It was wonderful to attend #Legalweek24 in New York City to see and discuss the latest legal and technology developments. The three things that stood out were: the legal technology AI race is on, robust cybersecurity and information governance are critical, and the LegalWeek buzz. These and other highlights are discussed in this article.
The legal technology AI race is on
As expected, while the AI starting gun had sounded this time last year, AI and Generative AI were the hot topics of discussion with both hype and some caution sounding. There were new innovative technology tools as well as improvements to existing tools and systems. It will be interesting to see which companies emerge from the pack as AI leaders in #legaltech (including start-ups) in the next 12-18 months.
The AI sessions, including the AI workshops, were filled to capacity, some with standing room only. Sessions focused not only on innovation and benefits, but also on the risks. While the promise of AI was alluring, many also noted the lack of substance with some of the AI being promoted.
Dan Kavan, Director Strategic Accounts, North America, EDT explained, ‘the dominant theme was AI: everywhere you looked, speakers and exhibitors were promoting or debating the use of generative AI. While exciting to see so many willing to embrace new technology, it wasn’t always clear specifically how AI functionality is being used to solve tangible customer problems.’
Denise Backhouse, Shareholder and eDiscovery Counsel Littler Mendelson observed, ‘Generative AI holds great promise for the eventual transformation of some of the more time-consuming, mundane litigation tasks. However, the technology and its application to the legal sector are in their infancy, and like any new technology it will require testing, supervision, validation, and integration.’
Similarly, Shane Jansz, Head of Customer Solutions, Nuix, said, ‘in a world where data is king, the hot topic was how everyone is utilising AI to help shed light on the challenges that organizations face in identifying, removing, or safeguarding sensitive information.’ Shane questions whether those that rely purely on Generative AI and OpenAI will be left behind in the years to come as the tech innovation juggernaut continues, saying, ‘only time will tell whether their solutions will be suitable for the challenges that lay ahead.’
Generative AI will deliver cost and time efficiencies in litigation and internal investigations
It is clear that generative AI has the capacity to significantly reduce time and costs for discovery tasks including document review in litigation and regulatory investigations; and also analysing vast quantities of data and generating initial drafts of witness statements, as well as summarising deposition and trial transcripts in a fraction of the time it takes legal professionals. It was very interesting to see Merlin Search Technologies demonstrate the speed at which issues from the Governor Jeb Bush data set could be reviewed, summarised and analysed. John Tredennick, CEO and Founder, Merlin Search Technologies explained, ‘Large Language Models (LLMs) like GPT (the engine behind ChatGPT) have proven they can review and classify documents effectively in a fraction of the time required by legal professionals’ teams. Before the year is out, small, agile human teams--equipped with LLMs--will replace larger teams of human reviewers, dramatically shrinking the $10+ billion dollar review market.’ One intriguing feature was the vivid green/red ‘on/off’ button, designed to conserve energy, which will assist companies reporting on ESG.
Another area where Generative AI has huge potential is internal investigations. The panel on Effectively Conducting Internal Investigations in Highly Regulated Environments covered a wide range of practical issues, providing expert insight and useful tips. This session also highlighted the challenge of privilege claims and the need to be thoughtful to ensure the privilege claims are properly grounded – this is and will continue to be a challenging area and one that was also discussed in the Judge’s panel (see below).
SOPs and the data quagmire in internal investigations
The panellists discussed the need to have a Standard Operating Procedure (SOP) for Investigations to ensure the right stakeholders are consulted, it is known where and who to go to make data requests, and, when and who matters are escalated to during an investigation. The issues around data were highlighted – data maps are very helpful as a starting point, however, because they become outdated fast, time is still required to consult with IT to work out relevant custodians, systems, and looking at end-point detection systems and DLPS tools to identify relevant servers etc. The discussion then turned to the need for robust destruction of data in accordance with record retention policies. An important point was that while an SOP is essential, it should also enable flexibility to adapt to the investigation at hand.
