Government May Compel Disclosure of Encryption Passwords in Pennsylvania

The Pennsylvania Superior Court issued another troubling, computer-related opinion in late November 2017. Commonwealth v. Davis holds that the Pennsylvania government can compel an individual to disclose a computer password for an encrypted computer. Commonwealth v. Davis, 2017 PA Super 376 (Nov. 30,…

Read More

Attorney Brown Receives Cybersecurity Technical Certification

Attorney Shannon Brown passed the new, performance-based, CompTIA Security+™ certification exam on September 16, 2014. CompTIA Security+™ certification provides an industry-recognized method to objectively demonstrate technical skills in computer security, data security, or cybersecurity. The new cybersecurity certification is believed to be a first for an attorney in Pennsylvania. The…

Read More

Cybersecurity Basics for Pennsylvania Law Firms

Most Pennsylvania law firms either misunderstand cybersecurity [computer and network security] or significantly underestimate the threat of data breaches at law firms. Successful “hacks” can result in the loss of client confidential data or even losses of escrow funds. Considering the November 2013 updates to the…

Read More

Attorney Brown Completes Malware Course

Not many lawyers engage in malware analysis and issues. But malware poses a formidable and emerging challenge for companies, businesses, organizations, and individuals who face cybersecurity threats, cybercrime,  cyber-espionage, identity theft, and data breaches. Attorney Shannon Brown recently completed a six week, online, graduate-level course in malware entitled Malicious Software and its Underground Economy: Two Sides to Every Story. The course covered current and emerging trends in malware including traditional malware, mobile device malware, and sophisticated malware obfuscation techniques. The course also provided lessons in detecting malware (malare is far more sophisticated than most realize) and decompiling malware using decompilation tools and machine code analysis (Attorney Brown has a significant background in computer programming and systems analysis aiding in this exercise).

Read More

Invited to Present at a National, Legal-Technology-Ethics Program

Attorney Shannon Brown was invited to present on emerging technology-ethics issues for a nationally broadcast ethics program. The program, entitled Legal Ethics and Technology: Complying With Changes to the Model Rules of Professional Conduct, will explore topics such as the ABA 20/20 Commission Model Rule updates related to technology, cloud computing, and encryption.

Read More

Statements of Accomplishment for Natural Language Processing and Cryptography Coursework

Attorney Shannon Brown received two, Statements of Accomplishment for completing courses in 1) Natural Language Processing and 2) Cryptography. Coursera offers the challenging, non-credit courses which are taught by Stanford University Professors. According to data released by the Natural Language Processing professors, only about 3% of students received a Statement of Accomplishment for that course.

Read More

CALI’s Topics in Digital Legal Practice Completed

Attorney Shannon Brown completed the nine-week Topics in Digital Legal Practice course offered by CALI. The non-credit, online course (MOOC) covered emerging topics such as Virtual Law Offices, Document Automation, Un-bundled Legal Services, and Social Media. The primary take-away was: the legal profession has changed significantly due to technology innovations.

Read More

Decrypting Encryption for Pennsylvania Lawyers: Understanding Encryption Basics Before Considering Cloud Computing

Pennsylvania Lawyers Should Understand the Basics of Common Encryption Algorithms Before Engaging in Cloud Computing

You are considering cloud computing. The cloud provider ad reads:
Your cloud data is protected with military-grade, 256 bit, AES encryption.
“Wow!,” you think. Military grade. Sounds impressive. That must be good [enough]. But ….

Read More

Attorney Brown Continuing Education

In October, Attorney Brown returns to class by taking three, technology-related, non-credit courses:

Introduction to Machine Learning,
Introduction to Databases, and
Introduction to Artificial Intelligence.

Read More

Navigating the Fog of Cloud Computing

Cloud computing may raise ethical questions. It also requires technical competence. Are you ready?
Published as: Shannon Brown, Navigating the Fog of Cloud Computing, The Pennsylvania Lawyer 18–22 (Sept./Oct. 2011).

Read More

S/MIME Encrypted Email Available

Attorney Brown now offers an additional method for client’s to encrypt emails sent to Attorney Brown and for Attorney Brown to authenticate emails.

Read More

An Unofficial Quick Guide to Installing a VeriSign Digital ID (S/MIME Certificate) for Lawyers

Installing an email encryption S/MIME (SMIME) certificate on Mozilla Thunderbird and Mozilla Firefox is simple. However, the instructions provided by Verisign (as of August 2011) do not appear to address newer versions of Mozilla products (circa 5.0+) and can be frustrating for a novice user.

Read More

Hiatus Explained—Technology & Ethics CLE Pending

For the past few weeks, Attorney Brown took a brief hiatus from blogging and website articles to prepare for a forthcoming Legal Ethics & Technology CLE. Attorney Brown is scheduled to deliver the CLE at the Lancaster Bar Association on September 9, 2011. The CLE will address (as time permits) emerging issues for lawyers related to technology

Read More

Attorney Brown Attends Sessions of “Cloud Computing: Securely Moving From the Fringes to the Mainstream”

On June 22, 2011, Attorney Brown attended sessions of the online seminar entitled “Cloud Computing: Securely Moving From the Fringes to the Mainstream.” Sessions addressed the technical and business challenges arising from cloud computing

Read More

New, Active-controller Hard Drive Technologies Pose Challenges and Benefits

Toshiba plans a new line of hard drives that self-encrypt data and automatically wipe the drive (delete data) if the drive is removed. [FN1] A smart controller embedded in the hard drive provides the self-encryption and wiping capabilities. These new technologies pose potential challenges to lawyers (e-Discovery and digital forensics) and may provide benefits such as additional data encryption options to protect client data.

Read More

Cloud Computing: Who Holds the Encryption Keys? [And Why It May Matter to Lawyers]

General cloud-provider statements simply indicating that the cloud-based data is encrypted might not be adequate protection for a lawyer’s data. The lawyer should also know 1) when the data is encrypted and 2) who holds the encryption key(s). (See my prior article entitled Storing Files in the Cloud: Storage-as-a-Service for Lawyers—Encryption.)

Read More

Avoiding Being “Bit”ten: Bandwidth Issues With Cloud Computing Backups

As attorneys consider using cloud computing for file backup, the time required to restore files after a disaster may [unpleasantly] surprise a law firm. Backups in cloud storage may take days to download depending on the speed of the internet connection and the amount of data. Anticipating the potential download times, and creating a plan, may help a law firm to avoid unexpected problems should a disaster occur. (And confirms that off-site cloud storage should be combined with local backups to minimize down-time and law firm disruption in the event of a catastrophic data loss.)

Read More

Basic Email Encryption and Authentication for Lawyers

Some compare email to sending a post card via postal mail. As an open format, standard email is potentially readable by any intervening person. Encrypting email provides some privacy and confidentiality protection by obscuring the text of the email. Encryption uses a computer algorithm to transform the plain text email into an encrypted email. Perhaps surprisingly, many email clients (MS Outlook, Thunderbird, etc.) include at least one form of built-in email encryption. Furthermore, email encryption tools can also serve as an “authenticating signature” and confirms the message’s origin—this email came from A.

Read More