Welcome to Security Awareness Month! I had all kinds of ideas for how I would recognize this important event, full of snarky comments about how legal clients continue to get the shaft due to their attorneys’ inability to use technology accurately, securely and efficiently.
But then Bob Ambrogi, lawyer and award-winning blogger, did it for me in Law Sites Blog. Boy, did he!
But before I share some of his awesomest (yes, I’m using that as a real word) comments, allow me to wax poetic about the all-encompassing nature of security awareness at law firms.
Obviously, Savvy Training & Consulting is heavy into the world of email security, thanks to our partnership with KnowBe4. But it is a mistake to assume that “security” only relates to the times when the bad guys try to break down our email doors. As the folks at Jones Day are now learning, security issues can arise with any activity we conduct on behalf of our clients, including the age-old process of redaction.
In case you’ve been living under a rock, here’s what happened to Jones Day: Lawyers there failed to properly redact secret grand jury testimony in a public filing in federal court. This failure resulted in exposure of witness testimonies.
Therefore, if you tend to think of “security issues” as being solely the responsibility of the IT guys who build firewalls, think again. This month, Security Awareness Month, I challenge you to accept the fact that a lack of technology competence on any platform you use can result in a security breach for your clients.
And Now, Allow Me to Share a Few of Bob Ambrogi’s Best Punch Lines!
Mr. Ambrogi skewered Jones Day’s response to a judge in which they explained why and how they failed to properly redact a document that they submitted to federal court. I’ll share some pieces of Mr. Ambrogi’s brilliant article but I highly encourage you to visit his blog yourself… and have some tissues ready because I literally laughed until I cried!
Below, is an excerpt of the Jones Day article to the federal judge with Mr. Ambrogi’s comments in italics:
We respectfully submit this letter in response to the Court’s Order to Show Cause dated September 11, 2019, which directed counsel to file a written explanation regarding the redaction error in the Reply Memorandum filed in Support of Defendants’ Motion to Dismiss. (Please, please, please, Your Honor, let us off the hook.)
We assure the Court that we redacted information in the Reply Memorandum related to the grand jury proceedings in good faith. (Come on, Your Honor, at least give us points for thinking we were doing it right.) In fact, multiple members of the defense team (it wasn’t just me — none of us had any idea what we were doing) reviewed the redactions several times (they sure looked black) prior to filing to make sure grand jury testimony was redacted (we all saw black blotches right there on the page). In the redacted form filed with the Court (In the unredacted filing that we thought we’d redacted), the redacted (unredacted) portions were in fact “blacked out,” (did I mention that they looked really, really black) whether examined in electronic form or printed on paper (black everywhere we looked), in the ordinary course (as we quickly glanced over them). Unfortunately (for us), we learned that a reporter (fake news) was able to defeat this redaction process (let’s shift attention by blaming the messenger) by exploiting a technical weakness (by exposing our technical weakness), as we understand it (as we still have no idea), by copying and pasting the redacted text from the filed version on ECF into a new document (by performing some sort of hocus pocus) that enabled the reporter to view the redacted text (we’re hoping, Your Honor, that you’re as ignorant as we are about redaction and that you also hate the news media).
Thank you, Mr. Ambrogi. Thank you so much!