Tips on managing investigations, cultural issues and witness interviewing
The discussion on best practices for handling witness interviews and investigations was also very interesting. ‘Trauma-informed investigations’ use a different type of questioning from the standard litigator approach, with questions asked from the experience of the witness with a focus on getting them to open up and recount through their experience, rather than ‘when did you first meet’ or ‘what was said at the meeting’ etc. This led to discussion about the importance of understanding cultural aspects of the organisation, which can have an impact on the investigation, including cultural differences among geographic areas, the impact of open-plan offices and remote working – for example, the difficulty of securing private meeting rooms in open plan offices, and specific requirements, such as providing written notice to those who are to be interviewed with the opportunity to bring a support person or lawyer. Dealing with scope creep by having clearly-defined terms of reference for projects, was also discussed. Another interesting aspect mentioned was the need for investigation project managers and the benefits of case management systems for large organisations regularly conducting internal investigations.
Effectively Conducting Internal Investigations in Highly Regulated Environments Panel
Lesley Marlin, Associate General Counsel, Labor & Employment, FINRA, Matthew Baker, Partner, Baker Botts LLP, Trisha Sircar, Partner and Privacy Officer, Katten Muchen Rosenman LLP, Kelly Schulz, Director, Ethics & Compliance Investigations, Uber, and Maria F Gallo, Director of Special Investigations & FCPA Services, TransPerfect
Judges’ Panel – Back to the Future with Gen AI
A highlight of LegalWeek is the Judges’ Panel, which this year was appropriately titled, ‘Back to the Future’ where one of the many topics covered was the use of Generative AI in litigation discovery processes.
Judges’ Panel 2024 - the Hon. Andrew Peck (Ret.), Senior Counsel, DLA Piper, Hon. Elizabeth D. Laporte (Ret.), Mediator, Arbitrator, and Special Master, JAMS, Hon. Paul Grimm (Ret.), Director, Bolch Judicial Institute at Duke Law School, Hon. Shira Scheindlin (Ret.), Of Counsel, Boies Schiller Flexner, Hon. Kimberly Priest Johnson, U.S. Magistrate Judge, U.S. District Court, Eastern District of Texas and Sarah Cave, United States Magistrate Judge, US District Court, Southern District of New York. Facilitated by Patrick Oot, Partner, Shook, Hardy & Bacon.
Key issues discussed included understanding and agreeing upon the process that any technology tool uses to enable discovery to be undertaken efficiently and cost effectively, and the obligation to preserve data (ESI). There was an interesting historical comparison drawn by Judge Scheindlin(Ret.) with her ground-breaking decisions in Zubulake requiring discovery of emails from backup tapes, and with TAR (the introduction of machine-learning in eDiscovery tools) by Judge Peck (Ret.). Judge Scheindlin observed that Judges in the 2000s led the way in requiring production of electronically stored information (ESI). Judge Scheindlin wondered whether the use of Generative AI in eDiscovery may be led by the Bar. Judge Peck highlighted the similarities between reluctance to disclose ‘key word search’ and seed sets when TAR was introduced and disclosing the ‘prompts’ used in Generative AI searches. The prediction is that Generative AI will have a much quicker take up than TAR.
However, there may be some procedural impediments to overcome before Generative AI tools gain wide-based acceptance. The Hon. Kimberly Priest Johnson, U.S. Magistrate Judge, U.S. District Court, Eastern District of Texas in particular, pointed out that several courts have banned the use of Generative AI, apparently in reaction to Generative AI ‘hallucination’ briefs that included made-up case law. Whether parties to litigation will be able to agree to use Generative AI in discovery processes or whether it will take judgments and/or changes to the Rules remains to be seen.
Duty of Competence
There was a general reminder to practitioners that obligations under the Rules and Procedures and ethical canons apply equally to the use of Generative AI tools in legal practice. In response to recent cases where attorneys have relied on Chat GPT where hallucinations produced fictional cases and citations, the judges’ agreed that lawyers are now on notice to proceed carefully when using Generative AI and reminded attendees of the duty of competence under Professional Conduct Rules and FRCP Rule 26(g). As Judge Scheindlin said, ‘it is the same old obligation, trust but verify, in the same way as checking a paralegal’s work.’
