Category Archives: Scope

CalBar Board Committee of Member Oversight Clarifies Definition of Acceptable MCLE


MP900403638As I wrote on July 24th, 2012:

"The State Bar of California Board Committee on Member Oversight seeks
to amend the definition of what qualifies for proper MCLE credit in the
state of California.  Apparently, some confusion has arisen regarding
whether CLE programs may only contain substantive law versus whether they may encompass other ares of law practice and/or law practice management."

On November 15th, 2012, the Board of Member Oversight voted to amend the education standards in MCLE rules 2.52(A) and 3.601(A), effective January 1st, 2013.  To be specific, they voted to change one
word, as illustrated below:

“The activity must relate to legal
subjects directly relevant to members of the State Bar and or
have significant current professional and practical content.”

This is great news for MCLE providers in the State of California – and my Law Practice Management and Technology Section, specifically – because effective January 1st, 2013, we may provide to you,
State Bar membership at large and the public:

  • Topics related to business or financial management of a law firm;
  • Topics
    related to law office operation, including but not limited to facilities, staffing,
    systems and equipment;
  • Topics
    related to creation and improvement of legal case work and work flow
    management, including time management of attorneys and support staff, and
    delegation of responsibility;
  • Topics
    related to the competent delivery of legal services and/or the establishment
    and maintenance of effective law office management;
  • Topics
    related to communications by and between attorneys and support staff
  • Topics
    related to the use of computer and/or Internet technology in the practice of
    law
    or the management of a law office
    .
  • Topics
    related to the lawful and ethical management of a law office’s financial
    accounts including client trust accounts.
  • Topics
    relating to lawful and ethical client fee agreements, fee sharing and referral
    arrangements.

My favorite is highlighted; considering this is a law technology blog, of course.  It's a win-win for all concerned.

eDiscovery 101: BYOD = BYOA (ASPIRIN)

MP900438810In the upcoming Calbar book, The California Guide to Growing & Managing a Law Office, I do a side-by-side comparison between the benefits and detriments of BYOD.  I'm sure the same sort of comparison takes place in meetings at all kinds of companies.  There's no doubt that on paper, many aspects of BYOD might yield productivity gains and other benefits for the enterprise.

[Note:  In the book, I lay out information in the format of pros and cons because the goal is to inform a reader of the positives and pitfalls so they can make an informed decision.]

So, what's my opinion?  If I was the consultant, in most cases, I'd likely fall into the 'against' column.  Why?  I'll get to that in a moment.

For those of you who don't know my background, at one time or another, I pretty much did every job on the operations side of IT before I ever became a lawyer.  This allows me to look at facts through a wide-angle lens.  The way my mind works, I literally imagine an issue as a 3-D photograph.  Let's apply that to BYOD:

We start by playing 'swap' for a moment.  Imagine coming into work one morning and all of the desktops are different brands and chipsets; some of them are Windows, but a mix of XP, Vista and Seven, others are Macs with various versions of the O/S and still others are Linux boxes.  Now, you may actually see that in some concerns, for good reason.  But I'm talking about literally a different box on each desk in the office.

That would be kind of hard to manage, wouldn't it?

Maybe it wouldn't seem like it to you, but again, I'm thinking very broadly.  We're not just dealing with realities, we're dealing with expectations.  What do I mean by that?

When I read most of the articles that address BYOD, they speak in terms of locking down various functions on a device, such as email, via Exchange, for example.  But that''s not how I'm thinking; and it won't be how the employees/consultants will be thinking, either.

Nope.  If it's a device supporting their job, they expect everyone up the chain to be able to support the entire device – not just components of it.  And, the enterprise should expect this as well, since a non-functioning device will ultimately affect productivity.

It means that your help-desk, field service technicians, level II (and level III) support will have to be proficient with every make and model of Windows Phone, Blackberry, iPhone and – if you'll pardon the pun – every flavor of Android.  Oh, and did anyone give any thought as to how you're going to back them up in such a manner that the company owns/controls the data?

That's what it means, Jelly Bean.

So, if you're considering BYOD, I hope the decision-makers are taking this into account and formulating policy.  Never mind that I didn't get into the fact that, if litigation arises, staff may have to turn over their personal devices for imaging or examination.  I also didn't get into how growth highly affects BYOD.  We all know the person who runs out and purchases the brand-new, untested, unpatched version of X the moment it's on the market.  Apple Maps, anyone?

