All posts by admin

Blockchain Revolutionizing the Legal Industry: Exploring the Benefits and Opportunities

Blockchain technology has been making waves in various industries, from finance to healthcare, and its potential impact on the legal practice cannot be ignored. As a legal professional, it is important to keep up with emerging technologies that may disrupt the traditional ways of practicing law. In this article, we will explore the potential impact of the blockchain on the future of legal practice and the advantages it offers in recording deeds, probate matters, and smart contracts.

Firstly, let’s define what the blockchain is. At its core, the blockchain is a decentralized digital ledger that records transactions in a secure and transparent manner. The data is stored across a network of computers, making it impossible for any single entity to manipulate or alter the records. This creates a high level of trust and transparency, making the blockchain an ideal technology for industries that rely on secure and transparent record-keeping.

One of the areas where the blockchain can significantly impact the legal practice is in recording deeds. Traditionally, recording deeds has been a complex and time-consuming process that involves multiple parties, such as the buyer, seller, real estate agents, and lawyers. The process is also susceptible to errors and fraud, which can lead to legal disputes and financial losses. However, with the use of blockchain technology, the process of recording deeds can be simplified and streamlined.

The blockchain can be used to create a digital ledger of property ownership, which can be accessed and verified by all parties involved in a transaction. This will eliminate the need for intermediaries and reduce the risk of errors and fraud. Furthermore, the records will be tamper-proof, providing a high level of security and transparency. This will ultimately result in faster and more efficient real estate transactions, reducing the burden on legal professionals.

Another area where the blockchain can benefit the legal practice is in probate matters. Probate is the legal process of distributing a person’s assets after their death, and it can be a complex and lengthy process that involves multiple parties, including family members, lawyers, and judges. The process can also be susceptible to disputes and fraud, which can delay the distribution of assets.

By using the blockchain, a digital record of a person’s assets can be created, which can be accessed and verified by all parties involved in the probate process. This will reduce the need for intermediaries and provide a high level of security and transparency. Furthermore, the process can be automated, reducing the burden on legal professionals and expediting the distribution of assets.

Finally, the blockchain can be used to create smart contracts, which are self-executing contracts that can be programmed to execute automatically when certain conditions are met. Smart contracts can be used in a variety of legal transactions, such as real estate contracts, employment agreements, and intellectual property agreements. The use of smart contracts can reduce the need for intermediaries and legal professionals, and can result in faster and more efficient transactions.

For example, in a real estate transaction, a smart contract can be created to automatically transfer ownership of the property to the buyer once the purchase price is paid in full. This will eliminate the need for intermediaries, such as real estate agents and lawyers, and reduce the risk of errors and fraud. Furthermore, the transaction can be completed faster and more efficiently, reducing the burden on legal professionals.

In conclusion, the potential impact of the blockchain on the future of legal practice cannot be ignored. The technology offers numerous advantages in recording deeds, probate matters, and smart contracts, which can result in faster, more efficient, and more secure transactions. However, it is important for legal professionals to stay informed and adapt to the changing landscape of technology in order to remain relevant and competitive in the industry. By embracing emerging technologies, legal professionals can provide better service to their clients and improve the overall efficiency of the legal system.

Unlocking the Mystery of AI-Generated Works: A Deep Dive into Intellectual Property Rights

Introduction

Artificial intelligence (AI) has revolutionized the way we live, work and communicate. From virtual assistants to self-driving cars, AI is transforming industries and changing our daily lives. One area where AI is rapidly advancing is in the field of intellectual property (IP) rights. As AI becomes more sophisticated, the question of who owns the rights to AI-generated works is becoming increasingly complex.

At its core, intellectual property is about protecting the creations of human minds. Traditionally, this has included works such as books, music, and artwork. However, as AI continues to evolve, it is increasingly capable of creating original works of its own. This raises the question of who owns the rights to these works. Is it the person who created the AI, the person who trained the AI, or the AI itself?

The answer to this question is not clear-cut, and there is no universal approach. However, we can explore some of the current thinking and legal frameworks that are emerging in this space.

Ownership of AI-generated works

One of the main challenges in determining ownership of AI-generated works is that the creation process is often a collaborative effort. For example, a team of developers may create an AI system, while another team trains the system to produce a particular output. In this scenario, it is not clear who owns the rights to any works generated by the AI.

In many cases, the answer will depend on the terms of any agreements or contracts between the parties involved. For example, if the developers and trainers have a clear agreement in place regarding ownership of any outputs, this will provide some clarity.

However, if there is no clear agreement in place, things become more complex. In some cases, the law may recognize the developers as the owners of the AI-generated works, as they are considered the creators of the AI system itself. In other cases, the trainers may be recognized as the owners of any works generated by the AI, as they are the ones who provided the input and guidance that led to the output.

Current Legal Framework

Currently, the legal framework for intellectual property rights of AI-generated works is not well established. In the United States, the Copyright Office has taken the position that copyright protection is only available to works that are created by humans. This means that AI-generated works are not eligible for copyright protection.

Artificial intelligence concept of big data or cyber security. 3D illustration

However, in some countries, such as the United Kingdom and Ireland, the law does provide for copyright protection for AI-generated works. In these countries, the law recognizes the creator of the work as the owner of the intellectual property rights, regardless of whether the work was created by a human or a machine.

Patent law is similarly unclear when it comes to AI-generated works. The US Patent and Trademark Office (USPTO) has indicated that patents can be granted for AI-generated inventions, as long as they meet the same criteria as human-created inventions. However, there is still a lack of clarity around how to identify the inventor of an AI-generated invention.

Trade secret law may provide the most protection for AI-generated works. Trade secrets are confidential information that provides a competitive advantage to a business. If a business uses AI-generated works as part of their operations, they may be able to protect those works as trade secrets.

In the case of AI-generated works, it is not always clear whether copyright or patent laws apply. For example, if an AI system creates an original piece of music, is this music protected by copyright or patent law? The answer may depend on the specific circumstances of the creation process.

