[Dave Heal's] Observations & Reports

Letter to an Erstwhile Valedictorian

As your 1L year gets under way, increasing numbers of adults in your life will describe the main difficulty of the first year of law school as “learning to think like a lawyer.” Not only do they make it sound exhausting and terrible, but loads of them have packaged this observation along with a general admonition against becoming a lawyer at all. This is information that might have been helpful a year or so ago but now seems more like hostility cloaked as advice. They’ll come brandishing out-of-context Shakespeare quotes and bemoaning the state of tort reform in two-sentence talking points and will aggressively accuse you of mortgaging your future only to be turned into a bigger and more useless jerk than you already are. There may be something to that last bit, actually, but now’s not the time to sort all that out.

You’d like to imagine, after having probably taken some time off, invented PCR, joined and left the academy, or done some other remarkable thing with your giant brain, that you at least have a reasonable shot at being good at and might even enjoy this “thinking like a lawyer.” What this usually refers to, I’m guessing, is mostly a kind of unalloyed reasoning process, having something to do with the ability to dispassionately carve up complex problems into their constituent parts and progress logically to a solution.

Pleasant surprise time: most of it really isn’t that new. Sure, there’s something uniquely systematic and initially slightly foreign about reading and processing caselaw. But if you’ve worked at all with texts or done any scientific problem solving (making a bong out of your Mountain Dew emphatically does NOT count), or even been able to reliably find Waldo, you’ve probably got the tools to do a passable job at reading legal opinions after some practice. That these opinions often more closely resemble Lewis Carroll’s Jabberwocky than something you’d expect to be a guide to the law will provide a considerable obstacle to your understanding. But eventually you’ll learn to distinguish legal sense from nonsense as well.

Like the MBA, the JD is a professional degree, and you should be prepared to be somewhat underwhelmed by the intellectual stimulation offered by some of the courses you’ll have to take. But look on the bright side: judging from a very small sample of, well, me and my roommate, your legal training will amplify your already heightened sense of your own rightness. And at the very least you will gain the ability to verbally bludgeon your mildly inebriated friends at home into acknowledging how right you are about everything all the time. Now, there are less expensive ways of becoming no fun at parties, but this is the particular one you chose, and you should embrace it. Or at least use your new power with care.

Indeed, what should instill you 1Ls with The Fear is not the Socratic method but rather the prospect of turning into that annoying cocktail party lawyer who thinks the rest of the civilized world always gives a crap about the fine distinctions that you’re going to be learning to care about. I believe that people who come into law school as tactful, empathetic people will usually emerge pretty much unscathed, taking with them some valuable tools and hopefully discarding whatever obnoxious groupthink tendencies are engendered by a prolonged suckling at a common teat. Thankfully, most of us are no longer 18 and therefore not as susceptible to turning into the legal equivalent of the obnoxious freshman philosophy major who’s just had his first Hegel-induced erection. But let this be a reminder: law school doesn’t have to change who you are. That may sound incredibly obvious and corny, but it becomes less self-evident the deeper in you get.

Not only does law school seem especially successful at burning think-like-a-lawyer pathways into the brains of eager, impressionable students, but it also seems to lock them irreversibly into writing really really lame prose. I would never begrudge your looking forward to peppering your casual speech with archaic latin phrases in that typically student-y way that results in a lot of creolization and awful puns. See, for example, my 7th grade Spanish class and the inevitable deployment of the made-up verb ‘ramajar,’ which provided four marking periods of juvenile comic relief before our teacher relented and finally taught us some sex slang. But there really should be an activist group lobbying against the yearly creation of thousands of head-smackingly dull prose stylists. On the other hand, according to one Georgetown Law professor at an event I attended before law school, few of his students knew how to write in the first place. So maybe there’s something noble in merely teaching us how to write a minimally comprehensible complete sentence, even if it’s only minimally comprehensible to a small subset of the population. That being said, your first exposure to Alex Kozinski or Oliver Wendell Holmes should convince you that you don’t have to give up writing lucid, unique prose in order to be precise and persuasive.

And so with that, here’s some unsolicited but heartfelt advice:

  1. Continue to do other things that make you happy. Law school can be dull and all-consuming, but everybody here used to have interests and even passions that didn’t involve Aspen Publishing. Keep doing them or your soul will die a thousand deaths.
  2. Having more or less failed at doing this during my 1L year I know it’s difficult, but try to keep reading stuff for pleasure. Whether it’s fiction or non-fiction or the Superficialist, it will be good for both your writing and your mental health to think about other things for some non-trivial amount of time every week. If you have to write it into your iCal in order to get it done, do it.

