Category: Uncategorized

The Senate Impeachment Trial:
Apolitical Observations by a Trial Consultant


 

“Why, recourse was had to assassination in which he was not only deprived of his life but of the opportunity of vindicating his character. It would be the best way therefore to provide in the Constitution for the regular punishment of the Executive where his misconduct should deserve it, and for his honorable acquittal when he should be unjustly accused.”

Dr. Benjamin Franklin
July 20th 1787


While watching the opening arguments made by House managers and White House attorneys, any trial consultant worth their salt can feel the compulsion to dissect these proceedings growing stronger by the hour. As one such consultant, I am fully aware that I risk wading into a political argument on social media that, quite frankly, I have no interest in. Let’s not “pick a side” today – that is not what this article is about.

Instead, let’s consider the invaluable lessons provided by the events transpiring on Capitol Hill for any lawyer or speaker. It is in the vein of teachable moments that the senate trial comes to mind. Obviously, a Senate impeachment trial is very different from court, but some of the lessons here transfer to any court appearance or speaking engagement:

Time Limits:

This week’s Senate hearing is a prime example as to why judges put a time limit on opening arguments. Twenty-four hours per side to give opening statements is enough to have plenty of Americans falling asleep in front of their TVs, and at least a few senators. No person, no matter how disciplined their attention span, can handle sitting for hours on end (with no coffee!?) listening to someone bang on until the wee hours of the morning…particularly when the topic is about as engaging as Thanksgiving dinner debates with your one awkward uncle.

After the first two hours of both openings, I wish the judges I’ve presented in front of were there to say, “move along gentlemen, that horse is sufficiently beaten.” Unfortunately for us, Justice Roberts, and every member of the Senate, there isn’t a politician alive that shuns the limelight. Each, given the opportunity, will talk until they’ve exhausted every adjective that may (even loosely) describe their argument.

Visual Demonstratives:

House managers used limited demonstratives, which I found myself often fighting the urge to “fix”: to make them cleaner, neater, less monochromatic, more thoughtful, or more relevant. Though it was a valiant try by the staffers on the hill, they lack the experience, eye, and skill employed by experts in visual communication to develop graphics that bolster arguments, and the results are obvious even to a layman. By contrast, the White House lawyers clearly had a professional working with them to craft their message and develop clear, concise visuals that reinforced their arguments instead of distracting from the message. (A side note to the consulting team in question: Well done.) Not everyone on the White House team made use of demonstratives, essentially talking over the aids rather than engaging them; demonstratives can be well made and still ineffective if not incorporated properly. To find a good use of the team’s demonstratives, one need look no further than Mike Purpura, whose time made obvious that he worked closely with consultants on his presentation preparation. It was clear that he was cognizant of the fact that oral and visual evidence simultaneously is an effective use of demonstratives to reinforce key points. This formula resulted in a highly-polished, effective, and well-timed delivery.

Repetition v. Reinforcement:

There is a fine line between repetition to reinforce a message and repeating things enough that you annoy your audience. You can see it in their faces: the heavy eyelids, the doodles in notepads, and fidget spinning. While being allowed coffee would be helpful for Senators, regurgitating what the last person said five times over – only with new and fancy adjectives – helps no one, including your own arguments.

Just the facts, Jack:

When preparing lawyers and witnesses for trial, I often remind them to stick to the facts and to keep emotions in check. Cases are not won or lost because the representing lawyer or party involved is emotional, whether that be in a bench trial, arbitration, or jury trial. Crafting arguments around the facts, and the pattern that emerges as a result, is the most persuasive way to be convincing. Unfortunately, and despite an otherwise well-delivered and persuasive oral argument at opening by the House managers, Representative Schiff made a mistake by referring to an unsubstantiated article by CBS regarding President Trump threatening members of the Senate (via proxy) – the very same Senate charged with jury duty in this trial – should they vote to convict. Rep. Schiff immediately followed this accusation with “Now, I don’t know if that’s true.” One could argue that this is a folksy, likeable humbleness, but trial is not the place for friendly neighbors, rather knowledgeable experts. Here’s hoping that such a misstep will not alienate Senators or cloud their judgement. That said, when the stakes are this high, it was a significant risk on the part of House managers to make an unnecessary point that had little chance of bolstering their arguments.

Key takeaway: If you don’t know something is a fact, it is a gamble to include it and you needlessly expose your case to potential backlash if proven false.

Witnesses:

Obviously, a trial in the Senate on impeaching the President of the United States is a very different proposition than civil or criminal court in practically every facet. In an impeachment trial the Senate determines if there will be testimony, and who will testify before them, by a simple majority vote. In both President Clinton’s and President Johnson’s impeachment trials before the Senate, indeed, witnesses did testify, though Clinton’s trial included only video depositions instead of live witnesses. In this particular case, the House managers were extremely persuasive in their argument for additional witnesses in addition to having precedent to bolster their position. While true that live witnesses can be unpredictable, hearing from relevant witnesses with direct knowledge of facts in dispute has been proven extremely important for jurors to make a fully informed decision. There are several key individuals discussed by both House managers and the White House counsel who either are directly involved or had direct knowledge of the events in this controversy but were not questioned or deposed – for myriad reasons – during the House impeachment investigation. These witnesses can potentially provide additional facts and context to aid the Senate in making the difficult decision to acquit or convict, and there is little reason to disregard their knowledge of the events in good faith.

