Pitfalls Of A Virtual Practice

Filed under: Cloud, Editorials | Tags: , |

Mobile phone

For a time, when I was contemplating moving my law office, I considered going completely virtual. I gave considerable consideration to working from home and becoming a “Starbucks Lawyer.” I also gave quite a bit of thought to how to work completely from an iPad. I strongly considered online case management systems. The problem was I could not figure out how I would generate documents and get them to clients. I did not want to do work “in the field” only to get back to my home office with a stack of todos.

The best solution I could come up with was to use a VNC (or similar) solution and use the iPad to connect to full desktop and work remotely from the iPad. I have done this on occasion, but not as a primary means of running my office. The trouble is that the iPad becomes a window to a larger desktop which you are constantly moving around to see different parts of; or zooming in and out between an overview of the desktop and a closer view to make the text legible. I realize you can reduce the resolution of the desktop. However, then your screen real estate drops causing another set of problems.

I could have used a laptop with an internet connection. However, I like the long battery life in an iPad as well as the $30 per month unlimited internet connectivity.

I also focused on using an iPad as a security measure. The iPad is primarily a viewer. I could access my data without storing it on the device. I could safely work and if the iPad was stolen, I would not be worried that all my information and files would be stolen with it. Additionally, with the ability to remote lock and wipe the device, I could feel relatively secure that a loss of the device would not result in loss of sensitive information.

Ultimately, I decided to simply move the office rather than abandon the idea of a public office altogether (or, at least for this year). Beyond the the technical issues, there was the matter of matter of a substantial reduction in personal contact with my clients.

Face time matters. In a disability practice, being able spend time with a client plays a large part in improving the outcome of the case.

  • You can read people better in person.
  • It takes time for a client to warm up. A  person will say things after 45 minutes that they would never say in the first 10.

I have found that this does not work over the telephone, or even on a video conference. You just cannot keep people on the phone long enough. It is not the same as talking with friends of family. You are regularly cross referencing your client’s statements against your notes to check the status of todos and to gain greater understanding of their case. This results in pauses while you go through your notes – even if everything is at your fingertips with electronic notes.

Here’s the rub: people hate pauses over electronic communication. What is perfectly acceptable when meeting with a lawyer: watching them check files or the screen, becomes intolerable when not meeting with the attorney. I have found that people will either fill the empty space with conversation or they want to end the meeting. For the attorney, you are forced to try to split your attention and risk missing what the client is saying or do a poor job cross-referencing. In the end, the electronic communication ends up being shorter and less productive.

If you have not noticed this in your practice, compare the time spent and what you learn when you meet with your client in person versus over the phone. Where are you more productive?

Creative Commons License photo credit: Milica Sekulic


In The News: Courts Grapple With Technology

Filed under: Cloud | Tags: , |

Dead Sea newspaper

CC photo credit: inju

Three stories of internet technology making its way into the courts:

Round 1: Judge orders lawyer to stop Googling potential jurors during Voir Dire.

Round 2: Conviction overturned due to iPhone using juror.

Round 3: Facebook is now court evidence.

Go read! It’s good stuff.

If you want a heads up on stories at the intersection of social media and technology, don’t forget to follow Planet10tech on twitter.


Twitter In Court: Find Out Who Is Tweeting

Filed under: Cloud | Tags: , , , |

Textbreak

CC photo credit: moriza

Lawyers: are you asking jurors for their twitter handles during voir dire?

You should! Do you know if your client is on twitter? How about opposing counsel? Do you know what is being said. If you are not on twitter, and if you do not know where to look, you probably don’t.

Why is this important? Because Twitter is a HUGE back channel.

When you attend a meeting, people are tweeting. At every conference, there is a back channel about what’s good, what’s bad, and where to get a beer and steak afterward. The more people feel they are trapped somewhere they do not want to be: in line at the post office, stuck at the Social Security office, or in trial; the more likely they are to be tweeting about it to their friends. And their friends are tweeting back! There are entire conversations going on!

But, how can I listen in? Twitter is private, isn’t it?

NO! Unless a person specifically checks the “Protect my tweets” box, their tweets are publicly viewable. That is the whole point: you talk to the whole world, and interested people can follow your tweets and join in the conversation.

Keep in mind this isn’t limited to just what a juror may be tweeting about. Some courts are letting reporters tweet from the courtroom. The opposing counsel may be tweeting. Your own client may be tweeting!

Watch this video covering how to get a Twitter account, how to find someone on Twitter, and how to create and save searches. It looks awesome in full screen!