And finally, and most importantly:

  1. Give your classmates a break. Most people are kind of scared and intimidated and self-conscious about seeming smart. If on a daily basis you can try and be self-aware enough to acknowledge your own similar feelings, it’ll be easier to cut the kid in the front row some slack for being a bit overeager and obnoxious. This will probably take a substantial amount of effort and concentration. And, if you are like me, some days you won’t be able to do it. But on most days, if you’re conscious enough to give yourself a choice, you can choose to look differently at the guy or girl in your section that everybody dismissed as a gunner on the first day. Some of those people may be assholes, but many of them are good and well-meaning. Empathy isn’t a skill that is taught here, but if you can at least attempt to give people the benefit of the doubt, I’ve discovered they often surprise you.

1Ls, I wish you [way more than] luck!

Ur Doin’ It Wrong: Why Your Facebook Status Message Sucks

One of the great contributions of the past decade to the social theory of the Internet is John Gabriel’s Greater Internet Fuckwad Theory, which states that the proliferation of “Shitcock!”−shouting “Total Fuckwads” on the Internet is the natural result of giving relatively normal people anonymity and an audience. I submit to you that there’s a related, parallel theory that explains or at least describes the behavior of otherwise circumspect people who use their Facebook status messages in order to share things they would never dream of sharing with a group of people that often comprises best friends, sworn enemies, forgotten acquaintances, and that guy they dated and contemplated marrying but who then slept with their French teacher at their graduation party.

These people would be better off if, having learned from Odysseus’ leisurely sail past the Sirens, they recognized that inviting blank box as the alluring but dangerous thing that it is and swore off completely. Unfortunately, Facebook doesn’t allow us to disable the status update, and even if they did few would do so. And even fewer of those people would be the people who would most benefit: those for whom their status message is a menace to themselves and others.

Facebook and its insidious use of the term ‘friend’ encourages a kind of willful self-deception that results in a massive amount of what today’s youth call ‘overshare.’ This oversharing can be about the boring details of daily life or the spicy, intimate details of what, at least for law students, could not possibly be daily life, but the result is that lots of stuff that would be better off kept a mystery is broadcast to hundreds of people via the News Feed.

Given that even the ersatz-friendship of Facebook is reciprocal⎯in that you have to accept someone’s friend request and in doing so generally also allow them to follow your status messages⎯it makes sense that people who are not committed emotional exhibitionists in the land of bricks and mortar but still have a desire to share how cool or sad or ironically lame they are would find the Facebook status message seductively appealing. Unlike Twitter, which is explicitly designed for communicating things to a known blend of friends and strangers, Facebook embeds the status message in your profile and then sends it out the back door via the News Feed. This allows people to engage in diary-like confessionals for the benefit of a few people while maintaining the barely tenable illusion that the dumb or embarrassing things being shared aren’t going directly to everybody else as well.

Once Facebook moved from isolated profile pages to its current news feed/gossip aggregator format, it implicitly asked an important question of everybody that uses the service. Because you are likely Facebook friends with people that play different roles in your life, and because you can’t negotiate all those relationships at once, will your Facebook presence tend towards a reflection of the lowest level of friendship or the highest? Will you act on Facebook as if everybody is your actual friend or as if everybody is that creep from the snack bar who tried to sit on your lap and then made you accept his friend request on your iPhone before he’d let you go?

One of the unfortunate consequences of the News Feed is that lots of people that you are friends with for reasons other than actual friendship are receiving your status updates. Facebook allows you to change this away from the default, but restricting the flow of your status updates requires either creating and diligently maintaining friend groups or manually adding individual friends to a list that is allowed to view your updates. Because most people secretly want non-friends to be able to read at least some of their status messages (when they are being studious or winning awards or having sex with someone above their station), most people are content with the default setting of free and open sharing. This is generally bad. It’s bad because for a whole host of people who may not care about you and may not even know you, patterns begin to emerge and conclusions drawn based on infrequent expressions you may view as trivial. For students, who are virtually obligated to form Facebook relationships with lots of people they aren’t actually friends with, this badness can manifest itself regularly. With that said, I’d like to give a few examples of status messages that might deserve a second thought the next time you think about putting them up.

The “I Am Smarter Than A Supreme Court Justice” Status Message

Well, for starters, you almost certainly aren’t. But even if you are, your very public acknowledgement of the fact makes you a jerkoff. Any status message that bears even a familial resemblance to “LULZ Scalia’s conception of agency deference is TOTES STUPES!!!11” is probably best left to class or your blog. Everybody that’s friends with you from law school knows you’re in law school, and your other friends probably think your law school status messages are insufferable. There’s a difference between taking learning seriously and making your seriousness a performance piece. Do you ever find yourself in public places engaging in the elaborate pantomime of the Serious Law Student? Do you always read casebooks on the airplane? Are they sometimes upside down? If so, I’m talking to you.

