In House: eDiscovery & Legal Tech Archives
In House - The FindLaw Corporate Counsel Blog

Recently in eDiscovery & Legal Tech Category

According to a new study by Baker Hostetler, one of the nation's largest intellectual property focused law firms, most data breaches are caused by human error, not hackers or malware. In a review of over 200 data breach incidents, the firm found employee negligence to be the leading cause of breaches.

That's right -- those Russian hackers are less a threat to your company's security than its own employees, whose negligence or theft was responsible for more than half of all breaches examined.

A new phishing scheme to be on the look out for, one which is stealing millions from American companies and making headlines for its sophistication. This new threat to your cyber security adds a twist to traditional schemes: using live, human operators who fraudulently obtain your information during mock customer service calls.

The scam, labeled "Dyre Wolf" after the extinct and often mythologized predator, was discovered early in April by IBM. It's brought in $1 million thus far. That's nothing compared to many other schemes -- another sophisticated online fraud resulted in a $26 million judgment just the other day. Why is Dyre Wolf something to be concerned about then? The fact that it targets U.S. businesses and that it does so so well.

Compliance, compliance, compliance! Why does it seem like over half of the legal department's job is to make sure the corporation is dotting its I's and crossing its T's?

Because that is a large part of the legal department's job, especially in publicly traded companies where the shadow of the SEC looms like the background like Sauron. (OK, maybe not that menacingly.) Ebenezer Scrooge said he learned to have Christmas in his heart the whole year; that's the attitude GCs need when it comes to regulatory compliance.

Despite what you've been hearing for years, email isn't "dead" and it's not "dying." What is happening? Thanks to a bevy of new services, email -- once the universal online communication method -- has a very specific purpose.

The new hotness (which actually isn't that new): chat and instant-messaging programs, which allow employees in the same office to communicate with each other in real-time. There are a lot of different solutions, some corporate, and some not. Should your company try these out?

If there's one department that's the thorn in the side of company employees, it's the IT department. Their answer is always "no" and they make you wait on requests for a long time.

Of course, that's equally true of the legal department, too. With Sarbanes-Oxley being what it is, coupled with the dystopian e-discovery future in which we live, the IT department and the legal department should be best buddies. Whose photo do you have in your heart-shaped locket?

Anthem Blue Cross, one of the nation's largest health insurance providers, revealed yesterday that its computers had been hacked, resulting in access to the records of millions of customers. This information included birthdays, Social Security numbers, addresses, and lots of other data that would be great if you wanted to steal someone's identity.

The Wall Street Journal reported that Anthem didn't encrypt the data that it kept in its own systems, which is really a rookie mistake. Sure, the law didn't require Anthem to encrypt the data, but that's no excuse. If your company is already encrypting data, good for you! You get a sticker. But if the company isn't, it's time to take a walk with the CTO and explain why you should.

Here are three things in-house lawyers should know about encryption:

Whether or not LinkedIn seems like a good idea -- and even if you don't know what you're supposed to be using it for -- in-house lawyers seem to love it. According to a survey by research firm Acritas, 43 percent of female GCs and 33 percent of male GCs are on LinkedIn.

That's a large proportion of GCs -- especially for women. So what's the deal with in-house counsel using LinkedIn so much? Has LinkedIn, as Acritas suggests, become the new "golf course" when it comes to making deals?

From the "if you wrote it down, it's probably discoverable" department comes a ruling from Judge Edward Chen of the U.S. District Court for the Northern District of California. In September, Chen allowed part of a lawsuit to move forward claiming that Uber's "gratuity" charges are misleading because all of the gratuity doesn't go the driver.

Uber CEO Travis Kalanick fought against disclosing some damning emails, but an order by Chen affirmed the ruling of a magistrate judge ordering their disclosure.

Creepy: Email Scanning System Watches to Predict Data Theft

Data theft and breaches are always a hot topic around here. They are, after all, an in-house attorney's worst nightmare: Lawsuits, lost business, and a whole lot of legal fees will wreak havoc on your bottom line if you have a data leak. But what if there was a way to predict data theft before it happened, a la Tom Cruise's "Minority Report"? Sure, you'd have to worry about outside hackers ruining your day, but at least mutiny and sabotage would be covered.

That's what UBIC's Virtual Data Scientist promises. It has the ability to scan users' email to find common harbingers of data theft, such as complaints about how the company treats them or about one's financial problems, reports PC World. And while the program is currently Japanese-only, it may make it stateside in the near future.

PG&E's Friendly Emails to Regulators: 3 Lessons

Wait, so you're not allowed to send cute, overly familiar emails to the regulatory board that is going to decide how much your company gets dinged for blowing up a bunch of houses and killing some peeps a few years back, demanding that you get a more lenient administrative law judge?

Now you tell me. And now Pacific Gas & Electric knows, after a series of back-and-forth emails detailing a way too close relationship between the utility company and California's Public Utilities Commission (PUC) came to light. Three execs and a top aide at the state agency just served as the sacrificial lambs, while PG&E scurries to "put new procedures in place" before they get slammed by the suddenly less friendly PUC.

Let's see what we can learn from this mess, shall we?