Talking Data with Tudor Borlea (Collibra) : Iron Carrot

Season 4 Episode 4

Welcome to Season 4 of the Law Firm Data Governance podcast. I’m CJ Anderson, founder of Iron Carrot, the law firm data governance specialist. I’m thrilled to have a new season of insights about working with information and data in law firms.

Data governance is the key to unlocking your law firm’s potential. But it’s not the only area of data activity that is important for your firm’s success. That’s why, in this fourth season, I’m pleased to share some information, questions, and top tips about the other areas you might want to consider.

Episode Transcript

CJ Anderson
Welcome to Season 4 of the Law Firm Data Governance podcast. I’m CJ Anderson, Founder of Iron Carrot, the law firm data governance specialists. I’m thrilled to have a new season of insights about working with information and data in law firms. Data governance is the key to unlocking your firm’s potential. But it’s not the only area of data activity that is important for your firm’s success.

That’s why, in this fourth season, I’m delighted to share some of my recent data conversations. My guests this season are thought leaders in their own areas. Each has a unique perspective on the importance of data to law firms. Join us as we talk about capturing, finding, using and governing data in ways that can add meaningful value to the firm’s strategy, operational processes, and everything in between.

So in this episode, I’m really delighted to welcome Trudeau Borlea from Collibra. Welcome Tudor.

Tudor Borlea
Hi CJ, thank you for having me.

CJ Anderson
So let’s start with an easy one, I hope. What’s your current role and can you tell me a little bit about your career journey working with data and how you got here?

Tudor Borlea
Sure. Gosh, where do I start? So, currently at Collibra. I’m running the solution engineering team here in the UK, so we are the people that can listen to the requirements expressed by our customers and business language. We translate those into technical abilities. We build a prototype solution and maybe demonstrate the value of it in the customer’s context. So that’s what I do currently. Now in terms of how I got here before Collibra, my background is in management consulting. I was doing business transformation and data migration programs for large telecom providers. I started working at Collibra a bit more than seven years ago. What Collibra does it offers a system of engagement for data in the enterprise. So we help our customers do more with trusted data, which in effect means being able to find, understand, trust the data they need for the day-to-day business needs. And we have seen tremendous growth in the past seven years and during my time, at least in data space. So seven years ago when I started, we were 100 people and we are now more than 1000. And the conversation I was having seven years ago, where mainly with financial services organizations that had to comply with regulations such as BCBS 239 CCAR at the time and we were educating the market, the data is an asset and it needs to be treated as such. Then GDPR came along and suddenly everyone started to realize that if they don’t treat data as an asset, it will become a liability. So, roughly around that time 2017, 2018, I started working with law firms both as customers and as advisors. So, from an advisory perspective, I remember working with the boutique law firm initially based in Paris, around which aspects of GDPR Collibra was best suited to help with and as a result our first accelerator product for demonstrating GDPR compliance was based on Kannil, the French Data Protection Authority, their requirements. Soon afterwards I took the IAPP Certified Information Privacy professional certification. So, I do that I have to study all the 99 articles of GDPR and I felt I was becoming a lawyer myself. So, I have a computer science background and this was a bit outside of my comfort zone. But it well worth investment, so it gave me a much better understanding of the legal profession. And but much closer to the internal legal team at Collibra. So to this day, I actually work very closely with them. I’m what we call a privacy liaison for my department, which means I respond to surveys on a regular basis for updating our own Article 30 register the register of productivities, identifying new systems or data sets that we’re using that may fall under GDPR. So that’s kind of a quick overview of my history let’s put it and how I came to work with law firms.

CJ Anderson
That’s amazing. That’s quite a journey and it’s a great level of experience and the growth that you’ve seen leads me to ask, can you share your thoughts on the direction that data is going in?

