Information Governance: What All Lawyers Need to Know

Episode Notes

Transcript

[Music]

Intro: Got the world turning as fast as it can, hear how technology can help.  Legally speaking with two of the top legal technology experts, authors and lawyers.  Dennis Kennedy and Tom Mighell.  Welcome to the Kennedy-Mighell Report here on the Legal Talk Network.

Dennis Kennedy: And welcome to Episode 332 of the Kennedy-Mighell Report, I’m Dennis Kennedy in Ann Arbor.

Tom Mighell: And I’m Tom Mighell in Dallas.

Dennis Kennedy: In our last episode we considered the recent stories of organizations not updating or replacing old technology and how that can sooner or later bite them in the butt.  In this episode, we wanted to talk about Tom’s area of focus and expertise.  The increasingly important world of information governance, its current state, what roles lawyers could and should play in it, and because everyone is talking about artificial intelligence these days, what to expect from AI in IG.  And I’ll press tap for good tips for any one of our listeners willing to get into the field of information governance.  Tom, what’s all your agenda for this episode?

Tom Mighell: Well Dennis, in this edition of the Kennedy-Mighell Report, we will indeed be discussing the important but still neglected field of information governance.   In our second segment, we’re going to talk about our next project which is using GPT3 or soon, hopefully, GPT4 to create a chatbot based on our new collaboration tools and technologies book that will hopefully answer your questions about collaboration tools as if you were talking directly to us.   And as usual, we’ll finish up with our parting shots that one tip website of observation that you can start to use the second that this podcast is over.

But first up, we wanted to revisit my current area of employment, concentration and expertise, and that is information governance.  It is becoming increasingly more important for law firms and companies to have some sort of information governance function or program but unless you’re a really big firm or a really big company, that’s still not happening I think the way it really needs to happen.  So, we thought we’d talk about what information governance or IG is, why it’s important as a discipline and what lawyers can or should do to become more involved in the field.  So, Dennis, I know you’ve got questions for me but I’ll start it off with a question.  Dennis, what is it that you think that lawyers are able to bring to the information governance table these days?

Dennis Kennedy: I mean, I sort of think the problem isn’t really that lawyers are having trouble even finding the information governance table these days.  I think lawyers have tons to bring to the table and I see this evolution of data privacy lawyers rolling into information governance, and I think that the skillset of lawyers is really well suited to this field.  So, I think if lawyers kind of look at that skillset, look at the needs out there, I think there’s potentially really interesting places for lawyers.  But I think — well, I say that, Tom, it probably does make sense to explain to our listeners what the heck information governance really is.

Tom Mighell: Well, so I want to describe it like a big umbrella.  I think of information governance as a framework but I think that one way to start out talking about it is that information governance is sort of the new term and then some for what many more seasoned lawyers, people who’ve been around for a while would think of as records management.  It’s more than that.  It’s more than records management but it’s what records management has become, and a lot of organizations still use the term “records management” and think about it, but they have a decidedly paper-based focus to that.  They’re thinking of paper when they think of records.  We’ve talked to so many companies where the employee say, “Oh, we’ve got a great records management program.  We’re taking care of our paper just fine, but all of the electronic information doesn’t count.  We’re keeping that forever.” So, clearly, they don’t really understand it.

Information governance has grown out of that to encompass the entire life cycle of information, from creation to disposition.  So, that includes a lot of different things.  It includes privacy, it includes making sure that you’re protecting personal information as part of that life cycle.  It includes information security, cybersecurity, those types of things, protecting all types of sensitive information not just personal information from bad people who might want to get it.  It includes litigation readiness which I guess is another way to say e-discovery but we really think of litigation readiness as another part under that umbrella saying how can companies or law firms or whoever needs to respond to a lawsuit?

(00:05:01)

How are they able to go and find a locate, collect, produce, review, whatever, what have you, the information that’s necessary should they be involved in a lawsuit or a regulatory matter or anything like that.  So, it’s really, there are really multiple parts of the whole information governance framework and like I think as you say, there are a lot of areas in there in which lawyers could find a nice home, but I will say throughout this, that that’s a “yes, but” or maybe a “yes, and,” I can’t remember how I want to call it, is that I see lots of issues where lawyers just decide we can do this at our firm and we can do information governance, but then they never bring the technical side of information governance to bare.  They only put in place policies and we’ll talk about that a little bit later why I think that’s a problem.  But I’m saying, I think there’s a great place for lawyers in this whole field, but there’s a caveat there and that is making sure that you have the technical side as well as the process and policy side.

