Andrae Campbell Archives - IPOsgoode /osgoode/iposgoode/tag/andrae-campbell/ An Authoritive Leader in IP Thu, 29 Mar 2018 13:46:01 +0000 en-CA hourly 1 https://wordpress.org/?v=6.9.4 Hacking the Sacrosanct Lawyer-Client Privilege /osgoode/iposgoode/2018/03/29/hacking-the-sacrosanct-lawyer-client-privilege/ Thu, 29 Mar 2018 13:46:01 +0000 https://www.iposgoode.ca/?p=31406 We have swiftly transitioned into a digital age and it seems as if information could be the new weapon of mass destruction. Cybercriminals have long realised just how valuable information can be and have been launching missiles at an unprecedented rate, resulting in copious causalities of information security breaches. Earlier this year, CNN reported that […]

The post Hacking the Sacrosanct Lawyer-Client Privilege appeared first on IPOsgoode.

]]>
We have swiftly transitioned into a digital age and it seems as if information could be the new weapon of mass destruction. Cybercriminals have long realised just how valuable information can be and have been launching missiles at an unprecedented rate, resulting in copious causalities of information security breaches. Earlier this year, CNN reported that Hospitals in the United Kingdom fell prey to the WannaCry cyber attack and had to declare states of emergency because patient records were inaccessible, putting patient lives at risk. From multinational corporations, to even patients lying in hospital beds - it seems as if no one is immune to these threats. Could the legal fraternity be next?

Potential Liability and Cybersecurity Strategy

There are some secrets that must be taken to the grave. Information flowing from the lawyer-client relationship is generally one of them. The lawyer-clientĚýprivilege bestows upon lawyers a legal and professional duty to protect clients’ confidential information. Confidentiality does not only involve the “Chinese Wall”, being tight-lipped about certain information or locking away case files in vaults. In this technologically advanced society, it also requires a lawyer to take reasonable steps to protect digital information as well. Failure to do so may have far reaching implications; ranging from discipline from a law society, to even civil liability and the administration of justice being adversely affected.

Discipline from Governing Law Societies

Rule 3.3-1 of the Federation of Law Socieities of Canada'Ěý states that a lawyer owes a duty of confidentiality to every client and as such must hold in strict confidence all information flowing from the lawyer-client relationship. This duty even survives the professional relationship. Therefore, a lawyer could potentially face discipline if an investigation revealed that reasonable steps were not taken to protect clients’ digital information.

Civil Liability

Multi-national corporations including Home Depot and Target have reported unauthorised access to some of their clients’ personal information. Canada has endeavoured to raise the standard by passing a number of statutory provisions such as the and the that require entities to incorporate Cybersecurity Best practices in their operations. The legal fraternity is no different in terms of the personal, confidential and financial information they may collect from their clients. There is still a legitimate expectation to take reasonable steps to protect information so clients could very well bring a civil action against lawyers who fail to meet this expectation.

Implications on the Administration of Justice

Imagine if a Court’s information system got compromised because of poor cyber security practices and personal information of key witnesses or jury members inadvertently became public. Not only would there be legitimate concerns regarding their personal safety but there may be serious implications on the administration of justice.

The Supreme Court of Canada pronounced inĚý łŮłó˛šłŮĚý“unjustified, or even accidental infringements of the privilege erode the public’s confidence in the justice system”. Alva Group in a White Paper concluded that data breaches always present a reputational risk. In fact, share price, customer acquisition and retention are some of the critical areas that may be affected. The court system, arguably, is no different. Many trials could face significant delay if persons become apprehensive about serving as witnesses or jurors for fear that their personal information inadvertently get into the wrong hands. This is one way that “unjustified, or even accidental infringements” of confidential information could erode the public’s confidence in the justice system.

Oh come on, I am no tech whiz, I am just a lawyer!

