Wednesday, September 17, 2014

New Business Intake & Conflicts – Wiggin Goes to the Cloud

Media and technology law firm Wiggin has implemented Intapp Open for new business intake (NBI) and conflicts management. Pinnacle, a provider of specialist consulting services, executed the Intapp Open implementation as part of a broader Wiggin initiative to virtualise and host its entire IT infrastructure in a private cloud environment.

Wiggin, a highly regarded boutique firm with an innovative approach to legal services delivery, is well known for its strategic approach to outsourcing key aspects of its operations. Pinnacle completed the project, which included integration of Intapp Open with Creditsafe for conflict reports, within 35 days.

Said the Firm's Chief Executive Officer, John Banister:
  • "Intapp Open has transformed how we evaluate new business and manage potential client conflicts – a sensitive issue in the fast-paced media and technology industries. The product’s integration with Creditsafe has streamlined our process for new business review, and the ability to apply business rules to conflicts reports enables us to quickly identify and prioritise issues that need to be addressed."
  • "Migrating our IT infrastructure to a private cloud has been a major priority for our business, and we’re thrilled with the work that Pinnacle did in accelerating the implementation and integration of Intapp Open with our virtual environment."
Intapp Open was chosen to replace Wiggin’s legacy workflow system for NBI, which was difficult to maintain and could not be virtualised. Faced with the prospect of a costly and complicated upgrade of its existing system, which would have required re-implementation of business processes from scratch, the firm seized the opportunity to adopt a fresh approach to new business intake with Intapp Open.

Pinnacle worked with Wiggin to configure the Intapp Open forms and flows to fit the firm’s unique business model; managed integration with other applications that were part of Wiggin’s new virtual environment including Elite Enterprise; and coordinated with its cloud services provider throughout the project.

Said the Intapp Risk Practice VP,  Pat Archbold:
  • "Increasingly, new business intake is about improving client selection and financial performance for firms as much as it is about risk management. The work that Pinnacle and Wiggin have done to integrate Creditsafe for client review is a great example of how the Intapp Open platform is changing the way law firms take on new business."
Visit for more information on Intapp Open new business intake and conflicts management software, or to request a demonstration.

Tuesday, September 16, 2014

Conflicts Allegations & Disqualification Attempts

"Drugmakers Seek to Disqualify Counsel in Opioid Lawsuit" --
  • "Purdue Pharma L.P. and two affiliated companies are seeking to disqualify a former District of Columbia attorney general from representing the city of Chicago in its lawsuit against several drugmakers for allegedly seeking to misinform the public about the risks and benefits of opium-like pain medications."
  • "According to Purdue, attorney Linda Singer and her law firm law firm Cohen Milstein Sellers & Toll should be disqualified because Singer served as attorney general between Jan. 2, 2007, and Jan. 5, 2008. The District and 26 other jurisdictions reached a $19.5 million settlement with Purdue over the marketing of OxyContin on May 8, 2007, the drugmakers said."
  • "Singer personally and substantially participated in the older lawsuit by approving the consent judgment, the defendants argued. She was briefed on the settlement more than a month before any court filings were made; edited the proposed press release about the consent judgment; and lobbied to increase the statutory caps on D.C.’s consumer protection fund to accommodate the $950,000 the District recovered in the lawsuit, the pharmaceutical companies said."
  • "Singer also has entered a contingent-fee agreement with Santa Clara and Orange counties in California to pursue a similar lawsuit.
 Patrick Fitzgerald and R. Ryan Stoll of Skadden, Arps, Slate Meagher & Flom in Chicago filed Purdue’s motion."
[Updated: See this story, which include the firm's response to the disqualification motion.]

"Blackstone's law firm worked with Michael O'Flynn: Arthur Cox has advised Nama and the State" --
  • "Michael O'Flynn's legal showdown with US buyout fund Blackstone over its attempt to gain control of the O'Flynn Construction Group brought him face to face with a former adviser - law firm Arthur Cox. The Magic Circle solicitor firm, which represented Blackstone subsidiary Carbon Finance in the High Court case, had worked for Mr O'Flynn in the past. They had acted for one of his companies in a judicial review as recently as June of this year."
  • "When contacted for comment, Mr O'Flynn said: 'It's disappointing when a professional firm acts against you so recently after acting on your behalf, particularly given the nature of this case.'"
  • "The law firm's decision to represent Blackstone in its vicious legal dispute with Mr O'Flynn, designed to oust him as a director and wrest control of his construction group, has severed those ties. A further personal relationship between Arthur Cox and Mr O'Flynn existed beyond a lawyer-client relationship."
  • "Arthur Cox has previously denied suggestions that it faced potential conflicts of interests, having acted for the banks, developers and other state bodies in major cases. It has provided advice to the Government and state bodies, including Nama and the Department of Finance..."

Monday, September 15, 2014

Client Conflicts Allegations in the News

A few stories of conflicts allegations making news, each with complex fact patterns worth a click-through for those looking for a more complete picture:

"Ex-Client Sues, Alleges Conflict of Interest Against Thompson & Knight" --
  • "A former client of Thompson & Knight seeks at least $1 million in damages in a Sept. 8 lawsuit that alleges that the firm had a conflict of interest when it represented him and a third-party investor in the acquisition of a Houston company."
  • "Richard Slaughter of Houston alleges in a petition he filed in state district court in Harris County that he was 'shocked' to discover that Thompson & Knight had filed paperwork in the deal that identified the third-party investor as the 'sole manager' of Sivco Holdings..."
  • "Slaughter alleges in Slaughter v. Thompson & Knight that no one at Thompson & Knight, including former partner Bryan K. Brown, who allegedly worked on the deal, ever disclosed to him that the corporate formation documents excluded him as a manager of the company."
  • "Slaughter alleges that only after Houston attorney Rusty Hardin, of Rusty Hardin & Associates, 'expressed his concern' on Slaughter's behalf did the firm withdraw from representing the third-party investor and affiliated entities in connection with a postpurchase dispute with Slaughter."
  • "As alleged in the petition, Slaughter 'sought legal advice' from Brown, who was then a partner in Thompson & Knight in Houston, and Brown represented him in connection with the acquisition from late 2011 through the acquisition in December 2012."\
  • "When asked for a response to the allegations in the petition, the firm provided a written statement from Thompson & Knight partner L. James Berglund II of Dallas. Berglund wrote that the firm will vigorously defend itself... 'The claims in the lawsuit are simply incorrect. Thompson & Knight has a long history of honoring our legal and ethical obligations at every turn, which is exactly what occurred in this case. We regret that the plaintiff has elected to file litigation, and we are confident that a full examination of the facts will confirm that Thompson & Knight handled the matter appropriately,' Berglund wrote."