Dennis Kennedy: Yeah, I couldn’t agree more.  I think that is the key to say, I bring some perspectives and some experience probably as a lawyer, but there’s this whole technical side as you describe it, but kind of really understanding what data is these days, how flows, how it’s used within a company.  I think the expectation of the regulators today and probably going forward is going to be that you know, your clients, who you work for even if you’re a law firm, you’re going to be able to explain, describe, track the flow of information, as Tom said, from cradle to grave, so that people can get that.  So, I do think you have to have a little bit of technical and then grow for time, but I think you have having that kind of background in information and how it’s organized and you know, analyzed, work with these days is essential.

I also like, Tom, that your description is an umbrella because with all these different components.  When I was at (00:07:12), we had this notion of we certainly look at privacy by design, you know, self-firm, we getting, could we build privacy into the products that we have, and I think that became an element of information governance for us.  But I think what sometimes surprised us lawyers still is that within that whole universe of information within an organization, that e-discovery it’s really interesting, the term you said, Tom, litigation readiness, is such a really, a small subset of the whole information governance world.

Tom Mighell: Oh, it really is, and to be real honest, what’s really fascinating to me is a lot of our clients these days tend to be companies that I would consider they’re a kind of in the middle market.  They’re not all massive companies who by nature generally have a lot of litigation.  They’re going to have a lot of lawsuits that they’re dealing with.  The middle market by comparison, I would — I mean I talk to them and they say, “Well, we probably have about five cases going on right now, but that’s it and we don’t really care that much,” which to me is a huge information governance risk, because the one thing that big companies have going for them because they have a lot of litigation is that they get to practice a lot.  So, they get to follow the process and they know what to do, where companies that have very little, if something big comes in that they have to deal with, they’re probably going to have to spend a lot of money hiring a vendor who can do it for them and pan their law firm a lot more than they would than if they had everything under control internally to be able to do it.

So, it’s a lot smaller piece and frankly, I think that in terms of companies or law firms getting their information governance house in order, there are so much to do.  In fact, if you go and look these days at the current model of the electronic discovery reference model in just the last few years, they added information governance to the front of it and it’s huge compared to the rest of the model, which says if you don’t have that in order, then that makes the whole e-discovery process a whole lot harder.

Dennis Kennedy: And I think you know, I look at in — from a perspective, a lot of data protection, data privacy these days, and I just think that the requirements that are being put on companies and the responses you have to have, and if there is a breach, I just don’t know how you can really do the stuff without having solid, solid information governance in place.  So, you’re probably running into that as well Tom, and I know that the other thing that’s interesting to me too is there’s so much new data and you talked about the paper versus digital.

(00:10:00)

But I ran into that from time to time where people would say, “Well, we’re not looking at certain things because it’s not a record.” It’s technically not a record.  There’s like tons of data out there now that might be used in different ways that’s not sort of classically what was called a record.  So maybe it’s a good time for you to talk about records management and how that is used these days and where that fits into information governance.

Tom Mighell: This could turn into a really long discussion, so I’m going to try to keep it brief.  Because what you just described there is really one of the big modern issues that we have right now, which is a lot of companies when you talk to them about information governance, they go, “Oh yeah, our IT department has got a data governance program and they’re all over that.” Well, data governance is not the same as information governance.  I would argue that it is under the information governance umbrella.  I would say that it is part of it.  Data governance is about better management of your, I will call it structured information, your data.  I hear lots of people throwing the word “data” around to mean all sorts of things in the organization.  But when I think of data governance, most IT departments are thinking about taking information that feeds from different systems, sometimes into a data warehouse or data lake or something that companies and/or law firms can run analytics on, can do predictions and forecasting and trending over the next couple of years.  It’s really useful, but everything that goes into those areas could arguably be called records.  The way we define a record is really simple.  It’s a simple definition.  A record is something that concerns the business of the company that too has a defined retention period.  Either, there’s a law out there that says we have to keep it a period of time or it has business value that says we have to keep it a period of time.

