🎙️Ep. 99: Navigating the Intersection of Law Ethics and Technology with Jayne Reardon.

/ The Tech-Savvy Lawyer.Page/

Meet Jayne Reardon, a nationally renowned expert on legal ethics and professionalism who provides ethics, risk management, and regulatory advice to lawyers and legal service providers. Jayne is an experienced trial lawyer who has tried cases in state and federal courts across Illinois and on appeal up to the United States Supreme Court. She also sits on the national roster of the American Arbitration Association for Commercial and Consumer Arbitration. Moreover, she is a certified neutral in the Early Dispute Resolution Process. Jayne's experience includes service as Executive Director of the Illinois Supreme Court Commission on Professionalism, an organization dedicated to promoting ethics and professionalism among lawyers and judges, and disciplinary counsel for the Illinois Attorney Registration and Disciplinary Commission.

In today's conversation, Jayne explores ethical concerns for lawyers using AI, focusing on ABA Model Rules. She also discusses billing ethics, advising transparency in engagement letters and time tracking. Furthermore, Jayne highlights online civility, warning against impulsive posts and labeling, and real-life cases to underscore the importance of ethical vigilance in AI-integrated legal practice.

Join Jane and me as we discuss the following three questions and more!

  1. What are your top three warnings to lawyers about using AI in line with the ABA model rules of ethics?

  2. Some lawyers are creating DIY services online through chatbots, AI for clients, through chatbots and AI for clients to handle their legal affairs. What are the top three ethical concerns these lawyers should be wary of when creating these services?

  3. What are your top three suggestions about lawyers being civil to one another and others online?

In our conversation, we cover the following:

[01:11] Jayne's Current Tech Setup

[04:50] Handling Tech Devices and Daily Usage

[08:51] Ethical Considerations for AI in Legal Practice

[19:21] Ethical Considerations for AI-Assisted Services

[26:37] Civility in Online Interactions

[30:58] Connect with Jayne

Resources:

Connect with Jayne:

Hardware mentioned in the conversation:

Software & Cloud Services mentioned in the conversation:

* the “W-Calendar” program I refered to apparently is no longer an active software program available for purchase.

The AI Revolution in Law: Adapt or Be Left Behind (& where the bar associations are on the topic).

/ The Tech-Savvy Lawyer.Page/

Its a pivotal moment for attorneys as generative ai has made a huge impact on the field of law.

Recently in a groundbreaking revelation at the 2024 Clio Cloud Conference, Jack Newton, CEO and founder of CLIO, unveiled a startling statistic that's set to reshape the legal landscape. "79% of legal professionals [are] now incorporating AI tools into their daily work—a significant jump from just 19% in 2023" Newton announced, highlighting an unprecedented rate of technology adoption in the legal sector.

This meteoric rise in AI usage among lawyers is not just impressive; it's transformative. Newton emphasized the critical nature of this shift, stating, "If you don't embrace AI, you are at a fundamental competitive disadvantage, and you will lose". Despite this blogs ongoing drum beat that AI is significantly impacting the practice of law, his words should serve as a wake-up call to legal professionals worldwide: the AI revolution is here, and it's moving faster than any technological advancement we've seen before.

The rapid adoption of AI in law practice isn't just about staying current; it's about survival in an increasingly competitive field. As AI tools become more sophisticated and integrated into daily legal work, lawyers who fail to adapt risk falling behind their tech-savvy counterparts. From streamlining document review to enhancing legal research capabilities, AI is proving to be an indispensable tool in the modern law office.

However, with great power comes great responsibility. As lawyers rush to incorporate AI into their practices, they must navigate the complex ethical landscape that comes with this new technology. State bar associations across the country are scrambling to issue guidelines and ethics opinions to ensure that the use of AI aligns with professional standards and client interests. 

Lawyers who don’t embrace technology and AI into their practice of law are going to find themselves left behind by others who do!

The American Bar Association has taken a lead role in this effort, issuing Formal Opinion 512 on "Generative Artificial Intelligence Tools" in July 2024. This opinion emphasizes that while lawyers need not become AI experts, they must develop a "reasonable understanding of the capabilities and limitations" of the AI tools they use[1]. Many state bars are following suit, Below, I have attempted to provide a comprehensive list of bar associations that have “required,” “suggested,” or are “studying” ethical requirements that lawyers follow when using generative AI in their work.  (This list is up-to-date as of October 27, 2024.)

At The Tech-Savvy Lawyer.Page, we've been at the forefront of this discussion, providing in-depth analyses and practical advice for lawyers navigating the AI landscape. Our recent posts on "Understanding the Ethical Implications of AI in Law Practice" and "The White House's New Ai Guidelines: What Lawyers Need To Know!" offer valuable insights into how to integrate AI tools ethically and effectively.

As the legal profession stands at this technological crossroads, it's clear that embracing AI is no longer optional—it's imperative. Lawyers must not only learn to use these tools but also understand the ethical obligations that come with them. State bar requirements are evolving rapidly, and staying informed is crucial.

The message is clear: adapt, learn, and thrive in this new AI-driven legal landscape, or risk being left behind. The future of law is here, and it's powered by artificial intelligence. Are you ready to lead the charge?

