Syndicate content
Law practice, legal marketing, & legal technology.
Updated: 31 min 39 sec ago

Income-Based Repayment Is A Trap!

Tue, 06/09/2015 - 15:11

If you are a recent law school grad, you may have taken advantage of some student loan repayment plans that are slightly less awful than normal student loan repayment plans. You pay a fixed percentage of your (probably regrettably more meager than you would like) discretionary income and at the end of 20 to 25 years, voila! All is forgiven. Sounds…well, if not great, tolerable.

Except for the part where you could be hit with an enormous tax bill at the end of it all.

Specifically, [a ‘tax bomb’ is] set to go off in 2032, the first year when the loans qualify for debt forgiveness. At that point, the forgiven debt turns into “cancellation of debt” income under the tax code, taxed as ordinary income, says Southern Methodist University law professor Gregory S. Crespi.

How enormous are we talking? Super enormous.

For an IBR or PAYE law graduate enrollee with a $200,000 or larger unpaid debt at the time of their debt forgiveness this may well mean a combined federal and state income tax bill on this additional attributed income of at least $50,000 up to perhaps $100,000 or more [.]

Two pieces of (sort of) good news: (1) this only affects grads from 2012 to 2015 – about 30,000 unlucky souls. (2) You could avoid this tax hit if you basically have no other money or assets. As Steven Chung points out, there is an insolvency exception where if the taxpayer can show that his liabilities exceeded the value of his assets immediately prior to the forgiveness, then the cancellation of debt income as a result of loan forgiveness will not be taxable. However, Chung notes that those assets can include retirement accounts, home equity, and all personal assets.

So the trick is to just stay relatively poor. Easy enough!

Featured image: “Timer bomb isolated on white background 3D” from Shutterstock.

Income-Based Repayment Is A Trap! was originally published on Lawyerist.

Categories: Teknoids Blogs

Podcast #20: David Colarusso, Hacking for Justice

Tue, 06/09/2015 - 06:12

Related “What Does Legal Hacking Mean for Practicing Lawyers?”

In today’s podcast, David Colarusso, a lawyer and data scientist for the Massachusetts Committee for Public Counsel Services,1 talks about what a legal hacker is, how he incorporates hacking into lawyering, and why lawyers should learn to code.

But first, Sam and Aaron try to figure out whether lawyers who bill after working 55 hours in a week are just padding their hours.

There’s No Point Working More than 55 Hours a Week

I was pretty blown away when I came across this:

[P]roductivity drops off so much after 55 hours that there’s no point in working any more. That’s right, people who work as much as 70 hours (or more) per week actually get the same amount done as people who work 55 hours.

Now, working hours and billable hours aren’t the same thing, but this study suggests that anything you bill after working 55 hours in a week has little or no value. Here’s the Stanford study (pdf) that shows it. So from now on, when your clock hits 55 hours, shut down your computer and go home to your family and friends. Oh, and make sure you shut off your email in the evenings so you don’t accidentally burn some of your productive hours.

I’m sure lawyers will wholeheartedly embrace this advice.

(h/t Quartz)

David Colarusso on Legal Hacking

When we first discussed legal hacking in episode 17, Sam got a little stumped when Aaron asked what it meant. So we brought in David Colarusso to talk about what legal hacking is, including examples from his own experience.

We already talked about one of Colarusso’s projects, QnA Markup. He also talks about hacking around simple challenges, like finding all the defendants affected by a chemist in the state’s drug labs who was falsifying her reports. Technology definitely isn’t the solution to every legal problem (or even most of them, probably), but Colarusso demonstrates that technology can absolutely solve some important legal problems.

If you’re interested in joining or starting a legal hacker group, visit If you are interested in learning to code and you can spare about 10 hours over the next couple of weeks, visit Codecademy.

Thanks to Ruby Receptionists for sponsoring this episode.

Listen and Subscribe

To listen to the podcast, just scroll up and hit the play button.

To make sure you don’t miss an episode of the Lawyerist Podcast, subscribe now in iTunes, Stitcher, or any other podcast player. Or find out about new episodes by subscribing to the Lawyerist Insider, our email newsletter. We will announce new episodes in the Insider, and you can listen to them right here on Lawyerist.

  1. Also a coder, craftsman, designer, educator, and writer, according to his website

Podcast #20: David Colarusso, Hacking for Justice was originally published on Lawyerist.

Categories: Teknoids Blogs

Second Circuit Might Decide Doc Review Is Basically Like Cleaning Toilets

Mon, 06/08/2015 - 16:13

If you have been subsisting on document review jobs, you probably have many fears. Chief among them: “can robots do my job instead?” and “how on earth can I make a living doing this?” The Second Circuit may have both good news and bad news for you.

The good news: you might be eligible for overtime. The bad news: the only way in which you might be eligible for overtime is by having the Second Circuit declare that document review isn’t actually legal work…which means you are pretty replaceable by a robot or a college graduate or a particularly precocious child.

Some background: Back in 2013, attorney David Lola was doing doc review for Skadden Arps. He made $25/hour and sometimes worked in excess of 40 hours/week.

Lola regarded his duties as clerical. According to him, all he did was scan for assigned search terms and click pre-set buttons when he found them. Lola decided that if he was going to do work that didn’t require a law degree, he wanted to be paid overtime when he put in more than 40 hours a week.

There was just one problem with that idea: legal work is considered professional work and is exempt from labor laws that govern overtime pay. Lola sued Skadden and the doc review staffing agency, saying his work was too rote to count as legal work and should therefore be paid as any other hourly job would be. Lola lost at the district court but appealed to the Second Circuit and court-watchers seem to think that Lola might have a shot at getting his OT. Hooray! However, this might be a classic example of winning the battle but losing the war.

[I]n the short term contract attorneys doing document review get a windfall but it may come at the expense of their long term prospects. When document review is not considered legal work then there may be little reason to have lawyers do said work.

Be careful what you wish for.

Featured image: “Exhausted young man cleaning a toilet isolated on white background” from Shutterstock.

Second Circuit Might Decide Doc Review Is Basically Like Cleaning Toilets was originally published on Lawyerist.

Categories: Teknoids Blogs

Should We Crowdfund Lawsuits?

Mon, 06/08/2015 - 09:01

Lawyers are expensive. And, as we all know, everyone loves a good lawsuit. Further, if history is any guide, tech-based startups are a no-fail way to make truckloads of money. Finally, if the Millennial generation has taught us anything, it has proven that you can, and should, use Kickstarter to do everything.

Which brings us to the latest legal startup, CrowdJustice, a crowdfunding platform allowing ordinary citizens to fund public-interest litigation. CrowdJustice describes itself as a startup that “gives you the tools to raise funds, mobilise your community and publicise your issue1” by hiring lawyers to file a lawsuit. Now instead of donating your hard-earned money to charities to save endangered animals or at-risk children, you can give your money to lawyers.

This service is either a good idea or one of the worst ideas ever conceived. Certainly there are a number of problems that could probably only be solved by a judge declaring a law unconstitutional or a jury punishing a group of powerful evildoers. But opening up the floodgates to the whim of the populace seems, well, problematic. Besides, groups like the World Wildlife Fund, the American Civil Liberties Union, Greenpeace, the Electronic Frontier Foundation, and many other public interest groups have a good record of assembling a war-chest for paying a team of lawyers when the need arises.

The first case that CrowdJustice has put up for funding is Torres v. BP, a human rights abuse case against the oil giant which has already been in the UK press. It sounds like a terrible affair. Perhaps this test case will pave the way for more lawsuits, but only time will tell. Tell us what you think — should we start crowdfunding lawsuits?