Relatedly, there should be a blanket prohibition against having a citation to the Federal Reporter anywhere on your Facebook page. State law citations, however, are sufficiently plebian to warrant occasional but judicious usage.

The “I AM IN THE LIBRARY ALL THE TIME AND LAW SCHOOL IS SOOO HARD” Status Message

We get it. It’s Law School and there’s a curve. We’re all in competition with each other and you’re studying RIGHT NOW no matter how nice it is outside. Nobody cares.

Keep in mind, though, that the less explicit the declaration, the worse it is. So, for instance, if your way of announcing your constant presence in the library is, “At least the green carpeting is keeping me in the St. Patrick’s Day spirit!!!!,”then your status message is more reprehensible than if you merely said, “I used to love binge drinking green beer in college but now I’m in the library. Gee, isn’t this a lamentable state of affairs?!” Any similar message that purports to be about something besides your need for validation of the amount of time you do or do not study is presumptively lame.

The Self-Pitying/Soul-bearing Status Message

Not much needs to be said here. If your message is a cry for help, or an attempt to prompt your friends to ask you how you are, try to find a way that’s less like spam. If, as is more often the case, what you’re doing is more like public self-flagellation, start a blog, which will let people opt in, an option that Facebook currently does not offer unless I don’t want to see any status messages in my News Feed. And clearly that’s not a world I want to live in.

We all acknowledge that we’re not actually friends with everybody we’re ‘friends’ with on Facebook, and the sooner we all acted in a way that reflected this reality, the better off we’re going to leave the world for our children.

Book Reviewish Substance: The Startup Game, ch. 1-2

I’m making my way through the canonical* venture/startup literature and thought I’d try out a few different ways of reviewing the books. Epic poetry, rap homage, and Serious Book Review are all on the table for future iterations of this feature.

*By “canonical” I mean I asked a few friends and mentors in the industry to recommend stuff to read and these books were mentioned by more than 1 person.

For this first go around I chose William Draper III’s The Startup Game: Inside the Partnership between Venture Capitalists and Entrepreneurs and will be writing up one post per chunk of the book, where chunk is defined as the number of pages I read before falling asleep. I imagine this will amount to 2 -3 posts for the entire ~225 page book with the potential for a wrap-up post if there’s a sufficient amount of synthesizing that such a summary would be worth doing.

William Draper III is the meat in the single-decker sandwich that is the Draper Family Venture Capital Dynasty, which started with his late father (Bill, Jr.) in the mid-20th century with the formation of Draper Gaither Anderson, the West Coast’s first VC firm, and continues today with his son Tim, the founder of the iconic Silicon Valley firm Draper Fisher Jurvetson. If that family sandwich analogy makes you uncomfortable, instead imagine a family of Joe Montanas terrorizing the NFL for 40 years. Except instead of the NFL, it’s venture capital. You get the idea.

The sticker on the side of the book says “biography.” And although a good biography can be worth reading, the genre is littered with so much self-indulgent dreck that I did feel my forehead crinkle a bit with consternation when the book started out with a seemingly overlong anecdote about a quaint dining establishment. I steeled myself in anticipation of the portrayal of the quirky but resolute diner owner who would serve as a narrative foil for the entrepreneurs that we would meet in the rest of the book. And there is a bit of overwrought Gladwellian scene-setting in the first few chapters, with longish strings of adjectives describing people we don’t quite care about yet. It reminded me a bit of that Uncle–or dinner guest of unknown provenance–who has great stories but an anti-ear for detail. So, kind of like Thomas Friedman except with good stories. Draper does ultimately reveal himself to actually have been up to something with the inclusion of the first 10-20 pages, but there was just enough homespun fluff to get a guy worried.

Also probably turns out I was being a bit of a snob.

As someone who used to spend a lot of time reading Difficult Fiction, academic philosophy and other varieties of similarly wonky prose, I still sometimes catch myself needing something to be hard in order to feel like I’m learning. Although this book isn’t high concept or written with a whole lot of verve, it’s full of great information that would probably just be obscured by a more academic delivery. Draper’s family was there at the creation of the VC industry in Silicon Valley. He participated in or had front row seats for many of the legendary tech financings in the past few decades. The guy, unlike yours truly, decidedly does not need to dress up his story with a bunch of flowery adjectives or literary pretense.

