Wednesday, July 02, 2008

You can, but should you purge everything?

There are advantages and disadvantages of purging messaging content or saving it

Some still believe that deleting all e-mail and other messaging content is the least risky strategy for their organization, that it reduces risk by eliminating e-mails that might contain damaging content from senior executives, etc. The number of those who believe in a "purge everything" strategy is diminishing rapidly compared to even just a couple of years ago.

At the other end of the spectrum are those who believe in saving everything. While that mitigates some level of risk, it creates other risks, such as preserving smoking guns that you might not have been legally required to produce during e-discovery, for example.

Don't Miss!Read the latest WhitePaper - Troubleshooting Remote Site Networks - Best Practices
The tricky part in all of this is knowing how much to preserve and how much effort to invest in making data accessible. For example, there are a number of vendors that will migrate content from backup tapes into an e-mail archiving system so that content that was relatively inaccessible before can now be easily searched during an e-discovery exercise. Proponents of migrating data from tape to an archiving system argue that it will make data searching dramatically easier, faster and cheaper to search and analyze during e-discovery. They’re absolutely right. However, there is another school of thought that believes that if you leave your data on backup tapes from which it’s difficult, slow and expensive to extract needed data, a judge might not require you to produce it.

To Continue Reading: Click Here
--------------------------------------
Source: Network World
By: Michael Osterman

They Have Ways of Making Your Laptop Talk

Two months ago, the 9th U.S. Circuit Court of Appeals issued an opinion in United States v. Arnold, 08 C.D.O.S. 4533, holding that "reasonable suspicion is not needed for customs officials to search a laptop or other personal electronic storage devices at the border." The Arnold decision has serious ramifications for attorneys traveling with computers, because they can no longer ensure that privileged and confidential legal materials are protected from suspicion-less government intrusion.

On a broader level, the decision is disappointing in its cursory analysis of computers in the Fourth Amendment context. Arnold is a case the 9th Circuit cannot afford to get wrong, and it should be reheard en banc.

In 2006, the 9th Circuit issued another opinion addressing computer searches, in which it predicted, "As society grows ever more reliant on computers as a means of storing data and communicating, courts will be called upon to analyze novel legal issues and develop new rules within our well established Fourth Amendment jurisprudence." Such foresight is in keeping with a circuit that encompasses Silicon Valley and routinely analyzes complex technological issues. Given this outlook, the analysis in Arnold -- in which computers are treated as simple "closed containers" -- is all the more surprising.

The search at issue in Arnold occurred at Los Angeles International Airport, the "functional equivalent" of the border, where federal agents conducting a secondary customs inspection discovered suspected child pornography on defendant Michael Arnold's computer. Although the Fourth Amendment applies to border searches, they are governed by different standards than those regulating searches within the country. Border searches generally are described as either routine or nonroutine, with only nonroutine searches requiring some level of suspicion to conduct. Nonroutine searches are usually physically invasive or destroy a traveler's property.


To Continue Reading: Click Here
---------------------------------------
Source: law.com
By: Nanci Clarence and Craig Bessenger

New Discovery Could Enable Development Of Faster Computers

Physicists at UC Riverside have made an accidental discovery in the lab that has potential to change how information in computers can be transported or stored.

Dependent on the "spin" of electrons, a property electrons possess that makes them behave like tiny magnets, the discovery could help in the development of spin-based semiconductor technology such as ultrahigh-speed computers.

The researchers were experimenting with ferromagnet/semiconductor (FM/SC) structures, which are key building blocks for semiconductor spintronic devices (microelectronic devices that perform logic operations using the spin of electrons).

The FM/SC structure is sandwich-like in appearance, with the ferromagnet and semiconductor serving as microscopically thin slices between which lies a thinner still insulator made of a few atomic layers of magnesium oxide (MgO).

The researchers found that by simply altering the thickness of the MgO interface they were able to control which kinds of electrons, identified by spin, traveled from the semiconductor, through the interface, to the ferromagnet.

To Continue Reading: Click Here
---------------------------------------
Source: Space Daily

How Well Does Software Work as a Service?

You're probably tired of hearing the phrase "think outside the box," but that's an accurate characterization of Software as a Service. The "box" is the computer that sits on your desk; and SaaS is an innovative way to deliver software applications to that computer over the Internet.

Most of us understand computers as appliances confined to their own world. Software applications are installed and launched on independent machines, each computer handles its own processing and storage tasks locally, and the Internet allows computers to communicate with each other.

Today, this tried-and-true model of computing is being transformed by the widespread availability of high-speed Internet access, additional functionality built into Web browsers and tremendous leaps in computing processing speeds. Today's average workers are more mobile, and they demand reliable access to their data and applications, regardless of where they are or what computer they're using.