  • So what do you think about crowdfunded lawsuits?*
    • Good idea.
    • Bad idea.
jQuery(document).ready(function($){gformInitSpinner( 23, '' );jQuery('#gform_ajax_frame_23').load( function(){var contents = jQuery(this).contents().find('*').html();var is_postback = contents.indexOf('GF_AJAX_POSTBACK') >= 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find('#gform_wrapper_23');var is_confirmation = jQuery(this).contents().find('#gform_confirmation_wrapper_23').length > 0;var is_redirect = contents.indexOf('gformRedirect(){') >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;if(is_form){jQuery('#gform_wrapper_23').html(form_content.html());setTimeout( function() { /* delay the scroll by 50 milliseconds to fix a bug in chrome */ jQuery(document).scrollTop(jQuery('#gform_wrapper_23').offset().top); }, 50 );if(window['gformInitDatepicker']) {gformInitDatepicker();}if(window['gformInitPriceFields']) {gformInitPriceFields();}var current_page = jQuery('#gform_source_page_number_23').val();gformInitSpinner( 23, '' );jQuery(document).trigger('gform_page_loaded', [23, current_page]);window['gf_submitting_23'] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find('#gforms_confirmation_message_23').html();if(!confirmation_content){confirmation_content = contents;}setTimeout(function(){jQuery('#gform_wrapper_23').replaceWith('<' + 'div id=\'gforms_confirmation_message_23\' class=\'gform_confirmation_message_23 gforms_confirmation_message\'' + '>' + confirmation_content + '<' + '/div' + '>');jQuery(document).scrollTop(jQuery('#gforms_confirmation_message_23').offset().top);jQuery(document).trigger('gform_confirmation_loaded', [23]);window['gf_submitting_23'] = false;}, 50);}else{jQuery('#gform_23').append(contents);if(window['gformRedirect']) {gformRedirect();}}jQuery(document).trigger('gform_post_render', [23, current_page]);} );} ); if(typeof gf_global == 'undefined') var gf_global = {"gf_currency_config":{"name":"U.S. Dollar","symbol_left":"$","symbol_right":"","symbol_padding":"","thousand_separator":",","decimal_separator":".","decimals":2},"base_url":"https:\/\/\/lawyerist\/wp-content\/plugins\/gravityforms","number_formats":[],"spinnerUrl":"https:\/\/\/lawyerist\/wp-content\/plugins\/gravityforms\/images\/spinner.gif"};jQuery(document).bind('gform_post_render', function(event, formId, currentPage){if(formId == 23) {} } );jQuery(document).bind('gform_post_conditional_logic', function(event, formId, fields, isInit){} ); jQuery(document).ready(function(){jQuery(document).trigger('gform_post_render', [23, 1]) } );

Featured image: “Conceptual views of high-cost legal fees” from Shutterstock.

  1. Yes, the spelling of “mobilize” and “publicize” is with an “s” because the company is British, and no, they did not use an Oxford comma. 

Should We Crowdfund Lawsuits? was originally published on Lawyerist.

Categories: Teknoids Blogs

Book Appointments through Your Website

Mon, 06/08/2015 - 06:12

Appointments with clients, opposing counsel, and colleagues are the lifeblood of your practice. It can also be very tedious.

Many lawyers have a secretary to take care of scheduling, among other things. But you may not need or want to add a secretary’s compensation package to your overhead.

That does not mean you have to resort to a email and phone tag to get things on your calendar. There are a number of scheduling apps that make it easier to book appointments.

Your Client is Not Your Secretary

First, be careful not to send the message that the other person needs to work around your schedule. Your convenience may come across as self-importance. Obviously, this is not the perception you want to cultivate in a potential client or referral source. To avoid this, just be careful how you introduce contacts to your scheduling system.

Andrew Cabasso suggests writing “let me know when works best for you” with a link to your scheduler as a way to soften the request. This is much more welcoming than “here’s my calendar so you can set an appointment,” which feels more like a demand. It’s a small detail, but it can make a big difference.

When setting up your scheduling system, take time to make the experience positive for the people who are scheduling appointments with you, too.

I’ve tested many scheduling apps. The ones I have highlighted in this post offer the most bang for your buck and offer a number of unique features.


TimeBridge’s goal is to become your new default calendar application. TimeBridge will sync your iCal, Google, or Outlook calender events and contacts.

Upon logging into TimeBridge, you will be presented with an underwhelming UI and an overwhelming feature set. Since it appears TimeBridge is geared towards scheduling meetings with large teams, some features such as “Create a Group” are likely unnecessary for your needs. For each meeting you want to schedule, you are allowed to choose up to five available times to send to your attendees. The attendees can then choose what times work best for them, which TimeGather will then aggregate, giving you the optimal meeting time for all attendees.

TimeGather also comes with a number of helpful features such as built-in audio conferencing, appointment reminders (either through SMS or email), directions, and even the weather forecast for the day of your meeting.

Price: TimeBridge gives you all these features (incredibly) for free.


If you are looking for simplicity and no frills, Calendly is the scheduling app for you. Currently, Calendly will only let you sync and sign-in with your Google account — although it is beta testing support for Office 365.

Setting up your schedule revolves around “event types.” Calendly will allow you to use one event type for free (15, 30, or 60-minute meetings). If you want customize your event types or let your clients choose from multiple event types, you will have to pay $10 a month.

By paying for Calendly, you will also get personalized notifications, an option to removing Calendly’s branding, automated reminders, and priority support.

Price: Calendly is free for basic features. It will run you $10 per month for advanced features.


SetMore is a scheduling app that only syncs with Google Calendar. But what it lacks in Outlook and iCal support is more than made up for with its other features.

SetMore allows your clients to set appoints through your site with plugins or an HTML code you can embed on your site. Additionally, SetMore has created a Facebook app that will let your clients choose their appointments from your Facebook Page. For all booked appointments, SetMore will send you and your client an SMS or email reminder.

SetMore also moonlights as a light customer relationship management system. When your client sets up an appointment, it will request your clients contact information — which you can later export to MailChimp — through a branded booking page. SetMore will also let your clients leave you a review if they are so inclined to do so.

Price: All the main features are free. SetMore is $25 per month if you wish to schedule over 20 staff members.


Doodle lets you create a booking page without even creating an account, a welcome feature if you do not wish to sign up for yet another web service.

For more advanced features though, you will have to sign up for a free account. This free account will let you store your “polls” (your scheduling times, essentially) and give you a “MeetMe” page to let clients schedule appointments around your availability.

Doodle also offers a couple of paid tiers for additional functionality. Private users will get automatic reminders, a list of attendees, the ability to request additional information, end-to-end SSL encryption, and an ad-free interface. If you want to further customize your client’s Doodle experience, you will have to pay for a Business account. A business account lets you brand your page, customize your subdomain (which is helpful because “Doodle” doesn’t exactly give a professional vibe), and manage users.

Price: Doodle is $39 per year for a private account or $69 per year for a business account.

Regardless which you choose, a scheduling app may reduce days of email and phone tag to a few clicks.

Featured image: “Businessman checking appointments in the calendar at the office” from Shutterstock.

Book Appointments through Your Website was originally published on Lawyerist.

Categories: Teknoids Blogs

Fixing your #@(*$#)$( Single-Spacing in Microsoft Word

Sun, 06/07/2015 - 07:45

It used to be a lot easier. Single spacing, that is. It’s a pretty simple concept: you don’t want any extra spaces between the lines within your paragraphs. It ought to be easy to do.

