eDiscovery Daily Blog

The Speed of Migration of Legal to the Cloud is Debatable: eDiscovery Trends

How fast is the legal industry moving to the cloud?  And, what is holding some law firms back from migrating to the cloud?  These and other questions were discussed in a recent online discussion among industry experts.

In an article sponsored by ReplyAll on Bloomberg Law (Live Conversation: Making Sense of Legal’s Migration (or Not) to the Cloud), Zach Abramowitz moderated the discussion and introduced the topic as follows:

“The migration of the legal industry to the cloud has been, much like the word migration would suggest, slow and deliberate. Although Fortune 500 companies are using cloud based technology to track everything from their back office to their marketing and sales teams — and (as anyone who’s been through an airport can tell you) all the biggest tech companies in the world like Microsoft, Amazon and Alibaba are competing to offer you cloud storage and related services — many law firms are still insisting on keeping client data behind the firewall… Many of the best legal technology start-ups tell me that their #1 obstacle in selling their product is law firm resistance to the cloud. So, as we kick off this conversation, the question I’d like to start tackling today, is what should be the industry standard (we can discuss that too), but also begin by trying to better understand the disconnect between law firms and the rest of the world. With all the information available, is it rationale for law firms to still hesitate when it comes to the cloud?”

Panelists included:

  • Alma Asay, Founder of Allegory which was acquired last year by Integreon (where Alma is now the Chief Innovation Officer)
  • Dan Baker, Chief of Staff and Director of Legal Operations at Ancestry.com
  • Adam Cohen, Managing Director at Berkeley Research Group
  • Heidi Fessler, member of the Litigation Department and the eDiscovery, Data and Document Management Practice Group at Barnes & Thornburg
  • Bryon Bratcher, Managing Director at Gravity Stack LLC and formerly Director of Practice Solutions at Reed Smith LLP

Here are some of the observations from the panelists:

Asay: “Law firms regularly use private cloud providers, we simply don’t call them that. Legal service providers like Integreon regularly host data for their clients, effectively offering private cloud services, and are well adopted by law firms… Law firms know that they will fight tooth and nail against turning over their clients’ data, and they’re quite sure that service providers that specialize in the legal industry will fight just as hard (or risk never having another client). However, law firms have been less sure about how big companies servicing many different industries would proceed in the face of an order to release data in their possession. This is an issue that has come up time and time again, even as great strides have been made by law firms to understand and accept the benefits of the cloud… I think you’d be surprised how many professionals inside law firms quietly are advocating to use the cloud and recognize the benefits over hosting data inside the law firm, but they don’t feel empowered to execute until the banks do. Just as (supposedly) no one ever got fired for choosing IBM, there is still a sense that no one gets fired for NOT choosing the cloud.”

Cohen: “I think this (the question whether Amazon is handing over client data} is a real issue for some, but it’s not the overriding issue, which is a fundamental ignorance as to the allocation of risk in the cloud and how to deal with it. If you don’t understand the services you are buying, then you can’t assess security appropriately–something lawyers are required to do by virtue of their professional responsibilities.”

Cohen also quoted the headline from this press release “Threat Stack Analysis Reveals 73% of Companies Have Critical AWS Cloud Security Misconfigurations” where Threat Stack, a cloud security and compliance management company, announced the findings of an analysis of more than 200 companies using AWS that revealed nearly three-quarters have at least one critical security misconfiguration, such as remote SSH open to the entire internet.

Baker: “The concern – benchmarked with several large firms – is that cloud solutions may result in a scenario where the cloud provider could read the law firm’s files/email, if the provider wanted to. This could violate privilege or provide alternate, and unexpected, routes of discovery…{With regard to a question from Abramowitz as to whether public cloud providers simply change their terms of service to get law firms comfortable or is legal such small fry for them that they wouldn’t bother} Through a certain lens, yes. Through another lens, there’s booming growth in legal tech – especially surrounding contract and litigation discovery. I expect that public cloud providers will need to update their terms of services to get law firms more comfortable, and that it will be the discovery firms driving the change.”

Bratcher: “Ultimately many law firms are adopting a hybrid approach between a private cloud with a smaller public provider coupled with a cloud area with the larger public providers like AWS or Azure. I would see that trend continuing for the foreseeable future.”

Fessler: “It is hard for those outside of the law firm environment to understand the level of reticence to adopt “new” technology within the legal world. Most attorneys feel an enormous responsibility to keep their client data secure and under their personal lock and key. Unfortunately, this perception of control and security does not equate with fact. It is still common to find otherwise sophisticated attorneys who refuse to use eDiscovery tools and technology and instead running review using Excel spreadsheets. At times this hesitation is also the result of a misdirected drive to reduce legal spend.”

These are just a few snippets from an overall interesting conversation regarding legal’s adoption of the cloud.  Click here to view the entire conversation.  Tomorrow, I’ll have some thoughts about cloud selection and why the question of private or public cloud isn’t the only one you should be asking.

So, what do you think?  Do you think that the legal industry is still slow to adopt the cloud?  If so, why do you think that is?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

print