I'll take a shot at a couple of chunks of this one...
>
>My initial reaction to that conclusion is, let's not be so hasty. Sometimes
>1+1 equals 2, when other times 1+1 equals more than 2 ... here I think it
>only equals 2. By that I mean just because there have been some breaches
>with some products, doesn't necessarily mean that the entire approach is
>problematic. Lawyers/law firms should be very thoughtful about their use of
>the cloud, but I can't see any overwhelming reason to avoid it nor do I feel
>that its mere use constitutes, in fact, a breach of confidentiality nor does
>it necessarily imply negligence with regard to their ethical duties.
>
1+1 is 2, period. Too much time around engineers and scientists. This is a
case of Risk Management, just like offsite storage of physical format
records. If you enter into a contractual agreement with ANY service
provider, you have an obligation to evaluate any potential risks and either
protect yourself against them, or accept them as being less risky than the
benefits you gain from them.
I agree that the use of cloud storage in and of itself may not constitute a
breach of confidentiality, but it may result in acceptance of a risk that is
greater than the need to protect that confidentiality.
>The trick to the issue is two fold: 1) how the lawyer/law firm interprets
>the phrase "reasonably practicable", and 2) how they go about their due
>diligence with regard to selecting and using clouds.
>
The most critical thing here would seem to be having a clear definition of
the cloud and understanding how it functions. There are private, public,
quasi-public and other forms of clouds. Many organizations operate private
clouds, which are essentially virtual server farms behind firewalls that no
one else has access to, only those who are employed by the firm. Even in the
case of Google Docs, there are organizations who have internal clouds where
the Google Apps are installed, and the data is managed... they pay a higher
cost to manage the services as a private entity, but they still may see some
economies of scale.
Once you leave this closed environment, your risks change... and depending
on how the cloud is defined and operated, they can increase exponentially.
>
>The impact of lawyer ethical obligations on RIM is my current "for fun"
>research focus and is a topic I am using for some writing and potential
>speaking engagements. Would love to hear any feedback folks have on the
>issue of cloud computing and lawyer ethics - lawyer or not. Perspectives
>other than mine are wholeheartedly encouraged!
>
My understanding of ethical issues related to how lawyers handle information
deal a lot more with privacy and intent, not as much as they do with the
practices in which data storage would be carried out. This seems much more
like a business operations issue, and naturally, the firm/attorney would
need to weigh in on the risk associated with any exposure of the information
to unauthorized parties, but similar to how Rule 26 issues are handled, an
ESI data map would seem to be the starting point to investigate any risks of
the network communications system, cloud, a hard wired server, a disk array
or any other form of storage.
And nope, I'm not one either, NOR did I sleep at a Holiday Inn Express last
night, so YMMV.
Larry
[log in to unmask]
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]
|
