Last Tuesday, Oct. 1, Frank Rivera, developer of the HoudiniEsq practice management software, posted an article to his blog entitled, “IT Consultant, Friend or Foe: Is Your Law Firm’s Clients’ Private Personal Data at Risk?” In it, Rivera claimed that a North Carolina IT consulting firm, Out of the Box Developers (which does business as OTB Consulting), had exposed a law firm’s confidential client data by placing it on the public Internet, unencrypted and freely downloadable. He also posted a video to YouTube entitled, “OTB Consulting Exposes Law Firm’s Private Client Data — Proof the Data Was Posted Unsecure.” He also posted these items to several LinkedIn groups.

On Friday, a North Carolina Superior Court judge ordered Rivera to take down these posts. As it turns out, Rivera and his company, LogicBit Corp., have been embroiled in litigation with OTC for almost two years. In ordering Rivera to take down the posts, Judge James L. Gale found that Rivera had used material obtained in discovery as the basis for his posts, even though the discovery material was subject to a protective order. The judge wrote:

While Defendants may contend that statements they made were true, Plaintiff Out of the Box Developers d/b/a OTB Consulting denies that it ever disclosed its client’s data publicly on the internet, and asserts that Mr. Rivera’s allegations are false. The significant point is that, regardless of the truth or falsity of the statements, making them violated an order of this court.

The judge order Rivera and LogicBit to “immediately remove each and every instance in which they disclosed to anyone in any way any allegation based on any material governed by the Protective Order entered in this case.”

Rivera and LogicBit have appealed Judge Gale’s order to the North Carolina Court of Appeals.

Meanwhile, Thomas Rowe, managing partner of OTB Consulting, posted his own message to the LinkedIn groups from which Rivera’s message have now been deleted. He wrote in part:

Mr. Rivera posted that OTB had stored our client’s data so that it was publicly available on the Internet, a very serious allegation against someone in our business. He emailed some of that client’s information to members of this group, with the personal identifying information redacted. He was able to access this client’s information because we produced documents in discovery that showed how to do so. Without this confidential information, this data could not have been accessed. This discovery information was the subject of a court order that prohibited its use for anything other than the litigation.

The underlying case appears to involve OTB’s claim that a California law firm and LogicBit unlawfully copied source code for a Time Matters add-on developed by OTB.  The full docket of the case can be found here, but the original complaint is not listed there. As best as I can tell, OTB sued a  California bankruptcy firm, the Doan Law Firm, after it stopped using BKexpress, OTB’s Time Matters add-on, and migrated to the HoudiniEsq platform. HoudiniEsq’s parent company, LogicBit, and Rivera were brought into the litigation at some point subsequent. As far as I can tell without reading the complaint, OTB is alleging that in the migration process, its source code was unlawfully copied.

Two months ago, Judge Gale awarded OTB $38,000 in attorneys’ fees as sanctions for the Doan firm’s failure to comply with discovery orders, as is described on the North Carolina Business Litigation Report blog.

  • Robert, it is only fair that you post my reply to OTB’s accusation.

    My Statements are 100% True and factual and backed up by experts in the field, Syncplicity themselves, and Cyber Security studies.

    I’m a former Sun Microsystems Software Architect and Engineer who has worked on Trusted Solaris, DOD, DJIOC, DODIIS and NSA Projects. I also run a SaaS datacenter that host tens of thousands of documents containing sensitive law firm data. If all you needed was a documents location pasted into a browser to gain access I would be out of business. You need to be logged in and then you need a separate password to access documents. This is how you secure law firm data.

    You placed the law firms client’s personal private data on the Internet and created a public Shared LInk. Syncplicity’s own words my friend.

    Syncplicity has safe guards which you chose to ignore.

    1. Require password to login

    1. Require password to download

    Neither of these options were chosen and we are ready to show our evidence in a court of law. You did not inform the Law Firm principals that you were going to put SSN, Pay stubs, and their client’s Tax Returns on any site and create a PUBLIC SHARED LINK to the files.