Now, the big challenge we have today is lots of companies want to keep that amorphous big blob or big lake of data forever so that they can run on it.  But the problem that you run up against there is primarily the privacy laws, because you’ve got to have personal information in there and what we’re seeing a lot of companies come to us today to say, “You know what, we’re realizing that our retention schedule that says we got to keep this personal information.” Like for example we have to keep a personnel file from the time that they’re terminated and then for another six years, but the California Privacy Rule says we should be getting rid of that a whole lot sooner.  How do we square all of that?  And so a lot of companies are now starting to figure out we’ve got to get rid of and de-identify some of this information.  So we’ve kind of opened up a big nice kettle of fish here by asking that question, because those are I think some of the biggest issues today in information governance is how to handle all of these massive amounts of data allowing a company to use it as they need to, but also making sure that you’re only keeping the right information and not running afoul of any laws that are part of that.

I will also say very quickly that the way I’m describing it here makes it sound like information is by nature a complicated thing.  And part of what I like to preach is that it doesn’t have to be complicated.  It can be.  It’s definitely hard to do, but it doesn’t have to be complicated.  We see so many companies that have developed these complicated taxonomies and listings of words that need to be done that just turn out to be so useless when people try to use them, and in their tools these days that you don’t even have to use a taxonomy in using them.  There are companies that have these massive records teams, they are record analysts that are responsible to analyze information before it goes into a system.  And I just think that those are, I don’t say that they’re wasted jobs, but it’s overcomplicating something, processes that get put in place in the name of information governance that are too hard for the average employee to understand and follow.  There’s a lot of that going on out there.  And I think that some of these parts of information governance don’t have to be so complicated, because ultimately what you want is your employees to be able to understand them and follow them or they’re going to wind up keeping stuff even longer and putting your company more at risk, increased cost, decrease productivity.  I’ve been blabbing on for a little bit.  Let’s pause for a minute and see if there’s anything else you want to ask.

Dennis Kennedy: Well, I was thinking time that in sort of the principles behind the EU approach.  I mean one that I think is definitely going to come into play as we move forward is the notion you should keep as little personal information as is necessary.  So you’re looking at that and keep it for the shortest period of time that it’s needed.  And that I think illustrates the problem that you were saying when people say, “Oh, we’re just keeping this personal information as part of this big pool of storage”, without kind of thinking it through.

(00:15:09)

I also see this evolution and it’s not surprising and we’ll talk about this I know in the second segment in a little bit of time.  But the information governance tends to be this team approach and the questions that come up tend to get asked of the data privacy lawyers.  So I think that’s why you see this evolution of some data privacy lawyers into the records management to information governance area.  I’ll take that’s an opportunity.  But I think that typically when somebody who’s evolving in information governance reaches out with the legal question, they’re going to data privacy lawyer and so I think that’s interesting.  The other thing that I think is super interesting these days is that when we look at cyber security and the idea of ransomware, I think that having really good information governance approach, to me just seems part of the whole core cyber security protection function these days.  I don’t know if you agree on that Tom, but that just seems to me like you want to know what you have, how to restore, where things are kept, what might be vulnerable.  All those things fit together for me.

Tom Mighell: 100%, but what you’re describing, all the things that you’re describing sort of support my argument that the best information governance programs span across multiple parts of a company or a law firm.  So, it’s not just privacy, it’s legal, the little part of legal that doesn’t deal with privacy, its information security, its multiple areas.  We get a lot of companies tell us “Well where should information governance sit in our company?” And we’ll talk about this more after the break, but there’s no simple answer to that.  The best answer is it’s cross functional and it needs to be because there are so many different parts of a company or a firm that have an interest in a piece of information governance.

Dennis Kennedy: So let’s wrap up this segment Tom.  And let me just ask you, what are the two or three biggest issues you see in this field today?

Tom Mighell: I love how you say let’s wrap this up, because with that I could talk another 20 minutes.  So I’ll make it short, because I think we’ve talked about one of the biggest issues, which I think is privacy.  I think that more companies these days are coming to say, “Oh no, we finally have to start complying with California.” It’s really California that’s got a lot of companies that are up in arms.  But frankly we have a lot of other states that have laws that are starting to come into effect as well.  So it’s not just going to be California, it’ll be a lot of states.  I don’t expect the federal government to do anything anytime soon.  But what you really have to do is, I wouldn’t call them exceptions to the privacy laws, but there are conditions in the privacy laws that sort of offset that what you called, just a minute ago what you described, I called data minimization.  Keeping information no longer than is reasonably necessary for the legitimate business purpose for which you collect the information.

