Posted Jun 02, 2011 05:34 pm CDT
An attorney who allegedly obtained confidential information over a 17-year period while working at three major law firms before being charged earlier this year in an insider-trading case that allegedly involved over $30 million in illegal profits, has given chief information officers in the legal industry much to ponder.
Wilson Sonsini Goodrich & Rosati, which most recently employed Matthew Kluger as an associate, used code names on sensitive documents. But federal prosecutors say Kluger was able to figure out from document titles when mergers and acquisitions were in the pipeline, Law Technology News reports.
In an attempt to avoid detection, Kluger allegedly searched the firm’s document management system for material related to deals he wasn’t working on. Then, to avoid catching the attention of auditors, he didn’t open the documents, which provided the information he needed in their titles, federal prosecutors say.
“What makes this case interesting is that it gets right to the center of information and how law firms manage it,” says Adam Hansen. He serves as director of information security in the U.S. offices of SNR Denton, which is not one of the law firms at which Kluger worked. (He was with Cravath Swaine & Moore and Skadden Arps Slate Meagher & Flom before joining Wilson Sonsini.)
Almost all law firms use an “open” information system, which presumes that documents should be available to attorneys, rather than a “closed” system, which presumes they should be confidential, the article says. From a practice standpoint, there is good reason for this, yet corporate clients are starting to push for more security.
The problem is, lawyers inside the firm can put together nuggets of information from multiple sources to figure out what is happening. For example, who is meeting with whom and information about the client to whom attorneys are billing their time can be just as critical as documents in revealing news of a pending corporate merger.
Additionally, the article notes, there can be a disconnect between information specialists, who understand the technology that can be used to protect sensitive information within the law firm, and the partners in charge, who know what information needs to be confidential and why.
Because law firms rely on the integrity of attorneys, training and other programs to help lawyers stay on the right track can also be critical in protecting sensitive information.
For more discussion of law firm information security issues and ideas about how they can be addressed, read the full article.
Additional and related coverage:
ABAJournal.com: “Middleman Pleads Guilty in $34M Insider-Trading Case, Says Lawyer Stole Info from 4th BigLaw Firm”
ABAJournal.com: “Another Attorney Takes Plea in Galleon Case, Admits Connecting Trader with Ex-Ropes & Gray Lawyers”
ABAJournal.com: “Surviving Law School Buddy Gets 39-Month Term in $9M Insider-Trading Scheme”