MTC

List of Bar Associations that have “REQUIRED,” “SUGGESTED,” or are “STUDYING” Ethical Requirements that lawyers follow when using generative AI in their work.  (This list is up-to-date as of October 27, 2024.)

📋

List of Bar Associations that have “REQUIRED,” “SUGGESTED,” or are “STUDYING” Ethical Requirements that lawyers follow when using generative AI in their work.  (This list is up-to-date as of October 27, 2024.) 📋

Required:

  1. California State Bar - https://calawyers.org/california-lawyers-association/ethics-guidelines-for-lawyers-using-generative-ai/

  2. DC Bar Association - https://www.dcbar.org/for-lawyers/legal-ethics/ethics-opinions-210-present/ethics-opinion-388

  3. Florida Bar - https://news.bloomberglaw.com/litigation/ai-guidance-from-florida-bar-builds-on-familiar-ethics-rules

  4. Illinois State Bar Association - https://www.isba.org/sections/ai

  5. Iowa State Bar Association - https://www.iowabar.org/?blAction=showEntry&blogEntry=111125&pg=IowaBarBlog

  6. Missouri Bar - https://mo-legal-ethics.org/informal-opinion/2024-11/

  7. New Hampshire Bar Association - https://www.nhbar.org/using-artificial-intelligence-in-practice/

  8. New Jersey State Bar Association - https://njbiz.com/nj-supreme-court-releases-preliminary-ai-guidelines-for-lawyers/

  9. North Carolina Bar Association - https://nydailyrecord.com/2024/03/04/north-carolina-adds-to-growing-body-of-ai-ethics-guidance-for-lawyers/

  10. Oregon State Bar - https://www.osbar.org/bulletin/issues/2024/2024April/offline/download.pdf

  11. Pennsylvania Bar Association - https://www.lawnext.com/2024/06/new-legal-ethics-opinion-cautions-lawyers-you-must-be-proficient-in-the-use-of-generative-ai.html

  12. Utah State Bar - https://www.jdsupra.com/legalnews/utah-adopts-new-ai-disclosure-law-that-3770503/

  13. Virginia State Bar - https://nydailyrecord.com/2024/08/30/practical-and-adaptable-ai-guidance-arrives-grom-the-virginia-state-bar/

  14. Washington State Bar Association - https://watech.wa.gov/policies/interim-guidelines-purposeful-and-responsible-use-generative-artificial-intelligence-ai-washington

Suggested:

  1. Hawaii Bar Association - https://histatelawlibrary.com/about/artificial-intelligence-usage-recommendations/

  2. Kentucky State Bar - https://cdn.ymaws.com/www.kybar.org/resource/resmgr/ethics_opinions_(part_2)_/kbae457artificialintelligenc.pdf

  3. Louisiana State Bar Association - http://www.lsba.org/documents/News/LSBANews/LASCLetterAI.pdf

  4. Massachusetts Bar Association - https://natlawreview.com/article/american-bar-association-issues-formal-opinion-use-generative-ai-tools

  5. Michigan State Bar - https://www.michbar.org/journal/Details/Lawyering-in-the-age-of-GenAI?ArticleID=4873

  6. Minnesota State Bar Association - https://www.mnbar.org/resources/publications/bench-bar/columns/2024/09/03/ethics-guidance-for-generative-ai-use

  7. New York State Bar Association - https://associationsnow.com/2024/04/legal-group-ai-guidelines/

  8. Oklahoma Bar Association - https://www.okbar.org/barjournal/september-2024/a-cautionary-tale/

  9. Tennessee Bar Association - https://www.tba.org/?blAction=showEntry&blogEntry=110838&pg=LawBlog

  10. West Virginia State Bar - https://www.intelligencer.net/news/top-headlines/2024/06/legal-watchdog-provides-west-virginia-attorneys-guidance-on-ai/

Studying:

  1. Alabama State Bar Association - https://www.attorneysinsurancemutual.com/post/aba-issues-first-ethics-guidance-on-a-lawyer-s-use-of-artificial-intelligence-tools-alabama-and-ten

  2. Colorado Bar Association - https://cl.cobar.org/features/the-legal-ethics-of-generative-ai-part-3/

  3. Delaware State Bar Association - https://media1.dsba.org/public/Publications/BarJournal/January2024DSBABarJournal.pdf

  4. Georgia State Bar - https://natlawreview.com/article/american-bar-association-issues-formal-opinion-use-generative-ai-tools

  5. Mississippi Bar Association - https://www.phelps.com/insights/the-mississippi-bar-presents-benefits-of-artificial-intelligence-in-law-practice.html

  6. Montana State Bar - https://www.montanabar.org/Membership-Regulatory/Ethics-Resources

  7. Nevada State Bar - https://nvbar.org/events/cle-ai-and-the-practice-of-law/

  8. South Carolina Bar Association - https://www.americanbar.org/news/abanews/aba-news-archives/2024/07/aba-issues-first-ethics-guidance-ai-tools/

  9. Texas State Bar - https://www.law.com/texaslawyer/2024/07/22/new-ai-legal-ethics-rules-coming-texas-state-bar-drafting-recommendations-on-artificial-intelligence/

MTC: What is the common sense approach lawyers can learn from 23andMe’s recent client data breach?