For example, when you compose a memo to a client, you probably click on your "Start" menu and launch the copy of Microsoft Word that's installed on your computer. When you're done, you probably save the completed file in the "My Documents" folder on the same computer.

But consider for a moment how you would compose that document if word-processing software wasn't installed on your computer. And what if your completed file lived on a Web server somewhere on the Internet, instead of your laptop or desktop? This is exactly what services like
Google Docs and Zoho Writer provide. The idea of online storage is not as far-fetched today as it once was, but the assertion that an online application like Google Docs accessed through a Web browser could replace a locally installed word processor sounds absolutely wacky to many people.

To Continue Reading: Click Here
----------------------------------------
Source: law.com
By: Brett Burney

Web 2.0 and e-discovery: Risks and countermeasures

Enterprise employees frequently use social networking tools, most notably Web-based applications. It's no surprise more organizations are wondering what happens if social networking data becomes relevant to an e-discovery investigation.

How does an enterprise go about discovering and assessing Web 2.0 data? How responsible is an organization, legally speaking, for the information that's out there in the Web 2.0 world? What risks arise from e-discovery as it relates to Web 2.0 data, and how can you mitigate them? In this tip, we will look at e-discovery as it relates to Web 2.0 and consider the strongest options for minimizing risks to the organization.

E-discovery basicsWe begin with a quick look at what e-discovery is and how it can create risk. Essentially, e-discovery is the electronic extension of the legal process of discovery, which Wikipedia defines as "the pre-trial phase in a lawsuit in which each party through the law of civil procedure can request documents and other evidence from other parties or can compel the production of evidence by using a subpoena or through other discovery devices, such as requests for production and depositions."

If you're an IT person, not a lawyer, it's important to note that the rules governing the discovery process now require plaintiffs to address all electronically stored information or ESI. In other words, if your organization faces litigation, it will have to deal with the issue of e-discovery, which will entail a whole lot more than turning over some old emails.

Depending upon your role in the organization, the first you may hear of this is a "notice of litigation" with perhaps a "litigation hold directive" containing a "preservation directive." Here is a generic e-discovery request below. Apart from a few limiting factors, such as subject matter, named persons and a specified time period, the scope of such a notice is likely to be broad; blame standard procedure, not some high-powered attorney pushing his or her luck. If handling such a request seems daunting today, just wait, it won't be long until lawyers attempt to expand the definition of ESI to include Web 2.0.

To Continue Reading: Click Here
----------------------------------------
Source: security.techtarget.com

Archiving with Lotus Notes? Consider native and ISV capabilities

Look for non-intrusive archiving software
Many Lotus Notes users are concerned with how to manage their employees' growing Notes mail files and the associated impact on storage, servers and database performance.

In addition to reducing the size of mail files, administrators - or someone from the organization's legal department - may also be concerned about the management of mail for regulatory reasons or the availability of mail in the event of litigation and an e-discovery request.

This article looks at the key requirements for archiving and how the functionality available in Lotus Notes and Domino can help address those needs.

Optimize storage requirements and reduce the backup window

Some administrators may already be trying to control performance costs by imposing quotas by limiting the size of mail files for users and automatically deleting older mail - anything older than 90 days, for instance. If you've already migrated to Notes 8, you may be in a position to use the enhanced document compression introduced in Version 8.0.1, which, according to IBM, delivered 35 percent in storage savings during initial lab tests.

You may already be using native Notes archiving by moving older mail messages off the Notes mail servers to a database copy, either on a central server or on the user's local computer, manually or automatically. While this provides the advantages of being an out-of-the-box solution supported by IBM and, for the most part, managed by individual users, this approach does have drawbacks and limitations.

- While messages may no longer be on the Notes server, you will need additional infrastructure like servers, databases, and storage.


To Continue Reading: Click Here
----------------------------------------
Source: pcworld.com

Tuesday, July 01, 2008

Ten considerations for email archiving - Part 2

6. What about De-duplication?
De-duplication is a hot topic and most email archiving vendors were early adopters of this capacity-saving technology. Email archivers that support De-duplication will store only one copy of duplicate messages to conserve space and then link the messages in the archive. Some applications apply this only to entire messages, while others "crack" the message objects apart, de-duplicating attachments separately, which saves even more space.

7. Will the legal department be happy?
Although not all email archiving is performed to adhere to regulations, you must be prepared for a possible lawsuit that involves legal holds (this places a lock on certain emails) and ediscovery. Some archives produce exception logs and reports, and support extra-secure back-end storage to ensure that any content produced from them will satisfy the demands of litigation.

