How I’m Turning My Vision for Legal Technology into Reality: The Road Ahead

A few days ago, I shared some of the thoughts I had about Exterro’s acquisition of Zapproved. Reaching a big milestone, like an acquisition, is an achievement to celebrate, but it’s also a good opportunity to look back at the road traveled to get there. In 15 years, we’ve accomplished a lot with Exterro, but as I often tell my team: it’s just the beginning.

As an organization, Exterro has far more road ahead of us than behind. We’ve reached a major milepost, to be sure. Our acquisitions of Jordan Lawrence and AccessData gave us the legal technology’s pre-eminent legal governance, risk, and compliance management platform, giving users visibility into and management over the increasingly complex data environments found at today’s enterprises. Joining forces with Zapproved will help us deliver better-than-ever customer support and service, delivering on the promise of “ridiculously successful” outcomes for our clients.

But where does this road lead? While I can’t lay out every step along the way, I’m confident that we’ve got the contours right, and we’re doing everything we can to arrive at the destination.

At the end of that first article, I explained an analogy that’s useful to understand where we’re going. The promise of big data–the defining factor in 21st century business–is like that of oil in the early 20th century. It has the power to transform companies and industries in the blink of an eye–think about the collapse of the taxi industry in New York. A taxi medallion worth $1 million in 2013 is worth about a tenth of that today. But data holds tremendous risks as well, just as our over-dependence on fossil fuels is unleashing waves of increasingly perilous environmental impacts.

Cybercrime is pervasive. Over 50 million US citizens–just under one in six–were affected by cybercrime in the first half of 2022. Data breaches affect almost 100 people an hour, a 15x increase from 20 years ago. The economic impact of those breaches has increased as well, with the average breach now costing businesses $4.35 million.

The risks aren’t confined to crime. Consumers across the world are awakening to the rights they have been given by new privacy regulations like GDPR, CPRA, PIPL, and countless other state- and national-level laws. Buoyed by this sentiment, regulators are flexing their muscles. The FTC has recently reached settlements valued over half a billion dollars, and European data protection authorities have not been shy about handing out eight- and nine-figure fines as well.

Civil litigation isn’t going away, either, multiplying the risks posed by cybersecurity, data protection, and data privacy failures. The average company is spending $1.7 million per $1 billion in revenue on civil disputes, according to Norton Rose Fullbright’s 2023 Litigation Trends Survey. And just as privacy regulations are starting to normalize across the globe, experts are seeing that trend cross-pollinate back into the world of e-discovery.

I don’t want to overplay the downside, though. I’m fundamentally an optimist. The risks data poses are, if not solvable, at the very least manageable!

What is the foundation of efficient e-discovery, privacy operations, and cybersecurity incident response? Knowing what your data is, where it is stored, what you’re doing with it, why you’re holding onto it, and for how long you intend to keep it. In short, an up-to-date, actionable, intelligent data inventory.

Who provides that? Exterro does.

There are remarkable similarities in the processes of how organizations respond to discovery requests in civil litigation, fulfill data subject access requests under GDPR or CPRA, and notify affected individuals after a data breach. It starts by identifying and preserving data, narrowing down the pool, reviewing these large volumes of data quickly and cost-effectively, then producing (and perhaps redacting) what’s ultimately relevant.

Whose technology gives legal teams the ability to do all these things, end-to-end, securely in a single platform? Exterro. Issue legal holds, leverage AI for document review, manage consumer consent now that cookies are falling into disfavor with regulators worldwide? I think you know the answer, but if you’re not sure, it’s Exterro yet again.

To whom do all these disparate tasks matter? Who stays up at night thinking about them? Chief Legal Officers and General Counsel, that’s for sure. Exterro partners with the Association of Corporate Counsel every year on their Chief Legal Officers Survey. It’s the single largest survey of CLOs and GCs in the world–this year, for the 2023 ACC CLO Report, almost 900 participated.

What do they see as the biggest issues for corporations today? Cybersecurity, regulations and compliance, and data privacy are the top three issues they identified.

What business areas do they increasingly oversee, in addition to legal operations? Compliance, privacy, risk and cybersecurity–and the percentages responsible for those areas are increasing.

I don’t want to sound like I’m saying the same thing over and over, but these disciplines are converging, and the department most prepared to manage them effectively is the legal department. They need the technology that allows them to do so, they need it now, and they need it in one place–a single pane of glass to manage the risks associated with data.

With many businesses weathering economic turbulence, these vital functions can’t be outsourced to expensive outside counsel. Legal teams are bringing more of these functions in-house, as recent surveys we’ve conducted have shown. E-Discovery has been both the petri dish for legal technology innovation and the tip of the spear in terms of bringing technology into legal departments, but privacy and digital forensics/incident response are not far behind.

For an example of what’s happening, think back to the last major revolution that transformed business–the personal computer. Individual workers had on their desktops powerful tools that let them accomplish more faster than ever before. What were the productivity tools they used? They wrote memos and reports in WordPerfect. They tracked and manipulated data using Lotus 1-2-3 spreadsheets, and built presentations with Aldus Persuasion. Those once-dominant point solutions all fell by the wayside when Microsoft built a unified platform known as Microsoft Office.

Disparate, disconnected, standalone legal software solutions are marching down the same road. Connecting the tools in a single, secure platform, with an easy-to-use interface, and work products that can be moved from step one to two to three to project completion without risky data transfers just makes sense.

Who needs to be in charge? As the CLO survey shows, it should be the legal department. They have the skills, background, and mindset to weigh risks, make wise decisions, and avoid existential “bet-the-company” threats. They have the ear of senior leadership and corporate boards. And now they have the technology in their hands, in the form of our not just industry-leading, but industry-defining legal governance, risk, and compliance platform.

We’re not there yet–but this is the future I see ahead of us. Our acquisition of Zapproved is one more critical step along the journey. I hope you’ll all take it with me!