Dealing with Privilege
One of the topics covered was privilege claims, with Judge Peck noting that privilege logs had grown from ‘a couple of pages’ to be more ‘like novels’, asserting protection for thousands of documents. It was noted that the current discussion in relation to the Federal Court Rules is for litigators to confer on how privilege logs will be managed. Judge Peck doubts whether this problem is going to be solved with the current proposal based on the hope that lawyers will be able to reach agreement. He also reminded attendees that since 2008, parties have been able under FRE Rule 502(d) and (e) to obtain an order to claw back inadvertently produced privilege documents and that parties can use The Sedona Conference model order. The judges expressed clear concern over voluminous privilege logs, particularly regarding inhouse communications, which they noted are not protected in many EU jurisdictions.
Cybersecurity and information governance are critical
The two biggest risks and challenges are cybersecurity and information governance. The use of AI by cybercriminals is a significant and increasing challenge for organisations. The lack of data and information governance is impeding obvious use cases for AI, including in law firms.
Cybersecurity and regulatory compliance
In Navigating Data Security, Data Privacy, and Cybersecurity Litigation Trends and Regulatory Compliance the focus of the discussion was managing cybersecurity risks in light of growing regulatory compliance challenges. The panellists included Patrick Zeller, Global Chief Privacy Officer and Senior Cybersecurity Counsel, Amgen, Melissa Ventrone, Partner, Clark Hill, PLC, Caroline Sweeney, Director Knowledge Management, Innovation, E-Discovery, Dorsey & Whitney LLP and Joe Martinez, Director, Forensics & Technology, Complete Legal and the session was facilitated by David Stromberg, Head of Product, Legal Solutions, Nuix.
One of the many interesting discussion points was the impact of the SEC’s 2023 Cybersecurity Guidelines, which require most public companies to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. Despite the challenge this presents for many organisations and uncertainty around what constitutes a ‘material risk’, these provisions have apparently and surprisingly not yet resulted in reports of a data breach assessed as a material risk. With the increasing cybersecurity attacks and data breaches, there is more focus on retention schedules and disposal. Caroline Sweeney referred to the need for organisations to go on a data diet – a new way to describe disposing of redundant, outdated and trivial (ROT) data.
Patrick Zeller emphasised the importance of a comprehensive approach to managing data risks within the legal department. Patrick highlighted that the attorney overseeing information governance (IG) risks is best positioned to address various aspects such as eDiscovery, records management, privacy, and legal cyber risks. Ideally, he said, ‘the Chief IG Counsel (or Chief Privacy Officer, etc.) should have a direct line of communication with the Chief Information Officer (CIO) and actively participate in their senior staff meetings.’ As he pointed out, this collaborative partnership enables the IG attorney to closely collaborate with IT senior staff, including the CISO, fostering a culture of proactive IG integration into decision-making processes. By doing so, IG risks can be addressed pre-emptively rather than reactively, thereby promoting a culture of IG by design within the organisation.
Data, AI and Information Governance
Several sessions highlighted the critical role of data governance in AI, referencing the mantra ‘garbage in / garbage out’ applied to AI outcomes where data is inaccurate. More than ever, the importance of data governance in an age when there are exponential volumes of data being generated is critical. In the session, Harnessing the Power of Data Governance: A Strategic Guide for Legal Professionals, with Anne Costello, Sr. Information Governance Consultant, Epiq, Lisa Lukaszewski, Of Counsel, Gunster, Emily Collins, Senior Information Governance Attorney, Southwest Airlines and Kevin Brady, Senior Counsel, E-Discovery & RIM, Volkswagen Group of America, Inc., the quantities of data reported as being generated by devices connected to the internet (IoT) was staggering.