I hope you bought the 1000-count bottle…

Public Comment Requested: CalBar Board Committee of Member Oversight Asks, “What is an MCLE?”

Dragon-weathervane-1As stated in the headline, The State Bar of California Board Committee on Member Oversight seeks to amend the definition of what qualifies for proper MCLE credit in the state of California.  Apparently, some confusion has arisen regarding whether CLE programs may only contain substantive law versus whether they may encompass other ares of law practice and/or law practice management.  Here's the issue in Calbar's language:

"The proposed rule amendment clarifies and eliminates ambiguity as to what constitutes permissible and credit-worthy MCLE. Additionally, the change also expands the scope of acceptable MCLE to programs and activities that relate directly to the management and operation of a member’s law office and to mediation training."

Concurrently, CalBar's Task Force on Admissions is in the process of evaluating the implementation of a pre-admission practical skills training program.

Folks, these issues are near & dear to my heart. Obviously, as the incoming Chair of CalBar's LPMT Section, I have a few opinions on this subject.  Considering that most law schools don't spend much time focusing on what successful candidates should do once they arrive in the real world of law practice, I feel that limiting continuing legal education offerings to substantive law-only would be a huge detriment to newbie attorneys as well as veterans.  At least, that's what we see from the attendance at our CLE programs.

Therefore, I ask that you examine the proposed amendment, then make your voices heard.  Public comment remains open through September 8th, 2012.

A Titanic Failure of Disaster Planning

MP900407559As we mark the 100th anniversary of the sinking of the Titanic, questions that were raised then are being repeated now; how did this happen?  Obviously, I'm not going to cite all of the opinions, but as one can imagine, blame is assigned virtually everywhere.  Regulation (or lack, thereof) is to blame.  Management is to blame.  You know what I think?  They all miss the point, entirely. 

Why?  Because 1,500 people are dead, that's why.  Titanic was doomed before it ever left port.  One thing we can state with certainty; it was known that if the ship sank in an isolated area, then there wouldn't be enough lifeboats on-hand to save all of the lives on board.

Analysts point to a comedy of errors that, if they hadn't occurred in sequence, then Titanic wouldn't have sunk.  There's that word, if, again.  But this flies in the face of competent disaster planning.  We already know that if events occur as expected, then there won't be a disaster.

Let's enter the equation at the real-time departure of Titanic in its actual condition (meaning, not enough lifeboats).  Here are some of the assumptions that might have been made:

  • The ship will not sink
  • The number of lifeboats are an acceptable risk versus the unlikely possibility the ship might sink
  • Other disasters may occur (e.g. boiler explosion), but the ship won't sink and there are sufficient lifeboats
  • Even if the ship were to sink, it will sink very slowly – or close to land – allowing landed resources or other ships to respond in sufficient time
  • The experts on board – and in the surrounding area (such as the California, or wireless operators) – will act predictably (i.e. not make any mistakes), thereby avoiding errors
  • Icebergs will be exactly where we expect them to be

Here's a question I haven't seen (although I'm sure someone has probably raised it):  Even if the ship had sufficient lifeboats on board, would the crew have been able to launch all of them in the rapid time that titanic sunk (estimated at 2 hours, 40 minutes)?

A good risk management team understands the first rule of disaster planning – follow Murphy's Law:  If anything can go wrong, it will.  The second rule?  Follow-up with O'Toole's Commentary:  Murphy was an optimist.

  1. No plan will ever be correctly analyzed unless it begins with an honest assessment of the following question:  What can go wrong?
  2. The rest becomes a matter of probability.  What is the likelihood that anything (and everything in-between) on the list created by question one might go wrong.

Then, it's a matter of prioritizing between several factors, such as time needed to address & correct, manpower required, cost vs. budget, insurance, politics, etc.

I wish we could go with something more simplistic:  The chance of the bread landing with the buttered-side down is directly proportional to the cost of the carpet…

Clowns to the Left of Me, Jokers to the Right…and Girls Around Me

MP900442709

Well I don't know why I came here tonight,
I got the feeling that something ain't right…

Stealers Wheel

At many of my presentations, I say, "Finally, I'm able to exploit my cynicism and paranoia as an excellent career choice!"  I did one such presentation at LACBA Tax Night a couple of weeks back with my LPMT colleague, Gideon Grunfeld.  We have some fun with the subject matter by playing the attorney version of good cop/bad cop.  I terrify the attendees just a bit, then Gideon illustrates why they shouldn't go overboard with worry.

