Discovery Mining has announced that the source code of its Web-hosted online review application has passed a rigourous security audit.
The security of the data we put into the hands of others is a hot topic at the moment, as Gordon Brown’s Government carelessly distributes our personal information far and wide. Fortunately, most companies who handle discovery data have rather higher standards than Gordon Brown’s Government, and it is no bad marketing point to be able to prove it.
Most litigation documents would be regarded as confidential by their owners, and not just because they relate to a current case. Disclosure requirements are often the only reason why some documents ever leave the clients’ premises, and the opposing parties, as well as the clients’ own lawyers, have a strict responsibility as to their use and their security. It is not surprising that clients and lawyers are concerned to know that those same documents are secure when made available in online litigation support systems.
I suspect that there are in fact few occasions when the security of web-hosted litigation documents is attacked. That may be for the same reason as my principal gave when I was an articled clerk to a client who expressed concern about the security of the building. “Everything in this office is so boring” he said “that no-one would ever want to break in”.
Times have changed. Then we might have been concerned about things disappearing from an office. Now we are more at risk that the office itself will disappear thanks to a terrorist attack or a few days of rain, and having our data online involves balancing one security risk against another. The reality, of course, is that for most cases it is the only economic way of storing litigation documents and making them available. Discovery Mining are sensible to have promoted their security audit.
Data security is, of course, only as complete as the weakest link in the chain, and when litigation data escapes into the wild it is usually for non-technical reasons – it is left on a bus, lost by a courier, or e-mailed to the wrong address. Data is no different from paper in this respect. Barristers’ chambers always used to be the biggest hole in the pipe. There was the barrister who left his papers on the top of the bin, making it necessary, so rumour had it, for his instructing solicitors to spend days on the council tip searching for them. And there was the clerk who had a barrister on both sides of a case and who sent the papers back to the wrong solicitors. No amount of source code audit would have headed that one off.
Discovery Mining’s rivals would doubtless say that they have no need of an audit to be satisfied as to the security of their data. Maybe, but it is, nevertheless, a good thing to be able to claim.