Kevin Brady pointed out that, 'in an increasingly connected digital world along with the rise of US and EU data privacy rules and regulations over the past few years and the continued evolution of the different types of computing devices and data sources, the protection of personal information has become of paramount importance when creating a strong Information Governance regime.' This is particularly true when it comes to litigation and the need to identify and preserve relevant data sources. As Kevin said, 'taking reasonable measures to preserve data, starts with a strong Information Governance framework.' This requires 'an understanding of data locations and retention periods in order for counsel to prioritise preservation of those data sources that are at risk of destruction without intervening measures.'
Another common theme to emerge across the sessions and referenced in the Judges’ Panel was the issue of data privacy, recognising both the challenges and opportunities. It is interesting to see even from the legal technology perspective, which has traditionally focused on eDiscovery and document production, there is a clear shift to the left-side of the EDRM model and the growing recognition of the need for organisations to implement robust information governance across the enterprise.
As organisations grapple with an ever-changing and expanding regulatory landscape, as Shane Jansz, Nuix expressed, ‘the insights shared at the conference serve as a compass, guiding us as we navigate the seas of data privacy and ensuring a secure and compliant future for businesses worldwide.’ He also is of the view that ‘AI offers exciting opportunity, more to the left-side of the EDRM workflow, to reduce the volume and noise of data (by reducing the ROT) prior to putting human eyes onto any documents.’ Shane predicts that, ‘just as a lighthouse guides ships through treacherous waters, technology that offers transparency and explainability when it comes to data privacy and eDiscovery will lead the legal profession through a new era of accountability and trust.’ Clearly, this is the holy grail for organisations, and as Shane said, ‘it will revolutionise how data is managed, mitigating risks associated with privacy breaches and ensuring compliance with evolving regulations.’
Peter Baumann, CEO of ActiveNav said, ‘in rushing toward [AI] technology with such attractive benefits, one must not lose sight of some well-established principles - for example, that of ‘garbage in - garbage out’.’ This is ‘even more so when one considering the context of its use case, for example, in case law or the identification of precedent.' The message here is that if your foundations are not in place, fast adoption of new technology can bring unacceptable risks. In Peter’s experience, where there is a historic lack of IG within an organisation this obstructs or becomes a friction point to successful AI innovation. As someone who’s been extolling the virtues of a built-for-purpose Data Discovery solutions (previously known as File Analysis) as a key component of IG, he says, ‘the need for data clean-up and minimisation has never been clearer.’ Peter noted ‘ActiveNav is seeing in the market a broader enthusiasm for dealing with law firms' unstructured data as a compliant platform for AI adoption.’ Peter observed that ‘with increasingly stringent Outside Counsel Guidelines relating to sensitive and regulated data as well the control of client matter itself, the need to understand all data on the left-hand side of the EDRM has never been more important.’ Of course, for those law firms and organisations that deal with these issues and implement robust IG they reap the benefits of reducing risks and managing data storage costs (which is increasingly important due to both increasing volumes of data and ESG reporting).
Data sources and cell/mobile devices add to complexity and costs of discovery
A number of the sessions discussed the complexities for discovery, record-keeping and robust information governance arising from data sources such as Teams, Slack, WhatsApp and social media. In each of these sessions the challenge of what has become known as ‘modern attachments’ was highlighted, (that is hyperlinks and cloud attachments, and the problem of broken links, trying to identify which version was attached to an email), password protected documents and encrypted data in discovery. It is clear that ‘modern attachments’ are creating in increased complexity, time and costs in litigation and investigations.
The burdens and cost of forensically sound mobile device data preservation and collection are also challenging for clients and their attorneys. Currently most forensic collection tools require making a full copy of data on a device, raising privacy issues and causing custodian concern and resistance (especially for personal devices). While technologies are emerging that permit more targeted collection of, for example, select text messages and WhatsApp communications, cost may remain an issue, compounded by the ever-changing forms of data and devices.
Technology Innovation Gatherings
Apart from the demonstrations in the Exhibit Halls, many technology demonstrations and educational opportunities took place in and around the Conference centre.