Some legal frameworks are starting to emerge that attempt to address these issues. For example, the European Union recently proposed a framework for the legal protection of AI-generated works. This framework proposes that AI-generated works be considered as “intellectual creations” and be protected by copyright law. However, the framework also recognizes the need to adapt existing copyright laws to account for the unique nature of AI-generated works.

Conclusion

As AI technology continues to advance, the legal framework for intellectual property rights of AI-generated works will need to evolve. While current laws in some countries do provide protection for AI-generated works, the law is not well established in many jurisdictions. As such, it is important for businesses and creators to consult with legal professionals to understand the risks and protections available when it comes to AI-generated works. As AI becomes more integrated into our lives, the law will need to keep pace to ensure that creators are properly rewarded for their efforts and innovation.

Data Network Security Breaches and Notification Laws

Data Network Security Breaches and Notification Laws
Data Network Security Breaches and Notification Laws

Ever gotten a notice in the mail that read, something to the effect of, “by law, we’re required to inform you that since our infrastructure passwords were extremely weak, such as “password” and “123456,” a data breach has occurred and your personal information may or may not be in the hands of Russian hackers for sale somewhere in the deep web?”

Well, maybe not that forthcoming, but you know what I’m talking about. When it comes to data network security breaches, there are laws which specifically require an organization to disclose to its customers whenever there has been such a data breach. These laws go  far beyond the ubiquitous Health Insurance Portability and Accountability Act, better known as HIPPA.

For instance, here in Arizona, under Revised Statute § 44-7501, (Conditionally Rpld.) it requires a person that conducts business in this state who becomes aware of a data breach shall conduct a reasonable investigation and after determining a breach in the security system shall notify all individuals affected.[1] Simply put, organizations are required, by law, to disclose the breach, make remedies to resolve it, and can be held responsible for any damages thereof.

Oftentimes, these data network security breaches and subsequent notifications will be accompanied with a free offer for credit monitoring. As a consumer, you should absolutely take it, if you aren’t’ already monitoring your credit through some other third party.

First and foremost, if you discover a data network security breach within your firm, promptly notify your clients and provide measures to protect their interests. More importantly, as an organization, there are several steps you can take to avoid such data network security breaches. Some are as simple as requiring strong password policy. Others include keeping your data stored in a secured, locked environment with very restricted access.

Password Policies

As both an end-user and as an administrator, I know how frustrating complex password policies can be. Yes it’s pain to have a password that must contain 1 uppercase letter, 1 lowercase letter, 1 symbol, 1 number, that cannot be anything you’ve ever used before and cannot have successive numerical values. However, that complexity exists for a reason. Hackers are well aware of the most commonly used password, such as “123456” followed by “password.”[2]

The folks at Microsoft recommend you “set password policy to require complex passwords, which contain a combination of uppercase and lowercase letters, numbers, and symbols, and are typically a minimum of seven characters long or more for all accounts, including administrative accounts, such as local administrator, domain administrator, and enterprise administrator.”[3]

However, consequently, when employees are required to change passwords often, meet minimum complexity requirements, and not repeat a password for a minimum amount of time, they may begin to break the rules and start writing passwords down simply because they cannot remember passwords that change so often.[4] Bottom line, design a password policy that is secure but doesn’t comprise functionality.

Data Network Security Breaches and Notification Laws
Data Network Security Breaches and Notification Laws

End-User Training

Many folks within an organization, while balking at having to change passwords regularly, simply do not understand the reasons behind it or the risks they attempt to advert. To that end, it would be wise for your IT staff to train end-users on why and how to keep their passwords unique and safe. Once employees discover their organization can be levied a hefty fine which may result in cutbacks as a consequence thereof, I’m sure the loudest of the balkers will begin to change their tune.

End-user training can be as simple as memo sent to employees requiring  them to read, sign, and return to management. Alternatively, a once a year run-down presented by IT staff during a mandatory meeting should suffice for larger organizations.

Restricting Access

Your organizations most sensitive client data should be restricted to a need-to-know basis. If there is no need for the receptionist to access client information, then by all means create a security clearance group policy that only allows access to sensitive drives to those who truly require it.

Is your server room open to anyone at the firm? If so, quite frankly, you’re doing it wrong! I don’t care if there are 2 people in your firm, if one doesn’t need access to drives containing sensitive data, then by all means keep that access restricted. Unfortunately, many organizations have the “it’ll never happen to us” mentality that ultimately comes back to bite them in the end. Remember Target? Ever heard of the Panama papers?

Data Network Security Breaches and Notification Laws
Data Network Security Breaches and Notification Laws

Conclusion

Data security is your responsibility. Be not only aware of the legal obligations for your firm’s clients, but for anyone who does business with your organization. Develop corresponding IT policies and procedures to avoid liability that can possibly be the death knell of your organization.

[1] Arizona Revised Statutes, , http://www.azleg.state.az.us/FormatDocument.asp?inDoc=/ars/44/07501.htm&Title=44&DocType=ARS (last visited May 16, 2016).

[2] The 25 Most Popular Passwords of 2015: We’re All Such Idiots, , http://gizmodo.com/the-25-most-popular-passwords-of-2015-were-all-such-id-1753591514 (last visited May 16, 2016).

[3] Creating a Strong Password Policy: Logon and Authentication, , https://technet.microsoft.com/en-us/library/cc736605%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396 (last visited May 16, 2016).

[4] Password Policy, , http://www.comptechdoc.org/independent/security/policies/password-policy.html (last visited May 16, 2016).

How Our Law Firm Survived a CryptoWall Ransomware Attack

How one Law Firm Survived a CryptoWall Ransomware Attack
How Our Law Firm Survived a CryptoWall Ransomware Attack

It started with an early Sunday morning phone call. A senior equity partner who writes whenever and wherever inspired complained, “I’m getting an error whenever I try to open Word or PDF documents.” Two hours, and a trip into the office later, we erroneously concluded our case file folder had been corrupted from an unsuccessful backup and a simple scan/repair job would have us back up and running.

Unfortunately, while the scan/repair utility sifted its way through 1.5 terabytes of files, a more destructive tool was worming its way through our network shares as well. It wasn’t until another partner emailed late Sunday evening to inquire about strange file names like “HELP_DECRYPT” saved in his case directory  did we realize we had a more serious problem on our hands. We’d been struck by the CryptoWall 3.0 ransomware virus! (Que Scary Music!)