But Microsoft Word somehow takes a simple concept and makes it difficult in practice. And if there is one thing that I find makes people curse Microsoft Word faster than any other, it’s this. Here’s what’s going on behind the scenes and, more importantly, how you can fix it permanently.

Unless otherwise noted below, all instructions and screenshots are for Microsoft Office 2010 for Windows.

When Line Spacing isn’t (Just) Line Spacing

A big part of the problem is that there’s more than one setting that actually controls the spacing between lines. There’s line spacing, which is exactly what it sounds like: single-spaced, double-spaced, etc. The easiest and fastest way to reset line spacing is to use the line spacing drop-down in the Paragraph section of the Home tab:

But there is also spacing before and after paragraphs which is independent of intra-paragraph line spacing. To put it in simpler terms, if you hit the Return key (which marks the end of a “paragraph” in Word), even if your line spacing is set at 1.0, the before/after paragraph spacing may make your text look as if it is double-spaced:

The fastest, most direct way to fix this in your current document is to select the affected paragraphs with your mouse, go to the Page Layout tab, and change the number in the Spacing area of the Paragraph section to zero.

When Microsoft Knows Better Than You

Users who upgraded from Microsoft Word 2003 noticed almost immediately that their line spacing was off. Not way off, but off just enough that they could tell the lines weren’t single-spaced.

Their eyes weren’t deceiving them. Microsoft, in its infinite wisdom, decided that all documents needed to have the more online-friendly line spacing of 1.15, so they set that line spacing as the default for the Normal template.

Personally, I think the 1.15 line spacing is good for long documents, particularly letters with lengthy paragraphs. But that does not mean we all have to acquiesce to Microsoft’s “wisdom” by default.

To force single spacing in your current document, use that line spacing drop-down shown above. However, the quickest way to reset the default spacing in your document is to go to the Home tab and, in the Styles section, right-click on the style called Normal (usually the first one in the list):

Since the Normal style is what most of the rest of the styles in your document are based on, changing this one style will cascade down to the others. When you right-click on Normal, click Modify to get this dialog box:

Just click on the single-spacing icon (circled above) to force single-spacing. To adjust before/after paragraph spacing, click on the Format button on the bottom and choose Paragraph to get this dialog box:

Adjust those numbers to zero and click OK to exit.

Fixing This Stuff Permanently

Doing this repeatedly in every document is going to get old quickly. If you want to change the default settings for all new documents, you’ll have to modify the Normal template. But before you can modify it, you’ll have to find it. Microsoft does not make this easy.

The fastest way to find it in Windows is to click on the Start button and drop this text into the “Search programs and files” field at the bottom:


You’re looking for something called Normal.dotx (in Word 2007/2010) or (Word 2003 or earlier). First, SAVE A COPY of your Normal template under a new name (right-click, choose Copy, then right-click again and choose Paste, then right-click again and choose Rename).

Right click on the one called Normal and choose Open. Make the changes to the Normal style as noted above (switch to single-spacing and zero out before/after paragraph spacing), then do File | Save As and make sure it’s saving it into the location where it came from. Choose “yes” if Word asks if you want to overwrite it. Close the template.

From now on, any new document you create with the Normal template (which, for most users, is 99% of their documents unless they’ve been really diligent about creating their own library of templates) will have the new settings by default.

  • 2013-07-13. Originally published.
  • 2015-05-29. Revised and republished.

Featured image by Andrew McCluskey / CC BY 2.0.

Fixing your #@(*$#)$( Single-Spacing in Microsoft Word was originally published on Lawyerist.

Categories: Teknoids Blogs

Make Networking Go More Smoothly with Selfies

Fri, 06/05/2015 - 05:54

For years, meeting new people for networking has included an awkward ritual. You arrive and scan the tables, looking for singletons. If you see a likely candidate, you have to go and ask if they are the person you are supposed to meet. If you don’t see anyone, you get a table and watch the entrance for someone who arrives alone and seems to be looking for someone they don’t know. Then you jump up and ask “hi, are you so-and-so?” If they are, it’s fine and you have coffee or lunch or drinks or whatever. If not, it’s awkward. And sometimes you send an email from your phone asking if you got the day wrong only to find out so-and-so has been sitting on the patio for twenty minutes while you were waiting inside.

The Internet helps — sometimes. If you can find a good picture of the person on their website or on LinkedIn or Facebook, you might have a better idea of who you are looking for. Although many profile photos on websites and LinkedIn appear to have been taken in the 80s and scanned badly. And many profile photos on Facebook are babies or dogs. Or, like me, you may have shaved off all your hair since your last profile photo.

So make it easy. Send a selfie about an hour before the meeting that shows what you look like. Like this:

Subject: Lunch today

Here is what I look like today, so you don’t have to awkwardly ask people if they come from the Internet.

Looking forward to talking about the Lawyerist Podcast!


Make sure to get the top of your outfit in the frame, since that is probably easier to recognize at a distance than your face. Don’t obsess about the photo, either. The goal is just to help your networking contact locate you in a coffee shop, restaurant, or bar. You don’t need to make it a masterpiece. If it makes you feel better, you could ask them to keep the photo to themselves for that reason.

Sending a selfie in advance of your meeting also has the side benefit of serving as a reminder of your meeting without being patronizing. (Maybe it’s just me, but when someone sends a reminder it feels a bit patronizing, like they think I can’t be trusted to show up unless they remind me.)

The next time you are meeting someone in public for the first time, plan ahead — just a little bit — and send a quick selfie to make things go more smoothly.

Make Networking Go More Smoothly with Selfies was originally published on Lawyerist.

Categories: Teknoids Blogs

Lawyers Suck At Diversity and We Don’t Want to Talk About It

Thu, 06/04/2015 - 17:15

It’s time for some real talk about how terrible our profession is at ensuring diversity. We talk the talk, with BigLaw firms hiring “diversity coordinators” and law schools attempting to make efforts to recruit students of color, but we’re failing, and we’re failing hard.

[A]ccording to Bureau of Labor statistics, law is one of the least racially diverse professions in the nation. Eighty-eight percent of lawyers are white. Other careers do better — 81 percent of architects and engineers are white; 78 percent of accountants are white; and 72 percent of physicians and surgeons are white.

One of the biggest problems in addressing this is that we don’t actually think we have a problem. Look what happened when Sam Glover tried to discuss whether there was a diversity problem in solosmall firms. This is true at the BigLaw level as well, where diversity — both in terms of people of color and in terms of advancing the role of women in a profession where they are far less likely to end up at the top — seems to be framed simultaneously as incredibly important but also impossible.

I recently surveyed managing partners of the 100 largest law firms and general counsel of Fortune 100 companies. Virtually all of the 53 participants in the study said diversity was a high priority. But they attributed the under-representation of minorities to the lack of candidates in the pool. And they explained the “woman problem” by citing women’s different choices and disproportionate family responsibilities in the context of a 24/7 workplace. As one managing partner put it, “You have to be realistic. It’s a demanding profession. . . . I don’t claim we’ve figure it out.”

No, you really don’t have it figured out. It’s impossible to overstate the avalanche of statistics that show how much we suck:

  • Women account for a third of the profession, but only a fifth of law firm partners and are far less likely to make partner.
  • People of color constitute a fifth of the population of law school graduates, but make up less than seven percent of law partners.
  • If you give law firm partners a legal memo and tell them a white man wrote it, they will rank it uniformly higher than if they are told a black man wrote it.

We can do better. We have to do better, or we cement ourselves as a profession that has no idea how to serve an increasingly diverse population and, worse still, a profession that, at root, just doesn’t care.

Featured image: “Standing out from the crowd” from Shutterstock.

Lawyers Suck At Diversity and We Don’t Want to Talk About It was originally published on Lawyerist.