Nuix Neo Legal Breakfast
Jonathan Rubinsztein, CEO, Stephen Stewart, CTO, David Stromberg, Head of Product, Legal Solutions led a standing-room-only breakfast gathering to showcase Nuix Neo Legal, a comprehensive data intelligence platform. The advanced analytics and visualisation features in Nuix Neo, enables legal teams to derive insights and make informed decisions faster than ever before by untilising their unique AI functionality along with their end-to-end automated workflows.
It was great to have the strategic overview from Jonathan together with more detail regarding functionality and a hands-on demonstration from Stephen and David.
DLA AI Innovation Team Reception
I was delighted to attend the DLA Innovation event to hear Barclay Blair, head of the AI Innovation Team discuss the work being undertaken. The team is part of the AI and Data Analytics group chaired by Danny Tobey, selected by the Financial Times as North America’s Most Innovative Practitioner 2023. Barclay explained the revenue-focused product development at DLA with a mandate to build AI products that will have a transformative impact on both the firm and its clients. On the firm front, the innovation is aimed at transforming litigation through AI-driven search, summarisation, extraction, analysis and prediction. It was interesting to learn about the work being conducted on LLM of ‘red teaming’ and benchmarking combining legal expertise and data science to scale to test, quantify and address LLM legal risk and business impact. Several of DLA’s clients and partners also spoke at the event about these developments. It was also good to be able to catch up with Gregg Goldman, Rich Kessler, Yin Lu and Peter Baumann at the event.
Exhibitors and social buzz
It was great to feel the vibe return to the exhibition halls post-Covid and, in particular to see small start-ups exhibiting. There was a plethora of events within and outside the conference including learning opportunities as well as social events. Catching up with old friends (albeit too briefly) and meeting new colleagues is undoubtedly a special part of LegalWeek. Thank you to all the companies and firms who put on events and provide the networking opportunities from early morning to after dark.
As James McGregor said, ‘LegalWeek was better than ever! There were far greater numbers than have been seen for many years. The real essence of the event is to connect with people all over the world who work in our profession while they descend on New York at the start of every year. We chit chat about ways we can work together to further the common goal of making the legal profession more efficient and effective via the adoption of appropriate technology. While that mission might not sound thrilling to many, for those of us loitering around the Hilton during each year, it’s a dream come true.’
Thank you to TransPerfect Legal Solutions and, in particular, Stuart Clair and Matt Felton for the insightful discussion over lunch and the impressive Reef Review Party.
It was great to be able to attend a Legaltech Mafia meeting for the tips on managing LegalWeek and the very interesting discussion on AI - see Ari Kaplan’s post here.
Many thanks to James McGregor for organising the Commonwealth Brunch to kick off the week and to the sponsors including organisers APT and Ethical eDiscovery and sponsors Infinnium, Merlin, Reveal and Sullivan Strickler.
Commonwealth Brunch at Tavern on the Green – photos by James McGregor
Thanks to Canaan Himmelbaum, Jane Funk and Carolyn Anger, Consilio for the elegant reception party at the magnificent Cipriani 42nd Street venue.
Thanks also to Sandline Global’s Andy Ward and Jon Canty for hosting a lively and informative Happy Hour, and to EDRM and Ankura for the reception event – Kaylee and Mary, you were missed!
Congratulations to the organisers of the inaugural eDiscovery Charity Formal, sponsored by Crowell, iDS, Norton Rose, Legalpeople, Littler, Reveal, and Winston & Strawn – great catching up with David Kessler, Andrea D’Ambra, Denise Backhouse, Paul Weiner, Dan Regard, Taylor Hoffman and a host of others.
In the closing hour of the conference, Denise Backhouse and I made a final whistlestop tour of the Exhibit Halls to see a couple of vendors. Our final stop on the way out was the ALM booth, where Denise won a travel bag and I won an ALM pickleball set, which has made its way back to Sydney for use! Thank you to ALM for another great LegalWeek!
Next year’s 'save the date” announcement noted a shift back to March. Looking forward to seeing everyone and a warmer LegalWeek in 2025!