Coming on the heels of our Gmail Waives Privilege dialogue, I came across even further evidence of the dangers of using free email systems like Gmail. As reported in the Washington Post and published by the Houston Chronicle, for only $100 you can buy the password to a any freemail account. The article explains how a ‘woman scorned’ contacted YourHackerz.com and was able to purchase the password to her “married boyfriend’s” AOL email account. She followed that up by securing the passwords to people he emailed who used similar accounts.

We at 3 Geeks are aware that a number of state bars have opined that email has a reasonable expectation of privacy and as such is ethical to use when transmitting confidential client information. In part, the reasonable expectation comes about since it is illegal to intercept email. However, the article points out:

Federal law prohibits hacking into e-mail, but without further illegal activity, it’s only a misdemeanor, noted Orin Kerr, a law professor at George Washington University and a former trial attorney in the Justice Department’s computer crime section.

Wow … a misdemeanor.

The feds usually don’t have the resources to investigate and prosecute misdemeanors, Kerr said. And part of the reason is that normally it’s hard to know when an account has been compromised, because e-mail snooping doesn’t leave a trace.

Ethics issues aside (which still need to catch up with reality) lawyers should have their eyes VERY wide open when using these email services. In addition to email being inherently insecure, hacking freemail accounts is now as easy as buying a book on Amazon. As we’ve noted previously, the higher duty of care lawyers hold demands a higher level of practice.

Previously on 3 Geeks, we posted on the dangers of using free email services like Gmail. The basic argument is that by granting a property right to content (a.k.a. client information) to Google, lawyers risk of waiving privilege. We had an interesting set of comments come in from this post, exploring how serious this problem is. Some people thought it wasn’t a problem at all, since Google is using machines to read your content. Others thought it was similar to FedEx reviewing packages for safety. My position is that the granting of rights to your clients’ information to someone else (be it Google, Yahoo, etc.) on its face creates an ethical issue for lawyers.

To add fuel to this fire, I saw two posts this week on a related subject. In July the New Jersey courts released an opinion (Sengart v. Loving Care) where an employee was using their company laptop to communicate with their lawyer about possible litigation against the employer. At the core of this argument is that fact that employers retain property rights to any information that resides on their computer equipment. Most employment policies inform employees about this, such as the one from Loving Care.

E-mail and voice mail messages, internet use and communication and computer files are considered part of the company’s business and client records. Such communications are not to be considered private or personal to any individual employee.

Compared to Google’s TOS:

By submitting, posting or displaying the content you give Google a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive licence to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any Content which you submit, post or display on or through, the Services.

Google notes that this right is for the sole purpose of proving the Services. However, that is not much of a limiting factor. Google uses this right primarily to direct ads to its users. But I don’t see anything in the TOS that limits them to this behavior.

Although Sengart and the Google TOS situations are not entirely similar, they share that core issue of giving property rights to content to a third party in exchange for the use of the technology. The one key difference with Sengart is that the client is the one who compromised the ownership of the content. Frankly, it’s the client’s right to do this since it’s their content. But even in that situation, a lawyer would be wise to warn clients about using email in such a way that privilege is compromised.

The legal profession holds itself out as having higher duties of care when it comes to securing client information. I suggest that using free email services with a TOS like Googles’ runs counter to this professional responsibility.

A lot of us in the law firm library field have been asking for database and resource “monitoring” software for a few years now. Most of us have had our requests rejected because the cost of the software was seen as too high, or the benefits from such software were seen as too low back when the economy was booming. Now that law firms are cutting staff, attorneys, resources and salaries, some of those firms that rejected the monitoring software now understand the potential benefits that we’ve been talking about.