"Sparks fly as Cassels Brock rejects GM conflict claim" --
  • "Cassels Brock & Blackwell LLP was 'hopelessly conflicted' when it represented the Canadian government in its bailout talks with General Motors of Canada Ltd. in 2009 while simultaneously acting for the Canadian Automobile Dealers Association, counsel for dealers who launched a class action over the matter told a Superior Court judge last week."
  • "Before some 180 dealers signed GM’s wind-down agreement in 2009, Cassels Brock “did nothing” to help them get a better deal from the company, said Bryan Finlay, one of the counsel for the dealers, as the trial got underway on Tuesday. The class action seeking $750 million in damages names GM and Cassels Brock as defendants. None of the allegations have been proven in court."
  • "The interests of the dealers were adverse to those of Canada, said Finlay, adding that instead of advising the dealers of their rights, Cassels Brock told some of them the wind-down agreements weren’t negotiable."
  • "For its part, Cassels Brock argues the association, and not the individual dealers, had retained the firm. When the wind-down notice went to a group of GM dealers, the association advised them to seek legal advice from their individual lawyers."
  • "Cassels Brock didn’t present its opening statement on the first day of the class action trial on Tuesday. Earlier in the day, another lawyer for the plaintiffs, David Sterns of Sotos LLP, argued GM had made the dealers sign the wind-down agreements during the financial crisis through 'ambush, deception, and divide-and-conquer tactics.'"
  • "The trial continues with hearings set for six weeks in Toronto."

Thursday, August 28, 2014

Another Law Firm Trumpets ISO 27001 Security Certification

We've covered law firm adoption of the ISO 27001 information security standard over the years. Many firms see this as a quick path to addressing client concerns about managing sensitive data, and several view it as a competitive differentiator, including: "Aberdein Considine achieves ISO 27001:2013 certification"--
multiple times
  • "Aberdein Considine (18 offices and 400 staff), has had its commitment to high standards of information security across all of its practice areas and locations recognised with a national accreditation."
  • "The firm has achieved the prestigious ISO 27001:2013 certification which acknowledges the implementation of robust procedures and processes relating to information security management after it recently underwent a comprehensive independent audit of its systems."
  • "The certification standards set out a strict framework for managing the security of assets, including financial information, intellectual property, employee details and information entrusted to an organisation by third parties."
  • "Jacqueline Law, a corporate partner at Aberdein Considine, has welcomed the certification and believes it is reward to the high importance placed by the firm on the security of its own and its clients’ information: 'To achieve ISO 27001:2013 certification – one of only a handful of law firms in Scotland to do so – is incredibly pleasing and recognises our commitment to high standards of information asset security.'"

Wednesday, August 27, 2014

Law Firm Conflicts Allegations in the News

A few interesting stories making news. First: "The mysterious case of Hewlett-Packard’s Autonomy deal"--
  • " of the law firms that represented the shareholders in their case against H-P directors, Cotchett, Pitre & McCarthy LLP, now working with H-P, is being accused of a conflict of interest. Cotchett was previously the lead counsel in another class action against H-P. That suit, which also recently settled, alleged that the company’s inkjet printers falsely warned consumers when they were out of printer ink."
  • "Theodore Frank, of the non-profit Center for Class Action Fairness, has filed a motion contesting the ink jet settlement, seeking to disqualify the Cotchett firm... 'It’s just a black letter ethical violation,' Frank said... 'The inkjet litigation has no bearing on the Autonomy settlement,' an H-P spokeswoman said in an email."
  • "Rodney Cook... has his own separate derivative action against H-P regarding the Autonomy deal, also seeks to remove the Cotchett law firm as the lead plaintiff’s counsel, citing conflict of interest."
  • "One challenge has been filed by Autonomy’s former chief financial officer, Sushovan Hussain, who contends that the proposed settlement H-P poses a threat to his own legal rights... Hussain’s motion brings up a bigger question about the Autonomy acquisition. He states in his motion that with the settlement, 'H-P seeks to forever bury from disclosure the real reason for its 2012 write-down of Autonomy: H-P’s own destruction of Autonomy’s success after the acquisition.'"
  • "How this became a multi-billion-dollar write-down is a big question among investors. Perhaps these legal maneuvers will shine some light on the mystery. But it probably will be a long time before investors know what really happened."

Next: "DOJ: Hacking suspect's lawyers may face conflict"--
  • "Two attorneys representing the son of a prominent Russian lawmaker may face a conflict of interest because their firm represented victims of a hacking scheme he's accused of running, the U.S. Justice Department said Wednesday."
  • "Ray and Goldin are attorneys with Fox Rothschild, a national firm with 600 attorneys and 19 offices, according to its website. Ray succeeded Kenneth Starr in 1999 as the independent counsel on the Whitewater investigation. Seleznev is also represented by Seattle defense attorney Larry Finegold."
  • "'We feel strongly that our representation comports with all applicable rules of ethics and that Mr. Seleznev is legally entitled to vigorous defense - which we intend to provide,' Goldin wrote in an email Wednesday."
  • "Assistant U.S. attorney Norman Barbosa said the government was not implying any wrongdoing by the defense attorneys, only raising the question of whether they should continue to represent the defendant when at least one other attorney in their firm represented the pizza chain Z Pizza in connection with a breach in late 2010 and early 2011 that resulted in the theft of thousands of its customers' credit card numbers. Seleznev was responsible for the hack, prosecutors say."
  • "The government noted that if Seleznev is ultimately ordered to pay restitution in the case, Fox Rothschild could wind up representing both the defendant and the people he is required to pay. And if anyone from Z Pizza is called as a witness in the case, the firm could wind up cross-examining its own client.'
For more detail (and intrigue) on the case of an alleged hacker the US Secret Service calls "one of the most prolific in the world," see: "Accused Russian hacker must stay in custody, judge says," which covers details such as an arrest at the Maldives airport, a seized laptop containing over 2 million stolen credit-card numbers, and Russian allegations that the suspect was kidnapped...