For those familiar with the VC industry, there isn’t tons of new information in these first few chapters. But Draper’s retelling has the benefit of being informed by actually being present for much of the interesting history. His father’s firm, Draper Gaither Anderson was not only the first West Coast VC firm, but it was the first to use the now de rigueur corporate form of the limited partnership (in 1959). But the LP didn’t take off for a while. During the 60s and 70s (and even into the 80s), limited partnerships were still in the minority. Most funds were publicly traded closed-end funds, mutual funds whose shares must be sold to other investors rather than redeemed from the issuing firm, or SBICs, a new corporate form created by legislation passed during the Eisenhower administration.

In the late 70s and early 80s, money began to flow into the VC industry due in large part to the opening up of the industry to money from pension funds. Draper says on page 45 that “in 1994, the floodgates opened when the law changed and allowed pension fund managers to invest in venture capital partnerships.” I don’t know whether this is a typo or whether he has some other regulation in mind, but the generally accepted finger-from-the-dyke moment in the increase of the capital supply was the 1979 amendment to the so-called “prudent man” rule governing pension fund investments. A 1998 paper by Paul Gompers and Josh Lerner, What Drives Venture Capital Fundraising, details the history:

One policy decision that potentially had an effect on commitments to venture funds via supply changes is the clarification by the U.S. Department of Labor of the Employment Retirement Income Security Act’s (ERISA) prudent man rule in 1979. Through 1978, the rule stated that pension managers had to invest with the care of a “prudent man.” Consequently, many pension funds avoided investing in venture capital entirely: it was felt that a fund’s investment in a start-up could be seen as imprudent. In early 1979, the Department of Labor ruled that portfolio diversification was a consideration in determining the prudence of an individual investment. Thus, the ruling implied that an allocation of a small fraction of a portfolio to venture capital funds would not be seen as imprudent. That clarification specifically opened the door for pension funds to invest in venture capital.

To illustrate what this meant: following the rule change the percentage of total venture capital commitments contributed by pension funds went from 15% (in 1978) to more than 50% in only 8 years.

Draper tells the story of struggling to come up with enough money to start his own VC firm shortly after leaving DGA in 1962. Eisenhower’s Small Business Investment Company Act of 1958 established federally guaranteed risk-capital pools that became one of the dominant investment vehicles in the VC world:

By the time I left DGA in 1962, I had scraped together about $25,000 to invest in a new venture capital company. I had no other assets besides my $40,000 house, which had a $20,000 mortgage on it. Given that thin capital base, setting up my own venture firm seemed like little more than a pipe dream. But about that time, Al Pyott, a friend at Inland Steel [where Draper had worked before quitting to join his father’s nascent firm], sent me a copy of President Eisenhower’s “Small Business Investment Company Act of 1958.” I read it carefully and learned that if I could come up with $150,000 and invest it in an “SBIC,” the government would lend me up to $450,000 for ten years at five percent interest–in other words, three-to-one leverage. Bingo!

SBICs still exist today, but as Draper would soon discover, they are hampered by regulation that prevents them from becoming an engine for massive growth. As one example, investments in any one company were capped at $60k (not overall but per firm).

One bit of Silicon Valley history that I wasn’t aware of prior to reading the book was the role of Fred Terman, Stanford’s Dean of Engineering (and later Provost), in turning Stanford into an engineering powerhouse and magnet for entrepreneurial types. He single-handedly convinced Stanford, Draper says, to put massive resources into turning the engineering school into the best in the world, thereby kickstarting the Great Egghead Migration to Silicon Valley.

Much of the wisdom Draper shares comes in the form of advice that now seems old hat but which Draper had to glean for himself back in the days before there was an army of prolific VC bloggers. Draper talks about his investment in Raychem as equal parts faith in the company’s patented, heat-shrinkable insulation and a strong belief in the team led by found Paul Cook. This emphasis on the quality of the founders instead of their ideas is one that you’ll see repeated by almost all of the most successful venture capitalists. They make investments in people, not things. Companies frequently change tack more than once between an idea’s inception and its deployment as product. So it’s initially preferable to have a group of sharp, industrious people working on a dumb idea than a group of dumb guys working on a smart idea.

As with all books of this type, there is an editorially mandated list of distilled insights. I expect there will be a few more of these before we’re done, but the first such list is Draper’s Five Key Dimensions of VC, which leads off the second chapter on “How It [VC] Works.”

