Cease and Desist Letter Automation



On Friday, April 20th LegalRnD will host the “Measuring Lawyer Quality and Setting an Empirical Research Agenda for Legal Technology and Innovation” Conference from 9 am to 12 pm at the Kellogg Center in East Lansing. Students from Dan Linna Jr.’s Litigation: Data, Theory, Practice, Process Course will present on legal technology tools that have been developed to address real-world problems provided by project partners. Students were taught the Kata method to help identify potential solutions for the legal problems that they were provided.

Students were also trained in both Think Smart and Neota Logic artificial intelligence platforms, so that these solutions could be built for the project partner.  My group consisted of Erica PorterKaitlyn Huber and myself. We were given the following problem by Jeffrey Sharer of the Akerman Law Firm .

Law and Intellectual Property

Primary Business
Protection and enforcement of intellectual property rights. Intellectual Property involves intangible assets and creative works. It secures and enforces legal rights to inventions, designs, and artistic works.

The Challenge

Intellectual property rights are one of the most valuable assets of a corporation. In fact, it may be the most important asset the corporation possesses and therefore should be protected. In a recent survey, C-Level executives were asked whether they considered trademark infringement as something that they monitor in the company. Over 80% of these executives state that trademark infringements have become a growing issue for corporations over the past 5 years.

There are a number of ways in which a trademark infringement can damage a company’s brand, resulting in loss of sales. One of the growing concerns for C-Level executives is the negative publicity that a brand may sustain on social media. This makes the response of a corporation and its legal team time sensitive. Traditionally, it takes an in-house lawyer or outside IP counsel approximately 2 to 4 hours to assess a potentially infringing mark and draft and appropriate cease and desist letter or other correspondence to the alleged infringer. For many large organizations, this can add up to hundreds or even thousands of hours per year. One Deputy General Counsel responsible for IP at a Fortune 100 company suggested that this process could be at least partially automated to allow for responses to be generated more quickly

The Solution

Law firms like Akerman, which build smart systems, are uniquely positioned to respond to this issue. Attorney Jeffrey Sharer and Professor Dan Linna Jr. decided to have a group in Dan’s Litigation Class develop a solution using Think Smart or Neota Logic to streamline the researching and drafting of a cease and desist letter. My group decided to use the Neota Logic artificial intelligence software platform to help clients determine their rights under Trademark law. The Neota Logic platform employs process management, document automation, and reasoning to build an intelligent application for addressing complex legal issues.A client using the system can draft a cease and desist letter in 15 to 20 minutes rather than the traditional 2 to 4 hours. This allows for the client’s IP counsel to address other issues for the corporation, rather than spending valuable time on the cease and desist process.

How it Works: Programming Neota with Actions, Variables, Question Flows, and Decision Trees:

When determining the best app to develop for clients, we discussed developing an app that would allow the client’s IP counsel to generate an automated cease and desist PDF, but decided that our app would be of better use if it empowered anyone on the legal team to determine the companies’ rights under Trademark law and drafts the cease and desist letter for them. The software’s functioning is similar to TurboTax in that regard, where you can file taxes without having to be a CPA. With seamless integration, Neota Logic opens the web interface of the Advisor where the user selects the appropriate template for the document type.

The Advisor starts automatically, prompting the user for a case number or other identifying information. The Advisor provides a link to the USPTO if the IP counsel needs to retrieve related data about the company’s trademark and prompts the user to fill in the remaining information required for the document type.

The Advisor generates the document using the template, merging the data obtained in the questionnaire, and from common content, and applying trademark rules as required.
The solution then routes the generated document automatically to the clients’ email.

The Draft Letter:

Results and achievements of this project:

  1. With automated document templates, the time spent by the legal department on drafting cease and desist letters is reduced by more than 80%!
  2. Automated templates significantly reduce mistakes in documents.

User Input

We strived to make the best app possible, so we wanted to make sure that we were able to incorporate input from those in the field and those in general practice. We wanted to make sure that our app has the content that a trademark attorney would need to feel empowered to continue using it, but we also wanted Akerman to be able to provide it to in-house counsel who does not work on trademarks as often. Jordan Galvin was incredible, as she was willing to go through our app and provide comments to help us make our app amazing. By incorporating user input, we were able to draft the questions so that all audiences could follow through and submit information for the letter. Martin Childs, a 2L working for a Chicago firm, stated that he wished he had taken this class because he felt that developing these tools directly address clients’ pain points. Professor Bean said he was impressed with our app and felt that it was very useful. Professor Carter Johnson, who worked in IP at a firm and now teaches IP at MSU, stated that our app was very interesting and a great start to an awesome idea.

What We Learned:
In creating this automated artificial intelligence software platform, we learned that you cannot simply throw technology at an issue. We opened the course by learning to implement the Kata method, which forced us not to jump to a conclusion but rather to employ the scientific method. We were forced to test our theories to determine if they were accurate. We employed process improvement and process mapping to eliminate waste, by using the data-driven approach to develop our system.

This innovative system was created through teamwork with my classmates and with our project partner, Jeffrey Sharer. We learned that in this era of Artificial Intelligence, the legal field could be significantly improved through the automation of data, leading to more efficient service delivery and improved client satisfaction.

Below is an abstract/summary of my paper with the Journal of Business, Entrepreneurship and the Law at Pepperdine Law School.

