SaaStock is coming to Dublin from 14-16th October. It is a conference specifically designed around growing software businesses – with talks about investment, growth and lessons from those who have already succeeded in the industry.
SaaStock has a number of high quality speakers on their agenda from across the startup ecosystem. This includes investors such as Accel and Point Nine Capital, successful tech companies such as Stripe, Intercom and Active Campaign and business advisors.
SaaStock also contains a dedicated Startup Programme which gives high potential startups the opportunity to exhibit their company and ideas, attend dedicated workshops and meet investors.
The Startup Pitching Competition gives startups the chance to compete for an amazing prize – the winner gets $25,000 cash, a number of ‘partner perks’ from SaaStock’s partners and global recognition as a high potential company.
To find out more or sign up for SaaStock, please visit here.
Our team at Thread Legal will be attending the conference – we’re looking forward to learning from other software as a service founders and applying these insights to our own growth journey with our innovative case management software solution.
We’ll be live-sharing our experience throughout the day, so please do come and say hi!
In simple terms, collaboration involves people working together to achieve a shared goal. It is rare for a lawyer to complete a case from start to finish without input from other lawyers and legal staff such as secretaries and paralegals. Equally, law firms can often become siloed – with poor communication between different departments leading to missed opportunities and unhappy clients.
Given the importance of working together at law firms, it is understandable that partners can be eager to sign up to new technology claiming to improve collaboration.
However, unless you make meaningful changes to your processes as well as your technology, people will go back to their old communication habits. The same old frustrations and inefficiencies quickly resurface. So how can law firms ensure that their investment in case management, document management or other technology results in improved collaboration throughout their firm?
Understand how your organisation currently operates
Give specific guidance on how you would like your organisation to communicate once the technology is implemented
Proactively enforce the rules that you have set up
Be fanatics about ensuring that your system is kept up to date
If you’ve had a look at our website, you know that Thread Legal is a cloud product – we’ve made our decision that the future for legal software is in the cloud.
However, in parallel with our clients we made the move from being a server-based software company (www.expd8.com) to a cloud technology company. During this process we ourselves had to look at the opportunities and the risks that come with the cloud and we wanted to share some of our thinking processes with lawyers who are also looking to make this change.
Is Cloud Software for Everyone?
There are good reasons for some lawyers globally to stay away from the cloud. There have been recent examples of several countries shutting down their country’s internet during political unrest. There have also been several (admittedly rare) examples of smaller countries losing their internet connection due to accidental cutting of critical cables. Mauritania lost internet access for 48 hours in 2018 due to a trawler cutting critical undersea cables.
Cloud software makes lawyers less vulnerable to localised system failure (e.g. your office internet connection going down). However, it does make lawyers more vulnerable if regional internet disruption takes place. If lawyers are worried about this, then server-based software may make more sense.
Is Cloud Software Right for My Company?
The global cloud computing market was worth $180bn in 2018 and is predicted to grow to $411bn by 2020 – a huge growth curve. This growth is facilitated by multiple industries, including legal, moving towards the cloud. So, what are the reasons for this?
The ability to work outside of the office is one of the key advantages of cloud technology. It benefits both equity partners and employees alike.
A survey by Virgin in the UK found that 87% either worked flexibly or wanted to work flexibly – 92% for 18-34, 88% for 35-54 and 72% for 55+ years old. The most common reasons cited were gaining more control over work-life balance (57%), general usefulness (50%) and cutting down on commuting times (33%). Whilst 29% still cited caring for children or dependents, this shift shows that flexible working is no longer seen as primarily for those with family responsibilities. It is desired by the majority of the workforce for a variety of reasons.
Virgin also make the point that top candidates with multiple options are likely to be part of the majority that desire flexible working – so law firms who want to retain the best talent are wise to make flexible working a part of their office policy.
In addition to talent retention, flexibility offers a range of benefits on a company level. Meeting clients, being in court, attending events – there are many work-related reasons for lawyers to be out of the office. With a cloud case management system, lawyers do not have to wait until they get back to the office to update their file, create documents or share information with colleagues. All they need is a laptop or smartphone and an internet connection. A coffee shop, a hotel lobby and even a car can all become spaces in which productive work can be done (although we do not recommend updating your case management system whilst driving!)
This also means that client needs can be handled in real time. When an important client rings the lead on a case, that lawyer can access all of the case information instantly. They do not have to ring their secretary in the office and ask them to check the file before they can respond. It also means that out of working hours client emergencies do not require hauling everybody back into the office. The team can access all information from home and situations can be successfully dealt with remotely.