Tudor Borlea
Yes. No, definitely. We work with data every day, right? Data has been trending up in terms of organizations and people’s awareness. I would say in my experience, and again going back 2017, I remember the Economist ran an article on their front cover that said the world’s most valuable resource is no longer oil but data and the expression data is the new oil had been around for some time already, but that’s when it actually burst into the public consciousness and people still refer to that article today. I actually you know it’s become part of the side guys and I remember the excitement at the time within Collibra when that article came out, it was a validation of everything we had been talking about for years already. So our own version of that at the time was treat data like an asset which as I mentioned earlier you know the analogy was with money. In the intervening years I have heard many great analogies that expand on data is the new oil. Things like data is like water. It needs to be clean, it needs to be available on tap. Data is like gold because it’s a critical material in producing digital goods and services. And no analogy is perfect. But for me, maybe the one thing I particularly don’t agree with, with those ones that I mentioned is that they refer to a infinite resource. They compare data to a finite resource and data is the opposite of that. You know more of it can be created every day. You create infinite copies of it and well, with the advent of generative AI, data’s importance and value is now starting to get recognised more than ever, and in fact AI models and in particular ALM’s. So large language models are so hungry for training data that even though we can say, you know, data in general is infinite and unlimited resource. If we talk about good quality data, good quality training data, trusted data sets, then it’s a different story, and AI models can gobble up available data so fast at such a rate that companies are starting to look more and more to synthetic data instead, like data that’s manufactured. That can be done fed to these models. So, in terms of, to summarise, I think where I see data going is it’s becoming more valuable, but not just any data, good quality data, good trusted data is becoming more and more valuable and definitely with AI it’s very just keeps growing a truly it’s an asset now and everybody recognises.

CJ Anderson
So with that growth and that trend towards AI, are you seeing an impact in the governance space from this focus on AI?

Tudor Borlea
Indeed we are. I think the biggest shift is that with AI, everyone thinks that it should be controlled, that it should be regulated. People’s views maybe differ on the amount of control or the amount of regulation. I mean you famously have the boomers and the doomers as they were referred in this recent scandal regarding the schism in the leadership at open AI. You know the boomers being the people who think yeah, I will lead us to a brighter future we should just embrace it and move faster towards artificial general intelligence even and then the doomers being saying look AI can actually pose a threat to humanity so let’s take it slow let’s control it. However, I would say even the most ardent boomers think or agree that it matters what data you feed. The AI models and that it is better to have transparency into what the models are doing, how they generate the output, then to have opaque systems. Like I said, even if you don’t like regulation you would probably agree with that. So, all of this basically means, you know, everyone agrees that AI governance is good, and a few years back we were having conversations with large organisations trying to explain to them what data governance even was and frankly, the word governance had a bit of a yawn inducing quality to its right connotation, and these days we get organisations coming to us and saying we need to roll out AI governance, can you help? And we say, sure, let’s start with the basics. Do you have a data governance structure in place? AI governance is nothing more than a subset of data governance. So, all the best practices from data governance apply to AI governance. Do you understand what your organization is doing with AI? Are re all of these AI use cases documented? Can you explain which data you are using to train the foundational AI models, if you have any. Or what is the inference data used for fine tuning? Can you point to the output of the models? Is it clear how that output is used? Do you have a view of the data pedigree as I would call it, which means it’s lineage, it’s quality, it’s ownership. So you know all of those things. What about access controls, masking policies that are applicable and so on? So, good governance questions that are not new, but now they get a lot more visibility due to the huge focus on AI. And then in fact at Calibra we put in place an AI governance framework that we have been using ourselves for our own AI products that we’re rolling out. And then we’re also providing it to our customers. So it’s a four step continuous process that we use to govern AI across its cycle and it goes something a bit like this. So it goes, you have to define the use case and by that we mean you capture ideas from the business. You assess the feasibility, you define the AI use case, including what data you will use, what models are gonna be leveraged, what’s the intended purpose. Then you set the desired business outcomes. Very important to actually understand why you’re going into this. You said some KPI’s you assess the risks, you assign ownership accountability, then you start identifying and understanding the data. So step #2 is you collect all the data that’s available, but you understand that if it’s if it’s high quality, if it’s certified. Very importantly, whether it’s use in connection, whether use case is actually legally permissible. Very important. Then you document the models you document the results. You trace and track the model, the associated data products. You allow for model analysis and reporting, and then finally to wrap it all up. You run the verification monitoring so you verify the model you continuously monitor it to ensure the quality. You ensure the compliance and of the underlying data products and then you retrain you test, audit your models regularly.