Motivated by the recent explosion of interest in artificial intelligence(AI), I examined whether it makes sense to implement AI in smart contracts, to make them more effective. The current state of smart contracts leaves one to wonder if these are true contracts themselves. Traditional contracts have an offer for acceptance, highlighting the fact that smart contracts are mere codes incapable of satisfying the required elements of a legal contract. Could smarter contracts, assisted by AI, satisfy the elements of a contract by offering a web-based platform that allows for parties to make offers and accept them, copying them into a smarter contract? Could the use of AI in contracting, reduce risk by comparing the current smarter contract with existing smarter contracts on the blockchain? Could AI help retain business relationships by allowing user inputs that track performance, fluctuations, and extending the time for performance?

These analyses will be the focus of this paper. Part I examines the issues with the current state of contracting and will elucidate potential sectors of the legal industry where the implementation of smart contracts would be of best use for attorneys and our clients. Part II examines the implementation of smart contracts, and how it would help attorneys add value to clients by making attorneys work more effectively and efficiently. Part III of this paper will also explain why the use of smart contracts should be augmented with artificial intelligence (AI) to assist with the validity of the contracts. Part IV of this paper will examine the creation of a new type of lawyer that technologists and corporate clients will need to assist with the understanding of the risk associated with the technology and the laws that govern them. Finally, in Part V this paper will examine potential client areas that could benefit from the use of smart contracts to save money and move more efficiently.


On March 30th, Houman B. Shadab, a founder of the Accord Project and professor of law at New York Law School, will lead a workshop at the University of Michigan Law School about blockchains, smart contracts, and the Accord Project. Professor Shadab is a prolific and influential expert at the intersection of law, business, and technology. His research focuses on financial technology, smart contracts, hedge funds, derivatives, commercial transactions, and blockchains. The workshop is a supplement to the “Legal Technology & Innovation” course taught at Michigan Law School by Professor Dan Linna. Students and members of the public may attend if they RSVP through the Detroit Legal Innovation Meetup.

Blockchain has recently emerged as a disruptive technology that may revolutionize the way that attorneys will advise their clients. Applications for blockchain are currently being developed for key industries including finance, insurance, energy, healthcare and legal. A blockchain is a decentralized, trustless and continuously growing ledger that records and keeps track of every transaction across a peer-to-peer network of participants.

Recently, PWC made the news not only for launching a law firm in Washington D.C., but also for the release of its blockchain platform. The platform will help with managing business disputes and auditing of current implementations of blockchain applications by various corporations like Walmart, which is introducing a blockchain

application for improving food tracking. Blockchain appeals to corporate clients because the technology promises to provide security by design. Blockchain security comes from leveraging cryptographic protocols and distributed consensus algorithms, which provide anonymity, auditability and transaction immutability.

These same characteristics have also made blockchain appealing to lawyers and corporate clients for its potential use in “smart contracts”. The term “smart contracts” was originally coined by Nick Szabo, a cryptographer, who first saw the potential of 

automating contracts on blockchains. Szabo described contracts as a set of promises agreed to by a meeting of the minds, precisely as taught in my first-year contracts class by Professor Barnhizer. Szabo envisioned an automated contract that could be triggered by performance of either party to the agreement. The parties are not required to have a prior business relationship, and this structure allows for automated remedies if either side does not perform according to the terms of the agreement.

The original contract would be translated into code by blockchain trained attorneys representing either side. The code would contain a series of if-then statements that would carry out the completion of the contract once a condition is met. In summary, the term “smart contracts” refers to computer transaction protocols that execute the terms of a contract automatically based on a set of conditions. The use of smart contracts by corporate clients raises a number legal issues that will require advising by future and current attorneys.

The Accord project is a working group, made up of lawyers and organizations, that is focused on developing best practices and legal standards for smart contracts. The Accord project is led by the internet of things-enabled contract startup Clause, which was co-founded by Mr. Shadab. Mr. Shadab believes that having the Accord Project set standards for smart contracts will increase the chances that smart contracts will be implemented properly.


Come learn about blockchain and smart contracts with us.

All Students and Practitioners are Welcome! Please RSVP via the Detroit Legal Innovation Meetup.


University of Michigan Law School
Hutchins Hall Room 116

March 30th’s Agenda:
9-9:05 – Introductions
9:05-9:15 – Introduction to Clause and the Accord Project
9:15-10:00 – Introduction to Blockchain & Bitcoin
10:00-10:30 – Interactive Exercise
10:30-11:00 – Introduction to Smart contracts
11:00-12:30 – Smart legal contracts workshop
12:30-1pm – Roundtable discussion and wrap up
1pm – Closing and Networking


Yesterday  I attended the joint Process Improvement workshop for Lean Lawyering, which was hosted by several Florida public-interest lawyers and LegalRnD at the State Bar of Michigan. Here’s a link to the workshop’s website:

There were about 40 participants at the meeting, and I had the opportunity to meet and share ideas with practicing practitioners from law firms, legal aid entities, courts, and corporations from around Michigan.

The conference was very thoughtfully organized and included experiences from the implementation 

of process improvement techniques by Amy Burns, Deputy Director of Florida Rural Legal Services; Ilenia Sanchez-Bryson, Chief Information Officer at Legal Services of Greater Miami; Kristen Lentz, Managing Attorney for Disability Rights Florida; and Melissa Moss, Principal/owner of CatalystZone, LLC. Though I’ve attended a number of lean thinking and process improvement conferences, this was the first time that I’ve heard from actual attorneys who’ve implemented the process.


