We don’t usually think of the law as the place our most creative people go. Lawyers with a creative bent often drift into business, where a higher risk tolerance is often required to make a success of yourself. Some of our greatest writers and artists have legal training, but most seem to drop out when their artistic calling tells them law school isn’t for them.

Group of Robots and personal computer vector illustration

Still, creativity and innovation are all the rage in law schools today. Northwestern has a concentration in it as does Vanderbilt, and Harvard has a course on Innovation in Legal Education and Practice.

Like it or not, as artificial intelligence takes over an increasing number of dreary legal tasks, there will be less room for dreary, plodding minds in law firms. The creative and innovative will survive.

This doesn’t worry us, because we’ve long talked about the need for creativity in fact finding. It’s even in the subtitle of my book, The Art of Fact Investigation: Creative Thinking in the Age of Information Overload.

The book takes up the message we have long delivered to clients: computers can help speed up searching, but computers have also made searching more complex because of the vast amounts of information we need to sort through.

  • Deadlines are ever tighter, but now we have billions of pages of internet code to search.
  • Information about a person used to be concentrated around where he was born and raised. Today, people are more mobile and without leaving their base, they can incorporate a dozen companies across the country doing business in a variety of jurisdictions around the world.
  • Databases make a ton of mistakes. E.g. Two of them think I live in the house I sold seven years ago.
  • Most legal records are not on line. Computers are of limited use in searching for them, and even less useful if figuring out their relevance to a particular matter.
  • Since you can’t look everywhere, investigation is a matter of making educated guesses and requires a mind that can keep several plausible running theories going at the same time. That’s where the creativity comes in. How do you form a theory of where X has hidden his assets? By putting yourself in his shoes, based on his history and some clues you may uncover through database and public-record research.

The idea that technological change threatens jobs is hardly new, as pointed out in a sweeping essay by former world chess champion Gary Kasparov in the Wall Street Journal.

Twenty years after losing a chess match to a computer, Kasparov writes: “Machines have been displacing people since the industrial revolution. The difference today is that machines threaten to replace the livelihoods of the class of people who read and write articles about them,” i.e. the writer of this blog and just about anyone reading it.

Kasparov argues that to bemoan technological progress is “little better than complaining that antibiotics put too many gravediggers out of work. The transfer of labor from humans to our inventions is nothing less than the history of civilization … Machines that replace physical labor have allowed us to focus more on what makes us human: our minds.”

The great challenge in artificial intelligence is to use our minds to manage the machines we create. That challenge extends to law firms. We may have e-discovery, powerful computers and databases stuffed with information, but it still requires a human mind to sort good results from bad and to craft those results into persuasive arguments.

After all, until machines replace judges and juries, it will take human minds to persuade other human minds of the value of our arguments.

What to do when the databases you rely on start stripping out the very data you are paying for?Due diligence databases

Word in today’s Wall Street Journal that the main credit reporting firms will be removing many civil judgments and tax liens from credit reports prompts us to restate one our core beliefs:

Not only do databases routinely mix people up, they are far from complete in the information they contain.

Now, they will be even farther away from complete, because in order to list adverse information the credit reporting companies want several identifiers on each piece of information before they include it in a credit report. Even if there is only one person in the United States with a particular name, if his address and Social Security number are not included in a court filing against him, that filing may never make it onto his report. From what we’ve seen, there are almost no SSN’s in most of the filings we review.

As a result of this new policy, the credit scores of a lot of people are about to go up, says the Journal.

To answer the question posed at the top of this posting: what you do is you go after the information yourself. You (or a competent pro you hire) looks at databases and courthouse records for liens, litigation and other information people use every day to evaluate prospective associates, counterparties and debtors. If there’s enough money at stake, you may want to conduct interviews, not only with references but with people not on the resume.

The idea that databases are missing a lot is old news to anyone who stops to take a careful look.

The next time you are searching in a paid database, you may notice a little question mark somewhere around the box where you enter your search terms. Click on that and prepare to be shocked.

“Nationwide” coverage of marriage licenses may include only a handful of states, because such licenses are not public information in many jurisdictions. In other cases, the information is public but the database doesn’t include it because it’s too expensive to gather data that has not been scanned and stored electronically.

Of course, sending someone to a courthouse costs more than a few clicks performed while sitting at your desk. But does it cost more than lending to the wrong person who defaulted on a big loan six months ago?

What will it take for artificial intelligence to surpass us humans? After the Oscars fiasco last night, it doesn’t look like much.