The Players
A little background on the big players in the database and resource monitoring world. There are really three main products out there:
1) OneLog 2) LookUp Precision 3) Research Monitor 4*) LexisNexis Cost Recovery Manager [PDF] (not really in the same league, but also used by some firms)
What is “Monitoring” Software?
The basic idea behind the monitoring software is to create an interface that tracks the usage of specific databases (i.e., Westlaw, Lexis, PACER, BNA, CCH, HeinOnline, etc., etc.) Many of these work within Internet Explorer and are fairly seamless for the person accessing the database. The last time I checked, most did not work with any other type of browser (of course, they all say they are “working on it.”) But most of the law firms are still using IE (according to my logs, many of you are still using IE6) so, that shouldn’t be a big deal for most of us. The software maintains information on:
1) Usernames & Passwords (either on a group level, or individual level) 2) Records which databases are used, by which users, and for how long 3) Restricts use of certain databases according to the license agreement (so if Partner “X” is the only person authorized to access a database, then Associate “Y” can be blocked from the application.) 4) Allows the administrator of the monitoring software to log out users remotely. Nothing is more aggravating than trying to access a database, but you can’t because someone logged in, then went to lunch without logging out. 5) Create billing reports. Instead of going through manually to bill out the PACER quarterly reports, the monitoring software will create those reports automatically. 6) Set pricing on each database. Most firms charge back for Lexis, Westlaw and PACER usage, but many do not charge back for other databases. Monitoring software would allow you to put a “per usage”, “per minute”, or “per transaction” price on any database. 7) Create a “What Isn’t Used” report. Now you can really see if that expensive database that the Practice Group Leader demanded a few years ago is really being used. When the librarian goes to the PGL and says “we are thinking of cutting this database”, and the PGL replies “Don’t cut that, I use that all the time!” Now the librarians has a way to see if that is true or not. Most of the time we know it isn’t being used, but didn’t have a good way to prove it.
Additional Ways to Use Monitoring Software
You can probably think of a few more good ways to use monitoring software. One of the ways that I’ve promoted is the “internal” resource monitoring. The IT or KM departments (or in some cases, the techie librarian) have created a lot of internal products that have great benefits to the firm. The monitoring software can be used to see what products are or are not being used, and who is using them. This can be a great resource when it comes to training, or spotting trends within practice groups on what tools are used, and what are not.
Is Big Brother Watching You?
In a word, “yes”. The initial thought behind this type of software is to save money by getting rid of databases you don’t need, or to reduce the number of users when demand for a database is low. Theoretically, it could also be used to monitor other things, such as how much time someone spends on Ebay or Craigslist. But, most IT departments can do that now, so this would just be another way of doing it.
Monitoring Software is Going to be Huge!
In a time when the fat is being cut, along with the meat, and some of the bone, monitoring software is going to be a tool of choice for many firms. The latest Law Librarian Survey mentions that many librarians are already using these tools as a cost cutting resource. The costs of just the monitoring software runs in the tens of thousands of dollars (depending upon the size of your firm, generally) and the first directive that librarians get is to cut enough in current database subscriptions to pay for the cost of the monitoring software. This is going to be one of those situations where firms will spend a little money in order to save a lot in return.

It’s been a busy week around the three geekdom. Although I couldn’t attend the ILTA 09 meeting in Washington DC, I monitored it religiously (via the #ILTA09 tag) and helped my boss prep for her back-to-back presentations on Records Management and Library Services contract negotiations. We had a Westlaw blowup mid-week, and I talked with my local Westlaw Library Relations Manager (LRM) yesterday and we had a nice discussion about what the LRM’s are doing to work with law librarians. So, getting on the bus this morning, I thought that I didn’t have anything to blog about other than TGIF!! But, as usual, I was wrong.

I mentioned a few post ago that I was reading Sir Ken Robinson’s book The Element. As I was reading it this morning, I read one of those sentences that makes you sit up and say “Wow!” (If I were a child of the 60’s I’d have said “whoa… that’s deep, man.”)

“… conformity has a higher value than diversity.”

Although Ken (he lives in America now, so I refuse to call him ‘Sir’ Ken) was talking about primary and secondary schools, this could actually apply to many facets of life, and I’m tying it to some of the conformity we have in law firms.
There are a lot of us that are pushing Enterprise 2.0 tools within the law firms. The reason many of us believe this will be a great resource for everyone in the firm is the fact that it gives a voice to everyone. Conformity equals the standard monthly or quarterly meeting, diversity equals wikis, blogs and other social media tools that allow you to put your ideas forth at any time.
Another standard idea within law firms is the establishing of a committee to plan how the firm will handle an issue. Committees are made up of individuals who represent various divisions within the firm (Partners, Associates, Counsel, C-Levels, Directors, Managers, etc.) and even each of those represent certain practice areas or departments. Committees equal conformity, Teams equal diversity. When you set up a committee the members are focused first on how to best represent themselves, their individual departments or groups, their peers, then the firm – in that order. Teams are set up to go the opposite way. Look at the process in a more holistic fashion — how it affects the many, rather than the few.
Those seven words made me sit up and think about how we can look at what we are doing in a different way. Enterprise 2.0 tools and Teams are just two examples. The next time you approach a project or think about the process you use to perform your tasks, ask yourself are you valuing conformity or are you valuing diversity?