Discussion topics at the conference all centered around implementation of lean thinking (Toyota Way) for Law to improve efficiency and quality of services rendered. After learning of the speakers’ experiences incorporating process improvement into differing aspects of their practice and operations, attendees were given the opportunity to learn by doing.

To teach process improvement through the use of a real-world example, attendees were

broken into small groups to help streamline a legal aid’s walk-in service. The current conditions, as pictured, of the legal aid’s walk-in service results in an average of 58.2 minutes for clients to be serviced. Groups were asked to map the process, pictured to the right. The groups were asked to implement process improvement techniques to decrease the average time of service to 30 minutes. My group started off by mapping the current process and identifying areas for potential improvement. We next asked ourselves why the system took 58.2 minutes for clients to be serviced. Once we determined that it was a result of the process, we next asked ourselves why again. Once we were five levels deep into the why process, we finally had our answer!


The following post was drafted as an assignment between Danielle Chirdon, Anita Western, and I.

Executive summary: In order to conduct a proper assessment of the risks and liabilities in a merger or acquisition deal, the due diligence process must also include an assessment of the target corporation’s cybersecurity. An acquiring company must evaluate the strength of a target company’s cybersecurity processes and controls. In light of the increasing significance of cybersecurity threats, on February 2018, the SEC issued further guidance to its 2011 Guidelines on disclosure obligations relating to cybersecurity risks and cyber incidents. Companies operating in the European Union will also need to adhere to the new General Data Protection Regulations. The regulations require for certain data to be forgotten, designation of a data protection officer and reporting of data breaches within seventy-two hours.


Cybersecurity in M&A

Cybersecurity is one of the most overlooked issues in most M&A transactions.[1] An estimated “78% of global respondents believe cybersecurity is not analyzed in great depth or specifically quantified as part of the M&A due diligence process.”[2] Cybersecurity risk should be assessed by a corporation before it enters into a merger agreement with another company.[3] The acquirer needs to know the risk it is taking when taking over a target company.[4]

In 2017, Verizon, learning from the cyber-failures of TripAdvisor and Neiman Marcus, made cybersecurity a central part of its due diligence study.[5] During its due diligence review of Yahoo, Verizon found that the web company had suffered a large security breach.[6] This discovery allowed Verizon to discount its cost for Yahoo and develop a strategy for the potential risk.[7] It was later determined that several of Yahoo’s executives had known about the breach, but failed to comprehend or investigate the breaches properly.[8] Courts have found that an acquirer’s board of directors would be in breach of its fiduciary duty of care if it did not conduct a due diligence study on the target company before it merged or acquired it, or did not conduct an adequate due diligence study.[9]


What is Cybersecurity

Cyber Security is a set of principles and practices designed to safeguard your information systems and networks, company data, email messages, and information that are typically processed, communicated, and stored on the information systems.[10] The goal of cybersecurity is to protect against a wide range of threats. Doing so ensures business continuity, minimizes risk and maximizes business opportunities and returns for shareholders.[11]

A Corporation implements cybersecurity protocols to protect its data. A corporation holds data such as the personally identifiable information of its employees, customers, and other individuals;  corporate financial information; trade secrets;  intellectual property; and other sensitive and confidential information.[12] Hackers can access a company’s information through three primary methods: physical and environmental threats, technical threats, and people threats.[13] Physical and environmental threats involve the theft, damage, and destruction of the physical elements comprising the information system such as servers and laptops.[14] Technical threats are threats that are carried out through the use of computer code or other automated mechanisms.[15] People threats are those that come from individuals within the company, competing companies, or even foreign government entities.[16]


Cybersecurity Due Diligence

In 2016, cybercrime cost corporations on the average between $375 billion to $575 billion. [17] It has been projected that by 2019, cybercrime will cost corporations over two trillion dollars.[18] An example of a change in public reception would be the new found perception of Target and Equifax.[19] When acquiring a company, the target’s cybersecurity status and program are vital to an acquirer because a company with a poor cybersecurity program will require a large number resources to bring them into legal compliance.[20] An acquirer assumes the risk of the target company, and if it is found that the target company suffered numerous cyber instances and is sued, the acquirer may be on the hook.[21]

How can an acquiring corporation ensure that it is not one keystroke away from a major data breach or another cyber attack? Assessing a target’s cybersecurity risk requires an additional assessment in the traditional due diligence process.[22] An acquirer must must identify actual or potential cyber threats.[23] When conducting a cybersecurity assessment, an acquirer should begin by identifying and evaluating a company’s “high value digital assets.”[24] Hackers are targeting corporations’ intangible assets; for example, trade secrets, engineering designs, customer lists, personal identifying information, confidential bids on government programs, etc.[25] A key component of due diligence is to evaluate the data security plan of the company to determine if there are potential risks, and if so, develop a plan to address them.[26]

The acquiring company should investigate whether the target company has both processes and controls in place to address cyber-instances that may arise.[27] A data security process involves identifying, understanding, and monitoring critical information assets such personally identifiable information and IT systems.[28] A target company should be conducting cybersecurity risk assessments of their data security processes before the acquisition. Risk assessments are done by identifying vulnerabilities and threats that are aimed at the critical information and the potential impact if these threats were to occur. Documentation of risk assessments are often requested by the acquirers when conducting due diligence on the target company.

