📰 ABA TECHSHOW 2026 Recap: From AI Hype to LLM Reality, Google Workspace, and Ethical Lawyering in the Age of Bots ⚖️🤖

/ The Tech-Savvy Lawyer.Page/

The Real Story Behind ABA TECHSHOW 2026

The techshow is the conference to go to keep your pulse on the technology lawyers should be using every day!

Walking into ABA TECHSHOW 2026 this year, I wasn’t thinking about shiny gadgets; I was thinking about competence, client service, and what it will mean to practice law in an era dominated not just by “AI,” but by large language models (LLMs) quietly shaping almost everything we see and share online. During my work on The Tech-Savvy Lawyer.Page blog and podcast, I keep running into the same pattern: lawyers know they should understand legal technology, yet they worry they’ll break something, breach a rule, or look foolish in front of their staff. TECHSHOW 2026 aimed directly at that anxiety — but this year, the conversation needs to go beyond what AI and generative AI can do and toward how LLMs and search bots are already shaping our professional identities online and offline. ⚖️💻

Keynotes: The “AI Dividend” and Your Time

The keynote lineup captured the tension between promise and risk. Legal market analysts highlighted what some called the “AI Dividend”: when machines take over routine drafting and research, lawyers gain time to think, advise, and advocate at a higher level. The real question — one I’ve been hammering on The Tech-Savvy Lawyer.Page for years — is what you will do with the time technology gives back (some of that time should include reviewing your work, e.g., your case citations). Tech-savvy speakers pushed attendees to look past vendor hype and focus on the broader digital environment, where consumer-facing tools, search engines, and recommendation algorithms are setting new expectations for speed, transparency, and availability.

Practical AI in the Sessions

Inside the conference rooms, the “Taming the Machines” and related AI tracks met baseline concerns (some with hands-on workshops) focused on realistic use cases: assisted drafting, pattern spotting in discovery, and summarizing voluminous documents. These sessions were built for lawyers who live in Word, Outlook, Google Workspace, and practice management systems and who simply want to stop retyping the same paragraphs. The faculty hammered home a critical point: generative AI is an assistant, not a decision-maker; you remain the lawyer, responsible for accuracy, judgment, and ethics under the ABA Model Rules. 🤖📄

Google Workspace, Microsoft 365, and Using What You Already Own

Mathew Krebis’ session on Google Workspace drove that message home in very practical terms. He showed how many firms are only scratching the surface of tools they already pay for: shared Drives with well-structured permissions, real-time collaboration in Google Docs, Gmail automation for intake and follow-up, and Google Calendar combined with Tasks to keep matter timelines under control. When you layer in emerging AI features in Workspace — smart replies, document summaries, suggested outlines — you see how even modest use of these tools can dramatically reduce friction in daily practice, and the tools Mathew discussed are not isolated to “law practice management” systems.

The takeaway was powerful: before you chase a new platform, fully exploit the ecosystem you already have. For many firms, “being more tech-savvy” starts with properly configuring their Google Workspace, Microsoft 365, or other SaaS platform, rather than buying yet another service.

Podcasting, Social Media, and LLM-Driven Visibility

Meanwhile, one other yet important frontier — and one that still feels underexplored — is what happens when LLMs and search bots become the primary lens through which clients, colleagues, and even opposing counsel discover you. That’s where my panel, 🎧 Podcasting for Lawyers: The Truth Behind the Mic, came in.

Ruby L. Powers, Gyi Tsakalakis, Stephanie Everett, and I discussed podcasting and social media not just as marketing channels, but as structured signals fed into LLM-driven engines that are constantly indexing, ranking, and inferring who is an authority on a given topic. Whether you talk about appellate practice, family law, or even a hobby outside the law, your content becomes training data for Generative Engine Optimization/LLM bots that decide which voices surface first when someone types a question into an AI chatbox. 🎙️🌐

In other words, your digital footprint is no longer static. It is being interpreted, reassembled, and presented as answers — often without you ever seeing the intermediate steps. That reality raises a new layer of ethical questions under the ABA Model Rules. Model Rule 7.1’s prohibition on false or misleading communications about the lawyer or the lawyer’s services takes on a new twist when LLMs remix snippets of your posts, podcasts, Google Workspace–hosted client alerts, and blog articles into composite “advice.”

You might be scrupulously accurate in your content, but if an LLM mischaracterizes it or presents it out of context, what then? TECHSHOW 2026 addressed traditional risks like hallucinated case citations, but there is room for a deeper, explicit conversation about how LLM-driven discovery intersects with advertising, communication, and competence duties.

EXPO Hall: Tools, Timekeeping, and Vendor Reality Checks

The EXPO Hall, as always, served as a laboratory of possibilities. Practice management platforms, billing tools, document automation, and a wave of AI-enhanced products competed for attention. Timekeeping tools that automatically capture activity across devices and applications and then propose draft time entries have grown dramatically since last year. For lawyers still reconstructing their days from memory and sticky notes, this is more than a marginal upgrade; it directly affects revenue, work-life balance, and accuracy.

But the fair warning comes here: make sure vendors are showing you what their product can do today, not what they hope it will do someday. In the LLM era, marketing decks are often several steps ahead of deployed reality. 🧾⏱️

Remember, you have an obligation under Model Rule 1.1 (competence) and Model Rule 5.3 (responsibilities regarding non-lawyer assistance) to understand the capabilities and limitations of any tech you “delegate” work to. Asking hard questions about current functionality, data handling, and audit trails is not being difficult; it is part of your duty of care.

Cybersecurity, Confidentiality, and LLM Risk

networking oppOrtunities like the taste of tecHshow” is a great way to talk with and learn from other lawyers about using tech in the practice of law.

The sessions on cybersecurity and confidentiality continued to do vital work. Under Model Rule 1.6, our obligation to protect client information extends to cloud storage, email, video conferencing, and the mobile devices we casually use in airport lounges. The “Guardians of the Data” track walked through practical checklists rather than abstract fearmongering: password managers, multi-factor authentication, properly configured backups, and vendor due diligence.

