By Mark Richman.
From an operational standpoint, legal organizations have got their work cut out for them on multiple fronts. As the guardians of sensitive and privileged content, law firms, corporate legal departments, and other legal organizations are frequently the targets of bad actors who would like nothing more than to get their hands on that information.
At the same time, the compliance landscape is rapidly evolving, with new data privacy and protection regulations seemingly popping up every week. GDPR is hardly the only law that legal organizations need to worry about not running afoul of these days.
It is precisely due to the breadth and depth of these challenges that an innovative approach to operations is required. Far from being pie-in-the-sky, much buzzed about innovations and technologies ranging from blockchain to cloud are an opportunity to deliver practical benefits around ongoing operations and security.
An Opening for Blockchain? Any discussion of blockchain’s potential in the legal sphere should start with a quick note of clarification: blockchain is not the same thing as cryptocurrency, although they are related.
Cryptocurrency has been the first widely deployed application of blockchain technology, but it is far from the only use case.
Blockchain is essentially a distributed ledger with several distinguishing characteristics. For starters, it is decentralized, meaning that no single authority is “in charge” of a transaction. The second main characteristic is data immutability, meaning that when transactions are put onto the blockchain, the architecture is such that the transactions in the chain cannot be modified as every transaction is validated by other participants in the network via a consensus mechanism.
Think now of the legal world. Legal organizations – and many of the customers and industries they serve – fundamentally rely upon some kind of permanent record or chain of custody around a series of events, whether that’s around a legal or financial transaction, or around the history of a document or an email chain.
For any of these events, there is a need to have assurance that the chain of custody around that content is preserved, which is something that blockchain is uniquely well positioned to provide given its ability to maintain a secure, immutable, and transparent record of transactions of any kind.
Where might things go from here? Right off the bat, one can see where blockchain can provide the immutability that firms are looking for when it comes to record declaration and similar activities.
Even more exciting, some blockchain networks provide for the ability to create smart contracts. For those who may not be familiar, a smart contract is simply a computer program that lives on the blockchain that can execute a series of transactions based on a pre-defined set of rules. Think of a deal closing or some other kind of transaction.
The parameters of the transaction are built into the smart contract, and that contract then becomes a self-executing event that whose activity is recorded on the blockchain without the involvement of any intermediary. These blockchain-based ‘smart contracts’ have considerable potential over time to fundamentally change the way that many parties interact with digital content.
Additionally, the cryptographic foundation of blockchain will provide enhanced visibility and transparency around attempts by bad actors to tamper with data or otherwise corrupt the blockchain system. Consider it another tool in the toolbelt for organizations looking to secure their data.
For these reasons – alongside future applications of blockchain that haven’t even been thought of yet, due to the newness of the technology – technology vendors will increasingly take advantage of the unique capabilities that blockchain can provide and actively utilise this technology within their systems and solutions to bolster the capabilities they can deliver to legal organizations.
Tackling a Global Governance Challenge
Cloud has long been an important element key to successful operations for legal organizations. Increasingly, however, there is a recognition that not all clouds are created equal – and that in particular, dealing with the compliance challenges of today’s world requires a modern and innovative cloud.
Alongside GDPR, individual countries across the globe, from Japan to South Africa, are developing their own data protection and privacy laws. Complying with these regulations requires organizations to ensure that their cloud services provider both stores and processes data in the proper jurisdiction. Achieving that end requires a flexible, distributed cloud architecture.
Since most legal organisations don't have the time or money to invest in infrastructure in multiple corners of the world each time a country comes up with their own privacy regulation, a distributed cloud – one that leverages a cloud vendor with a broad global footprint – is key to responding to new privacy laws as they emerge and keeping data “in region”.
Making sure data stays within a particular jurisdiction isn’t just a matter of storing it in particular country, however. A legal organisation also needs to ensure that all processing of that data takes place in region as well. Performing indexing, OCR, preview, or other services outside of the region – even if the data remains stored in region – may represent a breach of compliance.
Simply put, compliance demands that data remain within a specific jurisdiction and not leave it at any point – which is precisely why a distributed cloud architecture is necessary.
Of course, having a distributed (rather than centralized) cloud architecture means a greater potential surface area for bad actors to attack. This means that organizations need a distributed cloud that takes security best practices like Zero Trust architecture and Zero Touch administration into account, to help remove vulnerabilities that could lead to a breach.
Similarly, the performance of a cloud matters and can’t simply be disregarded in pursuit of these other goals. Keeping data in region around the world while not impacting end user performance requires a modern cloud
architecture that has specifically been architected to simultaneously address data residency restrictions and performance requirements. Innovation is the key that makes this happen.
A Way Forward
Legal organizations face many operational challenges, but an embrace of innovation helps point a way forward. From blockchain to cloud, there are opportunities for legal organizations to capitalize on new and innovative technologies and to derive lasting benefit from them in the years to come, to their continued advantage.
About the author
With over 20 years of product management experience, Mark Richman, Principal Product Manager, Cloud Platform at iManage, has an established track record of building and launching SaaS based cloud solutions. In addition to his 10 years with iManage, Mark spent several years growing and scaling three different technology start-ups in the B2B and B2B2C spaces.