EMC's Ferguson points out that records of an archive system can be even more important than user meta data. "Who accessed the archive and what they looked at can be critical," says Ferguson. "This goes to the deletion policy as well; the system must keep track of every deletion that happens to prove that the archive is operating according to collection and retention policies." Some archiving applications can produce chain-of-custody reports for exported content, while others have security features such as encryption and SAS 70 security compliance audits.

To Continue Reading: Click Here
----------------------------------------
Source: searchstorage.com
By: Stephen Foskett

Ten considerations for email archiving - Part 1

More and more companies are archiving their users' emails for business and legal reasons. If you haven't standardised on an archiving product, it can be a time-consuming process to find one that fits your company's needs; there are many choices available and each tool has unique features.

When examining an email archiving product, it's important to know how well it's suited to the specific requirements of the email system it's intended to protect. I've reviewed many of these products and compared their functionality to the requirements of dozens of companies. The following 10 questions will help you narrow down the available email archiving products to those that best serve your needs.

Not all of the following 10 questions will be important to every storage environment, but each one should be considered when making a product selection. You should decide whether or not a particular function is important in your environment. Not all email archiving implementations require legal-hold capability, for example. There can also be a spectrum of answers to each question, and not every environment needs the most extreme, feature-rich solution.

There are many considerations beyond the technical issues outlined here. One of the primary deciding factors in any technology purchase is cost, which itself includes many variables. Vendor reputation, customer service and geographic support coverage may all influence product selection. While these factors aren't taken into account in this article, any one of them may have an impact and must be carefully considered.

To Continue Reading: Click Here
----------------------------------------
Source: searchstorage.com
By: Stephen Foskett

LegalTech West Coast: The Wrap-Up

'LEGALTECHISMS'
While attending the
LegalTech West Coast show, I observed that the e-discovery field covered the exhibit floor almost as well as the rug. Also, I witnessed the EDD vendors tout the features of their software solutions that one would expect of a mature industry.

Standards and Interoperability

Standards-based applications that can interoperate with other software in the
Electronic Discovery Reference Model cater to independent consultants, law firms and corporations who have not found the all-in-one, e-discovery tool. Rhetoric aside, applications that can work together using standards will allow best-of-breed software at every phase in the EDRM and open up options for established players and new entrants in the EDD field to supply software to accomplish discrete tasks. For example: the Extensible Markup Language.

Mimosa announced Nearpoint support for XML, based on the EDRM. The EDRM XML standard will allow Nearpoint to easily transfer electronically stored information in a standard format throughout all the phases of e-discovery. In addition, Mimosa announced the availability of a software developers' kit for Nearpoint and the formation of a partners' program targeted at e-discovery providers.

Customer-Oriented

One of the characteristics of a mature software and services company is how well they listen to their customers and continue to grow their products to service identified needs. And in e-discovery, the needs often translate to more file support to acquire, identify and review e-discovery. Example:
Fios expands e-discovery services to include native processing of the mbox file format.

To Continue Reading: Click Here
----------------------------------------
Source: law.com
By: Sean Doherty

EDD Brings Opportunities: Can You Adapt?

Electronic data discovery is not just raising havoc with trial strategies, risk management decisions, litigation budgets and document retention policies, it's also uprooting traditional support staff job descriptions in law firms, corporate law departments and vendor shops.

With EDD now a $2 billion industry that is expected to double by next year, according to the 2007 Socha-Gelbmann Electronic Discovery Survey, there's a lot of chaos as organizations try to select and use the sophisticated new technology that is necessary to conduct discovery in almost any litigation. Many trial lawyers and paralegals simply do not understand technology (and don't want to), while many IT professionals do not understand the nuances of law.

But for firms and their clients to succeed, there is no choice -- they simply must adapt -- and that includes redefining responsibilities. Traditional support staff roles that segregate tasks into legal (paralegals who handle document coding, deposition summaries, managing exhibits) and IT (harnessing the hardware and software) are about as useful today as floppy disks. Roles are blurring, and new titles are showing up on business cards. And there is a lot of opportunity for the ambitious.

Over the last five years, one definite trend has emerged: new roles for lawyers -- as trial support staff. Firms are hiring nonpartner-track staff attorneys to oversee EDD operations; using partners as ombudspersons to interface between trial lawyers and support staff; establishing e-discovery practice areas; and even spinning off subsidiary EDD companies.


To Continue Reading: Click Here
----------------------------------------
Source: law.com
By: Monica Bay

Compliance, Convergence and How IT Fits

There are more government rules for companies to follow and more legal risks for not doing so. Here’s how to design and implement an effective compliance

With compliance emerging as one of today's most prevalent business issues, multiple corporate functions are beginning to converge in a federated approach to addressing quality, risk and overall compliance management. This convergence, though arguably a more efficient approach, may not be an intuitive state for policies and processes traditionally created in silos. Nor is convergence always a logical process for the people who operate, manage, and implement those policies and processes.