Sunday, August 17, 2014

Information Security Policies & Practices -- Protecting Client Information

via Law Technology News "Law Firm Data Breaches: Protecting Clients --  Maintaining diligent protocols and educating personnel are crucial tools to protect client data" --
  • "Data threats against law firms can be generated from internal or external sources... Imagine a disgruntled employee who wants to get even with the employer and has unrestricted rights to  client data kept on the firm’s network folder."
  • "Some ways a firm can safeguard against internal data theft include:
  • Be careful about which users are given access to data systems.
  • Monitor user access control to each data source on a regular basis.
  • As users within the firm change positions and/or departments, ensure that system access is verified so that users only have access to the systems they need.
  • Promptly disable all system access (both internal and external) for terminated employees."

For those attending the ILTA conference this week, see also: "Security Policies and Procedures: Why You Need Them and How To Decide Which Ones Matter Most" --

8/21/2014 2:00 p.m. (Event Code:SOSPG6,  Presidential Ballroom B)
  • In response to client guidelines and regulatory requirements such as HIPAA, law firms are increasingly developing and documenting central policies and procedures for managing information security. But policies are only effective if they are living documents accepted by firm stakeholders and honed to match the business issues of greatest risk to the firm. This interactive session will include an overview of the drivers behind security policies as we teach participants how to use a risk-based methodology to develop security policies aligned with firm business goals and encourage buy-in from lawyers, management and staff.

Karen Campbell - Orrick, Herrington & Sutcliffe LLP
Michael Johnson - Security Grc2
Kathryn Hume - Intapp

Tuesday, August 12, 2014

Conflicts Story Update: $270k in Sanctions

Law360 (subscription required for full article) reports that: "Boies Schiller Fined For Conflict In $350M Antitrust Suit" --
  • "Boies Schiller & Flexner LLP was ordered by a New York federal judge Friday to pay Host Hotels & Resorts Inc. about $270,000 in sanctions for failing to bow out of a $350 million antitrust suit over a scheme to keep Marriott International Inc.'s flagship New York hotels union-free."
  • "U.S. District Judge Colleen McMahon, who initially ordered the law firm sanctioned in October for ignoring a conflict of interest that "could not have been clearer," awarded Host a sanction of $271,063 in legal fees for work..."
For non-paywalled history and detail on this matter, see also this article from 2013 for additional background, as the facts and accusations in this matter are complex and worth attention:
  • "On March 8 [2013], Boies Schiller filed a motion to withdraw from the case after Host Hotels threatened to file a motion to disqualify the firm from the litigation. Host Hotels hired the firm in 2000 to examine the company's business relationship with Marriott, which manages some of its hotel properties."
  • "Boies Schiller's outside ethics counsel informed Host Hotels that it would not reimburse it for any portion of its costs associated with drafting the motion because it made attempts to withdraw after the company presented the firm with documents solidifying the conflict, Host Hotels said."
  • "Host Hotels seeks reimbursement for its attorneys' fees and expenses associated with investigating Boies Schiller's conflict-of-interest. The company denies that it participated in any unlawful conduct in its dealings with Marriott."
At the time this matter first made news, we pointed out additional detail, commentary and analysis worth reviewing as well. (Including interesting details on the specific timing, scope and suitability of the searching performed by the firm.)

Monday, August 11, 2014

BB&K Improves Business Intake, Conflicts Management and Matter Evaluation

Best Best & Krieger LLP, a full-service law firm with nearly 200 lawyers in nine offices across California and in Washington, D.C., has selected Intapp Open to automate processes related to new business intake. BB&K, which represents many recognized public agencies and businesses, is using Intapp Open to enhance conflicts checks and accelerate new client matter inception.

Said the Firm's IT Director,  Tim Haynes:
  • "BB&K’s public agency, business and individual clients rely on us to quickly and efficiently help them solve their legal issues. Intapp Open allows us to identify, manage and clear any conflicts of interest that arise, and also provides our attorneys with a holistic view of the client, enabling us to be more strategic and responsive in our representation."
BB&K selected Intapp Open following a thorough evaluation by a panel that included firm management and lawyers, as well as representatives of the firm’s finance, conflicts and IT teams. Of all the products evaluated, Intapp Open was the most comprehensive and the most user-friendly – offering role-specific views and to-do lists for key stakeholders involved in new business intake, and eliminating duplication of effort. Intapp Open also allows designated users to create and modify processes to support firm- and practice-specific matter evaluation procedures.

Said the Intapp Managing Director,  Kerry Stivaletti:
  • "Having worked with Best Best & Krieger as an Intapp customer for more than nine years, we know that making the most of the data available throughout the firm has been a long-standing priority for executive management, finance and IT. Intapp Open supports this by providing firms with visibility into the strategic implications of new business acceptance."
  • "By introducing Intapp Open for new matter inception, as well as conflicts management, BB&K is bringing a new level of agility, efficiency and governance to its business intake processes."
Visit for more information on Intapp Open new business intake and conflicts management software, or to request a demonstration.

Thursday, August 7, 2014

Risk News & Updates (Screening, Conflicts & Security)


First, from Bill Frievogel comes another Canadian pro-ethical screening/information barrier decision: Province of Ontario v. Chartis Ins. Co. of Canada, 2014 ONSC 4221 (Ont. Super. Ct. July 16, 2014) --
  • "We are simplifying the history somewhat, but the essentials for this audience are this: Lawyer worked at Firm A to some considerable extent on cases for the Province against InsCo. Lawyer wound up at Firm B, which is representing InsCo against the Province in those same cases. Firm B erected in advance a screen essentially in compliance with ethics rules of the Law Society of Upper Canada. Nevertheless, the Province moved to disqualify Firm B. In this opinion the court denied the motion, finding that the screen was satisfactory. Excellent discussion of the judicial history of screening in Canada."