Using cloud case management can also reduce the fear that managers can often feel when allowing staff to work remotely – the lack of accountability. With cloud case management, managers can see in real time the work that their employees are completing. They can give feedback on it and can ensure successful and timely delivery of objectives.
In terms of the bottom line, flexible working can also reduce overheads as employees who are spending more time working outside of the physical office consume less electricity, less consumables and even less tea and coffee (and biscuits). It can also reduce the recovery costs in the case of a physical disaster such as fire or flooding. Even if the office is out of action, the company does not have to be because everybody can work from home with whatever devices they have available.
At Thread Legal, as we began to move to a more flexible working model we saw the many benefits it provided – and this was one of the key reasons that we decided to create a cloud case management system for our customers. Since Thread Legal was introduced, we have had a number of clients switching to us who were otherwise happy with their server-based system but desired the flexibility that only cloud can provide.
Many lawyers cite data security as one of the reasons why they are wary of cloud software and to a certain extent this is true. Lawyers who store their data in a server or paper files have them physically in the office with them. They can see them, lock them away and have a sense of personal control. In contrast, lawyers using cloud applications allow a third party to process their data and have to trust that this third party will keep their data safe.
However, security concerns have also been raised about the safety of office-based systems. In 2014 the UK Information Commissioner’s Office (ICO) released a warning for barristers and solicitors about data breaches. They specifically highlighted the use of paper files as troubling due to the lack of the encryption and because transferring papers between locations can increase the likelihood of a serious data breach.
Even when firms store data on an encrypted server, there are security concerns. Local storage is particularly vulnerable to physical disasters such as fire and flooding or a break-in. The security available is also limited by budget – small and medium firms are unlikely to afford enterprise encryption or other online protection.
In contrast, when firms choose a reputable cloud provider they receive the security protection of that provider. For example, Thread Legal is hosted within Microsoft Azure. Microsoft Azure protects customers’ data with:
High barrier fencing around the entire datacentre with cameras that are monitored 24/7
24/7 threat management and security monitoring throughout the entire datacentre
Two factor authentication including biometrics in order to access any part of the datacentre
Pre-authorised access so visitors can only access areas they have been previously approved to enter
Data encryption both in transit and at rest
Built in anti-virus and anti-spam
It is unlikely that even relatively large law firms will have the budget to implement biometric access to their data or 24/7 security monitoring.
When Thread Legal was looking for a host for our cloud software product, we looked at a number of options before deciding to build with Microsoft and host in Microsoft Azure. Just as we suggest for law firms, we did a thorough due diligence, looking at their security features and independent certifications.
Not all cloud providers are created equal – and this is where law firms need to do their own due diligence on the cloud hosting solution, rather than just trusting the claims of the platform provider. However, if law firms choose a competent software provider and cloud host, they can get enterprise level data security for SME pricing.
When lawyers are using a server-based system, updates are often pricey and installation causes business disruption.
With cloud software, good suppliers will automatically roll out regular updates without any business disruption or maintenance required. Server-based clients may get an update once a year at most and will most likely have to purchase it. Thread Legal, as an example of cloud software, releases a new update at least once a month which is deployed automatically to all users.
As technology involves, cloud users are always able to take advantage of the latest developments and updated product features. As the software provider continues to innovate, law firms do not need to fear being left behind with outdated technology.
Should I Invest in Cloud Based Legal Software?
Here at Thread Legal, we invested in building our platform because we believe that not only is it the technology for the future, it is the technology that lawyers should be using right now to provide the best experience for both their clients and their employees.
Cloud technology has the power to change the way a law firm works – it can be leveraged not only to provide more flexibility for workers, but also to serve clients better.
In addition, it can give law firms greater levels of data security and a solution that continually provides access to the latest technological innovations and new features.
Investing in cloud software is one of the best things partners can do to improve their business operations now and prepare their firm for the future.
Since AI started moving out of academia and into industry, people have been worried about the effects on employment. Ideas such as ‘universal income’ have been introduced as potential solutions for human workforces start to become redundant.
Are lawyers under immediate threat from ‘robot lawyers’? In this article we’ll take a look.
What is a Chatbot?
In its most basic definition, a chatbot is
‘a computer programme designed to simulate conversation with human users,
especially over the internet’.
In their more basic forms in the legal
industry, a chatbot could sit on the firm’s website and complete functions such
as booking appointments and asking questions that direct an enquiry to the
right department of an enterprise firm. However, chatbots at this level cannot
be conceived as competition to a lawyer.
