May/June 2019

Hot Buttons

Vetting Technology: A Herculean Task

Sharon D. Nelson & John W. Simek

There are thousands of stories of lawyers who ill-advisedly purchased technology or technology services. Let’s start with one such story starring a very successful and highly respected lawyer whom we will dub Joe.

Joe noted correctly that his website traffic was falling off a bit and determined that he would find a new website designer who could redo his site and take care of his search engine optimization (SEO). Off he went to a legal conference in Florida where he ran into a very personable salesman who worked for a website design/SEO company.

The salesman promised him the sun, the moon and the stars. Joe knew nothing about website design or SEO, but he really liked this fellow and he believed his promises. He signed an expensive contract and waited. It wasn’t long before his website, which had declined in Google searches under the previous vendor, absolutely hit rock bottom. Joe was losing the steady stream of clients previously provided by his website. Though we never investigated the reason, we suspect that “black hat” SEO may have been used and that Google, which scans for prohibited SEO tactics, therefore punished Joe’s firm by dropping him in its rankings.

That’s when we got a call. Joe knew we didn’t do website design/SEO, but he knew we had a lot of knowledge about it. And, by this time, his law firm was really suffering. So he contracted for a few hours of consulting work to locate a local firm (since outsourcing to India for these services is usually a really bad idea).

We knew of a good local web design firm known for high-quality SEO that had previously done such work for a number of law firms. We set a meeting with Joe and the web design company and attended the meeting as well. Why? We were there to ask the hard questions, to understand the technology being employed, to nail down the pricing and services offered, and—always important—to act as a BS filter.

The meeting went well. The firm made good on its promises, and Joe’s website began soaring in the Google rankings. His stream of clients from the website increased steadily, and Joe was soon looking for new lawyers.

Lessons From Joe

Many vendors sell snake oil. Charming they may be, but you’re not buying charm. Salespeople who staff conferences don’t necessarily understand the technology they are selling—they can demo it, but they didn’t do the coding. Just try asking them hard questions about the cybersecurity built into their products. You are likely to get a deer in headlights look as they summon two canned sentences from their training. What salespeople do understand is that their employment depends on making sales.

Joe should have been humble about his knowledge (or lack thereof). It was a smart move to hire someone who knew the field but did not have a dog in the hunt because we weren’t selling the services Joe was looking for. The cost to Joe was about six hours of time. The results paid that bill many times over. No matter where you are located, there are people who are qualified to help you find the right technologies and the right vendors.

Tips for Getting It Right

In the situation above, expert advice from an outside firm without any interest in the outcome was the solution. But there are many other things you can do to vet technology.

Colleagues are a great reference source. They too have no dog in the hunt; they just want to help a colleague by telling them how a particular product they have used was god-awful—or that it’s the best thing since sliced bread. They can also tell you how much it has really cost them over time.

If you are lucky enough to be in a state with a practice management advisor or two in your state bar, they are a tremendous source of good advice. It is their job to keep themselves updated on technology for law offices, and most of them are very good at matching lawyers with the right technology at the right price. You may even have the fringe benefit of being in a state where the state bar has worked with a vendor to provide discounts for its members.

Every year the ABA does a survey of legal technology being used. The 2018 ABA Legal Technology Survey Report is out and available at the ABA website. Two cautions here. The first is that lawyers tend to be laggards when it comes to adopting new technology, so the survey results are not necessarily helpful in deciding what technology you should invest in today. But they will give you an overall sense of mainstream legal products and services. As the survey is very expensive, we counsel lawyers to look for online summaries of it. The price of those is just right—they’re free. And, to the ABA’s credit, it too has published free summaries, once again available at its website.

We would be remiss if we didn’t mention our own book, which is the only annual guide to legal tech that we are aware of. The 2019 Solo and Small Firm Legal Technology Guide is available at americanbar.org/products. Just enter the title in the search area.

Additional very helpful resources include other Law Practice Division books and CLEs, as well as webinars put on by the Legal Technology Resource Center. We routinely read LP’s Law Practice Today online newsletter and Law Practice magazine for quality information relating to the selection of technology for law firms.

For ABA TECHSHOW 2018, Darla Jackson, Natalie Kelly and Jim Calloway submitted an excellent set of materials titled “How Do I Chose? Selecting and Implementing Law Practice Technology,” also available at the ABA website. It’s crammed full of useful information and, at 17 pages, is much more than we could fit in a column!

Do You Need a Mercedes, Or Will a Hyundai Do?

Lawyers often overbuy—or they are oversold. Let’s talk about case management for a moment. Clio has one of the best case management systems around, but it can do so much and hooks into so many other programs that it is naturally a more expensive solution. There’s a cost to being rich in features. We recommend it very frequently.