/ The Tech-Savvy Lawyer.Page/

What can 23andme’s client data breach teach lawyers about keeping their own client’s data secure?

I can’t stress enough that as legal professionals, we bear a dual responsibility when it comes to personal identification information (PII): safeguarding our own data and protecting our clients' sensitive information. 

The 23andMe Incident: A Wake-Up Call

Last week’s report of the 23andMe breach serves as a stark reminder of the vulnerabilities inherent in storing sensitive personal information online. Hackers gained access to user profiles, including genetic data, names, birth years, and ancestry report. This incident underscores the need for heightened awareness and caution when sharing personal identification information (PII) with online companies. THIS data breach serves as a perfect reminder of the critical importance of data security in our increasingly digital world, especially for those of us in the legal field.

Legal Ethics and Client Confidentiality

The cornerstone of the attorney-client relationship is confidentiality, extending far beyond our physical offices in today's digital age. We are bound by ethical rules mandating the protection of client information. The American Bar Association's Model Rule 1.6(c) explicitly states that "A lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” But our legal ethics responsibilities just don’t stop there!

Even small law firms are not immune from cyberattacks!

ABA Model Rule 1.1 Comment 8 (Rule 1.1[8]) requires lawyers to stay informed about changes in the law and its practice, including the benefits and risks associated with relevant technology. This comment explicitly recognizes that competent representation in today's legal landscape involves understanding and effectively using pertinent technology. Lawyers must be aware of the security levels, general operational status, and potential risks and actual data breaches of the services and software they use, both in-office and cloud-based. While the goal isn't to transform lawyers into tech experts, it's crucial that we can leverage technology (even with the assistance of more technically proficient experts) to provide efficient, effective, and ethical legal services to our clients.

Implications of Data Breaches

The 23andMe incident highlights the potential consequences of a data breach, which for lawyers could include:

  1. Violation of ethical obligations

  2. Potential malpractice claims

  3. Loss of client trust and reputation damage

  4. Regulatory penalties and sanctions

Protecting Client and Our Own Information in the Digital Age

To fulfill our ethical obligations and protect our clients' PII, we must implement robust data security measures:

Secure Data Storage and Transmission

Utilize encrypted cloud storage solutions and secure file transfer protocols when handling client data. Avoid using public Wi-Fi networks for accessing or transmitting sensitive information. And if you do, be sure to use a reliable Virtual Private Network (VPN) when on public Wi-Fi.

Client Communication Practices

Lawyers need not be tech experts but they need to know how to use tech to not only for their clients but use it to protect their client’s Data.

Implement secure client portals for document sharing and communication. Educate clients on the risks of sending sensitive information via unsecured email, and advise them on what information should never be shared electronically.

Vendor Due Diligence

Carefully vet third-party service providers, ensuring they adhere to stringent data protection standards. This includes practice management software, e-discovery platforms, and cloud storage providers.

Here are Some Best Practices for Personal and Professional Data Protection

  1. Implement strong authentication: Use multi-factor authentication for all professional and personal accounts. Consider using a password manager that creates and stores complex passwords.

  2. Separate personal and professional online presence: Maintain distinct profiles and accounts for personal and professional use.

  3. Regularly update security measures: Stay informed about the latest cybersecurity threats and update your protection strategies accordingly.

  4. Minimize data sharing: Critically assess what personal information is truly necessary to share online, and refrain from providing sensitive data unless absolutely essential.

Lawyers Are Important Participants to the Future Legal Landscape 

The 23andMe breach raises important questions about the adequacy of current data protection laws. As legal professionals, we have a responsibility to:

  1. Advocate for stronger data protection legislation: Support and contribute to the development of comprehensive data privacy laws that protect individuals and businesses.

  2. Stay informed on data privacy regulations: Keep abreast of evolving laws such as The European Union's General Data Protection Regulation (GDPR) and California's Consumer Privacy Act (CCPA), and industry-specific regulations like Health Insurance Portability and Accountability Act (HIPAA).

  3. Advise clients on data protection: Provide guidance on compliance with data protection laws and best practices for safeguarding sensitive information, including when to refrain from sharing certain types of data altogether.

maybe we don’t need to put all of our information on the internet?

The Fundamental Lesson: Some Data Should Never Be Shared

Perhaps the most crucial takeaway from the 23andMe incident is that certain types of information are so sensitive and personal that they may not belong in anyone else's hands, regardless of the security measures in place. This is particularly true for genetic data, which is immutable and deeply personal. As lawyers, we must critically evaluate what information truly needs to be shared or stored externally, always erring on the side of caution.

My Final Thoughts

The 23andMe incident serves as a critical reminder of the vulnerabilities inherent in our digital ecosystem and the importance of discerning what information should never be shared. As lawyers, we must be at the forefront of data protection efforts, not only to safeguard our own information but also to uphold our ethical obligations to our clients. By implementing robust security measures, staying informed about evolving threats and regulations, and advocating for stronger data protection laws, we can help mitigate the risks associated with sharing PII in our increasingly interconnected world.