What is CryptoWall 3.0?

“CryptoWall is “the largest and most destructive ransomware threat on the Internet “at the moment and will likely continue to grow.[1] Essentially, CryptoWall, an evolution from CryptoLocker, uses malware to copy and encrypt commonly used office file extensions, then deletes the original, leaving victims little or no options beyond paying a ransom or losing the ability to recover their files. In a law firm, losing client data, past and present, simply isn’t an option. In our case, the ransomers wanted $700 to supply the key to decrypt our files! Though we had roughly triple that amount in lost productivity and billable hours fixing this mess, negotiating with terrorist simply wasn’t an option! However, fortunately, if your organization has a cold backup the likelihood of recovery drastically increases.

When we investigated just how much the virus purveyed through our network, we noticed it was centralized in the heart of our operation, client case files, and law firm application data shares. Though we knew we had cold back-ups to restore from, we didn’t know if the virus had stopped spreading or even know where it originated. The last thing we wanted to do was to restore our files only to have them encrypted all over again!

$700 Ransom only doubles with time!
$700 Ransom only doubles with time!

Identifying the Source of the Virus

Once you notice your organization has been affected by CryptoWall, some engineers suggest you power down your network switch to prevent spreading. While this works for smaller networks, it may not be feasible, especially for larger organizations. I would simply suggest modifying share permissions to critical shared drives to prevent infected machines from writing to those drives and further spreading. Unfortunately, there is no administrator level method to determine which machine the virus originated from. I had to walk around to each and every machine in the law firm, install, and run applications such as MalwareBytes, Hitman Pro and ListCWall to scan, identify, and remove any locally infected files. Once we identified the source of the virus (HELP_DECRYPT files will appear locally), I scrubbed it clean and proceeded to delete and restore our files.

Restoring the Infected Files

There is something unnerving about deleting 1.5 terabytes of client files even when you know there is a backup, but it was necessary. Besides, all of it was utterly useless encrypted garbage at this point. After deleting, we used an application called Karen’s Replicator to replicate the cold backup drive to the previously infected share drive. It took approximately 2 days to restore 1.5 terabytes worth of data, but it worked, and so far, so good.

We also noticed that QuickBook files, both current, and backups were affected as well. Luckily, we were able to restore company files from previous routine bare metal Windows Server Backup.

How You Can Protect Your Network

The bottom line is this can happen to anyone. One erroneous click on the Internet, opening an attachment from even a trusted source whose email contacts have been compromised can unleash a world of hurt on law firms who increasingly rely on sensitive client data to operate. The more we embrace technology, the more vulnerable we become to it. Keeping end-users up-to-date with safe browsing practices is a start. TechRepublic has some great tips for keeping your network safe and avoiding the likes of CryptoWall 3.0.

[1] CryptoWall ransomware held over 600K computers hostage, encrypted 5 billion files, PCWorld (2014), http://www.pcworld.com/article/2600543/cryptowall-held-over-halfamillion-computers-hostage-encrypted-5-billion-files.html (last visited Sep 22, 2015).

Windows 10 vs. Rule 1.6

2015-05-13_02-07-12
Is Windows 10 Ethically Compliant?

Is Windows 10 MRPC Compatible?

Apparently, from the feedback I’m getting, Microsoft® finally got it right with Windows 10! As a legal technology professional I have been inundated with inquiries from attorneys on whether Windows 10 is worth the upgrade (even though it’s free), and if they should think about making the switch. My response has consistently been to wait.

First, like any new product I always suggest letting the manufacturer work out the kinks before jumping aboard. Similarly, like purchasing a new model year car, you never really want the first batch rolling off the assembly line. That said, after digging further under the hood, it appears there are other potential pitfalls with Windows 10 that could specifically leave attorneys on the wrong side of the rules of professional conduct!

EULA

What Windows 10 End User License Agreement Says

Apparently, Microsoft is following the footsteps of other “Big Data” mining companies and has gotten creative in their user terms and conditions. How creative you ask, well apparently creative enough to give Microsoft ingress to virtually any and all data you may have or had access to while using their operating system! This ingress gives Microsoft permission to track your location, activities, browser history, and more importantly, READ YOUR EMAILS! Further, there does not appear to be a way for less sophisticated users to disable these settings. This is why it’s so important to be aware of what’s in that End User License Agreement.

Moreover, as pointed out by Daily Kos, Microsoft’s privacy policy specifically states the following:

Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to:

  1. comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies;

  2. protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or serious injury of anyone;

  3. operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or

  4. protect the rights or property of Microsoft, including enforcing the terms governing the use of the services – however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer’s private content ourselves, but we may refer the matter to law enforcement.[1]

Model-Rules-of-Professional-Conduct

What the Model Rules of Professional Conduct Say

Generally, under Model Rules of Professional Conduct (MRPC) Rule 1.6, a lawyer is prohibited from revealing any information related to the representation of a client. Either voluntarily or involuntarily, unless informed consent is given by his/her client.[2] Recently, the New York State Bar specifically addressed this very conceivable dilemma in its Opinion 782, which addressed inadvertent confidential data disclosures through email, opining in part that, “a lawyer must exercise reasonable care to ensure that he or she does not inadvertently disclose his or her client’s confidential information.”[3]

Though some disclosures are unavoidable, under MRPC 1.6, where “the disclosure is impliedly authorized to advance the best interest of the client and is either reasonable under the circumstances or customary in the professional community,” is permitted, however an attorney should always know what the data is, where it’s located, and who has access to it. Granted these rules were designed to regulate traditional vendors such as storage facilities or copy services, they are also relevant to any form of data transmission. One could arguably say that since there is little control over the settings that control the data sharing in Windows 10, or since the data mining is customary a lawyer should be in the clear, right? Wrong. The model rules consistently say attorneys should take reasonable steps to protect a client’s data at all times. This includes everything from choosing to forgo using Windows 10 all together, to familiarizing yourself with ways to prevent data ingress.

What Can You Do About It?