Ok attorneys, SPEAK UP! Do you keep an eye on social media when you go to court? How do your judges view tweeting in the courtroom?


Is Dropbox Secure Enough For Lawyers?

Filed under: Cloud | Tags: |

I have been using DropBox in my practice for over a year and I have been absolutely thrilled with it. It keeps my computers synchronized and with its versioning and off site storage, it provides a layer in my backup strategy.

Later this year I will be doing  a presentation on cloud based services for lawyers at Colorado Trial Lawyers Convention. This has given me a chance to go back and review Dropbox’s security. I have to say, I have come away impressed.

Much of this is taken from Dropbox’s website and the Amazon S3 site (Dropbox uses S3 for its storage).

How secure is Dropbox?

  • Shared folders are viewable only by people you invite.
  • All transmission of file data and metadata occurs over an encrypted channel (SSL).
  • All files stored on Dropbox servers are encrypted (AES-256) and are inaccessible without your account password.
  • Dropbox website and client software have been hardened against attacks from hackers.
  • Dropbox employees are not able to view any user’s files.
  • Online access to your files requires your username and password.
  • Public files are only viewable by people who have a link to the file(s). Public folders are not browsable or searchable.

Where are Dropbox files stored?

  • All files stored online by Dropbox are encrypted and kept securely on Amazon’s Simple Storage Service (S3) in data centers located along the east coast of the United States.

So lets take a look at Amazon’s security:

PHYSICAL SECURITY

Amazon has many years of experience in designing, constructing, and operating large-scale data centers.  This experience has been applied to the AWS platform and infrastructure.  AWS data centers are housed in nondescript facilities, and critical facilities have extensive setback and military grade perimeter control berms as well as other natural boundary protection. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, state of the art intrusion detection systems, and other electronic means.  Authorized staff must pass two-factor authentication no fewer than three times to access data center floors.  All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.

Amazon only provides data center access and information to employees who have a legitimate business need for such privileges.  When an employee no longer has a business need for these privileges, his or her access is immediately revoked, even if they continue to be an employee of Amazon or Amazon Web Services.  All physical and electronic access to data centers by Amazon employees is logged and audited routinely.

BACKUPS

Data stored in Amazon S3, Amazon SimpleDB, or Amazon Elastic Block Store is redundantly stored in multiple physical locations as a normal part of those services and at no additional charge.  Data that is maintained within running instances on Amazon EC2, or within Amazon S3 and Amazon SimpleDB, is all customer data and therefore AWS does not perform backups.

In summary, your data is encrypted during transmission and storage, kept in redundant, distributed data centers guarded with security systems that no single law firm could possibly hope to match.

So, yes, I consider cloud based storage (at least as far as Dropbox is concerned) to be secure* enough for lawyers.

*Note: there are other issues to be considered, such as the cloud providers Terms of Service. However, that will have to be a topic for another day.

07/14/11 UPDATE: Since this article was written a lot has changed with Dropbox:

  • I have written about the June 2011 security hole left Dropbox accounts open for several hours.
  • A summary of the rapidly changing Dropbox terms of service.
  • If all this makes you scared to use Dropbox, you can always set up your own synchronizing service with a pogoplug. The trade off is reduced physical security (you’re not going to be able to have the same physical security as Amazon), but you control user access and when data gets turned over to the feds (assuming they don’t just seize everything). Check out my discussion of the pros and cons of do-it-your-self vs various services.

The upshot is that regardless of the “planned-for” security, “actual” security is based on how a service deals with attacks, treats its uses data, and how it evolves over time. I wrote on Ben Stevens site that the ultimate goal is for a syncing services that allows per-file pre-encryption. However, that goal still has to be achieved within a system where the syncing works. That may seem obvious, but syncing is hard.

Consider the relatively simple task of synchronizing contacts and calendars between several systems (iCal, Google, etc). I still hear frequent complaints of duplicated entries or older versions “updating” newer versions with bad information. Again, syncing is hard. The thing about dropbox is that it works. It does sync, cross-platform, and it doesn’t mess up files (even with some picky programs on the Mac like Notebook which have had problems with other sync services).

So, while I am on the lookout for the service that will allow per-file pre-encryption, the first and foremost concern is a service that will not chew up and destroy my files (especially if it does it slowly so it is not noticeable until it is too late).

One contender in the market for per-file pre-encryption is Spider Oak. If you have used in, particularly in a Mac environment, please let me know your experiences. Thanks!