Next, from James Tallon, litigation partner at Shearman & Sterling, comes an interesting article: "Ethics Corner: When Conflicts Rules Conflict" --
  • "Consider the following hypothetical: Lawyer A is admitted to practice in New York and resident in his firm's New York office. Currently, A represents Del Corp., a Delaware corporation headquartered in New York City, as borrower negotiating a significant credit facility from a bank syndicate. Lawyer B is A's partner; B is admitted as a solicitor of the Senior Courts of England and Wales and is resident in the London office of the firm in which A and B are partners. Euro Corp., a long-time client of B, has asked her to represent it in connection with the purchase of Del Corp.'s wholly-owned English subsidiary. B would like C, who also is admitted in New York, but resident in the firm's London office, to work on the transaction. Can B take on the engagement for Euro Corp.? If so, can C work on the deal?"

Finally, from Bill Caraher, CIO at von Briesen & Roper, comes: "Different Data, Different Security" --
  • "'Privacy' and 'security' are two terms taken very seriously in law firms. When it comes to e-discovery and client-matter data, privacy and security are paramount. But, in practice, these two types of data are often treated differently."
  • "Let’s ask this again: Why is the cloud acceptable for one type of law firm data but not the other? It comes down to control and the agreement between parties. When a firm’s DMS data are outside the control and watch of senior management and IT, people get nervous. You also have cloud providers that run shared infrastructure and shared storage between multiple clients."

Wednesday, August 6, 2014

Information Governance Report Focuses on Law Firm HIPAA Compliance

The folks at Iron Mountain have published the results of their 2014 Law Firm Information Governance Symposium. These events brought together industry thinkers and leaders to discuss and develop best practices.

Industry experts Brian McCauley and Ann Killilea (McDermott), Rudy Moliere (Morgan Lewis), Charlene Wacenske (MoFo), Scott Christensen (Edwards Wildeman), Grant James (Troutman Sanders), Sharon Keck (Polsinelli) and Intapp's Kathryn Hume collaborated on: "HIPAA Omnibus Task Force Report" --
  • "The following report summarizes and analyzes key components of the HIPAA Omnibus Rules that affect law firms as HIPAA business associates, i.e., in their role as custodians of HIPAA protected health information on behalf of their clients."
  • "After presenting the elements of the HIPAA Omnibus Rule for which law firm business associates are liable, the report outlines the framework for a law firm enterprise data protection program comprehensive enough to satisfy the multiple data privacy and security requirements imposed by HIPAA. The report concludes by recommending a set of industry best practices for achieving HIPAA compliance in a law firm environment."
  • "Especially when considered alongside emerging state data privacy and security laws and transitive requirements imposed on firms from clients in regulated industries like financial services, the Omnibus Rule is significantly impacting the way law firms develop and implement a culture focused on regulatory compliance, client data privacy, and client confidentiality. To achieve compliance with the new HIPAA rules, many firms have little choice but to enhance their confidentiality controls and to adopt more stringent security measures to prevent unauthorized disclosure of any information protected under HIPAA’s rules."

Tuesday, August 5, 2014

UK Risk Roundtables Set: London & Jersey

We're pleased to announce two more Risk Roundtables.  Our London event is set for September 9th:
  • Guest speaker Heather McCallum, former Head of Risk & Compliance at Allen & Overy, will overview the challenges firms face in managing terms of business in client RFPs, outside counsel guidelines & questionnaires, and suggested best practices to negotiate terms and achieve firm-wide compliance.
  • A panel of experts from leading firms will debate staffing models for new business inception and conflicts management, weighing up the benefits and setbacks of managing conflicts centrally, and complying with requirements across jurisdictions.
  • Intapp experts will then showcase Intapp Open & Intapp Wall Builder, fresh approaches to simplifying and streamlining new business acceptance, and securing client information.

Set for September 10th, the Jersey session will cover moderate a general forum on topics of interest, enabling risk, IT and related professionals to connect in a collaborative environment and gain insights on:
  • Strategies for negotiating terms of business in client Request For Proposals 
  • Increasing expectations around achieving, managing, and positively demonstrating appropriate controls around client confidentiality and information security
  • Achieving firm-wide compliance
  • Demonstration of Intapp business acceptance and information barriers software

Attendance is by invitation only and is limited to qualified law firms and personnel. Please contact for more details.

Sunday, July 27, 2014

More on Security: ISO 27001 and GRC for Law Firms

Previously, we noted that ILTA has posted the recordings of several sessions at their recent Law Firm Information Security Symposium (LegalSEC). Here are more relevant and interesting sessions:

ISO 27001 for Law Firms
ISO 27001 can be a powerful tool for law firms interested in demonstrating information security maturity to both their firm management and clients. Whether you plan to get certified or just leverage ISO 27001 standards, this session will provide information on how the standard can benefit your organization and help you respond to client outside counsel guidelines and security audits.

A 360-Degree Look at eGRC
A paradigm shift is happening in regard to enterprise governance, risk and compliance (eGRC) — we want to be proactive instead of reactive. Legacy and siloed approaches no longer will be successful. Organizations need to plan and implement GRC efforts that are truly "enterprise" and involve all key players and departments in a coordinated organization-wide effort. What does it take to have a successful implementation of a systematic, well-planned, coordinated enterprise approach? What are the overall benefits?

Learn more about the overarching goals of an eGRC program and how it can improve strategic and timely decision-making, enhance the focus and effectiveness of internal audits, and assist in identifying key performance metrics and risk indicators. No angles here...we're giving you a 360-degree look!

What To Do When (Not If) Data Breaches Occur
When security threats emerge, quick response is imperative to contain risk and protect data assets. Often, the expertise and pace with which an event is managed can make as much media buzz as the data breach itself. Come walk through a mock data breach incident and see how well-defended law firms and corporate legal departments are those that prepare for the unexpected.