CJ Anderson
There’s all that modeling and that framework. How are people handling the ethics of AI?

Tudor Borlea
A good one. I would say for me the great thing is that people are actually bringing up ethics on a regular basis now. When the AI subject comes along so well, of course my data setting quotes is made up of mainly large organisations across every industry vertical. However, I’m sure it translates into the small and medium enterprises level as well. So, firms are hiring data analytics advisors and those that have been doing this for a while are actually getting prominence. So there are several types of ethical risks from AI, and in particular from generative AI. Now, I won’t pretend I have an exhaustive list, but I can mention a few. Maybe like, like copyright infringement or IP infringement. For example, when a foundational generative AI model is trained on publicly available data, that also happens to be copyright protected. So that can expose the organisation to litigation. Another famous one, or maybe I should say infamous is ethic in terms of ethical risk is fraud. The various types of online scams like phishing that can become increasingly convincing with the use of deep fakes of biometric cloning and things like that, and another big one for corporations that exposed their gen AI models publicly or even internally is a difficulty that the model will guarantee to reflect the cultural values and corporate norms of the organization. So you can’t guarantee that it’s very difficult to make sure that the way the model will behave will actually align with what your values are. So the key thing is that all these risks come from the combination of data plus AI models. There’s no inherent tricks on data, there’s no inherent risk on an AI model. There is a risk when you combine them, so to mitigate that you need to understand that both your data and your AI models and then to understand them you need a strong team. So AI governance is the team sport within our own company. For example, we have set up an AI governance roundtable which brings together a CDO, a CISO, so GDPR information Security Officer, the Ethics Chief, Head of Legal Privacy, HR and business stakeholders. So maybe these are not the exact titles in everyone’s organisation, but I think it’s important to make sure you know who should be involved and to get them involved from the start. Because different groups of people will have different perspectives and they can provide valuable insight into the AI governance program and contribute to ethics handling.

CJ Anderson
That’s a lot, and that’s a really helpful answer actually about who can contribute and how people are handling it. Stepping back from the exciting and fresh world of AI for a moment and coming back to the kind of basics, certainly basics for a lot of law firms is that self serve or democratising data is still that foundational piece that everyone’s aspiring to. How can a platform like Collibra help them with this?

Tudor Borlea
Well, I would say maybe I use a story here, like a quick example. So one of the top ten law firms globally is using Collibra to create a central data environment. So they want to ensure that the firm has data interoperability and maintains data integrity. So what Collibra does for them is it provides a single system of engagement around data. And what makes us stand out is the flexibility and the layering ability of the platform. So it allows everyone across the enterprise to get the context around the data that they’re looking for. But it’s the context that’s relevant to them. So starting from the highest level business users, maybe think CFO, CDO they can see an obstructed high level view and then you can go all the way to Business Analyst, Data Engineers who can dive into the technical detail. So everyone can log into the single pane of glass. Then they can find the relevant information, understand the meaning of data, making informed decisions. But the level of detail it will be very finely tuned to the persona that is using the platform.

CJ Anderson
That’s interesting. I think it would be also helpful to to understand kind of how Collibra is using its own tool to help govern and manage its own data.