As much as that may be true, unfortunately, this argument won’t fly, especially in Canadian courts. The courts have dealt with the vexed issue of inadvertent disclosure and have taken a firm position. Elliot v Toronto (City) reminds us that inadvertent disclosure does not waive privilege. As Arbour J puts it inĚý,Ěýa client has a reasonable expectation of privacy in all confidential documents and communications flowing from the lawyer-client relationship.

Having a brilliant IT team may allow some to sleep well at nights but lawyers have a role to play too. Certainly, lawyers are not expected to know the nuances of binary code but the reality is that many Cybersecurity attacks are not necessarily sophisticated attacks either. IBM reported that 60% of all attacks originated from threat agents inside the organisation. Earlier this year, McEwan University reported that they succumbedĚýto phishing attacks resulting in them losing $11.8 million dollars. This was not a high tech, state of the art attack; employees were merely duped into changing electronic banking details for one of their vendors.

Law and technology can no longer be business as usual

It is ripe time that the legal fraternity pulls up their proverbial socks and adjust to this technological era by incorporating sound Cybersecurity strategies into their practice. Failure to do this may lead to discipline from a law society, civil liability or have far reaching implications on the administration of justice.

 

Andrae Campbell is an IPilogue editor and LLM Candidate at Osgoode Hall Law School.

 

The post Hacking the Sacrosanct Lawyer-Client Privilege appeared first on IPOsgoode.

]]>
Can Legislation Restrain the Looming ‘Beast’ of Artificial Intelligence? /osgoode/iposgoode/2018/03/21/can-legislation-restrain-the-looming-beast-of-artificial-intelligence/ Wed, 21 Mar 2018 17:20:09 +0000 https://www.iposgoode.ca/?p=31454 Amidst the unprecedented number of cyber-attacks in recent years, we have quickly transitioned into an Artificial Intelligence (AI) Era in which Intel predicts more than 200 billion Internet enabled devices by 2020. The use of Big Data to fuel AI development has brought about groundbreaking innovations that will impact virtually every aspect of human lives. […]

The post Can Legislation Restrain the Looming ‘Beast’ of Artificial Intelligence? appeared first on IPOsgoode.

]]>
Amidst the , we have quickly transitioned into an Artificial Intelligence (AI) Era in which Intel predicts more than . The use of Big Data to fuel AI development has brought about groundbreaking innovations that will impact virtually every aspect of human lives. In fact, jurisdictions around the world are already embracing this technology: , , and . The rise of AI brings on many challenges and, as revealed in 2017, the Government of Canada wants the country to be committed to global leadership in AI. Are we ready? As Canada braces for the impact of AI, legal and policy stakeholders continue to strategize how best to shape government cybersecurity policy going forward. On February 2, 2018, IP Osgoode’s conference brought together experts, scholars and technology enthusiasts from around the world. In particular, the “Cybersecurity and International Risks in the AI Era” panel, chaired by , discussed how cybersecurity risks have increased in this automated era. The panelists also commented on how best to leverage AI while mitigating these risks and the role legislation can play in addressing some of these challenges.

First Off, what really is AI?

Traditionally, computers were thought to be creatures of instructions. However, over six decades ago, the umbrella term, Artificial Intelligence, was coined to refer to a computer’s ability to make decisions without direct human intervention. According to Arthur Samuels, it is “a field of study that gives computers the ability to learn without being explicitly programmed.” that allow for human-like responses to problems by identifying patterns from enormous pools of data. From , , , to , AI is literally in our faces and has the potential to infiltrate nearly every aspect of our lives.

 

AI Poses Both a Risk and Opportunity

Cyberspace, despite its many advantages, continues to be exploited. Since 2013, . AI provides a unique opportunity to bolster cybersecurity solutions by utilizing predictive analysis capabilities. Almost and it appears cybercriminals are always a step ahead because .

AI is a game changer, which can allow for a more proactive and dynamic approach to cybersecurity. For example, deep learning technologies can , run numerous simulations, and predict potential attacks and respond accordingly.

