Copywriter, technical writer, translator (FR>EN, ES>EN, IT>EN), journalist

Lawyers wary of new technology (cloud computing)

Law offices have long used sophisticated computer systems. Today, those systems don’t need to reside in the firm’s offices. Using cloud computing, also known as software as a service (SaaS), firms can use robust systems located off the premises.

But attorneys aren’t rushing to replace premise-based systems with cloud-based ones. Instead, many lawyers are taking “baby steps” into the cloud.

Consider Brock Smith’s case. “We don’t use any firm-wide cloud apps here,” says the Vancouver-based partner in Clark Wilson LLP’s technology and IP group.

“But I do use several personally.” Smith lists applications like the file storage and sharing service DropBox, the mind-mapping application Xmind and Remember The Milk (a task list) which “helps me figure out what I should do, or more appropriately shoud have done, today.”

Jacob Glick, Google’s Canada policy counsel, is understandably bullish on cloud computing. “It’s exciting,” he says. “It allows small firms and sole practitioners to use the same enterprise-quality tools that national and international firms have – and not just in the legal field.”

Uses in the legal field abound. For instance, online tools can serve as easy-to-use extranets that enable client collaboration and reduce the need for email. “If there was a DropBox Canada, with all servers and backups kept in Canada, that would change my perspective on the use of that product overnight,” Smith says, alluding to US Patriot Act concerns.

“For security purposes, I don’t put client information in DropBox, and I use abbreviations and codes in Remember The Milk,” he explains.

He figures lawyers would also quickly gravitate to time management tools like calendars and task lists.

Lower comparative costs for competitive services lure lawyers to the cloud. For example, Glick mentions a 2009 Forrester Research statistic claiming that GMail costs one-third the amount of traditional on-premise email systems. Such savings over premise-based systems come from avoiding costs like:

  • Buying and maintaining servers
  • Updating hardware and software
  • Paying consultants to maintain systems or, for the DIY crowd, forgoing billable hours

Cloud service vendors typically spread their overhead among many subscribers, so they can charge competitive subscription fees.

And for those loathe to give up traditionally premise-based systems like Microsoft Exchange, various vendors host those systems as well.

There is one cost cloud-dependent firms can’t avoid. “You must have a high-octane Internet connection” to handle the traffic, Smith states. Given the business lifeblood that flows through that connection, Smith recommends a firm acquire two, each one from different Internet service providers.

Healthy scepticism among lawyers may be the main barrier to SaaS. “There’s a difference between how secure a system is and how secure you can convince a lawyer it is,” Smith explains.

Dennis Kennedy and Tom Mighell support Smith’s view. The coauthors of The Lawyer’s Guide To Collaboration Tools and Technologies: Smart Ways To Work Together write “Lawyers have obligations of confidentiality and privilege, and they may be required to keep data private and secure pursuant to regulation or contractual agreement.”

Glick urges sceptics to compare the risks of services they’re considering with the risks of the tools they currently use. He notes, for instance, that many computers don’t receive the security patches they need in a timely fashion. “For most lawyers, this is not their area of expertise,” he says, adding that lost or stolen laptops, memory sticks or other devices pose greater security threats than SaaS.

Cloud computing has been on the radar of various law societies for several years. A group of vendors offering cloud solutions for small practices have even formed the Legal Cloud Computing Association to define standards and best practices.

“It’s inevitable that either lawyers or application developers will iron out wrinkles that are stalling widespread adoption of cloud computing,” Smith opines. “Within three to five years  it’ll be much more common to have cloud apps manage law firm business.”

Evaluating cloud computing services

Considering a certain cloud-based service? Start your investigation by reading its service level agreement. The SLA describes the level of service clients can expect from the service provider, covering matters like backup procedures, redundancy and disaster recovery, among others.

Use this list to help you start your evaluation.

System compatibility

“Compatibility with and conversion to other platforms can become serious issues when sharing documents and data,” write Kennedy and Mighell.

That helps explain the popularity of enterprise systems that, for instance, both allow multiple types of software to access their data and greatly simplify the import and export of data from the system.

To test how a cloud-based system handles your data, try the following steps:

  • Import some data to the system to determine how much work (if any) needs to be done to “massage” the information into useable form.
  • Export data from the cloud system into your current system to determine how easy it is to extract.
  • Connect to the system using software (including your current web browser, if applicable) you want to use to handle the data the system will hold.


To do your job, you need uninterrupted access to your information. But providers may periodically take their services “down” for preannounced maintenance, usually when traffic is low (e.g. Sunday mornings from two to three a.m.).

About uptime lingo: Cloud computing service providers explain uptime guarantees using terms like “four nines” (99.99 per cent, or an average of one minute of downtime per week) or “five nines” (99.999 per cent, or an average of six seconds of downtime per week).

Data encryption

Any data traveling between a client’s computer and a provider’s servers must be encrypted to prevent snooping.

Password policies

Two great (albeit mildly annoying) password policies cloud providers can enforce are:

  • insisting on “strong” passwords (think unintelligible strings of text, not addresses, phone numbers or pet names)
  • forcing users to change passwords regularly, e.g. once every three months.


Lawyers must be able to explain their technology choices to increasingly sophisticated clients who concern themselves with how outside counsel handles their information.

originally published in Lawyers Weekly Magazine. For a PDF of this article, click here.