Outlook cloudy

By | 7th March 2013

As we continue to see how the various technologies in the e-disclosure space continue to converge, it has become all the more important to know your third party vendor, to get on with the project manager and to enjoy working with them. Preferably, you will have gone through the process of due diligence and getting to know them before time limits and the exigencies of a particular case render that exercise no more than putting a pin in the list of vendors and hoping to come up with someone you can work with.

This was not always the case. It was possible only a short time ago to select technology on the basis of the bells and whistles offered. Now it really pays to know your vendor and like them as well.I make no apology for suggesting you need to like the vendor because I suggest that the vast majority of lawyers prefer to work with someone who empathises with the strains they are under and who offers solutions calmly rather than someone they do not particularly like or who tends to overpromise and underdeliver.

The recent demise of integration company 2e2 illustrates the need to “know” your provider. When the administrators were called in, clients were facing potential loss of access to their data in the cloud, which highlighted in a dramatic way the need to know your cloud provider.

Hosting data in the cloud is a neat way of storing data away from the usual hardware and may offer significant savings, but if you find that you cannot access that data when you need it when the injunction has been served or over the weekend because the service provider is in a different jurisdiction or is owned by a third party unknown to you with whom you are unable to make meaningful contact, you clearly have a problem.

I understand that most users were able to find help from other providers before too much harm had been caused but the situation will have given many pause for thought. If you are going to continue to outsource data to the cloud, it is essential to check the contractual terms agreed between you and to have the fullest possible information about where the data will be held and the location of the relevant servers. If they are outside the jurisdiction, does this cause a problem? Possibly, and you need to know about it before the problem arises and not on the day the matter comes to court or you have to serve the relevant statement or pleading.

As lawyers we are always urged (rightly in my view) to “know” your client in the context of the Money Laundering Regulations. Failure to do so will cause innumerable problems. The same is true of other service providers.

If you do not “know” your provider, the outlook may indeed be cloudy.