*AVV. ANDREA PULIGHEDDU
1.Introduction
In his most renowned novel Neuromancer, the writer William F. Gibson has introduced the key concept of cyber space. The main character, Henry Dorsett Case, is a low-level hustler that aims to reconnect himself to the Matrix, a virtual reality computing platform sited, precisely in cyberspace. Moving from this fictionalized idea, in 1989 the writer and musician Jaron Lanier developed the concept of virtual reality, referring to it as a three-dimensional realities system implemented with stereo viewing goggles and haptic gloves.
Since those days virtual reality (VR) has typically been portrayed whether as a medium, like a telephone or television, and at the same time delved as a new kind of dimension in its philosophical meaning. In a few years of technological development, this new medium has rapidly reached a high level of commercialization, and the massive use of VR as gaming, educational, and entertainment standard methods, is still right behind the corner. Especially during the first part of COVID-19 pandemic period (from Feb. 2020 to May 2020), we assisted in a speedy utilization of these systems among geek and non-geek consumers. Even from the investors’ point of view, the outlooks seem to sound pretty good: in 2019, venture capitalists invested at least 4.1 billion in the VR industry, and these numbers seem to be destinated to grow up and scaling up faster than the last three years.
As soon as these systems have been starting to be commercialized for the entertainment industry, a huge number of professional sectors start to verify what types of business uses were possible introducing the VR inside the company productive process and internal activities. There are several successful user cases available, such as in the training and control activities carried on by QA operators or in education and law enforcement.
Despite the virtuous models studied, there is one professional category on the others whose absence seems a serious loss of opportunity: the legal services.
In this short contribution, we will delve into the meaning of virtual reality under the legal practice experience perspective. In particular we will try to examine on one hand if those kinds of technologies are effectively disruptive for the lawyer category and on the other hand what legal tech applications are concretely possible in order to place the legal industry into this new tech path.
2. Virtual Reality background
For the purpose of this post, “virtual reality” or “VR” is an immersive three-dimensional computer-generated environment. Secondly, as well as the environment definition, we need to reduce the scope or analysis regarding also on hardware basis. In order to maintain a commonly understandable level of debating, in this brief article we will take in consideration only systems constituted by a minimal corpus of particular machines. Considering this, the basic hardware infrastructure assumed as an example in this post is a pair of common VR eye goggles and wired clothing.
Therefore the VR system as defined consist in a computer generated environment, experienced within a tethered or standalone devices such as the previous ones described. One of the key factors of every VR experience resides in peripherals sensors. Sometimes these sensors are programmed with a dual purpose, such as to allow the user to interact with the real world also within a virtual dimension. Visual tools and motion detection set in a such smart way enable a high level of responsiveness and immersive user experience for several different types of possible applications. We will not examine deeply every hardware component of that systems, nevertheless also a high-response audio and a clear video setup are definitively others essential ingredients for a disruptive VR experience.
At this point is sufficient to focalize at least on these two fundamental points for the post scope: the importance of sensors to assure good quality feedback for users involved in a VR experience and the immersive value that the experience has to own itself in order to be introduce innovation trough work activity carried on. This last profile, already not examined, is delved in the next point through a legal tech point of view.
3. Legal tech and related outcomes
Changing perspective, Legal Technology (briefly known also as “Legal Tech”) represents another phenomenon that rapidly soared in a few years growth span. The term, born in the late 1980s, reached its current notoriety level through the studies published by Richard Susskind in his Tomorrow’s Lawyers: An Introduction to Your Future book. The Susskind’s main standpoint was that at least three innovation driving factors can fundamentally be identified with regard to lawyers’ typical activities: resizing tasks from more to less, full liberalization of legal business, and reinforcing alliance between legal matters and technology.
Starting from these three considerations, legal tech has rapidly evolved: from theory it becomes literally a new re-thinking way of the worldwide law professional area, introducing a massive automatization of legal process within code writing and developing new patterns to solve traditional legal problems.
The range of services offered is several. Some are facing typical legal issues, such as due diligence, invoicing methods, reports creations, assessment, gap analysis, etc.; others, more advanced indeed, are focused on contracts and provide computer code-switching systems able to manage different contracts templates as client’s needs. However, the most visionaries and disruptive services ideated from legal tech experts involved the field of artificial intelligence (AI) and blockchain, combining complicated algorithms for legal research or documents signing and transmission or rather for trial justice in courts activities.
Productivity plays an important role for the law firm overall efficiency real growth, but there are disadvantages also related to an adventuristic method of growth like this one. A software represents, more or less, a further level of intermediation between these two parts, and could annihilates the active interaction part which is one important phase of every good legal practice. How to solve it? VR can represent an opportunity.
4. Improving legal experience: VR scenarios and LT tools synergy
One of the possible ways to reduce the loss of immersivity as described above, should be sought in VR development.
Picture this: an area furnished according to medieval Japan style, with two historiated seats placed in the middle of the room and two digitalized avatars -a legal counselor and his client- arguing about an agreement or rather about due diligence if you preferred it, in a professional meeting. Imagine that their dialogue is being supported within several tools: figure if that the counselor, at a certain point, with a simple hand gesture detected by peripheral sensors, can turn on a new software window shown on the visual hub of both parts. The software chart shown could, of course, change depending on the argument chosen. For example, during a discussion for an agreement can be useful to show the electronic document version using a writing tool. Adding more variations is possible that some notes should be inserted during the dialogue, maybe with the help of a voice recognition software which summarizes all important statements that emerged during the meeting. In the meantime a legal research tool is scanning all the words provided in the agreement, verifying the percentage of the possible positive verdict in case of a claim or the amount of possible legal issues related to the meeting object.
