Automated backup systems for information technology shouldn't be relied on for archiving purposes, a consultant warns, as new court discovery rules are applied to electronic documents.
Rules now in effect make it more important for businesses to provide for electronic-information archiving and search capabilities before being forced to by a lawsuit, lawyers say.
Amendments to the Federal Rules of Civil Procedure make the availability of electronic records -- transactions, communications, even voice mail -- among the first issues to be discussed in any federal lawsuit. Parties have between 60 and 90 days to confer on a discovery plan after a complaint is filed.
The new rules ensure electronic-information preservation and retrieval is discussed early in the process, lawyers say. That lessens the likelihood that a company would be penalized for being unprepared or appearing to conceal evidence.
Data archiving and retention was the most critical storage priority for North American and European organizations in 2006, according to a Business Technographics survey cited in a Nov. 17 report by Forrester Research Inc. of Cambridge, Mass.
Hurricanes, blackouts, system crashes and the threat of other calamities have focused corporate information technology dollars on system backup. Vendors are beginning to accommodate small and mid-sized companies, too, by packaging backup system elements together or as product line add-ons.
Organizations that are careful to install backup, however, could be unpleasantly surprised if they don't also have a dedicated, searchable archiving system, Forrester industry analysts said.
To view entire article click here
---------------------------------------
Source: mlive.com
By Mark Fellows
Friday, March 30, 2007
Tips for data retention and purging
With the ever-decreasing cost of primary storage, why bother purging data? The status quo is to do nothing. Most legacy applications have never purged data, and new applications are rarely designed to accommodate purging. At the same time, corporate file servers storing unstructured data are forever bloating, and at best, IT is only purging unneeded user data. Only e-mail applications have truly entered the purge arena, but solely for those willing to procure an e-mail archiving product or service.
However, the status quo is about to change. The tides of perpetual data retention are turning due to an evolving culture of corporate governance, federal regulatory changes, and increased pressures to stem the costs associated with overall data bloat.
To understand the problem, let's first explore how we got here: In IT, many shops got lazy and never bothered to purge data, and on the business side, many companies have yet to fully associate ballooning budgets with a lack of data purging.
We have a lot of good excuses, however. Over time, more and more business functions have become automated through technology (e.g., e-mail, document management, databases, ERP, CRM, etc.). Most organizations have experienced sustained organic growth, M&A activities, or both. The explosive growth of user and application data has demanded additional storage capacity, increased performance, and sufficient data-protection measures. Data retention and purging always take a back seat to operational stability, and by the end of the budget cycle are the first to take the hit.
Business perspective
Meanwhile, the "paper people" in records-retention departments have diligently applied policy and process to the way information is managed on paper. The physical nature of hard-copy information presents a more immediate challenge to the business, while digital information is obscured by technology and generally won't fill up hallways and office buildings. Most organizations can direct you to hard-copy information either on-site or off-site and let you know the retention schedule associated with it.
However, if you ask IT where to obtain a specific type of information and its associated retention schedule, good luck. Detailed knowledge about digital information management is difficult to find. Data owners and creators, database administrators, and storage administrators all may have unique perspectives on where and how information lives in the land of ones and zeros. The line of business may have a good idea of what business processes are supported by technology, but usually lack intimate knowledge of data-management practices in place.
To view entire article click here
---------------------------------------
Source: infostor.com
By John Merryman and James Brissenden
However, the status quo is about to change. The tides of perpetual data retention are turning due to an evolving culture of corporate governance, federal regulatory changes, and increased pressures to stem the costs associated with overall data bloat.
To understand the problem, let's first explore how we got here: In IT, many shops got lazy and never bothered to purge data, and on the business side, many companies have yet to fully associate ballooning budgets with a lack of data purging.
We have a lot of good excuses, however. Over time, more and more business functions have become automated through technology (e.g., e-mail, document management, databases, ERP, CRM, etc.). Most organizations have experienced sustained organic growth, M&A activities, or both. The explosive growth of user and application data has demanded additional storage capacity, increased performance, and sufficient data-protection measures. Data retention and purging always take a back seat to operational stability, and by the end of the budget cycle are the first to take the hit.
Business perspective
Meanwhile, the "paper people" in records-retention departments have diligently applied policy and process to the way information is managed on paper. The physical nature of hard-copy information presents a more immediate challenge to the business, while digital information is obscured by technology and generally won't fill up hallways and office buildings. Most organizations can direct you to hard-copy information either on-site or off-site and let you know the retention schedule associated with it.
However, if you ask IT where to obtain a specific type of information and its associated retention schedule, good luck. Detailed knowledge about digital information management is difficult to find. Data owners and creators, database administrators, and storage administrators all may have unique perspectives on where and how information lives in the land of ones and zeros. The line of business may have a good idea of what business processes are supported by technology, but usually lack intimate knowledge of data-management practices in place.
To view entire article click here
---------------------------------------
Source: infostor.com
By John Merryman and James Brissenden
Thursday, March 29, 2007
Costs of Special Master Appointed to Manage Discovery of City's Computers to be Paid by City as Spoliation Sanction
Padgett v. City of Monte Sereno, 2007 WL 878575 (N.D. Cal. Mar. 20, 2007)
Plaintiffs in this litigation sued the city of Monte Sereno and several city employees for civil rights violations and other torts. Among other things, plaintiffs alleged that certain city employees had sent plaintiffs an anonymous, threatening letter that included a newspaper article downloaded from the Internet. One city employee (Rice) subsequently admitted to authoring and sending the threatening letter from her workstation at City Hall. Although Rice indicated that she wrote the letter at her own direction without telling anyone about it, plaintiffs contended that Rice wrote the letter at the direction of other city employees, including the city manager (Loventhal). To explore this allegation, plaintiffs moved to compel inspection of the city’s computers, printers and backup tapes.
The court originally denied the motion to compel on the ground that the burden and expense to the city outweighed the potential benefit of the inspection. Plaintiffs sought reconsideration, and a hearing was held in April 2006. At the hearing, the court specifically ordered counsel to "continue to preserve everything." Counsel for the city asked the court to permit the computers in question to remain in use and represented that "nothing is being deleted."
In December 2006, the court ordered the inspection of certain computer workstations, hard drives and laptop computers used by several city employees, including Rice and Loventhal. In January 2007, plaintiffs learned that the city had destroyed Loventhal’s laptop hard drive in August 2006. According to defendants, a city employee with no connection to the litigation serviced Loventhal’s laptop after it had “crashed,” and then inadvertently discarded the defective hard drive. Plaintiffs disputed the city's explanation for replacing and discarding the laptop hard drive, and filed a motion for terminating sanctions, monetary sanctions, and entry of default judgment.
The court found that the city and Loventhal failed to take adequate precautions to preserve Loventhal's computer equipment for forensic analysis. It found that, whether characterized as willful or negligent, Loventhal's conduct was the kind of "fault" sufficient to warrant sanctions, including dismissal, under the court's inherent powers.
The court declined to make a finding as to prejudice. Plaintiffs contended that the spoliation would prevent them from finding positive evidence of collusion between Loventhal and Rice. Defendants argued that plaintiffs had access to other sources of evidence to investigate their conspiracy claim – namely, the city's network server and Rice’s computer hard drive. The court noted that: “Interestingly, at the hearing on this motion, counsel for the City informed the Court that his clients have now just ‘found’ the discarded ‘crashed’ laptop hard drive. No further explanation is provided other than the hard drive has ‘appeared.’" As a result of this development, the court reserved its determination as to whether the spoliation of Loventhal's laptop hard drive prejudiced plaintiffs to the extent that would warrant the imposition of the severe sanctions requested. The court stated it would rule on plaintiffs' motion for terminating sanctions, striking of answers, or entry of default judgment after an inspection of the hard drive was completed.
The court granted plaintiffs' motion for monetary sanctions, and ordered defendants to reimburse to plaintiffs all costs associated with the motion and any subsequent supplement briefings, to pay certain fees of plaintiffs' expert, and to bear the cost of the Special Master that the court had appointed to manage the discovery process with respect to the examination of the computers and servers.
To view entire decision: click here
---------------------------------------
Source: eDiscoveryLaw.com
Plaintiffs in this litigation sued the city of Monte Sereno and several city employees for civil rights violations and other torts. Among other things, plaintiffs alleged that certain city employees had sent plaintiffs an anonymous, threatening letter that included a newspaper article downloaded from the Internet. One city employee (Rice) subsequently admitted to authoring and sending the threatening letter from her workstation at City Hall. Although Rice indicated that she wrote the letter at her own direction without telling anyone about it, plaintiffs contended that Rice wrote the letter at the direction of other city employees, including the city manager (Loventhal). To explore this allegation, plaintiffs moved to compel inspection of the city’s computers, printers and backup tapes.
The court originally denied the motion to compel on the ground that the burden and expense to the city outweighed the potential benefit of the inspection. Plaintiffs sought reconsideration, and a hearing was held in April 2006. At the hearing, the court specifically ordered counsel to "continue to preserve everything." Counsel for the city asked the court to permit the computers in question to remain in use and represented that "nothing is being deleted."
