Cloud Computing & Social Media – A Lawyer’s Guide to Regulatory & Ethical Obligations

We are pleased to publish this dissertation from UK law graduate Maria Javed, written as part of her LLM atBPP Law School in 2014-2015. For further advice on cloud computing contact Denovo and for social media marketing advice contact us at Zellera Legal Technology. Maria can be found on Twitter and we hope you find her publication useful:-

This report will investigate how small and mid-sized law firms can improve their delivery of legal services to clients through the use of technology. Technology is of a wide scope and can include services for documentation, data storage through cloud computing, outsourcing and legal marketing via social media platforms. This is a relevant and current topic since the introduction of the Legal Services Act 2007 in which high street firms have had to compete with the rise of ABS’s (Alternative Business Structures) and online legal providers who offer fixed fee services which has been challenging for many high street firms.

There are noticeable parallels between the legal and banking industries (Roebuck, 2014:5), where deregulation in retail banking has led to a booming industry with services being provided through various mediums (i.e. Tesco) for products such as mortgages, insurance and loans. Likewise, law firms require good and efficient IT systems in order to manage caseloads daily, hold client information and intelligence which in turn allows a firm to be able to predict future trends, allowing them to thrive in an increasingly competitive legal services market.

This report will focus on two main areas:

  • Data Storage through cloud computing, and;
  • Marketing and advertising through social media

Practice Outcomes

  • To inform small to mid-sized firms on the importance of using technology for the delivery of legal services and the competition they may face from other types of legal services providers.
  • To inform and advise on the different options practitioners can take and how innovative technology can improve practice in the main two areas explored: data storage using cloud computing and marketing/advertising through social media.
  • To inform practitioners about regulatory and compliance issues they will face when using cloud computing and social media, specifically relating to the SRA’s Code of Conduct and its core Principles and Law Society guidelines.
  • To provide recommendations on the issues that practitioners may face using case studies to illustrate how other businesses and legal practitioners comply with their legal and ethical obligations.


    • Introduction
    • Cloud Computing and Storage for Law Firms
      • What is cloud computing?
      • Issues
      • SRA Code of Conduct
      • Confidentiality
      • Loss of data control
      • Recommendations
      • Data Protection Act 1998
      • Confidentiality breaches
      • Considerations when negotiating the Service Level Agreement
        • Definition of cloud services to be provided
        • Availability
        • Error connection
        • Monitoring service interruptions and ‘downtime’
        • Sanctions
        • Vendor Lock-In
        • Law Enforcement Access
        • Taxation
      • Case Study: Denovo Business Intelligence
      • Case Study: Inksters Solicitors
    • Social Media Marketing for Legal Services
      • Social Media Policy Guidelines
      • Defamation
      • Client confidentiality
      • Final recommendations
      • Case study: Snob Monkey
      • Case study: Zellera Legal Technology
    • Bibliography

Cloud Computing & Social Media – A Practitioner’s Guide to their Regulatory & Ethical Obligations


The legal market is currently going through enormous change following the introduction of the Legal Services Act in 2007 and the acceleration of technological developments, particularly with the rising popularity of social media coinciding with easier accessibility to mobile internet. Three factors which have driven changes within the legal services market are identified as globalisation, consolidation and commoditisation (King and Edwards, 2013:5). Globalisation is its biggest driver in terms of technological development with global communication facilitated by easier access to internet connectivity through mobile devices and social media.  

Susskind’s system of the commoditisation of the delivery of legal services essentially culminates from the changes that the ‘digital revolution’ has brought as demonstrated below:

Bespoke   ->  Standardised   ->  Systemised   ->  Packaged    ->  Commoditisation

The aim of a commoditised legal market is to increase the public’s access to justice through allowing a busy market of legal providers to be develop who operate through offering competitive prices (Susskind, 2010:31-32) The argument that there remains a large portion of the population who have little to no access to the internet is slowly becoming irrelevant due to an increase in the use of Smart phones and tablets among the “young adults, minorities, those with no college experience, and those with lower household income…” (Pew Research, 2012). King and Edwards offer their view that the ABS (Alternative Business Structure) system may be one solution linking technology and commoditisation for law firms that are struggling (King and Edwards, 2013:7). External investment can provide greater financial freedom and flexibility for firms to invest in new technologies. These new and emerging technologies are numerous and offer great opportunities to provide better and more client friendly services, including (but not limited to) data storage using cloud computing and marketing through social media platforms.

Cloud Computing and Storage for Law Firms

What is cloud computing?