By now, I’m sure you’re thinking, it’s probably just not worth using Window’s 10 if you want to remain MRPC 1.6 compliant. I would tend to agree, especially at this stage when little is known about the vastness of Microsoft’s data mining. However, for those who have already made the switch, there are some options. As Jacob Siegal noted, a simple program called “The Windows Club” allows users to tweak Windows 10 in order to disable some pervasive features such as user tracking, telemetry, and hiding your network from others.[4] Additionally, I would not recommend integrating the same email address used for client data with the operating systems if prompted. Simply put, keep your business email separate from Windows 10 operating system. Of course, if you use an email client such as Outlook, this may be unavoidable. However, I’m specifically referring to the prompt for your email address when initially setting up the operating system. Either avoid supplying an email address all together, or if unavoidable, use an email address not associated with clients. Alternatively, to completely protect your neck, consider weaving in the possibility of ostensible third party data disclosures through the use of operating systems or cloud based data into your fee agreement.

Conclusion

The bottom line, use caution when implementing a new operating system, and use your best judgment when integrating your firm’s email with your operating system. Even with Windows 8, Microsoft wanted to link your email address to your operating system. Personally, I use Outlook Web App (OWA) for sending/receiving email to avoid using native programs such as Outlook. With today’s web (cloud) based email, virtually all the functionality of an email client is built right in. Of course, Ethical Compliance and Cloud Services for Law Firms is a whole other issue, but this generally means that one has taken reasonable steps to protect client data from being shared. This is really all you can do in order to be MRPC Rule 1.6 compliant.

[1] Windows 10 comes with built-in spyware. If your work requires confidentiality, DO NOT INSTALL., , http://www.dailykos.com/story/2015/08/02/1408113/-Windows-10-comes-with-built-in-spyware-If-your-work-requires-confidentiality-DO-NOT-INSTALL (last visited Aug 31, 2015).

[2] New York City Bar Association – Ethics Overview – Ethics Panel, , http://www.nycbar.org/ethics/ethics-overview (last visited Nov 18, 2014).

[3] Id.

[4] Windows 10: Modify your OS with Ultimate Windows Tweaker 4 | BGR, , http://bgr.com/2015/08/28/windows-10-ultimate-tweaks-download/ (last visited Aug 31, 2015).

Restoring Your Rights as a Convicted Felon

Felony Rights
Restoring Your Rights as a Convicted Felon

You know the old saying, “do the crime, forfeit your constitutional rights for eternity?” No, well neither have I. However, in many jurisdictions, both state and federal, there are laws that abolish certain constitutional rights once a person has been convicted of ANY felony. Here in the United States, felonies are considered crimes punishable by incarceration of more than one year in a state or federal prison, and misdemeanors are considered crimes punishable by local jail sentences, fines, or both.[1] Moreover, once a person is convicted of a felony, whether they served time in prison or not, they are forever referred to as a “felon.” Here, we’ll discuss what’s involved in restoring your rights as convicted felon.

Once convicted, a felon loses many basic rights such as, the right to hold public office, exclusion from jury duty, the right to possess a firearm, and more importantly, the right to vote. Exclusion from sitting on a jury is generally a lifetime ban and little headway has been made in restoring this privilege. Further, the ban on firearm possession is codified under US federal law (18 U.S.C. § 922(g)) and prohibits felons from owning firearms, unless that specific right has been restored. With regards to the right vote, it generally varies by jurisdiction. Most states allow voter right restoration after a period of time or completion of probation or parole, however three states, Virginia, Florida, and Kentucky have lifetime bans on a felons right to vote absent approval from the state’s Governor.[2]

 

Convicted Felon Gun Rights Restoration
Restoring Your Gun Rights as a Convicted Felon

How To Restore Your Rights as a Convicted Felons

When it comes to restoring rights, whether it be the right to vote, or the right to possess an own a firearm, many people convicted of felonies simply aren’t aware of the steps required to do so. As someone who canvasses door-to-door during election cycles, I can’t tell you how many times I heard the phrase, “I’m a felon, I can’t vote” from residents. Some use it as an excuse to disengage from the political process, while most see it for it is, voter disenfranchisement. The bottom line is, if you want your rights restored, you have to seek out the info in order to do it. Thankfully, sites like http://www.procon.org/make it simple by listing the requirements for each and every state. Simply find your state, click the link, and follow the directions. You don’t need a lawyer, just a printer to print off the forms, fill them out and submit them to the clerk of the court for your county.

When it comes to restoring your rights as a convicted felon, there are some extra requirements, such as knowing the specific dates of your conviction, or providing the discharge paperwork from the state or federal correctional institute if you were incarcerated. However, chances are, if you’re reading this, you’re smart enough obtain that readily available information. Here in Arizona, you can petition the court to restore your civil (voting) rights, gun rights, and request that your judgment be set aside all in the same form! When applying for the restoration of your gun rights, you’ll have to provide the court a brief explanation of why you’re requesting the right to possess or own a firearm. Usually, by stating you would like to own a firearm to protect your home will be sufficient.

 Conclusion

So when it comes to restoring your rights as a convicted felon, remember, you don’t have to forfeit your constitutional rights for eternity, you just have to jump through some well-placed hoops in order to do so. Since 30% of Black men, and nearly 25% of Hispanic men and roughly 5.8 million people overall have felony convictions, many major elections may have had different outcomes if allowed to vote.[3] Moreover, it’s estimated that felons whose right to vote is restored are at least 2/3rds less likely to return to prison![4] So if you’ve been convicted of a felony, or know someone who has, please share this information on restoring your rights as a convicted felon.

 

 

[1] What Is a Felon and What Is a Felony? – Felon Voting – ProCon.org, , http://felonvoting.procon.org/view.answers.php?questionID=000644 (last visited Apr 2, 2015).

[2] Loss of rights due to felony conviction – Wikipedia, the free encyclopedia, , http://en.wikipedia.org/wiki/Loss_of_rights_due_to_felony_conviction (last visited Apr 2, 2015).

[3] Id.

