The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/116777
We can contrast that history lesson with something much more current. Take the case of Bradley Manning. His whistleblowing initiated the largest leak of restricted documents ever. He uploaded some 500,000 internal Army reports (including diplomatic cables and intelligence reports), which would later become known as the "Iraq/Afghan War Logs." The magnitude of the scale and ease with which he was able to do this are important to note here. Big data can be moved, copied, transferred and uploaded easier than ever. Law firms are becoming increasingly responsible for litigating cases involving these mountains of data —so much data, in fact, that it is often unrealistic to even have it printed. WikiLeaks received such an exorbitant amount of raw data that they had to bring in several newspapers internationally to organize entire teams of analysts just to go through all of it. Big data is here to stay, but unfortunately the security surrounding it has not evolved to keep up. The litigation of such large data stores and the apparent lack of security protocols from the firms involved make this a hot issue. Are there too many cooks in the kitchen managing our big data? Taking a large legal case to court often involves moving gargantuan amounts of data. Discovery, or the process of exchanging documents between legal teams in the pretrial phase of litigation, can be quite onerous. The actual data collection could involve terabytes of data in a variety of storage formats (some quite obscure), in a medley of offices or data centers and on a mix of computer operating platforms. The original data are then de-NISTed, culled, filtered and then placed into a review platform for legal analysis. An army of contract attorneys is often hired to cull the data further and present the key documents to the case's lead partners for the legal strategy and trial preparation. Weeks are spent agonizing over the minute details of a handful of documents. Those documents get marked up, highlighted, redacted and generally prepared for presentation in court. Cases this size are not your typical dog-and-pony show when both sides have already invested hundreds of thousands of dollars in the battle. By the time sides are preparing for final combat in court, settlement negotiations are already in full swing. These cases can be worth billions of dollars. When the outcomes are so valuable, law firms need to place more weight on the security of the data. The questions of who has access, when they can access it, and how they can access the data need to be prioritized. Every day we see new stories of malicious cyber attacks, phishing and data theft. It's not uncommon for hackers to seed 10 or 20 thumb drives with key-logging spyware and hand them out to unwitting targets. Law firms today are dealing with big data through the use of sophisticated software, but they are not taking into consideration the point-to-point security of the data that is now easily searched, sorted and extracted. Many corporations are taking some beginning steps, such as requiring dual authentications when logging in to protect their data. Law firms need to start taking similar steps that focus on the security of their data as well. One metric that might be used to assign additional security could be the perceived value of the case. The higher the value, the more security precautions are enabled. Some precautions, such as using encrypted drives to transfer data, are already free and open source. Other precautions can get dramatically more expensive and burdensome to enforce, but the questions remain: How valuable are your data stores, and what are you doing to protect them? 68 Peer to Peer