The audio and visual impact plays a fundamental role as well. For this reason, coming back to our scenario, while both are dialoguing the software chart shown should be endowed with some audio alerts accorded to the complex passage of the legal writing or with the same visual evidence that shows possible interpretative issues or mistakes. A perspective like the one given can definitively raise the number of possible variations. The list of scenarios could be absolutely huge but in order to maintain a synthetic pattern we limit our vision to this one: a more accurate portrayal of human emotions by virtual characters can definitively help law firms to challenge any inherent bias within the firm and their clients’ businesses and boosting the identification of legal needs, preventing several judicial issues that could be delivered to Courts and discharging at the same time the jurisdiction system from useless trials as well as from others administrative costs.
It is evident that this unique synergy between Legal Tech and Virtual Reality represents a disruptive opportunity: the former add some tools that, if integrated, can definitively accelerate legal counseling activities, the latter demolish the immersivity absence of the first one joining the participants to wonderful scenarios that protect the touchy relationship between the client and his lawyer.
5.Current legal issues, risks and challenges.
Based on the facts exposed, it can be affirmed that a synergy between VR application and Legal Tech methods should represent a clear plus to enhancing the legal experience of the future. Nevertheless -especially regarding the EU area regulation- there are several legal issues related to this constantly evolving process, that deserve to be briefly delved.
First of all, there is an unsolved dilemma related to the preservation of a full confidentiality status between client and lawyer, considering both as categories. In other words: cybersecurity and how to preserve it.
In fact, regarding this aspect, some of the challenges that lawyers will face in this new environment will be familiar to the on-life one. These should include, just, for instance, concerns about the security of conversation and documents shared within the VR ambiance, retaining company secrets during the development process, and protecting communications in the virtual world. Is client confidentiality safe and secure, just as it is commonly presumed during on-life counseling?
The European Union has just developed through the ENISA activity a framework of the legal basis for cyber law application. Following this set of rules is basically a guarantee for key users a minimum level of proper security incidence response, also according to the recent review of the Directive on Security of Network and Information Systems (aka NIS2 Directive).
On the other hand, a proper impact assessment for that hybrid VR/L-Tech system has to consider intellectual property rights protection, and facing this task is not easy at all. The aim to preserve Clients secrets from possible violations that occurred during several moments (such as integrations with external tools like documents software-based add-ons or research engines) is literally in contrast with the current VR based sharing methods, which currently are not covered with specific information security tools as antivirus or firewall dedicated. Naturally, their development could represent an easy obstacle to cross, even if information security history teaches us that hurried solutions for complex problems often represent a risk instead of a solution.
The third problem is related to cultural issues as well as legal, or rather the privacy-compliant adoption by clients as digitalized perspective of legal services. In fact, according to statistics, one of the most diffused concerns about VR systems used for different scope than gaming is related to data security and privacy: in 2020 more or less the 50% of subjects interviewed individuated it has the major problem for that systems, dropping that amount in comparison to 2019 (which provided a percentage number higher than 60).
Although the GDPR has already faced the problem within the article 22 provision, this is not sufficient at all to ensure a high level of protection for personal data processed through these virtual environments. Some of the main aspects that will definitively be delved in order to reach a proper level of processing security are, among others, targeted Data Protection Impact Assessment (DPIA) conduction (art. 35 GDPR), security measures individuation according to art. 32 GDPR provisions and data breach management such as enucleated by art. 30 of the Regulation mentioned.
Personal data are constantly involved in the VR process. From digitalization of bodies or avatar creation in the starting part of almost all software designed for social interaction in VR until the data collection during sessions of activities. Voice records, behavior profiling, and huge amounts of identifiable and sensitive data different for variety, volumes, and velocity of processing are continually used by algorithms in common software as well as VR applications. Privacy risks to VR users are particularly relevant, given the new information that Facebook -for instance- will be able to collect from its immersive VR platforms. These platforms currently track a user’s head movement and could potentially have the capability to track eye movement and, to one extent or another, also biometric information. Biometric issues are only part of the problem.
Conclusion
As virtual reality and legal tech software become normally used worldwide, lawyers that want to face the future challenges of law practice need to become used to innovation. Perhaps there are several legal and operative risks involved and not solved yet, but the immensity of VR systems blended with Legal Tech integration represents a path to cross, a morning star to strive for. Even if liabilities and privacy issues are still open, is our duty -and passion, for legal tech experts- to study and tailor a new body of law and practical guidelines where necessary, able to guide wisely this transition for another great era of human beings. The paradigm is already changed. Are we prepared for it?
Andrea Puligheddu – Privacy & Cybersecurity Lawyer. He held the role of Data Protection Officer for many primary public and private entities in the world of health software & technologies companies, internet service providers, Infosec, TELCO and hardware suppliers. Lecturer in photography and artistic production law for a national accredited media school. Lecturer in GDPR and Privacy Law at several EM (Executive Master’s of Law) on UNI ISO 11697:2017 e UNI PdR 43:2018 standard controls. Accredited as Cyber Security Auditor for international certifications authorities.
More at: https://www.studiolegaleprivacy.com/en/andrea-puligheddu/