The definition of the ‘cloud’ and its characteristics differ depending on its context, however, it may be best defined as the transfer of data to a third party server which can be accessed from anywhere and at any time via the internet. It is “on-demand network access to a shared pool of configurable computing resources…with minimal management effort…” (Mell & Grance, 2011:2), essentially a method of online storage where only the internet is needed for access. The SRA refers to this as “outsourcing” (SRA Report, 2013:3) to an external provider and the Law Society (Practice Note, 2014:2) elaborates by classifying the ‘cloud’ into three forms: Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS).

Cloud computing is of three types: Public, Private and Hybrid.

Cloud TypeAdvantagesDisadvantages
PublicData is stored and can be used by a number of clients within the same network, therefore, it is cheaper.

Google Drive and DropBox are examples of public cloud services which are free and are easy to use and access.

More susceptible to data loss and breach of confidentiality as server capacity can also be sub-contracted to third party providers.

May have slower speed as a public cloud relies on the speed rate of its internet service provider

PrivateData is stored in a server only for one client which provides for better security against data loss as the client has sole access to it.

Greater flexibility and control for a client who can tailor the cloud to its own requirements.

More expensive than the public cloud.

May be harder to access data from remote geographic locations due to greater security.

HybridA combination of public and private which will depend on the Service Level Agreement (SLA).

Allows a business/law firm to store non-sensitive data on a public cloud to save costs, and store more sensitive data in-house on a private server centre.

Can be difficult to manage multiple level clouds.

May be difficult as all aspects of business need to be able to communicate with each other, therefore problems with efficiency.

There are three main reasons why law firms should increase their use of cloud computing to store data:

1. To save money

2. To become more efficient

3. To connect employees


According to a report by the EU Policy Department (2012:47), confidentiality, security, privacy and provider lock-in provide the bulk of concerns expressed by consumers when asked about cloud computing. Geographical concerns related to jurisdictions and service availability were also flagged up and with many providers being located in various countries, different jurisdictions mean that privacy laws vary considerably, particularly outside the European Economic Area (EEA) such as the US. These issues will be addressed and elaborated in the section below with recommendation for practitioners included.

SRA Code of Conduct

For legal practitioners seeking to use cloud services for the purpose of storing client data and other confidential information, there are a number of compliance and legal matters that they need to be aware of including the SRA’s Code of Conduct (SRA Report, 2013:7) and various data protection laws within the UK and EU. The most recent Code of Conduct was published in 2011 in order to compliment and facilitate the laws introduced by the LSA 2007 which essentially allows for the investment from external sources to law firms and also enables non-lawyers to become partners in a firm, specifically within an Alternative Business Structure (ABS), presenting challenges in legal ethics and standards. As such, ten mandatory Principles have been introduced with outcomes and indicative behaviours outlined to address regulatory and ethical requirements which include principles such as rule of law, client confidentiality, acting with integrity and acting in the best interests of a client. Principle 7 requires practitioners to comply with their legal and regulatory obligations and must be open and transparent in their dealings with cloud service providers when agreeing to services, usually set out in the Service Level Agreement (SLA).


There is a risk of breach of confidentiality if a provider transfer’s client data to a third party and risks breaching Outcome 4.1 which states that a client’s information must be kept confidential. This means that the firm must ensure that a confidentiality clause is included specifying details of the security measures that a cloud provider will deliver. This is due to sensitive data being outside the control of the customer (in this case the legal practitioner), where the data is remote and may pass through different jurisdictions that may uphold significantly different data protection laws which will affect access to a customer’s data and in the case of a law firm customer, this data will usually need to be kept confidential. The largest concern customers may have is in the event of a third party request to view data from a particular jurisdiction, and law firms must be cautious when using cloud providers who have a presence in the US in light of the USA PATRIOT Act. The Act allows the US government the power to search and seize data from companies that are both US owned and more critically, any non-US company that has a presence in the US (Norton Rose, 2014:72). The Act allows authorities to monitor and intercept communications, and any data stored on a public cloud is extremely susceptible to the Act’s powers of surveillance which are outlined in Title II:

  • Authority to intercept wire, oral, and electronic communications relating to terrorism
  • Roving surveillance authority under the Foreign Intelligence Surveillance Act of 1978.
  • – Pen register and trap and trace authority under FISA
  • Access to records and other items under the Foreign Intelligence Surveillance Act.