Categories: Teknoids Blogs

CaseRails Gets Sued by Case Webs, and it’s Wacky

Thu, 06/04/2015 - 16:16
“CaseRails is currently being sued for everything from trademark infringement to computer trespass and common-law conspiracy …”

CaseRails is content management and document automation/assembly software for lawyers. I haven’t had a chance to use it, yet, but it looks pretty cool.

What’s more interesting right at this very moment, however, is that CaseRails is currently being sued for everything from trademark infringement to computer trespass and common-law conspiracy by Georgia attorney Sanford Asman. If you want to know more about Asman, simply peruse pages 5–24 of the 47-page complaint (pdf) in which Asman lays out his life story and the history of the software products he has developed in excruciating detail going back to the late 1970s.

In the complaint, as far as I can tell, Asman contends that he has the exclusive right to call software Case [Noun] and use rails “in connection with a web-based legal application also using the word ‘Case.'” CaseRails called Asman’s threatened lawsuit frivolous. Ars Technica picked up the story after Asman made his first threats, and that’s where things started to get wacky.

The article in Ars apparently got Asman to add a cause of action for defamation because:

(1) Asman was referred to as “Ass man” [in the comments]; (2) one of the readers of the blog apparently registered the domain “” and is using it to link to another website (namely, “The Scuzz Feed” which appears under the url, “”) that Asman does not sponsor or endorse.

Asman also went and added a cause of action for common-law conspiracy to subject Asman to ridicule and the above statements (I think that’s the gist of it; the complaint wanders). It’s all just a bit too much, and I’m guessing U.S. District Court Judge Eleanor Ross is already winding up for a benchslap.

(Somehow, by the way, Asman is also suing the Electronic Frontier Foundation (in a separate lawsuit) on behalf of Scott Horstemeyer, apparently because EFF hurt Horstemeyer’s feelings by calling his patent stupid. I feel like I’m hearing echoes of Charles Carreon all over this story.)

CaseRails Gets Sued by Case Webs, and it’s Wacky was originally published on Lawyerist.

Categories: Teknoids Blogs

Westlaw Classic is (Almost) Dead, Long Live Westlaw Classic

Thu, 06/04/2015 - 16:00

Thomson Reuters has just announced that, sometime over the summer, it is sending Westlaw Classic to live on the farm. A friendly farm, where it can play in fields of casebooks and help … shepardize … ok, fine. All bad puns aside, the mainstay service is retiring sooner rather than later, so Thomson is telling its subscribers to get ready now. Lawyers are notoriously slow to change their ways in everything, and technology is no exception. Law is one of the few industries left that still uses fax machines to transmit documents across distances, and Florida’s State Bar still prohibits soliciting clients via telegraph.

Bob Ambrogi has compared Westlaw Classic’s retirement to the cancellation of New Coke, but time will tell whether its retirement is actually more similar to that of Coca-Cola. The TL;DR can be found here for you millennials. Perhaps lawyers will make the transition smoothly, perhaps not. While Westlaw has been pushing more and more people over to its new platform to ease the transition, it would not be surprising to see some type of backlash once it happens. Maybe some enterprising programmer will build a Westlaw Classic browser extension, but until then we Westlaw subscribers will have to live with the change.

Featured image: “ Zombie hand coming out of his grave ” from Shutterstock.

Westlaw Classic is (Almost) Dead, Long Live Westlaw Classic was originally published on Lawyerist.

Categories: Teknoids Blogs

How Many Requests for Admissions Are Too Many? 2,265?

Thu, 06/04/2015 - 15:41

That’s from a memorandum (pdf) in Ashker v. Schwarzenegger, and it seems like the the defendants just might have a point here:

“There is good cause for the protective order as the RFAs propounded by plaintiffs cause ‘annoyance, embarrassment, oppression, undue burden or expense.'”

The plaintiffs are apparently members of the Aryan Brotherhood, a white supremacist gang, and file quite a lot of lawsuits.

How Many Requests for Admissions Are Too Many? 2,265? was originally published on Lawyerist.

Categories: Teknoids Blogs

How Avvo Tries to Prevent Fake Client Reviews

Thu, 06/04/2015 - 06:12

A case before the Washington Court of Appeals will help Avvo determine when to unmask anonymous client reviews. It also illustrates what many believe to be a common problem with online reviews: fake ones. What if someone who doesn’t like you decides to hurt you by posing as a client in order to post a negative review on your Avvo profile?

In her defamation lawsuit, Florida lawyer Deborah Thomson alleges exactly that. She says the author of a one-star review on her Avvo profile was not written by a client. But Avvo decided to fight Thomson’s subpoena and won in the district court.

Here’s the background on Thomson’s lawsuit, Avvo’s procedures for preventing fake client, and why it is fighting the subpoena.

The One-Star Review

Thomson has an Avvo Rating of 8.6 and a client rating of about 4.5 stars. That client rating would be five stars except for this review:

The same person apparently left reviews on Yelp! and Google. Thomson left a response on her Avvo profile:

The writer of this review was not an actual client of mine. This is a personal attack from someone that I know. …

Client Ratings on Avvo

Avvo actually gives you two ratings:

  1. The well-known Avvo Rating is a number from one to ten that is calculated from information about you on your Avvo profile.
  2. Your client rating is an average of the one-to-five stars given to you by clients who post a review to your Avvo profile.

Client ratings don’t figure into your Avvo Rating, and vice-versa. Both are displayed prominently on your Avvo profile. Thomson is obviously exercised about the second rating and — more particularly — that one-star review.

How Avvo Tries to Prevent Fake Reviews

In her response to the one-star review, Thomson claimed that Avvo does not verify client reviews.

AVVO does not verify the information contained in a negative client review, nor does it verify that a person was, in fact, an actual client, before allowing it to post on an attorney’s profile.

That’s mostly accurate, but it’s not the whole story. According to Avvo’s general counsel, Josh King, Avvo does take a variety of steps, some proactive and some reactive, to try to weed out fake reviews.

  1. First of all, every review is moderated by a human being before it is published on a lawyer’s profile. Among other things, Avvo’s moderators look for any indication that the reviewer is not actually a client. For example, Avvo gets reviews from friends and family members, opposing counsel, and probably bots and trolls. This is usually obvious from the review itself. With its new Advisor service, however, Avvo might know for a fact that some reviews come from actual clients.
  2. If a lawyer contacts Avvo to complain that a review was left by someone other than a client, Avvo will take a second look at the review to make sure it was properly approved. If the review survives this second round of moderation, it stays up.
  3. If the lawyer wants to dispute the matter further, Avvo will unpublish the review and contact the reviewer. The form Avvo sends asks the reviewer to take another look at the review and make sure they were really a client and that this was actually their lawyer. If the reviewer re-affirms the review, it goes back on the lawyer’s profile.

Related “7 Famous Lawyers with Lower Avvo Ratings than Mine”

So far, Avvo hasn’t done any independent verification. It’s basically just taking the reviewer’s word for everything. It’s a process that reflects Avvo’s view: the best way to respond to a negative review is by responding to it on your profile — which you can do. Or in First Amendment terms, the best response to bad speech is more speech.

Lawyers who aren’t satisfied with that generally file a defamation lawsuit and subpoena Avvo for the identity of the reviewer. This is usually the point at which King gets involved, and he says it happens about a dozen times a year.