In this digital age, protecting personal identification information is not just a matter of individual privacy—it's a fundamental aspect of legal ethics and professional responsibility. As tech-savvy lawyers, we must lead by example in implementing and promoting best practices for data security, ensuring that we maintain the trust and confidentiality that form the bedrock of our profession. Most importantly, we must always question whether certain information needs to be shared at all, recognizing that the best protection sometimes lies in not disseminating sensitive data in the first place.

MTC

PSA: Phishing Awareness Training: Protecting Your Law Firm from Cyber Threats!

/ The Tech-Savvy Lawyer.Page/

Be aware of “Phishing” as it can jeopardize your office’s cybersecurity!

For October 2024’s Cybersecurity Month, we need to remember that in today's digital age, law firms are increasingly becoming targets of sophisticated cyber attacks, with phishing being one of the most prevalent and dangerous threats. As legal professionals, we handle sensitive client information and confidential data daily, making it crucial to stay vigilant against these malicious attempts. This article will explore the importance of phishing awareness training for law firms and provide practical strategies to safeguard your practice.

Understanding the Phishing Threat Landscape

Phishing attacks have evolved significantly over the years, becoming more targeted and convincing. Cybercriminals often employ social engineering tactics to manipulate unsuspecting victims into divulging sensitive information or clicking on malicious links. For law firms, the consequences of a successful phishing attack can be devastating, potentially leading to data breaches, financial losses, and reputational damage.

The Importance of Comprehensive Training

One key strategy in combating phishing attacks is to conduct regular phishing awareness training sessions. These sessions should educate legal professionals on how to spot and avoid phishing attempts, emphasizing the importance of verifying sender identities and checking for red flags in emails.

Best Practices for Phishing Defense

To mitigate cybersecurity risks and safeguard sensitive information effectively, legal professionals should be trained on the following best practices:

  1. Implement multi-factor authentication and encryption protocols

  2. Encourage a culture of vigilant reporting for suspicious activities

  3. Verify sender identities before responding to emails

  4. Check for red flags such as misspellings or urgent requests for personal information

  5. Avoid clicking on suspicious links or downloading attachments from unknown sources

Effective Training Strategies

“Phishing” is a cyber attack where scammers impersonate legitimate entities to trick individuals into revealing sensitive information, like passwords or financial details.

To ensure that your phishing awareness training program is effective and engaging, consider implementing the following strategies:

Simulated Phishing Exercises

Conducting simulated phishing exercises can provide practical, hands-on experience for your legal team. These exercises help staff members identify common tactics employed by cybercriminals and improve their ability to detect suspicious emails.

Interactive Learning Modules

Incorporate interactive learning modules into your training program to reinforce key concepts and best practices in cybersecurity. These modules can include quizzes, case studies, and scenario-based learning to keep participants engaged and enhance knowledge retention.

Continuous Training and Updates

Given the ever-evolving nature of cyber threats, it's crucial to ensure that training is an ongoing process rather than a one-time event. Regular refresher courses and updates on emerging threats can help your legal staff remain vigilant and prepared to defend against phishing attacks.

Creating a Culture of Cybersecurity Awareness

Fostering a culture of cybersecurity awareness within your law firm is essential for long-term success in combating phishing threats. Here are some strategies to achieve this:

  1. Lead by example: Ensure that partners and senior staff members actively participate in training sessions and demonstrate good cybersecurity practices.

  2. Encourage open communication: Create an environment where staff members feel comfortable reporting suspicious emails or potential security breaches without fear of repercussions.

  3. Recognize and reward vigilance: Acknowledge and reward employees who successfully identify and report phishing attempts, reinforcing the importance of staying alert.

Handling Suspicious Emails and Potential Phishing Attacks

Cyber security awareness should not just be practiced once a month every year but every day!

It's crucial to provide clear guidelines on how legal staff should handle suspicious emails or suspected phishing attacks:

  1. Avoid clicking on any links or providing personal information.

  2. Report the suspicious email to the IT department or security team immediately.

  3. If a potential phishing attack is suspected, change passwords immediately and monitor accounts for any suspicious activity.

Implementing a Comprehensive Phishing Awareness Program

To create an effective phishing awareness program for your law firm, consider the following steps:

  1. Conduct a risk assessment to identify vulnerabilities specific to your firm

  2. Develop tailored training materials that address your firm's unique needs

  3. Implement regular training sessions for all staff members, including lawyers and support staff

  4. Use a variety of training methods, such as in-person workshops, online modules, and simulated phishing exercises

  5. Regularly evaluate and update your training program to address new threats and evolving tactics

Leveraging Technology to Enhance Phishing Defense

While training is crucial, it's also important to leverage technology to strengthen your firm's defenses against phishing attacks. Consider implementing the following tools and strategies:

  1. Email filters and anti-spoofing tools to reduce the number of phishing emails reaching users' inboxes

  2. Anti-spoofing solutions to identify and remove impostor websites before they can deceive your users

  3. Email server authentication to prevent email spoofing and improve the overall security of your firm's email communications

Measuring the Success of Your Phishing Awareness Program

being cyber aware and cyber secure can easily be seen as a MPR 1.1[8] Requirement!