  1. The funders
  2. The team
  3. The pitch, the product & the market
  4. The deal
  5. The relationship

The Funders

This is a fairly self-explanatory element of venture capital. Draper gives a crash course in the history of VC from the early days when funds were almost exclusively based in New York and run by wealthy families with names that you’d recognize (the Rockefellers, the Whitneys, etc.). Next in the evolution was the formation of what most folks consider to be the first modern venture capital firm, American Research and Development (ARD), which was formed in the aftermath of WWII by MIT President Karl Compton and HBS Professor Georges F. Doriot. Institutional investors were not yet on board with VC, hence the structuring of the firm as a publicly traded fund that was marketed mostly to individuals. Draper notes that the choice to make the firm public would ultimately be its undoing because of the strict regulation associated with public companies and the “impossible problem of trying to value a passel of private stockholdings for public shareholders.”

The Team

Two quotes about “the team” suffice to sum up this segment of the chapter:

  1. “Nothing is more important. In fact, nothing is even a close second.”
  2. “There are no strong companies with weak management.”

For an entrepreneur’s similar take on the theme, check out item #2 from Elad Gil’s 4 Ways Startups Fail:

2. Team implosion
Lack of clear decision making? Founders constantly fighting? Hiring a bunch of jerks that irritate everyone? A lot of companies end up imploding due to bad team dynamics leading to a lack of clear direction, internal infighting and backstabbing, and a terrible working environment.
Ways to mitigate:

  • Make sure you and your co-founders have clearly defined roles and there is a single person ultimately in charge who can call the shots.
  • Make sure you and your co-founders can communicate openly, have mature and frank discussions (can you give each other constructive feedback?), and are aligned on where you want to take the company (does one person want to sell early and the other wants to build a long term global business?).
  • Have a high bar for culture and team fit for early hires. Correct hiring mistakes quickly.

The Product, the Pitch & the Market

I don’t want to spoil the joy of reading the entire book for you, so I’ll just note that Draper says you need to know these things well.

The Deal

This section contains some fantastic material on the types of deals that get struck, both between entrepreneurs and VCs and among entrepreneurs/founders. The bit of gold to be found in this section is the story Draper tells of one early-stage company’s rather unsophisticated valuation method:

An unimpressive team of young entrepreneurs came into my San Francisco office and made their presentation for a company that needed $3.5 million to get started. When they finished, I asked what they thought was a fair deal. They said that the company was worth $7 million and that two-third for them and one-third for us sounded about right. I asked how they had arrived at the $7 million valuation. The answer, which the CEO delivered with a straight face: ‘There are seven of us, and we figure that we are worth $1 million each.” I asked them why they didn’t pick up three more employees on California Street before they came in the door…”

Burn!, as the kids say.

Draper notes that, regarding the internal split of equity between the founders, if one founder is taking drastically more than the other(s), that’s a red (he says “yellow”) flag. For an extended discussion on the perils of founder equity, check out Mark Suster’s recent post The Co-Founder Mythology and Nathan Kaiser of npost with The only wrong answer is 50/50: calculating the co-founder equity split.

The Relationship

This section’s first sentence rhetorically asks, “Does the relationship between the entrepreneur and the venture capitalist go beyond money?” No points for guessing that the answer in almost all cases is “yes.” The one “practitioner story” from this section that caught my eye was Draper’s mention of his investment in OpenTable and the frequent strategic wrangling that he engaged in with the CEO, Thomas Layton.

When a reservation is made with OpenTable, each restaurant pays $1 per person. Draper wondered why they didn’t charge $2. Or why they didn’t have the restaurant pay up front for the computerized reservation system instead of leasing it to them.

Or why don’t we just sell them our software and get ouf of the hardware business entirely? They all love us, and right now we are too capital intensive.

This back and forth is used to illustrate the point that venture capitalists are supposed to be business advisers, not just piggy banks in ill-fitting, outdated sport coat and jean combinations. They’re supposed to bring their own entrepreneurial experience, or their wealth of industry knowledge, or their financial acumen to bear on the problems faced by their portfolio companies.

Earlier in this recollection, Draper recalls asking the hostesses at various restaurants around San Francisco what they thought of OpenTable.

After making the investment in OpenTable, I would ask the hostess how she liked OpenTable whenever I saw the computerized reservation station near the entrance fo the restaurant. She would always reply something along the lines of, ‘We love it. We can’t live without it. It has made reservations and our lives so much easier.’

