Addison Cameron-Huff, Blockchain Lawyer

Thoughts and opinions of a Toronto-based cryptocurrency lawyer who's worked in the industry since 2014.

Search This Blog By Keyword

Minimizing the Risk of Exfiltration

The Pentagon had several terabytes of data related to the F-35 fighter stolen in 2009. This is just one of many hacking incidents involving exfiltration of large amounts of data. Law firms are particularly vulnerable to these kinds of attacks.

If your firm has a network drive with everyone's files or a document management system then you're likely vulnerable to the mass theft of documents. Whenever I read about these kinds of losses I always wonder why the systems allowed thousands or millions of documents to be downloaded at once.

Read the rest of this post

The Increasing Importance of In-House Counsel

Last night I was asked why a company would want to switch from outside counsel to in-house lawyers. I've been in-house at Research in Motion (AKA BlackBerry), worked at a large Bay St. law firm and am now practising independently. Although I'm not a grizzled veteran, I have seen both sides of the practise of law.

I think there are two key advantages of in-house:

Read the rest of this post

Gmail for Sole Practitioner/Small Firm Lawyers

I use Gmail to manage my eleven different email accounts. I have all of my accounts set up as mail forwards (e.g. addison@cameronhuff.com forwards to myemail@gmail.com) and then SMTP for outgoing from Gmail. This set up allows me to have all of my different businesses funnelled into one account that's accessible on my phone and computer. When I reply to a message my email will be sent from the email address that it was sent to (and not the Gmail address).

Besides the incredible convenience of managing many email accounts through one, using Gmail gives me Google's anti-spam filters (they're great). Google anti-spam is also a great defence against phishing emails.

Read the rest of this post

Encrypt Your Phone

Even if you have a password to unlock your phone (and you should), the contents of your phone are not secure. All of your attachments, emails, phone call records, notes, etc. could be available to a thief, hacker or border agent. If you're not using a firm-supplied BlackBerry (where this should be enabled by default) you should enable encryption on your phone.

In order to secure your phone you'll need to enable encrypted storage. The method for doing so depends on your model and may require some help from an IT expert. Try googling the name of your phone and "storage encryption". On Android you can enable it by following these steps (may not be applicable to your version of Android).

Read the rest of this post

Computer Security for Lawyers

This blog post contains a summary of practical steps to make your law practice more secure. Most of these steps require technical knowledge to execute on but there should be enough information provided for you to have a conversation with your technical staff.

The best way to secure a firm against hackers stealing money is to use "air gaps". Read more in this blog post.

Read the rest of this post

Securing Your Files with AES Encryption

My law practice is stored in an encrypted disk image. Encrypting your practice files is like locking your files in a bank vault.

How does it work? A disk image is like a directory but when it's opened it requires a password. Once opened the directory will be available until you eject it (like a CD).

Read the rest of this post

Guarding Against The Right Threats: ACH and Wire Transfers

Large law firms should assume that their systems have been compromised by hackers. Whether the danger is state espionage (e.g. Potash hacking of Bay St.), "Anonymous" or cybercriminals in California, firms are either currently being exploited or about to be.

Obviously guarding the front line (i.e. lawyer/assistant computers) is important but generally front line computers aren't the real target. Often the targets of hackers are wire and ACH transfer systems (viz. payroll).

Read the rest of this post

Law Firm Security Tip: Air Gap

Law firms often have accounting departments with access to wire transfer capabilities through online banking. There is a risk with these systems of infection with malware (i.e. keyloggers) and then unauthorized wire transfers of hundreds of thousands of dollars. A Toronto firm in 2012 had a "six figure loss" from this type of attack. These attacks are likely just the tip of the iceberg because law firms don't like to admit to having had trust funds stolen.

A good solution to the problem of attacks on accounting computers is to air gap them. The strategy is to provide a dedicated computer with a separate internet connection for wire transfers. Having a separate computer (and internet) means that any infections on the network or in an email attachments can't affect the banking computer. This method would have prevented the two attacks linked to above (and virtually any other kind of attack).