It will be interesting to watch as the remainder of the impeachment trial unfolds. It could take the remainder of this week or months to determine the outcome. No matter what the decision (or how many trial consultants are set to grumbling about how it could have been done better), history is being made and we all have a front row seat.

 


KT Designs is a privately owned company that operates on the ideals of honesty, integrity and transparency. We are experienced in working on cases and projects of all sizes and in most jurisdictions, including internationally. We are devoted to the personal and intellectual growth of our employees and clients, and to facilitating continued learning in our audiences on the most complicated of topics. We consider our clients’ satisfaction and confidentiality above all else.

Navigating the Ethical Use of Body Language in the Legal Setting


 

“To the ordinary observer, a man is just a man. To the student of life and human beings, every pose and movement is a part of the personality and the man.”

Clarence Darrow
How to Pick a Jury; Esquire Magazine (May, 1936)


Utilizing nonverbal communication techniques in the legal field is not new ground, though the ethical implications are still being heavily debated among judges, litigators, and experts alike. Concerns such as witness coaching and the potential discoverability of videotaped mock depositions are forefront issues in this debate. How to navigate this evolving atmosphere and understanding the unintended implications is challenging for many in the legal industry.

With respect to mock depositions and mock trials, KT Designs recommends utilizing mock depositions for preparing both experienced and inexperienced witnesses; however we do not advise counsel videotaping these sessions because of the discoverability concerns covered in a white paper written by Jones Day’s Mark Herrmann and Pearson Bownas.

Instead, when dealing with an inexperienced witness, we recommend having a “dummy” video camera set up adjacent to the witness (but not enabled for recording) during your preparation so that your witness may acclimate to being in front of the camera.

In the United States, the ABA Model Rules of Professional Conduct provides guidelines that include how lawyers can prepare witnesses and, more specifically, forbids counseling witnesses to offer deceptive testimony or evidence. There are no rules that cover coaching witnesses on body language, demeanor or even how to appear more likable or endearing. Putting aside the impropriety of coaching witnesses on content, advising them on body language in court and, more importantly, on the witness stand, is legally and ethically acceptable.

It should be noted, however, that witnesses are unpredictable enough during examination without feeling the need to assume the role of lead actor in a courtroom drama. One of the most recent cases where accusations of such coaching arise is in the Oscar Pistorius murder trial in South Africa. The South African court system is vastly different than the US Court System, but the rules related to witness preparation are similar.

Pistorius, who was being tried for the murder of his girlfriend, Reeva Steenkamp, was accused of hiring a well-known South African actor to coach him on how to behave at his trial. On its face, the allegation of taking acting lessons sounds far- fetched. The Pistorius camp vigorously denied the claim – but could there be merit in such a contention?

While we cannot say for certain that Mr. Pistorius hired anyone to advise him on how to act during court proceedings, it is clear from his flamboyant, sniveling, vomit-laden performance that he was intentionally overt in displaying his emotions for all – especially the judge – to see.oscar-pistorius

Ultimately the question should not be ‘did he hire an acting coach’, but rather, ‘did his melodramatic theatrics in court help his cause’? The guilty verdict handed down in September 2014 suggests otherwise.

To the trained eye, Mr. Pistorius’ body language betrayed his exaggerated performance, and some experts suspect his attempt to garner sympathy from the court for his plight fell flat as well. Additionally, it is of note that Pistorius was at his most emotionally animated during testimony and presentation of evidence that contradicted his version of events and that his testimony was riddled with distancing language and inaccuracies.


This article is based on the KT Designs’ white paper “Body  Language, Technology and their Application in the Legal Industry.” To access the whitepaper in its entirety for free, please visit the whitepaper section of our website: http://www.kt-designs.org/white-papers/

KT Designs is a privately owned company that operates on the ideals of honesty, integrity and transparency. We are experienced in working on cases and projects of all sizes and in most jurisdictions, including internationally. We are devoted to the personal and intellectual growth of our employees and clients, and to facilitating continued learning in our audiences on the most complicated of topics. We consider our clients’ satisfaction and confidentiality above all else.

This article, co-authored by Kristin Thomas, owner of KT Designs, and Noel Bagwell, President and Chief Legal Officer of Executive Legal Professionals, PLLC, was published in Volume 16 | No. 7;  October/November 2016 edition of the Nashville Bar Association’s Nashville Bar Journal. You can view the full version of the Nashville Bar Journal here.


Best Practices for Conducting Voir Dire in the Information Age

When picking a jury, attorneys must consider many details about the jurors. Everything is scrutinized, from employment, prior experiences, and the responses potential jurors give to questions to their appearance and body language. Our internet-saturated world, and especially the wide-spread use of social media, provides an additional layer of complexity to jury selection not present a decade ago.