As the visibility of compliance continues to rise, there is a concurrent increase in the importance placed on information technology and the role of the CIO. Like other parts of the enterprise responsible for risk and compliance, IT's mandate has expanded in the post-Sarbanes-Oxley (Sox) environment. Beyond the traditional charge that comprises the fundamentals of keeping the lights on and the company out of trouble, IT and the CIO now share responsibility for making the business better. Ironically enough, one of the most "siloed" of functions has become one of the most well-positioned to do just that.


To Continue Reading: Click Here
-----------------------------------------
Source: cio.com.au

Monday, June 30, 2008

What every IT manager should know about e-discovery

Electronically stored information (ESI) presents increasingly expensive challenges to organizations faced with legal discovery requests. Initially, courts were willing to accept most claims that costs of finding and producing ESI was too high, too onerous, for the responding party. However, recent decisions in Federal courts, as well as changes to the Federal Rules of Civil Procedure, reflect a shift toward holding respondents-the providers of information requested during discovery-responsible to pay for producing ESI. This responsibility is based on the assumption that a reasonable IT manager understands the need for knowing where his or her organization’s information is kept, whether it should be accessible during discovery, how to provide an environment in which documents and other information can be easily placed and kept on “legal hold”, and the how to implement and use the tools necessary to provide them on demand. This is the first in a series of articles in which I’ll explore these issues.


In Part 1, I look at the history of discovery and how we arrived at the current state of ESI discovery management. In the Part 2, I’ll walk through various approaches to mitigating ESI discovery risk and the risk to organizations who fail to do anything until served with a litigation-related request. Electronic messaging and content monitoring/filtering solutions are the topics for Parts 3 and 4. Finally, in Part 5, I discuss the most important element of successful discovery management-employees, the creators and users of information.

This is a big topic, so let’s get started.

History of Discovery challenges

Before we dive into the particulars of discovery, we should settle on a definition, one that we’ll apply throughout this series. The following is taken from Law.com:

To Continue Reading: Click Here
-----------------------------------------
Source: blogs.techrepublic.com

Saved by SaaS: Data backup via Software-as-a-Service

Ta-ta to tapes -- if you've got the bandwidth

The last thing a collision repair shop needs to worry about is a data-storage crash. So when John Sweigart realized the software he'd been using to manage his business, The Body Shop, was no longer compatible with the way they were backing up data, he knew it was time for a different option.

The Garnet Valley, Pa.-based Body Shop, which has four locations in Pennsylvania and New Jersey, has hundreds of records, including images kept on file for appraisers and insurers for at least a year. "It's tons of information and we've had occasions where the server's crashed and we lost data,'' says Sweigart. "We have paper files, but we still have to go back and recreate the electronic files."

Since they have multiple pieces of software to back up and no internal IT staff, Sweigart decided to outsource that headache. He chose backup SaaS provider Verio. For $29 per location per month, The Body Shop has automatic backup of all its disk drives and servers every night.

Before switching to SaaS backup, each Body Shop location kept tapes on hand that an employee had to back up and take home [!!! -- Ed.] at night. "It turned into such a comprehensive process, and you had to make sure it was done right every night and that someone was actually taking [the tape],'' says Sweigart. "We had an incredible sense of paranoia doing all this extra work, and we needed a better option."

Data backup continues to be a challenge for enterprises and especially SMBs, because it requires a multifaceted infrastructure of backup software, networks, servers, disk arrays and tape systems. Many firms have trouble completing backups in the allotted time, and a significant number fail or complete with errors. Often, companies don't protect machines at remote locations because of the hassle, so there are gaps in backup coverage. Because of issues like these, more and more frequently companies are turning to backup software as a service (SaaS) providers, which handle support and maintenance of a variety of applications over the Internet without companies having to invest in any servers or install any software onsite.

To Continue Reading: Click Here
-----------------------------------------
Source: Computerworld
By: Esther Shein

Done in by cell phone

Minneapolis police are using a high-tech device that mines data from phones to help solve some high-profile crimes.

A 37-second cell-phone video made news this year when it led to the conviction of former University of Minnesota football player Dominic Jones for fourth-degree criminal sexual conduct.

But the discovery of the deleted cell-phone video by Minneapolis police was by no means an isolated incident. Armed with search warrants, Minneapolis police are increasingly scanning cell phones for evidence -- they have handled 68 such searches this year -- and they have new electronic tools to help with the job.