    You could have password protected the file or encrypted it yourself so don’t blame Syncplicity. They even provide a expiration time for shared links.

    You call me your competitor. You are not my competitor. LexisNexis and WestLaw are my competitors. You do not create software, you customize a LexisNexis product. I don’t even dabble in the Bankruptcy space. You fear that the Doan Law firm could sell their HoudiniEsq customizations like you sell Time Matters customizations.

    It is apparent that OTB has a real difficulty with Truth and honesty. I would expect no less form a company who sues its former client for fear of competition and a company with a founder who has been disbarred for allegedly stealing his clients funds.

    And you have the audacity to call me a thief!

    True, I did use a email that was produced during discovery but that email is also in the hands of a none party and a personal friend of mine who has been subpoenaed for trial. Further it was not designated confidential. I made a mistake and ignorance is no excuse. I would gladly spend a few days in Jail for unknowingly violating the courts order but I will continue to be transparent Tom.

    To say I’m the one who exposed this data is absurd since my post is 100% obfuscated, including the PUBLIC SHARED LINK’s URL as clearly shown you your very own exhibits and my original post. To claim that something is safe because it has not been discovered isn’t a defense. I don’t know every phone number in the phone book but the fact that they are published makes them public, discoverable and available to everyone!

    Since we are literally neighbors and former colleagues I’m willing to sit with you and McNeill without our attorneys and have a frank honest discussion.

  • robert my attorney says not to respond so please don’t post my response yet.


  • Robert, please correct your entry. OTB does not have any source code whatsoever. They customize Time Matters, using TIme Matters and then use Time Matters to save these customizations so they can be reused. There is no sour code in this litigation other then the migration source code created by LogicBit to migrate the Doan Law firms data from Time Matters to HoudiniEsq.

    PLease correct your post and remove the term source code since it is entirely inaccurate..

  • Now that the above issue has been put to rest. I am so looking forward to our day in court with the founders of OTB Consulting. The trail of slime is long.

    OTB Consulting Founder Disbarred for Theft of Client Funds

    Out of an abundance of caution you should always investigate every individual who will come into contact with your law firm’s data.

    * Motion Excerpt *
    Bob McNeill, the OTB principal who executed the OTB-Doan contract, was disbarred in 1996 for stealing over $135,000 from a client. Ex. K. Defs Mot to Compel, Ex. A (Interrogatory No. 25). OTB has no issue with Mr. McNeill holding himself out as an attorney when he is in fact disbarred. OTB 30(B)(6) Tr 165-168. more here->

  • Tim

    Frank I am a CPA/Consultant. Have used timematters before and must say it was the best of breed. Based on first impression, I think Houdini offers the most comprehensive web-based law firm management system out there.

    I would like to get on board with Houdini but frankly I am concerned about getting entrenched with a company with pending law suit against it.

    I don’t know if there is any basis for OTB’s claim regarding Houdini’s alleged violation of copyright laws. I am not a lawyer, but I was under the impression that if anyone, had a legal basis for filing a law suit it would be lexisinexis not OTB.

    I am curious to find out the status of the lawsuit.

    Please feel free to send me an email.

  • Tim, the status of the Law Suit is that OTB wanted to withdrew just days before trial. I agreed. In case anyone thinks there was some agreement to silence me or to not compete they would be wrong.

    HoudiniEsq will be exhibiting at the NACBA Conference in Chicago April 23-26 2015. My staff will be demonstrating HoudiniEsq for Bankruptcy, Personal Injury and Family Law.

    We are giving away Apple Watches so drop your business card at our booth #110.

    Don’t forget to ask to see HoudiniEsq for iOS. It is probably the most feature rich mobile App for the legal industry today.

  • Brian Byrnes

    I’ve had the pleasure of working with Frank and I’d been an early adopter of HoudiniESQ (but haven’t used it for several years). I was always impressed with how Frank addressed the security of client info, and if Frank was pulling the screen back to show how others were mishandling client info, then anyone who uses cloud systems has a reason to appreciate his perspective — whether you use Houdini or not.