And so what we see and what we do for a lot of companies is we help them define that legitimate business purpose.  So if, for example, the statute of limitations for an employment action in your state is five years, you’re going to want to keep a hold of that personnel file for at least five years even if it has personal information in it.  That’s your legitimate business reason, because there are other laws that prohibit me from getting rid of it sooner.  So that’s one issue that we see a lot of, is help us comply with privacy because it’s conflicting with our information governance responsibilities.  The other is we used to see a big world where lots of companies were dealing with enterprise content management tools, like Documentum and OpenText, and FileNet, and keeping documents in those types of systems.  These days, most companies that we see working have just decided we’re going to go with what we have and that’s Microsoft 365, and we need to learn how that manages information.  And every client, every company that we work with wants to learn how to do it and that is a huge business these days, is helping companies move their information into Microsoft 365 and managing it in a way that is compliant with an information governance program.  Those are the two, definitely the two biggest issues I see going on today.  And before I keep going, let’s take a quick break for a message from our sponsors.

[Music]

Advertiser: As a lawyer, insurance is one of the last parts of your job you want to spend unbillable hours on.  That’s why thousands of lawyers have switched to Embroker.  Embroker offers A+ rated insurance for law firms that you can quote and buy instantly online.  If you need help, they’ve got experts on standby.  Go from sign up to purchase in just 15 minutes by visiting embroker.com/law.  That’s E-M-B-R-O-K-E-R.com/law.

(00:20:05)

[Music]

Jared Correia: They say the best things in life are free, which either means Legal Toolkit Podcast is pretty awesome or we’re totally committed to the wrong business model.  You’ll just have to tune in to find out which it is.  I’m Jared Correia and each episode, I run the risk of making a total ass of myself so you can have a laugh and learn something new and why not maybe even improve your law practice.  Stop believing podcasts can’t be both fun and helpful.  Subscribe now to the Legal Toolkit.  Go ahead, I’ll wait.

[Music]

Dennis Kennedy: And we are back, Tom.  This is a big job, isn’t it?  I mean how should people get started sort of what have you seen out there?  I mean to me it does seem like this cross-functional team approach, but is that what you see most commonly?

Tom Mighell: What’s interesting is it really depends on the size of the company, or the size of the firm, because the bigger the company, the more resources you can throw at it.  The more people who are available to spend time, but in bigger companies or firms, what we see is sort of a three-tier approach, which is that there is a steering committee at the top that is cross-functional that takes up legal, IT, and privacy.  And if you have a records management function and compliance, all of those groups are stakeholders at the table.  They meet two or three times a year.  They decide on overall strategy and policy, they approve different things.  They have overall oversight.  They delegate the day-to-day management to sort of an information governance manager, information governance director, or those types of things.  That person is usually a full-time employee and for a lot of smaller companies, it’s hard to find somebody.  They don’t want to hire anybody like that so, they usually appoint from within, but that’s even harder.

And then what we usually see is that the manager is good for managing day-to-day activities for the whole company, but they don’t have sort of the “boots on the ground”, for each department, or each area of the firm.  Those groups know their records better than the manager will.  So, we usually see some type of coordinator or a records champion or something like that in the group that part of their job, 10% of their job is championing the policies and procedures and the schedule within that group, but also helping the manager out do training and do other exercises during the year.

So that’s sort of I would consider that the best practice way to deal with it, but it’s all over the place depending on how many people you have, what type of resources are available, how you can get people away and what type of will there is to do that.

So, bigger companies, have things like these record analysts or records clerks for very long periods of time.  A lot of those were designed around paper records.  I’m not sure exactly what they work on today unless they’re dealing kind of with enterprise content management systems to enter that information and make sure it all works appropriately.

But like I said in the days of Microsoft 365 where everything is about SharePoint and, and, Teams, and things like that, it feels to me like those types of jobs are going to become less prevalent in companies that might be using other tools instead of enterprise content management.

Dennis Kennedy: Yeah, I have sort of an interesting perspective as I saw the evolution of this role at MasterCard and I had the chance when my friend, JoAnn Stonier, who’s the Chief Data Officer at MasterCard came to Michigan State to do a keynote on AI and data ethics.  And we were sort of talking about the evolution of her role which went from Data Privacy Lawyer to Chief Privacy Officer to Chief Information Governance Officer to Chief Data Officer, and like that whole role.

And so, it’s interesting to see how — and this I think could be truly interesting for some lawyers to say, like, “somebody needs to look at the big picture and there are other components,” but as we look to say, how do we comply with privacy laws?  How would we lobby or have a voice in new data privacy laws?  What is this notion of data ethics?  How does AI come into this field?  You know, what’s going on?  Can we take what we have and use information governance and kind of embed it into our products and services?   So, we have that data privacy and security built into what we’re doing.  You know, like as a matter of course.  So, you know, like we use the term privacy by design, from the beginning.