In December 2006, the court ordered the inspection of certain computer workstations, hard drives and laptop computers used by several city employees, including Rice and Loventhal. In January 2007, plaintiffs learned that the city had destroyed Loventhal’s laptop hard drive in August 2006. According to defendants, a city employee with no connection to the litigation serviced Loventhal’s laptop after it had “crashed,” and then inadvertently discarded the defective hard drive. Plaintiffs disputed the city's explanation for replacing and discarding the laptop hard drive, and filed a motion for terminating sanctions, monetary sanctions, and entry of default judgment.
The court found that the city and Loventhal failed to take adequate precautions to preserve Loventhal's computer equipment for forensic analysis. It found that, whether characterized as willful or negligent, Loventhal's conduct was the kind of "fault" sufficient to warrant sanctions, including dismissal, under the court's inherent powers.
The court declined to make a finding as to prejudice. Plaintiffs contended that the spoliation would prevent them from finding positive evidence of collusion between Loventhal and Rice. Defendants argued that plaintiffs had access to other sources of evidence to investigate their conspiracy claim – namely, the city's network server and Rice’s computer hard drive. The court noted that: “Interestingly, at the hearing on this motion, counsel for the City informed the Court that his clients have now just ‘found’ the discarded ‘crashed’ laptop hard drive. No further explanation is provided other than the hard drive has ‘appeared.’" As a result of this development, the court reserved its determination as to whether the spoliation of Loventhal's laptop hard drive prejudiced plaintiffs to the extent that would warrant the imposition of the severe sanctions requested. The court stated it would rule on plaintiffs' motion for terminating sanctions, striking of answers, or entry of default judgment after an inspection of the hard drive was completed.
The court granted plaintiffs' motion for monetary sanctions, and ordered defendants to reimburse to plaintiffs all costs associated with the motion and any subsequent supplement briefings, to pay certain fees of plaintiffs' expert, and to bear the cost of the Special Master that the court had appointed to manage the discovery process with respect to the examination of the computers and servers.
To view entire decision: click here
---------------------------------------
Source: eDiscoveryLaw.com
A Hands-On Approach to Litigation Holds
In Arthur Andersen LLP v. United States, 125 S. Ct. 2129, 235 (2005), the Supreme Court acknowledged the importance of records management policies that provide for the routine destruction of unneeded records under ordinary circumstances. It is, however, common knowledge that such policies should ordinarily be suspended once an investigation or litigation is reasonably anticipated. This is normally accomplished through the imposition of a "litigation hold," the process of notifying employees of their obligations to preserve all potentially relevant records while continuing the routine destruction of non-relevant active and archived data. This may be a company's first line of defense against claims of spoliation or obstruction.
The failure to suspend routine purges of records in the face of litigation has contributed to the imposition of sanctions as high as $1.45 billion on companies, Coleman (Parent) Holdings, Inc. v. Morgan Stanley & Co., Inc., Case No. 502003CA005045XXOCAI (Fl. Cir. Ct. 2005), as well as substantial fines on individual, non-compliant employees, U.S. v. Phillip Morris USA, Inc., 327 F. Supp.2d 21 (D.D.C. 2004) ($250,000 apiece). It may also result in prosecution and imprisonment. See United States v. Quattrone, 441 F.3d 153 (2d Cir. 2006) (reversing conviction).
Implementing a "litigation hold" is not the simple matter it might seem. The challenges are both human and technical. Understanding them may help oppose the admission of harmful records, avoid claims of spoliation and obstruction of justice and exploit the carelessness of adversaries.
HUMAN CHALLENGES
Some challenges, common to both electronic and paper records, involve practical difficulties in the application of settled law. Meeting them may be especially difficult where litigation is merely anticipated rather than pending, such as in the case of a grand jury investigation. These include:
Pinpointing the specific time when litigation becomes reasonably anticipated. This may be an easy call when a grand jury subpoena is received. Other cases may require difficult decisions, such as whether a mere threat of litigation creates a companywide duty to preserve records. Particular employees may anticipate litigation long before relevant information reaches appropriate corporate officials. This raises the question, "anticipated by whom?"
Determining what records should be preserved. Because a grand jury investigation is shrouded in secrecy, it may be virtually impossible to determine the required scope of a litigation hold, especially when complex facts and law are involved. Companies may have to consider suspending all routine records purges. In civil disputes, they must try to predict causes of action, cross-claims, defenses, counterclaims, etc.
Determining how to preserve records. An instant freeze of all electronically stored information would require blocking user access and disabling core software. The potential for business disruption is obvious. A more viable option may be to act quickly (even if not instantly) to impose a broad litigation hold, liberally preserving all records suggested by the subpoena or other event creating the prospect of litigation, and gradually relax it as more information becomes available.
To view entire article click here
---------------------------------------
Source: Law.com
By David F. Axelrod and John A. Walker
The failure to suspend routine purges of records in the face of litigation has contributed to the imposition of sanctions as high as $1.45 billion on companies, Coleman (Parent) Holdings, Inc. v. Morgan Stanley & Co., Inc., Case No. 502003CA005045XXOCAI (Fl. Cir. Ct. 2005), as well as substantial fines on individual, non-compliant employees, U.S. v. Phillip Morris USA, Inc., 327 F. Supp.2d 21 (D.D.C. 2004) ($250,000 apiece). It may also result in prosecution and imprisonment. See United States v. Quattrone, 441 F.3d 153 (2d Cir. 2006) (reversing conviction).
Implementing a "litigation hold" is not the simple matter it might seem. The challenges are both human and technical. Understanding them may help oppose the admission of harmful records, avoid claims of spoliation and obstruction of justice and exploit the carelessness of adversaries.
HUMAN CHALLENGES
Some challenges, common to both electronic and paper records, involve practical difficulties in the application of settled law. Meeting them may be especially difficult where litigation is merely anticipated rather than pending, such as in the case of a grand jury investigation. These include:
Pinpointing the specific time when litigation becomes reasonably anticipated. This may be an easy call when a grand jury subpoena is received. Other cases may require difficult decisions, such as whether a mere threat of litigation creates a companywide duty to preserve records. Particular employees may anticipate litigation long before relevant information reaches appropriate corporate officials. This raises the question, "anticipated by whom?"
Determining what records should be preserved. Because a grand jury investigation is shrouded in secrecy, it may be virtually impossible to determine the required scope of a litigation hold, especially when complex facts and law are involved. Companies may have to consider suspending all routine records purges. In civil disputes, they must try to predict causes of action, cross-claims, defenses, counterclaims, etc.
Determining how to preserve records. An instant freeze of all electronically stored information would require blocking user access and disabling core software. The potential for business disruption is obvious. A more viable option may be to act quickly (even if not instantly) to impose a broad litigation hold, liberally preserving all records suggested by the subpoena or other event creating the prospect of litigation, and gradually relax it as more information becomes available.
To view entire article click here
---------------------------------------
Source: Law.com
By David F. Axelrod and John A. Walker
Tuesday, March 27, 2007
Unified under law
Unified communications offers worthwhile benefits, but beware its potential legal pitfalls
In the litigious world we live in, deploying a unified communications platform in your enterprise could cause more headaches than you bargained for.
The fact is, if you digitize and archive your voice mails, especially on your e-mail server, you are obligated to save them as you would any other relevant electronic document.
Unified messaging -- strictly speaking, a subset of unified communications -- integrates two or three of the so-called store-and-forward technologies: e-mail, fax, and voice mail. The heart of the problem, according to Bernard Elliot, an analyst at Gartner, is the technology behind the creation of a common UI, as there are a number of ways on the back end to design a single UI for e-mail and voice mail on the front end.
Applied Voice & Speech Technologies (AVST), for example, offers four configurations: server, client, secure, and simplified. All unified communications vendors give you one or more of these options.
AVST’s server configuration stores all messages in the e-mail server. Client keeps voice, fax, and e-mail separate, with unification being performed on the client itself. Secure says, “I do not want voice to ever touch e-mail,” so it keeps the three types of messages separate, offering a Web portal for access. Simplified just sends users an e-mail to notify them of a voice message.
Microsoft stores both voice and e-mail messages on Exchange. Cisco gives the customer two choices. Cisco Unity puts everything on one platform; Unity Connection keeps platforms separate.
Now we come to the problem of electronic discovery.
For the most part, voice mail servers expunge voice mails after two weeks, some after 30 days. Unless you are in the financial services industry, you are not required to maintain voice mails beyond that, according to Trent Dickey, an IP (intellectual property) specialist at the law firm Sills Cummis Epstein & Gross.
However, if your voice mail is archived along with your e-mail, as is the case with Exchange or Unity, the Federal Rules for Civil Procedure considers those voice mails to be documents subject to e-discovery regulations in the event of a lawsuit, says Howard Susser, an attorney and partner in the IP department at Burns & Levinson. Dickey agrees.
Going forward, even if old e-mails were expunged on a regular basis, you may be obligated to save new voice mails that are relevant to an ongoing dispute, Dickey says.
To view entire article click here
---------------------------------------
Source: InfoWeek
In the litigious world we live in, deploying a unified communications platform in your enterprise could cause more headaches than you bargained for.