[4] Top 10 Pros and Cons – Felon Voting – ProCon.org, , http://felonvoting.procon.org/view.resource.php?resourceID=000283 (last visited Apr 2, 2015).

Replacing Prosecutors Who Can’t Indict a Ham Sandwich

Replacing Prosecutors Who Can't Indict a Ham Sandwich
Prosecutors Who Can’t Indict a Ham Sandwich

Prosecutors can get a grand jury to indict a “ham sandwich” as the famous New York Chief Judge Sol Wachtler once said.[1] If that’s the case, why has it been so hard to get an indictment over police officers blatantly accused of wrongdoing lately? Well let me explain. It’s almost like a Doctor who can’t do his job without nurses. If the Doctor gets his nurses fired, chances are, going forward; nurses will not be overly helpful in making sure the Doctor can get his job done. Similarly, prosecutors have  reciprocal relationships with police officers in the jurisdictions they serve. If police feel a certain prosecutor is out to the get them there is the possibility of evidence being lost, warrants not being served correctly, and forgetting to show up and testify in court!  Given the recent inability of prosecutors to sway grand juries to indict police misconduct, many are left wondering what can be done to address this increasing problem. Let us discuss prosecutors who can’t seem to indict a ham sandwich and why.

The Facts

According to the Bureau of Justice Statistics, “U.S. attorneys prosecuted 162,000 federal cases in 2010, the most recent year for which we have data. Grand juries declined to return an indictment in 11 of them.”[2] I was no math major, but if my calculator serves me correctly, only .067 percent of indictments result in a “no true bill” which is where a grand jury fails to indict. Unfortunately, no specific national data exists for grand jury investigations on police officers, however there are numbers for specific districts. For example, “[i]n the 81 grand jury investigations of police shootings in Dallas between 2008 and 2012, only 1 decided to indict.”[3]

As it stands, the proportion of general population defendants actually charged with a crime versus law enforcement officers charged with a crime is at about 2 to 1.[4] Simply put, if you’re a police officer accused of a crime you have a 50% chance of not being charged for that crime compared to civilians.

Replacing Prosecutors Who Can't Indict a Ham Sandwich
Police are 50% less likely to be charged for a crime compared to civilians.

The Cato Institute’s report on National Police Misconduct shows that there were 4,861 unique reports of misconduct in 2010, including 127 fatalities associated with excessive force.[5] Further, a recent report issued by the Department of Justice on the Cleveland Police Department’s use of force shows that there is a consistent use of unreasonable force in the majority of its shootings. If police know that – statistically speaking – they are less likely to be held accountable for their action opposed to their civilian counterparts, nothing will curb this behavior outside of legislative intervention. Excessive force is the most prevalent and most consistent complaint against officers across the nation.

Replacing Prosecutors Who Can't Indict a Ham Sandwich
4,861 unique reports of misconduct in 2010, including 127 fatalities

What Can Be Done?

There is a general consensus among legal minds that the appointment of “special prosecutors” who work independently within the office of state attorney generals would be the most ideal option. “The special prosecutor’s responsibilities should be limited to the oversight, investigation and prosecution of police or public official misconduct, keeping them independent from other policing functions.”[6] Doing so would eliminate the “special bond” and working relationship prosecutors and police agencies currently share. Let’s face it, no one wants to see their colleagues go to prison , let alone be the one who sends them there for something that occurred during the course of their employment.

The use of special prosecutors is hardly new, however the appointment of one is typically decided on a case by case basis. By establishing an independent office solely responsible for police oversight, it removes the scenario of the police policing themselves. However, as with anything related to government there is always a concern for costs. As Joshua Deahl noted, the benefits far outweigh the costs. By establishing a specific office to investigate and prosecute police misconduct, it would save state governments the added cost of paying private legal fees. He noted, “[s]pecial prosecutors picked for a single investigation have little incentive to contain costs.”[7] Just as an example, taxpayers in Cook County, IL had to pick up a $1 million legal bill “when a high-profile lawyer was appointed to handle the prosecution of former Chicago Mayor Richard Daley’s nephew for his role in a bar fight that left a man dead.”[8]

Of course any changes would need to be implemented at the state level. State lawmakers take note; because there is already proposed legislation with bi-partisan support in Missouri aimed at requiring special prosecutors to head up all investigations involving officers and fatal shootings.[9] Though there is bi-partisan support, expect push-back from existing elected prosecutors and prosecutor associations. Many will contend state constitutional separation of power requirements forbids special prosecutor offices at the executive level. However, any notion that this hasn’t been done before is hogwash. The precedence of special prosecutors stems all the way up to the U.S Justice department down to state and local governments. This can be done, or at least the conversation can be started. My suggestion is that those who share the concerns of prosecutorial bias also reach out to their legislators and demand action at the state level.

Replacing Prosecutors Who Can't Indict a Ham Sandwich
Replacing Prosecutors Who Can’t Indict a Ham Sandwich

Conclusion

We can eliminate inner-office bias by simply removing the responsibility of garnering indictments from existing prosecutors who consistently work with police agencies facing charges. I completely understand the rock and hard place scenario these prosecutors are faced with. However, given the fact that so many citizens are losing their lives at the hands of police officers with little or no recourse, there must be ramifications for over-zealous officers to be aware of. The focus should be on replacing prosecutors who can’t indict a ham sandwich by appointing an independent agency responsible for greater police oversight.  Please share  and give feedback on ways to curb jurisdictional bias.

 

[1] Sol Wachtler: The judge who coined “indict a ham sandwich” was himself indicted, , http://www.slate.com/blogs/lexicon_valley/2014/11/25/sol_wachtler_the_judge_who_coined_indict_a_ham_sandwich_was_himself_indicted.html (last visited Dec 5, 2014).

[2] It’s Incredibly Rare For A Grand Jury To Do What Ferguson’s Just Did | FiveThirtyEight, , http://fivethirtyeight.com/datalab/ferguson-michael-brown-indictment-darren-wilson/ (last visited Dec 5, 2014).

[3] judicial branch – What is the percent of Police Officers that are indicted by a Grand Jury? – Politics Stack Exchange, , http://politics.stackexchange.com/questions/6471/what-is-the-percent-of-police-officers-that-are-indicted-by-a-grand-jury (last visited Dec 5, 2014).