To ensure the effectiveness of your phishing awareness training, it's important to track and measure its success. Consider the following metrics:

  1. Reduction in successful phishing attempts

  2. Increase in reported suspicious emails

  3. Improved performance in simulated phishing exercises

  4. Higher scores on cybersecurity knowledge assessments

My Final Thoughts

As legal professionals, we have a responsibility to protect our clients' sensitive information and maintain the integrity of our practices. By implementing a comprehensive phishing awareness training program and fostering a culture of cybersecurity awareness, we can significantly reduce the risk of falling victim to these malicious attacks.

Remember, cybersecurity is an ongoing process, and staying informed about the latest threats and best practices is crucial. By investing in regular training and leveraging technology, we can create a robust defense against phishing attacks and ensure the long-term security of our law firms.

Happy Lawyering!

PSA: October 2024 - Cybersecurity Month is not just for the Tech-Savvy Lawyer!

/ The Tech-Savvy Lawyer.Page/

Its cyber Security Awareness month - are you cyber secure?

As we enter October 2024, it's time once again for Cybersecurity Awareness Month. This annual event, now in its 21st year, serves as a crucial reminder for lawyers to prioritize digital security in their practices. In an increasingly interconnected world, protecting client data and maintaining the integrity of our legal systems has never been more important. Let's explore some essential cybersecurity tips for lawyers of all tech levels, drawing from our previous discussions and expert insights.

The Basics: Foundational Cybersecurity Practices

Even if you're not a tech wizard, there are simple steps you can take to significantly enhance your firm's cybersecurity:

Password Protection and Authentication

Start with the basics: ensure all your devices are protected with strong passwords or passcodes. Use complex, unique passwords for each account, and consider implementing a password manager to keep track of them securely. Additionally, enable two-factor authentication wherever possible, adding an extra layer of security to your accounts.

Keep Systems Updated

Regularly updating your operating systems and software is crucial. These updates often contain critical security patches that protect against newly discovered vulnerabilities. Don't ignore those update notifications – they're your first line of defense against emerging threats.

Secure Your Network

When working remotely, avoid using public Wi-Fi networks. Instead, use your phone's personal hotspot or a reliable VPN service to encrypt your internet connection1. This practice is essential for maintaining client confidentiality and protecting sensitive data.

Advanced Strategies: Leveraging Technology for Enhanced Security

Even solo and small firms need to be cyber secure!

For those ready to take their cybersecurity to the next level, consider these more advanced strategies:

Embrace AI-Powered Security Solutions

As discussed in our recent blog post on Time's 100 Most Influential People in AI, artificial intelligence is revolutionizing cybersecurity. Look into AI-powered security tools that can provide real-time threat detection and response, offering what we've termed "precision cybersecurity".

Implement Endpoint Detection and Response (EDR) Systems

EDR systems can monitor and respond to suspicious activities on your devices in real-time. This proactive approach can help prevent breaches before they occur.

Regular Security Audits and Penetration Testing

Consider conducting regular security audits of your systems and networks. Penetration testing, where ethical hackers attempt to breach your systems, can reveal vulnerabilities you might have overlooked.

The Human Factor: Training and Awareness

Stay on top of trends and reports of cyber issues and how they may impact your practice!

Technology alone isn't enough – your team plays a crucial role in maintaining cybersecurity:

Phishing Awareness Training

Phishing remains one of the most common entry points for cyberattacks. Regularly train your staff to recognize and report phishing attempts. Consider running simulated phishing exercises to test and improve your team's awareness.

Develop a Cybersecurity Policy

Create a comprehensive cybersecurity policy for your firm. This should cover everything from acceptable use of technology to incident response procedures. Make sure all staff members are familiar with and adhere to this policy.

Foster a Security-First Culture

Encourage open communication about security concerns. Create an environment where staff feel comfortable reporting potential security issues without fear of reprimand.

Staying Informed: Continuous Learning

The cybersecurity landscape is constantly evolving. Stay informed about the latest threats and best practices:

Follow Reputable Sources

CISA is America's Cyber Defense Agency
NATIONAL COORDINATOR FOR CRITICAL INFRASTRUCTURE SECURITY AND RESILIENCE

Keep an eye on authoritative cybersecurity sources like the Cybersecurity and Infrastructure Security Agency (CISA) for the latest advisories and guidelines.

Attend Webinars and Workshops

Take advantage of educational opportunities. For instance, CISA is hosting several webinars throughout October 2024, covering topics from protecting school systems to addressing the cybersecurity workforce gap.

Leverage The Tech-Savvy Lawyer Resources

Don't forget to revisit our podcast Episode #39, where we discussed essential cybersecurity tips with expert Tom Lambotte. This conversation provides valuable insights tailored specifically for lawyers.

Final Thoughts: A Year-Round Commitment

While Cybersecurity Awareness Month provides a focused opportunity to assess and improve our digital security practices, it's crucial to remember that cybersecurity is a year-round necessity. The threats we face are constant and evolving, requiring ongoing vigilance and adaptation. By implementing these tips and staying informed about the latest developments, we can protect our clients, our practices, and the integrity of our profession.

