Cybersecurity is an ever-increasing worry for law firms all over the nation. As courts have increasingly come to rely on technology, lawyers have had to increase their technical savvy. However, not all law firms have evolved with the changing times, and that can leave your clients’ data vulnerable when such a firm is a recipient of documents provided through discovery. What’s an attorney to do? File for a protective order…
A few weeks ago, we brought you the story of a massive data leak at some of London’s top law firms. This incident exposed over a million law firm email addresses, and a majority of those addresses came with passwords. It was a security nightmare, and here in the U.S., attorneys are seeking to prevent such disasters from affecting their clients.
During discovery, it’s becoming increasingly common for attorneys to file for a protective order requiring opposing counsel to have cybersecurity measures in place to protect any confidential information shared through electronic means. In the famous Takata products liability litigation, one such order demanded that any info downloaded from litigation support must be stored on devices that have both encryption and password protection. If a user cannot password protect or encrypt the device, then the information itself must be encrypted or password protected. Even tech giant Uber is getting into the act, striking such a deal with a non-profit corporation to ensure that both party’s data is protected from unauthorized access. If a person or party was unable to provide the security measures required by Uber, then that entity could also tor the info with an e-discovery vendor or claims administrator who does maintain such security measures.
The importance of these cyber security measures is steadily increasing, and they are also increasingly being insisted upon by attorneys and judges. Judges have generally ruled that cybersecurity is an essential part of discovery, yet experts caution opposing counsel to not make burdensome demands when it comes to these orders. Some protective orders are demanding damages for noncompliant cybersecurity, and talk of regulatory requirements on the horizon is beginning to swirl.
These revelations prove that every law firm needs a cybersecurity infrastructure. However, does you law firm have a cybersecurity procedure? Are you sure that procedure is the best method for handling your cybersecurity needs? The IT professionals at Exactify.IT audit these measures as a part of our cybersecurity services. To learn more, feel free to contact Exactify whenever you need to get back to practicing law rather than dealing with tech.