Law in the Internet Society

View   r3  >  r2  >  r1
AngeloAngelinoSecondEssay 3 - 17 Jan 2020 - Main.AngeloAngelino
Line: 1 to 1
 
META TOPICPARENT name="SecondEssay"

Lawyers, Risk Aversion, and Privacy.

-- By AngeloAngelino - 06 Dec 2019

Lawyers are risk averse. An attention to privacy is a means to avoiding risk. So why aren’t more lawyers private?

Added:
>
>
  I think it is a fair assumption to say that many (if not most) lawyers are risk averse. From the safety that comes with deciding to enroll in law school, the three years of legal “training” that highlight an adversarial system that assigns blame to the ‘loser’, the security that comes with having a coveted degree in a not always certain economy, and a career built off of mitigating risk for deep pocketed clients, potential attorneys are not only initially more likely to be risk averse but are also conditioned throughout law school and their legal career to cultivate that aversion. Despite the tedious study period for the LSAT and the three grueling years of law school, the decision to go to law school, for many people (including myself!), is the easy way out. 
 
Changed:
<
<
I think it is a fair assumption to say that many (if not most) lawyers are risk averse. From the events in someone’s life that leads them to consider law school, the safety that comes with deciding to actually enroll in law school, the three years of legal “training” that highlight an adversarial system that assigns blame, and the security that comes with having a coveted degree in a not always certain economy, potential attorneys are not only initially more prone to developing an aversion to risk but are also conditioned to cultivate that aversion. Despite the tedious study period preceding the LSAT and the three sometimes grueling years of law school, the decision to go to law school, for many people (including myself!) was the easy way out.
>
>
One way to avoid risk is through ensuring privacy. Encrypting emails prevents undesired third parties from viewing, changing, or otherwise disrupting the confidential communication between the sender and their intended recipient. Connecting to the internet through a VPN masks your location, data, and content of your activity. To mitigate the risk of a data breach or the sale/use of a detailed log of your personal/professional search history and patterns, it seems to be a logical next step to adopt these protective measures to ensure privacy. 
 
Changed:
<
<
I also think it is a fair assumption that an attention to privacy is a means of avoiding risk. Encrypting emails prevents undesired third parties from viewing, changing, or otherwise disrupting the confidential communication between the sender and their intended recipient. Connecting to the internet through a VPN masks your location, data, and content of your activity. If you are of the belief that a lack of privacy is a risk, perhaps in the form of a data breach or the sale/use of a detailed log of your personal/professional search history and patterns, it seems to be a logical next step to adopt these protective measures to ensure privacy.
>
>
As risk averse individuals, it would follow that lawyers should be willing to adopt these protective measures to safeguard privacy, either for themselves or for their clients. Secrecy, anonymity, and autonomy are all essential components in a lawyer fulfilling their fiduciary duty to their client. However, from my experience with lawyers, privacy concerns are rarely even considered. On a smaller scale, too often you hear of law firm attorneys sending confidential emails intended for internal distribution to opposing counsel. By mandating the encryption of confidential emails, law firms would not only be promoting the general safety of that information but also more simply would decrease the rate of emails being sent to the wrong person by requiring a sort of authentication process. On a larger scale, with increased scrutiny in data privacy and security, corporations are increasingly making efforts to protect their data. But what good are those efforts if their law firm has all of the same information in an unprotected state? In the business of risk mitigation, law firms are enhancing risk exposure for their clients. 
 
Changed:
<
<
As risk averse individuals, it would follow that lawyers should be willing to adopt these protective measures to ensure privacy, either for themselves or for their clients. Secrecy, anonymity, and autonomy are all essential components in a lawyer fulfilling their fiduciary duty to their client. However, from my experience with lawyers, privacy concerns are rarely on the radar. On a smaller scale, too often you hear of firms sending emails to opposing counsel. This wouldn’t be a problem if they encrypted their emails as that would require a sort of three step authentication system: 1) adding the public key of their client/desired recipient, 2) putting the desired recipients email address, and 3) securing the email by clicking on the lock in the corner. If they accidentally put the wrong email, let’s say of an opposing counsel, the lock wouldn’t appear and they would know that the inputted email is wrong. On a larger scale, with increased scrutiny in data privacy and security, corporations are increasingly making efforts to protect their data. But what good are those efforts if their law firm has all of the same information in an unprotected state? In the business of risk mitigation, law firms are enhancing risk exposure for their clients.
>
>
In this context, I think it is interesting to look at the world of finance. If anything, many aspects of the banking industry promotes risk taking, and yet, financial institutions spend a significant amount of time and money on privacy and security. I don’t think this is a perfect comparison as I think their adoption of privacy measures to avoid risk comes is a business decision resulting from extensive federal regulation that could expose them to significant (sometimes personal) liability. The legal industry, on the other hand, lacks a similar level of federal oversight. But given the risk-averse nature of lawyers, should a federal authority even be necessary for a change in practices?
 