For firms running on Google Workspace, that translated into concrete steps: enforcing two-step verification, tightening Drive sharing settings, using client-specific shared Drives instead of ad hoc personal folders, and monitoring admin logs for suspicious access. The move from generic “AI” to LLM-powered services on any platform increases data risk, because many tools rely on ingesting your content — sometimes including client information — to improve their models. If you don’t understand where your data is going and how it is used, you cannot credibly say you are meeting confidentiality obligations. 🔐☁️

Competence, Human-in-the-Loop, and Everyday Workflows

You have an obligation under Model Rule 1.1 (competence) and Model Rule 5.3 (responsibilities regarding non-lawyer assistance) to understand the capabilities and limitations of any tech you “delegate” work to. Asking hard questions about current functionality, data handling, and audit trails is part of your duty of care.

Balancing this skepticism, though, is an equally important truth: becoming proficient with AI and LLM-based tools is not a spectator sport. You cannot satisfy your duty of technological competence from the sidelines. You have to use the tools first on a small scale, then progressively in more critical workflows, always with appropriate supervision and verification.

That might mean piloting an AI drafting feature in Google Docs and Microsoft Word for internal templates, or testing structured intake forms and automations inside Google Workspace or Microsoft 365 before rolling them out firm-wide. Ignoring AI because it feels uncomfortable is no longer the safer option. In some practices, failing to integrate it intelligently — while peers and opposing counsel do — may itself raise competence concerns as expectations evolve in courts and among clients. 🧩📈

Saturday Sessions: From “Use AI” to “Use AI Responsibly”

On Saturday, the 9 a.m. conversation among ABA President Michelle A. Behnke, Immediate Past President William R. “Bill” Bay, and President-Elect Barbara J. Howard, underscored how all of this ties into the rule of law and access to justice, framing AI as something lawyers now have a responsibility to actually use, not simply watch from the sidelines. The 10 a.m. session with Judge Timothy S. Driscoll then shifted the focus from “use AI or be left behind” to “use AI responsibly,” making it clear that judges, too, are integrating AI into their work and that they are not immune from mistakes when they rely on it.

The message for everyone in the courtroom ecosystem was simple and blunt: “Review, review, and review” any work touched by AI, because AI is a non‑infallible tool that does make errors and can mislead the unwary. Together, these sessions acknowledged the growing digital divide: lawyers and clients who can’t or won’t adopt technology risk falling out of the mainstream of legal services, while those who adopt it recklessly risk eroding confidence in both their own work and the justice system as a whole.

We are not merely debating convenience; we are deciding who gets effective representation and who is left out because the lawyer they might have hired never appeared in their LLM‑driven search results — or appeared with AI‑boosted visibility but poor ethical judgment. Technology, in this sense, is not optional; it is one of the few levers we have to expand meaningful access to legal help, provided we wield it with intent, humility, and rigorous human review. ⚖️🧠

LLM Literacy: The Next Core Competency

That balance — between caution and experimentation — is where TECHSHOW 2026 both excelled and showed its next frontier. Many sessions made AI approachable, breaking down concepts for lawyers with limited to moderate tech skills and providing concrete workflows they could apply on Monday. What I would like to see more explicitly next year is programming that treats LLM literacy as a core competency: understanding how LLMs are built, how they index and surface information, how your content feeds into them, and how that affects everything from client intake to reputation, whether you are working in Microsoft 365, Google Workspace, or a specialized legal platform.

From my vantage point as a legal tech ambassador at The Tech-Savvy Lawyer, the most successful sessions respected that many lawyers are highly capable professionals who simply haven’t had the time or guidance to modernize their workflows. They don’t need to become prompt engineers. They need guardrails, roadmaps, and clear examples of how to align AI, LLM tools, and mainstream platforms like Microsoft 365 and Google Workspace with the ABA Model Rules and local bar guidance. When faculty focused on incremental steps — tightening cybersecurity configurations, adding a layer of AI-assisted drafting under strict human review, building a consistent content strategy that LLMs can reliably recognize — the room should lead in.

A Tough-Love Takeaway for Lawyers

If you are a lawyer who still feels behind, here’s the core message I took away from TECHSHOW 2026, with a bit of tough love: you don’t need to chase every new tool, but you can’t afford to ignore LLM-driven AI and the platforms you already live in, like Microsoft 365 and Google Workspace, any longer. Understand the basics; pilot one or two well-vetted tools to start improving your efficiency without sacrificing the need for a true human-in-the-loop.

SEE YOU IN CHICAGO FOR ABA TECHSHOW 2027!!!

Read your jurisdiction’s ethics opinions on AI and technology. Build habits that protect client data by default. Use your own content — whether blog posts, newsletters, or podcasts — to train the bots to see you as a trusted authority rather than a digital afterthought. Ultimately, your bar license may be at more risk from not engaging with AI than from engaging with it carefully and intelligently.

The future of legal practice will not wait until we are all comfortable; it is here now, embedded in the search boxes, recommendation engines, and tools your clients already use. TECHSHOW 2026 made that clear. The next move is yours. 🚀⚖️

MTC

ANNOUNCEMENT: My Book, “The Lawyer’s Guide to Podcasting,” is Amazon #1 New Release (Law Office Technology)

/ The Tech-Savvy Lawyer.Page/

I’m excited to report that The Lawyer’s Guide to Podcasting ranked #1 as a New Release in Amazon’s Law Office Technology category for the week of February 07, 2026, and sales have already doubled since last month. 🎙️📈

For lawyers with limited-to-moderate tech skills, the book focuses on practical, repeatable workflows for launching and sustaining a compliant podcast presence. ⚖️💡

As you plan content, remember ABA Model Rule 1.1 (technology competence) and the related duties of confidentiality (Rule 1.6) and communications about services (Rule 7.1): use secure tools, avoid accidental client disclosures, and ensure marketing statements are accurate. 🔐✅

Get your copy today! 📘🚀

 
 
amazon link

TSL.P Labs 🧪: Legal Tech Wars, Client Data, and Your Law License: An AI-Powered Ethics Deep Dive ⚖️🤖

/ The Tech-Savvy Lawyer.Page/

📌 To Busy to Read This Week’s Editorial?