It's a case of police work catching up with consumer electronics. Consumers may be familiar with a device that cell-phone providers use to copy an address book from an old phone to a new one.
Now police have a "forensic" version of the device that uncovers scientific evidence for court cases by copying a lot more than address books.

The $4,000 device from Israeli firm Cellebrite, called the UFED (universal forensic extraction device), can read and copy a cell phone's video, photos, text messages, call history and personal audio recordings. Minneapolis police upgraded this year from the firm's consumer-grade device to the forensic one.

To Continue Reading: Click Here
----------------------------------------
Source: Minneapolis Star-Tribune
By: Steve Alexander

Sunday, June 29, 2008

Forcing suspect to divulge password a thorny legal issue

With powerful encryption software available for free on the Internet, law enforcement officials fear they more frequently will encounter greater difficulties accessing information from computers that they seize.

Instead of spending months or even years trying to break the encryption, authorities might have a simpler option at their disposal — forcing a suspect to divulge the password. It is a legally thorny issue with scant precedent, according to legal experts.

In Mobile, federal prosecutors said they never have asked a judge for such a court order.

"We've discussed it," said Maria Murphy, the acting criminal division chief at the U.S. Attorney's Office in Mobile.

It is unclear whether a judge would grant such a request. A federal magistrate judge in Vermont denied a similar request in November made by federal prosecutors there on grounds that it violated the suspect's Fifth Amendment right against self-incrimination. The U.S. Supreme Court has not addressed the issue.

"It's unsettled. We don't really know," said Orin S. Kerr, a law professor at George Washington University. "My own take is it's unconstitutional unless there's some specific circumstances."

It might pass constitutional muster, Kerr said, if prosecutors could prove the user exercised control over the files or granted limited immunity.

'Fascinating question' Other legal analysts, however, said they doubt someone could be compelled to provide a password that could lead police to incriminating information.

To Continue Reading: Click Here
----------------------------------------
Source: al.com
By: Brendan Kirby

Six months and billions of passwords later, federal investigators in Mobile are still toiling to hack into encrypted files

Federal agents in Mobile investigating an accused child predator sent a computer to cyber consultant Gus Dimitrelos on Jan. 2 with a request that he open encrypted files that they believed contained child pornography.

Dimitrelos, a retired Secret Service agent who assists the U.S. Attorney's Office, easily discovered the secret password to log on to the computer. But the encryption hiding the files has proved exponentially more stubborn.

One hundred and 80 days later — having tried some 9.5 billion passwords — a forensic software program working around the clock on the seized computer has yet to break the code and reveal the files' secrets.


In May, prosecutors convicted the computer's owner, Michael Ryan South, of traveling across state lines to try to have sex with a child. Still, Dimitrelos' computers never rested in their efforts to probe South's machine.

"We're going to decrypt it," Dimitrelos said. "I just have to wait. There's nothing else I can do. ... It could be years. We could be having the same conversation three years from now."

Or significantly longer, according to some computer experts.


Nine and a half billion "is not a lot when you're talking about trillions or quintillions of possible combinations," said Philip Craiger, an engineering technology professor at the University of Central Florida in Tampa.

To Continue Reading: Click Here
----------------------------------------
Source: al.com
By: Brendan Kirby

Workers' Text Messages Are Private

The boss can't riffle through employees' electronic text messages or e-mails on company accounts without running afoul of federal privacy protections, the 9th U.S. Circuit Court of Appeals has ruled.

The broad holding on June 18 sharply curtailed the ability of public employers to access the content of personal text messages and e-mails sent at work. Quon v. Arch Wireless Operating Co. Inc., No. 07-55282.

It was unclear how far the holding goes to protect private employees' e-mails held on the employers' own server, although company policies that spell out the authority to read those e-mails would eliminate the expectation of privacy, according to the court.

The appeal stemmed from a lawsuit filed by Jeff Quon, an Ontario, Calif., police sergeant, plus two other police department employees and Quon's wife, Jerilyn, against the department and
Arch Wireless Operating Co., which provides pager services to the city. The company was targeted for providing the city with the contents of text messages the plaintiffs had sent on city-owned pagers, including sexually explicit messages.

To Continue Reading: Click Here
----------------------------------------
Source: law.com
By: Pamela A. MacLean

VoIP Telephony: Keeping a Lid on Pandora's Box

Messages are easily stored and difficult to search, creating particular challenges for e-discovery.

The rapidly evolving nature of information technology has been a boon to almost every industry in modern society. The ability to generate, store, access and transfer immense quantities of complex data almost instantaneously has allowed for levels of efficiency and profitability that were impossible merely a decade ago.