The ability of US authorities to gather foreign intelligence information on non-US citizens is a growing concern amongst cloud users in Europe, particularly in light of the PRISM revelations. S. 215 of the Act enables authorities to acquire any data which is “tangible” (Policy Department, 2013:17) plus metadata such as telephone calls and records for as much as five years. The US Constitution’s Fourth Amendment which prevents any unreasonable searches or seizures is a significant omission for non-US citizens, which inadvertently affects EU citizens who have data stored with companies who maintain a presence within the US including the use of cloud computing. The definition of what constitutes as ‘foreign intelligence information’ is broad and is, therefore, subject to a wide scope allowing US authorities to exploit a non-US citizen’s privacy (Policy Report, 2013:23). However, if the data is stored on a private cloud, the presence of security firewalls means that the US government is obliged to issue a National Security Letter in which the provider is requested to grant access to its cloud customers’ data. This request should enable the cloud provider to alert the customer, who will then have the choice of consenting to the data being disclosed should they be required to do so.

Loss of data control

Another issue law firms must contend with is what may happen to data if a provider becomes insolvent? One such example of this occurred when the cloud provider 2e2 went bankrupt after failing to pay its mass of debts it had accumulated (Channel Register, 2013). Although its collapse was due to financial reasons, 2e2 had trouble keeping its data centres open and were eventually rescued by the Daisy Group reassuring 2e2’s customers that their data would be protected (Computer Weekly, February 2013).


In light of the above examples, practitioners must carefully consider the risks of data loss and breach of confidentiality when negotiating the SLA and should consider backing up all their data elsewhere, such as through an escrow arrangement. Essentially, an escrow arrangement backs up data from the cloud in what may be seen as a “mini cloud” (Norton Rose, 2014:23). This mini cloud is essentially a service where the source code (the underlying ‘source’ of a programme where instructions are written) is placed in a safe location via third party and is frequently updated. In the event that data is lost or damaged by the original software supplier the escrow backup source code will be made available, allowing the practitioner to continue his work with minimal disruption.

In order to comply with their regulatory obligations, practitioners should:

  1. Ensure that a data back-up agreement is in place.
  2. Retain full ownership of data and information.
  3. Ensure that an escrow arrangement is in place for further data protection.

Data Protection Act 1998

An individual’s rights relating to personal data is outlined in the DPA 1998 and is applied to the processing of data. Firms must comply with the DPA 1998 particularly Principles 7 and 8 where data should not be transferred outside the European Economic Area unless there is sufficient protection, specifically through a ‘Safe Harbour Agreement’.

The cloud customer (the law practitioner) is the ultimate ‘data controller’ who “determines the purposes” of what happens to a client’s (the data subject) personal data. In both private and public clouds, it is the law firm who will usually act as the data controller. However, if the provider also plays some role in determining the purposes of how personal data is processed, then the provider also assumes the role as ‘data controller’ (ICO, 2012:9). For example, if a law firm decides to use a social media platform, that social media platform will also become the ‘data controller’ as it processes personal data for the purpose of marketing.

It is vital that a law firm that is considering moving its clients’ data to cloud is aware of its obligation to take “appropriate…measures against the unauthorised or unlawful processing of personal data and against accidental loss or destruction…of personal data” (Principle 7, DPA 1998). Practitioners must ensure that the service level agreement complies with the Act and should specify where data will be stored. One solution is to encrypt data before transferring it to the provider as further protection for client.

Confidentiality breaches

There is a risk of breach of confidentiality if a provider transfers client data to a third party, therefore, it is important that practitioners include obligations within the SLA in order to achieve sufficient security and protection against potential breaches of client confidentiality. Use trusted and well-known providers and ensure that due diligence is conducted. Also, sensitive information should always be kept on a private cloud. Firstly, practitioners must ensure that a cloud provider will be bound by basic security and data protection laws as enshrined within the DPA 1998. If data is likely to be in transit between different geographic locations, a clause may be inserted into the SLA providing the practitioner assurance that the provider will keep all data secure (ICO Report, 2012:14).

A clause ensuring that data be encrypted before it is transmitted should also be included as an added layer of protection as this means the data will only be accessible to authorised persons who hold a ‘key’ to it. Additionally, ownership of the ‘key’ should ideally be kept with the practitioner, with a clause inserted obliging the provider to request permission for access to the ‘key’. The main reason for this is in the event of a third party, such as law enforcement authorities, requesting information on private and confidential data, the provider will be unable to release any information without the knowledge of the practitioner (, 2014).