The chatbots under discussion in this
article are those developed to solve problems for customers, rather than just
direct customers. They can answer basic legal questions and can also generate
standardised documents such as NDAs based on information inputted by the client.
They resolve an individual’s issue without the need for interaction with a
human lawyer. These chatbots may contain artificial intelligence (AI) to help
them refine their response to questions, and will almost certainly contain AI
in the future.
The Chatbots Helping Customers Right
The DoNotPay Phenomenon – Chatbots without Lawyers
In 2015, DoNotPay was revealed to the public. It was originally designed to help overturn parking tickets. Drivers would input the reason they would like to challenge the ticket and give their details, with the app filling in the relevant forms for them.
In 2018 it expanded into small claims,
filling in the forms required and offering a script that plaintiffs can read
from in court. Outside of the legal arena, DoNotPay also offers Uber and Lyft
refunds, fighting bank charges, airline and hotel price protection and the
ability to scan fast food receipts and receive free food.
DoNotPay has received significant amounts of media coverage – partly due to its charismatic young founder (who rented Mark Zuckerberg’s old house in Silicon Valley for a time). Joshua Bowder introduced himself in 2016 with these words: “lawyers all over the world should be scared of this technology”. Whilst his rhetoric has softened his vision is still that all consumer legal services will eventually be provided for free.
In addition to DoNotPay, there are several chatbots on the market which aim to fulfil client needs without any lawyer involvement. LISA offers NDAs and has recently launched into the property market. SoloSuit helps US consumers to respond when sued for a debt.
Chatbots that Support Lawyers
Supporting consumers for free is a laudable
aim, but doesn’t lead to a financially self-sustaining business – DoNotPay is
venture capital backed with an aim to monetise in the future, and LISA is
reported to be looking at corporate licencing deals.
This is why the larger number of legal
chatbots being developed are designed to be used by law firms rather than to
work against them. The real revenue opportunity lies in leveraging these
platforms to gain more chargeable work, rather than using them as a sole
Some of these are being developed by large
law firms themselves. Norton Rose Fulbright in Australia developed
a chatbot dealing with changes to data protection legislation. Clients
could ask the chatbot simple questions, and then refers them to fixed price
packages if further legal advice is required. It was responsible for selling
A$15,000 of business within its first 24 hours.
Ailira is another Australian offering for consumers and small businesses, which offers a certain level of free legal advice and documentation and then offers users chargeable legal appointments if they would like documents checked or further advice.
The Roadmap for Chatbots
Chatbots without Lawyers
One of the key points about DoNotPay that
is rarely picked up by the media is that its main audience is not the tiny minority
who would hire a lawyer to pay a parking ticket – its main audience is those
who would have paid the parking ticket, and now have an additional capacity to
‘Access to justice’ is an important issue,
and a key area where this type of chatbot could play a positive role. Asylum
seekers, visa applicants, those in debt, those unable to afford a lawyer for
civil matters – all of these could benefit from the DoNotPay model.
This social good is important, and worthy
of support. It is also unlikely to significantly affect lawyers’ bottom lines
as these are situations where people generally can’t or won’t hire a lawyer. These
products expand access to legal advice into new areas rather than affecting the
areas that law firms currently gain revenue from.
Chatbots that Support Lawyers
This is a more interesting case. Legal
chatbots developed by law firms could affect the shape of the legal industry as
As discussed in the previous section, this
technology is already available. Speaking purely in technological terms, there
is no reason why chatbots could not be implemented by firms worldwide.
Some firms, such as Norton Rose Fulbright
who were mentioned previously, have begun doing just that and have seen
increased revenue as a result. However, the fact is that implementing a chatbot
involves a significant change in business model. For most firms, the current
business model works fine and so there is little incentive to change.
For forward-thinking firms who want to be
known for a modern and innovative mindset, this is a great technology to look
at from both a revenue and a PR perspective. For firms who are happy to stay
just ahead of the curve, it will most likely be several years before legal
chatbots become popular enough to become a serious consideration.
How Chatbots will Change the Legal
Whilst widespread implementation may not be
immanent, it is very likely to occur at some point. When it does, it will
change both the legal industry and the makeup of individual law firms.
Automating the basic level of client
interactions firstly requires a different fee structure. Clients will
presumably pay either a regular subscription or a fee per interaction. Either
way, this fee will likely be smaller than the fee clients currently pay for a
Law firms will therefore need to create
revenue on the chatbot via increased volume – both within individual clients,
who may use additional services when the cost is lower, and being able to
support a much higher volume of clients. If a reasonable portion of those
clients convert to paid projects with human lawyers, then law firms can
increase revenue rapidly and effectively. Successful firms could grow rapidly
with a relatively small increase in headcount.
