In a pioneering collaboration with the New York State Bar Association Committee on Technology and the Legal Profession, City University of New York School of Law offered a Technology and Law course in the spring 2019 semester.
This two-credit course was offered in the evening and 17 students participated, including both day and evening students. Classes featured weekly guest speakers, including NYSBA members, on a range of topics. Similar courses are planned with other New York State law schools in the coming months.
The goal of the course was to provide students with an understanding of the fundamentals of how technology intersects with the law. No particular technology skill or expertise was required, and all students were welcome, regardless of their technological expertise.
The course covered the fundamentals of technology and the law, with a focus on what new lawyers need to know in order to practice competently. Topics included an overview of technology and law in a historical context, privacy and constitutional rights, social media, cybersecurity, professional responsibility and protecting confidential client and law firm information, e-discovery, how algorithms are used by government and private entities, government regulation, artificial intelligence, biometrics and emerging uses of blockchain and distributed applications.
New York is one of a growing number of states that have adopted a professional duty of technology competence. Comment 8 to Rule 1.1 of the NY Rules of Professional Conduct states that a lawyer should:
Keep abreast of the benefits and risks associated with technology the lawyer uses to provide services to clients or to store or transmit confidential information.
Along with CUNY Law Dean Mary Lu Bilek, Immediate Past President Michael Miller attended one of the classes and recalled that "the students were incredibly engaged, and it struck me how valuable this course was for them because it demonstrated the relevance of the law to new, exciting and emerging technologies and explored the avenues where cutting-edge technology and the law intersects.
"The Technology and the Law class also helped to demonstrate the relevance of involvement in the organized bar and the ability to employ technology for social justice," Miller said.
Each week's seminar was designed to maximize student participation and discussion about the impact of technology on law practice, the legal system, legal ethics, and on marginalized and vulnerable communities. Students were evaluated on three reaction papers, class participation, and a final paper or project. Topics for the final paper or project included:
• How to use technology to facilitate reentry after incarceration.
• An analysis of Wisconsin v. Loomis and the implications of using risk assessment tools in criminal law
• Ethical issues related to autonomous vehicles
• Why technology should be integrated into the law school curriculum and connected to anti-racism and anti-oppression work
• How to use blockchain technology to help student groups, including creating more participation in votes on student and law school initiatives
• The use of automated weapons in the U.S. military
• Facial recognition technology and its origins in physiognomy
• Why drones need to be regulated
• Analysis of smart contracts and the common law
One of the classes focused on cybersecurity for attorneys and was taught in part by an FBI special agent. That class provoked a particularly rich and practical discussion, out of which grew a cybersecurity hygiene checklist that was developed by the students for fellow law students and new attorneys (insert sidebar location).
NYSBA Committee on Technology and the Law Chair Mark A. Berman played a central role in developing the course and taught it along with Professor Joe Rosenberg. Guest speakers for the class in which the cybersecurity checklist was developed were Parth Chowlera and Michael DiNicola. Students included: Mirian Albert, Erol Akpinar, Eleni Barefoot, Stephan Cardio, Charles Cooper, Trent Fucci, Matthew Glover, Andrea Irias, Emily Jenkins, Eric Johnson, Jamal Johnson, Andy Laine, Kimberly Mims, Tyreke Moses, Geno Nettle, Antonio Ponton-Nunez, and Jonathan Saxton. The course was also supported by CUNY Law colleagues Amanda Beltran and Chris Argiropolous.
CYBERSECURITY HYGIENE CHECKLIST
❑ Consider dual factor authentication
❑ Use complex passphrase with numbers, symbols and/or upper- and lower-case letters
❑ Never provide your password when requested by email or through a site. Contact the requester by phone and try to independently verify the legitimacy of the request
❑ Use a password generator and manager
❑ Do not use public Wi-Fi
❑ Utilize VPN (virtual private network) as appropriate
❑ Require a password in order to access a thumb drive
❑ Encrypt documents as appropriate
❑ Cover the camera on your laptop and tablet
❑ Use up-to-date redaction software where appropriate (e.g., PDF documents)
❑ Keep work and private personal digital information separate
❑ Always manually log off of networks, websites, and email platforms when you are finished
❑ Periodically clear out cookies
❑ Do not link sites together so as not to share private information
❑ Consider faxing confidential information
❑ Consider use a credit card RFID (Radio Frequency Identification) shield
Hardware, Software, and Operating Systems
❑ Keep software and operating systems up to date
❑ Implement patches as soon as available
❑ Install software to scan for viruses
❑ Install a tracker to locate lost devices
❑ Install a program/app that can remotely lock or wipe lost devices
Law Practice Management
❑ Purchase cyber security insurance that covers social engineering
❑ Always maintain backup files in a secure location
❑ Consider encrypting server and/or backup
❑ Review cyber security audits of third parties or vendors
❑ Ensure backup is not connected to your system so as not to compromise its integrity in the event of a hack
❑ Create an incident response plan to be followed in the event of a hack - what to do, who to call, what to change
❑ Consider disclosing cybersecurity protocols and concerns in retainer letter
❑ Do due diligence on third parties and vendors with whom you are working
This checklist was developed by students in the spring 2019 Technology and the Law course,a collaboration between the New York State Bar Association Committee on Technology and the Legal Profession and City University of New York School of Law.