While 76% of American adults use the internet and 65% of all US adults use at least one social media platform1, the legal industry is taking a delicate approach to its use as a research tool during voir dire. The Supreme Court of Tennessee, like many states, has weighed in on issues relating to jurors’ use of social media, but, as one might suspect, the opinions issuing from so many states’ highest courts on this issue vastly differ from one another.

To help readers improve their understanding of how other jurisdictions are handling similar questions, in this article the authors will examine a comparison between the ABA formal opinion 466, cases in Tennessee and Kentucky, and finally the New York City Bar Ethics Opinion. Also, the authors will be providing a few helpful suggestions regarding what they believe are best practices relating to the use of social media as such use relates to voir dire.

ABA Standing Committee on Ethics and Professional Responsibility Opinion 466: Formal Lawyer Reviewing Jurors’ Internet Presence

The ABA’s ethics opinion 466 is one of the more widely cited bar ethics opinions on this topic. It states, in part,

“Unless limited by law or court order, a lawyer may review a juror’s or potential juror’s Internet presence, which may include postings by the juror or potential juror in advance of and during a trial, but a lawyer may not communicate directly or through another with a juror or potential juror.

A lawyer may not, either personally or through another, send an access request to a juror’s electronic social media. An access request is a communication to a juror asking the juror for information that the juror has not made public and that would be the type of ex parte communication prohibited by Model Rule 3.5(b).

The fact that a juror or a potential juror may become aware that a lawyer is reviewing his Internet presence when a network setting notifies the juror of such does not constitute a communication from the lawyer in violation of Rule 3.5(b).

In the course of reviewing a juror’s or potential juror’s Internet presence, if a lawyer discovers evidence of juror or potential juror misconduct that is criminal or fraudulent, the lawyer must take reasonable remedial measures including, if necessary, disclosure to the tribunal.”2

Tennessee

During one of the better-known cases in our state, State of Tennessee v. William Darelle Smith, the accused appealed his murder conviction on the grounds that a juror communicated with the testifying medical examiner through Facebook

As a result, Mr. Smith did not receive a fair and impartial trial. Tennessee Supreme Court affirmed the decision of the trial court, stating that,

“Despite all the evidence that the two were casual acquaintances at best, the substance of the message itself raises some doubts as to the impartiality of the juror. It was highly improper for the juror to disregard the instructions which the trial court had given regarding contact with witnesses. In addition, the tone of the message, which is in substance a compliment on Dr. Lewis’s testimony, suggests partiality. Finally, we note that the discussion of the impropriety of the message appears itself improper. While Dr. Lewis testified that she intended to convey, in her response to Mr. Mitchell, that she found his communication inappropriate and that it could be the basis for a mistrial, her response as written implies that she believes that their acquaintanceship itself could be the basis of a mistrial, and it suggests doubt regarding whether the relationship will remain undisclosed. Mr. Mitchell’s reply demonstrates that he is aware of the risk of mistrial and has concealed the relationship thus far. Ultimately, Mr. Mitchell did not reveal either the relationship or the communication, although Dr. Lewis did so at once. The Tennessee Supreme Court, in remanding the case, observed the importance of avoiding contact on social media that could ‘spawn public doubt about the capacity of the modern jury system to achieve justice.’

Nevertheless, we conclude that the State has sufficiently rebutted the presumption of prejudice through the testimony of Mr. Mitchell and Dr. Lewis. As the trial court found, the relationship of the parties was very distant. Facebook ‘friendships’ frequently exist between those who are indifferent to one another. While the tone of the exchange raises the specter of prejudice, Mr. Mitchell’s unwarranted exuberance on discovering an old acquaintance does not demonstrate actual partiality, and all testimony presented at the hearing served to show that the juror did not harbor bias. Furthermore, Mr. Mitchell’s comment to Dr. Lewis was not based on his acquaintance with her but was rather his evaluation of the testimony presented at trial. A juror is, of course, free to evaluate the testimony of a witness, although communicating such an appraisal to the witness herself during trial is improper. As noted above, the proof in the case was particularly strong, and the testimony of the witness was mainly concerning uncontested issues… We conclude that the State adequately rebutted the presumption of prejudice and that the defendant has not established that juror bias deprived him of the right to a fair trial.”3

 Kentucky

The Commonwealth of Kentucky is our closest neighbor to weigh in on the issue of social media and jurors. In the case Kentucky v. Sluss, one juror had denied having a Facebook page and another failed to disclose their friend status with a family member of the deceased.

 

An appeal on behalf of Mr. Sluss was filed, in part, based on juror’s failure to disclose.

The Supreme Court of Kentucky ruled that,

“[A] juror who is a ‘Facebook friend’ with a family member of a victim, standing alone, is arguably not enough evidence to presume juror bias sufficient to require a new trial. As with every other instance where a juror knows or is acquainted with someone closely tied to a case, it is the extent of the interaction and the scope of the relationship that is the relevant inquiry.

