Tag Archives: Encryption

Law Firm Email Encryption – Are You Ethically Compliant?

11 Thursday May 2017

Posted by in Clouds, Confidentiality, Emails, Ethics Opinions, Law Office Management, Legal Ethics, Legal Technology, Rules of Professional Responsibility, Technology, Technology

Comments Off on Law Firm Email Encryption – Are You Ethically Compliant?

Tags

, , ,

ABA Issues New Ethics Opinion on Encryption of Attorney-Client Email, Jim Calloway’s Law Practice Tips Blog

http://bit.ly/2qy8J2a

Does your state have an ethics opinion about encryption of your firm’s email? Do you use encryption? Do you use a secure cloud based platform? If you are not sure, don’t you think you should check?

Most law firms frequently use email over fax and regular mail to communicate with their clients, their expert witnesses, and opposing counsel. What is your obligation to ensure confidentiality of your firm’s email, and are you meeting it?

The ABA’s ethics opinion is instructive, as well as the Texas ethics legal opinion referred to by Mr. Calloway at the end of his post. -CCE

What Is A “Zero Knowledge” Cloud And Why You Should Care.

24 Wednesday Dec 2014

Posted by in Clouds, Confidentiality, Document Retention, Law Office Management, Legal Ethics, Legal Technology, Malpractice, Technology, Technology

Comments Off on What Is A “Zero Knowledge” Cloud And Why You Should Care.

Tags

, , , , , , ,

‘Zero Knowledge’ Encrypted Cloud Service Sees Business Boom, by Steven Nelson, U.S. News & World Report

http://tinyurl.com/q9fj4l8

If you have been paying attention, you have heard about “zero knowledge” clouds — and you are thinking about changing from Drop Box or other clouds that can access the information you put in them. If you know nothing about zero knowledge clouds, don’t stop here. Read more about them, and decide whether it is time for your firm to change to a more secure cloud platform. -CCE

File-storing service SpiderOak says it’s experiencing a business boom – rapidly nearing one million users and doubling its site metrics in six months – amid a constant trickle of news reports revealing Internet surveillance by the government.

Files stored using SpiderOak are encrypted and their contents unknown – and unknowable – to the company. Sharing such files will soon be ‘zero knowledge,’ too, as the company prepares to roll out Crypton, its open source app-building framework, which will be publicly available within the next couple months.

‘Essentially what we did was we inverted the Internet,’ says CEO Ethan Oberman. ‘We created a world where the server is actually a big dumb machine. It only sees encrypted data blocks.’

A free version of the file-hosting service offers 2 GB of storage in exchange for a name, email address, username and password.

‘We don’t really fact check that information,’ Oberman says.

The company does know the IP address of users, he says, but IP-masking browsers – such as Tor – can conceal that information as well, making it possible to store files without disclosing any identifying information.

If the government were to come to the company with a valid legal demand for data, Oberman says, ‘We could turn over the data, but it is literally in encrypted data blocks and not decryptable by us. The only way it’s decryptable is if you have the key, which we do not maintain.’ . . .

Is Email Between You And Your Client Safe? No, And This Is Why.

01 Monday Dec 2014

Posted by in Android Phones, Apple, Blackberry Phones, Clouds, Confidentiality, Emails, Encryption, iPad, iPhones, Legal Ethics, Legal Technology, Malpractice, PC Computers, Technology

Comments Off on Is Email Between You And Your Client Safe? No, And This Is Why.

Tags

, , , , , , , ,

How to Encrypt Attorney-Client Communications, by Lisa Needham, Lawyerist Blog (with hat tip to Allen Mihecoby, CLAS, RP!)

http://tinyurl.com/kfrpqz3

If you have decided you need to get serious about client data protection, you will need to consider encrypting both your data and your communications. We have previously covered how to encrypt your data and will focus here on how to encrypt your email communication.

What Is Encryption?

Simply by using the Internet, you are probably using some sort of encryption scheme during some activities, whether you know it or not.

Encryption is simply the act of turning your data into unreadable gibberish. If your data is intercepted or hacked, the thief now has nothing but a pile of garbage.

End-to-end encryption is a must for transferring sensitive data across the internet. In end-to-end encryption, your data is encrypted while it travels towards your intended location and the same encryption occurs on the reverse trip. Your bank (hopefully) uses end-to-end encryption. Your practice management software (hopefully) uses end-to-end encryption if it stores and syncs data remotely. This sort of encryption is done for you without any effort on your part, as it is just a standard feature of the infrastructure you are using to bank or update client data or similar activities.

Why Do You Need to Care?

A few years ago, the ABA issued a formal ethics opinion stating that if there is a significant risk that a third party might gain access to the email, attorneys have to warn clients about that risk.

This poses a problem, because unlike your bank and practice management software, email is usually unencrypted. This is true whether you are using a desktop client or a web-based email like GMail. . . .

The Hole In Mobile Security Making Your Phone An Easy Target.

15 Sunday Jun 2014

Posted by in Android Phones, Cell Phones, Cybersecurity, Encryption, Fraud, Identity Theft, iPad, iPhones, Legal Technology, Malware, Tablets

Comments Off on The Hole In Mobile Security Making Your Phone An Easy Target.