Remember, cybersecurity is not just about technology – it's about people, processes, and continuous improvement. Whether you're a solo practitioner or part of a large firm, every step you take towards better cybersecurity makes a difference. Let's use this Cybersecurity Awareness Month as a springboard for ongoing security enhancements throughout the year.

Stay safe, stay informed, and let's continue to raise the bar for cybersecurity in the legal profession.

My Two Cents: Lessons from ABA's Formal Opinion 512 - A Follow-Up!

/ The Tech-Savvy Lawyer.Page/

there will be many Collaborative discussions on ABA Formal Opinion 512's impact on legal practice!

This post is a follow-up to last week's editorial on my experience with the AI sessions at the American Bar Association's (ABA) 2024 Annual meeting. Today, I'll delve deeper into ABA's Formal Opinion 512 and explore its implications for legal practitioners.

Building on Prior Model Rules

ABA's Formal Opinion 512 builds on several foundational Model Rules of Professional Conduct. These include:

 Breakdown of ABA Formal Opinion 512 

Tech-savvy lawyer reviews ethical implications of AI under ABA Opinion 512.

 1. Competence

Formal Opinion 512 emphasizes that competence in legal practice now extends to a lawyer's understanding and use of technology. Lawyers must stay informed about changes in technology that affect their practice areas. This includes:

  • Understanding AI Capabilities: Lawyers must understand the capabilities and limitations of AI tools they use.

  • Continuing Education: Lawyers should engage in ongoing education about technological advancements relevant to their practice.

 2. Confidentiality

The opinion underscores the importance of maintaining client confidentiality when using AI tools. Key points include:

  • Risk Assessment: Lawyers must assess the risks associated with using AI tools, particularly concerning data security and privacy.

  • Vendor Due Diligence: Lawyers should conduct due diligence on AI vendors to ensure they comply with confidentiality obligations.

Lawyers will be Debating AI ethics and compliance for the foreseeable future!

 3. Supervision

Lawyers are responsible for supervising the AI tools and ensuring they are used ethically. This includes:

  • Oversight: Lawyers must oversee the AI tools to ensure they are used appropriately and do not compromise ethical standards.

  • Accountability: Lawyers remain accountable for the outcomes of AI-assisted tasks, ensuring that AI tools do not replace human judgment.

 4. Communication

Effective communication with clients about the use of AI is crucial. Lawyers should:

  • Inform Clients: Clearly inform clients about the use of AI tools in their cases.

  • Obtain Consent: Obtain informed consent from clients regarding the use of AI, especially when it involves sensitive data.

ABA's Formal Opinion 512 signals that AI is now essential in legal practice, but it also underscores the importance of maintaining ethical standards when using it.

Final Thoughts

ABA's Formal Opinion 512 is a significant step in ensuring that lawyers remain competent and ethical in an increasingly digital world. By emphasizing the need for technological proficiency, confidentiality, supervision, and clear communication, the ABA reinforces that staying updated with technology is not optional—it's a matter of maintaining one's bar license. Lawyers must embrace these guidelines to provide the best possible representation in the modern legal landscape.

Lawyers who do not keep up with the evolving AI landscape will be left behind by those who do!

🚨

Lawyers who do not keep up with the evolving AI landscape will be left behind by those who do! 🚨

🚨BOLO: Lawyers Beware of Fake Chrome Errors Hijacking Computers!🚨

/ The Tech-Savvy Lawyer.Page/

Lawyers beware of browser pop-ups! It could lead to malware and bar ethics issues!!!

A new cybersecurity threat is targeting Google Chrome users.[1] Fake error messages are being used to hijack computers. These deceptive pop-ups trick users into thinking their system have critical issues. Once users engage with these messages, they risk downloading malicious software or giving remote access to hackers.

Key Points of the Threat:

  • Fake error messages mimic genuine Chrome alerts.

  • The goal is to panic users into taking immediate action.

  • Engaging with these messages can lead to malware installation or remote control of the computer.

  • Lawyers, due to their sensitive data, are particularly at risk.

Proactive Tips for Lawyers Using Chrome: 

Recognize Fake Error Messages -

  • Be aware that Chrome does not display critical error messages urging immediate action.

  • Verify any error message by checking Chrome's official support pages or consulting IT support.

Avoid Clicking on Suspicious Pop-Ups:

  • Do not click on any unexpected pop-ups or error messages.

  • Close the tab or window immediately if a suspicious message appears.

Keep Software Updated:

  • Ensure Chrome and all other software are up-to-date.

  • Regular updates often include security patches that protect against new threats.

Install a Reliable Antivirus Program:

  • Use trusted antivirus software to scan for and remove malware.

  • Regularly update your antivirus program to protect against the latest threats.

Use Pop-Up Blockers:

  • Enable pop-up blockers in Chrome to prevent unwanted messages from appearing.

  • Adjust settings to block sites known for malicious content.

Educate Your Team:

‼️ be careful: Browser pop-ups could be malicious actors trying to hack into your computer! ‼️

  • Inform all staff members about the fake error message threat.

  • Provide training on how to identify and respond to suspicious activity.

Backup Important Data:

  • Regularly back up all important files to a secure location.

  • Ensure backups are complete and can be restored if needed.

Review and Update Security Policies:

  • Update your firm’s cybersecurity policies to include guidance on handling fake error messages.