The fact is, if you digitize and archive your voice mails, especially on your e-mail server, you are obligated to save them as you would any other relevant electronic document.
Unified messaging -- strictly speaking, a subset of unified communications -- integrates two or three of the so-called store-and-forward technologies: e-mail, fax, and voice mail. The heart of the problem, according to Bernard Elliot, an analyst at Gartner, is the technology behind the creation of a common UI, as there are a number of ways on the back end to design a single UI for e-mail and voice mail on the front end.
Applied Voice & Speech Technologies (AVST), for example, offers four configurations: server, client, secure, and simplified. All unified communications vendors give you one or more of these options.
AVST’s server configuration stores all messages in the e-mail server. Client keeps voice, fax, and e-mail separate, with unification being performed on the client itself. Secure says, “I do not want voice to ever touch e-mail,” so it keeps the three types of messages separate, offering a Web portal for access. Simplified just sends users an e-mail to notify them of a voice message.
Microsoft stores both voice and e-mail messages on Exchange. Cisco gives the customer two choices. Cisco Unity puts everything on one platform; Unity Connection keeps platforms separate.
Now we come to the problem of electronic discovery.
For the most part, voice mail servers expunge voice mails after two weeks, some after 30 days. Unless you are in the financial services industry, you are not required to maintain voice mails beyond that, according to Trent Dickey, an IP (intellectual property) specialist at the law firm Sills Cummis Epstein & Gross.
However, if your voice mail is archived along with your e-mail, as is the case with Exchange or Unity, the Federal Rules for Civil Procedure considers those voice mails to be documents subject to e-discovery regulations in the event of a lawsuit, says Howard Susser, an attorney and partner in the IP department at Burns & Levinson. Dickey agrees.
Going forward, even if old e-mails were expunged on a regular basis, you may be obligated to save new voice mails that are relevant to an ongoing dispute, Dickey says.
To view entire article click here
---------------------------------------
Source: InfoWeek
Tracking terrorists with click of a mouse
Crime center finds clues in recovered CDs, hard drives
Tucked away in a squat, 1980s-era office park halfway between Washington and Baltimore, 200 digital detectives are scouring the hard drives, MP3 players and compact discs seized from terrorist hide-outs in search of links and clues to their next plans of attack.
If there is a real-life version of the kind of technical wizardry that appears in popular TV shows like CSI and 24, the Defense Department's Cyber Crime Center in Linthicum might come closest to it -- though these cyber-sleuths are quick to say it's not nearly as easy as Hollywood makes it look to piece together files on a bomb-blasted hard drive.
The craft of unearthing data hidden deep inside computer equipment has become known as "digital forensics." And the center's executive director, Steven D. Shirley, predicts it will revolutionize investigations much as DNA did.
Like DNA, digital forensic analysis can place a person at a particular location. It can establish relationships. And it can also provide evidence of activities, plans and intentions, Shirley said.
"Digital forensics is probably accelerating at twice the rate that the impact of DNA did," he said.
Terrorists have gravitated toward modern communication devices for the same reasons business executives do -- they're portable, agile and relatively inexpensive. And the digital footprints terrorists leave behind on laptops, cell phones, and Palm Pilot-type devices are providing a means to find them.
"It's become one of our primary windows on terrorism," said Jim Jaeger, a retired Air Force brigadier general who heads the digital forensics operation at defense industry giant General Dynamics.
To view entire article click here
---------------------------------------
Source: baltimoresun.com
Tucked away in a squat, 1980s-era office park halfway between Washington and Baltimore, 200 digital detectives are scouring the hard drives, MP3 players and compact discs seized from terrorist hide-outs in search of links and clues to their next plans of attack.
If there is a real-life version of the kind of technical wizardry that appears in popular TV shows like CSI and 24, the Defense Department's Cyber Crime Center in Linthicum might come closest to it -- though these cyber-sleuths are quick to say it's not nearly as easy as Hollywood makes it look to piece together files on a bomb-blasted hard drive.
The craft of unearthing data hidden deep inside computer equipment has become known as "digital forensics." And the center's executive director, Steven D. Shirley, predicts it will revolutionize investigations much as DNA did.
Like DNA, digital forensic analysis can place a person at a particular location. It can establish relationships. And it can also provide evidence of activities, plans and intentions, Shirley said.
"Digital forensics is probably accelerating at twice the rate that the impact of DNA did," he said.
Terrorists have gravitated toward modern communication devices for the same reasons business executives do -- they're portable, agile and relatively inexpensive. And the digital footprints terrorists leave behind on laptops, cell phones, and Palm Pilot-type devices are providing a means to find them.
"It's become one of our primary windows on terrorism," said Jim Jaeger, a retired Air Force brigadier general who heads the digital forensics operation at defense industry giant General Dynamics.
To view entire article click here
---------------------------------------
Source: baltimoresun.com
Business Judgment Rule and Preservation Trigger
Ordering litigation hold raises issues similar to taking corporate action
In today's business world, corporate directors are involved in many complicated decisions and, for the most part, if a decision (and the board's decision-making process) is adequate, even if ultimately it is determined to be off the mark or dead wrong, board members are not subject to liability. This aspect of the business judgment rule affords directors a certain amount of freedom to make decisions regarding corporate matters so they can efficiently and effectively govern the complex affairs of the company. Directors cannot be "looking over their shoulder" and worrying whether they might be punished for a misstep.
In today's electronic world, corporations facing litigation must deal with significant logistical and financial challenges, not the least of which is correctly deciding when the duty to preserve relevant information is triggered. Recent decisions by certain federal courts have sent conflicting messages to corporations as to when they should take action to preserve relevant information in anticipation of litigation. Unfortunately, a failure to "get it right" can have serious ramifications, such as sanctions in the form of adverse inferences, monetary fines and dismissal of actions.
Courts facing these issues have focused on companies' efforts to preserve potentially relevant records by examining when the litigation hold was instituted. As a result, many corporate law departments are scrambling to balance their companies' legal obligations under the changes to the Federal Rules of Civil Procedure to preserve information in the face of "potential" litigation with the implementation of litigation holds and the potentially monumental costs of preserving relevant electronic data. Similar to the problem facing boards in determining whether their decisions regarding corporate actions were appropriate, companies do not have the luxury of 20/20 hindsight like someone who is challenging the company's decision regarding the preservation of information.
Do the federal rules changes offer any guidance as to how a company should implement a litigation hold when it reasonably anticipates litigation? Is there a way to provide adequate protection and certainty to companies that reasonably operate with due care and loyalty, including good faith, through the use of established principles of corporate governance when it comes to deciding the trigger for the preservation of relevant information related to future litigation? Should the application of the business judgment rule, which is grounded in such principles, provide such protection and be used as a framework for evaluating claims regarding preservation of documents?
From a potential defending party's perspective, it can be difficult to pinpoint a time when litigation is "reasonably anticipated" because of the limited amount of information that is typically available. It may also be difficult to determine with any degree of accuracy the scope of the potential claim: what the potential causes of action, possible defenses, third-party claims, counterclaims and cross-claims are, as well as who the key players are related to each of those categories. While the case law mostly has failed to provide any benchmark against which to measure a point in time when it would be reasonable to implement a litigation hold, numerous cases addressing this issue note that the defending party needs to move with a sense of urgency because of the way e-data are created, altered and destroyed. A delay as brief as a few days can result in accusations of spoliation if the records are destroyed or if backup tapes are overwritten or destroyed pursuant to the company's record-retention and/or disaster-recovery policies.
To view entire article click here
---------------------------------------
Source: law.com
In today's business world, corporate directors are involved in many complicated decisions and, for the most part, if a decision (and the board's decision-making process) is adequate, even if ultimately it is determined to be off the mark or dead wrong, board members are not subject to liability. This aspect of the business judgment rule affords directors a certain amount of freedom to make decisions regarding corporate matters so they can efficiently and effectively govern the complex affairs of the company. Directors cannot be "looking over their shoulder" and worrying whether they might be punished for a misstep.
In today's electronic world, corporations facing litigation must deal with significant logistical and financial challenges, not the least of which is correctly deciding when the duty to preserve relevant information is triggered. Recent decisions by certain federal courts have sent conflicting messages to corporations as to when they should take action to preserve relevant information in anticipation of litigation. Unfortunately, a failure to "get it right" can have serious ramifications, such as sanctions in the form of adverse inferences, monetary fines and dismissal of actions.
Courts facing these issues have focused on companies' efforts to preserve potentially relevant records by examining when the litigation hold was instituted. As a result, many corporate law departments are scrambling to balance their companies' legal obligations under the changes to the Federal Rules of Civil Procedure to preserve information in the face of "potential" litigation with the implementation of litigation holds and the potentially monumental costs of preserving relevant electronic data. Similar to the problem facing boards in determining whether their decisions regarding corporate actions were appropriate, companies do not have the luxury of 20/20 hindsight like someone who is challenging the company's decision regarding the preservation of information.