Practitioners should:

  1. Always choose to store data on a private cloud
  2. Always make sure that it complies with the Data Protection Act 1998 and any other data protection legislation
  3. Encrypt all data that is stored on the cloud for added protection
  4. Ensure that the encryption ‘key’ is held by them and not by any third party

Considerations when negotiating the Service Level Agreement

Practitioners should ensure that a cloud provider is transparent about its use of data and methods of data storage in the SLA. Additionally, it is recommended that practitioners encrypt their data before storing it on the cloud in order to reduce the risk of overall data loss. Practitioners may also require a cloud provider to be externally audited and certified   Law firms should negotiate an individual service level agreement covering these main areas:

Definition of cloud services to be provided

Terms and service details which must be clearly set out in the SLA:

  • A list of defined services which will be provided.
  • Definitions of how the Agreement is governed and what it includes such as Terms of Services, Privacy Agreement and any other documents attached to it.


There should be a defined minimum service level and a clear definition of “availability” and “availability percentage” and should also state whether it is an infrastructure or application service. A clause should also be included obliging the provider to send regular reports to the customer, a clause on scheduled downtimes and what terms to include such as downtime hours maintenance and agreed notice of when the scheduled downtime is to occur.

Error connection

There should be a clause on duration of correction from the provider, where start of the time limit begins from the moment the customer sends an error report. This should include all details of which days and hours service maintenance is available. Service maintenance should be outlined in a separate section known as the Cloud Support Policy detailing defined errors which may be divided into different security levels in order to  

Monitoring service interruptions and ‘downtime’

Both Principle 5 and Outcome 1.2 states that firms must protect the interests of their clients.

Must get a guarantee from the provider and term of redress. Client care – Must comply with Outcomes 1.12 and 4.2 by informing clients of cloud storage details.

A clause should be inserted obliging the provider to:

  1. Monitor connection availability
  2. Send regular reports to the customer.


Sanctions for breach of SLA terms are mainly fee reductions or a penalty payment. Further, a customer may also have the option of ending an agreement.

Vendor Lock-In

Vendor lock-In occurs when a cloud customer is unable to switch cloud providers, usually due to contractual reasons. This is significant if a customer needs to negotiate its SLA as the cloud provider is aware that it is difficult and problematic to switch providers. Therefore, it is important that any practitioner who intends to use the cloud take three things into account (SearchCloudSecurity, 2013:2): data export functionality, the use of open standards and by keeping up to date with service updates. The first strategy should be implemented through the SLA by inserting a clause which allows the practitioner to routinely test if the cloud provider is able to transfer data from the cloud. This will expose any extra costs and operational changes that the cloud provider may have inadvertently put in place from an early stage. The second strategy involves inserting a clause within the SLA which allows the practitioner to have an internal Application Programme Interface (API) in order to streamline its services with cloud data. For example, MyCase, the cloud-based law practice has a MyCase App Bar that provides case workers with a central location to manage tasks, install third party applications and interact with any other programmes without having to leave MyCase itself. This is achieved via an open API which helps legal technology companies to develop new technologies for MyCase (MyCase, 2012). The third strategy is to insert a clause which obliges the cloud provider to regularly update the practitioner through service bulletins informing of any major service changes that may affect a practitioner’s ability to export data from the cloud.

Law Enforcement Access

Practitioners must be aware of the possibility that their stored data may be accessed by law enforcement authorities and governments for the purposes of national security. Providers should be obliged to notify practitioners if such a request for access to data has been made.


Practitioners should be aware of the taxation implications when using cloud services, particularly if services involve other jurisdictions. Tax may apply to revenue and profit derived and also from payments made for those cloud services (Norton Rose Report, 2014:70). They may face both direct and indirect forms of tax ranging from transfer pricing and foreign corporation tax depending on the jurisdiction.

Indirect tax is also an important issue which practitioners should discuss during the SLA negotiations. Taxation such as VAT may apply to cloud services as exemplified in Australia which charges a consumption based tax called GST. This means that any supply of goods or services which are connected to Australia may be subject to GST. Therefore, it is vital that the SLA is specific about the location of cloud servers and what tax applies to these server locations and cloud service supplies in order to determine whether it is the supplier or customer (practitioner) that pays tax.

Case Study: Denovo Business Intelligence

Denovo Business Intelligence (Denovo) is a Scotland-based IT and cloud provider which has been running for over 30 years. Since its move to offer cloud-based solutions, it has expanded its services to include timekeeping, billing, document management, client relationship management and secure email networks which are all centralised on an IaaS platform, provided by the ‘Rise’, a cloud integration service provider (Rise, Denovo case study, 2013:1). Denovo offers both private and hybrid forms of cloud solutions and is able to tailor its services to a law firm’s requirements. It does not transfer data to non-EEA countries due to security protection concerns unlike in UK data centres.