An acquirer should also request information on the security controls put in place by the target company. When investigating data security controls, an acquirer is seeking policies, processes, procedures, hardware, software, and teams put in place to help deter, monitor, and respond to threats that are aimed at the critical information of the company.[29] Security controls are made up of three types: preventive, detective, and reactive.[30] Preventive security controls are designed to defend against threats and prevent the occurrence of events that compromise security.[31] Detective security controls are designed to identify threats that have occurred such as security breaches.[32] Reactive security controls are designed to stop or contain threats, to determine the parties that are involved, and to recover information that has been damaged or loss.[33]

“Companies with poor security programs may be perilously close to a security breach that can have a major impact on its revenue and profitability.”[34] Conversely, target companies with robust cybersecurity programs may offer enhanced value to the acquirer, and give the acquirer more confidence in the value of the acquisition.”[35] During cyber due diligence, anything learned by the acquirer can be used for renegotiating the terms of the deal or alter the integration plan of the target into the acquirer’s company.[36] If the breach is found to be irreparable, it may lead to a termination of the merger or acquisition.[37]


Cyber Security Disclosure Requirements according to U.S. Securities & Exchange Commission

A cybersecurity due diligence analysis for a publicly traded company should also include disclosure statements registered with the U.S. Securities and Exchange Commission (SEC). The Securities Exchange Act of 1934 requires periodic reporting “as necessary or appropriate for the proper protection of investors and to insure fair dealing in the security.”[38] Regulation S-K requires that public companies provide “a discussion of the most significant factors that make the offering speculative or risky” are particularly relevant to cybersecurity threats.[39] In 2011, the Division of Corporate Finance issued guidelines for disclosure obligations of cybersecurity risks.[40] These guidelines are “neither a rule, regulation, nor a statement of the SEC.”[41] In light of the heightening awareness of cyber security risk, on February 21, 2018, the SEC announced that the Commission had voted to approve a statement and interpretive guidance to assist public companies in preparing disclosures of cybersecurity risks and incidents.[42] The statement emphasized the importance of “establishing and maintaining appropriate and effective disclosure controls and procedures,” as well as “the obligation to refrain from making selective disclosures of material nonpublic information about cybersecurity risks or incidents” and how this applies to insider trading.[43]

Despite encouraging risk disclosure, the guidelines “indicate[] that materiality of the risk should be an overarching consideration affecting disclosure.”[44] The guidelines and statement discourage generic disclosure[45] or “providing a roadmap for those who seek to penetrate a company’s security protections.”[46] The new statement should have a stronger impact on disclosure of cybersecurity risks than the initial guidelines. In the Winter 2017-2018 edition of the Business law section of the ABA, the authors examined the impact of the guidelines on 10-K disclosures and found evidence that a relatively small portion of firms chose to modify their risk factor disclosures.[47] Also, those who did make disclosures experienced negative effects on their stock prices, rather than viewing disclosure as a positive signal of management attentiveness.[48] Currently, firms face the uncomfortable choice of needing to disclose risks for those buying securities to be informed and the fact that disclosing this vulnerability may encourage an attack.


Cybersecurity and the General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is a European Union (EU) regulation, intended to standardize a set of expectations for how an organization must manage and protect PII for employees, clients and other applicable data subjects.[49] The GDPR applies to any organization that holds data that belongs to EU citizens or processes data of subjects within the EU, regardless of their domiciliary.[50] The GDPR represents a significant overhaul of Europe’s current data protection law. It will replace local data protection laws and standardize protection rights throughout the EU.[51] The GDPR compliance goes into effect May 28, 2018.[52]

The regulation increases the rights that individuals have to their data.[53] The right to data portability is one of the most significant examples of the new rights granted to individuals.[54] The GDPR allows an individual to have the right to transport their data from one organization to the next, leaving no data with the prior organization.[55] In order for an individual to transport their data, personal data must be provided to the individual in a structured, commonly used and machine-readable format.[56] The GDPR also stipulates that when technically feasible, organizations should facilitate the electronic transfer of personal data from one to another, if the individual makes that request.[57]

The GDPR also allows new rights for data subjects, such as the ‘right to be forgotten.’[58] Personal data must be erased “without undue delay” when: (1) retention is not required, (2) data is no longer needed, (3) consent is withdrawn.[59] Individuals can ask their organization to delete their data.[60] Organizations that do not yet have a process for accommodating such requests will have to put processes in place to conform to the GDPR.[61] The GDPR also requires personal data breaches, accidental or unlawful access, to be reported to the supervisory authority within seventy-two hours of becoming aware of the data breach.[62]

Lastly, the GDPR requires organizations to appoint a data protection officer (DPO). Organizations will have to designate a DPO if their core activities, as either a data controller or data processor, involve “regular and systematic monitoring of data subjects on a large scale.”[63] For firms who already have a ‘chief privacy officer’ (CPO), transitioning that person to a DPO satisfies the GDPR. If there is no CPO or similar position in the organization, then a DPO role will need to be created.[64]

If an organization makes the mistake of not complying with the GDPR, then hefty fines for non-compliance will ensue.[65] An egregious violation of GDPR, such as poor data security leading to public exposure of sensitive personal information, could result in a fine in the millions or even billions of dollars.[66] One of the largest effects on M&A will be these enhanced penalties. When organizations commit a serious breach of the GDPR, they will face potential fines of up to $20 million in Euros or 4% of the worldwide profit.[67]


Citations can be provided.