[4] Id.

[5] Police Killings Call for New Kind of Prosecutor – Bloomberg View, , http://www.bloombergview.com/articles/2014-12-04/police-killings-call-for-new-kind-of-prosecutor (last visited Dec 5, 2014).

[6] Id.

[7] Id.

[8] Id.

[9] MO Rep, Sen want special prosecutors in all police shootings, , http://www.missourinet.com/2014/10/13/two-mo-lawmakers-want-special-prosecutors-in-all-officer-involved-shootings/ (last visited Dec 5, 2014).

Ethical Compliance and Cloud Services for Law Firms

Ethical Compliance and Cloud Services for Law Firms
Photo courtesy of LegalInk Magazine

Chances are, if you haven’t heard of the cloud, your head is probably in it! Today, cloud computing is becoming an essential element of personal and professional technology use. From our smartphones to our computers, both are increasingly becoming synchronized with cloud backup systems. From solo attorneys to big-box law firms, many are embracing cloud-based applications and backup options as a way of doing business. Here, we’ll discuss ethical compliance and cloud services for law firms.

You should be aware there are different platforms of cloud computing. Specifically, cloud computing is characterized as “large groups of remote servers networked to allow centralized data storage and online access to computer services or resources.”[1] The two main components of cloud based services boil down to data storage and applications that run locally but are processed in the cloud. It’s what those in the business refer to as Infrastructure as a Service (IaaS) and Software as a Service (SaaS)respectively . The history of cloud computing dates back to 1969 but “since the internet only started to offer significant bandwidth in the nineties, cloud computing for the masses has been something of a late developer.”[2] The concept gained industry notoriety in 2006 when Amazon first developed its Elastic Compute Cloud (EC2) model as the first commercial internet service allowing small businesses and individuals alike the ability to rent computers to run their own computer applications.[3]

Cloud Computing for Law Firms

For the most part, most cloud based application services offered to solo and small firms fall in the SaaS category. [4] Think of Clio, Rocket Matter, My Case, and Amicus cloud based case management platforms. However, many law firms and solo’s alike who don’t use SaaS based platforms have begun to use IaaS based platforms whether they know it or not. For instance, most iPhone users use iCloud to back up their devices even if not specifically intending to do so. Often times, when setting up a newly purchased iDevice, the setup steps require an iTunes log-in info. By doing so, iUsers inadvertently agree to have their digital content backed-up to Apples Cloud based storage. Don’t get me wrong, having a backup of your device’s content can be a Godsend if your device is lost or stolen. However, if you’re a lawyer who receives client related email or text messages on your phone, you just put confidential client information in a medium you neither are aware of, nor have control over.

Ethics Rules Possibly Affected by Cloud Computing

Under rule 1.1 of the Model Rules of Professional Conduct, the duty to “provide competent representation to a client” includes the duty to comprehend the cloud based technology services being used along with the duty to obtain client consent, and some cases the duty to counsel the client with regards to the use of cloud services in connection to representation. [5] Many states bar ethics committees have released opinions which generally permit attorneys to use “web-based storage services (like Google Docs and Dropbox) provided that the attorneys take reasonable steps to ensure their information is secure and not shared with third-parties.”[6] Given recent data breaches involving celebrity photos, cloud data security vulnerability is a very real possibility and should be paid close attention to. Moreover, if you aren’t even aware your client’s confidential information is being stored in the cloud, you certainly cannot claim to have taken reasonable steps to ensure their information is secure. To avoid any uncertainty, attorneys should be cognizant of what data is being backed up and where. Reasonable steps would include; routinely monitoring End User License Agreements, ascertaining where cloud providers store data, and keeping abreast of their retention policies.

Under, Rule 1.6, which includes an attorney’s duty to “exercise reasonable care to prevent . . . others whose services are utilized by the lawyer from disclosing or using confidential information of a client, comes another set of cloud related responsibility. “[7] Though some disclosure is permitted under RPC 1.6 where “the disclosure is impliedly authorized to advance the best interest of the client and is either reasonable under the circumstances or customary in the professional community,” an attorney should always know what the data is, where it’s located, and who has access to it. Granted these rules were designed to regulate traditional vendors such as storage facilities or copy services, they are also relevant to cloud computing as well.[8] Bottom line, cloud data storage is ethical so long as attorneys take “reasonable care to ensure the system is secure and the client confidentiality is maintained.”[9]

Under Rule 1.15, a lawyer has a duty to maintain and preserve client records and deliver them promptly upon request. Consequently, this applies to digital records kept locally and those maintained in the cloud, and making sure those files aren’t lost, stolen, or destroyed. Presumably, by using cloud-based backup services, you’re more than likely exercising the requisite reasonable efforts to maintain and preserve client records. Delivering client records upon request may be a sticking point for lawyers who use cloud based storage providers as we’ll get into next.

Pursuant to Rule 1.16, a lawyer has the “duty, upon termination of representation, to promptly deliver all papers and property to which the client is entitled,” which includes the work of cloud service providers.[10] Simply put, you must give the client all their files back after representation. However, if the cloud provider now legally owns the client’s digital content you uploaded, you can be in ethical violation of this rule. For instance, Google docs has a provision in their terms of service that states “when you upload or otherwise submit content to our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content. The rights you grant in this license are for the limited purpose of operating, promoting, and improving our Services, and to develop new ones.” To a layman it may appear that Google is seeking an ownership interest in the information you upload, however such licensing rights allow Google the ability store, transfer, and rewrite the data between multitudes of servers for backup purposes. To avoid RPC 1.16 pitfalls, I suggest understanding the terms of service between you and cloud providers.