Do the federal rules changes offer any guidance as to how a company should implement a litigation hold when it reasonably anticipates litigation? Is there a way to provide adequate protection and certainty to companies that reasonably operate with due care and loyalty, including good faith, through the use of established principles of corporate governance when it comes to deciding the trigger for the preservation of relevant information related to future litigation? Should the application of the business judgment rule, which is grounded in such principles, provide such protection and be used as a framework for evaluating claims regarding preservation of documents?
From a potential defending party's perspective, it can be difficult to pinpoint a time when litigation is "reasonably anticipated" because of the limited amount of information that is typically available. It may also be difficult to determine with any degree of accuracy the scope of the potential claim: what the potential causes of action, possible defenses, third-party claims, counterclaims and cross-claims are, as well as who the key players are related to each of those categories. While the case law mostly has failed to provide any benchmark against which to measure a point in time when it would be reasonable to implement a litigation hold, numerous cases addressing this issue note that the defending party needs to move with a sense of urgency because of the way e-data are created, altered and destroyed. A delay as brief as a few days can result in accusations of spoliation if the records are destroyed or if backup tapes are overwritten or destroyed pursuant to the company's record-retention and/or disaster-recovery policies.
To view entire article click here
---------------------------------------
Source: law.com
The Verdict's In on ABA TECHSHOW
If you were absent from the ABA TECHSHOW last week, then you missed out on the munificent congregation of the best, brightest and most influential minds in the legal technology field.
The 21st annual TECHSHOW, ably sponsored by the Law Practice Management section of the ABA, hosted more than 2,200 attendees, juggled 140 booths in the exhibit hall and delivered 50 superb educational sessions by more than 60 speakers.
As expected, sessions addressing electronic discovery were popular and well-attended. Presentations delivered by premier speakers on the topic, including attorneys Craig Ball and Browning E. Marean III, required additional seating.
SPOTLIGHT ON E-DISCOVERY
TECHSHOW's dedication to e-discovery issues was evident in Judge Shira Scheindlin's keynote address. The Honorable Judge Scheindlin (of Zubulake fame) delivered a sincere and insightful speech to a packed room. She focused her remarks on new questions raised by the four-month-old amendments to the Federal Rules of Civil Procedure and how they impact the traditional adversarial practice of law in this country.
Judge Scheindlin addressed the importance of preparing for the Rule 26(f) "meet and confer" by learning where and how your client stores electronic records and information. Bringing this knowledge to your initial meetings with opposing counsel, and actually sharing that information with them, indicates a change in law practice that does not sit comfortably with many attorneys. Judge Scheindlin recognized the struggles attorneys and judges will face in the near future as they legally define terms like "inaccessible data," "reasonably usable format," and "routine operation of an electronic system."
While e-discovery was certainly a hot topic, this year's TECHSHOW offered enlightenment on many other techie subjects relevant to the practice of law. The track on Microsoft Office was highly attended, as were both tracks on Basic and Advanced IT. Judge Christina Habas (District Court, City and County of Denver) and Judge Herbert Dixon, Jr. (Superior Court of Washington, D.C.) tag-teamed on an excellent presentation discussing trial technology.
To view entire article click here
---------------------------------------
Source: law.com
The 21st annual TECHSHOW, ably sponsored by the Law Practice Management section of the ABA, hosted more than 2,200 attendees, juggled 140 booths in the exhibit hall and delivered 50 superb educational sessions by more than 60 speakers.
As expected, sessions addressing electronic discovery were popular and well-attended. Presentations delivered by premier speakers on the topic, including attorneys Craig Ball and Browning E. Marean III, required additional seating.
SPOTLIGHT ON E-DISCOVERY
TECHSHOW's dedication to e-discovery issues was evident in Judge Shira Scheindlin's keynote address. The Honorable Judge Scheindlin (of Zubulake fame) delivered a sincere and insightful speech to a packed room. She focused her remarks on new questions raised by the four-month-old amendments to the Federal Rules of Civil Procedure and how they impact the traditional adversarial practice of law in this country.
Judge Scheindlin addressed the importance of preparing for the Rule 26(f) "meet and confer" by learning where and how your client stores electronic records and information. Bringing this knowledge to your initial meetings with opposing counsel, and actually sharing that information with them, indicates a change in law practice that does not sit comfortably with many attorneys. Judge Scheindlin recognized the struggles attorneys and judges will face in the near future as they legally define terms like "inaccessible data," "reasonably usable format," and "routine operation of an electronic system."
While e-discovery was certainly a hot topic, this year's TECHSHOW offered enlightenment on many other techie subjects relevant to the practice of law. The track on Microsoft Office was highly attended, as were both tracks on Basic and Advanced IT. Judge Christina Habas (District Court, City and County of Denver) and Judge Herbert Dixon, Jr. (Superior Court of Washington, D.C.) tag-teamed on an excellent presentation discussing trial technology.
To view entire article click here
---------------------------------------
Source: law.com
Monday, March 26, 2007
Is Vista's security all it's cracked up to be?
Microsoft's latest OS under the spotlight
Microsoft claims that Windows Vista it's the most secure operating system the company has ever produced. Five years in the making, Windows Vista promises to lock down the desktop. Microsoft says Vista will usher in the era of "trustworthy computing", a new age in which Windows PCs are more reliable, user experience is improved and the threat of malware becomes a thing of the past.
Only three months into Microsoft's official commercial release of Windows Vista, however, questions are being raised. Antimalware vendors, security experts and even hackers have raised doubts as to the efficacy of the security measures Microsoft has added to Windows Vista. One commentator - blogger Joanna Rutkowska - went so far as to suggest that Vista's security model might be "a big joke".
Microsoft is always an easy target, especially when it makes extravagant claims. The truth is that early testing suggests Vista is significantly more secure than previous versions of Windows.
That doesn't mean that Windows Vista signals an end to Microsoft's security headaches. Some of the pain for IT administrators will subside, but weak spots and their workarounds should be on everyone's mind, as usual.
Administrator no more
One of Windows Vista's most lauded security enhancements is also one of the most criticised. UAC (User Account Control) aims to address a long-standing flaw in how Windows handles user permissions, but its detractors say it doesn't offer enough protection and that inadequate design undermines its effectiveness.
At issue is the role of the administrator account. Best practices dictate that a user should be assigned administrator privilege only when performing tasks that require it, such as installing device drivers or changing the registry. But part of the legacy of DOS is that older versions of Windows were in essence single-user systems. Even on Windows XP, which was Microsoft's first multiuser client OS, users would routinely log in as administrator by default, even for mundane tasks.
This practice made workstations easy to manage, but was a security disaster. When a user is logged in as administrator, worms and Trojan horses have free rein to run amok. Worse, Microsoft's inattention to user permissions encouraged ISVs to use sloppy, insecure programming practices that compounded the problem. Many Windows applications simply wouldn't work unless they were allowed to run with full administrator privilege - that is, to run in the least secure way possible.
UAC attempts to correct these bad habits. Under UAC most software runs at reduced privilege by default. When an application attempts to do something that requires administrator privilege, UAC prompts the user with a dialog box asking for permission to "elevate" the application to the increased privilege level.
Unfortunately, UAC is not perfect. On her blog, Joanna Rutkowska details several flaws in Vista's UAC implementation that are potentially exploitable. For example, software installers are always allowed to run with full administrative privilege, just like in old-fashioned Windows.
In addition, Symantec security analyst Ollie Whitehouse points out thatVista ships with executables that can be used to compromise UAC.
"I still think that Microsoft did a good job with Vista," Rutkowska says, yet the significance of these discoveries is clear: don't expect UAC to eliminate the problems associated with the administrator account overnight.
Programmatic exploits aren't the only way around UAC's protections, either. User behaviour is equally critical. UAC confirmation dialogs can be intrusive and somewhat cryptic. Users might be tempted to simply disable UAC out of frustration, or they might become so numb to the UAC warning messages that they click "ok" without thinking. What's more, they can easily be tricked into doing the wrong thing using social engineering or deception.
To view entire article click here
---------------------------------------
Source: pcadvisor.uk.com
Microsoft claims that Windows Vista it's the most secure operating system the company has ever produced. Five years in the making, Windows Vista promises to lock down the desktop. Microsoft says Vista will usher in the era of "trustworthy computing", a new age in which Windows PCs are more reliable, user experience is improved and the threat of malware becomes a thing of the past.
Only three months into Microsoft's official commercial release of Windows Vista, however, questions are being raised. Antimalware vendors, security experts and even hackers have raised doubts as to the efficacy of the security measures Microsoft has added to Windows Vista. One commentator - blogger Joanna Rutkowska - went so far as to suggest that Vista's security model might be "a big joke".
Microsoft is always an easy target, especially when it makes extravagant claims. The truth is that early testing suggests Vista is significantly more secure than previous versions of Windows.
That doesn't mean that Windows Vista signals an end to Microsoft's security headaches. Some of the pain for IT administrators will subside, but weak spots and their workarounds should be on everyone's mind, as usual.
Administrator no more
One of Windows Vista's most lauded security enhancements is also one of the most criticised. UAC (User Account Control) aims to address a long-standing flaw in how Windows handles user permissions, but its detractors say it doesn't offer enough protection and that inadequate design undermines its effectiveness.