Changed:
<
<
In this context, I think it is interesting to look at the world of finance. If anything, many aspects of the banking industry promotes risk taking, and yet, financial institutions are some of the most private out there. I don’t think this is a perfect comparison as I think their adoption of privacy measures to avoid risk comes from federal regulation that could expose themselves to significant liability, while the legal industry lacks a similar level of federal oversight. But given the risk-averse nature of lawyers, should a federal authority even be necessary for a change in practices?
>
>
It is difficult to find constructive information about what lawyers do truly think about the intersection of privacy and risk aversion. Law firms have presentations or fact sheets urging the adoption of privacy measures – but who knows if they actually comply with it themselves. Even more than that, if they didn’t comply with those standards, there is no way that they would admit to it.
 
Changed:
<
<
I’m honestly not sure where there is a logical break. Perhaps lawyers are not as risk averse as I thought they were. Maybe it’s more of an aversion to change? Encryptions services, VPNs, and other means of ensuring your privacy in an increasingly un-private world are still considered “new” despite them being around for years. There are likely few scenarios where lawyers are the first adopters of new technology, and I don’t see this being one of them. Or maybe they are exactly as risk averse as I thought they were, and instead the discrepancy could be in a lack of understanding of the technology that makes lawyers perceive a sense of risk in the adoption of these practices. From an unknowing lawyer’s perspective, not adopting these measures towards privacy both for themselves and their client is the best effort in mitigating risk and fulfilling their fiduciary duty to their client. Either way, I find it concerning that lawyers and law firms that they comprise are unable or unwilling to adopt at mass scale what seems like such an obvious step (in many cases an obvious FIRST step!) in providing legal services to your client. Maybe my view of the lawyer-client relationship will change once I begin my legal career, but in the meantime it is uncomfortable knowing that many of my peers don’t feel similarly.
>
>
I’m honestly not sure where there is a logical break. Perhaps lawyers are not as risk averse as I thought they were. Maybe it’s more of an aversion to change? Encryptions services, VPNs, and other means of ensuring your privacy in an increasingly un-private world are still considered “new” despite them being around for years. There are likely few scenarios where lawyers are the first adopters of new technology, and I don’t see this being one of them. Or maybe they are exactly as risk averse as I thought they were, and instead the discrepancy could be in a lack of understanding of the technology that makes lawyers perceive a sense of risk in the adoption of these practices. From an unknowing lawyer’s perspective, not adopting these measures towards privacy both for themselves and their client is the best effort in mitigating risk and fulfilling their fiduciary duty to their client. Either way, I find it concerning that lawyers and law firms that they comprise are unable or unwilling to adopt at mass scale what seems like such an obvious step (in many cases an obvious FIRST step!) in providing legal services to your client. Maybe my view of the lawyer-client relationship will change once I begin my legal career, but in the meantime, it is uncomfortable knowing that many of my peers don’t feel similarly.
 
Deleted:
<
<

A reasonable set of questions. What might the next draft stronger is an effort to find some information about what lawyers do think about privacy in their practices. Has anyone done any serious looking? Or is it all market research for "practice law on your iPad" CLE courses?

I think, to give my own view of the matter based solely on my tiny personal experience, that lawyers' risk aversion primarily expresses itself in fear of the unknown, and an overwhelming inclination to avoid subjects they don't understand. So in all corporate and organizational settings, the lawyers tend to be the most retrograde when it comes to tech.

  \ No newline at end of file

AngeloAngelinoSecondEssay 2 - 10 Jan 2020 - Main.EbenMoglen
Line: 1 to 1
 
META TOPICPARENT name="SecondEssay"

Lawyers, Risk Aversion, and Privacy.

Line: 15 to 15
 In this context, I think it is interesting to look at the world of finance. If anything, many aspects of the banking industry promotes risk taking, and yet, financial institutions are some of the most private out there. I don’t think this is a perfect comparison as I think their adoption of privacy measures to avoid risk comes from federal regulation that could expose themselves to significant liability, while the legal industry lacks a similar level of federal oversight. But given the risk-averse nature of lawyers, should a federal authority even be necessary for a change in practices?

I’m honestly not sure where there is a logical break. Perhaps lawyers are not as risk averse as I thought they were. Maybe it’s more of an aversion to change? Encryptions services, VPNs, and other means of ensuring your privacy in an increasingly un-private world are still considered “new” despite them being around for years. There are likely few scenarios where lawyers are the first adopters of new technology, and I don’t see this being one of them. Or maybe they are exactly as risk averse as I thought they were, and instead the discrepancy could be in a lack of understanding of the technology that makes lawyers perceive a sense of risk in the adoption of these practices. From an unknowing lawyer’s perspective, not adopting these measures towards privacy both for themselves and their client is the best effort in mitigating risk and fulfilling their fiduciary duty to their client. Either way, I find it concerning that lawyers and law firms that they comprise are unable or unwilling to adopt at mass scale what seems like such an obvious step (in many cases an obvious FIRST step!) in providing legal services to your client. Maybe my view of the lawyer-client relationship will change once I begin my legal career, but in the meantime it is uncomfortable knowing that many of my peers don’t feel similarly. \ No newline at end of file

Added:
>
>

A reasonable set of questions. What might the next draft stronger is an effort to find some information about what lawyers do think about privacy in their practices. Has anyone done any serious looking? Or is it all market research for "practice law on your iPad" CLE courses?