When King gets a subpoena, he generally contacts the lawyer in question to find out their theory of the case. Sometimes the lawyer has enough information to allow him to figure out who left the review. In one case, for example, it turned out that the reviewer was actually another lawyer — who was even logged in to Avvo when she left the review. But usually King tries to talk the lawyer out of the lawsuit by explaining the Streisand Effect. If that doesn’t work, King notifies the reviewer. If the reviewer can prove to King’s satisfaction that he or she is actually a client, Avvo will fight the subpoena.

King says this happens about half the time. He says he often gets signed retainers, pleadings, correspondence, and other pretty clear evidence that there was an attorney-client relationship. The other half of the time, presumably, Avvo unmasks the reviewer.

Back to Thomson v. Doe

Thomson apparently went through all of Avvo’s procedures in this case. Avvo’s review moderators cleared the review. Thomson disputed the review and Avvo confirmed it with the reviewer. Then she served a subpoena and King investigated. He said he is satisfied that Thomson’s reviewer was actually her client.

Assuming that’s true, it’s hard to see what Thomson is trying to accomplish with her lawsuit. The review is one of eleven on her profile, and Thomson still has a 4.5 client rating (which, honestly, looks better than her Avvo Rating). Any sensible person looking over her reviews would see that one-star review as an outlier. The other reviews call her exceptional, trustworthy, caring, highly recommended, and so on.

Related “Can a One Star Review Get You Sued? The Right to Anonymous Speech on the Internet and the Future of Internet ‘Unmasking’ Statutes”
American University Journal of Gender, Social Policy & the Law (docx)

What she may accomplish, although it probably isn’t her goal, is to establish the law of unmasking anonymous commenters in defamation lawsuits in Washington. King hopes the Washington Court of Appeals will do more than simply require a plaintiff to properly allege defamation.

In the appellate brief (pdf) Public Citizen filed on behalf of Doe, it argues that a plaintiff should essentially have to establish a prima facie case, including evidence supporting each element of the claims. Then, it says, the court should balance the potential harm to each party in light of the strength of the plaintiff’s evidence.

That’s a heftier burden that makes it harder to unmask anonymous online commenters, which is either a good thing or a bad thing depending on how you feel about the importance of anonymous ratings. It’s pretty clear which side Avvo comes down on, at least. Lawyers who feel they’ve been wronged by a reviewer online probably feel differently.

Update: After I spoke with King for this article, he posted “Protecting Anonymity in Client Reviews” on his own blog.

Featured image: “One Star Rating On Blackboard With White Chalk” from Shutterstock.

How Avvo Tries to Prevent Fake Client Reviews was originally published on Lawyerist.

Categories: Teknoids Blogs

“Bring Your Child To Co-Work Day” Could Soon Be Here

Wed, 06/03/2015 - 18:45

From the Department of Someone Really Should Have Thought of This Sooner comes the idea of a co-working space with built-in day care:

[Portland entrepreneur Glaucia] Martin-Porath says she’s already got a child care provider lined up and is currently on the hunt for 6,000 to 8,000 square feet for the co-working space, plus another 5,000 square feet for the child care accommodations.

It seems unfathomable that no one has focused on this until now. While Martin-Porath is focusing on co-working mothers and has more than 100 women who have expressed interest in the concept, the idea of built-in day care would be a boon to any gender of entrepreneur. Arguably, in a family scenario where both parents work, the able-to-co-work-parent might be the one with more flexibility already tasked with picking the children up from daycare or staying at home when needed.

And in case you were wondering, niche co-working is apparently by no means limited to focusing on parents with childcare needs.

In Denver, Colo. alone, there’s Green Labs, a place for entrepreneurs in the cannabis industry; Green Spaces, a spot that’s entirely solar-powered and requires members to be green-certified; and LawBank, a co-working space for attorneys[.]

Well, if I was going to pick a place for the weed co-working spot, it definitely would be Denver.

Featured image: “Young businessman at a meeting” from Shutterstock.

“Bring Your Child To Co-Work Day” Could Soon Be Here was originally published on Lawyerist.

Categories: Teknoids Blogs

How to Avoid Spam Emails

Wed, 06/03/2015 - 06:11

“What to Do About Spam: Some Easy Steps” by Dee Crocker was originally published in the January edition of the Oregon State Bar Bulletin. It is republished here with permission.

Spam is generally defined as an unsolicited email, usually sent to many people at one time. Unsolicited email, or spam, is now a serious threat to everyone’s use of the Internet. Internet service providers are strongly opposed to it; it clogs their systems and angers recipients. Spam is frequently offensive and can be illegal when it involves pyramid marketing or rumor spreading. Unsolicited commercial email is just irritating.

Spammers “harvest” email addresses by stripping email return addresses out of something you posted somewhere. Your email address is then “sold” by others as a valuable commodity. You can add to your own problem simply by responding to spam. When you respond, the spammer confirms a valid address. Now your name can now be sold to other spammers, and thus it begins.

Spam Rules

First, never respond to spam. Your message will most likely be bounced and no one will ever read it or respond to it.

Also, never respond to the spammer’s instruction to reply with the word “remove” or “unsubscribe” in the email’s subject line. This is primarily a trick to get you to verify your address. If you reply, your address is now guaranteed to get a lot more spam.

Related “Inbox Zero for Lawyers”

Then, it’s really necessary to take some affirmative steps to filter or block spam. See Spam Filter Review for the latest software recommended for this purpose.

Use an auto-responder function with caution. If you are using an auto-reply message, either through an Out of Office Assistant or some type of rule, this reply validates you as a live hit.

It’s always good to identify spam before it’s ever opened in the first place. For one thing, it saves time. Things to look for:

  • Be wary of messages that state or imply that you have already shown an interest in their product of service. Anything that starts with “As you Requested,” or “Re: the quote you asked for,” for example, should be suspect.
  • Be wary of messages that make it appear that your name or address have accompanied the materials elsewhere. For example, if you see that your name is included in a long list of recipients, none of whom you recognize, that’s a red flag noting something is amiss.
  • Be wary of messages that claim to come from “a friend” or other questionable context.
  • Some are so obvious you know just from the host name or subject line. Examples would be, or, along with anything having to do with cheap Rolex watches, little blue pills, enlarging body parts, etc.
  • If either the From or Subject line of an email raises any level of suspicion, it’s probably spam. Just hit the delete button — it’s crude but effective.
Avoid Receiving Spam

Use filters for subject or content words. Have your system filter words such as: free, loan, debt, resort, work from home, wealthviagra, making money, secrets, snoring, investments, etc. If, despite your subject filters, you still receive spam, look in the content for a commonly used word in the email and add it to your delete filter rules. Caveat: Spammers know all about filters and try to get around them by using misspelled words. Instead of sex they will use seXXX, or instead of free, it may be freeMoney.

A word of caution: It is possible someone legitimately attempting to correspond with you may use a common word from your filter list. So be cautious in the words being placed in the filter, or you will have desirable email rejected. Especially at the beginning, it’s a good idea to check in with the spam filter program periodically to make sure that it didn’t correctly catch 927 pieces of spam but also two important messages you’ve been waiting to receive. Some spam filter programs allow you to “green light” specific email addresses. Once a legitimate correspondent has been snagged in your filter, that’s the time to tell the program to always allow email from that email address.

Use two email addresses — one for communicating with friends and family, and one for such various Internet activities as online shopping or chat groups or social networking sites.

Related “Three Microsoft Outlook Quick Tricks”

Outlook, Outlook Express, Gmail, and Firefox all allow for blocking of spam. You simply indicate that further mail from an offending spammer is to be blocked in the future. Unfortunately, this too, is not foolproof. Spammers use a multitude of names addresses or subjects, so you may have blocked them once but they can come back using a different name.