Thursday, July 24, 2014

There is Only One Lord of the (Risk) Ring?

As first covered in June (poetically), we noted a disqualification motion tied to a matter involving a fight over merchandising rights to the "Lord of the Rings." Now, fresh off the pages of Variety, comes an update: "Judge Refuses to Disqualify Tolkien Attorneys in ‘Lord of the Rings’ Dispute" --

  • "A federal judge is refusing to disqualify Greenberg Glusker as the law firm representing the estate of “The Lord of the Rings” creator J.R.R. Tolkien, which is engaged in a legal tangle with Warner Bros. and the Saul Zaentz Co. over merchandising rights to the lucrative franchise."
  • "Last month, Warner Bros., represented by Dan Petrocelli of O’Melveny & Myers, filed a motion claiming that Greenberg Glusker had “invaded” attorney-client privilege by hiring former MGM studio lawyers as expert witnesses."
  • "Warner Bros.’ claim is that Greenberg Glusker attorneys, led by Bonnie Eskenazi, contacted Alan Benjamin and William Bernstein, who represented UA as in-house lawyers at the time, to serve as expert witnesses, offered to represent them for free as 'percipient witnesses' and 'had direct communications with them.'"
  • "Collins wrote that in making her decision, she considered the Tolkien estate’s right to chosen counsel, Greenberg Glusker’s years of work on the litigation, the length of time that had passed since Bernstein and Benjamin were involved, and the “extremely attenuated relationship” between Warner Bros., the Zaentz Co. and United Artists. UA and MGM had filed a “joinder” to the Warner Bros. motion to disqualify Greenberg Glusker, even though they are not parties in the case."
  • "Collins also denied Warner Bros. and Zaentz’s request for an order of disclosure of Greenberg Glusker’s communications with Benjamin and Bernstein and for a deposition of Eskenazi. She wrote that the discovery is 'likely to be costly and fruitless, and will not advance the litigation.'""

Wednesday, July 23, 2014

Law Firm CIO Responds to Suggestions Industry Security is Lacking

Industry expert, Judith Flournoy, CIO at Kelley, Drye & Warren and chairwoman of ILTA’s legal security working group, takes to the pages of Law Technology News to address frequent stories suggesting that law firms are a juicy and attractive target for hackers: "Law Firms Respond to Security Risks in Client Data: After being dubbed the "soft underbelly of American cybersecurity," law firms embrace robust security programs." --
  • "So, we may have been characterized as the 'soft underbelly' but we are no softer than any other industry, government or institution.  On behalf of my colleagues around the world in firms large and small, we understand the call to arms and we are engaged."
  • "Law firm clients in the financial services industry heavily scrutinize their outside counsel with vendor security audits. Governed by the Office of the Comptroller of Currency and the Federal Financial Institutions Examination Council in compliance with the Gramm-Leach-Bliley Act, all law firms who have financial institution clients are required to respond to a comprehensive security audit."
  • "The audit process is detailed, and in many cases includes questionnaires with several hundred questions, on-site interviews and or on-site physical security assessments covering everything from hard-copy file security to data center security."
  • "Why does this matter?  For the first time in the history of our industry, we find ourselves in a position where we not only have to provide highly detailed information about our security programs but we are also required to remediate any risks identified in the audit process.  The end result for many firms is to redirect efforts and funds for security based projects and policies, including security education programs, resulting in a battle for resources."
  • "Law firms continue to adjust to the 'new normal' business model based on client demands. Prior to 2008, firms provided services to clients based on the billable hour and what the lawyer believed was the value of the work performed. Since 2008, clients have been demanding alternative fee arrangements, fixed fee projects and have been generally unwilling to pay for the work of junior attorneys.  Combine the new normal with clients requiring outside counsel firms to adhere to a much more stringent security practice.  These are the newer set of demands we find ourselves adjusting to."
  • "The good news is that many firms have already begun the complex process of implementing a more robust security posture.  As previously mentioned, many firms have acquired, or are in the process of obtaining, ISO 27001 certifications."

Tuesday, July 22, 2014

A Couple of Compliance Chronicles: Screens Standing & Waivers Working

Two updates to share today. First, from Canadian Lawyer Magazine comes: "Court approves law firm’s ethical screen: Lawyer from opposing side allowed to stay on case at new firm," which is noteworthy as it involves successful screening by a 14-lawyer firm --
  • "When a lawyer for an opposing party joined its firm, Lloyd Burns McInnis LLP faced a real possibility of removal from a case due to a conflict of interest. But in an exemplary case of a timely ethical screen, the firm was allowed to stay on the case this week despite its small size and close working relationships between its lawyers."
  • "Lloyd Burns McInnis is representing AIG Insurance Co. in a class action coverage dispute with the Ontario government. The firm’s new lawyer, Michael Foulds, represented Ontario in the same matter while he worked at Theall Group LLP. Foulds now spends 50 to 60 per cent of his time working with his colleague Douglas McInnis, who is representing AIG in the Ontario-AIG matter. In fact, McInnis and Foulds work together on other files involving AIG."
  • "Despite the province’s argument there’s a high risk of an inadvertent leak of confidential information from Foulds to McInnis, Justice Alfred O’Marra found Lloyd Burns McInnis put up a sufficient ethical screen at the right time to significantly reduce this risk."
  • "'In considering the timely and comprehensive compliance by LBM with the institutional measures set out in the guidelines, in addition to appointment of a supervising senior partner, and isolating Mr. Foulds from any Ontario-AIG matters, I find that a reasonably informed person would be satisfied that the use of confidential information had not occurred or would likely occur, and it is in the interests of justice to allow Mr. McInnis to remain as AIG’s counsel of choice.'"
  • "Davis LLP lawyer Gavin MacKenzie, who represented Lloyd Burns McInnis, says even large law firms can take notes from the steps the firm took in this case. 'I think it’s a good example for small firms and large,' he says, adding if large firms follow the same approach, 'it’s highly likely' that the courts will be satisfied."
Next comes our waiver story: "Attorneys from same firm represent Wilmette, park district in negotiations" --
  • "Sometimes being one happy family comes with a few complications, as Wilmette Park Board members learned when they heard the attorney who represents them in negotiations with the Village of Wilmette belongs to the same law firm as the attorney who represents the village."
  • "That won’t be a problem, district Director Steve Wilson assured board members at their July 14 meeting, before recommending they let him sign a so-called conflict of interest waiver so the negotiations could go forward."
  • "Wilson explained the situation originally occurred because the law firm of Tressler LLC acquired the separate practices of attorneys who had been working as outside counsel for the village and park district: Raysa and Zimmerman, in which village attorney Michael Zimmerman was a partner, and the practice of park district outside counsel Charlene Holtz. Tressler merged with Raysa and Zimmerman in 2012; Holtz joined Tressler in 2009."
  • "Negotiations between Wilmette and the park district are friendly, Frenzer said, so it makes sense to waive any suggestion of conflicts of interest. Otherwise, both governments would have to hire new attorneys to handle the issues, which could prove expensive for everyone."