He's right, of course.  There's just one problem.  So am I.  I'm proud of my paranoia; it's what my clients expect of me.  Heck; someone has to play Chicken Little and accurately assess the risk.  After all, sometimes, the sky really is falling!  What's the most important determining factor?  Context.  A product or service can be of benefit and detriment at the same time.

Gideon used the example of accidentally locking his keys in his car.  He didn't have the availability of one of those, call-us-and-we-unlock-the-door-remotely services, so he had to have someone respond.  When he was ready to provide the location, he was told, "That's ok, you left your cell phone on in the vehicle and we know exactly where your car is."  File that under, benefit.

Take a look at this article on the short-lived app, Girls Around Me.  I bet several of you who thought I was over the top when I advised major caution in revealing your constant whereabouts on Twitter, Foursquare and/or Facebook, might think differently now.  File that under, detriment.

As to what to worry about – and how much – that's up to you; as individuals, technologists, and especially, attorneys.

The Bench: #California Judicial Council Kills ‘Tower of Babel’

Home-alone

Project:  California Court Case Management System

Number of Years in the Making – Ten

Number of Computer Systems Utilized State-Wide – 70

Initial Cost Estimate – $260 million

Amount Spent to Date – $560 million

Amount Still to be Spent – $8.6 million

Estimated Cost to Complete – $2 billion

Number of Counties Upgraded – Six out of 58

Cancellation Date – Tuesday, March 27, 2012

Effect on the California Court System – PRICELESS!

Three Things Matter in #Cyberspace: Location, Location, Location!

(The video feed that accompanies this post isn't resolving properly on some systems. Here's a direct link if you'd like to launch it, manually)

This seemed like an appropriate subject to cover today, in light of Google's new privacy policies kicking-in in a few hours…

First off, I've never really understood the obsession some people have with disclosing trivial details about themselves. Of course, that opens a can of worms, doesn't it? One person's trivia is another person's 'absolutely-positively-need-to-know-this-very-minute!' piece of information, after all. Who am I to judge? Disclose what you want on Facebook. Leave GPS enabled 24-hours a day. Knock yourself out!

But…have you thought about who else is watching…and why? Twitter has inked a deal to sell two-years' history of your tweets; location included. What's so important about location, anyway?

Even I can see some value in disclosing your location, under certain circumstances. For example:

LIST A

  1. A minor who goes missing,
  2. The family pet runs away,
  3. A vehicle veers off the road and crashes into a tree in an isolated area, and the driver's unconscious or is trapped and can't reach their phone,
  4. A bunch of friends plan to get together and, rather than having to contact each other, they simply home in on the organizer's location.

I could go on, of course. And obviously, some of these items are critical, while others are simply convenient. The problem is, all kinds of other people have an interest in knowing your patterns:

LIST B

  1. Advertisers, so they can tailor-make their ads to bring you goods and services in your vicinity,
  2. Insurance providers,
  3. Law enforcement,
  4. The burgler who's waiting to break into your home,
  5. Your boss,
  6. That pesky process-server,
  7. Your significant other(s),
  8. Your stalker.

Lately, in my market, Flo from Progressive Insurance has been touting their Snapshot Discount (by the way, am I the only one who is – in California vernacular – totally freaked out by Flo?) It's a device you plug into your vehicle, and it monitors your driving habits, such as how hard you brake.

Of course, it also monitored how hard the driver from List A was braking just before s/he crashed into that tree. And now we have several people from List B who are interested; the insurance carrier (noted), law enforcement (obviously), the boss (if it's a company car), a significant other (because you were supposed to be on your way to the corner store, but you were 15 miles from home) and of course, that pesky process-server (when the tree sues a few months later).

This is an over-the-top example to make a point. I'm not picking on Progressive. I could just as easily cite Onstar, et al. Besides, many newer vehicles already monitor the driver's habits through their own black boxes.

You think you're giving out information for one purpose; but others are taking it for a completely different purpose. You can either act accordingly, or go with the Flo…

What, Exactly, is an e-Discovery Lawyer?

MP900448644Earlier this week, my interest was piqued when I read an article by a colleague, Dennis Kiker, titled, "I want an E-Discovery Lawyer for my E-Discovery Project".  He explains what his concept of a law firm e-discovery lawyer is; to him.

