that’s a conversation you need to have with your clients before you start choosing the tools that you’re going to use to store their information somewhere.
Sharon D. Nelson: This is kind of referencing something that we touched on briefly before, but I’ve heard folks say, isn’t all of this going to be a non-issue as the younger lawyers start practicing; and my own answer would be a resounding heck no. What’s your answer, Sam?
Sam Glover: I think it’s mostly no. We all grew up being intimately familiar with how the phone and the postal system works. And obviously, younger lawyers are going to be much more familiar with Facebook and Twitter and Instagram and SnapChat than older lawyers are. But that doesn’t mean that they’re going to be good at Cloud security or even using Microsoft Word. Heck, Microsoft Word’s been out for what, 20, 30 years? I don’t even know; and most lawyers still have no idea how to use it properly. So basic technology competence is not something that’s taught in law school. It’s not something that’s taught in college and it’s not something that you just pick up while you’re using Facebook. These are specific business skills and specific legal skills that everyone needs to know.
Jim Calloway: Well, I think that’s the real truth is that they don’t know business tools. They may know recreational and entertainment tools, which may help sometimes, but they don’t know business tools. Sam, this is the 85th edition of the Digital Edge podcast. I understand that you have a new podcast.
Sam Glover: You are 81 episodes ahead of us I believe, yes. We just recently launched the Lawyerist podcast, which started in January. And Aaron Street, my business partner at Lawyerist and I are doing it. It’s a weekly podcast; each episode is about 45 minutes to an hour. We are trying to find as many interesting and successful people and lawyers as we can to find out how they got successful or find out why they are interesting and talk about issues relevant to practicing lawyers. So far, it’s been a lot of fun and I think we’ve got some really good interviews with Alan Dershowitz, Ed Walters from Fastcase, Carolyn Elefant from My Shingle and the solo practice evangelist, I would say. So we’re looking forward to keeping doing it every week.
Sharon D. Nelson: Well thank you and we look forward to listening to that podcast and I know Jim and I both wish you well with all of that. And we want to thank you once again for being with us today. I think lawyers are, in general, coming to grips slowly with the idea that they must be competent with technology, but it’s a very slow process. But thank you for sharing your expertise with us today, Sam.
Sam Glover: Well thank you so much both of you for having me.
Sharon D. Nelson: And this does it for this edition of The Digital Edge, lawyers and technology; and remember, you can subscribe to all the editions of this podcast at LegalTalkNetwork.com, or on iTunes. And if you enjoyed our podcast, please rate us on iTunes.
Jim Calloway: Thanks for joining us. Goodbye Ms. Sharon.
Sharon D. Nelson: Happy trails, cowboy.
Advertiser: Thanks for listening to The Digital Edge, produced by the professionals at Legal Talk Network. Join Sharon Nelson and Jim Calloway for their next podcast covering the latest topic related to lawyers and technology. Subscribe to the RSS feed on LegalTalkNetwork.com or in iTunes.
The views expressed by the participants of this program are their own, and do not represent the views of, nor are they endorsed by, Legal Talk Network, its officers, directors, employees, agents, representatives, shareholders, and subsidiaries. None of the content should be considered legal advice. As always, consult a lawyer.