There is scope for negotiation within the service level agreement where Denovo attempts to accommodate client request where possible. Terms such as a minimum term, renewals, and change of control/assignment are negotiated individually with each firm in which some firms prefer 12 months whereas others may require 3 or 5 years depending on what their financial and other requirements are. A firm with no access to services is given complete priority and normally any issues (which are not broadband related) are rectified within minutes. Denovo also has full access to client data servers so are able to rectify issues immediately. Denovo also states that it only uses the most secure and robust data centres which it claims are impenetrable to outside and online forces, particularly due to its policy of refusing to transfer data to non-EEA countries.

Case Study: Inksters Solicitors

Inksters Solicitors have been using Denovo for 15 years and its system has evolved alongside the technological capabilities of Denovo’s system. Cloud computing allows the team at Inksters to have remote access to its client files whilst working remotely out of the office. This is important for them as geographically their clients are spread across Scotland. Many of their team work in remote areas and thus having access to client files allows a better work-life balance for the team, providing a better work ethic for Inksters as a whole. Using the cloud and CRM system means that they have documents, forms and data all in one place and a client file can be accessed easily by more than one lawyer or support staff. This, in turn, affords clients the confidence that Inksters have their file at hand and it is up to date at all times.

Inksters states that they have had a good experience with Denovo and have been working closely with the team at Denovo over the last year developing a bespoke system for their conveyancing team and the management of their process driven documents. For example, the use of cloud services resulted in a good working relationship which helped ease the introduction of new Legislation and process for conveyancing in December 2014.

Inksters Solicitors’ extensive use of using Denovo’s cloud based services demonstrates the benefits, namely: easier access to documents and data, increased client confidence and better communication between employees.

Social Media Marketing for Legal Services

The benefits of social media include advertising legal services, communicating with both old and prospective clients, networking with other professionals and debating topical legal issues. Raising a firm’s profile is one of its main concerns, particularly if it is a small high street practice. Traditionally, a firm would advertise its services through local newspapers and magazines, and while this is still practiced, it is hugely limiting and is not appropriate when attempting to target wider audiences and demographics. However, through social media and networking, a firm is not constrained by geographical boundaries (Law Society Practice Note).

The advantage of using professional social networks such as LinkedIn and Google+ provide for opportunities to attract new clients and to engage in forming professional relationships with both lawyers and journalists, the latter who may further raise a firm’s profile (Hamlins, 2013:1). This strategy will assist more traditional high street firms to ‘level the playing field’ against larger, established firms. Even large City firms have noticed the potential of social media, with Charles Russell partner, David Reissner recognising early on that “clients and potential clients are Facebook users” (White, 2009:2).

On the other hand, there are a number of risks relating to a firm’s use of social media, which are of a professional, ethical and legal nature and they include: data protection, client confidentiality and defamation. The main Principles that a practitioner must be aware of in the context of social media use are:

1. Principle 2 – To act with integrity

2. Principle 3 – To remain independent

3. Principle 4 – To act in the best interests of each client

4. Principle 6 – To maintain the trust that the public and the provision of legal services place on you.

Social Media Policy Guidelines

It is highly advised that practitioners implement a social media policy whether they are sole practitioners or working in a team of practitioners. This will enable them to comply with their legal and ethical obligations and to stay within the law when using social media at both a personal and professional capacity.


Defamation is one of the biggest risks when using social media platforms such as Facebook and Twitter. To post, tweet or re-tweet something amounts to a publication and if it is defamatory, that firm may be at risk of libel and being sued for damages. There has been a steep rise in the amount of libel cases from social media platforms as a result of recent celebrity defamation cases (The Independent, October 2014). For example, in 2013, Lord McAlpine was awarded damages due to his name being tweeted by Sally Bercow in regards to a BBC report on child abuse. Although she did not directly accuse him, her poor choice of words were deemed to be enough to have damaged his reputation “in the estimation of right-thinking members of society” (BBC News, February 2013) and that this caused Lord McAlpine substantial harm. In a similar case, the cricketer Kevin Pietersen was also awarded substantial damages after an advert was posted on Facebook and Twitter by Specsavers which had suggested he had tampered with his bat (The Independent, October 2013). Clearly, the risk of potentially making a defamatory statement is substantial and practitioners must be aware of what they post and under what capacity. Practitioners must comply with Principle 2 of the Code of Conduct by acting with integrity and maintaining a professional position.