(00:25:02)

So, I think it’s really interesting in how the role has evolved and how significant it can be especially in companies that have tons of data, or in kind of in that world.  But that’s started to become everybody, isn’t it time?  I see so many companies are really all about data these days.

Tom Mighell: They are all about data, but I’ll challenge that for a minute and say that it depends on if you’re calling data what I say and see as being in a database or a warehouse or data lake and is rows and lines of data that you can run reports on and you can analyze, yes, more and more and more and more data, but I would make the argument that your unstructured information, your Word files, your Excel spreadsheets, your PDF files, there is at least as much of that data going out there and it’s called unstructured for a reason.  It’s because it’s unorganized, that it’s not something that people organized very well.

The one thing that structured data has going for it is that it’s structured, it’s organized.  It’s not going to get out of control except for volume and size whereas this becomes to me, the unstructured data is actually to me, the bigger issue.  It’s the bigger problem because think of all the personal information that exists out there in multiple copies and away.  And oh wait, it’s also on somebody’s mobile phone and it’s also somebody is storing it on because they might email some of their documents home to their work.  And so, it is so far out of control that it’s hard to figure that out.  I think that’s actually a harder nut to crack than the data.

No question the data is difficult and it’s challenging, and I think that the larger companies have a better handle on it with their Chief Data Officers and their data governance programs that they’re trying to get a handle over clean data and data integrity and making sure that everything is right.  But I’d make the argument that your unstructured information actually poses a larger risk to companies than the size of the structured data than most people have.

Dennis Kennedy: Yeah, and I was going to ask that Tom because it seems I would say the same thing that we’re seeing all this truly unstructured stuff.  And it’s so many different locations.  And you can look at there was going to be video, there’s audio, there’s the internet of things or swipe card data.  And you think like what is going on in the typical company even small ones of where are these different forms of data that are starting to come into play.  And like you said, it could be on a bunch of devices or different cloud services or all those things.  And so, it becomes a very complex thing I think.

Tom Mighell: Well, I’m talking to a company just this week and talking to some of their employees.  And they’ve told me and just talking to one department, and I asked him where they store documents and they say, “Well, we have a network drive that we call the K drive and it’s for our department, but we also use the P Drive, which is a public drive and we store some things on there too.”

Now, I also use my personal user drive, which is the U drive to store some things, but then they gave us a OneDrive account and we also use OneDrive, and I sometimes use that for some of my personal information if I want to share it.

Now, some of my really personal stuff I put on my C drive on my computer, and then they just gave us Microsoft Teams last week and we found out you can actually store files there too.  So, we’ve started putting things and I’m like, “Do you just know you just described 20 different places that you store things” and no wonder it’s hard for people to be productive.  I mean what’s interesting here is that we’re talking about a lot of really important drivers at a company like costs, like risks, huge risk for this sort of stuff.

But to me the hidden driver for all these companies is productivity.  The more you can control the stuff, the better people are productive.  I asked these people and I say, “Does this sound like a common theme?”  I know how to find my own documents, but if I need to find somebody else’s, I just send them an email and have them send it to me.  Well, that’s not how it should work.  You should be able to collaborate with each other in a good way.  And productivity is a huge sufferer of bad information governance.

Dennis Kennedy: Absolutely, and I think that’s truly underestimated.  So Tom, if I’m a lawyer and I want to despite the complexities we just described, I mean this just seems like such a high-growth field and lawyers have a great skillset for it.  What type of training would you find people need to do this role or to get ready to do this role?

Tom Mighell: Well, I had on-the-job training.  I joined my company 12 years ago just having some basic information, and some knowledge of e-discovery.  And I learned as I went, and it was great learning.  There are no college courses for example on information governance.

(00:30:00)

There are things called an Information Sciences.  There’s Library Sciences which kind of gets into some of the philosophies of information governance.  Data science is certainly.  So, if you want to take a course on something, those are the types of classes that get offered, but they don’t really approach the governance issue that I talk about mostly with information governance.  Now, in terms of training, I’ll be self-serving for just a second and say my company does a lot of really basic webinars that talk about the basics of information governance and they’re all free for people to watch.  You just go to our website.  You can find them.  There’s a site called MER Sapient.  MER stands for Managing Electronic Records.  They do a lot of really good content on information governance.

