What did we learn about law firm data in 2023? Find out more with Iron Carrot
Data in one form or another has been talked about in law firms for a long time. But last year, a lot of data-related topics seemed to crystallise into vast thematic areas that firms were actively thinking about. These topics appeared in the press a lot and often came up in our client conversations.
I have picked out the four topics that I think best reflect data in 2023:
- Artificial Intelligence
- Cyber Crime
- Data Retention
- Law Firm Chief Data Officers
Artificial Intelligence is on everyone’s mind
While everyone agrees that AI might be a positive disruptor to the legal industry, the debate still rages on whether the benefits – such as automating written tasks and sifting through vast amounts of information in seconds – outweigh the challenges of biased data and a lack of accuracy and accountability.
What is agreed is that the AI tools a firm permits to be used must be fit for purpose, and the ethics of AI usage need to be part of a lawyer’s professional education and development. Many firms are developing clear AI Policies, which include AI Ethics and a clear definition of what data belongs to the firm and what belongs to their clients.
Different firms have different approaches to developing AI tools to support legal professionals. Some believe that most AI usage will come from the new AI-powered versions of existing legal software providers like LexisNexis and Microsoft 365 Solution for legal. Others are investing in tools like Google’s Bard, Meta’s Llama, and OpenAI’s ChatGPT and adapting them for their own use.
There is also a rise in new legal software systems focused on using AI to speed up the drafting and querying of contracts both for in-house legal teams in large organisations and for individuals. If these become widely used, what is the purpose of external counsel in contract review? That’s not a data question – but as with all things data, it leans into the existential purpose and mission of the law firm the data serves.
Cyber Crime is on the rise
We learned that Cyber-attackers are doubling down on their attacks against law firms and corporate legal departments, moving beyond their historical activity of hacking and leaking secrets to targeting the sector with financial attacks, such as ransomware and business email compromise (BEC).
In June, the National Cyber Security Centre (a part of GCHQ) published a Cyber Threat Report for the UK Legal Sector. Since the release of the last report in 2018, the shift to remote working has increased productivity across the legal sector, but this has increased risk from a cybersecurity perspective.
Entrusting law firms to safeguard highly confidential, commercially sensitive, and often personal information makes them prime targets for cybercriminals and other attackers. The results of accidental internal data breaches can be equally as challenging.
Nearly three-quarters of the UK’s top 100 law firms have been affected by cyber-attacks. For smaller firms that have little or no dedicated cyber security and IT support, the risk of incidents like ransomware attacks is on the increase.
Data Retention is a higher priority
Data retention is the practice of keeping and storing data for a specific period. It has become increasingly important, given the rising volume of data generated by law firms and the need to comply with legal, regulatory, and client requirements.
Since retention and disposal are considered administrative activities, they are often ignored by fee-earning staff at best or seen as not a Partner problem at worst. It takes a strong data governance or information governance leader to make the case for action.
There are two areas which have pushed data retention and disposal up the strategic agendas of many law firms in 2023:
- the need for accurate corpora of data to train Artificial Intelligence tools and
- a growing realisation that if data has been compliantly deleted, it’s not being stored and is therefore not at risk from cybercrime.
While pretty much every firm has a data retention policy in place, an invigorated focus on executing the policy and getting the green light from key stakeholders (often senior partners) to delete things was the new normal for 2023.
The rise of the law firm CDO
Law firms are turning to Chief Data Officers (CDOs) to manage and leverage their data effectively. This role has become increasingly important in helping firms make informed business decisions. The primary focus of this role is to improve efficiency and profitability by assisting the firm in interpreting data.
The typical role of a law firm CDO is to oversee data collection, analysis, and interpretation to inform business decisions and improve efficiency. But it is more than just managing data. A CDO in a law firm may also be responsible for developing and implementing data-driven strategies to help the firm achieve its business goals. This could involve using data to identify new growth opportunities or improve existing processes and workflows.
These Law Firm CDOs are increasingly expected to help bridge the gap between legal, business services, and technology teams. CDOs must have the ability to communicate effectively with both groups, translating technical data concepts into language that other professionals can understand.
Unsurprisingly, there are several law firm roles with a different label than “CDO” but effectively perform the same task as a CDO – often at a less senior level. Unlike the 27% of big corporates with a CDO, this role isn’t always considered a C-Suite role with equal weight and influence of the firm’s CIO/CTO.
What does this mean for 2024?
AI continues to be a hot topic, and this year will see many more law firms looking to implement AI policies and clearly defined data sets which partners agree may be used to train AIs.
Cyber security remains top of mind for everyone, not just law firms. However, I expect the consequential impact of making or accelerating the business case to delete data will be felt by most firms this year.
As firms look to mature their data capabilities, we will see the appointment of more law firm CDOs – or whatever they are called. It remains to be seen how many of these are C-Suite appointments.
Final thoughts
Data and data governance continue to be a law firm priority, but each firm is approaching it through a different lens.
If you want to chat more about any of these topics, please get in touch.