  • Ensure all employees are aware of and follow these policies.

Monitor Network Activity:

  • Increase monitoring for unusual activity on your network.

  • Use tools to detect and respond to potential threats quickly.

Consult with IT Professionals:

  • Work with IT experts to enhance your cybersecurity measures.

  • Seek advice on the best practices to protect your firm from these types of attacks.

Report Suspicious Activity:

Lawyers beware of browser pop-ups! You could expose your client’s sensitive informaiton to bad actors!

  • Report any suspicious messages or activity to your IT department immediately.

  • Document the incident for future reference and analysis.

Use Secure Browsing Practices:

  • Avoid visiting suspicious websites or downloading unknown software.

  • Use secure, verified websites for all browsing and downloads.

Stay tuned 📺 as your TSL continues to monitor 👀 this issue and provide updates! 📢

Stay tuned 📺 as your TSL continues to monitor 👀 this issue and provide updates! 📢

Follow The Tech-Savvy Lawyer Blog as we will continue to monitor this issue and provide updates. Stay vigilant and proactive in protecting your digital environment. These measures will help safeguard your practice and maintain the confidentiality of your client information. Stay tuned for more insights and recommendations on cybersecurity threats.

Happy Lawyering!

[1] https://lifehacker.com/tech/ignore-these-fake-chrome-errors-that-hijack-your-computer

What Lawyer's Should Do Before Their Chatbots or DIY Services Fail: Lessons from Meta's Small Claims Court Saga! 🤖⚖️

/ The Tech-Savvy Lawyer.Page/

Clients are coming up with creative ways to get a service providers attention when the chatBot or online DIY service does not meet their expectations…

In an era where technology is reshaping the legal landscape, a recent trend involving Meta (formerly Facebook) offers valuable insights for law firms venturing into chatbots and online DIY services. The phenomenon of users turning to small claims courts as the de facto means to resolve issues with Meta's platforms highlights the importance of effective digital customer service. Lawyers should see Meta's customer service failure that results in small litigation as a warning that when using chatbots or providing online DIY services they still need to keep a human hand in these communications to prevent future bar complaints!

The Case In Chief 📱🏛️

Meta, the parent company of Facebook and Instagram, has faced an unusual challenge. Users, frustrated with account lockouts and bans, have resorted to filing small claims lawsuits against the tech giant. This unconventional approach has surprisingly become an effective way for users to regain access to their accounts or receive compensation. So, what can the legal community learn from this?

The Lesson to Be Learned 🧑🏼‍🏫

Chatbots and DIY services are bringing low-cost and easier access to legal assistance for those who typically may not be able to afford such services from a more traditional (and perhaps one day antiquated) law firm model. However, clients want to know that they are being heard, and sometimes their "square peg" question does not fit into the "round hole" of an automated response. Similarly, the online service may not be able to provide a satisfactory answer, leaving the customer frustrated or infuriated over their wasted time and money.

It is crucial for lawyers using these digital platforms in their offices to have "real person" options as a safety net. It's much easier and cheaper for a disgruntled client or even a potential client to file a bar complaint versus going to small claims court.

Here are some takeaways and proactive steps lawyers should consider when using chatbots and online DIY services

Does your law firm have a plan to “pick up the pieces” should its chatbot fail? 😲

Key Takeaways for Law Firms 💡

  • The Importance of Human Touch 🤝

While automation can streamline processes, the Meta case underscores the value of human intervention. Law firms implementing chatbots should ensure there's an easy way for clients to escalate issues to a real person.

  • Clear Communication is Crucial 📢

Many Meta users turned to small claims courts due to a lack of clear communication channels. Law firms should prioritize transparent and accessible communication options in their digital services.

  • Anticipate and Address Common Issues 🔍

Meta's situation arose partly from recurring account access problems. When setting up online services, law firms should identify potential pain points and create dedicated resolution pathways.

  • Regular System Audits 🔄

Conduct frequent reviews of your digital services. This helps identify and rectify issues before they escalate to client frustration.

  • Empower Your Chatbot, But Know Its Limits 🤖💼

While chatbots can handle routine queries, they should be programmed to recognize complex issues that require human expertise. Ensure your system can seamlessly transfer such cases to appropriate staff.

Some Tips for Implementing These Lessons 🛠️

clients are coming up with creative ways to get an online providers attention when they think a chatbot or online diy service fails - Don’t give them reason to file a law suit or worse yet a bar complaint!

  • When developing your firm's chatbot or online DIY service:

  • Create a clear escalation process for issues the bot can't resolve

  • Provide multiple contact options for clients

  • Regularly update your FAQ and chatbot responses based on common client queries

  • Implement a feedback system to continuously improve your digital services

  • Train your staff to effectively handle cases escalated from digital platforms

Conclusion 🎯

The Meta small claims phenomenon serves as a cautionary tale for the legal tech world. It emphasizes the need for a balanced approach that leverages technology while maintaining the human element crucial to legal services.