Read the rest of this post

Presenting on "Cyber Crime and Your Practice" (LSUC PD)

I'll be presenting on the 29th of January on the topic of "Cyber Crime and Your Practice" (professional development credit).

I'm honoured to be presenting with Alex Cameron (Faskens), Mark Hayes (Heydary Hayes) and George Takach (McCarthy Tetrault).

Read the rest of this post

Queen's Law Reports Publishes Article About OntarioMonitor

I was covered in an article in Queen's Law Reports, the alumni magazine for Queen's Law. Here's the relevant page and you can read the whole issue here.

The article is a bit dated because this is from an interview I did in the summer before I started my law practice. Since the article was written I opened my own practice, created AlbertaMonitor.ca, FlatLaw.ca and EUAlerts.com.

Read the rest of this post

EUAlerts Has Launched!

EUAlerts.com has launched! It's the culmination of a fair bit of work over the last couple months and I'm excited to see where it goes.

EUAlerts is the first keyword-based government monitoring service for the European Union. The service works by monitoring for client keywords and then when they're found in new laws the client gets an email with excerpted sections and highlighted keywords.

Read the rest of this post

Uber Hires Lobbyists in Alberta

Uber (traditional cab competitor from San Francisco) has hired a lobbying firm in Calgary.

New West Public Affairs will be lobbying Municipal Affairs and the Justice & Solicitor General for changes to the Municipal Government Act and Traffic Safety Act. Presumably they'll be trying to deregulate the taxi industry in Edmonton & Calgary.

Read the rest of this post

Great Cross-Browser Testing Tools

If you've ever had to do cross-browser testing you're probably familiar with screenshot tools like Browser Shots (it's great and free).

I highly recommend checking out BrowserStack if you have to do any kind of interactive testing (e.g. Javascript, drop-down menus, etc.). I used it a few weeks ago for a project and it was easy + free.

Read the rest of this post

Ontario Considering Driverless Car Testing Regulation

Ontario is considering allowing autonomous vehicle testing (as is being done in Nevada & California by Google). The regulation that's being considered will allow for a five year testing period. Although the cars will be autonomous, they'll have to have a driver ready to take over immediately.

No driving systems that are "homebuilt conversions" will be allowed.

Read the rest of this post

FlatLaw.ca Written Up in Canadian Lawyer Magazine Blog

FlatLaw.ca was written up yesterday on the blog of Canadian Lawyer Magazine/Law Times.

The mention on their site caused about 50 extra people to visit the site (although it was published late Friday afternoon).

Read the rest of this post

Enforceability of Terms of Use (an HTML5 presentation)

I've created a presentation about terms of use and best practices for ensuring enforceability.

It works best in Chrome & Firefox: “Terms of Use: Best Practices for Enforceability”

Read the rest of this post

Why License Warranties SHOULD NOT BE IN CAPITAL LETTERS

Online license agreements usually have warranties that are WRITTEN ENTIRELY IN CAPITAL LETTERS. This is an anachronism from the typewriter era that should be avoided according to the 9th Circuit, a leading author on contracts drafting and the deputy GC of Wikipedia.

The reason why people use all caps is a section of the UCC, an American law that codifies sales law (similar to the Sale of Goods Acts in Canada). You can read more about it here.

Read the rest of this post

SSH Keys Made Easy

Here's an easy guide for getting SSH keys set up for SSH/rsync connections to your web server: myridia.com

Read the rest of this post

Converting PDFs with PHP

In order to create AlbertaMonitor.ca I had to figure out how to convert PDFs to HTML using PHP.

The trick is to use a Java program called pdfbox and run it from the shell using PHP:

Read the rest of this post

Tips for Hiring a Tech Lawyer

Here are a few questions to ask when hiring a technology lawyer:

1. Does the lawyer have a website? I wouldn't hire one who doesn't. A decent website is quite affordable in 2013 (check Craigslist!).

Read the rest of this post
There are hundreds more blog posts to read, going back to 2013:
Page 1 Page 2 Page 3 Page 4 Page 5 Page 6 Page 7 Page 8 Page 9 Page 10 Page 11 Page 12 Page 13 Page 14 Page 15 Page 16