Join us for an AI-powered deep dive into the ethical challenges facing legal professionals in the age of generative AI. 🤖 In this Tech-Savvy Lawyer Page Labs Initiative episode, AI co-hosts walk through how high‑profile “legal tech wars” between practice‑management vendors and AI research startups can push your client data into the litigation spotlight and create real ethics exposure under ABA Model Rules 1.1, 1.6, and 5.3.

We’ll explore what happens when core platforms face federal lawsuits, why discovery and forensic audits can put confidential matters in front of third parties, and how API lockdowns, stalled product roadmaps, and forced sales can grind your practice operations to a halt. More importantly, you’ll get a clear five‑step action plan—inventorying your tech stack, confirming data‑export rights, mapping backup providers, documenting diligence, and communicating with clients—that works even if you consider yourself “moderately tech‑savvy” at best.

Whether you’re a solo, a small‑firm practitioner, in‑house, or simply AI‑curious, this conversation will help you evaluate whether you are the supervisor of your legal tech—or its hostage. 🔐

👉 Listen now and decide: are you supervising your legal tech—or are you its hostage?

In our conversation, we cover the following

  • 00:00:00 – Setting the stage: Legal tech wars, “Godzilla vs. Kong,” and why vendor lawsuits are not just Silicon Valley drama for spectators.

  • 00:01:00 – Introducing the Tech-Savvy Lawyer Page Labs Initiative and the use of AI-generated discussions to stress-test legal tech ethics in real-world scenarios.

  • 00:02:00 – Who’s fighting and why it matters: Clio as the “nervous system” of many firms versus Alexi as the “brainy intern” of AI legal research.

  • 00:03:00 – The client data crossfire: How disputes over data access and training AI tools turn your routine practice data into high-stakes litigation evidence.

  • 00:04:00 – Allegations in the Clio–Alexi dispute, from improper data access to claims of anti-competitive gatekeeping of legal industry data.

  • 00:05:00 – Visualizing risk: Client files as sandcastles on a shelled beach and why this reframes vendor fights as ethics issues, not IT gossip.

  • 00:06:00 – ABA Model Rule 1.1 (Competence): What “technology competence” really entails and why ignorance of vendor instability is no longer defensible.

  • 00:07:00 – Continuity planning as competence: Injunctions, frozen servers, vendor shutdowns, and how missed deadlines can become malpractice.

  • 00:08:00 – ABA Model Rule 1.6 (Confidentiality): The “danger zone” of treating the cloud like a bank vault and misunderstanding who really holds the key.

  • 00:09:00 – Discovery risk explained: Forensic audits, third‑party access, protective orders that fail, and the cascading impact on client secrets.

  • 00:10:00 – Data‑export rights as your “escape hatch”: Why “usable formats” (CSV, PDF) matter more than bare contractual promises.

  • 00:11:00 – Practical homework: Testing whether you can actually export your case list today, not during a crisis.

  • 00:12:00 – ABA Model Rule 5.3 (Supervision): Treating software vendors like non‑lawyer assistants you actively supervise rather than passive utilities.

  • 00:13:00 – Asking better questions: Uptime, security posture, and whether your vendor is using your data in its own defense.

  • 00:14:00 – Operational friction: Rising subscription costs, API lockdowns, broken integrations, and the return of manual copy‑pasting.

  • 00:15:00 – Vaporware and stalled product roadmaps: How litigation diverts engineering resources away from features you are counting on.

  • 00:16:00 – Forced sales and 30‑day shutdown notices: Data‑migration nightmares under pressure and why waiting is the riskiest strategy.

  • 00:17:00 – The five‑step moderate‑tech action plan: Inventory dependencies, review contracts, map contingencies, document diligence, and communicate with nuance.

  • 00:18:00 – Turning risk management into a client‑facing strength and part of your value story in pitches and ongoing relationships.

  • 00:19:00 – Reframing legal tech tools as members of your legal team rather than invisible utilities.

  • 00:20:00 – “Supervisor or hostage?”: The closing challenge to check your contracts, your data‑export rights, and your practical ability to “fire” a vendor.

Resources

Mentioned in the episode

Software & Cloud Services mentioned in the conversation

#LegalTech #AIinLaw #LegalEthics #Cybersecurity #LawPracticeManagement

🎙️ TSL Labs! Google AI Discussion of MTC: 🚨‼️ Emergency BOLO! 🚨‼️ Lawyers on the Go: Essential Tech Strategies for Air Travel During the Government Shutdown ✈️

/ The Tech-Savvy Lawyer.Page/

📌 Too Busy to Read This Week's Editorial?

Join us for an emergency professional deep dive into essential tech strategies for air travel during government shutdowns and travel disruptions. 🛫 This AI-powered roundtable unpacks Michael D.J. Eisenberg's critical editorial with actionable intelligence on real-time flight tracking, data security protocols, connectivity redundancy, and power management. Whether you're a legal professional navigating travel chaos or anyone managing disruptions during system-wide stress, discover how to transform from reactive scrambling to proactive control—turning travel crises into manageable projects you command. Learn the five professional-grade rules that separate those who navigate disruptions from those who get derailed.

