Back to Basics with This Confidentiality Presentation

The goal this year was to talk about how lawyers can protect their confidential information without larding the discussion with buzz words.  This was the 10th time I’ve given this presentation – Confidentiality in a Wired World – as part of the biannual training program at the Law Society.  Lawyers coming to practice in Ontario have to sit through my spiel, one hour of a multi-day set of competence programs.

This year’s slide deck covered mostly the same topics as previous years.  However, as much for my benefit as for the attendees, it’s a topic that needs updating each go round.

An Online Component

This year I developed a short online tutorial – more a Q&A really – meant to prime the lawyers on the topics, prior to the session.

Online CALI exercise on confidentiality and law practice management

The introduction to the online CALI lesson for Confidentiality in a Wired World

On the whole, I like this concept, which I’d read about instructors using to leverage the online for in-person courses.  However, after I’d finished it, I wasn’t sure that (a) it was as useful as I thought it would be and (b) that it would really help the lawyers as much as I might have hoped.  In the end, I didn’t use it but it was a good experience developing a simple CALI lesson.

Define:  Interactive

Talk about buzz words.  I’m not sure I’ve seen a presentation or conference – or participated in either – that didn’t assure me of how interactive it would be.  Our CLE folks use clickers, which does help get everyone involved.  I’m on the fence about that and, while I used it for 2 of these programs, eventually dropped it.

It probably helps that the questions I ask tend not to involve people taking a position, so raising a hand (if only to keep the blood circulating) is no big deal.  I think it’s a term that is over-used and represents more the wish of the convenors than the attendees.

Content

One thing I was determined to do was to drop all the references to the details that are increasingly useless to know.  For example, encryption is a readily available option now.  You have a device with a recent operating system on it?  You should turn on the encryption that comes with it.

Timeline of encryption and password development over the last 15 years

A simple timeline showing how encryption and passwords have evolved over the past 15 years

If we’re looking at lawyers being reasonable in relation to their professional obligations, I think use of encryption is now simple enough to be a reasonable expectation.

The challenge in this presentation really is how to explain to lawyers, who don’t use the terminology, about technical issues they don’t really need to know about.  This year, I left out references to any acronym I could.  I dropped all of the discussion of phishing, smishing, vishing, and so on.

So, for example, I just talked generally about social engineering, using examples to show how it happens.  The media is going to generate a bunch of new terms – Heartbleed, Poodle, Blagging, Tailgating – in the future.  It’s a time waste to try to keep up and it’s useless information for the professional.  The ways to prepare for social engineering or exploits won’t change, whatever the name.

Hopefully these changes were useful for the audience.  There were more questions than normal at the end, but they seemed pretty engaged for other presenters too.  The nice thing about giving the same talk repeatedly is the ability to try different ways of sharing information and seeing if the response is any different.