In the corporate world, I'm experiencing something quite different in the clear evolution of what many companies seem to want in an e-Discovery Lawyer these days; a combination of e-Discovery and Security in a single function.  Think about it.  It actually makes sense.  In theory, both jobs involve protection, but I bifurcate them between protection by technology and protection by individuals (notice, I didn't say 'of technology' and 'of individuals').

That's how I broke out the subject for the State Bar's upcoming book.  It's one thing for individuals to develop strategies to protect corporate assets via software, firewalls and other security protocols.  It's quite another for individuals to be aware of the security risks that surround them 24 hours a day.

Unfortunately, all that stealth goes out the window if those same individuals don't adhere to stringent personal privacy protocols.  Otherwise, the next thing you know, your company iPhone is sitting on a bar counter somewhere, next to your empty marguerita tumbler – and you're already on your way home.

e-Discovery Attorney as Project Manager?  Definitely.  e-Discovery Attorney as CyberSecurity Guru?  Well, let's just say, I'm glad I have 20+ years of world-wide LAN/WAN experience under my belt…

Who knew?

Four/Fifths of a Decision by the #SCOTUS

MP900403729OK; all of my chapters for the California State Bar book are submitted, I've returned from my trip to San Francisco for the Section Leadership Conference, and you all know what that means!

[Somebody, please tell me what it means…]

In theory, what I *think* it means is that I'll be able to resume posting relevant content two to three times per week.  In practice?  Stay tuned…

If you're a follower of the Supreme Court, and you're also someone who is very interested in rulings that affect privacy, and depending on which side you're on, then this week, you are either:

  • Happy that the 4th Amendment was protected, but angry that the 5th Amendment wasn't, or,
  • Angry that the 4th Amendment was protected, but happy that the 5th Amendment wasn't, or,
  • Happy about both, or angry about both.

It all depends on the facts.  In the Jones case, aka, the "GPS" case, the court decided that a physical intrusion onto private property to attach a GPS tracking device to a vehicle was a search as defined under the 4th Amendment.  Note the word, "physical".  If only it were that simple

What about tracking a GPS-enabled device?  That issue wasn't addressed, here (except for comments on it in concurring opinions).  If one enables GPS to drive to a location, is that a voluntary disclosure?  That'll be the next frontier.

In a lower-court decision, a federal judge in Colorado ordered a defendant in a criminal case to decrypt her laptop, stating that she was not afforded 5th Amendment protection against self-incrimination, setting off another round of debate – and an examination of conflicting rulings – that will likely meander its way to the Supreme Court.

The logic is of the kind that only law afficionados may appreciate; defendant doesn't technically have to give up her password because she only has to enter it into the system without divulging it to anyone.

In other words, "Don't give up your password…just give us access to everything the password protects."  That, along with the "All Writs Act" of 1789, should afford you some interesting reading on the case.

An interesting week for the Bill of Rights and privacy, indeed…

e-Discovery California: Proposed Formal Opinion Interim No. 10-0003 (VLO) is the Right Answer to the Wrong Question

42.  (That's for those of you who picked up on the 'Hitchhiker's Guide to the Galaxy' reference).

I usually don't feel it necessary to refer you to my disclaimer but, because this is a State Bar of California opinion – and I'm Vice-Chair of their Law Practice Management & Technology Section Executive Committee (LPMT) – I want to remind you that:

MP900442177
"This blog site is published by and reflects the personal views of Perry L. Segal, in his individual capacity.  Any views expressed herein have not been adopted by the California State Bar's Board of Governors or overall membership, nor are they to be construed as representing the position of the State Bar of California."

The LPMT Executive Committee may publish its own, 'official' comments, to which I may also contribute.  That being said…

Technology is an extremely logic-based discipline, in its purest form; or it should be, at least.  Indeed, like the practice of law, success or failure is predicated upon compiling and understanding a particular set of facts, then realistically acting upon those facts.  Note my emphasis on the word, 'realistically'.  If I wish to suspend disbelief and begin with a set of unrealistic criteria, I may be equally able to formulate a reasonable solution, assuming it's possible to locate someone – or something – that fits the original, unrealistic premise.

This is my assessment of Formal Opinion Interim No. 10-0003 (Virtual Law Office).  It's actually a very well-crafted opinion, but it's based on a 'Statement of Facts' that, to me, are an unrealistic portrayal of how an attorney practices – or would practice – law.