In regard to jurors who admitted to being on Facebook, the trial court attempted to make this inquiry by asking whether they had read anything about the case on the website. That the court actually made this inquiry strongly suggests that a juror’s status on Facebook was not sufficient standing alone to decide whether the juror was disqualified. This is correct, because it is the closeness of the relationship and the information that a juror knows that frames whether that juror could reasonably be viewed as biased. The fact that jurors were ‘friends’ of April Brewer, absent other evidence of a close relationship or knowledge, is not sufficient grounds for a new trial.

The Commonwealth correctly argues that the Appellant must do more than simply speculate that the relationship might have somehow affected the jury verdict. Thus, the mere fact that Amy Sparkman–Haney and Virginia Matthews were April Brewer’s Facebook friends, which is the extent of the proof the trial court heard about their acquaintance, is not grounds for a new trial.”4

New York City Bar Ethics Opinion 2012-2: Jury Research and Social Media

One of the more controversial Ethics Opinions issued is the NYC Bar Ethics Committee, Opinion 2012-2, which warns lawyers that, while potential jurors’ digital footprints should be researched and monitored, if a juror becomes aware that one of the lawyers is viewing their social media accounts, it could be considered prohibited communication and may result in reprimand for violating the NYC Bar rules of professional conduct. In part, the opinion states,

 

“We conclude that if a juror were to (i) receive a ‘friend’ request (or similar invitation to share information on a social network site) as a result of an attorney’s research, or (ii) otherwise to learn of the attorney’s viewing or attempted viewing of the juror’s pages, posts, or comments, that would constitute a prohibited communication if the attorney was aware that her actions would cause the juror to receive such message or notification.

We further conclude that the same attempts to research the juror might constitute a prohibited communication even if inadvertent or unintended. In addition, the attorney must not use deception—such as pretending to be someone else—to gain access to information about a juror that would otherwise be unavailable. Third parties working for the benefit of or on behalf of an attorney must comport with these same restrictions (as it is always unethical pursuant to Rule 8.4 for an attorney to attempt to avoid the Rule by having a non-lawyer do what she cannot). Finally, if a lawyer learns of juror misconduct through a juror’s social media activities, the lawyer must promptly reveal the improper conduct to the court.”5

Best Practices: Social Media and Jurors

The regulation of communication in the legal industry still lags behind the technological advancements which have been, and continue to be, both benefit and bane to lawyers since the Internet became ubiquitous. Even though lawyers are, now more than ever, required to exercise keen discernment regarding what is and what is not ethical communication—both in form and in substance—one of the most frustrating facets of the task of exercising such discernment is trying to divine the goals of the various regulators.

The incentives of regulators drive the rules they create, but these incentives are as varied as are the backgrounds, political opinions, and ethical postures of the regulators themselves. So, what’s a good-intentioned lawyer to do? Many prefer to let their conscience be their guide, and presume they will have an opportunity to ask forgiveness if they should stray across some invisible ethical boundary. Others prefer to play it safe, and forego even the appearance of what might possibly begin to be construed as a potential infraction.

In an effort to assist our fellow attorneys in their struggle to maneuver through the obscure ethical chaparral of the digital frontier still being slowly colonized by regulators, we submit for your consideration the following suggested best practices for lawyers, when using (or not using) social media in connection with voir dire and other juror-related activities.facebook_like_logo
  1. Know and understand the local rules. When it comes to jurors and social media, the most important thing to remember is that the local rules governing lawyers’ use of social media, in connection with voir dire and for other purposes which might impact or be perceived by jurors, substantially vary from jurisdiction to jurisdiction. When entering into a jury trial, a lawyer should briefly review the local rules respecting use of social media, especially in connection with voir dire. What a lawyer can and cannot do is ultimately governed by the local rules of the jurisdiction in which the case is being heard; ignore them at your peril.
  2. Don’t try to circumvent the rules using a proxy. Just follow the rules. Trying to be clever and get around the rules by using a proxy will not work, because, especially in New York, “it is always unethical … for an attorney to attempt to avoid the Rule by having a non-lawyer do what she cannot.” Honesty is the only policy, and honesty involves adhering to both the letter and the spirit of the law.
  3. Restrict your activity to passive observation. Generally, according to the ABA, unless limited by law or court order, a lawyer may review a juror’s or potential juror’s Internet presence, which may include postings by the juror or potential juror in advance of and during a trial. Passive review, not direct communication with a juror, is what is permitted, here. What lawyers want to avoid is any interactivity with the juror, aside from just passively browsing their Internet presence data.
  4. Don’t send access requests to (potential) jurors. Generally, according to the ABA, a lawyer may not communicate directly or through another with a juror or potential juror. This includes sending access requests to a juror’s electronic social media. An access request is a communication to a juror asking the juror for information that the juror has not made public and that would be the type of ex parte communication prohibited by ABA Model Rule 3.5(b). So, lawyers should avoid adding jurors or potential jurors as LinkedIn connections, Facebook “friends”, etc. during the course of voir dire or any other part of an ongoing trial.
  5. Be careful about triggering notifications resulting from settings! Except in New York, and possibly a few other jurisdictions, generally, according to the ABA, the fact that a juror or a potential juror may become aware that a lawyer is reviewing his Internet presence when a network setting notifies the juror of such does not constitute a communication from the lawyer in violation of ABA Model Rule 3.5(b). This is one of the problems with model rules; they’re not universal rules. When the Model Rules conflict with local rules, they can add to confusion about what is or is not permitted in a given jurisdiction. Always rely on the local rules, first. While, in Tennessee, it might be alright to permit a juror or a potential juror to become aware that a lawyer is reviewing his Internet presence when a network setting notifies the juror of such, a lawyer in New York might be reprimanded under the same or similar circumstances.
  6. Report crimes. Generally, according to the ABA, in the course of reviewing a juror’s or potential juror’s Internet presence, if a lawyer discovers evidence of juror or potential juror misconduct that is criminal or fraudulent, the lawyer must take reasonable remedial measures including, if necessary, disclosure to the tribunal. Lawyers have a duty to report suspected or apparent criminal activity to law enforcement and to the court, when the person responsible for the activity is a (potential) juror.