I think, to give my own view of the matter based solely on my tiny personal experience, that lawyers' risk aversion primarily expresses itself in fear of the unknown, and an overwhelming inclination to avoid subjects they don't understand. So in all corporate and organizational settings, the lawyers tend to be the most retrograde when it comes to tech.

 \ No newline at end of file

AngeloAngelinoSecondEssay 1 - 06 Dec 2019 - Main.AngeloAngelino
Line: 1 to 1
Added:
>
>
META TOPICPARENT name="SecondEssay"

Lawyers, Risk Aversion, and Privacy.

-- By AngeloAngelino - 06 Dec 2019

Lawyers are risk averse. An attention to privacy is a means to avoiding risk. So why aren’t more lawyers private?

I think it is a fair assumption to say that many (if not most) lawyers are risk averse. From the events in someone’s life that leads them to consider law school, the safety that comes with deciding to actually enroll in law school, the three years of legal “training” that highlight an adversarial system that assigns blame, and the security that comes with having a coveted degree in a not always certain economy, potential attorneys are not only initially more prone to developing an aversion to risk but are also conditioned to cultivate that aversion. Despite the tedious study period preceding the LSAT and the three sometimes grueling years of law school, the decision to go to law school, for many people (including myself!) was the easy way out.

I also think it is a fair assumption that an attention to privacy is a means of avoiding risk. Encrypting emails prevents undesired third parties from viewing, changing, or otherwise disrupting the confidential communication between the sender and their intended recipient. Connecting to the internet through a VPN masks your location, data, and content of your activity. If you are of the belief that a lack of privacy is a risk, perhaps in the form of a data breach or the sale/use of a detailed log of your personal/professional search history and patterns, it seems to be a logical next step to adopt these protective measures to ensure privacy.

As risk averse individuals, it would follow that lawyers should be willing to adopt these protective measures to ensure privacy, either for themselves or for their clients. Secrecy, anonymity, and autonomy are all essential components in a lawyer fulfilling their fiduciary duty to their client. However, from my experience with lawyers, privacy concerns are rarely on the radar. On a smaller scale, too often you hear of firms sending emails to opposing counsel. This wouldn’t be a problem if they encrypted their emails as that would require a sort of three step authentication system: 1) adding the public key of their client/desired recipient, 2) putting the desired recipients email address, and 3) securing the email by clicking on the lock in the corner. If they accidentally put the wrong email, let’s say of an opposing counsel, the lock wouldn’t appear and they would know that the inputted email is wrong. On a larger scale, with increased scrutiny in data privacy and security, corporations are increasingly making efforts to protect their data. But what good are those efforts if their law firm has all of the same information in an unprotected state? In the business of risk mitigation, law firms are enhancing risk exposure for their clients.

In this context, I think it is interesting to look at the world of finance. If anything, many aspects of the banking industry promotes risk taking, and yet, financial institutions are some of the most private out there. I don’t think this is a perfect comparison as I think their adoption of privacy measures to avoid risk comes from federal regulation that could expose themselves to significant liability, while the legal industry lacks a similar level of federal oversight. But given the risk-averse nature of lawyers, should a federal authority even be necessary for a change in practices?

I’m honestly not sure where there is a logical break. Perhaps lawyers are not as risk averse as I thought they were. Maybe it’s more of an aversion to change? Encryptions services, VPNs, and other means of ensuring your privacy in an increasingly un-private world are still considered “new” despite them being around for years. There are likely few scenarios where lawyers are the first adopters of new technology, and I don’t see this being one of them. Or maybe they are exactly as risk averse as I thought they were, and instead the discrepancy could be in a lack of understanding of the technology that makes lawyers perceive a sense of risk in the adoption of these practices. From an unknowing lawyer’s perspective, not adopting these measures towards privacy both for themselves and their client is the best effort in mitigating risk and fulfilling their fiduciary duty to their client. Either way, I find it concerning that lawyers and law firms that they comprise are unable or unwilling to adopt at mass scale what seems like such an obvious step (in many cases an obvious FIRST step!) in providing legal services to your client. Maybe my view of the lawyer-client relationship will change once I begin my legal career, but in the meantime it is uncomfortable knowing that many of my peers don’t feel similarly.


Revision 3r3 - 17 Jan 2020 - 16:14:47 - AngeloAngelino
Revision 2r2 - 10 Jan 2020 - 11:08:27 - EbenMoglen
Revision 1r1 - 06 Dec 2019 - 18:57:06 - AngeloAngelino
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM