I have this year attended legal technology conferences in the UK where speakers and delegates were clearly confused about how lawyers should be using the cloud (e.g. LawTech Futures 2012 and Lex2012). For them and other lawyers faced with the brave new world of cloud technology the answer is to buy and read Nicole Black’s excellent book on the subject: ‘Cloud Computing for Lawyers‘.
Whilst this book is written by a US Attorney and contains many US references it is still a very appropriate read for UK or EU lawyers and I am sure lawyers globally. For example Nicole makes reference to EU legislation and helpfully points out that EU members may not legally handle or store data in the US. The ePrivacy Directive in the EU requires that a third-party who wishes to collect and store personal information must first obtain the consent of the user after providing them with clear and thorough information about storage and access. Storage of consumer data outside of the EU might be in violation of the Directive.
Nicole goes well beyond the basics of cloud computing to look at access by virtual assistants and virtual paralegals.
Stephanie Kimbro provides a guest chapter which poses many ethical issues to tax the mind of a lawyer planning a move to the cloud. Indeed this chapter could put the over cautious ones off from doing so at all.
We learn that there are multi jurisdictional issues in the US with different rules in each state. This would appear to be a minefield to negotiate at the best of times. There are office and residency requirements to consider. It does not follow that you can create a virtual presence in one state if you do not have a physical presence there.
Stephanie points out that because these ethical issues in cloud computing will never fit neatly into the existing rules of a single state or even country, the use of this technology by the legal profession may serve as a catalyst for some form of rule and ethics standardisation within the profession. We have recently seen this in Scotland with the Law Society publishing advice for the profession on cloud computing.
There are particularly detailed requirements in certain US Acts that would in some instances impose an obligation on law firms to include the specific language set forth in the applicable state regarding the disclosure of covered data to third parties in their agreement with their cloud computing provider. I would be interested to learn if we have any equivalent situations in the UK.
I was amused by the lengths some lawyers will go to with regard to backups:-
… I provide some security in case of cloud failure by hav[ing] two kinds of local backup on my office and home computers, and then I do an additional local backup on a portable hard drive … I use one cloud backup for my computer at my office. I use a different cloud backup service for active and important files/folders. I use Time Machine for a local backup. I also do a local backup on each machine using Super Duper.
That quote was from Robert J. Krakow. From my point of view Inksters moving to the cloud removed the need for manual backups within the office – the backups are now done only by the cloud provider.
Nicole points out that security issues are not always simple and can sometimes seem overwhelming – so much so that it seems easier to stick with the status quo rather than venture forth into unknown territory. However, Nicole then correctly recommends that you should resist the inclination to ignore this newfound technology. It is really not as complicated as it might seem at first glance. It is simply a matter of asking the right questions of your vendor and ensuring that the responses are satisfactory, given your needs or the needs of your clients.
The reproduction in the book of a guest post by Tomaz Stasiuk on The Mac Lawyer Blog is ideal reading for any lawyer with security concerns. A good analogy is given by Tomaz of lawyers storing paper based files. Often these files will be in filing cabinets, on shelves, on desks or on the floor. If archived they may be in cardboard boxes in warehouses controlled by third parties. Data in the cloud is more secure than that.
Nicole gives you new things to think about. Did you know that you can get cyber-risk insurance and utilise cloud monitoring services? I didn’t.
The chapter on implementing cloud computing into your law practice is a particularly good outline of all the considerations that a lawyer has to take into account when deciding to move their IT systems to the cloud.
As I read the book I found myself asking “I wonder if Nicole will cover…” and invariably she did. No stone is left unturned.
There is a chapter on cloud computing applications for your law practice. This looks at free applications such as Google Docs but points out that Google does not disclose the location of the servers that will house your data. The point here, of course, for UK lawyers is that this could be a barrier to using Google Docs because if the server is in the US the data will not be considered secure under EU regulations.
The web based law practice management solutions looked at by Nicole are almost all US based services with the unusual exception of LawRD based in Portugal! The Internet Newsletter for Lawyers has recently published details of UK based practice management systems in the cloud.
Examples given of cloud computing use by colleagues in their practice was surprising by the variety involved.
In her conclusion Nicole points out that technology is here to stay and lawyers cannot afford to ignore it. By embracing technology and positioning themselves for the future – rather than denying its reality – lawyers will profit in 2012 and beyond. Nicole asks: Will you be one of those lawyers?
I am pleased to be able to answer that question in the affirmative and highly recommend Nicole’s book to any other lawyers who want to join me.
Buying the Book
Cloud Computing for Lawyers by Nicole Black (ISBN 978-1-61632-884-9) is published by and available from the American Bar Association. It has not as yet been released in the UK but is available for pre-orders at Amazon.