The foregoing are all rules, but they are derived from one simple, if inelegantly stated, principle:

Lawyers should avoid contact on social media that could ‘spawn public doubt about the capacity of the modern jury system to achieve justice’.

At least, that’s the Tennessee Supreme Court’s guiding principle. To this author, that principle, as stated, seems more concerned with managing appearances than with promoting actual integrity in the legal profession, but as long as following the principle has the effect of promoting actual integrity in the legal profession, that distinction may be practically unimportant.

When it comes to social media and jurors, be forthright, pay close attention to the local rules, and try to avoid doing anything that a reasonable third party observer might use to accuse you of improperly influencing a potential juror or the outcome of a trial.

References

1.     Andrew Perrin, Social Media Usage: 2005-2015, Pew Research Center (October 8, 2015), http://www.pewinternet.org/2015/10/08/social-networking-usage-2005-2015/

2.     American Bar Association Standing Committee on Ethics and Professional Responsibility, Lawyer Reviewing Jurors’ Internet Presence, Formal Opinion 466 ABA (2014), http://www.americanbar.org/content/dam/aba/administrative/professional_
responsibility/formal_opinion_466_final_04_23_14.authcheckdam.pdf

3.     State of Tennessee v. William Darelle Smith, No. M2014-00059-CCA-R3-CD (TN January 7, 2015), http://www.tncourts.gov/sites/default/files/smithopn_0.pdf

4.     Ross Brandon Sluss, Appellant, v. COMMONWEALTH of Kentucky, Appellee., No. 2011–SC–000318–MR. Decided: September 20, 2012 http://caselaw.findlaw.com/ky-supreme-court/1612369.html

5.     NYC Bar Ethics Committee, Jury Research and Social Media, Formal Opinion 2012-2 NYCB (2012), http://www.nycbar.org/member-and-career-services/committees/reports-listing/reports/detail/formal-opinion-2012-2-jury-research-and-social-media

The Law of Inevitability:
The Panama Papers

In April of 2016, the legal industry was rocked by a monumental computer breach. Unlike the Sony, HomeDepot, and Target hacks before it, which only affected one company, this breach exposed every one of Mossack Fonseca’s clients to intense public scrutiny. Their clientele – former and current politicians, athletes, banks, and business executives – were linked to fraud, sanctions avoidance, money laundering, and tax evasion schemes when 11.5 million documents were exfiltrated from the law firm’s servers.

Ramifications were immediate and obvious, beginning with the resignation of Iceland’s Prime Minister Sigmundur Gunnlaugsson, yet the end to this fallout remains illusive. The flood of government investigations is ongoing and new allegations emerge regularly; so far one of the few certainties regarding the hack is that law firms are now keenly aware that their computer systems house a treasure trove of confidential information – an attractive target for hackers. Also clear is that the penetration of Mossack Fonseca’s computer systems was a relatively easy breach to perpetrate and, more importantly, completely preventable.

It’s time to have a candid conversation about law firms and their computer security footprint.

How To Hack Mossack Fonseca In 3 Easy Steps

Mossack Fonseca was utterly deficient in their cyber security footprint. Their website was riddled with known and fixable vulnerabilities. Their web server was also not protected by a firewall and was on the same network as their mail servers. In April 2016, researchers found multiple avenues for access but one prevalent theory has emerged: outdated and unpatched software and knowingly insecure server access protocols gave hackers easy access to the firm’s most sensitive files.

At the risk of getting too deep in the weeds I will attempt to explain one such avenue for unauthorized access to the Mossack Fonseca systems. The graphic provided below will help you visualize how a hacker can move through the system to gain the type of access that results in the theft of 2.6 terabytes of attorney-client privileged data.

PanamaPapers

Step 1: WordPress Exploit

Mossack Fonseca had a commonly used plug-in on their website named Revolution Slider. That version of Revolution Slider was outdated and known to be vulnerable to exploitation. By using this exploit, a hacker is able to gain unauthorized and unrestricted access to WordPress, including the configuration and database files. These unencrypted files contain login and password information to send emails from the mail server.