For the past few years, business outlets have published numerous stories about failed mergers of gigantic corporations due to failed due diligence studies. In fact, Hewlett-Packard’s deal with Autonomy was one of those highly reported stories of a large corporation losing billions due to an oversight in its due diligence review.[1] In 2011, Hewlett Packard acquired Autonomy for 11.1 billion, a 64% premium over the company’s 1 billion in yearly revenue. What went wrong with this deal?[2] In its review of Autonomy, Hewlett Packard was unable to detect that the CFO and CEO of Autonomy had been cooking their books, reporting profits that it had not made. For ten months before its acquisition, Autonomy reported revenues that were within the 4 percent of analyst expectations.[3] How did Hewlett Packard miss this?
The answer lies in the gigabytes of data that Autonomy handed over to Hewlett Packard. Hewlett Packard’s attorneys had to wade through thousands of documents when conducting its due diligence study, and it is often difficult to catch every potential risk in the target company.[4] Artificial intelligence can change that and save a company from purchasing companies that have cooked its books or been hacked.[5] Artificial intelligence will allow the ability to take a global look at a company and highlight inconsistencies in the documents provided to the SEC, internally, and to acquiring company.[6]

The Due Diligence Process

The primary goal of mergers and acquisitions due diligence is to identify potential risk in the transactions.[7] The acquiring company wants full disclosure from the target company (target) to reduce its potential risk from acquiring the target while understanding the business that it is taking over.[8] As seen in Omnicare, where it refused to acquire NCS with conducting due diligence, due diligence also guides the transaction.[9] Due diligence begins when both parties sign a confidentiality agreement, and the target begins to gather relevant documents for the merger.[10] Gathering the appropriate documents can prove difficult because the documents and forms may be scattered across multiple locations or formats, which could result in important information being overlooked or lost[11].
Next, the acquiring company sends the target a checklist of the types of documents, forms, and information that it would like uploaded to a virtual data room for review.[12] Virtual data rooms offer both parties a secure online location to store and review these confidential documents.[13] Before, providing the acquiring the required documents, the target sends the forms to outside counsel for review.[14] Outside counsel is responsible for managing and protecting the sensitive information of the target.[15] Once the information has been cleared by the outside counsel, it is then provided to the acquiring company for due diligence review.

Due Diligence in The Stone Age

Currently, attorneys conducting due diligence studies, have to review hundreds or thousands of documents provided by the target company to their clients. In fact, attorneys representing a typical company worth 400 million euros in an M&A agreement, have to comb through 75 to 500 contracts during their due diligence contract review.[16] However, these companies do not have just 500 contracts but rather 5,000 to 10,000 contracts on file.[17] This means that the M&A attorneys for the acquiring company only review around 5% of the total contracts that are on file.[18] Why are they only reviewing 5%? The attorneys for the acquiring company are unable to review all of the company’s documents because the traditional due diligence process is time-consuming and expensive.[19] If attorneys took a strategic approach and increased the percentage of documents that are being reviewed, it would consume 30 to 60% of the legal fees that the company was paying.[20] Due diligence review is generally done by a team of associates, which can cost $1,200 or more a document.[21]
During the due diligence process, attorneys review documents provided by the target, to identify and allocate significant risks and determine the subsequent steps in the merger. [22]Attorneys have two categories of potential risk. The first category of risk includes pre-existing business, financial or liability.[23] The second category of potential risk flows from potential anti-assignment, change of control, or confidentiality provisions the target has entered into.[24] This stage of the process is critical for the due diligence process because any oversight at this stage could result in the acquiring company purchasing a liability.[25] It is often only after the merger that acquiring companies can find missed exclusivity, nonstandard indemnification clauses, and other unexpected obligations.

What is Artificial Intelligence?

Artificial intelligence is a branch of computer science that deals with the simulation of human intelligence processes by machines.[26] This process includes acquiring information and rules for using the information, using the rules to reach approximate or definite conclusions, and self-correction.[27] The main idea of AI is the ability of computers to do mundane and repetitive tasks that humans do. AI will not replace lawyers but will rather, will become a tool that we use to improve our efficiency.[28] In house legal departments are beginning to ask outside counsel to do work in less time and are not willing to pay for work it deems as low valued added services.[29] Corporate clients are now using AI tools for other places in the business and see its added value and are looking at law firms wondering why many of these tools are not being adopted.[30]

