How the Digital Age and Cybersecurity is Reshaping Law
by James Grundvig
As eDiscovery tools enter the next generation of datamining, the legal industry continues to
adopt new platforms and software that will make up a predictive technology suite. At the core of
the data engine is artificial intelligence (AI) that when in concert with machine learning (ML),
will transform the legal industry, from the speed and accuracy of search and case study analysis to predictive outcomes that will empower firms to gain deep insights to foresee how trends will
impact law.
Add blockchain technology—the peer-to-peer distributed ledger—and the transformation will accelerate with trust, efficiency, and transparency being the key drivers that will reduce human
error and eliminate redundancies.
Yet, with all progress and positive developments the Digital Age will offer, the legal industry
faces the existential crisis of cyberattacks and cyber espionage. The sector, dependent on the paperwork of briefs, lawsuits, case studies, and audit trails, is just as vulnerable as consumers, businesses, and institutions. The threat of data breaches can come from within a company
(the insider threat), through an unsecured third-party vendor (Target data breach), or something seemingly as innocuous as discarding old computers, laptops, and mobile devices.
James Patrignelli, Director of Sales Northeast at Liquid Technology, explained that one unlucky
law firm threw out a hard drive without properly erasing it, breaking it apart and disposing of it.
As such, the law firm also missed out on recycling the e-waste to keep the environment green.
That careless act allowed a dumpster diving hacker to retrieve the hard drive and extract all of
the firm’s data, including its clients’ personal information—home address, mobile numbers, email addresses, social security numbers, where they bank—competitive advantages, and legal correspondence.
The delayed breach was revealed when the hacker began selling the data on the open bazaar
of the dark web. So ransomware isn’t the only threat that law firms face, despite many of those
firms buying Bitcoin in anticipation of being hacked.
At the Legal Tech Conference, held in New York City last week, The Journal of Robotics,
Artificial Intelligence & Law (Vol. 2, No. 1, Jan.-Feb. 2019) wrote about the growing cyber
threats and vulnerabilities that everyone faces in the Digital Age.
The journal stated:
“Today, with an estimated 70 percent of all data generated by individuals (often related to those individuals’ activities), and with organizations globally expected to lose over 146 billion more
data records between 2018 and 2023 if current cybersecurity tools are not improved, the
number of cybersecurity lawsuits is not expected to level off anytime soon.”
Let that sink in. 146 billion more data records over the next five years.
That is up from 15 times from the previous twelve years. And it’s very likely that the law editors
and technical writers for the journal didn’t fully estimate the explosion of data, sensors, devices, Internet of Things (IoT) and end points with the smart technology running through the 5G
networks in the next couple of years. In other words, the risk surface for data breaches to be
monitored and protected will skyrocket in complexity and magnitude.
Other ripples in the tsunami of data complexity include the digital arms race, bot swarms, and weaponized state actors from China, Russia, Iran, and North Korea, to name a few. The damage a cyberattack costs a firm today is $7.9 million—a number that was displayed on more than one presentation slide at the show. And that is double the average cost from 2015.
At almost $8 million per breach, an incident is a sum that outstrips most cyber insurance plans
and coverage.
Then there is the exposure to the new European Union General Data Protection Regulation
(GDPR), which went into effect in May 2018, and California’s Consumer Privacy Act of 2018.
With new forms of revenue generated by penalties if a breach firm violates any of the new
rules and regulations, the true cost of a breach will shoot up well over $8 million threshold.
That means for all the savings accrued and captured by the technology Business Process
Outsourcing (BPO) of AI and blockchain that will streamline firms and drive massive efficiencies, including reducing legal, managerial, and back office staff, those gains might be offset by a
data breach in the future. And if a cyberattack is successful or machine learning technology
is “leaky,” it can “usher in a new wave of lawsuits,” according to The Journal of Robotics, Artificial Intelligence & Law.
With the journal quoting Vitaly Shmatikov—“machine learning [that] is eating the world today”
—in its opening paragraph, a play of words the Cornell University professor made of Marc Andreessen’s decade-old pronouncement that “software will eat the world,” the legal industry
in general, and law firms, in particular, will have no choice cybersecurity tools and eLearning
training.
Investing in BPO suite of technology will be only the first step in transforming how law
firms of tomorrow will operate. Combined with good cyber hygiene, only then can the
massive cost savings of BPO can be realized.
# # #
James Grundvig is the founder of Myntum Ltd., a data security startup, is a published author
and business-technology journalist having published in the HuffPost, Financial Times FDI
magazine, Law.com, NASDAQ, the Epoch Times, among other media outlets.