In our conversation, we cover the following:

  • 00:00:00 – Introduction: Welcome to Tech Savvy Lawyer Labs Emergency BOLO

  • 00:01:00 – Travel Chaos as the New Normal: System Volatility & Professional Vulnerability

  • 00:02:00 – Flight Schedule Control: The Illusion & Reality of Travel Disruptions

  • 00:02:00 – Extreme Volatility in Air Travel: Cascading Flight Cancellations & Customer Service Chaos

  • 00:02:00 – Real-Time Flight Tracking Strategy: Flightradar24 & FlightAware Intelligence Systems

  • 00:02:00 – Backup Flight Monitoring: Multi-Carrier Surveillance Strategy (Delta, United, American)

  • 00:03:00 – Proactive Intelligence vs. Reactive Response: One-Hour Lead Time Advantage

  • 00:03:00 – Early Rebooking Strategy: First and Second Choice Flight Selection

  • 00:03:00 – Trusted Traveler Programs: TSA PreCheck & Time Investment ROI

  • 00:03:00 – TSA PreCheck Value: $78 for Five Years & Security Line Efficiency

  • 00:03:00 – Global Entry: $100 for Five Years with International Customs Acceleration

  • 00:04:00 – Trusted Traveler Planning: Background Checks, Interviews & Months-Ahead Application

  • 00:04:00 – Public WiFi Malpractice Alert: Data Security & Vulnerability Assessment

  • 00:04:00 – Personal Mobile Hotspot: Cellular Encryption Over Public Networks

  • 00:05:00 – Dual Carrier Coverage: eSIM Technology & Connectivity Insurance

  • 00:05:00 – Dual SIM Implementation: T-Mobile & Verizon Redundancy Strategy Without Two Phones

  • 00:05:00 – eSIM Digital Technology: Two Active Lines on One Device

  • 00:05:00 – Prepaid Data Plan Strategy: Coffee-Price Monthly Cost for Connectivity Backup

  • 00:06:00 – VPN Non-Negotiables: Encrypted Tunnel & Automatic Connection Protocol

  • 00:06:00 – VPN Automatic Startup: Device Initialization & All-Device Coverage (Phone, Tablet, Laptop)

  • 00:06:00 – International Travel Security: VPN Encryption & Surveillance Protection

  • 00:07:00 – TSA-Approved Power Banks: 100 Watt-Hour Specifications & 27,000 mAh Ceiling

  • 00:07:00 – Laptop Charging: 100-Watt USB-C Power Bank Requirements (MacBook Pro)

  • 00:07:00 – Multi-Device Charging: Simultaneous Laptop, Phone & Tablet Power Delivery

  • 00:07:00 – Smart Power Display: Charging Speed Monitoring & Juice Rationing

  • 00:07:00 – Surge Protector Safety: Airport Outlet Protection & Device Insurance

  • 00:08:00 – Airport Lounges: Priority Pass Access & Productivity Sanctuaries (1,300+ Worldwide)

  • 00:08:00 – Travel Credit Card Benefits: Complimentary Lounge Visits Strategy

  • 00:08:00 – Conference Call Chaos: Professional Communication Environment Solutions

  • 00:08:00 – Noise-Canceling Headphones: Sony XM5 & Bose QuietComfort Professional Focus

  • 00:08:00 – Battery Life Requirements: 30-40 Hour Endurance for Extended Delays

  • 00:09:00 – Offline Access Mandate: Pre-Departure Critical File Downloads

  • 00:09:00 – Six-Hour Offline Capability: Zero-Connectivity Work Strategy

  • 00:09:00 – Adobe Scan App: OCR Technology & Mobile Document Management

  • 00:10:00 – Adobe Ecosystem Syncing: Cross-Device Workflow & E-Signature Integration

  • 00:10:00 – Apple Ecosystem Continuity: iPhone, iPad & MacBook Seamless Integration

  • 00:10:00 – FileVault Encryption & Face ID: Built-In Security Non-Negotiables

  • 00:11:00 – Five Professional-Grade Rules: Pre-Travel Checklist & Crisis Preparation

  • 00:11:00 – Rule One: Full Device Charge Before Departure

  • 00:11:00 – Rule Two: Offline Maps & Critical Files Downloaded Locally

  • 00:11:00 – Rule Three: Screenshot Everything (Boarding Passes, Hotel, Car Rental)

  • 00:11:00 – Rule Four: Distributed Charger Storage Across Multiple Bags for Backup Power

  • 00:11:00 – Rule Five: Share Itinerary with Emergency Contact

  • 00:11:00 – Post-Crisis Integration: Permanent Daily Workflow Implementation

  • 00:11:00 – The Bigger Question: Crisis Tools as Permanent Professional Standards

  • 00:12:00 – Transition to AI Ethics Discussion: Hidden AI Crisis in Legal Practice Teaser

  • 00:14:00 – Conclusion: Tech Savvy Lawyer Labs Roundtable Summary & Resources

Resources 📚

Mentioned in the episode:

Hardware mentioned in the conversation:

Software & Cloud Services mentioned in the conversation:

📖 Word ("Phrase") of the Week: Mobile Device Management: Essential Security for Today's Law Practice 📱🔒

/ The Tech-Savvy Lawyer.Page/

Mobile Device Management is an essential concept for lawyers.

Mobile Device Management (MDM) has become essential for law firms navigating today's mobile-first legal landscape. As attorneys increasingly access confidential client information from smartphones, tablets, and laptops outside traditional office settings, MDM technology provides the security framework necessary to protect sensitive data while enabling productive remote work.

Understanding MDM in Legal Practice

MDM refers to software that allows IT teams to remotely manage, secure, and support mobile devices used across an organization. For law firms, this technology provides centralized control to enforce password requirements, encrypt data, install security updates, locate devices, and remotely lock or wipe lost or stolen devices. These capabilities directly address the ethical obligations attorneys face under the ABA Model Rules of Professional Conduct.

Ethical Obligations Drive MDM Adoption

The legal profession faces unique ethical requirements regarding technology use. ABA Model Rule 1.1 requires lawyers to maintain technological competence, including understanding "the benefits and risks associated with relevant technology". Rule 1.6 mandates that lawyers "make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client".

ABA Formal Opinion 498 specifically addresses virtual practice considerations. The opinion cautions that lawyers should disable listening capabilities of smart speakers and virtual assistants while discussing client matters unless the technology assists the law practice. This guidance underscores the importance of thoughtful technology implementation in legal practice.

Core MDM Features for Law Firms

Device encryption forms the foundation of MDM security. All client data should be encrypted both in transit and at rest, with granular permissions determining who accesses specific information. Remote wipe capabilities allow immediate data deletion when devices are lost or stolen, preventing unauthorized access to sensitive case information.

Application management enables IT teams to control which applications can access firm resources. Maintaining an approved application list and regularly scanning for vulnerable or unauthorized applications reduces security risks. Containerization separates personal and professional data, ensuring client information remains isolated and secure even if the device is compromised.