Monday, July 21, 2014

On Managing Client Terms of Business, OCGs and Rules of Engagement

Our colleagues at Paragon have written in to note that Gilda Russell (who served as partner and Ethics & Conflicts Counsel to Holland & Knight LLP for fifteen years), has joined their Panel of Preferred Service Providers and authored an excellent white paper: "Dealing with Client Outside Counsel Guidelines and Other Non-Standard Client Engagement Terms" --
  • "Such OCG and client terms are now utilized by a wide range of clients, including business and financial institutions, federal, state and local governments and agencies, health care organizations, defense contractors, and even non-profit groups. OCG and client terms cover a large number of subjects and demonstrate attempts by organizational clients and their in-house law departments to maintain control over and loyalty from outside counsel through various restrictions and obligations."
  • "Yet, OCG and client terms can cause enormous problems for law firms -- however large or small the firms -- given the obligations they create, many of which may be adverse to law firm policies, more restrictive than professional ethics rules, designed for other types of businesses than law firms, in conflict with professional liability policies, and/or unduly burdensome."
  • "Accepting OCG and client terms without a clear understanding and assessment of the many obligations they impose can result in subsequent breach of contract and malpractice claims, disqualification motions based on conflicts of interest, exposure to potential civil and criminal penalties at least in the government representation context, and loss of client business."
  • "Consequently, firms should develop effective processes for dealing with OCG and client terms. These processes should focus on monitoring the avenues by which OCG and client terms come into firms as well as requiring review and approval of OCG and client terms by designated persons well versed in the subject matter of the provisions and related compliance issues."
Note: Longtime readers will recognize Gilda as a participant in several Roundtable programs, including a webinar on this very topic. (And, similarly, readers are also likely aware that OCGs can be more effectively reviewed, evaluated and implemented at the point of client engagement through the use of modern approaches to new business intake and acceptance…)

Wednesday, July 16, 2014

Upcoming Webinar : Conflicts Management — Focus on IP Matters

At a recent Risk Roundtable, we asked participants which conflicts were most challenging to manage. The response was unanimous: subject matter conflicts associated with IP prosecution and litigation matters.
IP matters often involve subject matter conflicts which are notoriously hard to manage, requiring a different approach than ethical or commercial conflicts. The bring with them unique, complex challenges and questions, such as:
  • Who is the client, an individual inventor or the corporation where he or she works? 
  • When can a firm file similar patents for two different clients and when is the subject matter too close for comfort? 
  • Can a firm litigate against a patent that it previously achieved for a former client?
This webinar features four speakers who will explore current trends and approach for tackling these issues.

IP Matters, Intellectual Challenges
In this webinar, an expert panel will explore strategies and approaches firms are taking to address these issues and provide insights relevant to lawyers, general counsels, conflicts analysts, practice managers and IT leaders.
Intapp Open for IP Conflicts Management
This session will also include an overview of how Intapp Open, a modern business acceptance and conflicts management system, provides firms with data management and reporting to identify and resolve conflicts related to IP matters.
Intellectual Discussion
  • Bill Freivogel, Independent Consultant and author of Freivogel on Conflicts, will review recent case law pertaining to IP conflicts, highlighting applicable lessons
  • Chris Kave, Principal, Aurora North Software, will provide advice on how firms can develop workflows and data integrations to manage IP conflicts effectively
  • Gillian Power, CIO, Lathrop & Gage, will describe how her firm is leveraging Intapp Open together with data from IP Manager to identify and analyze IP conflicts
  • Kathryn Hume, Risk Practice, Intapp, will show how Intapp Open integrates information and business rules to deliver a fresh, effective approach to IP conflicts management.

Event Details
  • Date: Thursday, July 24th
  • Time: 10:00 am PDT / 1:00 pm EDT / 5:00 pm GMT
  • Registration: Limited to select firms and partners. Please email Jason Yu for more information.

Tuesday, July 15, 2014

Help Support the Law Firm Risk Blog!

The ABA Journal is working on its annual "Blawg 100" list. If you're a regular reader of this blog and like to show your support by giving us a vote or nomination, we'd certainly be delighted (and grateful).

Over the past five years, we've published over 500 updates. The growth of our readership over the years has been very rewarding to see... but there's something nice about making the list. Nominations are due August 8th and can be submitted at the ABA's Blawg Site. Thank you!