As I watched the #ILTA09 session tweets roll by from @VMaryAbraham, I just got more and more disgusted. Not at Mary, mind you (she was rockin’ with the informative tweets), but rather at the presenter Jason Dorsey and his message. Now, I must give a full disclaimer here and say that I was not in the room for the presentation, but I did watch an interview with him after the session on ILTA TV, and the interview seemed to back up Mary’s Tweets. Jason Dorsey calls himself the “Gen Y Guy”, talks about the differences between the generations in his presentations, and I hear he’s a great presenter. If I get a chance to see him present at another conference, I will make every attempt to be there.

[Creative Commons photo from Lorchaos]
Now that all of the praise is out of the way, I’m going to say that the message I read from Jason’s presentation was one of stereotyping, oversimplification of generational differences, and taking simple known facts and leaping to conclusions about entire sections of our population. In other words, Jason (and many other of the self-help presenters out there) wants to give you a short presentation that will help you compartmentalize people that you work with. When he is finished, you will now have a better understanding of why a Gen Y person is one way, while the Gen X and Boomers are another. Perhaps your Human Resources department has put on one of these little shows at your office. We all walk away with a better understanding of why “Bob is a jerk” and “Sally is lazy.” It isn’t because they have bad personalities or habits… it’s because they are of a particular generation.
I’m always worried about labeling people, and I’m really concerned about labeling groups of people. The labels tend to be too broad, and overly simplistic. It is like taking the Myers-Briggs Type Indicator (MBTI) tests and saying that everyone fits within four distinct boxes out of a total of 16 potential boxes. The personality tests, and the generation “generalization” can help define how someone might perform as a worker, but I’m always afraid that sessions like these create situations where we stereotype entire groups of people and make it too easy for someone to be labeled as “blank” Generation with “blank” MBTI, therefore slap “blank” label on them.
I have to agree with something I read from Ken Robinson, in his book The Element. Robinson talked about trying to label someone with the 16 categories of the MTBI. “My guess is that sixteen personality types might be a bit of an underestimate. My personal estimate would be close to six billion.” The reason behind this is when you start to place people in boxes it tends to close doors on people rather than opening them.
I understand that Jason Dorsey pulled his research from over 500,000 interviews of Gen Y’ers, and used a lot of research conducted by Strauss and Howe, so I’m not doubting that he’s done the research. However, I did hear Jason give an example in his live interview of how Gen Y’s have a unique experience that helps explain their impatience. He roughly said that Gen Y’s are the first generation to enter the workforce with no expectation of staying with the same company for 30 years and retiring. I can only talk anecdotally here, but from what I remember, the 30 years and retire has been a dying or dead idea for nearly 30 years now. Do I have to start singing Billy Joel’s Allentown from 27 years ago?
Presentations like Jason’s are good exercises in “generalities”, but not for individual application. Be very careful not to over generalize entire groups of people. Remember they are individuals, with individual experiences and capabilities — treat them as such.

When I was in the US Army, we used to have a saying: “Do not tick off the Mess Cook, the Supply Sergeant, or the Payroll Officer.” The reason was simple… you didn’t want to worry about what was in your food, pay for items that were mysteriously signed out to you and then lost; or, find that your check got routed to Ft. Dix, NJ and will make its way back in a couple of weeks. None of these guys were your boss, or even that high ranking a soldier. However, they had power and could use it in ways that could make things difficult for you if they wanted.

Think of that saying when you read this little email advertisement that was sent out by someone at Westlaw.