However, AI comes with a number of risks, such as threat agents using AI to develop automated attacks that learn and adapt to vulnerable systems in real time. AI models also thrive on data, so bias or false positives could adversely affect decisions or actions taken by the algorithm. Issues of accountability and even tort liability may arise if the AI model goes rogue and does what it was not programmed to do.

Managing Director and CEO of ABCLive Corporation, , expressed that the capacity of AI to learn and evolve will undoubtedly exceed human capacity. For example, in 2016, where its sutures were found to be superior and done with more precision. As astounding as this may be, there are still risks to consider. If this AI bot was somehow compromised and succumbed to a cybercriminal’s ransomware attack, human lives could potentially be at risk.

 

Privacy vs. Security – Do We Tradeoff or Can We Have Both?Ěý

So, how can these risks be mitigated? It appears that efforts to do so could impact privacy rights or even the fabric of a nation’s security.

According to Benjamin Franklin, Jurisdictions around the world continue to struggle with this concept, especially in light of autonomous AI weapons and other national security concerns. , special counsel, Yigal Armon & Co. and former Israeli legal advisor for the National Security Council, argued that an invasion of privacy might be a necessary trade off in some instances, . Keidar posited that while an individual’s privacy rights should be protected, the concept of freedom also extends to border security issues and other national security concerns. Clearly, this topic is a mammoth task for governments, so a natural corollary is that in order to preserve the security architecture of a nation, tools need to be developed to allow for a certain level of security. Consequently, in an attempt to keep citizens safe, this invariably might encroach on individuals’ privacy rights. Conversely, privacy expert maintains that it is quite possible to have both privacy and security. Cavoukian argues that over one’s data and this should be reflected in free and democratic societies. Her proposed approach seeks to change the paradigm from flawed ‘zero-sum’ models to ‘positive-sum’ models. Privacy and security would no longer be competing interests because measures safeguarding privacy would be proactively embedded into technological operations and security considerations. Cavoukian predicts that the implementation of the (GDPR) in May 2018 will replace current privacy laws in all European Union member countries, making privacy the default. As such, the use of data will be ‘user-centric’ and only used for the purposes it was collected for. Entities who do not abide by the GDPR could face fines of up to 4% of their global revenue. Cavoukian’s proposed would allow for transparency and oversight of algorithms with high levels of accountability, which could help to facilitate ethical algorithmic designs and data symmetry.

 

Is Legislation the Answer?

Technology enthusiasts around the world, including Stephen Hawking and Elon Musk, argue that AI is an existential threat to humanity and are calling for nations to . Indeed, there are concerns about AI’s impact on weapons and privacy rights, but whether legislation can restrain this ‘monstrous beast’ is moot. Not only are there jurisdictional issues as it relates to regulating AI in a borderless Cyberworld, but AI is evolving and do not have a good of .

Even if policy makers manage to develop a legislative framework for AI, that is only one aspect of this labyrinthine technology. Other issues to grapple with include potential job losses in those roles at risk of automation. For example, a revealed that due to AI bots taking over assembly line work traditionally done by humans. Ěýdue to automation as well. Even the legal fraternity is not immune, especially with talks of possibly replacing lower-level legal assignments carried out by articling students or junior lawyers. Governments would also need to consider wider economic implications such as the decline in tax dollars received from those jobs.

AI could boost by 2035, so policy makers should be cautious in over regulating this invaluable resource that could drive innovation. Over regulation could possibly stifle growth in AI by making it a less attractive field for investors. For example, a potential backlash could be Google and other tech giants such as no longer investing in Canada.

Perhaps more work needs to be done in developing ethical oversight of AI; particularly teaching AI the unique aspects of human values like privacy and freedom. who have been for over 30 years, so their expertise in determining the extent to which these principles can be reflected in AI technologies could then inform legislation. Canada would then need to focus its policy lens on training and research, thus building and sustaining Canada’s AI ecosystem.

 

Andrae Campbell is an IPilogue Editor and an LLM Candidate at Osgoode Hall Law School.

 

The post Can Legislation Restrain the Looming ‘Beast’ of Artificial Intelligence? appeared first on IPOsgoode.

]]>