If you’re interested in e-discovery, ACEDS, our good friend Mary Mack and other friends are part of that and they put out a lot of good content.  A lot of people might think that company organizations like RMA which is sort of the Records Management Association would have good content, I would just say buyer beware because I feel that they’re starting to get a little out of touch with the times and they might not be the best materials to train, but those I think are some of the probably the best places to go and learn more about it and understand kind of what’s going on.  There’s another group called AIM.  I think they’ve kept up mostly with the times, although they seem to spend a lot of time on imaging and things like that of records, but all of those I think are decent and reasonable places to look for training.

Dennis Kennedy: So, there is a part of this right time that says, maybe AI can help sort all this stuff out and actually take care of it and I think that as we described it that this doesn’t really seem possible.  Are you seeing anything with AI coming into this field?

Tom Mighell: Oh, yeah.  AI is already here.  It’s been here for a while actually.  The theory behind AI and information governance is part of what you want to eliminate in information governance is the user, the user having to make decisions on how long to retain information or when to get rid of information or how to classify information the right way.  It’s trying to take the user out of the thing as much as possible because, one, we all have day jobs.  We sort of don’t have time to do it and, two, when it all comes right down to it, most of us would rather keep it all forever than actually trying to do the right thing with it.  So, there are a lot of tools out there right now that will claim to go on to say your network drive and they will be able to search for files that meet a certain criteria and they will apply certain labels to them and you can then apply retention to them and you can manage them that way.  I will say that there is a lot of good promise in those and some of the tools worked pretty well for things like credit card numbers, Social Security numbers.

There are a lot of data loss prevention tools.  We call them DLP tools that are designed to go and find that information and those tools are really good at finding specific kinds of information.  Where some of those tools just aren’t quite ready yet is you’ve got — if a company is used to creating documents a lot of different ways but then calling them all the same thing, training an AI on what all the different ways they are is hard and challenging.  So, some of the tools right now can’t go and find certain types of documents because they’ve been named in different ways.  They have different naming conventions or they have different titles to them or the wording in there is not — you’re not going to find the same wording in each type of contract or invoice or whatever the document is that you’re looking for.  So, I think AI is really got a lot of good tools, solid tools working for it, but I think it still has a way to go.  I think frankly where AI is best in information governance is still on e-discovery and in the predictive coding and machine learning and those types of areas.  I think they’ve made a lot more strides toward it than just the general information governance field.

Dennis Kennedy: Yeah.  I mean, it’s interesting because, as you described it, the credit card numbers really illustrate this because it seems like AI would do really well with the sort of superstructure data because I’m looking for a string of 16 numbers —

Tom Mighell: Exactly.

Dennis Kennedy: — that might or might not be separated by dashes into groups of four and, boom, it’s going to do an awesome job of that.  But like you said, when you name things the same way and it’s for something different, that’s going to be really problematic.  So, Tom, it seems to me that this is a field that’s challenging and it’s going to get more challenging and it’s important and it’s going to get even more important.  So, do you want to like think we should wrap up with maybe some of your — you’ve given some great tips already, but maybe some of your other tips for people who might want to go into this field?

(00:35:02)

Tom Mighell: So, I mentioned this before that I worry that there are some firms out there that have information governance practices that are very good at the process part, at developing policies, at developing retention schedules but that they haven’t really worked with IT to understand how those sorts of things really get implemented in a company.  So, if you happen to be there and you sense something that you already do or something you’re interested in doing, finding that tie-in with technology is really important.  And so, it’s not just enough to be able to develop a policy and a schedule and just give it to your client and say, go use this and you’ll be fine.  You’ve got to make it implementable.  It has to be executable or you’re not doing your client a good service.

So, I would say that frankly the best way for lawyers who want to enter this is to do what you’re already good at doing, understand record-keeping requirements, understand risk, writing reasonable solid records policies, things that make sense that company should be able to follow that aren’t too onerous, that are easy to understand and learn to develop retention schedules that are easy to understand and actually easy to follow.  They can’t be complicated.  We are working with a company right now that has a 10,000-line retention schedule.  No one is ever going to follow that.  They won’t be able to find anything in that schedule.  They don’t know what it is.

It’s got to be simple and easy.  We are seeing these things happen that are much less complicated and the more likely that you easier you make it, the more likely users will follow it and the more likely it will be easy for IT to implement it.  I think that’s really two tips and good ways to getting into the field.  Alright, that’s enough on information governance.  Before we move on to our next segment, let’s take a quick break for a message from our sponsor.

