Technology and the Practice of Law

In order to provide a high quality of service for my clients, I use a number of different technologies to help manage my practice.

First, I use all Apple technologies. I do this because Apple products – iMacs, the MacBook Air, and iPhones and iPads – are less susceptible to viruses. In part, that’s because there are fewer Apple products in the world than Windows machines, which consequently means that the people who write virus software tend to focus on Windows.

Second, I use Google products – including Google Voice and GMail – to help assist me in client communication. Google Voice provides automatic computer-assisted transcription of voicemails. GMail is a very secure email system.

Third, my office uses a series of other equipment – in addition to the standard heavy-duty full-size copier – including scanners to keep a backup of all records in a secure location.

We never maintain credit card numbers. Sensitive documents are shredded immediately. And we lock away paper files that we are required to keep.


We love DayLite, a product of Marketcircle. DayLite is a customer contact management system that enables us to track cases, maintain a comprehensive database of various law enforcement agencies and people.

DayLite also has apps that allow us to sync data with our iPads and iPhones so that we can have secure access to our database and files when we’re away from the office.

Child Pornography: Throwing Away the Key

When asked about their thoughts on child pornography, most people have this reaction: “Lock ’em up and throw away the key.”

This is just as true in North Carolina – maybe even more so.

The best evidence from studies, surveys, and research, indicates that even people who view child pornography almost never actually participate in the sexual assault of minors. There are also plenty of stories of prosecutions against people whose computers were hacked or Wi-Fi networks were compromised such that contraband material was on their computers when they weren’t even aware of its presence.

And, of course, there are people who download legal pornography on peer-to-peer networks such as BitTorrent or Gigatribe only to find out that some of the files contain illegal child pornography.

In spite of these real problems with the prosecution of people who merely possess child pornography, the penalties are incredibly harsh. So harsh that they are calling into question the whole approach to addressing child pornography in the United States.

The New York Times reports that:

State and federal laws, which generally increase penalties based on the number of pornographic images, reflect the idea that acquiring child pornography requires extensive time and effort and thus is a measure of a defendant’s involvement and interest. But with the rise of the Internet, it is possible to download hundreds of images in a matter of minutes, making the size of a stash a less than reliable indicator, Mr. Stabenow and other criminal justice experts said. It is now a rare case that does not involve the possession of hundreds, or even thousands, of images.

As a result, many federal judges have issued sentences lower than those called for by federal guidelines, which add months for multiple images and other aggravating factors. And even when such sentencing enhancements are enforced, the sentences — which can sometimes be 18 or 20 years — are often well below what Mr. Vilca received. The federal guidelines, for example, recommend a minimum of 57 to 71 months in prison for possession of 600 or more images of very young children.

Certainly there’s something deeply offensive about child pornography. But, I would argue, there’s something deeply offensive about a society that sends someone to prison for life for the mere possession of images.

What is a Hash?

A hash is a string of data – series of letters and numbers in a row – that is unique to a set of a data given a specific hash function. While hashing may be used for may different purposes, in computer forensic work, a seized computer or harddisk or flash drive is usually hashed soon after seizure. The resulting hash (also called a digest) is used to preserve the data, so that if the harddisk or flash drive is later modified or tampered with after it’s been hash, that tampering or those modifications can be discovered.

At the moment of a police raid, a computer, cell phone, or other digital equipment may be seized. If such material is left unhashed and uninspected, then such material could be tampered with while in police custody or before a computer forensic specialist has been able to inspect it, and the computer forensic specialist would not know whether whatever he finds on the computer was placed there by the suspect or by people who tampered with the equipment, harddrives, or cell phone after it was seized, but before it was hashed.

Hashing is a way of digitally fingerprinting the equipment. (Hashes can be used for many other purposes, for instance the efficient search of data in a table.)

You can think of hashing as a way of freezing a specimen. Let’s say police seize blood from a suspect they believe may have committed a DWI. And let’s say they forget to put it in the refrigerator or forget to use preservatives to preserve the blood. In that case, the blood may degrade before the chemical analyst can inspect it.