By learning from Meta's experience, law firms can create more effective and client-friendly digital services. Likewise, in the legal world, technology should complement, not replace, the expertise and personal touch that clients expect from their legal representatives. 💻⚖️ This approach not only enhances client satisfaction but also prevents potential frustrations that could lead to unconventional problem-solving methods by clients like bar complaints. 😲

MTC

BOLO: Increased Solar Storms: A Potential Disruption for Lawyers!

/ The Tech-Savvy Lawyer.Page/

Lawyers need to prepare their office tech for the increase of solar flares this year!

Recent solar disturbances have raised concerns about potential impacts on various aspects of modern life, including the legal profession. Lately, the sun has been exhibiting heightened activity, leading to powerful solar flares and coronal mass ejections (CMEs). These solar disturbances can trigger geomagnetic storms that may disrupt various technologies we rely on daily.  Such intense flares can impact radio communications, electric power grids, and navigation signals and pose risks to spacecraft and astronauts.

While solar storms are not uncommon, the current solar cycle is expected to reach its peak activity in 2024 and 2025. Experts predict an increased likelihood of severe geomagnetic storms, classified as G5 events, during this period.  So, what does this mean for the legal profession?

Potential Impacts on Legal Professionals

As lawyers, we heavily rely on technology for communication, research, document management, and court proceedings. A significant solar storm could potentially disrupt these essential tools and workflows.  Here are some examples:

lawyers can reduce the anxiety in their life by preparing their technology for the potential disruptions from Solar flares!

  • Communication Disruptions: Solar storms can interfere with radio and satellite communications, affecting email, video conferencing, and phone systems. This could hinder communication with clients, colleagues, and courts.

  • Power Grid Instability: Intense geomagnetic storms can induce currents in power lines, potentially damaging transformers and causing widespread power outages. Prolonged blackouts could severely impact law firm operations and court proceedings.

  • Navigation System Failures: Solar storms can disrupt GPS and other satellite navigation systems, making it challenging for lawyers to attend court hearings, client meetings, or navigate to remote locations.

  • Data and Document Access Issues: If power outages or communication disruptions occur, accessing online legal databases, cloud-based document management systems, and electronic case files could become problematic.

Preparing for Potential Disruptions

While the likelihood of a severe solar storm is uncertain, it's crucial for legal professionals to be proactive and have contingency plans in place:

  • Contingency Planning: Developing comprehensive contingency plans for critical processes can help minimize disruptions. This includes having manual processes as backups for essential digital tasks and ensuring all team members are trained on these procedures.

  • Data Backup: Regularly backing up data using multiple methods (cloud storage and physical backups) ensures that even if one system fails due to a surge or outage caused by geomagnetic activity, another can step in to prevent data loss. Don’t forget my “3-2-1” data backup strategy!

lawyers can take some proactive measures to secure their client’s information, office technology and their ethical responsibilties!

  • Infrastructure Protection: Investing in surge protection devices and uninterruptible power supplies (UPS) can safeguard sensitive electronic equipment from sudden spikes in voltage during geomagnetic storms.

  • Staying Informed: Monitoring space weather forecasts provided by organizations like the National Oceanic and Atmospheric Administration (NOAA) Space Weather Prediction Center enables firms to anticipate significant events and take preventative measures accordingly.

  • Client Communication: Legal professionals should maintain open lines of communication with clients about potential risks to their cases or information due to technological disruptions from solar activity.

By being aware of the potential impacts of solar storms and taking proactive measures, lawyers can minimize disruptions to our practice and better serve their clients during these rare but potentially disruptive events.

Happy Lawyering!

My Two Cents/BOLO: Privacy Alert for Legal Pros: Navigating Discord's Data Vulnerabilities and Maintaining Client Confidentiality on the Internet

/ The Tech-Savvy Lawyer.Page/

Lawyers can learn a valuable lesson from a recent privacy breach alert for Discord users. Discord, originally designed for gamers to communicate while gaming, is a versatile chat app like Slack or Skype, offering real-time messaging, voice, and video to its over 100 million users. Discord users faced a privacy issue where their data on public servers has been scraped and sold. An online service named Spy Pet has been collecting data from thousands of Discord servers and selling it cheaply for various purposes, including to law enforcement and AI companies. This has raised concerns because the data includes user activities and messages, even though private direct messages remain secure.

Lawyers need to be careful about what services they use when communicating client information on the internet.

Here are some General Tips for Lawyers on Protecting Privacy when using Discord and Similar Platforms:

Be cautious about what you share on public servers since anything posted can potentially be scraped.

Monitor and manage server bots carefully to avoid unwanted data scraping. Remove or ban suspicious accounts.

Adjust server privacy settings to restrict who can join and view content.

Lawyers should be especially cautious when using platforms like Discord for any sensitive communications. Given the lack of end-to-end encryption for public server messages and the potential for data scraping:

Lawyers are a guardian of their client’s information when using it online!

  • Avoid sharing any confidential information that could compromise client privacy.

  • Utilize platforms that are specifically designed for secure, encrypted communications to ensure confidentiality and compliance with legal standards.

Always assume that any data shared on non-encrypted platforms could be accessed by unintended parties. Most of the popular Law Practice Management Programs and paid communication platforms should be secure. But it's always best to check a company's Terms of Service and online reputation before entering client confidential or private information.

MTC

Happy Lawyering!