Practitioners should consider a number of things when developing a strategy to limit defamatory damage:

  1. There should be a clear definition of what constitutes a defamatory comment, statement or visual image.
  2. If a practitioner is posting a statement on behalf of the law firm, it is advised that all Tweets, Facebook posts and other social networking platform communication is checked and approved by a designated senior person.
  3. If a practitioner wishes to communicate via a social network in a personal capacity, they should refer to themselves in the first person (“I”) and avoid the words “We” or “Our”. This will inform the reader that it is a personal statement and bears no connection to the law firm itself.
  4. A disclaimer may also be included stating that the views of an individual practitioner do not represent the views or policies of the law firm.
  5. Regularly review all social media posts and statements on every platform used and if possible, employ a social media company or expert for advice.
  6. There should be regular training for practitioners on the changes and updates regarding social media platforms and defamation laws.

Client Confidentiality

In order to comply with Outcome 4.1 by keeping a client’s data and information confidential, a client’s identity must not be disclosed by revealing the location through social networking sites such as Twitter and Facebook. This can be avoided by disabling the location settings such as Facebook’s Check-In or Twitter’s location settings. Although the Law Society states that “there are no quantifiable benefits of engaging in social media” (Social Media Practice Note, 2011:6) with clients, it seems inevitable that there will be at least some contact with a client or potential client through a platform whether it be on Facebook or LinkedIn. There is evidence that the use of social media contributes to a business’s development through building and maintaining client communication (Meritas, 2011:5), as practitioners build trust and a sense of community with ordinary people, these people will increasingly refer others (as well as themselves) to those practitioners when they require legal assistance.

Professional networking through platforms such as LinkedIn require minimal privacy settings as it does not necessitate a practitioner to disclose information such as sexual orientation, relationship status or other personal information. Similarly, Facebook and Twitter can also be used as a professional social network to connect with other legal practitioners and share information. All these platforms entail the risk that the confidentiality and disclosure Code of Conduct rules, specifically Chapter 4, may be breached if a practitioner forms an online relationship with a client. When a connection is made it means acknowledging that there is a link with that client which is open for others to see, therefore a practitioner may be in breach of their legal and regulatory obligations.


Practitioners should consider a number of things when developing a strategy to limit the risk of breaching client confidentiality:

  1. There should be a clear definition on the differences between data which is confidential and when client information is permitted to be used on any social media platform.
  2. The practitioner should inform the client about the firm’s social media policy through either the client care letter or by some other written form.
  3. The practitioner should obtain written consent from a client if they wish to use client information on a social media platform.

Final Recommendations

Practitioners must:

  1. Always follow and abide by the SRA Code of Conduct and other relevant codes of conduct when using technology in legal practice.
  2. Always choose a private cloud service for client data storage and related documentation.
  3. Ensure that all agreements and contracts entered into follow relevant laws, codes of conduct and ethical obligations.
  4. Ensure that its cloud providers do not have a presence or business in non-EEA jurisdictions.
  5. Ensure that they have a social media policy in place which follows all relevant legal, regulatory and ethical standards.

Case study: Snob Monkey

One way a firm can increase its social media presence and market its services is by outsourcing these tasks to expert social media companies who specialise in marketing their customers’ services through social media platforms. One social media marketing company, Snob Monkey, agrees that although social media marketing can be conducted in-house, it is preferable to outsource as social media marketing is time-consuming with the biggest issue being response time – the time a firm takes in responding to a post, tweet or blog. It also suggests that Facebook is the most popular and effective platform to use for any type of customer due to its adaptability and flexibility in attracting a wide demographic and has over one billion users as of 2014 (Statista, 2014). Other than Facebook, Snob Monkey also believes that Google Plus is a growing platform which has the power to integrate photos, websites, reviews etc, which effectively provides potential customers with a preview of what they may expect thereby increasing a firm’s reputation through their brand and image.

When asked about its how it ensures data protection and what safeguards it has in place, Snob Monkey replied that all customer data is stored on a backup USB which contains a ‘vault’ accessed only through a password. In the event that the USB is lost, the information is also contained in the hardware which is easily retrievable even if deleted or lost. The information is also stored within DropBox with both a public and a private folder. The private folder is accessible only for specified people and when any alterations are made to that information, it is automatically synchronised to other designated users providing for a more efficient service. Further, the company’s email system uses IMAP, a service which automatically saves an email on the server whenever an email is sent, providing anther method of backing up data which may otherwise be lost.