At issue is the role of the administrator account. Best practices dictate that a user should be assigned administrator privilege only when performing tasks that require it, such as installing device drivers or changing the registry. But part of the legacy of DOS is that older versions of Windows were in essence single-user systems. Even on Windows XP, which was Microsoft's first multiuser client OS, users would routinely log in as administrator by default, even for mundane tasks.
This practice made workstations easy to manage, but was a security disaster. When a user is logged in as administrator, worms and Trojan horses have free rein to run amok. Worse, Microsoft's inattention to user permissions encouraged ISVs to use sloppy, insecure programming practices that compounded the problem. Many Windows applications simply wouldn't work unless they were allowed to run with full administrator privilege - that is, to run in the least secure way possible.
UAC attempts to correct these bad habits. Under UAC most software runs at reduced privilege by default. When an application attempts to do something that requires administrator privilege, UAC prompts the user with a dialog box asking for permission to "elevate" the application to the increased privilege level.
Unfortunately, UAC is not perfect. On her blog, Joanna Rutkowska details several flaws in Vista's UAC implementation that are potentially exploitable. For example, software installers are always allowed to run with full administrative privilege, just like in old-fashioned Windows.
In addition, Symantec security analyst Ollie Whitehouse points out thatVista ships with executables that can be used to compromise UAC.
"I still think that Microsoft did a good job with Vista," Rutkowska says, yet the significance of these discoveries is clear: don't expect UAC to eliminate the problems associated with the administrator account overnight.
Programmatic exploits aren't the only way around UAC's protections, either. User behaviour is equally critical. UAC confirmation dialogs can be intrusive and somewhat cryptic. Users might be tempted to simply disable UAC out of frustration, or they might become so numb to the UAC warning messages that they click "ok" without thinking. What's more, they can easily be tricked into doing the wrong thing using social engineering or deception.
To view entire article click here
---------------------------------------
Source: pcadvisor.uk.com
Learning to Manage Records
Keep records long enough to satisfy e-discovery and regulatory requirements but not long enough to aid potential opponents.
Records and information are at the core of every transaction undertaken by any organization. Any inadequacy in this area - including noncompliance with regulations such as the Sarbanes-Oxley Act - can threaten an organization's ability to conduct business.
Still, many organizations lack effective policies and procedures for systematic control of recorded information and, as a result, risk legal liability and extensive penalties for non-compliance with record-keeping regulations.
While all records are created for a reason, they are not all created equal. Add to that a complex regulatory environment, and it can be hard to figure out what to keep and for how long. But a basic understanding of what an efficient records management program consists of-and the consequences of a poor process-can help an organization sort through the confusion.
THE IMPLICATIONS
In a nationwide sampling of state market conduct enforcement information, criticism fell into seven categories: general records, claims, complaints, financials, advertising, policy files and producer appointment/licensing. With fines ranging from a couple hundred dollars to the million-dollar neighborhood, an understanding of the regulatory environment can prove critical. Because litigation is common, knowledge of statutory, regulatory or common law changes is essential to insurance company operations.
For example, a recent change that should be on all insurers' radars involves the Federal Rules of Civil Procedure (FRCP), which govern civil actions brought in federal district courts. In December 2006, the FRCP were amended to address discovery and production of information in digital form-referred to as "electronically stored information" or "ESI." E-mail, instant messaging, flash drives and voicemail are just some examples of electronic records.
One of the amendments provides that, except in extraordinary circumstances, sanctions cannot be imposed for the loss of information "as a result of the routine, good-faith operation of an electronic information system." This safe harbor provision is aimed at protecting companies by preventing federal courts from imposing discovery sanctions against a party for failing to produce ESI that was lost as a result of ordinary business activities.
To view entire article click here
---------------------------------------
Source: insurancenetworking.com
Records and information are at the core of every transaction undertaken by any organization. Any inadequacy in this area - including noncompliance with regulations such as the Sarbanes-Oxley Act - can threaten an organization's ability to conduct business.
Still, many organizations lack effective policies and procedures for systematic control of recorded information and, as a result, risk legal liability and extensive penalties for non-compliance with record-keeping regulations.
While all records are created for a reason, they are not all created equal. Add to that a complex regulatory environment, and it can be hard to figure out what to keep and for how long. But a basic understanding of what an efficient records management program consists of-and the consequences of a poor process-can help an organization sort through the confusion.
THE IMPLICATIONS
In a nationwide sampling of state market conduct enforcement information, criticism fell into seven categories: general records, claims, complaints, financials, advertising, policy files and producer appointment/licensing. With fines ranging from a couple hundred dollars to the million-dollar neighborhood, an understanding of the regulatory environment can prove critical. Because litigation is common, knowledge of statutory, regulatory or common law changes is essential to insurance company operations.
For example, a recent change that should be on all insurers' radars involves the Federal Rules of Civil Procedure (FRCP), which govern civil actions brought in federal district courts. In December 2006, the FRCP were amended to address discovery and production of information in digital form-referred to as "electronically stored information" or "ESI." E-mail, instant messaging, flash drives and voicemail are just some examples of electronic records.
One of the amendments provides that, except in extraordinary circumstances, sanctions cannot be imposed for the loss of information "as a result of the routine, good-faith operation of an electronic information system." This safe harbor provision is aimed at protecting companies by preventing federal courts from imposing discovery sanctions against a party for failing to produce ESI that was lost as a result of ordinary business activities.
To view entire article click here
---------------------------------------
Source: insurancenetworking.com
Saturday, March 24, 2007
Knowing What ESI Stands for Isn't Enough
Judges and lawyers understanding electronically stored information promises better discovery and litigation
On Dec. 1, 2006, the Federal Rules of Civil Procedure were amended to specifically address the discovery of electronically stored information (ESI). The amendments encourage addressing discovery of ESI as early as possible in litigation, provide a procedure for post-production assertions of privilege, address the forms in which ESI is produced, provide an analytical framework for the preservation and production of ESI that a party deems not reasonably accessible and tailor the application of sanctions to the discovery of ESI.
These amendments have been described as incremental, or evolutionary. However, when properly used, technology should lead to faster, more efficient discovery provided the rules are interpreted and applied in accord with Rule 1's mandate that they be "construed and administered to secure the just, speedy and inexpensive determination of every action."
The rules provide an expansive definition of ESI that covers any information that can be stored electronically. Unlike paper records, which were generally stored in a central repository, electronic records are easy to duplicate and multiple copies may reside in numerous locations. These electronic records can also be saved, retrieved and produced in a variety of file formats. To complicate matters even further, ESI is often stored on backup tapes in a compressed format and retained in that form long after the original files have been deleted. Retrieving information from backup tapes is generally more costly than retrieving information that is being actively used, although technological advances and new storage systems may blur this distinction.
The form in which ESI is produced has long been a point of contention between parties and can greatly affect the ease of review and the utility of the production due to both the dynamic nature of certain ESI and because electronic records contain far more information than equivalent paper records. In native format (the form in which the information was created), electronic files contain both "system metadata" and "application metadata," which provide information that is not always available when ESI is produced in TIFF (tagged image file format) or paper form.
To view entire article click here
---------------------------------------
Source: law.com
On Dec. 1, 2006, the Federal Rules of Civil Procedure were amended to specifically address the discovery of electronically stored information (ESI). The amendments encourage addressing discovery of ESI as early as possible in litigation, provide a procedure for post-production assertions of privilege, address the forms in which ESI is produced, provide an analytical framework for the preservation and production of ESI that a party deems not reasonably accessible and tailor the application of sanctions to the discovery of ESI.
These amendments have been described as incremental, or evolutionary. However, when properly used, technology should lead to faster, more efficient discovery provided the rules are interpreted and applied in accord with Rule 1's mandate that they be "construed and administered to secure the just, speedy and inexpensive determination of every action."
The rules provide an expansive definition of ESI that covers any information that can be stored electronically. Unlike paper records, which were generally stored in a central repository, electronic records are easy to duplicate and multiple copies may reside in numerous locations. These electronic records can also be saved, retrieved and produced in a variety of file formats. To complicate matters even further, ESI is often stored on backup tapes in a compressed format and retained in that form long after the original files have been deleted. Retrieving information from backup tapes is generally more costly than retrieving information that is being actively used, although technological advances and new storage systems may blur this distinction.
The form in which ESI is produced has long been a point of contention between parties and can greatly affect the ease of review and the utility of the production due to both the dynamic nature of certain ESI and because electronic records contain far more information than equivalent paper records. In native format (the form in which the information was created), electronic files contain both "system metadata" and "application metadata," which provide information that is not always available when ESI is produced in TIFF (tagged image file format) or paper form.
To view entire article click here
---------------------------------------
Source: law.com
Bankers Are A Step Ahead With E-Discovery
New rules require banks to put their content management efforts into high gear. We ask the experts how they're doing.
New e-discovery rules that went into effect Dec. 1 pose a range of challenges for banks. And what the bankers are learning from complying with amendments to the Federal Rules of Civil Procedure can be extended to other companies grappling with e-discovery. InformationWeek's sister publication, Bank Systems & Technology, had freelance writer Peggy Bresnick Kendler discuss banks' compliance efforts with four experts.