If you were on the Internet last fall, this high praise may be creating a bit of cognitive dissonance for you. In October 2010, Mark Pastore of the restaurant Incanto asked Is Open Table Worth It? from the restaurant owner’s perspective. His answer:

Only one of the dozen or so I spoke with said he felt that OpenTable increased the value of his restaurant and that he wouldn’t imagine opening a new project without it. The rest were less than happy. The recurring themes were the opinion that OpenTable took home a disproportionate (relative to other vendors) chunk of the restaurants’ revenues each month and the feeling of being trapped in the service, it was too expensive to keep, but letting it go could be harmful. The GM of one very well known New York restaurant group, which spends thousands of dollars on OpenTable each month, put it to me this way, “OpenTable is out for itself, the worst business partner I have ever worked with in all my years in restaurants. If I could find a way to eliminate it from my restaurants I would.” Another high-profile, 3.5-star San Francisco restaurateur told me he feels held hostage by OpenTable. For the past several years, his payments to them have been substantially more than he has himself earned from 80-hour workweeks at his restaurant. But he believes that if he stops offering it, his customers will revolt and many would stop coming to his restaurant. So he keeps paying, but carries a grudge and wishes for something better.

Around the web there was and is a ton of complaining about OpenTable out there. Although as Pastore’s critique notes in good politicking fashion, it’s tough to deny that they’re a successful company by most metrics. Obviously OpenTable’s financial health is ultimately wrapped up in what both customers and restaurant owners think of the service. But the fact that this vignette already seemed dated was interesting to me and, I think, highlights the pace of change in the tech scene these days.

In the rest of chapter 2, Draper gives his opinion on the controversial subject of taxation treatment for the carry (usually between 20-30% of the profits) that constitutes most of the VC’s take-home pay. The issue is whether the carry should be taxed as capital gains (more favorable to VCs) or ordinary income.

I believe that capital gains tax treatment has worked extremely well, resulting in a huge boost to the economy as well as giving incentives to the individuals involved.

Draper also discusses one of the unique characteristics of his firm Sutter Hill, which is structured as an “evergreen partnership” and essentially means that it is an open-ended vehicle with no “artificial” expiration date. Most limited partners invest in a venture fund for a period of 10 years, and they’re usually not able to take that money out before the 10 years is up and the fund expires. Sutter Hill doesn’t raise separate funds–the nomenclature for the standard structure involves labeling each fund with a roman numeral, so a fund’s 4th fund is usually Unnamed Venture Fund IV, which was preceded by Unnamed Venture Fund III. Instead, they value the whole portfolio every four years and allow the LPs to take money out at that time.

This structure is one of the reason why the fund does so well, he says, in part because his firm’s structure better aligns the interests of the LPs and the GPs (the general partners/venture capitalists) and that the “series structure” of other funds often hurts the individual portfolio companies when the fund terminates. Maybe I’m missing something important here, but I don’t understand why this would be so. Most of the money in each “series” fund is invested in the first few years. So by the time termination of the fund is even on the horizon, we’re talking about companies that will likely be either obviously thriving or obviously on their way to the deadpool. His point does not seem to be that the condensed fund raising period at the end of the fund distracts the VCs from providing value but rather that the actual termination or threat of termination is the harm.

He probably has a point that the nature of the series structure–in which the first few years are spent doling out the money and the latter stages are spent managing the portfolio companies while simultaneously engaging in a new round of fund raising for the next fund–probably encourages VCs to push money into companies too quickly at times. But it’s unclear to me how a termination date 10 years into the future is the Sword of Damocles that Draper implies.

Bombs Over Baggage Claim

[More law school column reprints.]

This week we’re taking a break from my usual dose of earnest law school-related babbling and moving on, temporarily, to some earnest national security-related babbling.

Like most students I went home for Christmas break. And on Christmas morning I was sitting on my couch, in front of my TV, unwrapping the Roomba I won’t be able to use until I move out of AA and into a dwelling that more closely resembles something an actual adult would live in. You know, the kind of place that’s amenable to being cleaned by a robot vacuum. I was just about to show my Mom a video of a cat riding a Roomba when the newsman started telling me that a well-educated Nigerian guy tried to hide some rather sophisticated but temperamental explosives underneath his testicles.

And like a lot of people I went out later that night with a bunch of my buddies to a local bar with no sign, cheap drinks, and lots of TVs. Eventually the conversation turned away from the fact that our Christmas haul seems to be asymptotically heading towards a stocking full of Brazil nuts & wool socks. One of my friends had seen some mention of the attempted terrorist attack scroll along the bottom of the TV, and after uttering a bunch of expletives he managed to squeak out an indignant sentence or two about how let’s just get us a bunch of those damn full body scanners and plant them down in every major airport in the country and let’s get those TSA fuckers to pull on some rubber gloves and start flippin’ up some balls! I was going to check to make sure alien bodysnatchers hadn’t kidnapped my friend and replaced him with Cletus the Slack-Jawed Yokel before I realized that it’s not only the rah-rah America crowd that feels this way.