Tudor Borlea
Yes and no. I mean we actually are right. So one thing I would say is just because we’re a company that produces and sells data governance and data intelligence software, it wasn’t much easier for us to start governing data. We put in place our own data governance program and we started using our own instance of Collibra for that purpose about 5-6 years ago. And we have learned a lot in the process. We have matured internally. The same way our customers are maturing themselves once they start on this data intelligence journey. And then very importantly, it’s a journey, right? It’s not, you flick a switch and you’re there – never. Right. So currently our product team is using our tool, our engineering team, our professional services, our marketing team, definitely my team as well, engineering team. Our legal team is a key user of the platform as well. In fact, I’m very proud to say our Head of Legal, I saw her demoing how she uses the AI risk assessments feature of the platform recently, right? So look, I mean, you know you you’ve achieved maturity when the Head of Legal can just quickly log in show look this is how we run this is our AI use case register. This is how we run a risk assessment for any new AI use case, and this is the library of everything we have. Everything that’s coming down the pipe and the risk for each of them. It’s part of building that culture and it’s part of building the data literacy and we’re still on that journey. Like I say, it’s a never ending thing. But I would say to anyone who’s just starting, it’s not gonna be easy. but if you approach it in the right way, with an open mind, it definitely can bring a lot of value.

CJ Anderson
That that’s brilliant to hear. I think I wanna pick up on the story you told about working with a with a law firm. Are you and your colleagues seeing an increase in law firm usage of Collibra?

Tudor Borlea
Indeed we are. It’s a pattern that we’ve seen before in other industries as well. So the larger, more mature enterprises, maybe they start the trend and in a few years it becomes a DeFacto standard approach to data to give you an example, when we have more detail on what I was talking earlier. This very large law firm came to us a couple of years ago and their biggest challenge with their data was they were being set up as an LLP, limited liability partnership and this in effect meant a lot of fragmentation. There were smaller groups of people sharing data within their small group. A lot of silos, a lot of duplication, redundancy, and when we first started talking, the firm couldn’t consistently answer to the question how many partners do we have? How many employees? Partners, as they call them. And the strategic their strategic goal was to achieve this one firm, one data position. And the first step towards the strategy was to identify the existing data at the firm. So what they did is they looked at the market for data governance and they the cataloging software vendors, they, you know, they took the Gartner Magic Quadrant and they selected, you know, after a thorough evaluation, they selected Collibra as their data catalog. And with a view to drive systemic data governance under the newly set up data office with their global Chief Data Officer. So, they had a few specific needs from their data catalog, which in the meanwhile, by talking to other law firms, I came to understand a not dissimilar to a lot of law firms out there. So, first of all, they needed a mechanism for capturing important metadata describing ownership intended, meaning, completeness, accuracy, timelessness of data or other of the most important data assets of the organisation. And they wanted to hub that will be a place to exchange and synchronize all this. This metadata UM to create a an enterprise data management platform and very importantly in their initial conversation with us, they specifically stated that these enterprise data management capabilities will allow the organisation to manage data with the same rigor as money. So they actually use that analogy themselves and that’s that you know that that was a very good, very strong sign that there they were taking it very seriously. So in terms of the benefits that they that they got from the Collibra implementation and again this is what I heard, other law firms talk about, I would mention. So they’re analysts and business users are now able to query. Where did this data come from? Like that pedigrees I was mentioning that lineage of the data they have an automated discovery of metadata so that that means they’re less reliant on tribal knowledge that the various SME’s, the wisdom, the tribal wisdom, as it were. They’ve reduced their risk so they created clear documentation of data origin that the chain of custody ownership responsibilities. So all of that in a single platform and then improve data quality. So a clear understanding of meaning, visibility of all data quality measures. So it’s much simpler to determine fitness for purpose for a particular data set and maybe I would also mention cost avoidance, so running impact analysis is a much faster process when you have a data catalog with lineage and so they are reduced costs associated with researching the impact of data changes or introducing new systems or new processes, right. You can very easily understand again through lineage mainly what is the impact down the line downstream? So yeah, I think they defiantly an increase in law firm usage and I see these themes coming again and again.

CJ Anderson
So I know with kind of banks and insurers heavily regulated market, it was GDPR and all the other regulations that that kind of drove there adoption of tools like this is, is there anything and that you can share about what’s driving law firms to adopt data catalog tools like data management tools like Collibra at the moment or is there not really a theme there.