Step 2: Use Information Gained From WordPress

Using the login credentials provided by WordPress, the hacker could have then accessed the email server and siphoned off 4.8 Million emails. Mossack Fonseca was using an old version of Outlook Web Access they last updated in 2009. Assuming the privilege level assigned to the credentials used to log in is all-access, any email could be retrieved from the system.

Step 3: Drupal Exploits

Like WordPress, Drupal can be used to create websites and act in the background as an online client access portal to their data. The older version of Drupal that Mossack Fonseca utilized had at least 23 vulnerabilities at the time of the hack and was best known for the version targeted in November 2014’s “Drupageddon” hack.

5 Easy Ways To Avoid Being The Next Mossack Fonseca

I’d like to believe that Mossack Fonseca is the most disturbing case of ineptitude in website security on the planet rather than a typical case study. Unfortunately, I fear there are more Mossack Fonseca’s out there than we realize or want to admit publicly in an effort to protect those easily penetrable data goldmines. There are some very easy steps to take that can mitigate your exposure risk:

  • Update Software

Patches are released for a reason and that reason is never cosmetic. They shore up security holes or functionality issues. That innocuous plug-in on your website looks great or may add functionality but if you don’t keep it current you are exposing yourself, your firm, and the clients it services to unnecessary risk.

  • Encryption and Hashing

There is no reason to forego encryption of confidential communications and files. None of the data from Mossack Fonseca had encryption of any kind. Microsoft and Adobe products include encryption and password protection tools to avoid unauthorized access. Most email providers use some level of encryption and should be included in any service level agreement.

  • Separation, Passwords And Access Restrictions

Passwords should be changed regularly and access to files, information, and systems should be limited to only those who need it. Restrictions on time and day can also be implemented. Update these access privilege credentials regularly to ensure access is only as needed. Also, consider keeping email servers and web servers on separate traffic routers to add an element of separation.

  • Protocols And Procedures

Mossack Fonseca was ill-prepared to manage the fallout of their breach, either for themselves or their clients. Having protocols and procedures in place before a breach happens is far better than making it up as you go in a high-stress situation.

  • Training And Refresher Trainings

Computer security best practices, particularly in fields requiring confidentiality and discretion like the legal industry, should be part of the new hire training curriculum and regularly given refresher trainings.

While these five best practices will not prevent all computer breaches, they could have prevented the Panama Papers or, at a minimum, made the hacker’s job infinitely harder. If you are interested in speaking with a security professional on how to shore up your cyber security footprint, KT Designs can put you in contact with one of our experts. Please contact us at 202.554.0272 or info@kt-designs.org.


The information in this article is sourced from the following organizations:

https://panamapapers.icij.org

https://www.wordfence.com/blog/2016/04/panama-papers-wordpress-email-connection/

http://www.wired.co.uk/article/panama-papers-mossack-fonseca-website-security-problems

KT Designs is a privately owned company that operates on the ideals of honesty, integrity and transparency. We are experienced in working on cases and projects of all sizes and in most jurisdictions, including internationally. We are devoted to the personal and intellectual growth of our employees and clients, and to facilitating continued learning in our audiences on the most complicated of topics. We consider our clients’ satisfaction and confidentiality above all else.

Personal Security in the Digital Age:
Navigating Machiavelli’s Playground

Technology is ever growing and evolving, bringing new and exciting advances into the modern world. Computers make our lives easier in innumerable daily activities, be it instantly paying bills online, buying the latest best seller on Amazon, looking up the closest movie theatre on the car’s GPS or searching for a dinner recipe on the refrigerator’s built-in touch screen. Of course, with these daily aides comes the ever-growing risk of our technology being used against us.

Media attention has shifted to the dangers of Internet connected devices as of late, giving the public its first clear look at what the world of cyber security handles. Nearly every week, a new announcement surfaces regarding banks or big-box retailers being targeted, personal information compromised or intimate photos leaked. With each new successful attack the need for stronger security becomes ever more evident. Most of this security is focused on the larger companies – Target needs to bolster its card security, Apple needs to take more precautions with its Cloud technology – but there are things that individuals can and must do to play their part as well.

Keeping your family and yourself safe in this ever-changing environment is no small feat. However, there are a number of steps you can take to shore up your personal cyber-security. Though you may not be able to prevent every attack, you can lower your risk, stop many and be prepared for the ones that do get through.

What can one person do? The good news is cyber-security starts with the individual.

As with any confrontation, it is imperative to know what you are up against. How much of your household technology is hackable? Which can be used against you if they become compromised? Any Internet-connected device is at risk of being infiltrated, from your baby monitor to your favorite gaming console. This doesn’t mean that you can’t use them, though – there are some simple things you can do to maintain your privacy.

Tips for Safeguarding Your Computer

Even the most basic security setups require that you keep your computer up to date. Updates are not only issued to better user end software but to patch discovered security flaws. Ignoring updates is a swift way to weaken many other security options.