Protection against making defamatory statements is mainly through a strict internal policy of reporting any content that is due to be posted to senior staff, swiftly correcting any mistakes made through human error and issuing an apology if needed. It is the customer who is liable for any mistakes since all information posted through social platforms is given from the customer itself, and the contract made between Snob Monkey (the provider) and a customer includes recognition of its terms and conditions and it’s privacy policy which are both extensive. There is scope for negotiation of a contract since every contract is bespoke and specific to a customer’s needs and strategic requirements.

Case Study: Zellera Legal Technology

Zellera Legal Technology is a legal technology focused business which specialises in online business generation for law firms by offering a number of services such as: branding, website design, content drafting, search engine optimisation, social media marketing and call tracking. They have a broad legal clientele ranging from small law practices to larger commercial firms and also offer services tailored for niche areas such as family or employment legal practices. The most effective platforms they market their clients on are LinkedIn, Twitter, Google Plus and Facebook. Facebook is an ideal platform to market firms who wish to focus on attracting consumers whereas Google Plus and LinkedIn centre on professional networking with LinkedIn proving to be a good platform to receive referrals from other lawyers. Zellera Legal Technology has found that Google Plus Local is a valuable tool to use when attracting local consumers who will often use Google to search for a local law firm. One such example is [a London law firm] which has greatly benefitted from Google Plus Local through receiving five-star reviews. As a result, when a person searches [for certain keywords, that firm] is the first hit on Google.

Content drafting is one of the many services it offers and is attractive to its law firm clients who wish to have up to date and informative legal content on their websites. Zellera Legal is unique in the fact that they write and produce the content from scratch by employing a team of professional legal writers, currently numbering around ten employees. This has been proven a popular method where a separate business has been created purely for content drafting called ‘Curated Media’, and as a result content marketing has vastly improved the number of hits a client’s website will receive. The downsides to producing content is the issue of writing on a particular jurisdiction’s laws and the risk of getting the law wrong, since Zellera Legal works with various international clients. As such, contracts between the Zellera Legal and customers will usually include a standard disclaimer that the client bears responsibility to check any content published.

Zellera Legal offers its services to a wide range of clients from sole practitioners to larger commercial firms. The advantage of marketing a sole practitioner is the fact that marketing need only revolve around one person who has the autonomy to make a decision. In contrast, larger firms have many partners therefore it may be more difficult to obtain collective agreement for a certain decision. For example, one [barrister client] required services including website build and design and search engine optimisation. As a sole practitioner with a certain niche, the focus on marketing a key specialism and niche can be easier than a general, full serviced firm. Zellera Legal offers bespoke services for niche practices such as family or employment focused firms. Zellera Legal also offers services in drafting social media policies for law firms in order to reduce the risk of publishing content subject to defamation. The policies include clauses on defamation and internal sanctions a law firm may make in the event that content is published via a social media platform in order to avoid making any defamatory statements.




Kimbro, S (2011). Virtual Law Practice: How to Deliver Legal Services Online. Chicago: ABA Book Publishing.

Kowalski, M (2012). Avoiding Extinction: Reimagining Legal Services for the 21st Century . Chicago: American Bar Association.

Mosten, W ‘The Unbundling of Legal Services’, in, R Smith (ed), The Shape of the Future: new directions in legal services, LAG, (1995)

SRA Code of Conduct Handbook 2011

Susskind, R (2013). Tomorrow’s Lawyers: An Introduction to Your Future. Oxford: OUP.

Susskind, R (2008). The End of Lawyers?: Rethinking the nature of legal services. Oxford: OUP.

Journal Articles

Dutton W., H. and Blank, G. (2011). ‘Next Generation Users: the Internet in Britain. Oxford Internet Surveys. 1

Kimbro, S. (2013). Using Technology to Unbundle in the Legal Services Community. Harvard Journal of Law and Technology. Fall/Winter (1)

KING, Ian and EDWARDS, Catherine (2013) Adapting to the New Legal Services Market: Can Law Firms Avoid Becoming a Comet? In: British & Irish Legal Education & Technology Association Annual Conference 2013, 11-12 April 2013, University of Liverpool. (Unpublished)


Data protection Act 1998



Beaton, G. (2015). Comment: The Implications of the Uberisation of Legal Services. Available: Last accessed 20th January 2015.

Business Tendrils. (2013). The Solicitors Regulation Authority, the Law Society and social media: some practical advice . Available:,Law%20Society%20and%20SocialMedia.pdf. Last accessed 6th January 2015.

Burrell, I. (2014). Libel cases prompted by social media posts rise 300% in a year. Available: Last accessed 5th January 2015.

