Legal Must Navigate Gauntlet of Privacy Concerns to Leverage Big Data for Business Purposes

02
Apr
2013

Christy Burke

New York Times reporter Steve Lohr published an article on March 24th entitled “Big Data is Opening Doors, But Maybe Too Many” which raised issues about Big Data and privacy, invoking the ever-terrifying Big Brother reference from Orwell's future-horror novel 1984. For lawyers and legal IT professionals, the privacy side of the big data discussion is certainly a primary concern. 

Lohr recalls that big data spooked people back in the 1960's with the rise of the mainframe computer.  Mainframes caused a broad spectrum of reactions, with some factions fearing the end of privacy as mainframes ingested and produced huge amounts of data, while other groups saw the great benefits in growth and innovation that mainframes made possible.  

Even then, response to big data was mixed, but eventually people's anxiety over what privacy they would lose yielded to excitement over what they would gain, or rather their concerns were simply overruled by powerful corporations and government agencies that wanted the technology. 

Now Big Data is fully back in the spotlight.  In February, the World Economic Forum recently published a report called “Unlocking the Value of Personal Data: From Collection to Usage” that proposes technology solutions for protecting privacy.  Lohr notes that the report “recommends a major shift in the focus of regulation toward restricting the use of data.  Curbs on the use of personal data, combined with new technological options, can give individuals control of their own information, according to the report, while permitting important data assets to flow relatively freely.” 

Privacy restrictions may create obstacles for Big Data initiatives which are coming to IT's doorstep from all parts of the organization, not just IT.  According to Microsoft's “Global Enterprise Big Data Trends: 2013” February study of more than 280 IT decision-makers, only 52% of Big Data projects are being driven by IT departments.  Other big data projects are being initiated by customer care (41%), sales (26%), finance (23%) and marketing (23%).  That means at nearly half the companies surveyed, IT was not the primary department driving big data ideas - but it's likely that IT would be instrumental in actually planning and executing those initiatives, regardless of where their impetus originated.

Companies like Google and Amazon have shown the immense power of using big data for marketing and customer service purposes.  The prospect of leveraging data to stimulate customer gathering and retention is exciting, but the dilemma for legal IT professionals is whether there will be a legitimate path for using big data for business-related purposes in a law practice?  Big data has found fertile ground on the IT side for law firms, in terms of electronic discovery, management of electronically stored information, and predictive coding and analytics.  However, the legal industry has to worry not only about risk and data security issues, but also about confidentiality of their clients' information and attorney/client privilege.  

Can legal take its cue from corporate big data use for business or client relations purposes?  Rob Ameerun, editor of this publication and a former legal IT professional himself, believes the answer is no.  He thinks that legal will find its own path in regard to big data rather than following in corporate's footsteps.  He points out, “I don't think that law firms or legal IT leaders are looking predominantly to corporations for models of how to improve customer service.  The pressure to improve client service comes directly from the clients themselves.”  Ameerun thinks that big data is largely a US phenomenon right now, and that he predicts that the UK will follow next, and then Continental Europe, which he has observed to be the usual path of transatlantic technology trends.  

One of the areas where law firms can leverage big data is client relations and collaboration.  Eric Hunter, Director of Knowledge, Innovation & Technology Strategies at Bradford & Barthel, LLP, notes that law firms can learn from Google, Microsoft and Facebook, which are studiously tracking user behavior and individual searches for information, and cataloging and saving that data.  These data analytics help the companies learn how to better cater to clients' needs and more effectively interact with them.  

Hunter says that for legal IT, leveraging cloud-based collaboration is the key to harnessing big data to benefit client service.  Hunter's firm is working with legal software vendors and established enterprise software companies in the pursuit of ambitious client relationship and collaboration goals through their expanded consultancy Spherical Models, LLC.  He points out that many larger law firms have in-house resources to build their own systems, which gives them more options to customize and tailor analytics systems and tools to their exact information needs.  Bradford & Barthel (B&B) does not have in-house developers so it relies on third party expertise and innovation to drive big data analytics efforts.  With an eye on innovation, Eric and B&B's senior management team launched Spherical Models, a business model innovation consultancy focused on helping the firm's clients and corporations at large re-think their linear approaches to collaboration and social media integration as well as better leveraging big data analytics opportunities.  

When asked about the loss of privacy or anonymity that big data could pose, Hunter mentioned he is speaking on the very topic April 3rd at the LexThink.1 in Chicago - 'Big Data or Big Brother' - http://www.pointonelaw.com/big-data-or-big-brother/.  He notes, “While speaking in London in 2012, a keynote futurist described 'compliance becoming a defensive posture' and I felt struck by the relative accuracy of the statement when considering the rapidly moving integration of social consumer culture within enterprise driven culture.  From an IP and client confidentiality perspective though, firms traditionally have not had this luxury due to the risk in privacy.  However, I do think customer acquiescence to evolving privacy laws (Google & Microsoft's consumer search and collaboration platforms as examples) bleeds into everyday business culture and is certainly part of both the evolution in business practice, and the necessity for innovations in privacy laws.” 

He continues, “Efficiencies realized through big data analysis and using actionable intelligence to make future business model decisions to a great extent outweighs the associated risks.  Still, the specter of 'Big Data equals Big Brother' is also more real than ever so needs to be not only acknowledged but strategically addressed.”

From a lawyer's standpoint, the ideas of data analytics and mining can be rather disturbing because legal professionals are entrusted with the confidentiality of their clients' information.  As a result, they have a much more restricted and cautious point of view on gathering and using data.  Also, if their clients were to realize that their data was being mined in some way, the resulting loss of trust could severely damage or destroy attorney/client relationships.

David Navetta, a partner at InformationLawGroup, recently wrote a post about “The Privacy Implications of Big Data” in which he seeks to inform fellow attorneys and their clients about what big data is, at its most basic level.  Navetta mentions the enormous potential that the confluence of online marketing and Big Data represent - “the Holy Grail of marketing,” as he calls it.  Recognizing the tremendous upside, he also notes the downside - that “one of the most significant legal challenges associated with Big Data, especially on the consumer side, is privacy.”  

Navetta notes that one way for mitigating privacy-related risks associated with Big Data is de-identification or anonymization.  Data sets that are de-identified have had key information stripped away, in order to prevent others from individually identifying the persons to whom the data set relates.  This technique allows organizations to work with Big Data sets while mitigating privacy concerns, and has been used in many realms, including healthcare, banking and finance and online advertising.

Unfortunately, de-identified persons can be re-identified if the process is not done properly.  Navetta recalls several examples where researchers have been able to identify individuals who were supposed to be anonymous.

So where does this leave the legal industry for using Big Data?  Navetta says, “Law firms must be wary of data mining clients' confidential information.  Other kinds of companies may use data brokers to compile lists for marketing purposes but law firms would be running severe risks for confidentiality breach by doing this.”

Corporations may freely purchase, crunch and use data from brokers as well as wringing out the internet for the most promising nuggets they can find, but this kind of “open season” approach will probably not work for law firms.  Legal IT is almost always a lone ranger that needs to find its own way to navigate through client confidentiality, compliance and customer service issues, sometimes leaving tactics on the table that are proven in other industries but are simply too perilous to use in a legal environment.  Time will tell as to how far legal can push the envelope before they get push-back.