Start Page: Is your data in the cloud really out of (your) control?

  • Print

WilsonI found a cloud-based software program that did everything I wanted it to do. It worked smoothly on all my devices. Then, I get the email, the one that says “We are happy to announce our new website. You are going to love the new features!” I ask, “Why fix something that’s not broken?”

Soon, you will have the same experience. In today’s rapidly changing technology environment, programmers update software frequently. Your choice: accept the changes or move on. When was the last time you went more than a day without an update request from your smartphone?

Cloud-based solutions offer economy and portability. You can access client information from anywhere. Updates are handled automatically. It’s a great time to be alive for a mobile lawyer!

But, that convenience can be a double-edged sword. Just when you learn how to use and operate the software, it can change. Some changes are good, such as updates to security flaws and other “behind the scenes” issues. Others can improve productivity. Other times, there are drastic changes, like complete site re-designs. Further, if the company goes under, what happens to your data?

If your data is in the cloud, do you know where it is? Do you know who has access to it? Is your data stored in the United States? Is it stored securely? Is the data commingled with other users’ data? If you want to move to another program, how easy is it to get your data out of the cloud-based software? Because it is web-based, what happens if your Internet connection is lost? Before jumping into the latest and greatest offering from the world of cloud computing, you need to understand the risks and benefits.

One way to understand cloud computing is to talk with your IT professional. Also, take a minute to read the new American Bar Association Model Rules of Professional Conduct. The ABA recently changed Model Rule 1.1 and the comments to Model Rule 1.1 to expand the lawyer’s duty to “keep abreast of changes in the law and its practice” by now specifically including the requirement to understand “the benefits and risks associated with relevant technology.” Model Rule 1.1 [8]. When your data is in the cloud, you are no longer in control.

Why bother with cloud computing? The answer is simple: in a few years, you will not have a choice. Every software application will be cloud-based. When is the last time you purchased a new computer that came with physical installation discs? Take a look at what Microsoft has done with Windows 8, stating that it is “Your Windows, everywhere.” The idea is that the software is central and all devices connect to that software for the same user experience. The cloud is where all your information lives. Apple is no different, pushing user data and software to iCloud. Google launched Google Drive and a web-based suite of office software.

There are many benefits of cloud computing. Upgrades and updates are obsolete. Your provider handles backups. Given the increased privacy concerns around use of data, providers should have a vested interest in keeping your information secure. Or do they?

You probably know that the software on your devices and the websites you visit collect data about you while you search the Web. Have you ever shopped for shoes and then noticed that the next time you checked your webmail account, you see ads for those same shoes? It’s not an accident; it’s called tracking and most websites do it.

Another risk is a specific type of hacker called a “hacktivist.” According to Wikipedia, hacktivism is “the use of computers and computer networks to promote political ends, chiefly free speech, human rights, and information ethics.” An example of the danger of this type of hacker is the law firm that successfully defended a client in an action, and the hacker feels that the law firm shouldn’t have won. The hacker hacks the law firm and potentially destroys the firm, all because of ideology. Think it can’t happen? It already has. (Google “anonymous-may-have-completely-destroyed-military-law-firm”). In fact, the FBI has warned that law firms have been the subject of hack attempts.

So, are things really out of your control? The classic lawyer answer is: it depends. If you use or are considering using web-based applications, take these three steps. First, get your client’s permission through informed consent. Second, know where your data is, who has access to it, how secure it is and how to get to it when needed. Third, ask for help. Your IT professional and other lawyers can help you navigate this exciting new frontier.•

__________

Seth Wilson is an attorney with Hume Smith Geddes Green & Simmons LLP in Indianapolis. In addition to practicing law, he helps manage the day-to-day technology operations of the firm, and frequently speaks and advises on legal technology issues. The opinions expressed are those of the author.

Please enable JavaScript to view this content.

{{ articles_remaining }}
Free {{ article_text }} Remaining
{{ articles_remaining }}
Free {{ article_text }} Remaining Article limit resets on
{{ count_down }}