On July 21, 2017, the New York Times reported a legal nightmare.
Wells Fargo, the nation’s third-largest bank, accidentally released 1.4 gigabytes of files containing confidential information on its wealthiest clients. A lawyer handling a defamation suit for a former bank employee received the data dump, which included financial spreadsheets, Social Security numbers and portfolio details for about 50,000 bank customers holding “tens of billions of dollars” in investments, according to the Times.
Following the blunder, legions of lawyers mobilized to examine information security at their organizations. Twenty years ago, few such legal jobs existed. Fifteen years from now, they’ll be abundant and fundamental to legal practice.
The challenges of preserving, collecting, processing and analyzing information are opening opportunities in law and changing how attorneys serve clients.
“E-discovery and digital forensics are wonky areas of the law with their own precedent and rule-making,” said Johnny Lee (J.D. ’99), principal and national practice leader of the forensic technology services practice at Chicago-based accounting firm Grant Thornton. “The more integrated tech becomes in business, not just in law, the greater the need for lawyers with information specialties.”
The e-lephant in the room
For many years, organizations faced a choice: buy more storage space for information, or be more strategic with its governance.
As Lee puts it, “Nobody ever got fired for buying more space.” The net result of this decision was that businesses eventually owned lots of costly, duplicative — and risky — information.
Lawyers increasingly found themselves sifting through these digital landfills. Some wanted ways to responsibly reduce volume (and risk), others searched for “smoking guns” that might create risk for the organization, and still others sought evidence tied to litigation agendas.
The legal challenge of how to smartly manage information has grown more daunting by the terabyte.
“Let’s face it,” said Lee, “record-retention policies are actually record-destruction policies, as they authorize the routine, defensible destruction of information no longer deemed necessary for an organization to retain. If companies followed their record-retention and record-destruction policies, the digital haystacks would be much smaller.
“By the metrics in most industry studies, organizations could eliminate nearly 70 percent of the information they don’t need to hold except for business, statutory or litigation reasons. Accordingly, the organizational risk diminishes with every deleted item.”
Four frontiers of opportunity
The Great Recession forced many law departments in big business to slash costs. The website for Exterro, makers of e-discovery and information governance software, summarizes this shift: “A 2012 study by Rand Corp., ‘Where the Money Goes,’ found that outside counsel typically consumed about 70 percent of total e-discovery expenditures … Companies realized they could control costs … if they performed more of the activities themselves.”
Today, lawyers can find job opportunities in four areas of specialization:
Regulatory compliance. “Especially,” Lee said, “where record-keeping is poor and the objective is to help establish what regular practice has been at a given organization.”
Regulatory enforcement. Forensic data analysis can establish whether an organization has met its responsibilities in reporting and/or in monitoring suspicious activities.
Whistleblowing and fraud. Collecting data from various sources and aggregating it into a common, searchable repository allows digital forensics to provide unique insights.
Theft of intellectual property or data breaches. Forensic preservation, collection, aggregation and interrogation of data can establish what really occurred in a suspicious instance, allowing organizations to pursue claims, confirm recoveries and guard against data compromises in the future.
Trends mean change
Lawyers like Lee work one side of the e-discovery fence, collecting, managing, analyzing and making sense of complex data.
Todd De Jong (J.D. ’09) works another side with King & Spalding, the renowned Atlanta-based law firm. He combines a background in IT (eight years at IBM before law school) with seven years of document review and project management in complex commercial litigation.
At King & Spalding, De Jong and some 130 other attorneys search data haystacks with predictive coding and other tools, looking for the proverbial needles that satisfy discovery obligations. King & Spalding pioneered this work, first offering e-discovery legal services 22 years ago.
Many graduates start careers with e-discovery jobs. De Jong feels that a rising technology aptitude in our culture, especially among younger people, could open even more first-job opportunities, De Jong said.
“Traditionally, document review was seen as something that could be farmed out to inexperienced contract attorneys,” he said. “But now we are seeing more ‘hybrid’ attorneys with technology backgrounds. They specialize in the e-discovery management of complex projects, and they work both for law firms and legal service providers.”
De Jong sees two trends shaping e-discovery and digital forensics.
First, he cites a wave of mergers and acquisitions. In October 2016, LDiscovery paid $410 million to purchase Kroll Ontrack, creating an e-discovery giant with 12,000 clients in 19 countries. That blockbuster deal followed a $1 billion purchase in July 2016 of Epiq Systems, another e-discovery and complex data firm, by OMERS Private Equity and Harvest Partners.
“We now have billion-dollar e-discovery companies, growing and changing and evolving,” De Jong said. “Still, it’s up to law firms to manage relationships with these vendors and provide what clients need in complex legal circumstances.”
Another trend? Internationalization.
“During my first years with King & Spalding, I’m not sure I heard of anyone working on international cases. Now we have folks who regularly travel abroad to do e-discovery work,” De Jong said.
The lawyer remains accountable
As legal practice adapts to new technology, one thing should stay constant — the attorney’s stewardship role.
“I don’t know that we’ll reach a point where every lawyer needs to be a technology-savvy technician,” Lee said. “But I’m quite sure that every practicing litigator in a law practice 10 years from now will need some familiarity with e-discovery and digital forensics principles, at a level at least sufficient to guide specialists in their work and meet their duty of competence to their clients.”
As Lee puts it, “No matter who’s looking through the information, it will ultimately be the lawyer’s job to make sure the integrity and quality of the work is unimpeachable. That’s not going to change.”