Compliance and Monitoring Benefits

lawyers, do you know where your mobile devices are?

MDM solutions help law firms maintain compliance with ABA guidelines, state bar requirements, and privacy laws. The systems generate detailed logs and reports on device activity, which prove vital during audits or internal investigations. Continuous compliance monitoring ensures devices meet security standards while automated checks flag devices falling below required security levels.

Implementation Best Practices

Successful MDM implementation requires establishing clear policies outlining device eligibility, security requirements, and user responsibilities. Firms should enforce device enrollment and compliance, requiring all users to register devices before accessing sensitive systems. Multi-factor authentication enhances security for sensitive data access.

Regular training ensures staff understand security expectations and compliance requirements. Automated software updates and security patches keep devices protected against evolving threats. Role-based access controls prevent unauthorized access to corporate resources by assigning permissions based on job functions.

MDM technology has evolved from optional convenience to ethical necessity. Law firms that implement comprehensive MDM strategies protect client confidentiality, meet professional obligations, and maintain competitive advantage in an increasingly mobile legal marketplace.

Keep Your Practice Safe - Stay Tech Savvy!!!

MTC: London's iPhone Theft Crisis: Critical Mobile Device Security Lessons for Traveling Lawyers 📱⚖️

/ The Tech-Savvy Lawyer.Page/

lawyers can learn about cyber mobile security from the recent iphone thefts in london

Recent events in London should serve as a wake-up call for every legal professional who carries client data beyond the office walls. London police recently dismantled a sophisticated international theft ring responsible for smuggling approximately 40,000 stolen iPhones to China in just twelve months. This operation revealed thieves earning up to £300 per stolen device, with phones reselling overseas for as much as $5,000. With over 80,000 phones stolen in London last year alone, this crisis underscores critical vulnerabilities that lawyers must address when working remotely.

The sophistication of these operations is alarming. Criminals on electric bikes snatch phones from unsuspecting victims and immediately wrap devices in aluminum foil to block tracking signals. This industrial-scale crime demonstrates that our mobile devices—which contain privileged communications, case strategies, and confidential client data—are valuable targets for organized criminal networks operating globally.

Your Ethical Obligations Are Clear

ABA Model Rule 1.1 requires lawyers to maintain competence, including understanding "the benefits and risks associated with relevant technology". This duty of technological competence has been adopted by over 40 states and isn't optional—it's fundamental to ethical practice. Model Rule 1.6(c) mandates that lawyers "make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client".

When your phone disappears—whether through theft, loss, or border seizure—you face potential violations of these ethical duties. Recent data shows U.S. Customs and Border Protection searched 14,899 devices between April and June 2025, a 16.7% increase from previous surges. Lawyers traveling internationally face heightened risks, and a stolen or searched device can compromise attorney-client privilege instantly.

Essential Security Measures for Mobile Lawyers

Before leaving your office, implement these non-negotiable protections. Enable full-device encryption on all smartphones, tablets, and laptops. For iPhones, setting a passcode automatically enables encryption; Android users must manually activate this feature in security settings. Strong passwords matter—use alphanumeric combinations of at least 12 characters, avoiding easily guessed patterns.

lawyer need to know how to protect their client’s pii when crossing the boarder!

Two-factor authentication (2FA) adds critical protection layers. Even if someone obtains your password, 2FA requires secondary verification through your phone or authentication app. This simple step dramatically reduces unauthorized access risks. Configure remote wipe capabilities before traveling. If your device is stolen, you can erase all data remotely, protecting client information even when physical recovery is impossible.

Disable biometric authentication when traveling internationally. Face ID and fingerprint scanners can be used against you at borders where Fourth Amendment protections are diminished. Restart your device before crossing borders to force password-only access. Consider carrying a "clean" device for international travel, accessing files only through encrypted cloud storage rather than storing sensitive data locally.

Coffee Shops, Airports, and Public Spaces

Public Wi-Fi networks pose serious interception risks. Hackers create fake hotspots with legitimate-sounding names, capturing everything you transmit. As lawyers increasingly embrace cloud-based computing for their work, encryption when using public Wi-Fi becomes non-negotiable

Always use a trusted VPN (Virtual Private Network) when connecting to public networks. VPNs encrypt your internet traffic, preventing interception even on compromised networks. Alternatively, use your smartphone's personal hotspot rather than connecting to public Wi-Fi. Turn off file sharing on all mobile devices. Avoid accessing highly sensitive client files in public spaces altogether—save detailed case work for secure, private connections.

Physical security deserves equal attention. Visual privacy screens prevent shoulder surfing. Position yourself with your back to walls in coffee shops so others cannot observe your screen. Be alert to your surroundings and maintain physical control of devices at all times. Never leave laptops, tablets, or phones unattended, even briefly.

Border Crossings and International Travel

Lawyers crossing international borders face unique challenges. CBP policies permit extensive device searches within 100 miles of borders under the border search exception, significantly reducing Fourth Amendment protections. New York State Bar Association Ethics Opinion 2017-5 addresses lawyers' duties when traveling with client data across borders.

The reasonableness standard governs your obligations. Evaluate whether you truly need to bring confidential information across borders. If travel requires client data, bring only materials professionally necessary for your specific purpose. Consider these strategies: store files in encrypted cloud services rather than locally; use strong passwords and disable biometric authentication; carry your bar card to identify yourself as an attorney if questioned; identify which files contain privileged information before reaching the border.

If border agents demand device access, clearly state that you are an attorney and the device contains privileged client communications. Ask whether the request is optional or mandatory. If agents conduct a search, document what occurred and consider whether client notification is required under Rule 1.4. New York Rule 1.6 requires taking reasonable steps to prevent unauthorized disclosure, with heightened precautions necessary when government agencies are opposing parties.

Practical Implementation Today

Create firm policies addressing mobile device security. Require immediate reporting of lost or stolen devices. Implement Mobile Device Management (MDM) software to monitor, secure, and remotely wipe all connected devices. Conduct regular security awareness training covering email practices, phishing recognition, and social engineering tactics.