Reasonable Precautions Attorneys Can Take to Ensure Client Info is Protected

There is a general consensus among ethic committees around the country that lawyers are ethically permitted to use cloud computing, however it should be noted that certain cases involving HIPAA, GLBA or FRCA may have additional restrictions. Overall, the general requirement is that lawyers take “reasonable precautions to ensure client information is protected from disclosure.”[11] Furthermore, the opinions all generally summate that attorneys will not be held as the guarantors of cloud based services. [12] As the New York State Bar Association put it, “the applicable standard is reasonable care, not strict liability,” and provided the following relevant guidelines attorneys should follow in exercising reasonable precautions. [13]

  1. Stay on top of emerging technologies to ensure client information is safeguarded.

  2. Research any cloud providers they are considering using to ensure the providers are well established, reputable, and have appropriate policies and practices to ensure that information is secure, properly handled, and backed up.

  3. Take steps to ensure that the vendor and its personnel are competent to perform the tasks required.

  4. Review all contracts and terms of service to ensure they comply with all ethical requirements.

  5. Take steps to ensure that service contracts: (a) require the cloud provider to safeguard client information; (b) have appropriate provisions about the ownership of data, handling of subpoenas and other legal process, and notification of data breaches; and (c) have appropriate end-of-contract or termination provisions, including the ability to retrieve data regardless of the reason for termination and proper procedures for deleting data from the cloud.

  6. Take steps to determine the geographical location of servers to ensure they are located in jurisdictions with adequate legal protections for data.

  7. Take steps to ensure that data stored in the cloud is accessible when needed, even if the contract is terminated or the vendor goes out of business.

  8. Protect against “end -user” vulnerabilities, such as the failure to use strong passwords or the use of unsecured Internet connections.

  9. Notify clients in the event of a significant data security breach.[14]

Conclusion

If ever unclear about a potential ethical dilemma involving client data or otherwise, simply pick up the phone and call your state bar for guidance. After all, it’s what you pay yearly membership fees for. For those who lack the time to scour end user license agreements the makers of EULAlyzer have created free software that will scan end user license agreements specifically in search of inconspicuous language which unfairly binds users to unfair terms. Bottom line, if you can document that you’ve taken reasonable steps to safeguard your clients data you should be fine.

 

[1] Cloud computing – Wikipedia, the free encyclopedia, , http://en.wikipedia.org/wiki/Cloud_computing (last visited Nov 18, 2014).

[2] A history of cloud computing, , http://www.computerweekly.com/feature/A-history-of-cloud-computing (last visited Nov 18, 2014).

[3] Id.

[4] New York City Bar Association – Ethics Overview – Ethics Panel, , http://www.nycbar.org/ethics/ethics-overview (last visited Nov 18, 2014).

[5] Id.

[6] The Best Law Firm Case Management Software – An In-Depth Comparison, , https://jurispage.com/2013/law-practice-management/the-best-law-firm-case-management-software-an-in-depth-comparison/ (last visited Nov 18, 2014).

[7] New York City Bar Association – Ethics Overview – Ethics Panel, supra note4.

[8] Id.

[9] Id.

[10] Id.

[11] Id.

[12] Id.

[13] Id.

[14] Id.

Law Firm Information Rights Management & Electronic Signatures

Information Rights Management and Electronic Signatures
Protecting Email Signatures

Can my email signature be forged? How about using an electronic signature on legally recognized documents? Both issues were recently presented to me by our senior equity partner at the law firm. My answers, yes & yes, but let me explain. It boils down to understanding Information Rights Management (IRM) and meeting the statutory requirements for using a legally recognized electronic signature.

Issue #1 Information Rights Management

When it comes to preventing email signatures from being altered, copied, or forwarded without authorization, an IRM policy must be implemented. Assuming we’re using an email client such as Outlook 2010 or newer, additional third party Microsoft credentials are required. Here’s how it works.

Information Rights Management (IRM) allows you to specify access permissions to email messages. IRM helps prevent sensitive information from being read, printed, forwarded, or copied by unauthorized people. After permission for a message is restricted by using IRM, the access and usage restrictions are enforced regardless of where the message goes, because the permissions to access an email message are stored in the message file itself.

IRM is generally implemented at the server level using Microsoft Exchange software. Alternatively, IRM is hosted on Microsoft servers by Microsoft for free, but requires a Microsoft Live ID (@hotmail.com email) to use. In order to utilize IRM internally, for example, a law firm would need one of the following: (1) running their own Microsoft Exchange server and managing it in-house, or (2) use a new or existing Microsoft Live ID (@hotmail.com ID) in conjunction with a firms existing hosted email to take advantage of IRM hosted for free on Microsoft servers. Clearly the latter is the most cost effective; however it would require several additional steps in sending an IRM equipped email.

Information rights management and electronic signatures
Legally Recognized Electronic Signatures

Issue #2 Using Electronic Signature

Here in Arizona, under Arizona Revised Statutes, an electronic signature is defined as an electronic process that is attached to or logically associated with a record that is executed or adopted by an individual with the intent to sign the record. A.R.S § 44-7002
Furthermore, a signature is considered secure if, at the time it was made, and applied through a security procedure it is; (1) unique to the person using it, (2) capable of verification (3) under the sole control of the person using it, and (4) linked to the electronic record to which it relates in such a manner that if the record were changed the electronic signature would be invalidated. A.R.S § 44-7003

Generally speaking, an electronic signature can be any electronic means of indicating that a person adopts the contents of an electronic message. However, under A.R.S. § 44-7003, to qualify as a secure electronic signature, the operative requirement is element (4), the necessity to have ones identity validated through a third-party security certificate service. Such services are seemingly analogous to credit reporting agencies however solely for electronic identity. Currently, there are seven credentialing services customarily used throughout the industry. Those seven services include ARX CoSign, Avoco secure2trust, ChosenSecurity, Comodo, GlobalSign, My Credential, and VeriSign.

If your firm decides to implement a secure electronic signature digital ID, it is recommended you use a platform you may already be using. For instance, at our firm, we use Norton for anti-virus protection. It just so happens Norton is who issues VeriSign electronic signatures. A yearly subscription is required however, with a digital ID, a possessor would not only be able to securely sign electronic documents, but also send digitally signed emails which, in and of itself, constitutes a secure verified document. The process is fairly simple; a YouTube video explaining the process can be viewed here.

http://youtu.be/wGHaB0elkaA

Conclusion

In conclusion, to protect email signatures from alteration, unauthorized copying and forwarding, a law firm has the option to implement Microsoft IRM services through the use of Microsoft Live ID accounts in lieu of costly in-house Exchange server management. Furthermore, secure electronic signatures pursuant to A.R.S § 44-7031, can be achieved through the use of digital ID’s validated through third-party security certificate services.

