The Ethics of Acquiring Legal Software Programs

Ellen Lockwood, ACP, RP

Ellen Lockwood, ACP, RP

It seems almost every day there is a new legal software being marketed. Sometimes it is an entirely new product, other times it is a major overhaul of a program that has been around for years. Regardless, there are ethical issues that must be addressed prior to purchasing new or updated software.

One of the first things that should be confirmed is that your organization will own the data your organization puts into the software. Because this is critical, it is not enough to rely on language in the shrink wrap agreement, or a vendor’s verbal assurances. Depending on the software and the software provider, your organization may need a specific agreement that specifies your organization’s data belongs only to your organization.

Another critical factor is to evaluate the software provider’s security procedures. Many developers do not address security during software development, and only add it just before the software is released. This can lead to major security gaps. And once the product is in use, the focus tends to be on new features and optimization of performance. While most reputable software providers will include two-factor authentication, it is not safe to assume a software provider’s security will stay the same over time. The software provider’s security should be re-evaluated on a regular basis, and after updates.

In addition to security for access to the software, the provider should have information on how personally identifiable information in the software is safeguarded. One method would be to encrypt such information, so it is not as easily used and potentially distributed.

Algorithmic bias is another factor to consider. Bias is usually not intentionally included by the developers, but unless the developers remove bias from the algorithms, it will be present in the software. Software providers should be able to provide information on how the developers worked to remove bias.

If the software you are considering is from a new provider, it is worth investigating the people involved in the software company.  For example, if you discover that the new software provider is helmed by people who have a less than stellar track record in the industry, you may want to reconsider purchasing the software, at least for now.  If it turns out in a few years that the product and the provider are solid and reliable, you can always reconsider.

After vetting the software and the provider, your organization should consider the following before purchasing the software:

• What need does the new software serve? If the software will not provide a significant benefit, then perhaps it is not a wise investment.
• Who will be able to access the software and what rights will they have? Who will have admin rights, who will have data entry and edit rights, and who will only have viewing rights?
• What authorization is required to access the software?
• What kind of training will be required? Would it be beneficial to have different levels of training depending upon how each user will use the software?
• Who will ensure the training includes the organization’s security protocols regarding the software, as well as why those protocols are important?
• Will a new policy be required to address users who jeopardize the organization’s data?

While new software can be exciting, especially if it will make our jobs easier and help us provide better services to our clients, it is the organization’s ethical responsibility to thoroughly investigate the software and software provider before incorporating it into our practice.

Ellen Lockwood, ACP, RP, is the Chair of the Professional Ethics Committee of the Paralegal Division and a past president of the Division. She is a frequent speaker on paralegal ethics and intellectual property and the lead author of the Division’s Paralegal Ethics Handbook published by Thomson Reuters. She may be contacted at ethics@txpd.org.