Hashing is like adding a preservative to the data – at least from the perspective that if the data is later inspected and the inspected data’s hash values differ from the initial hash, then the data has been altered in some way and the analysis is not an accurate reflection of the hashed data.

Hashing is extremely important in any internet crimes or computer crimes investigation.

Forensic Analysis and Computer Crimes

I recommend this short article Digital Smoke (pdf) by Al Lewis of Paradigm Solutions. Mr. Lewis has accurately characterized the problems facing not only police agencies, but also users (and defendants), and lawyers as they deal with allegations of computer crimes or internet crimes.

About the user, Mr. Lewis writes:

Today?s computer users can be characterized by the following: they have computers that are more powerful than the computers used to put a man on the moon, they have no computer security training, they use 3-4 applications, have multiple computing devices, freely publish personal information through a wide variety of data repositories using technologies they do not understand, and are connected to the Internet via a high speed connection. In essence today?s computer users are easy targets.

Given this lack of understanding on the part of the user, and the general lack of training on the part of first police responders with respect to computers and other devices, valuable evidence can be lost, altered, or tampered with, which can lead to wrongful accusations and convictions.

Computer Forensics in the Courtroom

After more than eight weeks in trial, and more than two years in preparation for trial, Cary computer engineer Brad Cooper was found guilty of first degree murder in the death of his wife Nancy Cooper. Many in Raleigh and the Research Triangle were captivated by the salacious details – marital infidelity, rumors, and gossip – that took up a good part of the trial. WRAL reported had more than 22,000 comments on news articles it posted on its website.

More important, however, was the centrality of computer-related evidence in the trial. People who watched heard about routers, WiFi, packet injection, WEP and WPA encryption standards, MFT tables, SIM cards, EnCase, Forensic Toolkit (FTK) and the like. For people who simply plug in a computer to get on FaceBook or use their cell phones to send the occasional text, this was all gobbledygook.

However, this evidence was crucially important because the most damning piece of evidence the State had was the Google maps search purportedly conducted 12 hours before Ms. Cooper’s body was found, showing the location of her body. If Brad Cooper did in fact search that site before his wife’s body was found, then that would be highly suspicious. But the defense contended that such evidence was either faked or planted.

The trial highlighted how, in a digital age, evidence from cell phones, FaceBook accounts, and computers will become crucial, especially in cases where there is no direct evidence of a crime. And that’s what the Cooper case was.

There are multiple issues related to computer evidence in a trial, but let’s focus on three:

First, digital evidence is highly volatile, meaning that it can every easily be tampered with or be subject to inadvertent destruction. Where police seize computer equipment, but do not first shut it down, such equipment may run for days or weeks on battery power, which means that evidence can be potentially accessed, deleted, or modified long after it left the suspects home. In addition, because digital evidence is so transitory, it can easily be overwritten, or planted, and such overwriting and planting may be very difficult for computer technician to trace.

Second, people have tremendous amounts of personal information on their phones and computers and on services like FaceBook, GMail, Hotmail, MySpace, Twitter. The volume of information may simply overwhelm not only police agencies, but also underresourced defense lawyers. Police agencies can usually command the resources – whether by calling in the FBI or the State Bureau of Investigation – to conduct an investigation. But a defense attorney is usually a single lawyer who may or may not know anything about how computers even work. Consequently, a defense lawyer may be completely outmatched in terms of resources to defend his client, even though the FBI or SBI’s investigation may have been shoddy.

Third, there are a number of cultural and generational divides that make the use of technological evidence at trial difficult to manage. Many people who are 40 or over really have no clue about how computers work (that’s true of many people under 40, but at least they may be familiar with what FaceBook or an mp3 player is). Judges and most senior lawyers tend to be over 40 and, consequently, unless they’ve devoted considerable time to learning the technology, may be complete befuddled by the presentation of evidence. Sometimes lawyers and judges who know nothing about these technologies may even take pride in their ignorance – “I don’t even have a FaceBook account” – which is particular disturbing.

