I’ve looked at clouds from both sides now
From up and down, and still somehow
It’s cloud illusions I recall
I really don’t know clouds at all
– “Both Sides Now” by Joni Mitchell
Technology is fast becoming (if it hasn’t already) a relevant topic in any and every aspect of life. Even though law, in general, tends to incorporate technological advances much slower than other professions, the legal world cannot deny technology’s impact and influence on the practice of law. For example, social networking and digital communication has already made for interesting revelations and discussions within the legal world. Judges have declared mistrials because of one juror’s use of Twitter. (Source). In another case, the prosecutor posted on Facebook a parody of the “Gilligan Island” theme song as it relates to the trial he was currently prosecuting. (Source). Most recently, the United States Supreme Court was revealed to be rather naive about text messaging. (Source). The list goes on. It’s clear that as legal practitioners, legal academics, judicial officers, etc., we will be dealing with technology for the foreseeable future in order to define acceptable (both socially and legally) practices for using technology in and out of the court room. But what about updating the practice of law?
More specifically: What about cloud computing as a law practice management tool?
I have been reading several blog posts about law offices transitioning from local file storage to cloud computing. (In a nutshell, cloud computing is the practice of keeping your digital files stored on the internet, in redundant, remote servers so that the files may be accessed from anywhere with an internet connection as opposed to being stored on your local hard drive). Most, if not all, of the posts warn the reader of potential security breaches by switching to a cloud model. Inherent to the cloud computing model is the necessity to keep sensitive, private, and possibly confidential/privileged data outside of the office. Oftentimes, the data is stored on computers in foreign countries, and accordingly subject to foreign privacy laws and possibly out of the reach of United States privacy laws. Thus, a practitioner is receiving convenience–the ability to access files from any internet-accessible location–in exchange for exposure to possible malpractice–the dissemination of client data to unauthorized third parties. The risk is surely significant. However, as demonstrated here and here, why are we so apprehensive about cloud computing yet so confident sending e-mails containing oftentimes the same sensitive data we refuse to place in the cloud? Most e-mails are as secure as sending a postcard.
I definitely do not stand for the proposition that sending non-encrypted e-mails should lead to storing client data on servers in foreign countries. However, I do believe that if someone really wanted to obtain your data, it’s easier than we all think. Additionally, a hard copy of anything can be scanned digitally and then reproduced ad infinitum and instantly sent to every corner of the world. So, not using cloud computing does not ipso facto make your data safe from interception. Now, I am not Chicken Little with my wings flailing here. It’s not the end of secure data, but merely the painful beginning of security technology as it relates to cloud computing. I remember 12 or so years ago when the first iMac was released by Apple. It didn’t have a floppy drive. You’re probably laughing at that last statement, but back in 1998 many critics were up in arms about how a desktop computer would be able to function without an external storage. We now carry our “floppies” on our key chains in the form of multi-gigabyte flash drives. The cloud is definitely where we will end up. We’re just waiting for the coast to be clear enough for clouds.
