Sponsored briefing: Debunking the myths holding back digitalisation

A lack of trust and technical know-how are holding back legal firms from digitising their workflows — but finding the right tools can be half the battle

For most UK law firms, the 2020 pandemic drove home the power of digitalisation.

While social distancing may have kickstarted remote work, the legal framework for tackling business online has already been in place for two decades. England, Wales, Scotland and Northern Ireland have all recognised the validity of electronic signatures since 2002, under the 2000 Electronic Communications Act.

Yet despite this long history and a heady springboard of technological progress over the last two decades, many legal companies still feel reluctant to move workflows online.

Common concerns include a lack of technical know-how, a dearth of resources, or worries about security.

But many of these misgivings are built on misconceptions, and can often be tackled with something as simple as finding the right tools to meet your company’s needs.

‘Common digitisation concerns include a lack of technical know-how, a dearth of resources, or worries about security. But many of these misgivings are built on misconceptions, and can often be tackled by finding the right tools to meet your company’s needs.’

As CISO and co-founder of Tresorit, the Swiss-Hungarian specialist in end-to-end encrypted cloud collaboration, my aim is to ensure as many people as possible can harness the opportunities that digitalisation can provide for growing, future-facing firms.

Tresorit’s comprehensive document management system caters specifically to sensitive files, ensuring that data and documents are protected throughout their lifecycle within one integrated interface.

Our latest add-on, Tresorit eSign, expands that platform even further, giving customers the power to sign documents electronically with the touch of a button.

But most importantly, our tools are also designed to tackle many of the perceived pitfalls that stop companies from embracing digitalisation, from legal and security worries to concerns about customer uptake.

We have rounded up four of the most pervasive myths about digital work and e-signatures — complete with tips on how your company can tackle them head-on.

Myth 1: E-signatures are untested under UK law

A 2021 survey carried out by the Solicitors Regulation Authority (SRA) in co-operation with Oxford University found that regulatory uncertainty was the main concern for legal firms holding back on adopting new legal tech solutions.

Some 45% of respondents felt that uncertainty around regulations on the use of legal tech was the critical barrier to their implementation, with most pointing to client confidentiality and GDPR.

In the UK, the Electronic Identification and Trust Services for Electronic Transactions (Amendment etc.) (EU Exit) Regulations 2019 (SI 2019/89) — otherwise known as UK eIDAS Regulation — already recognises three types of digital signature.

Simple signatures are defined as any electronic data used by a signatory that is attached to or logically associated with other electronic data — usually a digital contract. An SES requires no further proof of security or legitimacy.

‘As more legal firms have moved to storing and sending files online, the digital threats they face have also proliferated. But the key is being prepared for any potential dangers, rather than seeking to avoid them altogether.’

A second level of signature — advanced electronic signatures — requires greater care, and demands that the electronic data in question is uniquely linked to the signatory, capable of identifying the signatory, and linked to the signed data in such a way that any subsequent change is identifiable. It also requires the use of electronic signature creation data.

Finally, the highest level of electronic signature, a qualified electronic signature (QES), is created through a QES creation device and based on a qualified digital certificate for electronic signatures.

Tresorit eSign uses a simple electronic signature, or SES (although qualified electronic signatures will be available via the same user-friendly platform in the near future).

Not only are SES relatively-straight forward to use, but they have already proven their worth and legitimacy in the UK legal system.

English courts have previously come out in favour of even informal e-signatures. In one case, Golden Ocean Group Ltd v Salgaocar Mining Industries PVT Ltd, parties in the Court of Appeal were able to agree that ‘an electronic signature is sufficient and that a first name, initials, or perhaps a nickname will suffice’ when signing a contract of guarantee.

Myth 2: Customers do not want to go digital

In 2022, most people not only recognise the benefits of e-signatures, but already have some experience in using them. A study by Neopost France found that almost 74% of respondents had already used electronic signatures, and that 58% saw them as just as valid as their ink-on-paper counterparts.

At the same time, PwC’s 2020 Trusted Tech survey revealed that consumer trust in business technology was falling, rather than rising. So how can business leaders reconcile these two trends?

An erosion of trust is not a sign that companies should shirk away from digitalisation, but only that they should address customers’ concerns on data protection.

Showing your clients that you care about the security of their personal details should not be seen as a burden, but as a key step in building a productive working relationship.

Strong data protection is usually based on some form of encryption, and you will want to look at the different options on the market to see which kind of encryption is right for you.

But while encryption provides a keystone in stringent digital security, it is not the only thing companies can do to keep data safe. Tresorit eSign lets firms go the extra mile by providing document passwords, watermarks and time-limited links, and file access logs.

As all documents processed via Tresorit eSign are stored in Tresorit’s end-to-end encrypted environment, companies retain complete control over contracts and their confidential content at all times. With the help of tools such as set permissions, users can define who can view and edit each document, and how often or for how long they can be accessed.

Myth 3: Going digital invites greater risk

Some firms see moving workflows online as inherently risky. As more legal firms have moved to storing and sending files online, the digital threats they face have also proliferated. But the key is being prepared for any potential dangers, rather than seeking to avoid them altogether.

The truth is that all workplace tools — including email or even traditional, paper and ink documents — carry some form of risk.

One recent article from Information Security Magazine found that in the UK legal sector, one in ten cyber-security incidents were linked to data loss, but that these could stem from everything from a lost or stolen phone to paperwork being left on the train. Figures from Verizon’s 2022 DBI Report show that the human element continues to drive 82% of all data breaches.

Good digital security can both minimise the likelihood of human error, and put tools in place to mitigate the damage of any potential missteps. If you lose a briefcase stashed with confidential documents, then there is little that can be done to retrieve that information. If paper files end up in the wrong hands, they can easily be copied, photographed, or passed on. But with the right online tools, you can revoke access to documents that have been incorrectly shared, or add expiry dates for documents or links.

Digital security tools such as Tresorit will also include in-built auditing tools, so that IT team leaders can drive accountability and learn from past mistakes.

Access history logs will allow you to monitor which employees have opened a certain document, and can be easily exported. Some platforms will also be able to provide comprehensive reports in event of a data breach.

Myth 4: Complicated digital tools destroy productivity

Contrary to widespread belief, an arduous checking process is not the best indicator of a truly secure digital platform.

In fact, laborious security protocols not only eat away at productivity and efficiency, they can also pose a serious threat to your company’s cyber security.

‘The best IT solutions remove obstacles, rather than add to them. If staff find digital security tools cumbersome or difficult to use, they will often find a way to bypass them — and sometimes inadvertently put data at risk.’

The best IT solutions remove obstacles, rather than add to them. If staff find digital security tools cumbersome or difficult to use, they will often find a way to bypass them — and sometimes inadvertently put data at risk.

These shortcuts often result in the use of what is known in cyber security as shadow IT. If a staff member finds sending or sharing an encrypted file too complicated, for example, they may instead use an instant messenger or commercial cloud service.

But because these platforms are not built with business security in mind, they often contain vulnerabilities that can be exploited by hackers or other cyber threats. They also do not have tools that can guard against accidents such as mis-sent links, or stop sensitive documents from being photographed or forwarded on.

Good IT decision-makers prioritise solutions that put people first: tools that are intuitive and integrate seamlessly into everyday workflows.

Any change in IT should also be accompanied by a comprehensive training programme, so that staff feel supported, confident, and that potentially damaging errors are kept to a minimum.

Industry-leading digital platforms such as Tresorit will ensure that interfaces are clear and easy to use, even for those who are non-tech-savvy.

Further details on Tresorit eSign, as well as download options, can be found at www.tresorit.com/esign.