I mentioned ransomware to a law school class the other day and got some raised eyebrows. Despite the devastating impact this malware is having on law practices, news of it hadn’t reached this far. It’s not the first time I’ve spoken about law practice technology – both the business of law and the practice of law sides of the coin – and felt this same disconnect. Lawyers and those coming to the profession are not always informed on the technology that impacts their practice and their clients. As their obligation to understand this fundamental practice tool grows, how can they fill that knowledge gap?
It’s not surprising that the ABA’s legal technology survey (I’m using 2015 data, volume 1, q. 26) finds that generic web search engines, followed by the ABA Journal (surpassed by it in the largest law firms), account for the most common source for legal technology news. As insiders know – and who but an insider would read a LinkedIn post on #legaltech – there are still a number, albeit diminished, of publications that focus specifically on law practice technology. None of these rate anywhere near the levels of use that the more generic tools do.
Like a librarian knows what’s in the collection, legal tech boffins know where law practice tech things are being discussed. Everyone else Google’s it.
It’s not surprising because, whether it’s legal research or technology, there are two information gathering factors at play: search is easy and ubiquitous, and people aren’t always sure what they’re looking for when they start looking. A Google search for case management software is effective when you’re trying to figure out the scope of what you’re looking for but no-one is going to run that search every week. Tools like the ABA Journal and legal tech publications are more likely – my guess as a librarian – to be useful for serendipitous ideas or acquisitions, for maintaining knowledge in a haphazard, hope-I-need-this-someday manner. The likelihood that any publication will cover the exact technology a lawyer wants exactly when she needs it is pretty small.
26 US lawyer regulators have adopted the Model Rule 1.1 commentary that lawyers “should keep abreast” of changes in technology affecting their law practice. Information sources alone will make that a challenge. It’s probably fair to say that, to some extent, technology understanding will be outsourced to whoever is responsible for the law practice technology. IT staff, external consultants, non-technical support staff, all of these represent a second information pool.
The trick seems to be getting that information seeking behavior to happen before the ransomware encrypts the firm’s computers, or before the firm’s network is penetrated, or staff have their security information compromised. Once those things have happened – if the firm even knows – then it’s clear how a lawyer would use the information tools available.
This is complicated by the lawyer, when they start looking, getting a variety of opinions, some of which are out of date or in conflict. For example, is the Mac OS still a safer alternative because of it being a less common target? In light of the shift away from virus attacks in favor of ransomware and phishing, are lawyers deluding themselves by relying on internet security endpoint software suites rather than training? Isn’t changing your password frequently less likely to result in strong password use?
The answer is probably more technology.
One ideal would be to use a tool like a software management tool (like Microsoft SAM or Spiceworks) to not only maintain an inventory of what’s installed but also what should be updated and patched? The lawyer wouldn’t necessarily understand what was going on, but at least it would be done. This could enable law practices without their own technology support to maintain the same patching approaches as larger firms.
Another might be a notification system (personally, I use US-CERT) so that a lawyer gets an e-mail when one of their applications needs attention. Of course, then Adobe would be automatically placed in the spam filter. But it’s still just a status quo solution. The lawyer who currently uses typewriters throughout the practice will be safe from e-mails, but also clueless about the technology on the horizon.
And some lawyers are still not clear on what technology like the cloud is. And getting them to take on the types of tools that might help them achieve their professional obligations is probably as great or greater a challenge as getting them to adopt the technology that could improve their bottomline or client service delivery.
I asked the law students whether any of them thought that they would use or understand technology less in the future than they did today and none did. Not surprising. Yet as soon as they graduate and pass the bar, they are likely to enter a technology stasis where they know what they know and, without some real effort, their technology will largely be time stamped the same year they’re called to the bar.
There are some interesting challenges for those who want to bridge this gap. Just-in-time information tools could meet what is likely already a large need, and one that is definitely going to grow. A good software app and a trusted central delivery hub (like a lawyer regulator) and someone could probably make quite an impact and some decent money.