If there is one thing the Indian legal industry isn’t known for, it is its ability to ditch traditional modes of operation. While the recent pandemic has highlighted a need to keep up with the times, the adoption of technology remains an uphill battle.
Firms In India need to ensure that their exaggerated fears regarding security and privacy aren’t holding them back from enjoying significant savings and opportunities to scale up. A perfect example of this is the non-migration to cloud computing which is leading to severe opportunity costs.
As per Microsoft Azure, a leading provider, “Cloud computing is the delivery of computing services—including servers, storage, databases, networking, software, analytics, and intelligence—over the Internet (‘the cloud’) to offer faster innovation, flexible resources, and economies of scale.”
According to Forbes, compared to running an on-premises data center, shifting to the cloud offers a better return on investment and a lower total cost of ownership to the tune of 30-60%.
These percentages come from replacing CapEx expenses for equipment and software with OpEx expenses which are predictable recurring subscription fees. Even the smallest of moves like switching to a cloud-based productivity suite such as Microsoft’s Office 365 leads to a reduction in the total cost of ownership for firms.
But to address the elephant in the room, the majority of cloud-based providers employ military-grade physical protection for their premises. They have protocols for disasters where they can quickly and transparently transport your data securely to another data center. They also employ a large number of security experts who continually ensure that their data is at no risk. With the offer of role-based access controls, cloud servers provide legal firms with far better security and control over their data than they would get through their in-house servers.
Legal firms in India are aware that when they store sensitive data on their servers, they are completely accountable for it. They must ensure that data is secure by installing updates, fighting attacks, and continuous maintenance of the physical hardware. By switching to the cloud, these responsibilities transfer to the cloud provider leaving firms to focus on what they do best- serve their clients’ legal interests. According to the ABA Legal Technology Survey 2018, 31% of lawyers surveyed advised that the primary reason that their firms made the move from premise-based software to cloud-based software was because it provided better security, than they were able to provide in-office.
Apart from security benefits, shifting to the cloud allows legal firms to enjoy remote collaboration across geographies and to scale up seamlessly. It also helps them provide a more client-friendly experience. As per the 2020, Legal Trends Report, firms using online client portals received 11% more casework than other firms in 2019. And, in 2020, firms using online client portals received 17% more new casework per lawyer in April.
However, there are a few challenges that legal firms especially, must remain cognizant of when they switch to the cloud. Standard consumer-grade cloud solutions rarely meet the confidentiality regulations and compliance requirements that govern legal data in India. Uploading sensitive client data that does not meet these requirements could lead to a violation of current laws. Using a cloud provider that extends robust security protocols across devices including smart phones and tablets is also vital.
Another key challenge that Indian legal firms face, is the absence of a comprehensive and overarching legal framework that governs or offers safeguards for cross-border transfer of data, while maintaining user privacy. While the EU and the US are governed by the Safe Harbor Framework, the 1995 Data Protection Directive, and the more recent Privacy Shield, India is yet to develop an approach to securing the cross-border transfer of data.
Jurisdiction and sovereignty over data in the cloud is a global grey area that requires immediate attention.
The nature of cloud storage leads to data being stored in fragments across multiple geographies with different jurisdictions. While India’s IT Act does provide for extra-territorial jurisdiction, it does not offer a comprehensive solution.
The limitations of the Indian IT Act and the absence of a regulatory framework that deals with minute data issues, leaves clients at the mercy of the contractual provisions contained in the cloud provider's service level agreement (SLA). The SLA gives service providers the upper hand, when it comes to controlling sensitive data, and their inability to separate non-personal and proprietary personal information allows them to subject it to the same ownership standards.
It is not just India that is grappling with these issues, regulators around the world are scrambling to put regulatory safeguards in place and work out bilateral agreements across borders and with private service.
As long as Indian law firms do their due diligence when it comes to the service provider’s policies and standards, cloud-based computing is comprehensively a better solution that pays off dividends across time in saved costs and ease in scaling up.
About the Author:
Priyanka is the COO at Manupatra Information Solutions P Ltd, India a 22 year old legal-tech firm which pioneered Online legal research in India, and specializes in designing and developing technology products to simplify operations for professionals in the legal ecosystem.