Channel Register. (2013). UK’s 2e2 goes titsup . Available: Last accessed 5th January 2015. . (2014). Why protecting encryption keys is critical to keeping cloud data private.Available: Last accessed 5th January 2015.

Computer Weekly. (2013). Available: Last accessed 5th January 2015.

Department for Education. (2014). Cloud (educational apps) software services and the Data Protection Act .Available: Last accessed 5th January 2015

Dunn, G. (2014). Law Firms: Cuts, Costs, Attract Clients, Boost Profits. Available: Last accessed 21st December 2014.

European Commission. (2014). Cloud Service Level Agreement Standardisation Guidelines . Available: accessed 4th January 2015.

Gleeson, Niamh Christina and Walden, Ian, ‘It’s a Jungle Out There’?: Cloud Computing, Standards and the Law (May 23, 2014). Available at SSRN: or

Goodman, J. (2013). Law firms and cloud computing. Available: Last accessed 21st December 2014.

Hamlins. (2014). Law firms should embrace, not fear, social media engagement. Available: Last accessed 5th January 2015.

Home Owners Alliance. (2014). High street conveyancers must embrace modern technology. Available: Last accessed 20th December 2014.

ICO. (2012). Guidance on the Use of Cloud Computing. Available: Last accessed 5th anuary 2015.

Kazan, B and Wilson, D. (2013). Technology-Assisted Review Is a Promising Tool for Document Production.Available:–for-Document-Production?slreturn=20150022140535. Last accessed 21st December 2014.

Knight, F., T . (2014). 8 Legal Tech CEOs Talk About Their Work. Available: Last accessed 21st December 2014.

McGuirk, M and Sant, D. (2013). Cloud Computing – The Legal Risks. Available: Last accessed 21st December 2014.

Meritas. (2011). Social Media for Lawyers. Available: Last accessed 5th January 2015.

Monahan, G . (2014). In Depth: Social Media. Available: Last accessed 20th December 2014.

Moazzezi, O . (2012). How Secure is the Cloud?. Available: accessed 22nd December 2014.

Morin, M. (2014). What is Cloud Computing? Interviewing. Available: : Last accessed 22nd December 2014.

Norton Rose Fulbright. (2014). Cloud computing A practical guide to legal risks and issues. Available: Last accessed 3rd January 2015

Parry, S. (2010). Cloudy and Bright—a Case Study from Virtual Practices. Available: Last accessed 21st December 2014.

Policy Department. (2012). Cloud Computing. Available: accessed 21st December 2014.

Rise. (2013). Legal software developer Denovo secures its future with robust cloud-based services. Available: Last accessed 6th January 2015.

Roebuck, R. (2014). Why IT will save law firms (as long as they’re willing to change) . Available: Last accessed 21st December 2014.

Smith, R and Paterson, A. (2014). Face to Face Legal Services and Their Alternatives: Global Lessons from the Digital Revolution. . Available: Last accessed 21st December 2014.

SRA. (2013). Silver Linings: cloud computing, law firms and risk. Available: Last accessed 21st December 2014.

Statista. (2014). Number of monthly active Facebook users worldwide from 3rd quarter 2008 to 3rd quarter 2014 (in millions). Available: . Last accessed 5th January 2015.

Stock, P. (2012). Escrow as a service shows cloud is a way forward for software providers. Available: Last accessed 6th January 2015.

The Independent. (2013). Lord McAlpine libel row with Sally Bercow settled in High Court. Available: Last accessed 6th January 2015.

The Journal of the Law Society of Scotland. (2014). A changing landscape. Available: Last accessed 13th January 2015

The Law Society. (2011). Social Media. Available: Last accessed 4th January 2015.

Van der Zwet, J . (2012). Layers of Latency:. Available: Last accessed 21st December 2014.

Wheeler, B. (2013). Twitter users: A guide to the law. Available: Last accessed 6th January 2015.

White, R. (2009). How law firms can use social networking to stay ahead of the pack . Available: Last accessed 5th January 2015.

Contact Our Legal Marketing Experts for More Info Today

Need bespoke advice for your law firm? Contact our expert team at Zellera Legal Technology via our online contact form today.



“I first came into contact with Zellera Legal Technology through Twitter. Over a period of time we grew our relationship to a point where I felt comfortable instructing them to redevelop my website and manage my online marketing activities for me.”


“They have done an outstanding job of getting our website ranking highly for extremely competitive keywords…Zellera Legal Technology are a pleasure to deal with and continue to deliver great results.”


Read more testimonials

As featured in

Here There!

If you have any question, send us an email and we'll get back to you, soon.

Not readable? Change text. captcha txt