But if your wallet won’t afford it, you might do some comparison shopping and find that you are just fine with good case management systems like Rocket Matter, MyCase or many others at a much lower price point. That is especially true if you are a solo or small-firm lawyer—or just starting out. “Bare bones” may be all you can afford, and it may be enough.

Is "Some Assembly Required" Problematic?

You’d be surprised at how completely befuddled some lawyers are by new technology. So if you answered yes to the question posed in this subheading, you may want to look for something simple, easy to implement and use. Not all technology in a law firm needs to be complex.

Still, you are going to find that installing and configuring technology may require assistance from an IT consultant. That’s okay, even though there are initial costs, but only if you can take it from there without a lot of difficulty. This is where demos can be enlightening. You can watch how easy (or not) it is to perform certain common functions in your office. That’s the part that is critical to you. Someone else can do the setup for you.

What Does Ethics Have to Do With Technology?

These days ethics has a lot to do with vetting technology. As we write, 36 states have thus far adopted the duty of technology competence. You can’t just blindly and randomly select technology. Nor can you use technology that is no longer supported. We write the previous sentence knowing full well that we see lawyers all the time who are still using Windows XP. Because it’s no longer supported, it’s no longer receiving security updates. And then there’s the pesky change to Rule 1.6 of the ABA Model Rules of Professional Conduct (also now adopted by a majority of states), which states that “[a] lawyer shall make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client.” Have you made “reasonable efforts” to abide by this duty if you are using unsupported software not receiving security updates? Absolutely not. So, if you are using Windows XP or any other unsupported software, it’s time to upgrade.

When you do acquire new technology, you must always consider how it will protect the security of confidential data you hold—or not. This is critically important in a world where so many lawyers are turning to cloud-based products. You need to do some due diligence, which means (especially if the vendor wants information from you) that you should have a nondisclosure agreement in place. It also means asking questions like these:

  • Is the vendor accustomed to working with law firms and aware of lawyers’ ethical duties?
  • If the vendor will be holding your confidential data, is it encrypted in transit and in storage? How is it backed up? Multiple locations within the U.S. are preferred.
  • Has the vendor had an independent, third-party audit and, if so, can you have access to it?
  • Does the vendor do background checks on its employees?
  • If the relationship doesn’t work out, how do you terminate the contract? Are you committed for a given period of time?
  • How is the data returned to you? In what format? Is there a cost?
  • Does the vendor offer a service level agreement if there are problems?
  • Will the vendor provide references, preferably from law firms?
  • How long has the vendor been in business?
  • Is the vendor financially sound?
  • Is its online reputation good? (This you can check yourself.)
  • Are the terms of service reasonable? Yes, we know you never read the terms of service, but it’s time to start!
  • What are the costs? Be sure to look for hidden costs or escalation clauses.
  • Does the vendor have an incident response plan in place in case of a cyber attack or data breach?
  • Does the vendor use multifactor authentication?
  • Does the vendor follow industry standard best security practices? It should say that in the contract.
  • Does the vendor carry third-party cyber liability insurance?
  • Is it stated clearly that your data belongs to you?
  •  In the event of a dispute, what happens (i.e., arbitration or litigation), and where does it happen? 
  • If you need to be compliant with particular laws or regulations, is the vendor also compliant with them? This is important! One of our favorite quotes is from Former Deputy Attorney General Paul McNulty: “If you think compliance is expensive, try noncompliance.”

If you need extra help with cybersecurity questions, you should ask. The ABA has a Cybersecurity Legal Task Force’s “Vendor Contracting: Cybersecurity Checklist” that may be found at the ABA’s website.

Final Thoughts

Vetting legal technology is a pain in the rear when you are trying to run a law practice. Vendors have become less and less transparent about their pricing, which is an additional hindrance. They often want you to watch a demo or a webinar before they talk costs. Because of that, Googling for solutions tends not to work very well since you can’t filter by pricing. But there is a true return on the investment of your time—a more efficient and profitable law practice, which also provides better client service. That’s a win-win!

Sharon D. Nelson

Sharon D. Nelson is a practicing attorney and the president of Sensei Enterprises Inc. She is a past president of the Virginia State Bar and the co-author of 16 books published by the ABA. snelson@senseient.com

John W. Simek

John W. Simek is vice president of Sensei Enterprises Inc. He is a Certified Information Systems Security Professional and a nationally known expert in the area of digital forensics. He and Sharon provide legal technology, information security and digital forensics from their Fairfax, Virginia, firm. jsimek@senseient.com