Educating those you are close to will also help you. Essentially, these people also have access to your email address and thus, regardless of how careful you are about providing it to websites, they can inadvertently give your email address to spammers accidently. One very important thing that those with access to your email address need to know is that if they are going to forward a particular email to a lot of people, they should forward it by using the BCC option. This way everyone else’s email addresses are masked. If you forward it to everyone normally, and that email eventually makes it into the hands of spammers, then you have essentially just signed up everyone for spam. Thus educating people about the importance of BCC is very important.

Yet another way others could accidently expose your email address to spam is as innocently as a loving relative who really wants to surprise you by signing you up for that “free” laptop that a site is giving away. This sort of action, as I hope most of you are already aware, will likely lead to that email address getting spam. Thus, for everyone’s sake, it’s really necessary that in addition to making sure you know how to avoid spam, you also help others to know how to stay safe as well.

Get Back at Spammers

First, never buy anything from a spammer, period. Report them by forwarding their message to their or your Internet service provider (ISP). Paste the header and body of the spam by dragging your mouse over the entire email. Then right click and choose copy. Then send the pasted information and email content to the spammer’s ISP. Unfortunately a few of the big league spammers maintain their own ISPs, so your complaint will fall on deaf ears.

Also, report downright illegal email to:

Legal remedies are scarce, by the way. Much of the pornographic and gambling spam emanates from Russia or Europe because things can be a lot more lenient there. Spam legislation has not been enacted on a federal level in the United States, although several bills are pending. Unfortunately, as a worldwide activity, much legislation may be ineffective.

Special Kinds of Email Problems

The Hoax. Hoaxes would include “The sky is falling” and other scary things. Be especially wary if the email encourages you to forward the information to everyone you know immediately. Anything that sounds like an old-fashioned chain letter is best treated like one (ignored!).

Does the email quote a well-known authority or computer expert like a Microsoft or IBM executive in the message giving it supposed credibility? Does the email talk about the possibilities of untold danger if you don’t act now? If so, you may have a hoax email. Do not forward. Check out the legitimacy of any suspicious emails first with Snopes or Urban Legends.

The Virus. To help determine if your message is a virus, check its file extension. There are only five or six file extensions (examples: .doc or .jpg) that you should be receiving. There are several that you should NOT be getting unless you are a programmer. Right-click with your mouse on the attachment to pull up the file’s properties. If you see filename.txt.vbs or something similar, do not open it! Also, be leery of emails that have a blank subject line; this can be a clear sign they contain a virus. The best way to stay protected is by using common sense and by using a good virus checker.

Trojan Horses and Worms. Trojan horses and worms are also scary. For these you can get infected simply by visiting a website: You may want to disable Java, Javascript and ActiveX in your browser. A good way to check for these is to install and regularly remember to use Malware Bytes.

Spam is difficult to get rid of once you’re on the spammers’ lists. However, it is relatively easy to avoid in the first place. The steps outlined above, if followed correctly, will render you all but immune to the ravages of spam.

Featured image: “Retro vintage clipart: Spam happens!” from Shutterstock.

How to Avoid Spam Emails was originally published on Lawyerist.

Categories: Teknoids Blogs

Stop Using An Email Signature

Tue, 06/02/2015 - 15:27

Internet denizens, we came so close to getting rid of clunky sign-offs to our written communication. Email was supposed to be deliberately informal and was not going to mimic our culturally-ingrained letter-sending formalities.

When e-mail first entered the office in the 1990s, most users wanted to abandon the formalities of letter writing altogether, so they omitted signoffs. […] [A] Los Angeles Times article from that era […] predicted that the rise of electronic communication would ultimately kill off the written goodbye altogether.

Oh, to return to those halcyon days. Now we feel like we need to close our email as if we’ve just penned a missive on delicate parchment and sent it off by post. All our options for doing that are universally terrible though.

“Yours” sounds too Hallmark. “Warmest regards” is too effusive. “Thanks” is fine, but it’s often used when there’s no gratitude necessary. “Sincerely” is just fake—how sincere do you really feel about sending along those attached files?

In order to solve this problem, we seem to have  settled on the most boring closing imaginable “Best.” “Best” is bland. “Best” is inoffensive. “Best” is the most anodyne way one could possibly end something, because it means nothing. Are you really wishing your colleagues all the very best in the world when you send them a note about how the copier is broken again? Did you intend to tell WIRED magazine that you wish them the best when you sent an email to cancel your subscription? No you did not.

Free yourself from the shackles of thinking your email is just a speedy letter writing tool and drop your completely unnecessary email sign-off. Well, unless you are emailing your 85-year-old great aunt who just learned how to use email, in which case you should employ the nicest sign-off you can think of, because otherwise she will just think you are being rude.

Featured image: “A girl sent email to A man on smartphone” from Shutterstock.

Stop Using An Email Signature was originally published on Lawyerist.

Categories: Teknoids Blogs

Client Confidentiality in the Digital Age

Tue, 06/02/2015 - 06:11

“Client Confidentiality in the Digital Age” by Ed Finkel was originally published in the May edition of the Illinois Bar Journal. It is republished here with permission.

The pathways for breaching client confidentiality — whether due to simple carelessness or inadequate security — continue to multiply as technology advances.

One Illinois attorney responded to a bad review on Avvo in a way that the ARDC said violated client confidentiality. Another uploaded to YouTube a video recording of his client involved in a drug transaction. A third disclosed to the state’s attorney that his client had (privately) changed his story in a case to say that he had, in fact, engaged in conduct that resulted in a felony murder charge.

“There are many recent cases where lawyers have found themselves in trouble because of their use of client confidential information in settings that might surprise people,” says Mary K. Foster, counsel to the Attorney Registration and Disciplinary Commission (ARDC) review board and lecturer on legal ethics at Northwestern University School of Law. “They can send unencrypted e-mail. They can use client information gained through conversations with the client, in ways that the client might not anticipate.”

Regarding these types of cases and other confidentiality-related matters — which can be related to the set-up of physical office space, in-office computer networks, and external services like the cloud — attorneys and their firms need to review Rule 1.6 of the Rules of Professional Conduct that covers confidentiality, says Nerino Petro, chief information officer with Holmstrom & Kennedy, P.C. in Rockford and before that a lawyer-technologist with the State Bar of Wisconsin.

“That’s kind of the foundation for where we need to begin,” he says. “Rule 1.6 applies to conversations we have in public, at the office, in electronic communication, with our data. There are certain levels of protection you can obtain, but then there’s another layer of complexity if you’re dealing with anything that may be covered by HIPAA or HI-TECH, or federal regulations like FERPA, which may have higher standards than what we may think is necessary based on the Rules of Professional Conduct.”

Allison Wood, a former ARDC litigator who’s now principal with Legal Ethics Consulting, P.C., sees two main concerns around confidentiality. “Attorneys must be mindful in taking the requisite steps to ensure the protection of client information when they utilize social media, and when they engage in advancing technologies to deliver legal services,” she says.

“Breaches most often occur when an attorney sends an e-mail communication to the wrong party; when they post client information on social media without the client’s consent; when they leave a laptop unattended and someone steals it or hacks into it; or when office mates leave copies of client documents on the shared copying machine,” Wood adds. “There just needs to be a mindfulness in the way the attorney manages his or her practice. They have to think before they post [and] consider their surroundings when they meet clients, or where they will work on client matters.”

Errors of Commission

Attorneys don’t adequately monitor their e-mail and social media behavior in part because they don’t understand that electronic communication leaves behind a footprint, Foster says. “I teach my students that e-mail equals ‘electronic eternal evidence,'” she says. “What you do online, there’s a record of it, just as if you were writing a letter to someone or stating it in a court transcript. We’ve become so accustomed to using the Internet and using these [online] tools; we sometimes use them in situations that violate our client confidences.”

