Technology has disrupted many traditional business practices. For example, Banking before and after technology has never been the same. Same way, ever since Cyber Laws became a prominent practice area, lawyers have found that their traditional practice domain has been disrupted.
Today, it is almost impossible to run an efficient litigation without using Cyber evidence and Cyber law. If any firm is unable to make proper use of evidence most of which is in electronic form and also be able to run a good cross examination of witnesses trying to prove or disprove electronic evidences presented, they would find it difficult to be effective as a litigation lawyer. Hence good legal firms have found it necessary to use the services of experts where required and also develop in house expertise in Cyber Forensics.
When it comes to using the services of high end experts, the firms have a difficulty in forging a long term association because those professionals may not be qualified advocates and hence cannot be partners in business.
At the same time, the Chartered Accountants who are already in the domain of whatever is called “Auditing” have also been fighting to get into the space of “Forensics” since their internal audit work in any Corporate environment lands them in fraud investigation in electronic environment and associated Cyber Forensics.
They also have difficulty in forging long term association with Techno Legal experts who can assist them in the auditing work when it comes to “Compliance Audit” or “Fraud Audit”.
Actually, “Cyber Forensics” is an area which is highly technical and should have been a natural domain of a software or hardware specialist. Professionals in this tech field should normally be found in organizations such as Computer Society of India but they seem to be absent in the race for business in Cyber Forensics. There is also a professional group belonging to the “Information Security Domain” which includes those who are certified with diplomas such as “Certified Ethical Hacker”, “CISSP”, “Network Forensics” etc who also claim to be experts in Cyber Forensics and have a say in this domain. But this set of professionals donot have a strong organization and hence most of the Information Security audit work is done by Chartered Accountants with CISA qualification rather than core information security expertise.
This Economic Times Report highlights the emerging Turf war between law firms and the Big Four accounting firms. It is stated that law firms are poaching forensic experts from BigFour firms and even launching legal action charging the Big Four firms of running unauthorized legal practice. (See this report)
Essentially, Law Firms are trying to take protection from the “Advocates Act” which tries to reserve legal practice to registered members of the Bar Council. This tendency for “Reservation” is also present in the Chartered Accountants who also prevent non CAs to join firms run by CAs in providing corporate advise. The Company Secretaries and Computer Society professionals are not so well organized to fight for their own turf in the corporate scenario.
Now that the Delhi Bar Council has taken the issue to the Court, there is going to be a big fight for “Reservation” of business between the Advocates and Chartered Accountants.
Given that the Judicial Community has emerged only from the advocate community, the judicial fight may be skewed towards the advocate community and there is a huge conflict of interest between the Judiciary and this dispute.
The undersigned has always opposed every kind of reservation in life and is not comfortable with the professional agencies using their clout to reserve parts of the business to themselves. ( Naavi himself has faced issues in forging partnership with law firms and CA firms though both use his services for improving the quality of their services.)
However, the Cyber Forensic business is a new business area which involves Technology, Law and Auditing expertise. We can even say that Forensic involves analysis of “Behaviour” of the technology user which is a “Behavioural Science” skill. Naavi has been a pioneer in projecting Information Security as a three dimensional expertise of Technology, Law and Behavioural Science. However in view of the fact that these domains of expertise developed in recent years and there were no formal degrees and diplomas in these fields until recently. As a result the law graduates who claim their right to litigate Cyber Crime cases have no relevant qualification in Cyber Laws nor the Chartered Accountants who qualified in the past and claim their right to auditing today are exposed to technology issues as they should be. Hence the claims of reservation of business based on qualifications appear to be unreasonable.
It appears that a day has come where the “Disruptive” aspect of technology has come into the area of “Reserved Professional Practice” and it is time that the restrictions placed on legal firms partnering non legal practitioners as well as Chartered Accountant forms partnering non CAs should be summarily removed. We must recognize that the technology areas requires collaboration of people with different skills and in the interest of clients who require efficient services, a legal firm needs technology, accounting and behavioural science experts, in their fold and the Big Four or other CA firms also need Cyber Law experts and Experts in international law, taxation law etc in their fold.
Instead of the top legal firms fighting with top accounting firms in Courts, they need to forge an alliance and ensure that the mutual exclusions which they have used in the past which I call as “Reservation Mentality” is dropped and “Merit” prevails in the profession.
We however would advise that both the legal firms and Big Four should not compromise to keep the Information Security professionals outside the area of Information Security Audit and Forensics. In fact these professions should study the case which Delhi Bar Council has brought and implead themselves to put up their arguments if required so that they are not pushed out by the law firms and Big Four from the field of Cyber Forensics.
Probably the case brought up by the Delhi Bar Council has more to do with corporate advisory services in the area of Mergers and Acquisitions and less on Cyber Forensics. However, the principles of “Exclusivity in Professional Practice” is a potential “Frankenstein” and should be curbed before it gains any judicial validity through this case. If IS professionals are negligent, then lawyers and chartered accountants may declare that Cyber forensics is their exclusive business domain and make IS professionals subordinate to either of the professions!.