Monday, July 14, 2014

Law Firm Risk News & Updates

Several interesting updates and resources to start the week off with. First, two more talks from the recent ILTA legal security summit:
  • "Practical Approaches to Business-Aligned Security" -- Join us for an interactive discussion on bridging the gap between the business side of your organization and those responsible for security and risk management. We will identify common challenges encountered, ways to deal with them and a practical approach to building strong business cases for security initiatives, such as technical controls, user awareness, risk management and IT governance. Make sure you're doing all you can to have business-aligned security practices in place!
  • "Don't Believe the Hype! What Data Leak Prevention Solutions Can and CAN'T Do" -- Can you identify and restrict unwarranted attempts to copy or transmit sensitive information, deliberately or inadvertently (and generally by personnel who are authorized to access the sensitive information)? Take an in-depth look at best practices for implementing enterprise and point solutions for data leak prevention (DLP) as we cover the Web, email gateways, networks and mobile devices, and the mechanisms used to secure them. There's a lot of talk about what DLP solutions protect's time the hype be laid to rest.
And from the Kansas Bar Association comes "Legal Ethics Opinion No. 14-01: Duty to report attorney memory lapses" --
  • "Law firm had a partner with 'possible cognitive degeneration,' evidenced by memory lapses… The subject lawyer has now left the law firm, but continues to practice. The law firm questions whether – now that the lawyer has left the firm -- it has a duty to report the subject lawyer to the Kansas Disciplinary Administrator under Rule 8.3."
  • "A lawyer is not required to report another lawyer to the Disciplinary Administrator unless the lawyer has knowledge of an action, inaction or conduct of the other lawyer which constitutes misconduct under the Kansas Rules of Professional Conduct. Rather, in the event there are memory lapses, cognitive deteriorations, or other potentially disabling conditions, the subject lawyer should be referred to the Kansas Lawyers Assistance Program or other suitable service."

Sunday, July 13, 2014

How McCullough Robertson Protects Client Confidentiality

McCullough Robertson, a leading Australian law firm, uses Intapp Wall Builder to secure client data across firm information repositories and support its risk management protocol. The firm is leveraging Intapp software to limit access to confidential information and prevent accidental contravention of defined information governance policies.

Said the Firm's Director of Governance and Knowledge, Kim Trajer:
  • "Because risk management is core to our firm's culture, we made a significant investment in technology that would enhance our existing client data privacy and confidentiality management practices, without disrupting lawyer productivity or client service.
  • "With clients increasingly mandating matter-team-only internal access policies, the automated enforcement, auditing and alerting capabilities provided by Intapp’s risk management software provide vital compliance capabilities."
Intapp Wall Builder is a web-based information security and confidentiality management software application that enables organizations to centrally control and report on user access permissions across multiple applications, including document management, accounting, portal, CRM, time entry and records management systems. It also automates notifications to individuals subject to specific policies and tracks acknowledgments for compliance purposes.

Wall Builder is the most-adopted information security management software by law firms with 150 or more lawyers. According to an independent survey by the International Legal Technology Association (ILTA), 72% of large law firms using commercial software to enforce information access controls use Intapp Wall Builder.

Said Intapp's APAC Managing Director, Bruce Heaney:
  • "We’re proud to highlight McCullough Robertson’s adoption of our information security products to improve their risk management programme. By auditing for compliance with central policies, the firm is taking strong steps to guard client information and protect the organisation’s reputation."
Visit for more information on how Intapp enhances law firm information security, or to request more information and a demonstration.

Thursday, July 10, 2014

Risk Updates: Information & Records Ownership + the Value of Firm Cyberinsurance?

First, another audio recording (and slide deck PDF) of a recent ILTA talk now available online: "To Purchase Cyber Insurance or Not: That Is the Question" --
  • "We've heard of car insurance, life insurance and even pet insurance ... why not cyber insurance? It's available, but why should your organization consider purchasing cyber insurance? What is and is not covered by a typical policy? What are some contractual terms and other items to consider when seeking or negotiating a cyber insurance policy for a law firm? Learn the answers to these questions and more from an expert panel offering various perspectives."
For those focused on information security, Law Technology News recommends: "Get Cozy With the FBI and Secret Service to Ameliorate Data Breaches Woes" --
  • "The first step to avoiding a data breach is to create a security framework, Georgetown panelists advise. It's no secret that law firms are magnets for sensitive corporate information. So, said Ayiotis, companies should vet outside counsel the same way they hire other third-party vendors, holding law firms to the same level of due diligence and security checks."
  • "Forming proactive relationships with the government, namely the FBI and the Secret Service agents who handle cybercrimes, can help organizations avoid complications associated with a breach, he said. During a data breach investigation, there is a “high probability” that a company can go from being the victim to the defendant because of a lack of proper data security measures."
On the records management and information ownership front, BNA reports: "Firm Doesn’t Have to Give Ex-Client Originals Unless They’re Needed or Came From Client " --
  • "A client cannot force its former counsel to turn over original papers or documents in the client's files because the client did not show that he gave the firm any original papers or that any originals in its possession are necessary for the client's representation, the Ohio Court of Appeals, Second District, ruled June 20."
  • "A client has the right to any original paper that he gave the lawyer because these are the client's personal property, the court said. There were no such documents in the case files here, it noted.
  • "It could be inferred from a comment to the rule, the court said, that it is the originals of the reasonably necessary items that must be returned. But here, there is no original paper or document that is demonstrated to be necessary to Sacksteder's representation, the court said."
  • "With regard to documents that were created and stored electronically, the court noted that such materials have no single original. Under an Ohio evidence rule, the “original” of an electronic document is any printed copy, it pointed out."

Wednesday, July 9, 2014

On Information Security -- Law Firms - the "Soft Underbelly of Corporate America"?

The folks at ILTA have graciously posted the recordings of several sessions at their recent Law Firm Information Security Symposium (LegalSEC). We’ll be highlighting several worth reviewing in the posts to come. Here's a recording from their keynote presentation: "The Soft Underbelly of Corporate America? Law Firms and the Cybersecurity Threat Matrix"--

  • Each day we hear about another data breach in the news. More personally identifiable information (PII) and account information is being siphoned out of respected companies. What about our intellectual property, our trade secrets and other business capital?
  • Oftentimes, the easiest place to attack is when the data is outside the walls of the owner — in many cases at their law firm.
  • During our keynote, we will walk through the cybersecurity threat matrix and its evolution, discuss how various state and federal laws drive forward controls that may or may not help protect our data, and the role of active defense and intelligence.
  • Attendees will learn what programs and controls will position their firms for success in assurance reviews, certifications and competing for business.
  • Together we will explore this topic — as you hear from someone who has worn the hats of law firm counsel, chief privacy officer, chief security officer and chief compliance officer — so we can operationalize against this threat.
See ILTA's web site for the audio recording and downloadable mp3.