In the example involving the bad Avvo review, the client had complained that the services provided in an employment discrimination case had been inadequate. In her response, the attorney “stated that the client had lost his case because he had engaged in a physical altercation with someone, which wasn’t in his initial [Avvo] review,” Foster says.

The ARDC reprimanded the attorney for violating client confidentiality for responding, which “might surprise lawyers, that they can’t respond that way,” she says. While an attorney can certainly mount a defense if sued for malpractice, “they can’t respond in a more informal setting,” even if the information they disclose is accurate.

In the YouTube case, the defense attorney had received the video recording from the prosecutor and uploaded it with the title, “Cops and Task Force Planting Drugs.” “He claimed he was trying to get a sense of whether the video actually showed the cops planting drugs,” Foster says. “He realized later that it showed the client purchasing drugs.” The client lived in a small town, and when the clip went viral around the town, “she wasn’t happy, understandably.”

In the felony murder case, the defense attorney initially said his client had an alibi and then disclosed the client’s change of story to the prosecutor, which he did not have permission to disclose, yet “argued that he was doing it on behalf of his client,” Foster says. The state’s attorney then charged the client with felony murder, and the attorney was found to have violated confidentiality rules. “In all of these cases…the lawyers didn’t necessarily have bad intent…,” she adds. But they were disciplined nonetheless.

Creating Secure Physical Space

Aside from cases in which attorneys take an active role in breaching confidentiality, Foster presents a second set of concerns revolving around errors of omission, starting with both physical and cyber security in-house and extending outward to the cloud.

Regarding physical office space and related firm policies, Foster poses a couple questions that she says attorneys and firms should be asking themselves. “Are hard copy documents secured properly?” she says. “Can client conversations be overheard from the waiting room?”

For Petro, concerns about physical office space boils down to “the little things,” such as “putting files away in your cabinets, not putting your server in open areas — I’ve seen break rooms where a firm has put their server — and not leaving [computer] passwords lying around.”

Cyber Insecure

Lawyers and their firms are vulnerable to cyber attacks precisely because they think they’re invulnerable, Foster says. “To most lawyers, this sounds like the stuff of science fiction,” she says. “But it’s becoming a real concern. It should concern most lawyers, not only lawyers in large firms representing corporations in mega-deals but also small firm lawyers because increasingly, these lawyers are becoming targets for hackers.

“In that situation, it’s not the lawyer making a judgment error, but being a luddite and not understanding new technology,” Foster adds. “They can’t put their heads in the sand and think they’re safe from attack because they’re not.”

Attorneys and law firms have become targets for hackers because they maintain a lot of confidential client information in their records, such as financial details and Social Security numbers, often in electronic form, Foster says. “Just like anyone else, just like any other agency that keeps information on behalf of a client, you need to make sure you’re securing it properly,” she says. “It isn’t so much a disciplinary concern as it is a risk management concern for lawyers.”

Few cybersecurity-related cases have reached disciplinary boards like the ARDC, Foster says, but their potential to cause other kinds of trouble is rampant. “We’ve all heard about the possibility that the [National Security Agency] listened in on confidential lawyer communications,” she says. “The ABA wrote a letter last year to the NSA about concerns about NSA’s use of confidential attorney-client communications, that they might be spying.”

More broadly, “What we’re hearing is that it’s not uncommon these days for law firms to be targeted by hackers for private information, just like anyone is, just like citizens are,” Foster adds. “While you can never alleviate all possibilities of a breach, you can reasonably protect yourself with some planning.”

External and Internal Hackers

Related “How to Encrypt Attorney-Client Communications”

While intellectual property lawyers and those who handle corporate secrets probably understand the need for strict security measures, “the average lawyer probably spends far less time thinking about data and confidentiality risks,” Foster says. “All lawyers, however, should consider whether their client information is secure, whether it be from a cyber attack, an e-mail scam, or from an errant employee.”

To protect themselves and their firms, attorneys need to ask themselves another series of critical questions, Foster says. Regarding their own computer systems, “Should they encrypt their e-mail? Should they scrub their documents? Should they install [security] systems in their office to protect client matters?” she says. “Should they rely on outside [security] services? And how do they protect themselves from their own employees? How do they protect their employee information?”

There have been cases where employees have taken confidential information and misused it, Foster adds, and in some of those cases it’s been disgruntled or otherwise malevolent departing employees. “They take the laptop,” she says. “What if confidential client information is contained on those laptops?”

That leads to a set of policy questions, Foster says. “Do you allow employees to take home laptops, tablets, or firm cellphones?” she says. “What is your firm policy on the use of cellphones? Do you allow guests and clients to gain access through Wi-Fi while in the office? If so, is it secure? Are your clients’ identities protected?”

Attorneys who value their mobility away from the office have to be doubly careful, Wood says. “Generally speaking, the truly mobile attorney has to recognize that meeting with a client in an open public place does not lend itself to a secure confidential exchange,” she says. “Working on a laptop in a coffee shop could create a risk when you tap into the Wi-Fi of the coffee shop, which could mean anyone can see your files.”

System Security

Related “Your 4-Step Computer Security Upgrade”

Petro mentions some practical steps attorneys and their firms can take to secure their systems against hackers. For one thing, out-of-date hardware and software that’s no longer manufacturer-supported makes you vulnerable. “This is where a lot of lawyers fall down,” he says. “This is not a secure operating system. You’re going to have to keep your technology up to date.”

Attorneys and firms also need anti-virus, anti-malware, and firewall programming, as well as individual, secure log-ins and passwords, Petro says. “It’s all of these kinds of basic, due-diligence things that people overlook,” he says. “Everybody has to have their own user log-in-not ‘Worker 1′ and ‘Worker 2′ and everybody shares it. They need passwords. Systems need to lock down when they’re not at their desk. If a client comes in late, and their kids are running around, and the secretary’s work station isn’t locked, the next thing you know it has a virus because they’re playing on it.”

Passwords need to be changed on a “semi-regular” basis, at least annually, and ideally they should be no fewer than 12 characters, with upper and lower case letters, numbers, and special characters, Petro says. “The problem is, not every website supports that [length],” he says. “But the longer, the better.”

Password manager apps like LastPass generate random passwords and assign them to various sites, so that all you need to do is remember your password for LastPass itself. “Otherwise, you can’t keep track of everything,” Petro adds.

Cloud-Based Security

Related “HIPAA-Compliant Cloud File Services”

For those using outside contractors to manage their cloud services, Foster has another series of questions: “Have you chosen that contractor carefully? Does the contractor work with other lawyers? Do you know where data is stored? Have you completed an assessment of your risks within the last year? Do you have a system in place to detect a breach of security or a cyber threat? Do you have a plan in the event of a breach to remediate the damage? Do you regularly communicate your policies to all firm employees? To clients?”

Illinois does not yet have a governing ethics opinion on using cloud technology, which means that “it comes down to due diligence,” Petro says. He echoes Foster in suggesting that attorneys and firms check out the reputation of possible service providers, find out how they secure data and what steps they take.

But don’t be afraid of the cloud, Petro says. “Everybody’s like, ‘I can’t use the cloud, it’s too insecure,'” he says. “I don’t agree with that. You have to take reasonable precautions to ensure the confidentiality and security of your data. You can’t guarantee there’s never going to be a breach.”

A growing number of attorneys and firms are using cloud-based services, Petro says. “As a profession, we can continue to say, this is what our rules require [and stay away from the cloud],” he says. “The reality is that the rest of the world is passing us by and saying this is acceptable. We’re going to have to find some way to live in that world. That’s going to be the key.”