Such ignorance can make judges ill-equipped to rule on evidentiary motions, and can make defense lawyers incapable of responding to the evidence.

In addition, there is a cultural divide between the courtroom and computer technologists. The courtroom makes a great deal of certifications. If someone has been certified by some agency as an expert in, say, EnCase, they are presumed to be an expert. Consequently, the FBI, whose computer forensic people may or may not be very good, focuses on sending them to certification courses, knowing that getting admitted as an expert in a court is the most important thing.

In the computer world, however, the best experts – the people who really know their stuff – don’t rely on certifications at all. You can spend thousands of dollars and hundreds of hours getting a Microsoft certification, or you can actually learn how to use the software and equipment. Computer people – the ones who make a good living at this stuff – tend to simply learn the software and equipment. Consequently, they usually find it harder to get admitted as an expert on a court of law because while they may have far more skill than the FBI computer expert, they lack the proper certifications because such certifications are usually worthless in the real world.

These problems are going to continue to plague our criminal justice system for decades.

Top 10 iPad 2 Apps for the Lawyer

Last year I wrote about the 10 essential iPad apps for the lawyer and lots of people read and reviewed that list. Over the course of the year, I frequently used my iPad not just to pass the time while waiting in court, but to do real work. During one bench trial, I used my iPad to show video of a traffic stop. It was very convenient.

Now I’ve got the iPad 2. I got it for a couple of reasons. First, I expanded my practice to include a legal assistant, and giving her an iPad (my old iPad) was a great way to help her improve her ability to help clients. Second, I wanted to change carrier from AT&T to Verizon. Verizon simply has more towers where I live and work in Raleigh, and those towers give better coverage in the courtrooms. AT&T coverage was spotty at best. While it may be true that AT&T has faster data, I would rather have reliable data than faster data. And Verizon is plenty fast.

I’ve had my iPad 2 (64 gig, with WiFi and Verizon wireless) for a week now. I can say it’s quite a bit faster than my older iPad. And that helps, especially when I need to load pages. I’m developing a series of presentations so that when I sit down with clients, I can better able to demonstrate what happens in North Carolina’s criminal system.

Truthfully, very few apps have been optimized for the iPad 2. But here are my top 10 iPad lawyer apps:

  1. Daylite Touch – This app will only be useful if you use the MacOS Daylite as your database. This is not the place to review Daylite, which is mostly a great product, with a couple of significant flaws. But Daylite is the best solution I’ve found in a Mac environment to manage customer or client relationships. I remote host my Daylite database so that I can reach it anywhere in the world. Daylite Touch is simply awesome. It lets you add new clients (if I get a call when I’m not at the office), update court dates (while sitting in court), add notes, add tasks, and manage an awful lot. It rarely crashes, it seamlessly integrates with the desktop version of Daylite. Truly, Daylite Touch may be the best part of Daylite. There’s a yearly fee of $50 per device, but in my estimation it’s well worth it.

  2. FastCase – I don’t need to do a lot of case research on the fly. But when I do, I use Fastcase, which has a terrific iPad application. It’s very speedy, doesn’t crash, reliably finds and locates cases, and is very intuitive. I really love it. Best of all, it’s free.
  3. EverNote – If you need to sync documents between devices and computers, EverNote is a great solution. In North Carolina, we have various sentencing guidelines, or updated court room calendars that show which judges have been assigned to which courtrooms. At the start of each week, I’ll refresh whichever documents I need to refresh from various sources in EverNote. During the week, I merely need to go to one spot on my iPad to find whatever reference document or calendar I need to view. EverNote, in short, allows me to keep all of these documents synced and in one place across multiple computers.
  4. LogMeIn – LogMeIn provides a secure way to access your desktop when you’re not in your office. This can be incredibly useful. Let’s say you forgot to load a document from your office into Evernote. LogMeIn will let you load it, so that the document will then be synced with your iPad. Of course, it’s always important to keep your password confidential, since if someone has access to your desktop, they can see everthing.
  5. iAnnotate PDF iPad – I liked iAnnotate last year, and I like it this year. It provides all you really need to view, edit, and share PDFs. There are multiple different PDF viewers, but from my perspective this is the best. Easy to use, not expensive, and very stable.
  6. WordPress for iPad – One of the things I do is maintain my own website and blog. Doing so can be a chore. But it’s also important to keep people up to date about the latest developments in the news and in the law. WordPress for iPad allows me to do this. Admittedly, writing very long posts on the iPad is not very convenient. But I’ve found that I can make quick posts or updates with ease.