“Are You On A First Name Basis With The Librarian? If so, chances are, you’re spending too much time in the library.”
This little doozey was making its way around the law-lib listserv on Monday and was causing quite a stir on at least one blog. Although this is a pretty poor advertisement, I don’t think they meant it the way it came out. A fact which was verified by Anne Ellis later on Monday.
Here is what the ad department at Westlaw was probably trying to say: “If you’re a lawyer, you shouldn’t rely solely on the law librarian to pull your documents or do your research.” That would actually be a great ad.
This contentious ad seems to promote the idea that the librarian is a resource of last resort. Of course, this flies in the face of the argument that most librarians (including myself) tell their lawyers and paralegals, which is: “if you cannot find what you are looking for in a short period of time, call the law librarian for help. Chances are he or she has already researched that topic and can point you in the right direction.”
I’m pretty sure that the genesis for the Westlaw ad was the fact that the sales reps from the legal research providers see the librarians as “gatekeepers.” All of us know how frustrating it can be to deal with gatekeepers, whether it is a certain secretary, paralegal, junior partner, etc. So, in a way, I can understand how the creator of this ad came up with the idea, but the fact that they actually sent this thing around as an email was just bad judgement. You can criticize gatekeepers all you want to your friends and colleagues, but for goodness sakes, don’t put it in an email and broadcast it.
Just like with my Army buddies at the mess hall, the supply room or the payroll office, law librarians have a job to do, and as a general rule, we do it well. So, let’s be a little more careful with how you think lawyers should be using the librarian as a resource in your next ad.

As I was following some of the ILTA ’09 Conference chatter, I read something from David Hobbie that caught my attention. David was quoting Kevin O’Keefe‘s comment of “thought leaders will blog because of their insatiable desire to learn.” I thought that was a pretty good quote, so I retweeted it with a comment of “(so true!)”. Within a few minutes, Jeff Gordon (the licensing handbook guy, not the racer) challenged me on that saying that he thinks “thought leaders will COMMENT when they want to learn. Blogging isn’t learning (even if you have to do research).”

This had me scrambling to make sure that my definition of ‘Thought Leader’ was correct. [I’d hate to be the guy from Princess Bride yelling “Inconceivable!”] So, I quickly went to Wikipedia and got the definition:

Thought Leader – A person who is recognized among peers and mentors for innovative ideas and demonstrates the confidence to promote or share those ideas as actionable distilled insights.

My definition was a little simpler: “A person who comes up with some good ideas, and like spaghetti, throws them against a wall to see what sticks.”
In my retweet I was thinking that the blog could equal the wall, and the sticking would be the ability for the thought leader’s ideas to stand up to the comments of his or her readership. In a way, you could think of it as a “quasi peer-review” process. A great example of this would be my co-blogger Toby Brown’s post on GMail and Privilege. Toby threw his ideas of what happens when you combine legal ethics rules against a Terms of Service agreement from an email service provider. He tossed out his interpretation on the blog (for God and everyone to see), and found that his peers both agreed and challenged him on his interpretation.
Jeff is correct in that Thought Leaders do tend to ‘comment’ more than they teach on their blog, but in a way they are challenging their readership to either accept their comments as a great innovative idea, or to point out the flaws in their ideas. In the “old days” we would have to meet them face-to-face or write them letters or emails to engage in the discussion. Those conversations, however, would be limited to the audience in attendance or would simply be a one-on-one conversation. With blogs, those leaders can be engaged in multi-party conversations over a period of time.
Now, I might be stretching the definition of “Thought Leader” slightly (or in Toby’s case… enormously!), but I do think that blogs are an excellent platform for though leaders to discuss their ideas and generate feedback from their peers. If you fall under my loose definition of “thought leader”, I expect to see some spaghetti sticking on the walls of your blog.

Interesting turn of events: Vogue model Liskula Cohen won the right to force Google to unmask a blogger who defamed her character.

Taking a turn from Toby’s previous post on Google’s Gmail, I have to raise an eyebrow.

On the one hand, Google claims that they have a right to scan all of your e-mail for advertising opportunities but then when someone uses their blogging forum to castigate someone, the big old “privacy” walls come down.

You can’t have it both ways, Google.

Turns out that we the people have bought into “the man” now called Google.