As a person who thinks a lot about the power of human thought versus that of machines, what is striking is not that the mix-up of the Best Picture award was the product of one person’s error, but rather the screw-ups of four people who flubbed what is about the easiest job there is to imagine in show business.

Not one, but two PwC partners messed up with the envelope. You would think that if they had duplicates, it would be pretty clear whose job it was to give out the envelopes to the presenters. Something like, “you give them out and my set will be the backup.” But that didn’t seem to be what happened.

Then you have the compounded errors of Warren Beatty and Faye Dunaway, both of whom can read and simply read off what was obviously the wrong card.

The line we always hear about not being afraid that computers are taking over the world is that human beings will always be there to turn them off if necessary. Afraid of driverless cars? Don’t worry; you can always take over if the car is getting ready to carry you off a cliff.

An asset search for Bill Johnson that reveals he’s worth $200 million, when he emerged from Chapter 7 bankruptcy just 15 months ago? A human being can look at the results and conclude the computer mixed up our Bill Johnson with the tycoon of the same name.

But what if the person who wants to override the driverless car is drunk? What if the person on the Bill Johnson case is a dimwit who just passes on these improbable findings without further inquiry? Then, the best computer programming we have is only as good as the dumbest person overseeing it.

We’ve written extensively here about the value of the human brain in doing investigations. It’s the theme of my book, The Art of Fact Investigation.

As the Oscars demonstrated last night, not just any human brain will do.

A story in the Wall Street Journal Google Uses Its Search Engine to Hawk Its Products serves as a useful reminder for something we tell clients all the time: Google is there to make money, and if your ideal search result won’t make them money, you may get a less-than-useful result.

Dollar sign filled with an electronic circuit. Blue background.

Google is an indispensable tool when searching for facts, but Google is not a disinterested party, like a good reference librarian. Google is in business to make money.

The story reports that Google buys some of its own ads, so when you search for a particular thing that Google’s parent company Alphabet sells, guess what? Alphabet’s products have a way of turning out on the top of the list.

One of the first things ever written on this blog more than five years ago was an entry called Google is Not a Substitute for Thinking, and it was one of the most read entries we’ve ever posted.

Among the arguments advanced there as to why a Google search is hardly ever going to suffice in any factual inquiry, we argued that Google’s search results are stacked in favor of the ones that are paid for or that Google judges to be commercially advantageous. A Google entry about a dry cleaner in Joplin, Missouri that has no website would not be very profitable for Google, but if that dry cleaner owes you $50,000, you would want him at the top of page one.

The best way to think about Google is to treat it as a meta-search engine. Imagine not that Google will be able to give you the final answer, but a clue as to where to find the final answer.

If your dry cleaner has no website, Google may point you to a site such as Yelp that rates a different dry cleaner in Joplin. Yelp may then have the dry cleaner you want, but that Yelp listing won’t necessarily come up on Google. Or, you may notice via Google that Joplin or the state of Missouri may require a permit to operate a dry cleaner. Google can help you find where to look up such a permit.

Remember, any dolt at the public library can use Google. It takes a person with the capacity to think creatively to use Google to its greatest potential.

Every day now, we hear about the woes of readers unable to distinguish between “fake news” and real news, as if undependable news reporting is anything new. Readers and fact investigators have always needed to know how to figure out for themselves what to believe and what to question further.

Editor word built with wooden letters

I am proud to have been a journalist for nearly 20 years (The Wall Street Journal, International Herald Tribune, The Economist, NBC and others). Where I worked we always tried to get it right so that nobody could accuse us of putting out something “fake.” But that doesn’t mean we were always right.

As Charles Griffin Intelligence uncovers facts about people we use the media (traditional, electronic and social) as critical elements in building a picture of a person’s life, connections and tendencies. The same goes for reporting on companies that are the subject of our due diligence.

But if everything we needed was in a newspaper, our clients wouldn’t need us. This is not because newspapers try to get it wrong. For a few reasons, the news has always been a “first draft of history”:

  • Newspapers must publish whether they have all the facts nailed down or not. Except for their ads, print newspapers tend to be around the same size every day. That’s not because we have the same amount of interesting news each day but because newsprint costs money. Websites have infinite space but finite budgets to hire writers and editors. Journalists often go with what they know, leave out reporting about critical elements of a story they haven’t nailed down, and hope to be able to fill in the holes in the following days.
  • “Spinning” and outright lying aren’t new. They are as old as time. Good journalists are expected to write stories that quote powerful or knowledgeable people as saying X, when the journalists suspect that the truth is not X. Journalists can’t call those they quote liars without proof, but they still go with the stories. Sometimes they never get to prove that X is wrong. Sometimes, if they believe the truth is X, they don’t try to see if it isn’t.
  • Truth is harder to pin down than we would like. Lots of well accepted scientific “facts” turn out to be incorrect, even without the constraints of deadlines and having to depend on untrustworthy people. Samuel Arbesman’s excellent book, The Half Life of Facts demonstrated how many “facts” cited in scientific journals turn out to be contradicted a short time later.
  • Most importantly, a lot of “fake news” turns out to be founded on impressions and rumors that the writers have not had time to verify before “publishing,” which today can mean “Tweeting.” Some of the bad information of today would have been spiked by good editors, but today the writers and editors are often the same people, and first drafts get published moments after they are written.

The solution? The same things that good editors have done from time immemorial.

  1. Question the source of the story. Has anyone credible verified it? If there are many injured somewhere, can you see whether a police, fire or ambulance source confirms that? We used to need reporters to call the fire department, but today the officials from the fire department often put out statements on the web that anyone can check. Real news stories ought to have confirmations from officials in them.
  2. Is the statement by the official accurately reproduced? Sometimes those publishing items can put words into the mouths of officials to make a statement saying X appear to say Y. if it’s big news, look at the statement for yourself and decide if the reporter was being fair.
  3. If you see the story reported “all over the place,” is the source the same for all the of hits on Google? 18 entries quoting the same source is no more comforting than a single source. A one-source file at a wire service once supposedly provoked the famous cable from the desk back to the field: “You alarmingly alone on this.”
  4. If the story depends on public records, can you find the public record to see for yourself? If “court documents” indicate something, you should be able to see the court documents. If they are the basis of a story on line, they should be reproduced so that readers can judge for themselves whether the documents have been reported accurately.

All this verification is to combat what I like to call “paint by numbers” investigation. When you see a paint by numbers book, you have limited ability to question the “truth” of what you are seeing. You can change the colors in the book, but the forms and relationships in the picture are fixed.

Painting by numbers is for children. Adults should look at the picture a news story paints, break it down to its elements, and assess it all with as fresh an eye as possible.

It’s cloud illusions I recall

I really don’t know clouds at all

–Joni Mitchell

Today’s decision by the Second Circuit that Microsoft did not have to hand over data stored on its server in Ireland should remind us all that information isn’t just “out there.” As with printed information so it is sometimes with electronic data: physical location matters.

The court imposed a major limitation on the scope of a warrant issued under the Stored Communications Act. It reversed the Southern District of New York’s Chief Judge in quashing a warrant issued to Microsoft to turn over emails stored outside the United States. The full opinion is here.

This blog doesn’t usually get into the weeds when it comes to the Stored Communications Act, but we are intensely interested in how to find things and how to get them to the clients who need them.

The case reminds us that even though a lot more information than ever before is stored electronically, it still matters greatly where it is stored.  Crucially, electronic storage is not the same as accessibility via the internet.

Even in the U.S, most counties do not put all of their records on line. Those that purport to do so can have less than complete recordkeeping compared to the data that is searchable on site at the local courthouse.

Just the other day we read in the newspaper about an old case in Bergen County, New Jersey that would help our client. The case was nowhere to be found on line at the New Jersey courts website. When our retriever travelled to Bergen County, he was told that the case had been destroyed.

Were we out of luck? No. The same parties had gone at it in another New Jersey county, and had attached a copy of the Bergen County suit to the one in the other county. That other suit (also not on line but visible on the computers on site) had not been destroyed. We were then able to see what the Bergen suit was all about.

None of this was accomplished on the internet, which is just a series of boxes that sit in different rooms in different jurisdictions.

Which jurisdictions the boxes are in can make all the difference.



If you haven’t already, add digital assets to the list of things to look for in asset searches. In a world in which even modestly-trafficked internet domain names can change hands for tens of thousands of dollars, Delaware has become the first state to ensure families’ rights to access the digital assets of loved ones during incapacitation or after death.digital assets.jpg

The writeup is here.

We have long valued digital assets not only as stores of value, but as ways of finding out about people we investigate. These assets have value and people therefore have an interest in recording accurate information to make sure they retain ownership. Two of the most useful ways to track a person down via a digital record are:

1)      Domain name registration

2)      Email header information

Domain names in many cases can be tracked using a variety of registry databases, the most popular of which is Network Solutions’ Whois database, which you can see here. This doesn’t cover many domains with country suffixes outside the U.S., nor U.S. domains that end in .org, for instance. Still, it’s very useful.