The business world has clearly been a beneficiary of this information revolution. The rabid excitement and enthusiasm expressed by corporate IT professionals and CEOs over each new technological advance is matched only by the level of fear and trepidation of in-house and outside counsel who are constantly faced with the burning question, "How will the adoption of this new technology affect our e-discovery obligations?" In the aftermath of landmark e-discovery decisions such as Zubulake v. UBS Warburg1 and Qualcomm Inc. v. Broadcom Corp.,2 the question has taken on an added degree of urgency.

One particular innovation that promises to fundamentally change the way businesses communicate is a technology known as Voice over Internet Protocol or VoIP. VoIP represents the holy grail of information technology: an inexpensive voice communications system that can be seamlessly integrated with existing Internet, fax, e-mail and teleconferencing technology. Establishing a clear understanding of the technology and the data it generates is essential in order to update document retention policies and litigation hold procedures and for designing effective implementations.

What Is VoIP?

While an in-depth discussion of the technology that makes VoIP possible is beyond the scope of this article, the basic concepts will be briefly discussed in order to provide an overview of what VoIP is, and how it differs from traditional telecommunications technology. It should also be noted that VoIP is a name for a type of technology, and the manner in which it is implemented and administered within a particular system can vary tremendously from one user to the next.

To Continue Reading: Click Here
----------------------------------------
Source: law.com
By: Michael Cukor and Thomas R. DeSimone

Friday, June 27, 2008

Willis says tapes with client data missing

Willis Group Holdings Ltd. is investigating the loss of computer data backup tapes containing client information that went missing while in transit to a storage facility.

The London-based brokerage sent letters to affected clients on Thursday informing them of the loss and explaining that Willis is working with local law enforcement authorities to recover the tapes.

"We have no reason at this stage to believe that the tapes were specifically targeted, or that any information has been accessed or used improperly," Vic Krauze, chief operating officer of Willis North America, wrote in a client letter obtained by Business Insurance. "This was an isolated event, and we believe the likelihood of any potential criminal misuse of the data, while difficult to predict with absolute certainty, is minimal."

Willis has set up a toll-free help line to assist affected clients.


To Continue Reading: Click Here
----------------------------------------
Source: businessinsurance.com

Be a River, not a Dam...with Your E-Discovery Data

Remember storage systems back in the 90's, when storage vendors were promising how SAN, NAS and other monolithic storage devices were going to cure the IT world of all their storage and data management ills? Hard drives were just so darn expensive and data was proliferating at an alarming rate. What was an IT administrator to do, keep adding file servers every week? The storage industry sprinted to provide bigger, better, faster solutions all geared towards getting all of our files into one glorious place, where it would be forever hosted by redundant disks, controllers, nics, power supplies, you name it. Every possible point of hardware failure was made redundant, a pledge to forever protect our data from the swath of destruction caused by static, bad users, bad hardware and other catastrophes.

Those of us in IT rolled up our sleeves, planned our server migrations, and inconvenienced our users by pushing their data from user shares and hard drives to the central storage system. The more Draconian IT shops implemented Windows group policies and other programmatic enforcement to keep users from saving data to unsupported locations. Once the IT migration was complete and all the data was "safe," there was no time to celebrate. As soon as we had moved all the data to one glorious place, we created a new problem for ourselves—some of us had so much data in one place that backup and recovery using our standard tape methods no longer served us. So, off we went to shop for faster tape devices, nearline storage devices, redundant SAN/NAS devices, remote archiving vendors, and more-more-more tools, and expenses, to help us manage our data, which was ironically exploding with greater velocity than prior to our storage leap.

To Continue Reading: Click Here
----------------------------------------
Source: wwpi.com
By: Belinda Runkle

Review E-Discovery to Reduce Spoliation Risks

Have you ever been lucky enough to experience the feeling that comes over you when you learn that your client did not retain e-mails that are pertinent to litigation, whether it be that the e-mails were simply deleted or that your client's computer crashed three years ago and sent potentially relevant e-mails straight into Dante's eighth circle of hell? Quite an unsettling feeling. Despite counsel's best efforts, preservation of electronic information seems to be a constant sore spot in complex litigation.

In a post-Zubulake and Morgan Stanley world, where the amendments to the Federal Rules of Civil Procedure went into effect well over a year ago, the struggle with how to best manage electronic data discovery continues. See Zubulake v. UBS Warburg, 229 F.R.D 422 (S.D.N.Y. 2004); see Coleman Holdings v. Morgan Stanley, 2005 WL 679071 (Fla.Cir.Ct. March 1, 2005).

E-discovery, in simple terms, means the information requested by a litigant which is stored in an electronic format and which the litigant intends to use as evidence in a case. Electronically stored information is more commonly referred to as "ESI." ESI can encompass all forms of information kept in an electronic environment, such as data stored on backup tapes, retained in legacy systems or other data reserved for deletion on hard drives. See Manual for Complex Litigation (Fourth) §11.446 (2003). A client may retain data in a variety of data formats: as e-mail and spreadsheets (active); cookies and favorites (Internet); and embedded information (metadata).

