Big Data – Mitigating Risks And Finding Benefits

Since the rise of the PC, there has been a massive accumulation of data. In fact, according to IBM, 90 percent of information ever created has been created in the past two years.[1] The term “big data” is used to characterize this buildup of data that is too large to be collected using conventional techniques, such as relational databases. This data can range from personal information for customers, such as dates of birth and social security numbers, to transactional data to electronic court records.

All of this data has proven to be a vital tool for corporations looking to make more informed business decisions. Chances are, as a corporate attorney, your corporate business development department is already using big data. Big data can be a great asset, but it can also become a liability when the privacy of this data is put at risk and lawsuits become a possibility. How does this proliferation of data affect your company and how can you mitigate risk while still benefiting from the vast knowledge that big data offers?

Different from anything you’ve seen before.

The conventional way to utilize relatively large data sources is in relational databases where information is organized in linked tables. Unfortunately, relational databases require a substantial amount of set up and maintenance, which can result in a significant expense. Attempting to maintain big data in a relational database would be an almost impossible feat from both a management and a cost standpoint. There is software out there for big data management, but before you dive into purchasing, questions you should be asking are the following:

• What goals does your corporation wish to accomplish by analyzing big data? Is the company looking to increase cost efficiency, prevent lawsuits or make staffing decisions? By looking at specific business problems, management can more easily brainstorm what kinds of information they should be looking at.
• What types of data will you need to collect to achieve these goals? This is especially important because culling and analyzing irrelevant data will be a waste of resources.
• Does this data pose any risks to you or your clients?
• Does your IT department and/or software provider have the necessary infrastructure to gather and analyze the data your corporation is looking for?

Make sure all departments in your corporation have a plan and know what they need, so you can save time and money by avoiding extra steps like culling and analyzing irrelevant data. What do you do once you have relevant data? Well, marketing and sales departments provide plenty of examples of how corporations can use this information to make informed and targeted decisions. Wal-Mart uses big data to analyze over 200 million daily transactions in order to keep shelves stocked and to track purchase trends. A more specific example would be Target following female customer purchases and transactions in an attempt to identify pregnant women who can be identified for promotions and sales, making them customers for life.

Sounds great, so what’s the catch?

A survey conducted by the Ponemon Institute concluded that 90 percent of companies and organizations surveyed had at least one data breach.[2] Verizon reports that 81 percent of those breaches occur from some sort of hacking.[3] This is because most big data software platforms have very few built-in security features to counter online threats. Therefore, it is important for corporations and attorneys to proactively think about actively maintaining their data in a secure way. Securosis, an information security company, found that big data projects are commonplace across many industries; however, most companies they inquired with did not have any real security in place to protect their data. In fact, most companies did not have any security beyond simple user passwords. Big data, especially in a corporate or legal environment, can be extremely confidential and sensitive, so it is vital to make sure this data is kept secure.

Security breaches and the misuse of personal information have caused many corporations to face an onslaught of class action lawsuits. In the courts, there is not yet a standard regarding the treatment of data breaches or a clear direction on whether or not the plaintiff needs to establish that the breach caused an injury-in-fact in order to certify the class action.[4]

All corporations would be wise to take the necessary precautions to mitigate risk exposure that comes along with housing so much personal and privileged data. The goal of big data security is to maintain the privacy of both the data itself and the infrastructure of the database. Basic steps you can take are

• Create restrictions regarding who has access to certain data. It is important that people only have access to documents and information that are necessary for them to perform their job duties.
• Keep data protected through encryption, which only allows users to access the information if they have been provided with the encryption keys.
• Maintain records of user activity to audit who is accessing what data and whether or not there have been any breaches.
• Use additional security products built specifically to protect big data in order to bolster your data’s safety.

The best way for users of big data software to take on these security tasks is through a combination of built-in security features within the database (these are usually not sufficient to be completely secure) and the use of additional security products. The Centre for Information Policy Leadership helps to develop initiatives and encourages communication regarding responsible information governance. For example, the Centre holds seminars covering topics such as data protection and e-government and harnessing data as a new source of growth. Their website is a helpful resource for anyone interested in learning more about big data management and security.[5]

“Me too!” How can legal get in on the action?

Now that you’re protecting your corporation, how can the legal department benefit from big data? By maintaining detailed electronic invoices reflecting attorneys’ hours over a significant time span, corporations can more accurately estimate their annual legal spending with outside counsel. Additionally, corporations can determine where their legal resources are being applied most and help create greater cost efficiency by better understanding how many attorneys and hours a legal matter is likely to take.

One of the greatest potential uses for big data is in case prediction, also known as quantitative legal prediction. For example, information related to trademark searches and to filing of service for process data can help to identify trends and use that information to look forward. The key to this process would be to maintain case information in a format that contains different criteria related to that case. Attorneys can then work with analysts to choose key variables to analyze litigation trends or lawsuit outcomes, and test different scenarios. As more and more case information becomes available electronically, attorneys will be able to use big data software to create their own “what-if” scenarios. One area of law where this already has started to come into play is in patent litigation. Over the past decade, company Lex Machina has been creating a database with information related to 128,000 IP cases, 134,000 attorney records and 64,042 parties that attorneys can search through.[6] Databases such as these are useful tools for attorneys looking to anticipate how their cases might turn out. The hope is that these types of systems will help transform how attorneys look at litigation from the business perspective. Think of how much time and money would be saved if attorneys could look at settlement patterns and win rates to help determine the best course of action for their own cases. In the future, big data will likely reduce a certain amount of lawyering to simple formulas and queries.

In addition to quantitative legal prediction, an area where big data can be especially helpful to attorneys is in the area of preventative law. In an effort to protect a corporation from future litigation, big data can help attorneys keep track of emerging trends that might be indicative of the threat of a lawsuit. For example, computer systems can look for customer complaints, data breaches or patterns of faulty product issues, all of which might point toward future legal action. By identifying these issues early on, corporate counsel can help their companies to either avoid lawsuits altogether or be better prepared for what might be heading their way.

Like any technology, it is important to do your research before making a large commitment to make sure you and your corporation understand how to use it and what it can help you achieve. Big data is different from what we’ve seen before because, while it can be incredibly valuable, it can be difficult and expensive to maintain in a structure that allows the user to get the most out of it in a secure manner. Most corporations are already using big data but put themselves at a huge risk by not keeping this information secure, and counsel usually ends up dealing with the resulting lawsuits. Therefore you need to know how your company is using this information and how they are storing it to make sure that security measures are met. To ignore the popularity and potential uses of big data would be a serious mistake for your corporation’s future, but so would be leaping in without the necessary knowledge. From there, a whole new world of information will be open to you. The future of big data is vast and could provide attorneys with game-changing resources that will help them win cases, reduce costs and ultimately improve the bottom line.