[Music]

Craig Williams: Today’s legal news is rarely a straightforward as the headlines that accompany them.  On Lawyer 2 Lawyer, we provide legal perspective you need to better understand the current events that shape our society.  Join me, Craig Williams, and a wide variety of industry experts as we break down the top stories.  Follow Lawyer 2 Lawyer on the Legal Talk Network or wherever you subscribe to podcasts.

[Music]

Sharon Nelson: The Digital Edge Podcast where the law and technology intersect.  I’m Sharon Nelson and together with Jim Calloway, we invite professionals from all fields to discuss the latest trends, tips and tools within the legal industry.  Stay up to date on the rapidly changing legal tech landscape with the Digital Edge on the Legal Talk Network.

[Music]

Tom Mighell: All right, and now let’s get back to the Kennedy-Mighell Report.  I’m Tom Mighell.

Dennis Kennedy: And I’m Dennis Kennedy.  There’s been so much talk lately about ChatGPT, a fair amount of that generated by ChatGPT itself with a lot of hype, a lot of fear-mongering and a lot of noise.  However, we both are bullish on its potential and we’ve talked about generative AI tools quite a bit on the show lately and we thought it was time for the two of us to try a substantial AI demo project and I think we found it.  We’ve also found that we can best get these kinds of projects like our second-grade project started moving forward by pre-announcing them on this show and that kind of forces us to actually do them and get them finished so we can report back to you.  So, Tom, what new project are we planning to dive into and how much will our listeners love it?

Tom Mighell: Well, I hope they’ll love it a lot, but what we’re planning on doing is what we’ve been noticing lately is we’ve been noticing that people are beginning to train ChatGPT and other AI tools but primarily ChatGPT on text that they’ve created or even on whole books, having fed those books into ChatGPT and providing some parameters around it.  They’re able to create a chatbot that you can ask questions to and get answers that are based on the book, and those answers generally are written really in the voice of what the book was written in.

So, it almost sounds like you’re talking to the author when you’re asking that kind of question.  So, we thought what a better way to have people learn more about our book, maybe you’ve bought the book, maybe you haven’t, maybe you want to learn more about it and learn more about what we think about collaboration tools.  So, it’s been our idea that we’re going to train an AI on our book and see if we can develop that.  Dennis, this was something you originally had suggested.  What made you think about that?

Dennis Kennedy: Well, I’d heard of people doing it and played with the one side where they had done it and I really liked it and I think that as people looked at ChatGPT and GPT 3 or 3.5, soon to be 4.

(00:40:03)

It seemed like they were expecting it and asking it to do way too much, and the standards they were judging it by just seemed really crazy to say, like, okay, I’m really disappointed with ChatGPT because it wrote this brief and it made up case names and you go like, well, this given like what it’s supposed to do that’s not totally surprising and as an aside time, humans have also been known to do that.  Human lawyers have been also known to do that.

Tom Mighell: Yeah.

Dennis Kennedy: So, I said, what are some of the simple things that kind of really show off what it would do that would be really helpful and that you could see how it could be a stepping stone to do something more sophisticated, so kind of complex enough project that we would actually have to learn something but something that could be useful and it’d be a great way to kind of help us market and get out the information in our book.  And so, that’s why I like the idea.  I think it’s a good example and, if we do that, then the next step for me becomes now I can train it on my articles or we could train it on the podcast transcripts or do something like that.  And to me, it’s the type of project that can evolve once we get the basics of it.  So, I’m looking forward to getting started in it and I think, Tom, you’ve been really good over the years with some of these things that require a little bit of flow to them and kind of sorting out how things kind of work together.  So, I think this will be great projects for us to work on.

Tom Mighell: Well, I’ll just say you also shared with me a link to a guy who’s been posting books up to a site to basically say, pick a book to talk to and you can ask questions of the book and I’m not sure about any copyright violations of what’s going on or whether there’s been permission to upload this stuff, but it is pretty cool to talk to some of the books here and get questions.  I talked to the ‘Atomic Habits’ book and asked about habit stacking and gave me a reasonably good answer about what habit stacking was.  So, it is possible.  It is a good thing.  So, stay tuned here and hopefully we’ll have some good news for you in a couple of months.

Dennis Kennedy: So maybe, we could even get to the holy grail of the sort of famous German philosophers that are so hard to understand.  We could have them explain what the heck they’re actually saying.