This kind of thinking also represents the consistent policy of band-aid security that the government employs every time the terrorists come up with a new way to sneak explosives onto airplanes. And while the measures that are passed in the wake of these attacks don’t represent the entirety of our security efforts, the resources that are devoted to preparing for tactics that have already been used would be much better spent on gathering & sharing real intelligence, the kind of intelligence that will stop more than just the next guy who thinks it’s a good idea to strap a bomb on or around an erogenous zone.

This isn’t to say that our emotional reactions to these attacks aren’t entirely valid. But we need to get better at separating out our immediate, visceral reactions to what amounts to a shocking but still rare event and base our security reaction on actual data. History shows that terrorists are really good at finding new and interesting ways to blow things up. Hell, I’m constantly surprised that a terrorist hasn’t targeted the already miserable security line itself or planted a bomb in some other large and mythically American institution like the mall or the Porn & Karate Supplies store on I-80. But at the rate that air travel is trending towards something out of Demolition Man (minus the omnipresent Taco Bell), if terrorists were to change their targets completely it would become patently obvious that our standard response is completely inadequate.

We have a cognitive bias that makes us fixate on the horrific event, no matter how rare, and we not only overestimate the risk of future events but frequently insist on preparing for something just like them. This is especially true when the events in question involve activities like flying that are not only outside of our control but are already really terrifying to a substantial portion of the population.

The American psyche has been bombarded with the images of terrorism, and our anxiety about bombs on planes is already at Kierkegaardian (!) levels. So the public is primed to not only abide but demand a bunch of showy stop-gap measures in the wake of every attempt, whether successful or not. And one of the unfortunate side effects of placing all this power in the hands of the Department of Homeland Security is that officials have the peculiar incentive to stoke fears of terrorism in the interest of appearing to do something. But actually, one of the under-mentioned aspects of the Christmas Day attack is that the “antiquated” pre -9 /11 security measures actually succeeded in forcing the bomber to make kind of a crappy bomb.

The solution is not to merely “do something” in the interest of appeasing people like Maureen Dowd, who wants Obama to pat our collective head and tell us it’s going to be OK, but to direct the majority of our efforts towards combating the general threat of terrorism and not trying to patch up tiny holes in our security infrastructure after the fact.

Rethinking Rethinking the Cloud

Or: Why Does David Dahl Hate Janitors?

David Dahl is the CTO of Total Attorneys, which provides “law firm solutions” (ed: blargh!) for small law firms & solo practitioners. This appears to involve marketing, virtual administrative services (they will answer your phones and schedule appointments for you), and generally helping with client management. He recently wrote a blog post titled “Rethinking the Cloud” in which he responds to an ABA journal article by Joe Dysart that rightly expressed some caution about law firms’ increasing use of cloud-based software and storage [solutions!].

Indeed, increasing numbers of lawyers are expected to find themselves embracing and endorsing the same computing technologies they now view as risky once they decide the risk is worth it.-Joe Dysart in “The Trouble with Terabytes”

Mr. Dysart is half right. It’s true that most attorneys will embrace cloud technology in the next few years because it’s easier, more convenient and less expensive. But unless misunderstanding abounds, lawyers won’t be making that choice “in spite of the risks”. They’ll be embracing new technology because in addition to being simple, flexible and cheap, it’s safer than the way they’ve always done business.

Here, as elsewhere on the Total Attorneys website, Dahl asserts that not only is cloud computing safer than on-site, but that it’s so safe that “unless misunderstanding abounds” there isn’t even a risk analysis to be done. From the end of the post:

Cloud-based computing, though, is a complete departure from that trend—it may be the first major technological development that offers a solution to security issues for attorneys rather than throwing them into a complicated analysis of acceptable risk. [emphasis added]

This makes no sense. And even if the decision to move some portion of your data to the cloud was a no-brainer, deciding from among the various SaaS (software as a service) providers is no less complicated. I doubt that Dahl would dispute this if asked directly, but in his rush to create business-generating soundbites about the safety of cloud services he ends up ignoring the complexities involved and completely sidesteps the concerns of the ABA article, which raises some very real issues about privacy, data security and the ease with which the government can obtain access to your data.