First, there's no reason for me to re-invent the wheel.  For another excellent nuts & bolts assessment of the opinion, please see Stephanie Kimbro's post on her Virtual Law Practice blog.  She's an authority on the Virtual Law Office and is also cited as a resource on page one of the opinion itself.

From a pure cloud security standpoint, this is an excellent document and a perfect complement to opinion 2010-179 on wireless networks.  In fact, I would recommend that practitioners ignore the hypotheticals for a moment (especially if they're pressed for time) and proceed to the Discussion heading, Section 1 ("Duties"), which is what I'm doing for the purposes of this post.

Section 1 examines confidentiality issues of employing a cloud-based system with a 3rd-party vendor and provides a five-point list of due diligence factors that includes, but isn't necessarily limited to:

  1. The Credentials of the Vendor
  2. Data Security (Well, that's not very helpful, but it goes on to refer the reader to California, New York and ABA opinions for guidance)
  3. Vendor's Transmission of Client Info in the Cloud Across Jurisdictional Boundaries or Other 3rd-Party Servers (You've heard – or read, I suppose – me pontificate on that one; the "digital roach motel" and "know where your data is")
  4. Attorney's Ability to Supervise the Vendor (As I've reminded you often, you may hire competence, but not delegate this duty)
  5. Terms of Service of Contract with the Vendor (This is huge where the cloud is concerned.  For example, many provider contracts contain language to the effect that, "Once you transfer it to us, it becomes our property.", a major no-no for attorneys)

It also points out the security environment must be periodically reassessed, which is terrific advice.  I usually refer to it as "fire drills".  Finally, it points out that none of this may take place without proper disclosure to the client, who may, by the way, have no idea how any of this works.

Section 2 examines competence issues as follows:

  1. Proper management of attorney's intake system to determine one of the basics; "Who is the client?"
  2. Determining whether attorney may perform the requested services
  3. Determining that the client comprehends the services being performed (This document also refers to comprehension issues due to a language barrier)
  4. Keeping the client reasonably informed
  5. Determining that the client understands technology (When I read #3 above, it immediately triggered the thought that technology is another language both attorney and client must understand…)
  6. Determining when to decline to represent a client via a VLO, and whether representation may continue through traditional means

This section also re-raises the supervisory issue, but this time it's in terms of the attorney supervising other attorneys and/or non-attorneys.

Ok, so you know what I like, now let's get into what I don't like.  The hypothetical describes the VLO as a password-protected and encrypted portal that sits on a 3rd-party cloud.  So far, so good.  But then, it goes on to say that the attorney plans not to communicate with clients by phone, email or in person, but will limit communication solely to the portal.

Yeah, that covers a lot of us, doesn't it? 

I understand that it's possible for attorneys to communicate this way, but is it probable?  Does this opinion realistically apply to most attorneys; now and even into the future?  I'm not trying to be snarky here, but you can't blame me for being a tech guy.  Immediately, my mind wanders to what would likely happen in this scenario.  A technology or communication issue arises and the frustrated attorney – or client – resorts to email or a phone call.

And what about secrecy?  No, I'm not alluding to some nefarious purpose.  There are legitimate reasons why attorney and/or client might not want to document ideas or discussions – electronically or otherwise – in the short-term (what comes to mind is a nervous potential client who has invented a new product, but doesn't want to provide a lot of written detail to attorneys, while soliciting the representation of several of them, for fear that the inventor's intellectual property will be revealed).

The second thing that bothers me is the "Issue" statement that opens the opinion.  It states, verbatim:

"May an attorney maintain a virtual law office practice ("VLO") and still comply with her ethical obligations, if the communication with the client, and storage of and access to all information about the client's matter, are all conducted solely through the internet using the secure computer servers of a third-party vendor (i.e., "cloud computing")."  [Italics/bold added.  It's posed as a question, but in the text, the paragraph ends with a period – not sure if it's a typo that will be corrected in a later version].

What's the danger here?  Hello?  Facebook is the cloud!  Google is the cloud!  Email is the cloud!  A lot of communication is taking place – right now – through means not anticipated in this opinion.  What I'm saying is, if one removes the term, "VLO", from this document, it could just as easily apply to methods attorneys use to communicate with their clients on a daily basis, while at the same time, being completely unaware that many of these products are in the cloud.

It also fails to anticipate one other factor; what will happen the day these measures apply to all cloud-based technology (that day is coming, and in some cases, is already here).  As it stands today, if most attorneys attempted to comply with these security measures, law practice as we know it would grind to a halt.

Better start preparing now…