  7. DocumentsToGo – I’m cheating here because I haven’t used this suite of software. I have used Apple Pages, which I don’t like. I find the formatting gets all messed up. Since I don’t write long documents on my iPad, I prefer a word processor that will not mess up formatting from documents received from a desktop, but will allow me to make small edits. DocumentsToGo syncs with the cloud (which Apple Pages does not).

  8. Air Sharing HD – There are a number of applications, including DropBox, that allow you to share documents with your iPad. DropBox syncs with the cloud, which then syncs with your iPad or computer (and vice versa). This application allows you to sync directly with your iPad, which means nothing will go to the cloud. In addition, this application will allow you to print directly from your iPad to a networked (Mac) printer. That can be very convenient.

    In the future, it would be nice to permit your iPad to print to any printer (if authorized) in any networked situation. But for now, Air Sharing HD will have to do.

  9. Skype – I put this on the list because I don’t have standard telephones. Instead, I use a combination of Skype and Google Voice and cell phones to direct calls. It works quite well in a small office, allows you the flexibility of appearing to run your office from where ever you may be located, and is very inexpensive. My gripe with Skype is that even after a year, they have not updated their app for the larger iPad screen. Certainly with the new cameras on the new iPad, video conferencing should be integrated into the new Skype iPad app. When it is, this application will be fantastic, much better than Apple’s Face Time which is nearly useless because virtually no one has it.

  10. 1Password – I’m pretty fanatical about managing passwords to maintain security. When you do this, it’s difficult to remember all the passwords you have for different accounts and so forth. 1Password is a secure way to maintain passwords, while not using duplicate passwords at different sites. 1Password is, as far as I know, only for the Mac. But the iPad version of it nicely integrates with the Mac environment. Highly recommended.

    Hopefully these apps will help you use the iPad in your legal practice as more than a toy. I’ve found that these apps really help me deliver high quality criminal law defense to my clients. There are a number of other apps, including iJury etc., that I have not used and would not use. From my perspective, using an iPad in a trial where the technology has not fully been tested is trouble. Stick with a pad and a pen if you really need to keep track of notes etc. during a jury trial.

How do I secure my WiFi Network?

Child pornography is a very unpleasant topic. But even more unpleasant is facing criminal charges for possession of child pornography.

Certainly the abuse of children is something that should never be tolerated. But in the effort to end child pornography (which will never be truly be ended so long as there are humans on the planet), both the state and federal governments have established extremely punitive regimes under which child pornography is punished. Possession of more than 600 images can, under the federal sentencing guidelines, yield decades in prison. In addition, a person convicted of child pornography will be registered as a sex offender, which will make life after prison difficult indeed.

The Internet is a great advance in human interaction and development. But it is very insecure. And, increasingly, the average person – the average consumer – has the ability to establish nodes on the internet through the use of cheap wireless routers.

If you own a wireless router and you have not properly secured the router, you have potentially made your own network vulnerable to hackers, people who wish to do you harm, or even people who possess or distribute child pornography and want to use an innocent person’s network and want to establish that network as a way to protect them from their crimes.

The standard wireless router has two forms of encryption – WEP & WPA. You can think of encryption as the key by which someone gets access to the network. Once the person has gained access to an encrypted wireless network, they can make it appear as if they are you – the person who has the account with Time Warner or Embarq or AT&T.