CHALLENGES POSED
Barry Murphy, principal analyst, Forrester Research: The amendments affect organizations in three ways. First, they require a framework for early attention. Organizations not ready to address issues when litigation or regulatory requests hit will immediately be behind.
Second, they give a safe harbor for data destruction, meaning there are no penalties for deleting electronically stored information in keeping with routine operation of IT systems if the party took reasonable steps to preserve it. However, this means that organizations must have granular retention policies in place, and technology to enforce those policies and audit the enforcement as well.
Finally, there's the requirement for native file production. Organizations must be able to produce electronically stored information in its native format with its metadata intact and prove a valid chain of custody. Again, this spotlights the need for technology to manage the full life cycle of information.
John Mancini, president of AIIM, the enterprise content management association: Companies need to know what electronic information they're storing and where it is. They need policies in place governing the management of electronic information, they need to follow those policies, and they need to be able to prove compliance. The it's-too-hard-to-produce argument won't stand up anymore. These sound simple and basic on the surface. But according to AIIM surveys, the environment in most firms is barely controlled chaos.
ARE BANKS PREPARED?
Murphy: In my experience, banks are only ready for specific discovery requests, like those relating to Securities and Exchange Commission Rule 17a-4. To comply with that rule, many banks have deployed e-mail archiving systems. However, they have done so only for brokers. Discovery truly applies to all employees and to all kinds of content, not just e-mail. The large banks I've spoken with have yet to connect records management with e-discovery, which says to me that they're definitely not ready to deal with the amended rules proactively.
To view entire article click here
---------------------------------------
Source: informationweek.com
New e-discovery rules that went into effect Dec. 1 pose a range of challenges for banks. And what the bankers are learning from complying with amendments to the Federal Rules of Civil Procedure can be extended to other companies grappling with e-discovery. InformationWeek's sister publication, Bank Systems & Technology, had freelance writer Peggy Bresnick Kendler discuss banks' compliance efforts with four experts.
CHALLENGES POSED
Barry Murphy, principal analyst, Forrester Research: The amendments affect organizations in three ways. First, they require a framework for early attention. Organizations not ready to address issues when litigation or regulatory requests hit will immediately be behind.
Second, they give a safe harbor for data destruction, meaning there are no penalties for deleting electronically stored information in keeping with routine operation of IT systems if the party took reasonable steps to preserve it. However, this means that organizations must have granular retention policies in place, and technology to enforce those policies and audit the enforcement as well.
Finally, there's the requirement for native file production. Organizations must be able to produce electronically stored information in its native format with its metadata intact and prove a valid chain of custody. Again, this spotlights the need for technology to manage the full life cycle of information.
John Mancini, president of AIIM, the enterprise content management association: Companies need to know what electronic information they're storing and where it is. They need policies in place governing the management of electronic information, they need to follow those policies, and they need to be able to prove compliance. The it's-too-hard-to-produce argument won't stand up anymore. These sound simple and basic on the surface. But according to AIIM surveys, the environment in most firms is barely controlled chaos.
ARE BANKS PREPARED?
Murphy: In my experience, banks are only ready for specific discovery requests, like those relating to Securities and Exchange Commission Rule 17a-4. To comply with that rule, many banks have deployed e-mail archiving systems. However, they have done so only for brokers. Discovery truly applies to all employees and to all kinds of content, not just e-mail. The large banks I've spoken with have yet to connect records management with e-discovery, which says to me that they're definitely not ready to deal with the amended rules proactively.
To view entire article click here
---------------------------------------
Source: informationweek.com
Friday, March 23, 2007
Though Relevant, Defendant's Litigation Hold Notices Were Protected From Discovery by Attorney-Client Privilege
Capitano v. Ford Motor Co., 2007 WL 586586 (N.Y. Sup. Ct. Feb. 26, 2007)
In this product liability case, plaintiffs sought production of defendant’s “suspension orders,” also known as "litigation hold notices." Plaintiffs argued that the suspension orders should be produced in light of the fact that Ford was unable to produce certain documents. Plaintiffs contended that, with access to the suspension orders, they would be able to determine if the documents in question were intentionally or negligently destroyed, or perhaps secure information which may lead to the discovery of the missing documents.
Ford asserted that the unavailability of the documents was beyond its control, and that it had made a diligent, good faith effort to find the documents. Ford argued that the suspension orders were not relevant, and even if they were, they were protected from discovery by the attorney-client privilege and/or work product doctrine. Ford submitted an affidavit from an attorney in its legal department who explained that the suspension orders were “’communications (a) that are issued by attorneys in Ford's Office of the General Counsel in connection with certain anticipated or pending litigation or administrative proceedings and (b) that identify attorney-selected categories of documents required to be maintained beyond periods set out pursuant to Ford's records management program.’" (Citation to the record omitted.) The attorney further explained that the suspension orders were confidential communications between the attorneys and representatives of Ford, were disseminated to only those employees who deal with Ford's record management program , and contained the warning that the "suspension orders" were privileged and confidential and that dissemination should be limited to persons working at Ford on a need-to-know basis.
Plaintiffs countered by offering the deposition testimony of another Ford attorney who, in an unrelated case, stated that Ford’s suspension orders were posted on Ford's intranet communications system and were available to all employees. From this, plaintiffs argued that any attorney-client privilege was waived.
Although the court agreed with plaintiffs that the requested “suspension orders” may lead to the production of admissible evidence and were, therefore, relevant, it denied the motion. The court concluded that the suspension orders were attorney-client privileged communications protected from discovery under N.Y. Civil Practice Law § 4503 (McKinney 2007).
To view entire decision: click here
---------------------------------------
Source: eDiscoveryLaw.com
In this product liability case, plaintiffs sought production of defendant’s “suspension orders,” also known as "litigation hold notices." Plaintiffs argued that the suspension orders should be produced in light of the fact that Ford was unable to produce certain documents. Plaintiffs contended that, with access to the suspension orders, they would be able to determine if the documents in question were intentionally or negligently destroyed, or perhaps secure information which may lead to the discovery of the missing documents.
Ford asserted that the unavailability of the documents was beyond its control, and that it had made a diligent, good faith effort to find the documents. Ford argued that the suspension orders were not relevant, and even if they were, they were protected from discovery by the attorney-client privilege and/or work product doctrine. Ford submitted an affidavit from an attorney in its legal department who explained that the suspension orders were “’communications (a) that are issued by attorneys in Ford's Office of the General Counsel in connection with certain anticipated or pending litigation or administrative proceedings and (b) that identify attorney-selected categories of documents required to be maintained beyond periods set out pursuant to Ford's records management program.’" (Citation to the record omitted.) The attorney further explained that the suspension orders were confidential communications between the attorneys and representatives of Ford, were disseminated to only those employees who deal with Ford's record management program , and contained the warning that the "suspension orders" were privileged and confidential and that dissemination should be limited to persons working at Ford on a need-to-know basis.
Plaintiffs countered by offering the deposition testimony of another Ford attorney who, in an unrelated case, stated that Ford’s suspension orders were posted on Ford's intranet communications system and were available to all employees. From this, plaintiffs argued that any attorney-client privilege was waived.
Although the court agreed with plaintiffs that the requested “suspension orders” may lead to the production of admissible evidence and were, therefore, relevant, it denied the motion. The court concluded that the suspension orders were attorney-client privileged communications protected from discovery under N.Y. Civil Practice Law § 4503 (McKinney 2007).
To view entire decision: click here
---------------------------------------
Source: eDiscoveryLaw.com
Breyer Discovers e-Discovery
Supreme Court Justice Stephen Breyer was the star panelist Tuesday at a summit at Georgetown University Law Center on how the explosion in electronically stored information (ESI) is transforming the legal system. A confessed “babe in the woods” on the issue, Breyer was dazzled when the experts on the panel started throwing around words like “exabyte” (that’s 1 with 18 zeroes next to it) and metaphors like “44 Empire State buildings” to quantify the data produced in workplaces today. All of it can be demanded in discovery, creating enormous challenges and expense to review the material, with a good chance that half or more of pertinent documents will be missed.
When Patrick Oot, director of electronic discovery at Verizon, said reviewing documents in a single case cost his company $4 million, Breyer grew concerned. That kind of cost, he said, is “going to drive out of the legal system a lot of people who belong there.”
To view entire article click here
---------------------------------------
Source: legaltimes.com
When Patrick Oot, director of electronic discovery at Verizon, said reviewing documents in a single case cost his company $4 million, Breyer grew concerned. That kind of cost, he said, is “going to drive out of the legal system a lot of people who belong there.”
To view entire article click here
---------------------------------------
Source: legaltimes.com
Growing pressure for data classification
A storm is brewing over the silicon fields of corporate data — and companies that don’t classify their data are going to get rained on. Why? Three reasons. New security-breach notification laws being considered around the world will compel multinationals to know where their most sensitive data is. The recent implementation of a U.S. Supreme Court decision on e-discovery allows for fines to be levied against companies in federal litigation that don’t know where all their data is. And the decentralization of corporate data to mobile devices is heightening the risk of not having business-continuity plans that risk-rank critical data.
If you’re one of the 65% of companies polled by Computerworld last year that don’t routinely classify their data, you’ll want to forward this list to Legal and IT to help inject some urgency into the situation:
• Data classification for breach response. U.S. state laws on security-breach notification have been so successful in prodding companies to shore up their information security that Congress, and legislative bodies in Canada, Europe and Australia are now considering adopting similar measures. To comply with these laws and prevent these breaches from happening in the first place, companies are starting to inventory all their data that trip these notification triggers. (See Data Confidentiality Classifications table below.)
• Data classification for e-discovery. Last December, amendments to the Federal Rules of Civil Procedure recommended by the Supreme Court concerning the discovery of "electronically stored information" came into effect. Under the new rules, companies need to produce all relevant information much earlier in the litigation process and may be fined stiff penalties for stumbling across new information during a trial. To avoid these penalties and reduce the cost of e-discovery, companies are finally starting to implement comprehensive data-retention policies that routinely destroy old records. (See Data Retention Classifications table below.)
To view entire article click here
---------------------------------------
Source: computerworld.com
If you’re one of the 65% of companies polled by Computerworld last year that don’t routinely classify their data, you’ll want to forward this list to Legal and IT to help inject some urgency into the situation:
• Data classification for breach response. U.S. state laws on security-breach notification have been so successful in prodding companies to shore up their information security that Congress, and legislative bodies in Canada, Europe and Australia are now considering adopting similar measures. To comply with these laws and prevent these breaches from happening in the first place, companies are starting to inventory all their data that trip these notification triggers. (See Data Confidentiality Classifications table below.)
• Data classification for e-discovery. Last December, amendments to the Federal Rules of Civil Procedure recommended by the Supreme Court concerning the discovery of "electronically stored information" came into effect. Under the new rules, companies need to produce all relevant information much earlier in the litigation process and may be fined stiff penalties for stumbling across new information during a trial. To avoid these penalties and reduce the cost of e-discovery, companies are finally starting to implement comprehensive data-retention policies that routinely destroy old records. (See Data Retention Classifications table below.)
To view entire article click here
---------------------------------------
Source: computerworld.com
Thursday, March 22, 2007
$1.58 Billion Judgment Against Morgan Stanley Reversed
Morgan Stanley & Co., Inc. v. Coleman (Parent) Holdings, Inc., No. 4D05-2606 (Fla. Dist. Ct. App. Mar. 21, 2007)
In a 2-1 decision, a Florida state appellate court today reversed the $1.58 billion judgment against Morgan Stanley in the litigation brought by Coleman (Parent) Holdings, Inc. Judgment was reversed on the grounds that plaintiff failed to prove compensatory damages by not establishing the fraud-free value of the Sunbeam stock on the date of the merger transaction. Since the decision on that issue was dispositive, the court did not reach the other issues on appeal, including whether the trial court improperly entered a partial default against Morgan Stanley as a sanction for discovery misconduct, and whether the trial court erred in denying Morgan Stanley a fair opportunity to contest and mitigate evidence of litigation misconduct presented during the punitive damages phase of the trial.
Accordingly, the appellate court reversed both the compensatory and punitive damage awards and remanded the case with directions to enter judgment for Morgan Stanley. Note, the decision is not final until the disposition of a timely filed motion for rehearing.
To view entire decision: click here
---------------------------------------
Source: eDiscoveryLaw.com
In a 2-1 decision, a Florida state appellate court today reversed the $1.58 billion judgment against Morgan Stanley in the litigation brought by Coleman (Parent) Holdings, Inc. Judgment was reversed on the grounds that plaintiff failed to prove compensatory damages by not establishing the fraud-free value of the Sunbeam stock on the date of the merger transaction. Since the decision on that issue was dispositive, the court did not reach the other issues on appeal, including whether the trial court improperly entered a partial default against Morgan Stanley as a sanction for discovery misconduct, and whether the trial court erred in denying Morgan Stanley a fair opportunity to contest and mitigate evidence of litigation misconduct presented during the punitive damages phase of the trial.
Accordingly, the appellate court reversed both the compensatory and punitive damage awards and remanded the case with directions to enter judgment for Morgan Stanley. Note, the decision is not final until the disposition of a timely filed motion for rehearing.
To view entire decision: click here
---------------------------------------
Source: eDiscoveryLaw.com
Coming Attractions for eDiscovery
FaceTime Communications, a provider of solutions for securing and managing IM, P2P and Web-based greynets, has announced new capabilities to simplify search and retrieval of realtime communications for ediscovery and regulatory and corporate compliance regulations. By partnering with major storage archiving as well as email compliance vendors, the FaceTime solution offers cost savings through consolidation of logging, archiving, and auditing using a single platform.
IMAuditor's new role-based administration capability provides specific access privileges and tracks the electronically stored information that each reviewer has accessed, which is crucial to the integrity of the compliance review process. An operational reviewer role can be defined to set global policies and perform extensive search and retrieval functions. This affords the ability to "audit the auditor" as well as to ensure that system administrators, compliance officers, and operational auditors have access only to the information and policy-setting controls relevant to their role in the compliance process. It also ensures that their access is tracked and logged.
These features provide organizations with full control over the auditing and retrieval process, saving time and ensuring efficient use of internal or paralegal resources.
In addition, FaceTime allows both IM conversations and their associated file transfers to be scanned, archived, tracked, and stored for retrieval and IMAuditor provides single-step recording and guarantees transactional integrity when archived to email/WORM storage including EMC Centera, Symantec, HP, Zantaz, IBM/Filenet, and Iron Mountain. These new capabilities complement the current IMAuditor solution, which provides enhanced security and compliance including comprehensive malware protection against worms, viruses, spyware, and SpIM as well as tamper-proof, non-repudiated full capture, recording, archive, and auditing of all conversations and file transfers conducted over public and enterprise instant messaging.
Organizations have yet to realize the impact of the new era in electronic legal discovery. While the new U.S. rules of Civil Procedure were effective at the end of last year, the impact of early meeting requirements for the parties to agree on initial ediscovery production and strategy has been largely unnoticed… so far. Many attorneys for their part have to set aside their discomfort with technology to address how they can exploit electronic evidence on behalf of their clients. If their clients aren't able to produce helpful evidence, the battle may go to the more technically adept rather than cause of righteousness.
To view entire article click here
---------------------------------------
Source: IT-Director.com
IMAuditor's new role-based administration capability provides specific access privileges and tracks the electronically stored information that each reviewer has accessed, which is crucial to the integrity of the compliance review process. An operational reviewer role can be defined to set global policies and perform extensive search and retrieval functions. This affords the ability to "audit the auditor" as well as to ensure that system administrators, compliance officers, and operational auditors have access only to the information and policy-setting controls relevant to their role in the compliance process. It also ensures that their access is tracked and logged.
These features provide organizations with full control over the auditing and retrieval process, saving time and ensuring efficient use of internal or paralegal resources.
In addition, FaceTime allows both IM conversations and their associated file transfers to be scanned, archived, tracked, and stored for retrieval and IMAuditor provides single-step recording and guarantees transactional integrity when archived to email/WORM storage including EMC Centera, Symantec, HP, Zantaz, IBM/Filenet, and Iron Mountain. These new capabilities complement the current IMAuditor solution, which provides enhanced security and compliance including comprehensive malware protection against worms, viruses, spyware, and SpIM as well as tamper-proof, non-repudiated full capture, recording, archive, and auditing of all conversations and file transfers conducted over public and enterprise instant messaging.
Organizations have yet to realize the impact of the new era in electronic legal discovery. While the new U.S. rules of Civil Procedure were effective at the end of last year, the impact of early meeting requirements for the parties to agree on initial ediscovery production and strategy has been largely unnoticed… so far. Many attorneys for their part have to set aside their discomfort with technology to address how they can exploit electronic evidence on behalf of their clients. If their clients aren't able to produce helpful evidence, the battle may go to the more technically adept rather than cause of righteousness.
To view entire article click here
---------------------------------------
Source: IT-Director.com
A Computer Forensics Strategy to Sink Your Opponent's Legal Battleship
Successful litigation often hinges on a single relevant e-mail or document -- anchored, traveling or floating freely somewhere in a sea of non-relevant data.
In a search for that document or e-mail, the standard body of reasonably accessible evidence may not be enough. When this happens, forensic techniques can pinpoint the single audit trail, evidence fragment or encrypted document vital to the case.
Ever played "Battleship"? In that table-game classic, and in an evidence search, strategy is crucial.
Also, the recent Federal Rules of Civil Procedure amendments regarding electronic data and computer forensics provide another criterion for litigators to think about while determining what to request.
In litigation involving computers and information systems, some technical knowledge can deliver real power. With knowledge of how data sets relate to one another, a lawyer can find caches of relevant data. The lawyer or litigation team can also determine whether:
A timeline must be reconstructed;
Possible malfeasance should be investigated; or
Data thought lost must be recovered.
This approach effectively targets required case information and helps determine when extra measures such as computer forensics are needed.