One limitation is that domain-name holders can mask their ownership using proxies. But if they haven’t, owners often list home addresses, cell phone numbers and other internet addresses when they register a domain.

Email headers can be an accurate measure of where someone sent an email from. We recently figured out where a mysterious counterparty in a deal we were helping to negotiate was working, based on where his Yahoo! email account had sent a message from (his employer’s server). 

The key mistake many people make about an email header is that you have to look at the original email. If A sends an email to B and B forwards that email to investigator C, then C will not be able to look at the information surrounding the A to B transmission. Instead, B needs to copy the header information and send that copy to C in the body of an email.

Figuring out how to read email headers is not rocket science, but there’s often a way to take a shortcut. Header analyzers such as this one can work wonders.

GettyImages_84080791.jpgIn September 2011, Gauss, a new malware described by the tech-press “as a cyber-espionage tool kit” emerged from the Middle East.  Gauss steals highly sensitive data, including browser passwords, online bank accounts as well as cookies and system configurations.  Gauss closely resembles the malware Flame and Stuxnet, which according to Kaspersky Labs, were created in state-sponsored factories.  Consequently, analysts believe that it too might be state-sponsored.  Since its debut, Gauss appears to have infected 2,500 machines worldwide.  However, the total number of victims may actually be much higher, in the realm of tens of thousands. 

And that number could just keep growing.  Shortly after Gauss was discovered in June 2012, its command and control infrastructure was disabled.  This may sound like a victory, but it is actually far from the truth.  As tech journalist Larry Dignan explains on Cnet.com, the Gauss “malware is dormant waiting for servers to become active.” In other words, it may continue to wreck havoc.

Admittedly, this sort of thing—state-sponsored hackers breaking into bank accounts— could keep one up at night.  What is interesting from an investigative point of view, however, is the way that computer scientists have figured out how to root out the Gauss malware before it causes harm.  Apparently, computer scientists have determined that the font Palida Narrow is used during a Gauss cyber attack.  Therefore, programs designed to detect Gauss check for that particular font to help determine whether the malware is in fact present and needs to be rooted out

To be clear, the font does not cause the theft to occur.  Instead, its presence merely correlates with the malware that does.  It is an indirect and yet highly elegant and quick way to detect whether a problem may exist.

As investigators, we can’t always get exactly to the evidence we want to prove.  Sometimes it merely doesn’t exist.  Often, ethical and legal constraints keep us from being able to obtain the facts we definitively need to prove what we are investigating. 

It’s easy to get lost searching for the unsearchable, pining for that one nugget that will help everything fall into place.  But investigators don’t have that luxury. 

So, we sometimes have to do what the computer scientists have done by pinpointing a font as a sign of trouble: We have to take a step back and look for clues elsewhere.  This may mean getting off one path and onto another. For instance, we may not have direct evidence of wrongdoing, but we can scour the evidence in order to detect patterns that suggest wrongdoing.  Alternatively, we can review the facts to see if we can find any that correlate with what it is we’ve been asked to help prove or disprove.

This is not about making assumptions—we never say that because x exists, therefore y.  Instead, it is about being able to look for solutions that advance our clients’ knowledge, even if they fall short of the ideal solution.  

GettyImages_dv485145.jpgAttorneys have a professional obligation to protect client confidences and communications, but technology has made this increasingly difficult.  As a recent article in the Wall Street Journal, “Lawyers Vigilant on Cybersecurity,” explains, lawyers face serious cybersecurity threats precisely because their clients entrust them with highly sensitive and classified information.  Criminal and state-sponsored hackers target law firms to gain access to these confidential cases, especially if the information involves corporate mergers or acquisitions.  In some instances, insider information could be sold for millions, and so tech-savvy criminals go after the weakest link—the lawyers with access to this sensitive data.

There are no statistics of how many firms have been hacked: The FBI doesn’t keep records on which types of businesses have been the subject of attacks, and law firms have been less than forthcoming about whether they’ve had security breaches.  Admitting client information leaks would be far too damaging to a firm’s reputation.  Law-enforcement officials suggest, however, that more and more often, law firms find themselves the targets of cyberattacks.  As the Wall Street Journal article notes, the FBI has evidence of confidential business documents exfiltrated from law firms via cyberattacks.