Use proper password etiquette! Passwords should be a minimum of eight characters. Use upper and lower case letters, numbers and symbols, but avoid grouping the different types of characters together (for instance, Password123). Do not use the same password for multiple accounts, do not share your passwords with anyone and, if you have too many passwords to remember, store a handwritten copy in a safe access-controlled place. Avoid using the password save function your computer offers.

 

In addition, virus protection software allows you to react swiftly if something malicious does make its way onto your system. There are many to choose from, ranging from run-in-the-background to system wide control, so it’s important to do your research to determine the best choice for you.

Using Common Sense

Using common sense goes a long way in the digital world. You can avoid a lot of trouble by ignoring suspicious emails and avoiding untrusted sites. Some of the easiest ways to become the victim of a scam or virus is by clicking on random links, visiting suspicious websites, opening strange email attachments and falling for phishing scams.

Keep in mind that everything you put on social media is available to everyone, and likely to be accessible in some way even if you delete it. Knowing the difference between what should and should not be private is crucial; aside from not posting sensitive information, it’s not necessary to let everyone know where you are and what you are doing. Photos of you drinking with friends are more likely to cause future trouble than a day at the park with your dog.

The same goes for information you place in the Cloud. Regardless of what Cloud service you use, your data could be at risk. When it comes to important documents that you may want to have access to, such as birth and marriage certificates, social security cards and insurance documents, keep them physically or on an encrypted CD or device that is not accessible by the Internet. Though the Cloud is convenient, it is far from impenetrable; use it for photos you don’t mind others seeing, audiobook and music files, a clean back-up of your operating system and non-sensitive application files only.

Be aware of how many cameras you have in your home and with you on the go. With the average number of devices in each home these days, it isn’t strictly necessary for someone wishing to spy on you to bug anything – in many cases you do it for them. Miss Teen USA Cassidy Wolf found out the hard way exactly how such devices could be used against her when a perpetrator hijacked her computer, turned on her webcam and took images of her undressing in real-time without her knowledge. Obviously, be mindful of what is within view of capture-enabled devices.

Security-minded Online Banking

Banking is extremely easy in the modern age, and though banks have a number of security measures in place by default, it’s your job to put them to good use and implement a few of your own. As with any site, make sure your password follows the tips set out above. Legitimate employees of any company already have access to your account, so if anyone asks for your log in information, or directs you to do anything abnormal, it is likely a scam.

There are optional security measures your bank can put in place, such as security tokens. You can ask your bank about setting up a virtual fob, which generates an instant random code, to access your account. If hackers are able to access one of your accounts within a financial institution, they may be able to draw money from all of your accounts at that institution if these accounts are linked – as, for instance, through overdraft protection. For this reason, consider opening an unconnected account at a different bank in case of emergency.

What else can I do?

You don’t need to be an information security professional to understand the basics of your own security needs. Information is available and universities offer classes on the subject to the public online. Though many common sense choices can keep your information and privacy safe, the best way to protect sensitive information is by understanding its value.

Proper security starts at the individual level but does not end there. While it is true that companies and the government are late to the game, public awareness is finally leading to a significant and well-founded outcry. Some companies have started to answer this call. As this outcry increases with each cyber attack that makes headlines, the additional social pressure for privacy and security will require reexamination and action.


This article is based on the KT Designs’ white paper, “Privacy, Security and Mitigating Risk in the Digital Age: A ‘How To Guide’ for Navigating Machiavelli’s Playground for the individual.To access the whitepaper in its entirety for free, please visit the whitepaper section of our website: http://www.kt-designs.org/white-papers/

KT Designs is a privately owned company that operates on the ideals of honesty, integrity and transparency. We are experienced in working on cases and projects of all sizes and in most jurisdictions, including internationally. We are devoted to the personal and intellectual growth of our employees and clients, and to facilitating continued learning in our audiences on the most complicated of topics. We consider our clients’ satisfaction and confidentiality above all else.

Protecting Compromised Information

In the wake of the most recent disclosures of large-scale successful computer breaches of US government systems, we thought it prudent to include some information on what do to if you discover your identity or digital footprint has been compromised. Know exactly what needs to be protected and have a plan in place before something happens. This extends to information as well as physical assets.

General steps to take in the wake of a systems breach:

Detect, Isolate and Remediate

  • Isolate the affected system immediately to mitigate potential damage. Once contained, act to remediate the compromised systems.

Assessment

  • Assess other systems to ensure that containment was successful and no other areas were compromised by the breach.

Mitigation

  • Mitigate the consequences of said breach as quickly as possible. For an individual, this would include contacting your financial institutions and credit lending agencies. For companies, this could include enacting business continuity and disaster recovery protocols and procedures.

