The most widely read magazine for Canadian lawyers
Issue link: https://digital.canadianlawyermag.com/i/1240413
56 www.canadianlawyermag.com OPINION BACKPAGE You're already in the cloud Is cloud computing safe for lawyers to use? It's a moot question for a whole new generation THE YOUNG people with whom I work (and they all seem so young now) tell me that both their "apps" and their data are already stored "in the cloud." As the resident techno- curmudgeon at almost any job I have ever had, I ask the question "What does it mean to be 'in the cloud' and why should I go there?" I was surprised by the answers. As explained to me, being "in the cloud" is now very common and simply means any application where the operating software and/or the data it generates is stored on somebody else's server (not stored locally on the user's own hard drives) and is accessed through the internet using a browser or mobile application. They then go on to explain to me that that the cloud in this context may be "private" (where the servers are owned by a software provider) or "public" (where the servers are rented from a larger cloud provider such as industry leaders Microsoft, Google and Amazon). Whether private or public, these servers are not the users' own hard drives back on Main Street! According to the ABA's 2019 Legal Technology Survey, slightly more than half of (American) lawyers surveyed said that they used at least some legal software that was "in the cloud." There is no reason to believe that Canadian lawyers would be much different, but this self-identification may be somewhat misleading because a lot of lawyers may already be far more in the cloud than they think they are. For instance, Microsoft Word is perhaps the most ubiquitous application that used to be entirely desktop based (where the application and the data it created were stored on one's own computer), but it is now, with the introduction of the Microsoft 365 environment, entirely cloud based (there is no software installed on one's own computer anymore, the data is stored in Microsoft's One Drive servers, and both the data and the software are now accessed through the internet). Likewise, lawyers who use Gmail, Dropbox, Evernote and Clio, etc. are already cloud-based lawyers, whether they know it or not. As an industry, lawyers trail both consumers and general business users in embracing cloud computing. Despite the many benefits of this technology, when surveyed, lawyers as a group seem reluctant about cloud-based computing largely because of data integrity and data security issues. While, by definition, there is a loss of control of the data when it is stored on somebody else's servers, the irony, of course, is that cloud-based servers have proven generally more secure and safe than desktop hard drives and other local data storage systems. The backup in the cloud is in real time and more reliable than manual local backups, and the sheer technological sophistication of the large cloud service providers has proven so far to be a formidable foe to potential hackers. Furthermore, lawyers as a group, while most concerned about data integrity and security, are also among the worst users in terms of even the most basic data security protocols when tasked with maintaining their own data ("but I don't want to keep changing the password!!"). To complicate matters, the United States just passed new legislation, aptly named The CLOUD Act (The Clarifying Lawful Overseas Use of Data Act), allowing the long arm of U.S. Manifest Destiny to reach into and extract data from any American server situated anywhere in the world. Of course, there are procedural safeguards and this is admittedly a broad brush of a complex piece of extraterritorial legislation, but the U.S. has clearly signaled its intention not to be bound by the physical location and local laws of cloud servers when seeking to subpoena data from American cloud service providers such as Microsoft, Google and Amazon. This might be very relevant to Canadians sensitive to aggressively inquisitive U.S. authorities and to the many governments and governmental agencies that place a premium on data sovereignty as a matter of principle. Indeed, many industry pundits feel that the aggressive extraterritorial reach of the CLOUD Act may usher in the rise of a wholly domestic Canadian cloud service and software-as-a-service industries to challenge the market hegemony of the big American public cloud providers. So, there you have it — to cloud or not to cloud, you are probably already there. Jeffrey W. Lem is a Toronto lawyer and former bencher of the Law Society of Ontario. The views in this article are his personal views alone. Despite the many benefits of this technology, when surveyed, lawyers as a group seem reluctant about cloud-based computing largely because of data integrity and data security issues.