Tuesday, July 8, 2014

Law Firm Conflicts Allegations Making News

It's always fascinating to see coverage of conflicts allegations and related news cross over into general media channels. Here are two stories that caught our eye. First, a situation which highlights challenges of finding representation when the conflicts landscape is more complex: "DVDFab files motion in lawsuit – shows it’s David vs. Goliath case" --
  • "Recently filed documents on the AACS-LA vs. DVDFab case show similarities of the battle between David and Goliath. It shows how little time DVDFab had to prepare itself and how hard it was to find a law firm to represent the company in the United States. Because the AACS-LA is a consortium of many companies (e.g. movie studios, Microsoft, Toshiba, Panasonic, IBM and more), many well known law firms were unable to defend DVDFab due to conflict of interest."
  • "Between February 26th and the 4th of March, DVDFab tried to find a law firm to represent them. Due to conflict of interest several law firms rejected DVDFab and referred DVDFab to other law firms, some of those didn’t want to handle the case or didn’t have time. It wasn’t until the 17th of March before DVDFab signed an agreement with a law firm to represent them."
  • "Between February 26th and the 4th of March, DVDFab tried to find a law firm to represent them. Due to conflict of interest several law firms rejected DVDFab and referred DVDFab to other law firms, some of those didn’t want to handle the case or didn’t have time. It wasn’t until the 17th of March before DVDFab signed an agreement with a law firm to represent them."
For our second, we turn, oddly enough, to twitter, where we often post risk stories (and track those of you retweeting or reposting our updates -- thank you!): "Gibson Dunn defends GFH role after jailed ex-GC claims conflict" --
  • "Gibson Dunn & Crutcher has defended its representation of Dubai-based private equity firm GFH Capital, after the client's former general counsel accused the firm of having a conflict of interest."
  • "David Haigh, the former managing director of Leeds United and one-time GC of GFH, has taken to Twitter to make the accusation against his former employer's lawyers.
    Haigh is currently in jail in Dubai, having been arrested on 18 May after GFH accused him of committing fraud, embezzlement and money laundering while he was employed at the bank."
  • "Gibson Dunn's litigation team is being led by partner Peter Gray, described by Haigh's spokesperson as "for many years a friend, legal adviser and business partner of [Haigh's]". In an email to Legal Week, Gray called the conflict allegations 'untrue and defamatory'."
For those without access beyond the linked paywall, a summary of the general story unfolding is available via the guardian and the accuser/accussed's twitter stream in question is located here.

Monday, July 7, 2014

Risk News & Updates: Legal Ethics, Regulations and Matters of Firm Business

From the always linkable Legal Ethics Forum comes an interesting post from NY professor of Law Stephen Gillers: "When and How Does Change in Lawyer Regulation Happen?" in which he reviews a bit history behind the Model Rules, touching on Ethics 2000 and the ABA 20/20 Commission. And he lays down the gauntlet:
  • "…the current bar leadership will not be bold. In this, it is like the leaders of the 50s through the early 80s. It will be the next generations that approach the issues with  appetite for change."
  • "I suggest that legal scholars have been and will continue to be the antennae of the profession. The momentum for change, which is different, will come from elsewhere -- from economic forces (rules change when it is in the economic interest of lawyers to change them, witness the adoption of lateral screening after 20 years of rejection), and to beat back external threats (witness the 2003 amendments to Rules 1.6 and 1.13, after repeated rejections, in order to dissuade the SEC from invoking its full Sarbanes-Oxley powers; it worked)."
That blog also notes a recent New York decision: "New York joins California federal court in rejecting unfinished business claims" --
  • "We hold that pending hourly fee matters are not partnership "property" or "unfinished business" within the meaning of New York's Partnership Law. A law firm does not own a client or an engagement, and is only entitled to be paid for services actually rendered."
  • "Treating a dissolved firm's pending hourly fee matters as partnership property, as the trustees urge, would have numerous perverse effects, and conflicts with basic principles that govern the attorney-client relationship under New York law and the Rules of Professional Conduct. By allowing former partners of a dissolved firm to profit from work they do not perform, all at the expense of a former partner and his new firm, the trustees' approach creates an "unjust windfall," as remarked upon by the District Court Judge in Geron (476 BR at 740)..."

Wednesday, June 25, 2014

Report from CNA Risk Management Roundtable Event in New York

"CNA Hosts Risk Management Roundtable for Law Firms" --
  • CNA hosted a roundtable panel yesterday (co-sponsored by Intapp) in New York to address the emerging risks facing law firms. The roundtable began with a discussion of significant claim trends for law firms, such as the expansion of claims by non-clients of the law firm, claims involving allegations of conflicts of interest, fraud and misrepresentation, and claims arising from the Trusts & Estates practice area.
  • In a discussion led by CNA Claims and Risk Control, a diverse group of law firm personnel, comprised of general counsels loss prevention partners, conflicts attorneys, and information technology directors, shared their professional experience with respect to effectively managing the client intake process and handling conflicts of interest at their respective law firms.
  • Participants also heard directly from the general counsel of three prominent law firms on mitigating risk in several key areas: managing the lateral hiring process, compliance with outside counsel guidelines and maintaining law firm data security.
Said Michael Barrett, CNA Director of Risk Control, Professional Services, Lawyers --
  • "Identifying and managing the risks associated with a successful lateral hire is a difficult exercise. With lateral hiring continuing to outpace entry level-hiring, the risk is now commonplace in law firms.  Having general counsel from several prominent law firms lead the discussion about successful strategies to avoid these potential risks was invaluable."
Said Kathryn Hume, -- Intapp Senior Risk Practice Specialist --
  • "We know that to truly help law firms control risk, the new business intake, conflicts management and information security software we deliver must continuously evolve to address real-world priorities. We're proud to partner with CNA and support this event as part of our ongoing investment to stay abreast of industry risk trends and foster peer dialogue on response strategies."
CNA also noted the publication of two of their white papers: Taking Stock of a Potential Fee Collection Suit and Logistics of a Lateral Move Between Law Firms.