Oh. Yeah. Our blog is on Blogger. I guess we are biting the hand that feeds us. Oh, wait, is that dog food ad I see? 😉

If you are like me, you spend most of your time “reacting” to the demands of the day. People walk into my office, call me on the phone, or email me requests all day long, and I (like the good little automated message that I am) try to answer them in the order they were received. When I go home at night, I generally quote one of my favorite Thurgood Marshall sayings to myself — “I did the best I could with what I had.” This usually satisfies that little voice in my head that wonders if I could have approached a project in a different way, or made a better decision if I had more time. Unfortunately, my little voice hit me with a different question — “Hey, shouldn’t you be teaching these requesters how they can answer some of these questions themselves?” (darn little voice….) [Photo Credit to wstryder (creative commons)]

The little voice was right, of course. Especially since it was referring to the fact that there are some specific questions that I handle over and over again. In this instance it is a generic question of taking a huge list of company names and finding a way to quickly identify which of these companies has every hired the firm to represent them. For anyone that has had to deal with the mixture of business development, marketing, competitive intelligence or records departments within law firms, this is a question you’ll get a lot.
I created a pretty good solution to this almost two years ago. I created a MySQL database that stored some basic client information, indexed it, and then placed a simple (yet superb!) PHP web front end on the database that allowed me to copy and paste the names of the companies and do a quick search on our index to see if they matched. I even created some fancy “fuzzy” logic buttons that really stretched the idea of “best guess” results (but was still effective in finding matches.) I demonstrated the database, passed out the link to the different departments so that they could run these searches themselves, and I’ve used it quite a few times. But… (and here’s the morale of this story) I never really followed up with anyone, or did any additional training on the product after that initial introduction. I just assumed people were still using it and it was such a great product that obviously they would understand how to use it, remember it was there when they needed it, and gush over how smart I was for having come up with this great product.
My first clue that I was assuming incorrectly should have been the lack of my not winning the “Internal Product of the Year Award”. The second clue should have been the fact that people were still coming to me with this same request. But, I, like many people, don’t actually see the big picture until I got someone (usually an “angry someone”) telling me that they spent hours doing this project and it would have been nice if I’d have shown them this product before they wasted all their time on it. Somehow my pointing out to them that I showed them this two years ago doesn’t seem to fly as a good excuse on why I haven’t followed up with anyone since.
The good news is that I get to reintroduce my great product and train people on how to use it. I’ll probably do a cool little video screencasting of my desktop to show them exactly how to use the product for some “on demand” training. And in a few months, I’ll follow up with everyone to see if they are still using the product. I’ll also expect to be in the running for the “Internal Product of the Year Award.”
My little voice is still telling me that I should have been more proactive over the past two years and made sure that the product was being used and that people understood it. It is pretty darn hard to be proactive in the reactive world where we work. But, the little voice is right, and I’ll learn from this lesson to work harder at being a little better at recognizing when it is time to stop feeding my folks fish, and instead teach them how to fish for themselves.

Recently I noticed a resurgence of the debate on the wisdom of lawyers using hosted, freebie email accounts. The basic concern has been about the security of these types of email addresses. It is quite easy to spoof one of these addresses and intercept communications. As well Twitter can testify that once cracked, the passwords for these sites are quite useful for other hacking.

An avid Gmail user myself, I was recently accessing my account via browser, and noticed the text-based ads. After some various testing, it became apparent Google was ‘reading’ my email to present ads relevant to the topics of my email. In one example, I could tell Google knew the content from the message body versus just the subject line.

After a gentle reminder from my 3 Geeks co-blogger Lisa, I went and re-read the Terms of Service (TOS) from Google, followed by the same from Yahoo. Both services retain rights to any Content that touches their services, including communications (a.k.a. email).

Google TOS:

8.3 Google reserves the right (but shall have no obligation) to pre-screen, review, flag, filter, modify, refuse or remove any or all Content from any Service.

11.1 By submitting, posting or displaying the content you give Google a perpetual, … free … licence to … any Content.

17.1 [a]dvertisements may be targeted to the content of information stored on the Services, queries made through the Services or other information.

Yahoo TOS:

6. You acknowledge that Yahoo! may or may not pre-screen Content, but that Yahoo! and its designees shall have the right (but not the obligation) in their sole discretion to pre-screen, refuse, or remove any Content….

And from the ABA Model Rules of Professional Conduct:

Rule 1.6. (a) A lawyer shall not reveal information relating to the representation of a client unless the client gives informed consent ….

So beyond the security concerns, it appears that the use of popular, free email services for client communications is a violation of ethics rules since lawyers are revealing client information to a third party.

If you didn’t have enough reasons for moving to a secure email address on a domain you own, you can now add “getting a letter from Discipline Counsel” to the list.