Dahl’s case for the obviousness of cloud storage takes the form of a tortured analogy:

The security concerns raised in the recent ABA Journal article “The Trouble with Terabytes” reminded me of something I observed a few years ago when my wife and I were building our house. During the transition, we put some of our furniture and other random things in a storage unit, and the security was impressive. Security cameras monitored the premises every hour of the day and night; a locked gate kept the public out, and a lock on the storage unit kept my things locked in – I guess.. That was all very reassuring. Once we were ready to move in, everything left the storage facility, into the shiny new house with a couple dead-bolts – no constant video surveillance or levels of locked doors protecting my couch.

Most business data, even in law firms, lives in a place much more like my living room than that storage facility. Mr. Dysart encourages attorneys to question whether bank-grade encryption is sufficient to protect their client data. However, small firm and solo attorneys often store that data unencrypted on a local machine accessible not only to any employee but to the cleaning crew and the building manager.That data resides on a server protected by a door and a lock not unlike those protecting my couch, whereas cloud service providers typically use servers in secure data centers much more like the secure storage unit. And that’s only the beginning.

In the presentation I linked to above (“as elsewhere” hyperlink), Dahl once again needlessly impugns the janitorial profession. He seems to be exceedingly paranoid about the possibility of malevolent custodians. Which, when you really think about it, does make some sense as everybody knows that the greatest threat to data security is the steady and unacknowledged infiltration of janitorial unions by those seeking to destroy small law firms.

Before we go on, let’s be clear about one thing: David Dahl is not a lawyer. This is, on balance, a good thing for Mr. Dahl, but that does render him a bit more suspect when it comes to his pronouncements about the unalloyed benefits of cloud computing, especially for entities such as law firms that should be thinking seriously about the legal implications of moving their communications and data storage to the cloud.

The Stored Communications Act of 1986 (18 U.S.C. 2701 et . seq.)

The SCA regulates the circumstances under which a company (“electronic communication service” in the language of the statute) can divulge information about a customer’s electronic communications to a private party. Congress passed the SCA to prohibit a provider of an electronic communication service “from knowingly divulging the contents of any communication while in electronic storage by that service to any person other then the addressee or intended recipient.” S.Rep. No. 99-541, 97th Cong. 2nd Sess. 37, reprinted in 1986 U.S.C.C.A.N. 3555, 3591.

Sounds great, right? Well, the government has long maintained that an email is no longer “in electronic storage” once it has been read by the recipient. Moreover, the application of the Fourth Amendment to the Internet is kind of a mess, and the SCA is no small part of that mess. The statute allows the government to access remotely stored electronic communications in certain circumstances without having to get a warrant. Information that has been stored for fewer than 180 days requires a warrant, but 2703(a) & (b) state that for information that has been in storage longer than 180 days, the government may obtain that information using administrative subpoena or a court order. Essentially, for information older than 180 days, the government does not need to show probable cause. This section of the law is arguably unconstitutional, but it’s still on the books.

So, contrary to Mr. Dahl’s categorical statements, this would seem to be a relevant thing to consider when deciding between on-site and remote storage of an entire law firm’s communications. Moreover, once your activity moves to the cloud, you are no longer in control of data retention periods (unless you are able to negotiate this separately). If Google or Yahoo or your email provider of choice decides that they want to retain infinity years worth of data, when the government comes calling, there is no plausible deniability. On the other hand, so long as you’re complying with the laws regarding minimum retention periods, you are free to delete your records. Which means that if there’s nothing for the government to request, there’s nothing for you to divulge.

The final slide in the presentation linked above is the following:

Image and video hosting by TinyPic

I find this hilarious. #1 is not true in any meaningful sense. Being “already in the cloud,” by which I assume he means that almost all of us use a cloud-based service of some sort, doesn’t mean that moving your law firm’s entire infrastructure to the cloud isn’t potentially new or scary. #2 does not compute. The language here is rather ineptly invoking the 4th Amendment search standard from Katz v. United States, which found the government’s action constituted an unlawful search because the person demonstrated a reasonable expectation of privacy over the object involved. I don’t know what Dahl had in mind with this second bullet point, but the result is the creation of a false sense of security about the protections afforded by the law to electronic communications hosted by third parties. #3 may even be true based on the “more often” language, but given that Dahl never talks about the vulnerabilities associated with cloud storage, this isn’t a good faith description of the risks involved either.

It should be clear at this point that I don’t think that Dahl’s analogy of on-site data storage:locked house::cloud storage:high-security self-storage locker is particularly apt. For a much longer and more-expert take on why, check out privacy/security researcher Chris Soghoian‘s work. In particular, An End to Privacy Theatre: Exposing and Discouraging Corporate Disclosure of User Data to the Government & Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era.