Tudor Borlea
Well I would say first of all, I would call maybe a more mature approach to data. So that’s key driver. So law firms are now hiring CDO’s Chief Data Officers. That’s usually a great sign of maturity, or at least of best intentions with regards to data. So CDO’s themselves have a lot of exposure. I think people who are CDO’s today usually have been operating in the space for a few good years, and then the CDO role is in such a high demand that as a CDO, you probably have had experience across 3 or 4 industry verticals in their career so far. So they’re bringing all those learnings and best practices they’ve developed. They’re bringing with them and then we see that now being adopted and it permeates into the law firm, the law space as well. So CDO’s come with a clear limit, a clear mission. And I’ve seen in the past we were talking maybe to IT architects and now it’s more specialised data architects or Heads of Data, even governance teams. I mean, when a law firm decides to invest in setting up a data governance team, it’s a clear sign they’re looking to take data seriously. They’re looking to modernise their approach to data.

CJ Anderson
That’s brilliant. Cheers. This has been an amazing conversation, but I’m gonna ask you for your final thoughts on data challenges or opportunities for law firms.

Tudor Borlea
Ah well, I think law firms are starting to think about data as a competitive advantage. There are quite a few law firms that are tech savvy, I would say, but being tech savvy and being data savvy are still two different things. So law firms are looking at, are already looking at improving their data processing speed using AI to populate contracts, for example with boilerplate clauses providing greater transparency for billing for you know legal services, reducing the risk and reducing the risk of errors moving away from paper based systems of data storage. So they are used to grow organically, they used to maybe do quite well without worrying having to worry about data. However, at the current scale it’s talking about, maybe the bigger ones as well. They have accumulated a lot of good data and they need ways to speed up, so all that does those stack of paper or data that we say we’ll use it one day and it never got used, well that one day is now. So the lowest hanging fruit is visibility, so identify the data you have, break all the little silos in the organisation, reveal the trove of data out there. Be it matter data pricing data employee or partner data, various KPI that are used across the business. So expose that, curate it, Make it easy to find and relate to attach context to it. The more business context data has, the more useful it becomes and the more visibility everyone in the organisation gets. In other words, the more democratised data is, the more chances of new use cases will emerge, and the more value will be created. So the key here is curation, or what I would call the trust building. So it’s one thing to know that we have this, this data and that data and another thing to able to say, we can make crucial business decisions based on this data. And then the question to ask, once you have identified all of your data is, do you trust your data? So if the answer is less than a resounding yes, how can you make it trusted? Put in place governance structures put in place guardrails that the curation the certification required to ensure that the best datasets bubble up to the surface. Do you have data policies in place? If yes, are they clear? Are they easy to use? Create data policies if you don’t or update your existing ones. If you do. Make them clear, simple, easy to administer, easy to standardise, and once you have identified all of your data, you’ve put good policies in place around its usage. You started curating it, then you can start automating that process. And then the greatest opportunity is getting to the trusted data, which is the most valuable data.

CJ Anderson
That’s a brilliant final thought to end on. Thank you so much for joining this episode.

Tudor Borlea
Thank you very much CJ. Thank you for having me.

CJ Anderson
Thank you for joining me for this law firm data governance podcast episode. I hope you find that conversation with Tudor as interesting as I did. It was great to hear about how Collibra helps customers to do more with trusted data and their approach to treating data as an asset. It was also really good to hear about data as a competitive advantage and that crossover from data governance and AI and AI ethics and how Tudor thinks that’s going and how that’s all working is really exciting. I think hearing a little more about what they see as the benefits a law firm gets from having a tool like theirs and having data governance in place and what data governance can do for them was also really helpful. If you liked this episode please share, like and review it so that more law firm leaders can learn about data governance and how to manage data in law firms effectively. And don’t forget to subscribe so that you don’t miss any of this seasons data conversations with law firm thought leaders. Head over to irconcarrot.com to get in touch with your questions and ideas for future episodes.