Previous TSL.P Podcast Guest Meghan Zavieh Commentary on Tech Competency for Lawyers

img.png

Meghan, a previous TSL.P Podcast Guest, released a commentary on Technical Competency for Lawyers - What does it mean? Its a great reminder for the basics all lawyers need to understand regarding the use of technology in the office (whether “brick & mortar”, at your home office or on the road). It also perfectly corresponds with the release of her new book, The Modern Lawyer: Ethics and Technology in an Evolving World, earlier this year.

This book is a good addition to your library whether you are a newbie to tech or an experienced pro!

Happy Lawyering!

The PA Bar's Advisory Opinion Provides Some Good Tips to Working From Home!

AdobeStock_218715594.jpeg

The Pennsylvania State Bar came out with an advisory opinion directed at attorneys working at home given the COVID-19 pandemic.  It’s a good read for all of us as it reminds lawyers what we need to be doing to secure our client’s privacy and to ensure we don’t run afoul of our respective State and Territorial Bars.

I’ll list some good points from the Bar to follow further below.  But, my read of the big takeaways are:

  1. You need to be Competent enough to keep Client Communications and information Confidential.

  2. You need to take “reasonable” precautions.  It does not mean you have to have Pentagon-Grade IT Security.  But, it does not mean you can’t take any steps to secure your client’s info.  Simple steps like password protecting your computer and home Wi-Fi, using secure passwords, and running a VPN when you are using a public Wi-Fi should be your bare minimum basics.

  3. You don’t need to be an expert.  If you need help, finds those (like me 😉) who you may be able to retain to assist you!

I did notice one bullet point below of unique interest:  “Prohibiting the use of smart devices such as those offered by Amazon Alexa and Google voice assistants in locations where client-related conversations may occur.”  What I found interesting, is the opinion doesn’t mention Apple’s Siri.  I’ll be writing about that in a future blog post.


Now, onto the PA Bar’s list of suggestions:

  • Specifying how and where data created remotely will be stored and, if remotely, how the data will be backed up;

  • Requiring the encryption or use of other security to assure that information sent by electronic mail are protected from unauthorized disclosure

  • Using firewalls, anti-virus and anti-malware software, and other similar products to prevent the loss or corruption of data

  • Limiting the information that may be handled remotely, as well as specifying which persons may use the information

  • Verifying the identity of individuals who access a firm's data from remote locations

  • Implementing a written work-from-home protocol to specify how to safeguard confidential business and personal information

  • Requiring the use of a Virtual Private Network or similar connection to access a firm's data

  • Requiring the use of two-factor authentication or similar safeguards

  • Supplying or requiring employees to use secure and encrypted laptops

  • Saving data permanently only on the office network, not personal devices, and if saved on personal devices, taking reasonable precautions to protect such information

  • Obtaining a written agreement from every employee that they will comply with the firm's data privacy, security, and confidentiality policies

  • Encrypting electronic records containing confidential data, including backups

  • Prohibiting the use of smart devices such as those offered by Amazon Alexa and Google voice assistants in locations where client-related conversations may occur.

  • Requiring employees to have client-related conversations in locations where they cannot be overheard by other persons who are not authorized to hear this information; and,

  • Taking other reasonable measures to assure that all confidential data are protected.


BOLO - If you are using Luna VPN, Adblock Focus or Mobile Data, you may be putting your data at risk!

AdobeStock_298000277.jpeg

I was disturbed to read in Buzzfeed that some VPNs and ad blockers are harvesting our data. Recall, VPN stands for Virtual Private Network. Recall last April, I had blogged about the importance of using a VPN when using public Wi-Fi, e.g., a court’s public Wi-Fi, Starbucks, an airport, etc. A reputable VPN will help ensure prying eyes are unable to see into our internet activity or gain access to our computer. This should never come at a cost to the user’s information. Ad blockers are used to prevent “ads” from popping up when we surf on the internet through our web browser.

The company Sensor Tower has made several VPN applications for the iPhone and Android operating systems. But their apps may be doing more than just providing a VPN: “Once installed, Sensor Tower’s apps prompt users to install a root certificate, a small file that lets its issuer access all traffic and data passing through a phone. The company told BuzzFeed News it only collects anonymized usage and analytics data, which is integrated into its products. Sensor Tower’s app intelligence platform is used by developers, venture capitalists, publishers, and others to track the popularity, usage trends, and revenue of apps.” But when you give access like this, you are putting your information and maybe your clients’ confidential information “at significant risk” of exposure to others.

I’d stay away from this developer’s programs. 

And remember, just because it may be “free” does not mean it may come without a price later - a bar complaint for exposing confidential client information!

Let’s be safe out there!