With online crime on the rise, legal practitioners need to be up to speed with cyber law and security.
Not surprisingly, the 2020 mass exodus from corporate office to home office has delivered a significant spike in cyber crime.
When information and data moves from secure office networks to in-home personal devices, it can quickly become easy pickings for opportunistic online criminals.
One sector that’s particularly high risk is the legal profession as it handles large amounts of confidential and sensitive information. For any legal practice to maintain its integrity, robust cyber safety is crucial.
Dean of Deakin Law School (DLS) Professor Jenni Lightowlers says that there’s an increasing demand for lawyers who have expertise in cyber law.
‘Cyber attacks are widespread and growing … lawyers aren’t always renowned for being computer or IT savvy but it’s incredibly important. You don’t want to be the weak link in your firm, business or organisation that allows cyber criminals to access data.’
The cyber dimension of law
DLS senior lecturer Dr Vicki Huang says all legal problems have a cyber dimension – from the simple storage of client files through to traditional legal transactions such as electronic conveyancing, electronic financial transaction, and e-tax filing.
‘A good legal practitioner needs to understand the risks of working online – this can involve securing networks, good password management, understanding and managing data, and may include abiding by domestic and international data privacy rules,’ she explains.
‘Lawyers need to stay up to date with what their clients are doing in order to better serve their needs. Having a basic understanding of IT enhances the level of empathy and advice a lawyer can have when working with their clients.’
Cyber risks for the legal profession
A successful cyber attack can have a devastating impact on a legal practice.
‘Cyber criminals are after your financials, your identity, and access to your trust arrangements or partners,’ says Prof. Lightowlers.
These attacks can wreak havoc on a number of fronts including “Zoom-bombing” (where rogue guests invade online meetings), ransomware attacks, invoice and phishing scams, attacks on remote access systems, financial theft, destruction of client data, and the immobilisation of IT equipment.
‘With millions of devices worldwide, and increasing speeds of networks, cyber attacks will escalate. The law profession will need to work out a way to handle it and find a way that we can apply the laws appropriately … cyber is an accelerating area of the law,’ says Prof. Lightowlers.
The cyber challenge
One of the biggest challenges in cyber security is to improve and maintain trust in the digital economy.
Dr Huang says that if consumers don’t trust the “system” then Australia can’t participate and thrive in the digital age.
‘The only way for consumers to have trust in the system is through informed consent to transparent processes, and through trust that government and industry are being overseen by some kind of regulation or legal oversight.’
Rollout of new ACCC regulations
The Australian Competition and Consumer Commission (ACCC) is soon rolling out its Consumer Data Right to the banking sector and Dr Huang says this is one example why lawyers need cyber law and security knowledge.
‘The ACCC’s goal is for consumers to access and potentially transfer their own banking data to other trusted parties. The government plans to roll out similar regulations to the energy sector and then, potentially the telecommunications sector.’
She explains that the mandated increased access to consumer data will have a significant impact on the information systems maintained by these industries and lawyers who can understand the technology will have an advisory advantage.
‘This won’t be a simple task. For example, what lawyers define as “consumer data” may not match what IT professionals or industry systems define as “consumer data”. These kinds of regulatory changes – in relation to data and access to data – are likely to be more common as consumers and governments become more aware of the value of this information.’
Cyber-savvy lawyers needed
Even without the push from a global pandemic, there’s been a growing need for legal practitioners to boost their cyber law and security knowledge.
‘At the very least, a good lawyer needs to be able to communicate with clients who are often more sophisticated about cyber matters than lawyers traditionally are,’ says Dr Huang.
Meanwhile, Prof. Lightowlers says the opportunity for lawyers to ‘work in cyber’ is enormous.
‘In Australia alone there are tens of thousands of jobs for lawyers who understand cyber law. It covers an extensive area – investigation principles, information security, data protection, intellectual property, forensics, international and domestic criminal law and torts law, just to name a few.’
Deakin’s Graduate Certificate of Cyber Law is a fully online, one- year course designed for both lawyers seeking knowledge of cyber issues and cyber professionals seeking cyber law knowledge. It delivers two units of cyber law from the Deakin Law School and two units of cyber security and analytics from Deakin's School of Information Technology. Completion of the Graduate Certificate of Cyber Law provides a pathway into Deakin’s Master of Laws and Master of Cyber Security (Australia’s first accredited cyber security course).