The Legal Tech-To-English Dictionary: Cybersecurity

Ed. Note: This is the latest edition of The Legal Tech-to-English Dictionary, part of our Non-Event for Tech Perplexed Lawyers. Jared Correia is hosting the non-eventcast.

There is a term for lawyers using Latin and other obscure languages ​​to describe legal processes to consumers: “Legal”.

But there is no similar term for vendors using technical and other obscure languages ​​to describe their legal software operations for attorneys.

It is true that this dynamic may seem unfair. But now we have the Legal Tech-to-English Dictionary to help us deal with it.

Read on for the latest edition where we translate privacy related topics into plain English.

For more commentary on Legal Tech, see the latest issue of Non-Event for Tech Perplexed Lawyers.

PID

1. “Personally Identifying Information” or confidential information and sets of information that can identify an individual or company and sensitive information relating to that person or company.
2.
Legally protected data or data sets to which companies must apply an increased level of security.

client: Big! I look forward to working with you.

attorney: Can you just email me your credit card information so I can process your retention?

client: Um, I’ll get back to you …

See. American Bar Association Formal Ethics Opinion 477, indicating that much of an attorney’s responsibility regarding data security comes from state law.

WISP

1. “Written information security program” that identifies sensitive data within an organization, gaps that may exist for unauthorized persons to access the sensitive data, and how those gaps are closed.
2.
A data security program.

Attorney 1: Okay, I finished the WISP.

Lawyer 2: Great, bring it in and I’ll have a look.

. . .

Lawyer 2: Uh, what is that?

Attorney 1: Waffles in strawberry puree (WISP).

Lawyer 2: Alex, did you even study law?

See. This Massachusetts Government Guide to Creating a Data Security Program can be a useful starting point for law firms in creating a WISP.

For many law firms as mysterious as the “will-o’-the” version.

Malware

1. Software that is intentionally designed to damage a computer system.
2.
A contraction of “malicious software”.

Attorney 1: Malicious software? That’s why I was against the internet from the start, Sharon.

Lawyer 2: Uh, there is software that detects and prevents malware, and we can also provide training for employees to help them identify potential malware.

. . .

Lawyer 2: What are you doing, Lester? Are those secateurs?

Attorney 1: I cut the internet cable in my office.

Lawyer 2: You are connected via WiFi.

See. Ransomware is a particularly stubborn form of malware, coupled with a ransom note, as in the Colonial Pipeline Hack.

Password management

1. The process by which businesses and individuals create, store, and enter system passwords.
2.
A program for managing passwords in a company.

Attorney 1: Hey, Alice. . . that bright red book on your desk that says ‘PASSWORDS’ in gold leaf. . . Do it actually Contain your passwords?

Lawyer 2: No.

Attorney 1: Oh good.

Lawyer 2: I used to do this because I had so many different passwords to remember. Now I only use one password for everything. It’s my dog’s name, Cecilia.

Lawyer 2: Here are a number of posts I made about her on social media.

Attorney 1: Oh God.

See password management tools such as LastPass make creating and managing passwords a lot easier for individuals and businesses.

Data leak

1. Unauthorized access to confidential or private information.
2.
An incident where confidential information is accessed or used without authorization.

Attorney 1: It’s not that easy to say, Jim, but I think our systems have been breached.

Lawyer 2: Okay okay. I have this.

Lawyer 2: Nobody needs to know about it. Burn all desktops.

Attorney 1: Most of our data is in the cloud.

Lawyer 2: Then BURN THE CLOUD.

Attorney 1: I’m not sure you understand how this works.

See. Almost every US state has a notification law that specifies which people and entities a company must notify in the event of a data breach. Then burn the cloud.

Jared Correia, a legal technology consultant and expert, hosts the Non-Eventcast, the Above the Law non-event podcast for tech-savvy lawyers.

Comments are closed.