Spoliation of evidence is "the intentional destruction of evidence ..." See Black's Law Dictionary (Sixth Ed. 1990). Notably, intentional misconduct in withholding e-discovery is not required for a court to make a spoliation determination and sanction a party; instead, poor document retention practices, or failure to maintain such practices, may provoke sanctions from the court. See Mosaid Technologies, Inc. v. Samsung Electronics Co., Ltd., 2004 WL 2550306 (D.N.J.), aff'd, 348 F.Supp. 2d 332 (D.N.J. 2004) (holding negligence standard). Sanctions may include monetary fines, an entry of default judgment or even criminal punishment.

To Continue Reading: Click Here
----------------------------------------
Source: Law.com
By: Angela Scafuri

Thursday, June 26, 2008

Full E-mail Archiving Strategy Needed in K-12

The Consortium for School Networking(CoSN) today released a new White Paper, titled School Districts, DataRetention and Federal eDiscovery Rules: The Case for a Full E-mail ArchivingSolution Now, which was developed to help education technology leadersunderstand recent changes to federal laws governing e-mail archiving and dataretention, and to increase awareness about the importance of schools acting inaccordance with the rules. The White Paper underscores the need for a completee-mail archiving solution, and provides recommendations to school technologyleaders for achieving compliance and case studies detailing successfulapproaches taken by school districts around the country. In addition, thepaper sheds light on the policy issues, technology challenges, budgetconstraints and legal implications facing schools as they work to ensure thattheir districts are compliant.

"E-mail has transformed the way we all communicate -- educators, schoolsand school districts included. Because much information is sharedelectronically and federal laws and judicial interpretations are includingelectronic communication as subject to legal discovery, it has becomeincreasingly important for schools to make e-mail archiving a critical part oftheir record-keeping activities," said Keith Krueger, CEO of CoSN.

To Continue Reading: Click Here
----------------------------------------
Source: earthtimes.org

Collaboration 'in the Cloud'

For lawyers, collaboration is not a new concept. To get things done, attorneys must work with others -- clients, colleagues and even opposing counsel. What has changed over the past few years, however, is that technology has caught up with collaboration. Today it's even easier to work with other people, whether they happen to be down the hall, around the corner or on the other side of the world. Most of these collaboration technologies have one thing in common: the Internet.

Microsoft Corp.'s Sharepoint, extranets, and even e-mail are well-known collaborative platforms. But there are innovative, new collaboration technologies that can be found "in the cloud" -- Internet-based sites and services that aren't necessarily designed for the legal community, but that lawyers can use to communicate and work with others no matter where in the world they happen to be.

To Continue Reading: Click Here
----------------------------------------
Source: Law.com
By: Tom Mighell

Wednesday, June 25, 2008

E-Discovery: When Legal Trouble Hits, the Delete Button Will Not Protect You

Many businesses hardly give a second thought to old e-mails, digital documents, and instant messages. But, if you don't know how long employees are keeping these documents, you may very well have some legal time bombs sitting on your company's network or employee hard drives.

Recent headlines serve as a chilling reminder that the e-discovery process can unearth damaging data that sinks careers and company reputations.

Last week, two Bear Stearns managers were arrested and indicted on securities fraud, wire fraud, and conspiracy charges, amid allegations that they defrauded investors in hedge funds that invested money in subprime mortgages. The funds collapsed when the mortgages they were tied to lost value, leading to the loss of $1.4 billion in for investors.

In a fateful e-mail that federal prosecutors turned up during the e-discovery process, one of the managers recommended that they close the funds due to poor performance of bond securities. The two managers had told investors four days later that they were comfortable with holdings in both funds.

The Bear Stearns debacle shows the value of being ethical in business. It also shows the importance of developing best practices and policies to protect your company in case employees do unethical things.

It used to be that the discovery process, used by attorneys to find relevant information for pre-trial motions and trials, was mostly confined to printed documents. But with advancing technology and new forms of communication, the federal rules of civil procedure were modified in December 2006 to include all electronic and digital documents. Only two years later, it's estimated that 75 percent of discovery orders require companies to produce e-mail, and companies that fail to comply face millions of dollars in sanctions and fines. Under the e-discovery requirements, companies also need to pay attention to how they are managing and purging scanned documents, voicemails, instant messages, text messages, and everything in between.

To Continue Reading: Click Here
-----------------------------------------
Source: WWJ Newsradio 950
By: Jenny Cromie

The staff, the thief, the device and its data

With the increasing use of mobile phones, PDAs and laptops as work tools, important company data is removed from the office every day.