Tags

, , , , , , , , , , , , , , , , , , ,

Here’s One Big Way Your Mobile Phone Could Be Open To Hackers, by Steve Henn, All Tech Considered, NPR

http://tinyurl.com/l2re8ll

Despite the fact that every major Internet provider has added some kind of encryption to its services over the past year, tracking your online traffic is easier than you think.

And you don’t have to be the target of the hacker or the NSA for your traffic to be intercepted. There is a hole in mobile security that could make tens of millions of Americans vulnerable.

Unsecure Wi-Fi networks have been a well-known vulnerability in the tech industry for years. They can let even the most unsophisticated hacker capture your traffic and possibly steal your identity. . . .

Five Excellent Search Engines That Do Not Track Or Collect Your Data.

25 Sunday May 2014

Posted by in Legal Technology, References, Research, Search Engines

1 Comment

Tags

, , , , , , , ,

5 Alternative Search Engines That Respect Your Privacy, by Chris Hoffman, How-To-Geek Blog

http://tinyurl.com/c3trrdn

Recently I posted about DuckDuckGo, a search engine that did not collect data about you like most major search engines. This post also mentions DuckDuckGo but four others as well that will not track you:  Start Page™, ixquick™, Blekko, and Ask.com.

I admit that DuckDuckGo is my favorite, but the others are well worth your time and attention. -CCE

Google, Bing, Yahoo – all the major search engines track your search history and build profiles on you, serving different results based on your search history. Try one of these alternative search engines if you’re tired of being tracked.

Google now encrypts your search traffic when you’re logged in, but this only prevents third-parties from snooping on your search traffic – it doesn’t prevent Google from tracking you. . . .

Apple Fixes NSA Encryption Security Flaw.

24 Monday Feb 2014

Posted by in Apple, Apps, Cell Phones, Encryption, iPad, iPhones, Legal Technology

1 Comment

Tags

, , , , , , , , , , , , , , ,

Apple Fixes Security Flaw In iOS, Perhaps Thanks To Snowden?, by Jeff Richardson, iPhone J.D. Blog

http://tinyurl.com/lmnrlvr

Apple releases minor security updates for the iPhone and iPad from time to time.  When folks ask me if they should upgrade, I virtually always say yes.  Why not have an iPhone that is more secure, and less likely to be hacked by bad guys?  So this past Friday afternoon when Apple released iOS 7.0.6 and said that it was a security update, I updated my devices but otherwise did not think much of it.  (And no, you did not miss an update if, like me, you went from iOS 7.0.4 to 7.0.6; 7.0.5 was only released for iPhones sold in China.)

But over the weekend, there were two posts about this update by John Gruber of Daring Fireball (Post 1, Post 2) that I thought were pretty interesting.  According to PRISM documents leaked by Edward Snowden, the NSA gained the ability to intercept encrypted iPhone traffic in October of 2012, and that’s apparently right after the bug fixed by iOS 7.0.6 was introduced.  As Gruber notes, this could mean all sorts of things.  It could mean that someone at Apple intentionally added a backdoor for the NSA.  Or it could mean that someone at Apple made a simple coding mistake but the NSA found out about it and exploited it.

Or it could just be a big coincidence, but there is at least a chance that Apple has now found and fixed a security bug that had been exploited by the NSA. . . .

Trial of Historical Patent for Common Web Encryption of SSL in East Texas.

24 Sunday Nov 2013

Posted by in E-Discovery, Evidence, Intellectual Property, Legal Technology, Patent Law, Texas Supreme Court, Trial Tips and Techniques

Comments Off on Trial of Historical Patent for Common Web Encryption of SSL in East Texas.

Tags

, , , , , , , , , ,

Newegg on trial: Mystery company TQP rewrites the history of encryption, by Joe Mullin, Law & Disorder/Civilization & Discontents (with hat tip to Dennis Crouch’s Patently-O!)

http://tinyurl.com/

The story of Michael Jones, his mysterious invention, and the massive patent enforcer he’s working with is finally coming out at a patent trial underway in this small East Texas town.

Jones’ patent, now owned by famed patent enforcer Erich Spangenberg, has scared corporate America into writing one hefty check after another to avoid a trial just like this one. He and his lawyers say the patent covers the common web encryption scheme of SSL combined with the RC4 algorithm. The sums of those checks were revealed in court here on Tuesday when a TQP attorney displayed to the jury a spreadsheet with many of the payments.

Use Wickr To Send Encrypted Information On iOs And Android Phones

05 Tuesday Nov 2013

Posted by in Android Phones, Cell Phones, Confidentiality, Emails, iPhones, Legal Technology

Comments Off on Use Wickr To Send Encrypted Information On iOs And Android Phones

Tags

, , , , , , , ,

Send Secure, Self-Destructing Messages with Wickr, by Robert Ambrogi at Robert Ambrogi’s Web Sites

http://bit.ly/HEj6aw

Lawyers have an ethical obligation to protect the confidentiality and security of communications with their clients. The more we learn about NSA snooping, the more we realize what a challenge that can be.