This article was originally published in the September/October 2021 issue of San Diego Lawyer Magazine.
By Bill Kammer
Every Algorithm Has a Point of View
Lawyers are faced with a barrage of recommendations and advertisements for tools and software powered by artificial intelligence (AI). The caption for this paragraph is the title of a 2017 article presented to a national conference of law librarians (https://scholar.law.colorado.edu/articles/723/). Its core argument was a reminder that algorithms were originally written by humans, who brought to the task technical skills, but also certain assumptions and biases. When vendors claim “Powered by AI,” the wise customer asks for an explanation of that artificial intelligence component and a description of its contribution to the product. For trial lawyers who might want to use AI-generated evidence in hearings and trials, that inquiry and knowledge could be critical to its introduction. Before its admission, the advocate might have to survive a prior Daubert challenge.
Whatever Happened to Watson?
Where has IBM’s Watson gone? Ten years ago, in a celebrated contest, Watson defeated Ken Jennings, the greatest Jeopardy player of all time. Advocates suggested that Watson was a technological advance that would transform and evolve industries. With limited exceptions, that has not happened. Watson was based on an algorithm designed to detect patterns of words to predict answers to questions. That engineering did not automatically lend itself to other industrial situations, however, because of the point of view ingrained in the algorithm.
Phishing and Human Error
Some estimates suggest that 80% of all malware and ransomware incidents result from human error. Constant training remains mandatory and is perhaps the only effective technique to counter those threats. No method or training, however, guarantees a perfect defense, so phishing remains a common gateway to infiltrate stored data. This can produce malware and ransomware results. The 2021 Verizon Data Breach Investigations Report found that phishing was present in 36% of breaches, up from 25% the year before (https://enterprise.verizon.com/resources/reports/2021-data-breach-investigations-report.pdf).
Ransomware Redux
Newspapers and messages constantly emphasize the threats represented by ransomware cybercriminals, particularly when the incident encrypts all data on a victim’s computer and servers. In theory, everyone should have an incident response plan and access to immediate technical support. Immediate questions include whether a ransom should be paid; whether supplied decryption keys will work; and whether employees, clients, or authorities must be notified. Attorneys and firms must have readily available backups insulated from the encryption evolution. Even mounting backups to get back in business may require sophisticated analysis because modern malware may have arrived with a timer for delayed release. That malware might simply reside on the chosen backup, awaiting activation when the backup is moved online.
Sophos publishes an annual ransomware report that recently surveyed 5,400 organizations. One-third of the respondents reported ransomware hits last year, and half of those hit reported that their data was encrypted (https://secure2.sophos.com/en-us/content/state-of-ransomware.aspx). We’d best be ready with a workable solution to that threat.
Pandemic Ironies
During the past 18 months, attorneys have learned about working from home, virtual desktops and meetings, virtual discovery, and virtual ADR and trials. Some might have also learned how to use technology they never used before March 2020. So much so that the pandemic has a silver lining. The ABA’s recent profile of the legal profession reported that many senior lawyers have adapted well to these new technologies and improved their satisfaction of the ethical responsibilities to understand and utilize technologies in their law practices (https://www.americanbar.org/news/reporter_resources/profile-of-profession/).
eDiscovery Education
Many vendors try to sell us eDiscovery MCLE, but ironically there is even more information freely available delivered via emails, blog posts, podcasts, and webinars. One recently posted and comprehensive free asset is the student workbook that Craig Ball provides to his law school students at Texas: over 500 pages of wisdom and references that everyone, from tyro to veteran, will find a remarkable resource (http://www.craigball.com/Ball_ESI_Workbook_UT_SPRING_2021_VER%2021.0214.pdf).
Password Fatigue
I know when I write about passwords I may be repeating myself. My past recommendations have included password managers and passphrases. The latter would be a string of words or phrases, rather than passwords that look like “3%9E^i7YPt”. The federal government’s National Institute of Standards and Technology (NIST) first recommended passphrases in 2017. This blog post explained its reasoning: https://www.nist.gov/blogs/taking-measure/easy-ways-build-better-p5w0rd. Now the British National Cyber Security Centre (NCSC) has joined in with an informative posting of their own: https://www.ncsc.gov.uk/blog-post/the-logic-behind-three-random-words.
Audio and Video Discovery
A prime example of “new” Electronically Stored Information (ESI) is the growing accumulation of audio and video files. The volume of data stored in those files has grown substantially in recent years because of the growing use of internal and external security cameras and routinely recorded telephone conversations. Similarly, enterprise and personal usage have produced the phenomenal growth of Zoom and Microsoft Teams use during the pandemic months, including storage of many recorded sessions. Attorneys cannot ignore this evidence, but the discovery raises new challenges and considerations. Manual review of this information can be time-consuming and expensive, though help may be on the way. Vendors are rapidly developing products that use AI to locate relevant portions within the mass of recorded information, obviating the theoretical need for lineal human review. But even once located, there remain significant challenges involved in privilege and relevance reviews and subsequent production of that ESI. For instance, that data may require conversion so it can be loaded into the platforms attorneys have traditionally used for those stages of the Electronic Discovery Reference Model (EDRM); or the tools themselves may require modification to accept the new ESI for analysis.
Bill Kammer (wkammer@swsslaw.com) is a partner with Solomon Ward Seidenwurm & Smith, LLP.