Artificial Intelligence to Save the Day

M&A attorneys are in need of tools that will reduce the burden of the due diligence process, and help alleviate potential liabilities.[31] Attorneys representing the target are also in need of AI tools, in that they are tasked with providing all relevant documents to the acquiring company.[32] The target is held in violation of the agreement for any relevant document that is excluded from the virtual room. In deals where there are large numbers of documents, AI tools can conduct full reviews, rather than 5%, which avoids having to only analyze only a sample.[33] Attorneys representing the target company can use trained AI tools to recognize relevant documents that are standard for M&A agreements.[34] The AI tool is trained by providing it with examples of several similar provisions found in M&A agreements.[35] Some common examples that can be used in the education of the tool include confidentiality, non-competition, infringement, indemnification, controlling governance, dispute resolution and change-of-control provisions.[36] AI tools can review near-identical documents and determine the differences in both documents.[37]
The education of the AI tool will be continual, as the language used from company to company often varies depending on the user.[38] Using AI tools without the proper education runs the risk that the system may result in overlooking documents or provisions or misinterpretation of ambiguous terms.[39] The AI tool will require training from a user to help identify and define uncommon and ambiguous terms. The AI system can then be tested for its ability to recognize and define these uncommon and ambiguous terms by granting it access to numerous examples such as contracts and documents, to test its accuracy.[40]
The implementation of AI will allow for identifying, classifying, organizing, prioritizing and highlighting documents, and determining which documents needs to be provided by the target company. [41]The current process results in the attorneys providing more documents than needed, making the job of the acquiring attorneys more rigorous when done manually.[42]
When the acquiring company is given access to the target company’s documents, it has an overwhelming task of having to organize and review the content provided.[43] AI tools can be used for the automating the highlighting and cataloging the relevant provisions of each document. While the system is highlighting and prioritizing documents, it can give weight to the more problematic sections for manual review. Using AI tools will help the attorneys working for the acquiring company, with higher efficiency and speed and lower cost I when compared to the traditional method. [44]

Kira Systems

During M&A due diligence, attorneys are provided and must review hundreds or thousands of documents that have not been organized and have been stored in any number of file formats.[45] Organizing and the converting all of the documents is only the first step in a long process. [46]However, AI tools like Kira systems can help curve the time spent on this process. Kira systems is a machine learning software (AI tool) that can identify, extract, and analyze the text in contracts, emails, etc.[47] In 2015, Kira was used in over 100 billion dollars worth of M&A transactions. [48]
Though many attorneys believe that manual review is the golden method, Kira has proven otherwise in a head to head comparison.[49] When Kira and attorneys were given the same documents and provisions for contract review analysis, the manual review was shown to be just as accurate as the AI but took significantly longer.[50] Kira offers attorneys the opportunity to conduct a more comprehensive review, by analyzing more documents in less time for less money. In fact, attorneys have reported a savings of 20 to 60% of their time in reviewing contracts.[51]
Kira allows a target company to analyze its own documents to help determine its own risks and ultimately its value to improve its negotiating position.[52] By having a global understanding of its company, it can negotiate from a more knowledgeable position.[53]

Mergers are often expensive and time consuming for both sides because of the way in which the target company stores its information. Target companies are not usually deal ready. Target companies are often reactionist to potential deals, and then put in a position that requires for them to gather emails, contracts, etc. rather quickly for the deal. Kira systems can save both the target company and acquiring company time and money by allowing for document management before a potential merger is in the air[54]. Conducting manual review would take away from the core business.[55] AI systems like Kira or VDR would allow the target company the ability to upload all documentation and data to the centralized repository.[56] This would enable smooth and easier tracking with internal parties and confidential sharing with outside counsel. Kira also allows for notification of upcoming renewal and expiration dates that exist in the contract portfolio, which allows for the target and acquiring company to have a better understanding of its obligations.


During due diligence for M&A, most of the attorney fees are generated from having to spend expensive hours reviewing documents for their clients. The clients have begun to push back against their outside counsel, requiring for fixed rates and higher value added. This provides an opportunity for automating the due diligence process, which would result in cheaper and faster transactions that allow for better management of risk. AI tools offer a potential efficient solution for classifying, organizing, and prioritizing documents being provided to the acquiring company, and provides a strategy for how the acquiring company addresses its review of these documents. AI tools also provide an opportunity for target companies to be M&A ready upfront.