WEP is by far the weaker encryption technique. It was hacked years ago, and tools that allow relatively unskilled hackers to get access to a WEP network are readily available on the internet. It takes virtually no time and virtually no skill to hack a WEP-encrypted network. So if you’re using WEP, you’re leaving yourself vulnerable to attack.

Now, most people will never have their networks hacked, just as most people who leave their car doors unlocked will never have their cars stolen.

Here’s a video showing how easy it is to hack WEP in about 8 minutes:

That video is scary. Scary for this guy’s neighbor whose WiFi network has been compromised without the neighbor knowing. If this guy wanted to, at this point, download child pornography (or commit any other internet-related crime), he could do so using the neighbor’s WiFi network.

That means, at the end of the day, if police were monitoring child pornography peer-to-peer networks online, they would be led back to the neighbor’s IP address and the neighbor’s home.

If this kid in the video had a little more skill, he could even use other tools to hack into the neighbor’s computers and load Peer-to-Peer file sharing with which to distribute child pornography. The illicit material would therefore reside on the neighbor’s computers. Who do you think would be facing criminal charges? Probably the innocent neighbor.

Back before I became a Raleigh criminal lawyer, I was a network administrator for a non-profit organization in Arlington, Virginia. In one weekend, our network was brought to its knees because of a successful exploit by a group of Russian hackers. What took them an hour, took me and other experts I hired 48 hours to repair and fix.

Most criminal lawyers do not understand the complexity of networks, nor do they understand the possible defenses if you’ve been accused of possessing child pornography.

Hire a NC lawyer who does.

iPad Apps for the North Carolina Criminal Lawyer

The iPad is changing the way that people practice law and, in particular, criminal law. A lawyer who might previously need to carry a statute book, a federal sentencing guidelines book, a federal criminal law book, the North Carolina sentencing guidelines, as well as the Rules of Evidence into court now can fit all of that onto an iPad.

First, the iPad has the latest edition of the 2009 NCGS and federal sentencing guidelines and federal criminal statutes. In addition, the iPad can maintain PDF files which can include North Carolina’s structured sentencing charts for felonies and misdemeanors.

Moreover, the iPad is soon to have its own Daylite application to let those who use the Mac Daylite client management system to connect to their CMS remotely.

Finally, the iPad has a series of tools to allow people to book clients remotely, including credit card processing apps.

Social Networks May Get You Into Legal Trouble

Facebook, Twitter, and other social networking tools such as MySpace, Tumblr, and so forth have made interaction on the web much easier. For a while generation of people, the web is a way to interact with friends, family and acquaintances. People can post pictures, make comments, make status updates, comment on each others “walls”.

Often these comments are made long before someone gets in trouble. But when they do get in trouble, police, investigators, and prosecutors will frequently search a for a person’s Facebook, MySpace, Tumblr, or Twitter account in order to determine whether there is any incriminating information posted on the account that can be used either to show that the person is a flight risk, or that the person is involved in criminal activity.

While it’s important to maintain appropriate privacy settings on one of these social networking accounts, it’s even more important not to post things to these websites that suggest criminal activity.

That’s because no matter how “secure” the privacy settings get, such material will be permanently held on the servers and computers of whatever social network site you use. Facebook, for instance, permits you to delete embarrassing material, but experts have shown that such material may not be permanently deleted from Facebook’s internal servers.

In addition, even though you have deleted this material, others may have saved those embarrassing (or worse) photos for use against you.

In addition, in North Carolina there are particular crimes – including Cyberstalking – that can be committed through use of social network services. For instance, if you repeatedly message, harass, or threaten someone through an electronic medium – like texting, emailing, Facebook, or twitter – you may be violating North Carolina’s cyberstalking statute.



* All Fields Required


(919) 352-9411

office hours
  • Monday 8am-8pm

  • Tuesday 8am-8pm

  • Wednesday 8am-8pm

  • Thursday 8am-8pm

  • Friday 8am-8pm

  • Sat & Sun 8am-8pm




  • * All Fields Required