If you have ever applied for a security clearance from (or required a background check by) the US government, the following is some basic guidance for assisting you in mitigating your risks:

  • Put a block on your credit reports to prevent anyone from opening new accounts unless you are contacted first: http://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs
  • DO NOTrespond to e-mails or phone calls from anyone saying that they are from DHS, OPM, or DoD and are offering to help. Expect fraudulent phone calls.
  • Change all of your security questions on ALL of your bank and credit account information, make sure the security questions and answers are not provided by you in your security clearance information.
  • Close all accounts you are not using.
  • Request from your banks and credit card companies that they send you new cards with chip and pin.
  • Use the Freedom of information Act (FOIA) to request the information obtained by US DoD for the purpose of granting your clearance.
  • Await the OPM letter that will send you a pin number so you can log in and register for free credit monitoring and up to $1 million in coverage in case your identity is compromised and potentially affects your credit.

Remember, this information provided is only basic, though considerable time and effort on your part is required for one or more of these steps should you wish to pursue these risk mitigation efforts in protecting your compromised information.

If you are concerned that you have been compromised and wish to take further steps by getting in touch with a security professional, KT Designs can put you in contact with one of our experts. Please contact us at 202.554.0272 or info@kt-designs.org.

*Information provided by Kristin Thomas and Kalani Enos.

The Use of Learning Theory in Litigation

“If one of our goals in jury trials is to send into a jury room a jury well equipped to render a fair and impartial verdict, then in my view, we are shortchanging all litigants if we are not providing our jurors with all the necessary aids and tools to enable them to perform the critical tasks we ask them to undertake.”

— Hon. Michael F. McKeon, Jury Trial Project in New York


The key to being successful in litigation is clear, concise, effective and persuasive communication. In effect, a lawyer is an educator – disseminating facts and evidence about a case to fact-finders. How those facts and evidence are presented to a jury, judge or panel can mean the difference between comprehension of said information and confusion, boredom and apathy. Properly educating the fact-finder on complex information without overwhelming them while effectively rebutting adverse counsel’s points are the litigators’ main objectives. During demonstrative development and argument preparation, it is important to understand how to distill and accurately represent case facts in a persuasive manner for maximum comprehension.

Bold research in the fields of neuroscience and brain imaging at the University of Birmingham, UK, has provided interesting new data that is applicable to the field of learning. Dr. Doe Kourtzi, Chair of Brain Imaging at UAB, explains, “What we have found is that learning from past experience actually rewires our brains so that we can categorize the things we are looking at, and respond appropriately to them in any context.” People learn, process, retain and recall information differently. The majority of learning theory experts agree that whether you are teaching a class of high school students or arguing your case in front of a jury, utilizing more than one teaching method increases the fact-finders’ level of comprehension.

US educationist Edgar Dale pioneered the “Cone of Experience” theory, holding that using various types of learning strategies increases comprehension and retention. Dale’s hypothesis incorporates different types of teaching methods, including utilizing symbolism, audio, imagery, video and direct participation. For litigators, Dale’s theory has practical applications in the courtroom. Over the past two decades, the method by which evidence is presented has changed. Law firms have taken a measured approach to embracing the use of technology in every stage of the litigation life cycle. Litigation graphics are now commonplace in courtrooms and are being included as early as the motions and pleadings phases, as opposed to limited graphics like the obligatory graph or chart during trial. This technology facilitates the litigator’s ability to persuasively present their evidence verbally while reinforcing their message with supplemental visual and auditory evidence.

Until deliberation, juries have a passive role in court proceedings, impartially considering the evidence presented and rendering a verdict based upon that evidence and the rule of law. Within the past few decades, courts have experimented with various changes to procedure; this has led to controversy because some procedures encourage jurors to take a more active role during the evidentiary presentation of trial or have the potential to distract jurors from listening to the evidence being presented. Two controversial procedures, allowing jurors to take notes and juror questions, are being tested at a measured pace in various jurisdictions across the country.

For many, taking notes assists in processing and retaining the information being presented and then facilitates the recall of that information. Allowing juries to take notes during the course of a trial has only developed over the past few decades. As this experimental procedure is implemented across the country, extensive studies continue to be conducted and relevant data collected. One study found that of jurors who were not permitted to take notes, 76% of jurors on civil trials and 50% of jurors on criminal cases communicated that they would prefer the opportunity to take notes in future trials.

Another procedure being experimented with in courts is juror questions. According to the findings of the Arizona Filming Project, over 28% of juror questions gravitated towards clarifying factual information and over 61% of juror questions were evaluating questions focused on discrepancies in testimony or disputed facts being presented.

 

How people best understand, internalize, and then retain information for later recollection varies. By utilizing multiple teaching methods in the courtroom, explaining evidence, assisting in processing information and facilitating memory retention and recall, courts assure that jurors are better prepared to carry out the duties with which they are charged.


This article is based on the KT Designs’ white paper “The Applicability of Learning Theory in Litigation.” To access the whitepaper in its entirety for free, please visit the whitepaper section of our website: http://www.kt-designs.org/white-papers/

KT Designs is a privately owned company that operates on the ideals of honesty, integrity and transparency. We are experienced in working on cases and projects of all sizes and in most jurisdictions, including internationally. We are devoted to the personal and intellectual growth of our employees and clients, and to facilitating continued learning in our audiences on the most complicated of topics. We consider our clients’ satisfaction and confidentiality above all else.