[1] Jack Ciesielski, How autonomy fooled Hewlett-Packard, Fortune (Dec. 2016), http://fortune.com/2016/12/14/hewlett-packard-autonomy.
[2] Id.
[3] Angela Monaghan, Hewlett Packard offloads last Autonomy assets in software deal, The Guardian (Sep. 2016), https://www.theguardian.com/business/2016/sep/08/hewlett-packard-autonomy-assets-software-deal-micro-focus.
[4] Id.
[5] Roy Strom, Wall Street wakes up to legal AI for due diligence, The Am. Law. (Dec. 2017), https://www.law.com/americanlawyer/sites/americanlawyer/2017/11/30/wall-street-wakes-up-to-legal-ai-for-due-diligence/?slreturn=20180120224441.
[6] Id.
[7] Dewey Ray, What is merger and acquisition due diligence?, CIO (Jun 2015), https://www.cio.com/article/2931585/mergers-acquisitions/what-is-merger-and-acquisition-due-diligence.html.
[8] Id.
[9] Daniel Davis, Omnicare v. NCS Healthcare: A Critical Appraisal, Berk. Bus. Law J. 177, 183 (Mar. 2007).
[10] Dewey Supra, note 7.
[11] Id.
[12] Cassity Ming, The due diligence process for M&A: a complete guide, Securedocs (May 2016), https://www.securedocs.com/blog/the-due-diligence-process-for-ma-a-complete-guide.
[13] Id.
[14] Id.
[15] Id.
[16] Kira Systems, HOW AI IS TRANSFORMING THE DUE DILIGENCE PROCESS, Raconteur (Oct. 2018),https://www.raconteur.net/sponsored/how-ai-is-transforming-the-due-diligence-process.
[17] Id..
[18] Id.
[19] Preparing your company for sale: due diligence from a seller’s perspective, Lex. (Mar. 2012), https://www.lexology.com/library/detail.aspx?g=b2c90aed-1ece-424b-9bce-7b655e83536a.
[20] Kira Supra, note 16.
[21] Id.
[22] Supra, note 19.
[23] Id.
[24] Id.
[25] Id.
[26] Justin Evans, Why Law Students Should Embrace Artificial Intelligence, Intellectuallyjay (Sep. 2017), https://www.intellectuallyjay.com.
[27] Id.
[28] Id.
[29] Jennifer Smith, Law firms face fresh backlash over fees, The Wall St. J. (Oct. 2012), https://www.wsj.com/articles/SB10001424052970203400604578070611725856952.
[30] Id.
[31] David McLaughlin, How AI helps financial institutions perform customer due diligence, Upside (Aug. 2017), https://tdwi.org/articles/2017/08/30/adv-all-ai-helps-financial-institutions-perform-due-diligence.aspx.
[32] Kira, Supra note 16.
[33] Id.
[34] Id.
[35] Id.
[36] Julie Sobowale, How artificial intelligence is transforming the legal profession, ABA J. (Apr. 2016), http://www.abajournal.com/magazine/article/how_artificial_intelligence_is_transforming_the_legal_profession.
[37] Id.
[38] Kira, Supra note 16.
[39] Id.
[40] Cassity Supra, Note 12.
[41] Id.
[42] Id.
[43] Id.
[44] Id.
[45] Debra Weiss, DLA Piper to use artificial intelligence for M&A document review, ABA J. (Jun. 2016), http://www.abajournal.com/news/article/dla_piper_to_use_artificial_intelligence_technology_for_ma_document_review.
[46] Id.
[47] Kira Systems, Kira Systems’ Noah Waisberg, uncovering truths & myths for AI Bootcamp session at Legalweek New York 2018, Kira System Blog (Jan. 2018), https://info.kirasystems.com/blog/topic/due-diligence.
[48] Deloitte, Deloitte forms alliance with Kira Systems to drive the adoption of artificial intelligence in the workplace (Mar. 2016), https://www2.deloitte.com/us/en/pages/about-deloitte/articles/press-releases/deloitte-forms-alliance-with-kira-systems-to-drive-the-adoption-of-artificial-intelligence-in-the-workplace.html.
[49] Mark Burdon, Artificial Intelligence – An Authentic Opportunity For Mergers And Acquisitions, The Deal Room (Aug. 2016), https://www.firmex.com/thedealroom/artificial-intelligence-an-authentic-opportunity-for-mergers-and-acquisitions.
[50] Supra, note 48.
[51] Id.
[52] Id.
[53] Id.
[54] Merrill Corp., BE M&A READY: DON’T MAKE MANAGING YOUR DOCUMENTS A LAST-MINUTE CONSIDERATION, Raconteur (Oct. 2018), https://www.raconteur.net/sponsored/be-ma-ready-dont-make-managing-your-documents-a-last-minute-consideration.
[55] Id.
[56] Id.

On January 19th- 21st, Michigan State University (MSU) will be hosting its fourth annual student-run hackathon, SpartaHack IV. Spartahack is focused on bringing students across different disciplines together and giving them a platform to realize and harness their own fresh ideas. A hackathon is a perfect setting for discovery, where participants have the opportunity to get to know each other better, take on new roles, and utilize material that they are being taught in the classroom.

What is a Hackathon?

A hackathon is an event, typically lasting 24-48 hours, in which a large number of people (computer science students, student programmers, student data scientists, student project managers, business students, and law students) meet to engage in competitive collaborative purpose of achieving a potential solution for a specific set of challenges. The goals involve solving some kind of problem or challenge submitted by a ‘sponsor,’ usually an organization. Teams that create the most meaningful and innovative solutions under the specific judging criteria are awarded prizes from the sponsor.

At Spartahack, around 500 engineers, designers, law students, business students, and etc will get together to come up with something cool, useful, and amazing. The only condition is that students will have only 36 hours to work on their projects. Teams with the best ideas have the chance to win over 34 prizes, amounting to $20,443 in prize value.

Why Should Law Students Attend Hackathons?

Law students are given an opportunity to apply the concepts learned in the classroom to innovate the law or solve a set of legal problems. This allows law student to be in the trenches with programmers and coders who are responsible for developing the technology and other solutions for the issues being presented. Law students are given the chance to actively listen to the solutions proposed and brainstorming that occurs between the sponsors and the other students. Law students can learn to think like the programmers and coders. Hackathons allow for law students to improve their legal process and/or make the law more accessible to clients through the creation of user-friendly mobile apps, web platforms, interactive databases, or etc.

“A hackathon event can help an attorney better understand where the future of the profession is heading by allowing them to take an active role in developing technologies that improve access to justice. Rather than being told ‘this is the new technology, just use it,’ attorneys can play a key part in shaping the new technology.”-Franklin Graves


– Participation is limited to students who have been enrolled in the past year.

– Teams can have a maximum of 4 members.

– All team members must be registered SpartaHack attendees.

– All team members must be physically present at SpartaHack.

Judging Criteria:


-Technical Impressiveness



Sign up!

On Sunday, November 5th, LegalRnD had the honor of hosting Pamela Morgan, Founder, and CEO of Third Key Solutions. The theme of the morning workshop was educating future attorneys on what they need to know about Bitcoin, Blockchain, and Smart Contracts. “Bitcoin, blockchains, and smart contracts are coming to disrupt the legal practice. These technologies provide new ways of delivering services that are faster, more secure, and often eliminate the need for “trusted” third parties. They’ll impact the way lawyers, and their clients, do business.”