Develop an Incident Response Plan before breaches occur. Know which experts to contact, document cybersecurity policies, and establish notification protocols. Under various state laws and regulations like California Civil Code § 1.798.82 and HIPAA's Breach Notification Rule, lawyers may be legally required to notify clients of data breaches.

Lawyers are on the front line of cybersecurity when on the go!

Communicate with clients about security measures. Obtain informed consent regarding electronic communications and any security limitations. Some firms include these discussions in engagement letters, setting clear expectations about communication methods and encryption use.

Stay current with evolving threats. Subscribe to legal technology security bulletins. The Tech-Savvy Lawyer blog regularly covers mobile security issues, including recent coverage of the SlopAds malware campaign that compromised 224 Android applications on Google Play Store. Technology competence requires ongoing learning as threats and safeguards evolve.

The Bottom Line

The London iPhone theft crisis demonstrates that our devices are valuable targets for sophisticated criminal networks operating internationally. Every lawyer who works outside the office—whether at coffee shops, client meetings, or international destinations—must take mobile security seriously. Your ethical obligations under Model Rules 1.1 and 1.6 demand it. Your clients' confidential information depends on it. Your professional reputation requires it.

Implementing these security measures isn't complicated or expensive. Enable encryption. Use strong passwords and 2FA. Avoid public Wi-Fi or use VPNs. Disable biometrics when traveling. Maintain physical control of devices. These straightforward steps significantly reduce risks while allowing you to work effectively from anywhere.

The legal profession has embraced mobile technology's benefits—now we must address its risks with equal commitment. Don't wait for a theft, loss, or border seizure to prompt action. Protect your clients' confidential information today.

MTC

📖 Word of the Week: The Meaning of “Data Governance” and the Modern Law Practice - Your Essential Guide for 2025

/ The Tech-Savvy Lawyer.Page/

Understanding Data Governance: A Lawyer's Blueprint for Protecting Client Information and Meeting Ethical Obligations

Lawyers need to know about “DAta governance” and how it affects their practice of law.

Data governance has emerged as one of the most critical responsibilities facing legal professionals today. The digital transformation of legal practice brings tremendous efficiency gains but also creates significant risks to client confidentiality and attorney ethical obligations. Every email sent, document stored, and case file managed represents a potential vulnerability that requires careful oversight.

What Data Governance Means for Lawyers

Data governance encompasses the policies, procedures, and practices that ensure information is managed consistently and reliably throughout its lifecycle. For legal professionals, this means establishing clear frameworks for how client information is collected, stored, accessed, shared, retained, and ultimately deleted. The goal is straightforward: protect sensitive client data while maintaining the accessibility needed for effective representation.

The framework defines who can take which actions with specific data assets. It establishes ownership and stewardship responsibilities. It classifies information by sensitivity and criticality. Most importantly for attorneys, it ensures compliance with ethical rules while supporting operational efficiency.

The Ethical Imperative Under ABA Model Rules

The American Bar Association Model Rules of Professional Conduct create clear mandates for lawyers regarding technology and data management. These obligations serve as an excellent source of guidance regardless of whether your state has formally adopted specific technology competence requirements. BUT REMEMBER ALWAYS FOLLOW YOUR STATE’S ETHIC’S RULES FIRST!

Model Rule 1.1 addresses competence and was amended in 2012 to explicitly include technological competence. Comment 8 now requires lawyers to "keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology". This means attorneys must understand the data systems they use for client representation. Ignorance of technology is no longer acceptable.

Model Rule 1.6 governs confidentiality of information. The rule requires lawyers to "make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client". Comment 18 specifically addresses the need to safeguard information against unauthorized access by third parties. This creates a direct ethical obligation to implement appropriate data security measures.

Model Rule 5.3 addresses responsibilities regarding nonlawyer assistants. This rule extends to technology vendors and service providers who handle client data. Lawyers must ensure that third-party vendors comply with the same ethical obligations that bind attorneys. This requires due diligence when selecting cloud storage providers, practice management software, and artificial intelligence tools.

The High Cost of Data Governance Failures

lawyers need to know the multiple facets of data Governance

Law firms face average data breach costs of $5.08 million. These financial losses pale in comparison to the reputational damage and loss of client trust that follows a security incident. A single breach can expose trade secrets, privileged communications, and personally identifiable information.

The consequences extend beyond monetary damages. Ethical violations can result in disciplinary action. Inadequate data security arguably constitutes a failure to fulfill the duty of confidentiality under Rule 1.6. Some jurisdictions have issued ethics opinions requiring attorneys to notify clients of breaches resulting from lawyer negligence.

Recent guidance from state bars emphasizes that lawyers must self-report breaches involving client data exposure. The ABA's Formal Opinion 483 addresses data breach obligations directly. The opinion confirms that lawyers have duties under Rules 1.1, 1.4, 1.6, 5.1, and 5.3 related to cybersecurity.

Building Your Data Governance Framework

Implementing effective data governance requires systematic planning and execution. The process begins with understanding your current data landscape.

Step One: Conduct a Data Inventory

Identify all data assets within your practice. Catalog their sources, types, formats, and locations. Map how data flows through your firm from creation to disposal. This inventory reveals where client information resides and who has access to it.

Step Two: Classify Your Data

Not all information requires the same level of protection. Establish a classification system based on sensitivity and confidentiality. Many firms use four levels: public, internal, confidential, and restricted.

Privileged attorney-client communications require the highest protection level. Publicly filed documents may still be confidential under Rule 1.6, contrary to common misconception. Client identity itself often qualifies as protected information.

Step Three: Define Access Controls

Implement role-based access controls that limit data exposure. Apply the principle of least privilege—users should access only information necessary for their specific responsibilities. Multi-factor authentication adds essential security for sensitive systems.

Step Four: Establish Policies and Procedures

Document clear policies governing data handling. Address encryption requirements for data at rest and in transit. Set retention schedules that balance legal obligations with security concerns. Create incident response plans for potential breaches.

Step Five: Train Your Team

The human element represents the greatest security vulnerability. Sixty-eight percent of data breaches involve human error. Regular training ensures staff understand their responsibilities and can recognize threats. Training should cover phishing awareness, password security, and proper data handling procedures.

Step Six: Monitor and Audit

Continuous oversight maintains governance effectiveness. Regular audits identify vulnerabilities before they become breaches. Review access logs for unusual activity. Update policies as technology and regulations evolve.

Special Considerations for Artificial Intelligence

The rise of generative AI tools creates new data governance challenges. ABA Formal Opinion 512 specifically addresses AI use in legal practice. Lawyers must understand whether AI systems are "self-learning" and use client data for training.

Many consumer AI platforms retain and learn from user inputs. Uploading confidential client information to ChatGPT or similar tools may constitute an ethical violation. Even AI tools marketed to law firms require careful vetting.

Before using any AI system with client data, obtain informed consent. Boilerplate language in engagement letters is insufficient. Clients need clear explanations of how their information will be used and what risks exist.

Vendor Management and Third-Party Risk

Lawyers cannot delegate their ethical obligations to technology vendors. Rule 5.3 requires reasonable efforts to ensure nonlawyer assistants comply with professional obligations. This extends to cloud storage providers, case management platforms, and cybersecurity consultants.

Before engaging any vendor handling client data, conduct thorough due diligence. Verify the vendor maintains appropriate security certifications like SOC 2, ISO 27001, or HIPAA compliance. Review vendor contracts to ensure adequate data protection provisions. Understand where data will be stored and who will have access.

The Path Forward

lawyers need to advocate data governance for their clients!

Data governance is not optional for modern legal practice. It represents a fundamental ethical obligation under multiple Model Rules. Client trust depends on proper data stewardship.

Begin with a realistic assessment of your current practices. Identify gaps between your current state and ethical requirements. Develop policies that address your specific risks and practice areas. Implement controls systematically rather than attempting wholesale transformation overnight.

Remember that data governance is an ongoing process requiring continuous attention. Technology evolves. Threats change. Regulations expand. Your governance framework must adapt accordingly.

The investment in proper data governance protects your clients, your practice, and your professional reputation. More importantly, it fulfills your fundamental ethical duty to safeguard client confidences in an increasingly digital world.

🎙️ Ep. 122: Cybersecurity Essentials for Law Firms: Proven Strategies from Navy Veteran & Attorney Cordell Robinson

/ The Tech-Savvy Lawyer.Page/

My next guest is Cordell Brion Robinson, CEO of Brownstone Consulting Firm and a decorated US Navy veteran who brings an extraordinary combination of expertise to cybersecurity. With a background in Computer Science, Electrical Engineering, and law, plus experience as a Senior Intelligence Analyst, Cordell has created cybersecurity programs that comply with the National Institute of Standards and Technology, the Federal Information Security Management Act, and the Office of Management and Budget standards for both government and commercial organizations. His firm specializes in compliance services, performing security framework assessments globally for commercial and government entities. Currently, he's innovating the cybersecurity space through automation for security assessments. Beyond his professional accomplishments, Cordell runs the Shaping Futures Foundation, a nonprofit dedicated to empowering youth through education, demonstrating his commitment to giving back to the community.

Join Cordell Robinson and me as we discuss the following three questions and more! 🎙️

1. What are the top three cybersecurity practices that lawyers should immediately adopt to secure both client data and sensitive case material in their practice?

2. From your perspective as both a legal and cybersecurity expert, what are the top three technology tools or platforms that can help lawyers streamline compliance and governance requirements in a rapidly evolving regulatory environment?

3. What are the top three steps lawyers can take to overcome resistance to technology adoption in law firms, ensuring these tools actually improve outcomes and efficiency rather than just adding complexity

In our conversation, we cover the following: ⏱️

- 00:00:00 - Introduction and welcome to the podcast

- 00:00:30 - Cordell's current tech setup - Windows laptop, MacBook, and iPhone

- 00:01:00 - iPhone 17 Pro Max features including 48MP camera, 2TB storage, and advanced video capture

- 00:01:30 - iPhone 17 Air comparison and laptop webcam discussion

- 00:02:00 - VPN usage strategies - Government VPN for secure client communications

- 00:02:30 - Commercial client communications and secure file sharing practices

- 00:03:00 - Why email encryption matters and Mac Mail setup tutorial

- 00:04:00 - Bonus question: Key differences between commercial and government security work

- 00:05:00 - Security protocols comparison and navigating government red tape

- 00:06:00 - Question 1: Top three cybersecurity practices lawyers must implement immediately

- 00:06:30 - Understanding where client data comes from and having proper IT security professionals

- 00:07:00 - Implementing cybersecurity awareness training for all staff members

- 00:07:30 - Practical advice for solo and small practitioners without dedicated IT staff

- 00:08:00 - Proper email practices and essential security awareness training skills

- 00:08:30 - Handling data from average clients in sensitive cases like family law

- 00:09:00 - Social engineering considerations in contentious legal matters such as divorces

- 00:10:00 - Screening threats from seemingly reliable platforms - Google Play slop ads as recent example

- 00:10:30 - Tenable vulnerability scanning tool recommendation (approximately $1,500/year)

- 00:11:00 - Question 2: Technology tools for streamlining compliance and governance

- 00:11:30 - GRC tools for organizing compliance documentation across various price points

- 00:12:00 - SharePoint security lockdown and importance of proper system configuration

- 00:12:30 - Monitoring tools discussion - why no perfect solution exists and what to consider

- 00:13:00 - Being amenable to change and avoiding long-term contracts with security tools

- 00:14:00 - Question 3: Strategies for overcoming resistance to technology adoption

- 00:14:30 - Demonstrating efficiency and explaining the full implementation process

- 00:15:00 - Converting time savings to dollars and cents for senior attorney buy-in

- 00:15:30 - Mindset shift for billable hour attorneys and staying competitive in the market

- 00:16:00 - Being a technology Guinea pig and testing tools yourself first

- 00:16:30 - Showing real results to encourage buy-in from colleagues

- 00:17:00 - Real-world Microsoft Word example - styles, cross-references, and table of contents time savings

- 00:17:30 - Showing value add and how technology can bring in more revenue

- 00:18:00 - Where to find Cordell Robinson - LinkedIn, www.bcf-us.com, Brownstone Consulting Firm

- 00:18:30 - Company description and closing remarks

Resources 📚

Connect with Cordell Robinson:

Government & Compliance Frameworks:

Software & Tools:

🚨 BOLO: Critical Chrome Zero-Day Security Alert for Legal Professionals 🚨

/ The Tech-Savvy Lawyer.Page/

URGENT: Chrome Zero-Day CVE-2025-6558 Impacts Law Firms

🚨

URGENT: Chrome Zero-Day CVE-2025-6558 Impacts Law Firms 🚨

Critical browser flaw affects Windows & Apple devices. Attackers escape Chrome's sandbox via malicious web pages. ACTIVELY EXPLOITED.

Lawyers its generally a good idea to keep your software up-to-date in order to prevent security risks!

🔍 WHAT THIS MEANS IN PLAIN TERMS:
Your browser normally acts like a protective barrier between dangerous websites and your computer's files. This vulnerability is like a secret door that bypasses that protection. When you visit a compromised website, even legitimate sites that have been hacked, criminals can potentially access your client files, emails, and sensitive data without you knowing. The attack happens silently in the background while you browse normally.

⚠️ ACTION REQUIRED:

  • Update Chrome to v138+ immediately

  • Update Safari on Apple devices

  • Review cybersecurity protocols

🚨Legal Risks:
✓ Client confidentiality breaches
✓ ABA ethical violations
✓ Malpractice liability
✓ Trust account exposure

Don't wait - update NOW!

MTC: AI Governance Crisis - What Every Law Firm Must Learn from 1Password's Eye-Opening Security Research

/ The Tech-Savvy Lawyer.Page/

The legal profession stands at a crossroads. Recent research commissioned by 1Password reveals four critical security challenges that should serve as a wake-up call for every law firm embracing artificial intelligence. With 79% of legal professionals now using AI tools in some capacity while only 10% of law firms have formal AI governance policies, the disconnect between adoption and oversight has created unprecedented vulnerabilities that could compromise client confidentiality and professional liability.

The Invisible AI Problem in Law Firms

The 1Password study's most alarming finding mirrors what law firms are experiencing daily: only 21% of security leaders have full visibility into AI tools used in their organizations. This visibility gap is particularly dangerous for law firms, where attorneys and staff may be uploading sensitive client information to unauthorized AI platforms without proper oversight.

Dave Lewis, Global Advisory CISO at 1Password, captured the essence of this challenge perfectly: "We have closed the door to AI tools and projects, but they keep coming through the window!" This sentiment resonates strongly with legal technology experts who observe attorneys gravitating toward consumer AI tools like ChatGPT for legal research and document drafting, often without understanding the data security implications.

The parallel to law firm experiences is striking. Recent Stanford HAI research revealed that even professional legal AI tools produce concerning hallucination rates—Westlaw AI-Assisted Research showed a 34% error rate, while Lexis+ AI exceeded 17%. (Remember my editorial/bolo MTC/🚨BOLO🚨: Lexis+ AI™️ Falls Short for Legal Research!) These aren't consumer chatbots but professional tools marketed to law firms as reliable research platforms.

Four Critical Lessons for Legal Professionals

First, establish comprehensive visibility protocols. The 1Password research shows that 54% of security leaders admit their AI governance enforcement is weak, with 32% believing up to half of employees continue using unauthorized AI applications. Law firms must implement SaaS governance tools to identify AI usage across their organization and document how employees are actually using AI in their workflows.

Second, recognize that good intentions create dangerous exposures. The study found that 63% of security leaders believe the biggest internal threat is employees unknowingly giving AI access to sensitive data. For law firms handling privileged attorney-client communications, this risk is exponentially greater. Staff may innocently paste confidential case details into AI tools, potentially violating client confidentiality rules and creating malpractice liability.

Third, address the unmanaged AI crisis immediately. More than half of security leaders estimate that 26-50% of their AI tools and agents are unmanaged. In legal practice, this could mean AI agents are interacting with case management systems, client databases, or billing platforms without proper access controls or audit trails—a compliance nightmare waiting to happen.

Fourth, understand that traditional security models are inadequate. The research emphasizes that conventional identity and access management systems weren't designed for AI agents. Law firms must evolve their access governance strategies to include AI tools and create clear guidelines for how these systems should be provisioned, tracked, and audited.

Beyond Compliance: Strategic Imperatives

The American Bar Association's Formal Opinion 512 established clear ethical frameworks for AI use, but compliance requires more than policy documents. Law firms need proactive strategies that enable AI benefits while protecting client interests.

Effective AI governance starts with education. Most legal professionals aren't thinking about AI security risks in these terms. Firms should conduct workshops and tabletop exercises to walk through potential scenarios and develop incident response protocols before problems arise.

The path forward doesn't require abandoning AI innovation. Instead, it demands extending trust-based security frameworks to cover both human and machine identities. Law firms must implement guardrails that protect confidential information without slowing productivity—user-friendly systems that attorneys will actually follow.

Final Thoughts: The Competitive Advantage of Responsible AI Adoption

Firms that proactively address these challenges will gain significant competitive advantages. Clients increasingly expect their legal counsel to use technology responsibly while maintaining the highest security standards. Demonstrating comprehensive AI governance builds trust and differentiates firms in a crowded marketplace.

The research makes clear that security leaders are aware of AI risks but under-equipped to address them. For law firms, this awareness gap represents both a challenge and an opportunity. Practices that invest in proper AI governance now will be positioned to leverage these powerful tools confidently while their competitors struggle with ad hoc approaches.

The legal profession's relationship with AI has fundamentally shifted from experimental adoption to enterprise-wide transformation. The 1Password research provides a roadmap for navigating this transition securely. Law firms that heed these lessons will thrive in the AI-augmented future of legal practice.

MTC