Related “Sookasa Provides HIPAA-Compliant, Encrypted File Storage”

To keep data in the cloud safe, Petro suggests not using free cloud software like Dropbox, or at least use services like Sookasa or Boxcrypter that encrypt the data you upload into accounts like Google Drive. “Everybody uses Dropbox because it’s drop-dead easy to use. I understand that,” he says. “I use Sookasa, which is a paid product, with Dropbox. It’s HIPAA and FERPA compliant.”

“You’ve got to be encrypting your data if you put it out on the cloud, unless your service encrypts the data and you control the key,” Petro adds. “That’s the ideal situation,” and SpyderOak is among the services that do so. “At a minimum, you need to do due diligence, for folks providing the encryption of data, that keys are kept separately from the data and not stored on the same server. [Separate storage] decreases the likelihood that hackers will be able to get at everything.”

Aaron Brooks, partner at Holmstrom & Kennedy, says that encryption is perhaps the most useful single security measure one can take and suggests encrypting data at all phases of its existence-at rest, in transit, or at the end of its useful life.

“Encryption at rest refers to protecting the electronic storage medium upon which a unit of information resides. In other words, any place that electronic client information is stored should be properly encrypted,” he says. “Thus, laptop computers, tablets, phones, USB drives, and other places that can be used to store client information should be encrypted in a manner that complies with NIST and federal standards for encryption.”

Encryption in transit refers to the movement of electronic data from one device to another, Brooks says. “For example, when transmitting data to and from a cloud-based storage service such as Dropbox, one should be able to observe that the browser is connecting via the standard ‘HTTPS’ secure communications protocol,” he says. “Alternatively, when transmitting sensitive information between private networks…a comparable secure mechanism, such as a VPN connection, should be used.”

Finally, at the end of a document’s or device’s useful life the device used to store electronic client information should be destroyed, Brooks says. “Attorneys can use reputable shredding services to destroy old devices such as hard drives and USB drives, and often these services will provide a certificate of destruction for the file,” he says.

Featured image: “security lock on computer circuit board – computer security concept” from Shutterstock.

Client Confidentiality in the Digital Age was originally published on Lawyerist.

Categories: Teknoids Blogs

Podcast #19: Ernie Svenson on Going Paperless

Tue, 06/02/2015 - 00:15

According to Ernie Svenson, either you already are paperless or you just haven’t committed to it, yet. If you haven’t committed, you are just wasting resources maintaining two systems: one for your paper files and and one for your digital clients files.

This week Sam and Aaron also talk about why you should never use hotel Wi-Fi without a VPN.

Hotel Wi-Fi

Related “4-Step Computer Security Upgrade”

Seriously. Hotels, airports, coffee shops, and even courthouses are the places someone is most likely to be snooping on your browsing. Our assistant editor, Holden, actually saw someone sniffing packets at a public library the other day. This is not uncommon. Find out what recommend to keep your (and your clients’) private information private.

Ernie Svenson’s Tips for Going Paperless

If you are wondering how to get started going paperless, today’s podcast will answer most of your questions. Ernie Svenson talks with Sam about objections and advantages, and explains why you have almost certainly already started going paperless even if you don’t realize it. The trick now is to commit to it.

Ernie addresses PDF software, and why you should probably get Acrobat, as well as other gear for the paperless law office. Plus tips, tricks, and what to do with old files.

Thanks to Ruby Receptionists for sponsoring this episode.

Listen and Subscribe

To listen to the podcast, just scroll up and hit the play button.

To make sure you don’t miss an episode of the Lawyerist Podcast, subscribe now in iTunes, Stitcher, or any other podcast player. Or find out about new episodes by subscribing to the Lawyerist Insider, our email newsletter. We will announce new episodes in the Insider, and you can listen to them right here on Lawyerist.

Podcast #19: Ernie Svenson on Going Paperless was originally published on Lawyerist.

Categories: Teknoids Blogs

Go Update Your Google Privacy And Content Settings Right Now

Mon, 06/01/2015 - 16:46

It’s always a perfectly lovely day to do a privacy self-audit and make sure that your permissions on things like Google and Facebook are everything you hoped and dreamed of. Today, Google made that process extremely easy with their revamp of their My Account page. The revamp divides your account page into three sections: Sign-in and Security, Personal Info and Privacy, and Account Preferences.

Here are some things you should be sure to review, because the new page is so criminally easy that you have no excuse not to.

  • Make sure you have a recovery email and recovery phone so Google can reach you in the event your account is hacked or you are locked out.
  • Make sure your two-factor authentication is turned on. (You are running two-factor authentication, right??)
  • Check your device activity to make sure that all of those things accessing your Google account are indeed your things.
  • Check to see what apps you have connected to your Google account. If you are anything like me, you have allowed way too many apps access because it was easy, and now that app list is a graveyard of disused apps that all still have access. Make them go away.
  • Check and see if you are storing your search history, your location history, your app activity, your YouTube history, and your Google voice search activity. You may be perfectly happy storing all those things, but if you are not, it takes one click to stop storing them. (My YouTube searches involve a shameful amount of tracking down disco remixes, apparently. I should maybe turn that off.)
  • Manage your ad settings. Did you know you could opt out of certain types of ads? Why haven’t you?

You can also dig into less mission-critical things like seeing how much storage you are using and how many bookmarks you have synced. All in all, it is a useful one-stop shop to deal with the Google behemoth.

Go Update Your Google Privacy And Content Settings Right Now was originally published on Lawyerist.

Categories: Teknoids Blogs

Top Five Inanimate Objects to Use as Your Lawyer

Mon, 06/01/2015 - 06:12

A man in Colorado brought a stuffed owl to court with him as his lawyer. According to news reports, the owl’s name is Solomon, and it was “just sitting in” until a public defender was assigned to the man’s case. Although the owl claimed to have law degrees from Yale, Harvard, and Stanford, it is unclear just how effective Solomon was in the courtroom. Still, this highly credentialed advocate probably charged a much lower hourly rate than your average lawyer. If you are considering hiring a lawyer and are wondering whether an inanimate object may better serve your needs, consider these alternatives.

Featured image: “Owl Judge holding gavel and scales” from Shutterstock.

Top Five Inanimate Objects to Use as Your Lawyer was originally published on Lawyerist.

Categories: Teknoids Blogs

Why You Should Use A Virtual Credit Card Number For Free Trials

Fri, 05/29/2015 - 16:30

While I take many steps to ensure my data safety on the internet, I have always believed that getting your credit card data hacked is, at some level, one of the costs of doing business in the virtual world: it will happen eventually, and hopefully you have maximum safeguards in place to make that as painless as possible.

Because of that not-terribly-wise worldview, I have largely ignored the credit cards that let you generate virtual numbers to ensure no one can hack your actual card and bank info because the seller doesn’t get your actual card number. But Lee Rosen over at Divorce Discourse has finally given me a compelling reason to use virtual card numbers: being able to forget, with impunity, to cancel free trials.

Well, what if you used a [virtual credit card number] for a software service?

It’s the perfect solution. You use it, and the service charges you the fee once. Then, when it’s time to renew, the company runs your card and it gets declined. Excellent. Now it’s got to hunt you down for your new credit card number. The burden to cancel has shifted. Problem solved.

I could have saved a fortune over the years if only I had thought of this.

Featured image: “Security locks with password on piles of credit cards / Credit card data encryption concept” from Shutterstock.

Why You Should Use A Virtual Credit Card Number For Free Trials was originally published on Lawyerist.

Categories: Teknoids Blogs