The workshop provided law students with a practical understanding of what’s happening now (and what’s just hype); what students, as future attorneys, and potential clients need to know about the technology and the laws that govern them; and how to further develop your practice in this niche area.

What is Blockchain

“A blockchain is a decentralized distributed public ledger, accessible to all nodes connected to the blockchain (Nodes are individual computers that contribute computing power to the blockchain). Each transaction is stored on several computers connected to a common network, which individually validates whether each transaction should occur. For information to be included on the blockchain, the network (comprised of all the nodes) must reach a consensus, usually at least a majority. The transactions are then aggregated (“batches”) into blocks for organization. Then each block is connected to the previous block, hence the name blockchain. Each block is accessible to each node on the blockchain. The block becomes an immutable record and ultimately secure.” – based on research from Danielle Chirdon and Justin Evans

Workshop Take-Aways

Students learned that when advising future clients about blockchain applications and platforms, they should consider some key questions:

Is the blockchain public or private (DLT)?
Blockchains should be established as a Peer-to-peer network. Blockchain systems are stronger when connected to other computers and consistently being validated. If the blockchain is closed and secure behind a corporation’s firewall, it is subject to attack.

2. Who can change the future/past?
When analyzing the closed blockchain platform being proposed, we must identify those who have the ability to change transactions on the blockchain? Under the traditional system, the content on the blockchain remains an unchangeable transaction and requires the introduction of a new block to update terms amongst the parties.

3. At what cost?
Can a member of the blockchain easily alter the material incorporated on the closed blockchain platform? Under the traditional system, the ability to change material on the traditional blockchain requires a large computational feat. Because the traditional blockchain requires a large computational feat, the material added to the blockchain is considered largely immutable (secure/unhackable). Clients need secure blockchain platforms, securing their data and transactions.

5. Who will know and how?
If the material on the blockchain platform is altered, who will know and how will they be notified that the material is changed? Clients need the security of knowing that their material is secured and not easily altered by the members of the closed blockchain platform.

ICO Crowdsourcing

Students learned that many startups are using Initial Coin Offerings (ICO), rather than the capital-raising process required by venture capitalists or banks, to fund their companies. For example, Martin Köppelmann, 31, Stefan George, 29, and Matt Liston, 25 sought to use the ICO platform to raise 12.5 million for their startup, and did so in 11.5 minutes!This works by the startup offering its coin, in which investors can purchase, giving the early investor a stake in the company. To help assist in crowdfunding for ICOs, the DAO, which stands for digital, decentralized autonomous organization, was created to act as a form of investor-directed venture capital fund. Recently, governing bodies such as the SEC have come out and ruled the offering of coins for a stake in the company as securities. As ICO crowdfunding continues, 21st-century lawyers are needed to help startups adhere to potential laws that may govern them.

Co-written by Danielle Chirdon

The 2017 Financial Legal Technology Conference at Chicago-Kent College of Law was a high intensity day packed with information from over twenty leaders in the crosshairs of technology in the legal and financial industry. In order to attempt to give a more accurate overview of the day’s events, [-] and I will be releasing a series of posts summarizing some of the main themes we saw throughout the day.

“Innovation means people sitting at the same table, talking the same language, with a common set of goals.”

“The field of law is moving too [slow],” David Cambria, Global Director of Legal Operations for Archer Daniels Midland. “The law looks like finance 50 years ago” Dan Katz, Director of the Law Lab at Illinois Tech Chicago College of Law. Katz opened the conference with establishing two major branches of Fintech: (1) removing the socially meaningless friction of “that’s the way we have always done something” and (2) how to characterize (price) risk using legal technology. Lawyers tend to think of themselves as risk adverse, but “it is meaningless in business to say something is risky.” Being a lawyer means helping to decide which risk is worth taking. Corporate clients need attorneys who speak their language and who understand their goals. Unfortunately, attorneys have not been properly trained during law school for optimal use by their corporate clients. Throughout the day, the need for law schools to alter their approach to training law students by freeing up the capacity for alternative streams of courses was a reoccurring theme. Lucy Bassli, Assistant General Counsel of Microsoft, spoke on how the traditional education of law and constraints on the unauthorized practice of law is a huge impediment to innovation. Why should educators care? Because they are preparing for their future careers

(Law + Tech + Design + Delivery) = education for the 21st century lawyer, Alexander Rabanal, Associate Director of The Law Lab at Chicago-Kent.

The delivery of legal services is evolving due to changes in market demand. Business partners and in-house legal teams are redefining the relationships with outside attorneys, requiring them to embrace the use of technology and improve their current processes. These clients are asking for greater value, mutual benefits and risks, and multidisciplinary teams. Is the current way things are done, the best way? The whole goal is to do the work better, faster, and cheaper. “Sometimes the best lawyer, is no lawyer at all.” Stephanie Corey , Chief of Staff and Legal Operations Senior Director, Uplevel Ops. Whether the tasks assigned to certain roles, in a current process, is the most efficient method of conducting a legal service is a question law firms may benefit from asking in the wake of changing demands from their clients. “You don’t need a surgeon to draw blood at clinic, like you don’t need a partner to do the work of a paralegal.” Applying process improvement techniques like lean thinking and putting people in leadership roles to work alongside attorneys, may help to improve current processes and help law firms maintain clients. “But please, stop using the term non-lawyer. They are the secret sauce.”