Tom Mighell: We will see.

Dennis Kennedy: So now, it’s time for our parting shots, that one tip website or observation you can use the second this podcast ends.  Tom, take it away.

Tom Mighell: So, I actually want to give a little bit of follow up to my leaving LastPass segment of the last podcast.  If any of you happen to be on LastPass and you happen to be either thinking about or in the process of leaving two tips that I’ve found useful, I’ve moved over to 1Password.  I’m very happy with it so far, but here are two tips.  One is don’t just close down your LastPass account.  I have no trust for LastPass right now.  So, I wouldn’t just close it down.  I would delete my passwords first and I let it run the cycle or either delete them permanently, so you know they’re gone.  I’ve deleted lots of passwords over time and I can promise — well, I know that they appear to have been deleted from my account.  I assume that they’re deleted and that they won’t be anywhere else.  I’d rather not just shut down my account without deleting them first.  So ,I would say go through the effort it takes to delete your passwords before you shut down your LastPass account.

The other thing to do is that if you do move to a tool like 1Password or maybe some of the others, look to see if they offer you a discount for moving over from another service.  I told 1Password I was a LastPass user.  I sent them my invoice and how much I had paid for the last year of service and they gave me a discount, essentially paying me for my LastPass subscription to move over.  So, that was a good deal.  I got a good great deal on joining 1Password.  So, two handy tips in case you are making the change from LastPass.  Dennis?

Dennis Kennedy: The second tip is awesome.  So, I saw this thing and I forget where I saw it.  It could have been in Recommendo, but there’s a site called Vacay and they have a vacation and travel chat assistant which is an example of the AI chatbot things.  And so, my wife and I have been watching this Digging for Britain TV show, which is really cool.  And so, I had this idea that maybe we should go on a vacation sometime where we like volunteer on an archeology dig.

(00:45:00)

So, I went to this chatbot and I put in, what are the best archaeology dig vacations?  And I also said for seniors because kind of getting in that range and it came out with like five recommendations that were really helpful to let me know that such things actually exist where you might contact them and it was just like a good overview to say like, oh, if you want to go here, there’s there.  There’s some stuff in the US.  Here are some other things and it was just super useful, really easy to use.  Sometimes, you go on like, I’d like to go on vacation, but I don’t know, especially if you’re talking with your spouse, like, oh, you decide, you decide kind of thing and this could be a way just to give you some suggestions.  And so, it’s not promising to plan your trip or anything, but I think just when you’re just looking for ideas or saying what might be possible, I think these types of little AI chat tools could be really useful in that setting.

Tom Mighell: Yeah.  I went to it and I were going on a cruise this summer, and I put in, what are the best places to see in Berlin and what are the best restaurants in Copenhagen?  And just in a second, it spit out like 10 different recommendations for each one.  I thought it was whether they turn out to be good or not, I’m going to have to research them, but it was very confident and very fast.  And so, I’m looking forward to looking into the answers that it gave.

Dennis Kennedy: Yeah.  I was going to say Tom that’s one thing people say about ChatGPT is supremely confident answers.

Tom Mighell: Very confident.  Exactly.  All right, so that wraps it up to this edition of The Kennedy-Mighell Report.  Thanks for joining us on the podcast.  You can find show notes for this episode on the Legal Talk Network’s page for our show.  If you like what you hear, please subscribe to our podcast and iTunes on the Legal Talk Network site or within your favorite podcast app.  If you’d like to get in touch with us, please reach out to us on LinkedIn, maybe on Twitter, although that’s becoming less and less each day and, remember, you can leave us a voicemail.  We are at (720) 441-6820.  We love your questions for our B Segment.  So, until the next podcast, I’m Tom Mighell.

Dennis Kennedy: And I’m Dennis Kennedy and you’ve been listening to The Kennedy-Mighell Report, a podcast on legal technology with an internet focus.  If you like what you heard today, please rate us in Apple Podcasts and we’ll see you next time for another episode of the Kennedy-Mighell Report on the Legal Talk Network.

[Music]

Outro: Thanks for listening to the Kennedy-Mighell Report.  Check out Dennis and Tom’s book ‘The Lawyer’s Guide to Collaboration Tools and Technologies: Smart Ways to Work Together’ from ABA Books or Amazon.  And join us every of the week for another edition of the Kennedy-Mighell Report only on the Legal Talk Network.

[Music]

Continue Reading