Recently proposed changes to attorney ethical rules by the American Bar Association (ABA) also suggest that the profession sees technical breaches as an industry-wide problem.  Earlier this week the ABA Commission on Ethics announced that its proposed changes to the Model Rules includes requiring lawyers to take proactive measures to protect their client’s information when using new technologies.  The proposed edits suggest that lawyers have to be more aware of both “inadvertent and unauthorized” disclosures—in other words, leaks from inside and hacks from outside a firm. These changes warn technophobes that they need to abandon their Luddite ways, because lawyers now have a duty to “keep abreast of changes in the law,… including the benefits and risks associated with relevant technology.” In other words, claiming ignorance is simply not an excuse.

By putting the onus on lawyers, the ABA is acknowledging what those of us who study and track security breaches have been shouting from the rooftops for years: preventing security breaches is not just about technology; it’s about changing human behavior.  As the Wall Street Journal article makes clear, “the weakest link at law firms of any size are often their own employees.”

Other industries face similar problems.  For example, a recent article on data breaches in the health care industry suggests that the epidemic of breaches of confidential health care information has more to do with human error than it does with IT shortcomings. As Larry Clinton, president and CEO of the trade association Internet Security Alliance succinctly points out, when it comes to data  breaches, “[p]eople are the biggest problem.”  Consequently, Collins predicts that breaches in hospitals and health care systems will only be prevented if these organizations approach these breaches as a “human-resource management issue and not an IT issue.” 

In other words, phones don’t just go around leaking information. Email accounts don’t shoot off confidential messages at random.  Computers are not really out to get us.  These technologies become weapons in the hands of adversaries because users didn’t take the necessary precautions to protect their data.   

Moreover, despite what people usually assume, taking these precautions doesn’t require having a Masters degree in computer science.  In many instances, all that’s called for is simple behavior modification coupled with a healthy dose of common sense

  • Password protect your cell phone, tablet and laptop. 
  • Use different passwords for different devices and accounts, and make sure they are hack-proof. Programs like Kaspersky Password Manager can generate virtually hack-proof passwords and keep a running list of all your different passwords.  
  • Don’t use free Wi-Fi connections, since hackers rely on free Wi-Fi to eavesdrop on users’ conversations.  
  • Don’t click on links in text messages because doing so might activate malware that could log keystrokes or even record phone calls. 
  • Be suspicious of any emails from unknown senders that ask you to open attachments or click on links—these so-called Trojan emails will retrieve data from your computer. 
  • Invest in good computer security software, and for heaven’s sake, keep its settings updated and make sure to run checks on it on a regular basis.  Otherwise, it’s like investing in an expensive alarm system for your home but refusing to set it before you go out. 

The real key to security for cell phone communications, internet browsing and emailing is human behavior. Peace of mind will only come once people change how they act. For lawyers, that time may be sooner, rather than later.   

A sophisticated friend of our firm was in the market for a luxury car and found one for sale via the Internet. His concern was aroused when the seller said she was handling the sale through a company called Escrow Atlantic, an international payments company.


Our friend asked us to look at this company, and the results make for a nice case study in the detection of possible fraud.

We started with the Escrow Atlantic website. It looks professional enough, but we always like to know who has registered an internet domain since that can provide a good clue as to who is behind the operation. Sometimes this is hidden information, but in this case it isn’t. It turns out that by going to Network Solutions’ Who Is registry here, we found that Escrow Atlantic’s site is registered to a man in Florida who has an Italian telephone number. His email address is a hotmail account with the name of a different individual.

None of this is tantamount of a scam, of course, but it’s a little unusual. Why not a company email address? Why an Italian phone number when, according to the company website, the company has no office in Italy?

We pressed on and tried to call Escrow Atlantic, but the toll-free number went to the voicemail of “Escrow Atlantic” (and not a particular person). The numbers for the Florida and Missouri offices went instantly to voicemail, and we were unable to connect with the London number.

A search for a business registration record at the Secretaries of State in Florida and Missouri turned up no record of a company called Escrow Atlantic. Nor was it registered under that name at Companies House in the United Kingdom, where you can do a free search here.

Finally, we emailed the Missouri office of Escrow Atlantic, and here we got quick responses, up to a point. Where is the company registered? We were referred to the website’s contact page with the office addresses and phone numbers. We asked again and were told that Escrow Atlantic is “Registered in the United Kingdom with offices in America and Australia.”

Unfortunately, when we responded that we could find no registration in the UK, the company went quiet on us. Of course, Escrow Atlantic could be a “DBA,” or doing business as – a business name different from the official company name – but it would be easy enough for the company to tell us that.

While we can’t say that Escrow Atlantic is not a reputable company, if it is it could do two things to boost our confidence:

  1. Get someone –  anyone – to answer the phone;
  2. Provide that most basic of information: the place of incorporation and the name of the company that was incorporated.