The rise of chatbots will change the
dynamics within businesses. Whilst lawyers will be needed for the content,
non-lawyer staff including technical teams, marketers and business developers
will increase. As multiple firms develop chatbots, differentiating via
marketing and other means will become more important and will increasingly
direct business strategy.
Lawyers’ workloads will also change, with a
focus on higher value work that cannot be completed by the chatbot. The level
of change will depend on the area of law and client base, with some areas
almost untouched and some having a significant percentage of their previous
workload handled by a chatbot.
Chatbots, however, will not replace human
lawyers in the short term, and are unlikely to in the long term. A similar
comparison is e-discovery platforms – which reduce hours of time spent
reviewing documents, but in no way reduce the need for litigation lawyers who
interpret the data, represent clients in and out of court and negotiate
settlements. For as long as individuals look to achieve their goals and protect
their interests through legal means, they will need human lawyers to support
One concern is that chatbots will reduce
the number of positions for individuals completing those more manual,
repetitive tasks. Some of those are positions that would be filled by recent
law graduates and associates – which could lead to a shortage of experienced
lawyers further down the line. The legal industry will have to be mindful of
this in order to avoid a talent shortage and find ways to move junior lawyers
onto higher value work more rapidly.
At this moment in time, legal chatbots are
an opportunity, but are unlikely to be a threat. They are an opportunity for
those who want to expand legal access to those would currently be
unrepresented. They are also an opportunity for law firms who want to become
the early adopters of this technology, and to drive a new type of business
model that could bring new types of revenue.
For law firms who are happy to continue
with their current operations, legal chatbots are unlikely to be a significant
business threat in the near future. Law firm owners can keep an eye on this
technology, and consider it again when early adoption has started to become
Finally, unless you are a lawyer who deals
solely in parking fines or standard NDAs, the ‘robot lawyers’ are unlikely to
be coming for your job any time soon!
On 8th January 2019 in Dublin, Ireland, it was reported that a law firm lost €97,000 in a cyber scam after the hackers intercepted an email between the solicitor and their bookkeeper and changed the bank details for a payment. It was shared with the newspapers by the Law Society, who wanted to warn other law firms about the risks and kept the firm’s name anonymous.
On 15th January 2019 in Kingaroy, Australia, it was reported that a law firm lost $148,554.11 of client money after a wire transfer to a fake account. It was shared with the newspapers by the angry client and the firm has since ceased trading.
These are just the first two published stories of 2019 –
there will certainly be more, many which are never brought to public attention.
Why Is the Legal Industry at Risk?
Due to the nature of legal work, even sole practitioners can
be processing five-figure or higher payments and sensitive personal data.
Cyber-criminals want both of those things and will proactively target law firms
to get them.
Whilst enterprise firms will offer a larger prize to
successful criminals, smaller firms are often less protected. This is why
smaller firms as well as large are being targeted, and business owners cannot
assume that they are too small to be actively targeted.
In 2016, QBE reported that $120 million had been stolen from
law firms by cybercriminals in the previous 18 months. With the overall global
cost of cybercrime now rising to $600 billion per year it is unlikely that this
figure will decrease any time soon.
On another note, whilst most law firms will not have breaches on the scale of the Panama Papers, a loss of trust when client information is stolen can be fatal to the future of small and large firms.
Cybersecurity is not something that should be left to the IT staff – it is a matter of business survival and Managing Partners need to take the lead in ensuring their firm is safe.
What Can I Really Do? Even IT Firms
The truth is that there is no 100% fool-proof way of preventing cybercrime. However, there are plenty of things you can do to reduce your chances of being a victim. It’s not so different from physical security – locks and an alarm cannot prevent your house from being robbed 100% of the time, but locks and an alarm are undoubtedly better than just locks, or nothing at all.
The following steps are not a comprehensive plan for IT
security – every business has different IT system weak points and your plan
should be tailored to your company by a professional.
However, there are practical steps that all business owners can
and should be following today:
Don’t leave your cybersecurity to the IT people
Law firm owners are not IT specialists and hiring either an
outsourced supplier or IT Manager, depending on the size of a business, is a
good idea. However, a business owner’s responsibility does not stop there.