 

Understanding Civil Forfeiture Laws

Understanding Civil Forfeiture Laws
Understanding Civil Forfeiture Laws

Has your personal property been naughty lately? If so, it could be sued by federal, state, and municipal governments resulting in a good ole bona fide Fourth Amendment seizure. Also known as civil forfeiture, the practice has been around for decades. Although once generally limited to suspected drug dealers, with increasing bureaucratic budget shortfalls, its’ becoming widely used by government agencies as a source of department revenue across the nation.

Civil Forfeiture on the Federal Level

Civil forfeiture is codified on the federal level by 18 U.S.C. § 981 (paralleling 18 U.S.C. § 982) and 21 U.S.C. § 881.[1] Essentially, the government initiates civil actions against the property itself, not the owner to remedy a harm, through the fiction of the property’s “guilt.”[2] The result, if your property has been naughty – I.e., involved in or an instrumentality to a crime – it may be seized by the government without its’ owner (you) ever being charged or convicted of a crime. With regards to the guilt or lack thereof of the property’s owner, the Supreme Court ruled that Due Process does not require pre-seizure notice or hearing, and that the innocence of the owner is not a general defense.[3] What’s worse, state and local governments have since jumped on the bandwagon implementing their own form of civil forfeiture laws punishing naughty property by seizing it, selling it for 100% profit, and then incorporating the funds into their general operating budget.

Understanding Civil Forfeiture Laws
State & Local Civil Forfeiture

Civil Forfeiture on State and Local Levels

Originally the law was designed to give the federal government the authority to seize drug kingpin property used in illegal drug trafficking. For instance, if a drug trafficker was using his private plane or boat to transport narcotics, under the; RICO, Criminal and Drug Forfeiture Acts, the Feds could legally confiscate those items in order to prevent further trafficking. However recently, state and local level civil forfeiture laws have given local police departments the authority to forfeit personal items such as a jewelry, cash, homes and essentially anything else that can be sold. As noted, though the property owners are never charged, local & state agencies can bring action against the item itself leading to nonsensical forfeiture case names such as State of Texas vs. One Gold Crucifix or South Dakota v. Fifteen Impounded Cats.[4]

Here, in State of Texas vs. One Gold Crucifix, the “police confiscated a simple gold cross that a woman wore around her neck after pulling her over for a minor traffic violation.” [5] Since the defendant in civil forfeiture cases is the property itself, the rights of the owner have no bearing on the outcome. As a result, many individuals whose property is confiscated simply choose not to fight due the high costs of legal fees.

Further, one jurisdiction in particular, Philadelphia, PA, engages in the most notorious and aggressive civil forfeiture tactics in the country. Specifically, in a recent case involving a couple whose son was caught selling $40 worth of narcotics outside their family home, Philadelphia authorities sought to confiscate the couple’s entire home, sell it at auction, then retain the profits. As a result, The Institute for Justice has taken on the couples – and others similarly situated – case(s) filing a class action lawsuit seeking an injunction against the City of Philadelphia to halt what it refers to as “violations of rights guaranteed by the Due Process Clause of the Fourteenth Amendment.”

Defenses to Civil Forfeitures

As noted, unless provided by statute, the innocence of the owner is generally not a defense to a civil forfeiture. Even where statutory defenses are available, they are narrowly construed by the courts. [6] For example, “courts may apply an objective standard to determine if the owner should have had knowledge of the property’s illegal use, rather than require proof of actual knowledge.”[7]

In certain situations, owners may be able to argue that if no crime occurred, the government lacks probable cause, “or that the property is not closely enough connected to the crime to be considered an instrumentality or proceeds.”[8] Even where the government is required to return the property seized, it is not liable for any further damages resulting from its confiscation, nor any interest ordinarily accrued on actual forfeited funds.

Proposed changes

On the national level there has been chatter on reforming federal civil forfeiture statutes however not much has been done. There is bi-partisan support for the proposed Civil Asset Forfeiture Reform Act proposed by Tim Walberg (R-Mich) however it faces an uphill battle in the Judiciary Committee.

Currently, North Carolina is the only state in the country that prohibits civil forfeiture unless the owner of the property has been convicted of a crime. A state lawmaker in Virginia, Delegate Mark Cole, is proposing legislation in the 2015 general assembly to curtail current civil forfeiture statutes.[9] Hopefully other lawmakers will catch on as this little known, seemingly secret process is being brought to light.

Understanding Civil Forfeiture Law
Now that Its Affecting Many more Americans than Originally Intended . . .

Conclusion

If your property has been naughty or even has the inclination of naughtiness, have a sit down with it and explain the ramifications of its behavior. If that sounds ludicrous, so does the governments rationale for seizing it! My theory is that since this practice was primarily directed at inner-city “drug dealers” many Americans simply didn’t care. Once its pervasiveness started sprawling into suburban America, it now has become a problem that needs reform. It’ll be interesting to see how much government the limited government folks will tolerate once their loved ones and neighbors are affected.

 

 

[1] Forfeiture | Wex Legal Dictionary / Encyclopedia | LII / Legal Information Institute, , http://www.law.cornell.edu/wex/forfeiture (last visited Nov 6, 2014).

[2] Id.

[3] Calero Toledo v. Pearson Yacht Leasing Co., 416 U.S. 663 (1974).

[4] Civil forfeiture perverts justice – Technician: Opinion, , http://www.technicianonline.com/opinion/article_f07018ae-5a60-11e4-a320-0017a43b2370.html (last visited Nov 6, 2014).

[5] Id.

[6] Forfeiture | Wex Legal Dictionary / Encyclopedia | LII / Legal Information Institute, supra note1.

[7] Id.

[8] Id.

[9] State lawmaker targets civil forfeiture | Alexandria Times, , http://alextimes.com/2014/10/state-lawmaker-targets-civil-forfeiture/ (last visited Nov 6, 2014).