Data being leeched from company databases by less secure mobile devices is a common occurrence, making data leakage the big technology issue of 2008. With the increasing use of mobile phones, PDAs and laptops as work tools, important company data is removed from the office every day.

This increase in data sharing promotes an environment suitable for data leakage and is aggravated by the associated use of hot-desking, home working and wireless hotspots. It is further complicated by the shuttling of data back and forth between staff on USB sticks, CDs, DVDs, backup tapes and even iPods. As a consequence, security breaches are on the increase.

Whether it is HM Revenue & Customs losing 25 million records on CDs, the Ministry of Defence losing details of 600,000 servicemen and women in a laptop theft, or the recovery (from beside a bicycle shed) of a USB drive containing the personal details of Perth & Kinross Council workers, cases of data loss appear with uncomfortable regularity.

The Payment Card Industry Data Security Standard (PCI DSS) that is currently being implemented, as well as the forth-coming governance regulations in the Companies Act, will force UK businesses to focus on the problem of data leakage.

Public knowledge

Unlike many other parts of the world, in the UK there is no requirement to disclose data breaches. The Identity Theft Resource Center (ITRC) reports that data breaches doubled to 167 in the US during the first quarter of this year, compared with the equivalent a year ago.

That figure is probably similar in the UK, even without the ITRC figures accounting for the encrypted files that may have been compromised. However, there remains no real breakdown of the number of breaches that are directly related to mobile data.

To Continue Reading: Click Here
---------------------------------------
Source: misweb.com

Three Steps to a Safe Harbor for ESI

A recent survey of 200 United States commercial businesses conducted by Canvasse Opinion found that almost half of the companies do not have a strategy or policy in place on how to deal with electronically stored information in litigation or in internal investigations. Even after a year-and-a-half of sensational headlines, e-discovery appears to remain an afterthought in many corporate minds.

However, there is little doubt that electronic communication continues to present significant challenges to companies and their leaders. The challenges relate to the proper handling of electronic communications and the consequences of sloppy document management. These challenges make it necessary to establish the best practices for e-mail retention and production. We all recognize how important these challenges are, but many are paralyzed from doing anything about them because they perceive the development of a proper response to be a daunting task.

What makes ESI so challenging is its volatility. By its very nature, ESI easily can be modified, overwritten or deleted by normal, everyday use. Routine acts like recycling backup tapes, opening and closing a file, rebooting a computer, modifying a document or running a daily maintenance program can alter or permanently destroy data. Take those intrinsic qualities, and add the "human factor" and common realities such as the increased volume of data, disorganized or nonexistent record retention practices, numerous storage locations of ESI and routine purging, and you have what amounts to a formula for a disaster waiting to happen.

While reported cases about e-discovery abuses usually involve extremes, they do offer insight into what can go terribly wrong with poor electronic communication protocol. In Qualcomm v. Broadcom, F.Supp.2d, 2007 WL 935617 (S.D.Cal.), for example, a California federal court took Qualcomm and its counsel to task for failing to turn over damaging e-mail evidence. Initially, the court ordered Qualcomm to pay Broadcom's $8.5 million legal fees and referred Qualcomm's attorneys to the local ethics board for an investigation into their conduct.


To Continue Reading: Click Here
---------------------------------------
Source: Law.com
By: Fernando M. Pinguelo and Rob Kleeger

Facebook in legal fight for its future

CEO'S CLASSMATES WHO SAY HE STOLE THEIR IDEAS WANT SETTLEMENT REVISITED

A long-running legal battle over whether Facebook founder Mark Zuckerberg ripped off Harvard classmates in launching his social-networking Web site shifted to a San Jose federal courtroom Monday as high-powered legal teams squared off in a fight that could have huge consequences for the company's future.
At issue is whether ConnectU, founded by some of Zuckerberg's Harvard classmates, can reopen a settlement they reached with Facebook over their claims that he stole their ideas and code to start his company. ConnectU claims it found new evidence relevant to the case.


Facebook wants to enforce the settlement, the terms of which have not been disclosed. In fact, much about the case has been shrouded in secrecy, and that was true at Monday's hearing as Judge James Ware barred the public from the courtroom at Facebook's behest.

The potential stakes are enormous.

"The worst case scenario is that Facebook doesn't own its core code and that it's been using someone else's code for the foundation of its company. That could lead to damages that are catastrophic," said Eric Goldman, assistant professor at the Santa Clara University School of Law and director of SCU's High Tech Law Institute. "In the worst case scenario, this could be a fight for Facebook's life."

To Continue Reading: Click Here
---------------------------------------
Source: mercurynews.com