“When we first engage
with law firm owners, many of them cannot answer basic questions about their IT
set-up and what protections are in place,” said eXpd8’s Shane Branagan, who
specialises in IT managed services for law firms. “They hire an IT specialist
and then just pay the bills. This lack of oversight leaves firms dangerously
vulnerable, and if the worst happens it is the firm and not the IT supplier who
will bear ultimate responsibility.”
Law firm owners are
not IT specialists, and they do not need to be – however, they do need to
understand enough of the basics to have an overview of what is needed and to
interrogate any suggestions made by an IT supplier or manager. IT security
should be discussed at board and management team level.
The good news is that learning about basic cybersecurity has
never been easier. Most country-level Law Societies will have resources to get
you started, there are plenty of articles on the internet and many
cybersecurity companies offer free webinars that will go into topics in more
To get you started, here is eXpd8’s checklist of the basic
protections every business should have:
Email spam filter
Watch Out for Passwords
Passwords are a tricky area, and there’s plenty of
conflicting advice on best practice. However, whilst IT security experts are
arguing over password managers and the optimum number of passwords per person,
many law firm owners leave big holes in their security by not following some
Don’t use the same password(s) for your personal and work accounts. Breaches on e-commerce and other sites happen all the time – don’t let them affect your business.
Don’t use a password someone can guess. Your children’s names, birthdays, the road you live/ have lived on? Hackers don’t need malware when you use such easy to guess information.
Use two factor authentication on applications with sensitive data. Two factor authentication feels like an inconvenience but is highly effective. Shane Branagan from eXpd8 said that he found it was one of the first thing firms implemented after a data breach to increase security. Be ahead of the curve and implement now!
Keep Your Programmes Up To Date
Do you remember the WannaCry ransomware attack in May 2017
that affected more than 200,000 computers in 150 countries? This was an issue
that had been identified, a solution found and an update released. The attack
affected those who had not downloaded the relevant Windows update.
Cyber threats are ever evolving, and most ‘new features’
updates also include new protections against recently identified threats. Making
sure that your applications are up to date helps the software providers to keep
Make Sure Your Employees Know What a Suspicious Email Looks Like
Cyber-security training for employees is recommended by all
IT security professionals and all businesses should give their employees
regular and comprehensive cyber-security training.
Yet in a sample survey, Eset found that only 17% of employees surveyed had received ‘a lot’ of cyber security training, and 33% had received none at all.
The advice of this article is to do as much cyber security
training with your team as possible. However, if you have limited time and
resources then the best place to start is training on email security. Email is
one of the key intersections between people and technology and email scams are
getting more sophisticated and more frequent.
Do your employees know the key signs of phishing? Have they
heard of CEO fraud? Do they know what to do if they receive an email with a potentially
suspicious link? Do they know how to identify a spoofed email address?
Unless you can answer a confident yes to all these questions
you need to arrange some training. It doesn’t have to be expensive – there are
plenty of free online courses, or training platforms you can sign up to for a
I’m Following All of Your Tips – What
As described before, the legal industry is a particular
target of scammers due to the combination of sensitive personal data collection
and their processing of large sums of money. This means that of course you need
to invest to make your business as safe as possible – and consult with
professionals on a comprehensive plan. You also need to be prepared for if the
worst does happen.
If you have business within the EU, data breaches must be reported within 72 hours. If this happens, you want to be 100% focussed on resolving the data breach and minimising your exposure rather than splitting your attention between the data breach itself and learning about how to report it. Even if you operate outside of the EU, you will still need a plan to communicate with clients promptly whilst resolving the issue.
Larger organisations will need to do more complex
preparations and involve IT providers and internal staff within the planning.
All organisations, no matter the size, should at a minimum have read the
reporting guidelines for their country, put together a template for themselves
to fill in and assigned internal roles in case of a breach. The 72 hour
reporting requirement includes weekends, so you should also think about what
happens if the breach is noticed between Thursday and Sunday.
‘Cybersecurity war games’ but are a useful way of testing
your plans and making sure that there aren’t any gaps that you’ve missed. For
larger firms, hire a specialist to make sure tests are comprehensive and catch
anything your internal staff have missed. For smaller firms, you can identify a
scenario and run it to its conclusion without needing consultants or a big
In conclusion, whilst the threats are significant and ever
growing, there is plenty that law firms both large and small can do to protect
against these threats and to prepare for if the worst does happen. Lawyers have
a responsibility to protect their client data and funds to the best of their
ability and this means taking a proactive approach to cybersecurity rather than
just hoping for the best.
Get in touch
Tell us a little about yourself and we'll be in touch