In House: eDiscovery & Legal Tech Archives
In House - The FindLaw Corporate Counsel Blog

Recently in eDiscovery & Legal Tech Category

Tech Companies Are Outraged Over U.K.'s Spying Bill

If you're lucky enough to be on one of the in-house counsel teams of Facebook, Google, Apple another giant tech company, then you've already heard about the U.K.'s proposed Investigatory Powers Bill. Your companies are not happy.

But what are some of the concerns that are getting tech firms so upset?

Data Theft by Employees Is Rampant

According to a survey by Biscom, a secure communications solutions business, a huge percentage of employees take employer proprietary data when they leave a job, whether they were asked to leave or not.

Surprised to see that you're not alone, right?

Basic cybersecurity skills aren't that complicated. A vigilant eye -- and good filtering software -- can protect you from many malicious online tricks, like phishing. Phishing, if you're not familiar, is a form of email fraud where messages appear to be legitimate in order to steal sensitive information. An email purporting to be from your HR department, for example, could ask for your company password and poof: Russian spies are all over your email system.

Phishing attacks can result in millions of dollars of damage and corporate legal departments are some of the most gullible targets. Thankfully, testing your team is pretty easy and a great way to identify weaknesses before hackers exploit them.

Prolific social media use is generating an ever-increasing amount of publicly available data. Just about every tweet, Facebook like, and instant message leaves a digital trail. And data analytics is growing increasingly skilled at mining that information in order to provide important insights, not just to marketers and government spies, but to corporations conducting internal investigations.

Unfortunately, many corporate investigations are ignoring those tools. Most companies fail to make use of social media analytics, according to a new survey by Deloitte, leaving in-house legal teams without potentially beneficial information.

According to a new study by Baker Hostetler, one of the nation's largest intellectual property focused law firms, most data breaches are caused by human error, not hackers or malware. In a review of over 200 data breach incidents, the firm found employee negligence to be the leading cause of breaches.

That's right -- those Russian hackers are less a threat to your company's security than its own employees, whose negligence or theft was responsible for more than half of all breaches examined.

A new phishing scheme to be on the look out for, one which is stealing millions from American companies and making headlines for its sophistication. This new threat to your cyber security adds a twist to traditional schemes: using live, human operators who fraudulently obtain your information during mock customer service calls.

The scam, labeled "Dyre Wolf" after the extinct and often mythologized predator, was discovered early in April by IBM. It's brought in $1 million thus far. That's nothing compared to many other schemes -- another sophisticated online fraud resulted in a $26 million judgment just the other day. Why is Dyre Wolf something to be concerned about then? The fact that it targets U.S. businesses and that it does so so well.

Ensuring Compliance: Your Year-Round Job

Compliance, compliance, compliance! Why does it seem like over half of the legal department's job is to make sure the corporation is dotting its I's and crossing its T's?

Because that is a large part of the legal department's job, especially in publicly traded companies where the shadow of the SEC looms like the background like Sauron. (OK, maybe not that menacingly.) Ebenezer Scrooge said he learned to have Christmas in his heart the whole year; that's the attitude GCs need when it comes to regulatory compliance.

Instant Messaging at Your Company: Convenient, but Problematic

Despite what you've been hearing for years, email isn't "dead" and it's not "dying." What is happening? Thanks to a bevy of new services, email -- once the universal online communication method -- has a very specific purpose.

The new hotness (which actually isn't that new): chat and instant-messaging programs, which allow employees in the same office to communicate with each other in real-time. There are a lot of different solutions, some corporate, and some not. Should your company try these out?

Why the Legal Dept. Should Be Best Friends With the IT Dept.

If there's one department that's the thorn in the side of company employees, it's the IT department. Their answer is always "no" and they make you wait on requests for a long time.

Of course, that's equally true of the legal department, too. With Sarbanes-Oxley being what it is, coupled with the dystopian e-discovery future in which we live, the IT department and the legal department should be best buddies. Whose photo do you have in your heart-shaped locket?

After Anthem Hack, What GCs Should Know About Encryption

Anthem Blue Cross, one of the nation's largest health insurance providers, revealed yesterday that its computers had been hacked, resulting in access to the records of millions of customers. This information included birthdays, Social Security numbers, addresses, and lots of other data that would be great if you wanted to steal someone's identity.

The Wall Street Journal reported that Anthem didn't encrypt the data that it kept in its own systems, which is really a rookie mistake. Sure, the law didn't require Anthem to encrypt the data, but that's no excuse. If your company is already encrypting data, good for you! You get a sticker. But if the company isn't, it's time to take a walk with the CTO and explain why you should.

Here are three things in-house lawyers should know about encryption: