October has been quite a month for survey results. Read a summary here.
As well as the KPMG survey on e-disclosure, we have had results from a number of other surveys of potential interest to SCL members.
UK companies are seeing significant increases in the number of internal and external regulatory investigations according to the annual Litigation Trends report published by international law firm Fulbright & Jaworski. However, the number of court actions filed against companies appears to be down with 38% of UK companies seeing no court proceedings brought against them in the last 12 months, compared with 17% of US businesses that saw no litigation brought against them. From the SCL point of view, the matter of interest was the section on e-discovery and litigation hold policies. The survey of over 300 companies in the UK and US included a section on that topic.
According to the survey, issues relating to e-discovery remain a very rare or nonexistent event for 70% of all businesses surveyed, with no increase on 12 months ago. Two in five (40%) of the largest organisations said that they sometimes or frequently experienced issues related to e-discovery in their litigation matters. However, there was some increase cited in the number of e-discovery issues by small and mid-sized company respondents, which would indicate that e-discovery is spreading to businesses of all sizes. More companies are considering or actually retaining e-discovery specialist lawyers to deal with actions, 42% stated this was a consideration compared with 17% in 2006.
Another consideration for businesses who may be called to provide information in relation to e-discovery concerns the increasing use of electronic channels for corporate communication. The majority of respondents (72%) permit employees to access their company network from home and just under a half (48%) allow the use of external e-mail accounts, such as Hotmail and Yahoo, from company computers.
Instant messaging would appear to be increasing in popularity with over half (54%) of companies permitting this; however, just 31% log or retain any instant messaging. Only slightly more (40%) retain voice-mail.
The backup retention period varies significantly between companies, but the median for all companies in the survey is approximately 60 days, with the industries most likely to retain communications for a year or more being real estate, technology / telco and energy. Two in five of all respondents (40%) say they now have a chief privacy officer.
See here for more.
Another survey, commissioned by specialist security provider Securecoms, highlighted a widespread and mistaken belief that existing anti-virus and spam prevention solutions provide sufficient e-mail protection and as a result, the possibility of interception is being overlooked. While e-mail interception poses a threat to all businesses, the often sensitive nature of a law firms’ communications increases the importance of security.
The risk posed by an e-mail security breach was further highlighted by a related survey finding indicating that, although most respondents believe e-mail is the least secure method of communication, more than half of a law firm’s daily e-mail traffic contains confidential information. Interestingly, 82% of respondents were aware that external e-mails pass through many places before reaching the intended recipient.
According to David Ford, Chief Executive of Securecoms, UK law firms need to be made aware of the true nature of the threat posed by e-mail interception: “This survey clearly identified a high level of confusion among law firms regarding e-mail security. It’s important to point out that this is not the fault of the legal sector, but is indicative of a general lack of awareness common to businesses of all types concerning the consequences of e-mail interception as an e-mail travels across the public internet. The growth in e-mail usage and the amount of highly confidential information that’s e-mailed on a daily basis has created an unacceptably high level of risk. There appears to be a widespread misguided view that the most commonly used anti-virus and anti-spam systems also provide protection against interception. In fact, this is just not the case. The research indicates that despite the recommendations contained in the e-mail security guidelines issued by the Law Society, fewer than 10% of UK law firms encrypt their e-mails. It’s clear that there’s a need to educate and inform lawyers across the UK on the issues surrounding e-mail confidentiality”.
On average, more than half the e-mails sent by law firms contain confidential information.
E-mail is considered the second least confidential way of communicating information - 82% of those asked were aware it passes through many places before the recipient actually receives it. Fax is thought of as the least confidential – probably because there is no guarantee that the person it is sent to will be the only person who sees it.
Almost half thought that their existing software covered confidentiality, although on further questioning it emerged that well over 90% of these were mistaken in their belief. 20% didn’t know whether or not their software covered e-mail confidentiality.
45% of lawyers thought that e-mail security was a priority, but only 20% thought that there was a straightforward software solution available.
About the research
An telephone survey was conducted by international research firm Strategy One on behalf of Securecoms to explore attitudes of behaviour concerning e-mail confidentiality among law firms and determine awareness and usage of e-mail security solutions.
The survey sample comprised of 201 partners and non-partners of law firms across the UK.