To view entire article click here
---------------------------------------
Source: law.com
In a search for that document or e-mail, the standard body of reasonably accessible evidence may not be enough. When this happens, forensic techniques can pinpoint the single audit trail, evidence fragment or encrypted document vital to the case.
Ever played "Battleship"? In that table-game classic, and in an evidence search, strategy is crucial.
Also, the recent Federal Rules of Civil Procedure amendments regarding electronic data and computer forensics provide another criterion for litigators to think about while determining what to request.
In litigation involving computers and information systems, some technical knowledge can deliver real power. With knowledge of how data sets relate to one another, a lawyer can find caches of relevant data. The lawyer or litigation team can also determine whether:
A timeline must be reconstructed;
Possible malfeasance should be investigated; or
Data thought lost must be recovered.
This approach effectively targets required case information and helps determine when extra measures such as computer forensics are needed.
To view entire article click here
---------------------------------------
Source: law.com
Lawsuits drive email archiving
As if IT managers didn't have enough to do, now many are being asked to help out the legal department.
Take, for example, the IT manager at a Midwestern company who was asked to sign a document after his staff checked all of the servers and PCs for possible security risks, stating that he felt he and his staff had done their due diligence.
Why? Because his company wanted a paper trail documenting that they had checked their systems.
"I was asked to certify that I felt that I found everything," said an IT manager at a recent TechTarget e-mail archiving seminar in Chicago who asked not to be identified. "We checked all the servers and the PCs, gathered all the documents, but my ability to discover…?"
What the IT manager was talking about is e-discovery, which is the ability to quickly find electronic documents on demand. In some cases, this simply means helping users to find older information stored on a server rather than on their email accounts. But increasingly IT managers are being asked to store information to meet compliance regulations or produce documents at the behest of company attorneys as they prepare for lawsuits.
"The biggest driver for email archiving is e-discovery litigation," said Mark Diamond, president and CEO of Mountain View, Calif.-based data and storage consulting firm Contoural Inc. "I've seen companies just settle lawsuits because the cost of e-discovery could be millions."
Mistakes made on email deletion policy
One major mistake companies make when it comes to email archiving is their deletion policy, Diamond said. Many companies get rid of emails after 30, 60 or 90 days.
"If you look at some of the lawsuits, perception plays a big role," Diamond said. "It looks worse if you delete emails, even if it is a policy."
At the same time, many companies' legal teams will say that deleting emails is the right policy, Diamond said, but users do not follow policy. If a policy is too stringent, users will save documents themselves by either sending information to their personal email, saving it on to a USB drive or a PST file in Outlook.
To view entire article click here
---------------------------------------
Source: searchwinit.com
Take, for example, the IT manager at a Midwestern company who was asked to sign a document after his staff checked all of the servers and PCs for possible security risks, stating that he felt he and his staff had done their due diligence.
Why? Because his company wanted a paper trail documenting that they had checked their systems.
"I was asked to certify that I felt that I found everything," said an IT manager at a recent TechTarget e-mail archiving seminar in Chicago who asked not to be identified. "We checked all the servers and the PCs, gathered all the documents, but my ability to discover…?"
What the IT manager was talking about is e-discovery, which is the ability to quickly find electronic documents on demand. In some cases, this simply means helping users to find older information stored on a server rather than on their email accounts. But increasingly IT managers are being asked to store information to meet compliance regulations or produce documents at the behest of company attorneys as they prepare for lawsuits.
"The biggest driver for email archiving is e-discovery litigation," said Mark Diamond, president and CEO of Mountain View, Calif.-based data and storage consulting firm Contoural Inc. "I've seen companies just settle lawsuits because the cost of e-discovery could be millions."
Mistakes made on email deletion policy
One major mistake companies make when it comes to email archiving is their deletion policy, Diamond said. Many companies get rid of emails after 30, 60 or 90 days.
"If you look at some of the lawsuits, perception plays a big role," Diamond said. "It looks worse if you delete emails, even if it is a policy."
At the same time, many companies' legal teams will say that deleting emails is the right policy, Diamond said, but users do not follow policy. If a policy is too stringent, users will save documents themselves by either sending information to their personal email, saving it on to a USB drive or a PST file in Outlook.
To view entire article click here
---------------------------------------
Source: searchwinit.com
Tuesday, March 20, 2007
Rising Costs of E-Discovery Requirements Impacting Litigants
The first electronic database I supervised in litigation ended up costing a dollar a page. And that was before a single lawyer had looked at any of it.
Making TIFF images, using Optical Character Recognition software to create searchable text, entering basic descriptive coding for each document and exporting all this data into a usable format were handled by an outside vendor that charged separately for each step. This was actually cheap, because we started with paper documents, not dozens of hard drives and servers full of e-mail, Word files, PowerPoint presentations and Excel spreadsheets that first had to be forensically imaged and treated like evidence at a homicide scene on "CSI: Miami."
Luckily, my client was a major corporation facing claims that its opponents contended were worth many millions of dollars. The client could afford this cost, and the database created ultimately paid for itself by allowing us to find documents that changed the direction of the case.
But we built this database by choice, not in response to our opponent's demand. The client wanted to preserve all the relevant documents and retrieve them quickly and decided the cost was worth it.
Since that time, the discovery landscape has evolved. Even before the amended Federal Rules of Civil Procedure required all parties to include electronically stored information -- ESI for short -- in their mandatory disclosures and early discovery planning, lawyers learned that the smoking gun in any case was likely to be found in their opponents' e-mail files.
To view entire article click here
---------------------------------------
Source: law.com
Making TIFF images, using Optical Character Recognition software to create searchable text, entering basic descriptive coding for each document and exporting all this data into a usable format were handled by an outside vendor that charged separately for each step. This was actually cheap, because we started with paper documents, not dozens of hard drives and servers full of e-mail, Word files, PowerPoint presentations and Excel spreadsheets that first had to be forensically imaged and treated like evidence at a homicide scene on "CSI: Miami."
Luckily, my client was a major corporation facing claims that its opponents contended were worth many millions of dollars. The client could afford this cost, and the database created ultimately paid for itself by allowing us to find documents that changed the direction of the case.
But we built this database by choice, not in response to our opponent's demand. The client wanted to preserve all the relevant documents and retrieve them quickly and decided the cost was worth it.
Since that time, the discovery landscape has evolved. Even before the amended Federal Rules of Civil Procedure required all parties to include electronically stored information -- ESI for short -- in their mandatory disclosures and early discovery planning, lawyers learned that the smoking gun in any case was likely to be found in their opponents' e-mail files.
To view entire article click here
---------------------------------------
Source: law.com
New Electronic Discovery Rules May Challenge Litigators Not Familiar with Digital Evidence says K&F Consulting
At a time when more than 95 percent of relevant evidence is in electronic form with a significant amount never being reduced to paper, it is more important than ever for litigators to understand how to discover and use digital evidence.
That's the conclusion noted by Greg Fordham, a founder of K&F Consulting, Inc., a provider of litigation support and electronic data services, in a recently published article on the 2006 Federal Rules for Civil Procedure (FRCP).
"The changes in the 2006 FRCP will probably have little effect on those well-versed with digital evidence," Fordham said. "But there are risks for those who are not yet skilled in cyber litigation."
"While in some respects e-discovery is no different than paper discovery, it is contained in a variety of mediums such as hard drivers, servers, tapes, memory sticks, PDAs, and cell phones rather than in a single medium such as paper," Fordham said.
In his article, Fordham said all too often litigators think only in terms of e-mails during the discovery phase.
According to Fordham litigators must understand how the various sources digital evidence can contribute to a case as well as how media forensics can assist in either finding the hidden smoking gun or uncovering what has been done to disguise what the other party is not interested in having discovered.
To view entire article click here
---------------------------------------
Source: techlinks.net
That's the conclusion noted by Greg Fordham, a founder of K&F Consulting, Inc., a provider of litigation support and electronic data services, in a recently published article on the 2006 Federal Rules for Civil Procedure (FRCP).
"The changes in the 2006 FRCP will probably have little effect on those well-versed with digital evidence," Fordham said. "But there are risks for those who are not yet skilled in cyber litigation."
"While in some respects e-discovery is no different than paper discovery, it is contained in a variety of mediums such as hard drivers, servers, tapes, memory sticks, PDAs, and cell phones rather than in a single medium such as paper," Fordham said.
In his article, Fordham said all too often litigators think only in terms of e-mails during the discovery phase.
According to Fordham litigators must understand how the various sources digital evidence can contribute to a case as well as how media forensics can assist in either finding the hidden smoking gun or uncovering what has been done to disguise what the other party is not interested in having discovered.
To view entire article click here
---------------------------------------
Source: techlinks.net
Monday, March 19, 2007
Beware: The Pitfalls of e-documents
At first glance, the changes in so-called e-discovery rules in federal courts might seem to affect only the legal profession. The facts may surprise you.
The impact is profound, stretching widely into document retention for virtually every business.
First some facts: 90 percent of companies face lawsuits, all public companies are regulated by the Sarbanes-Oxley Act, and many companies - public or private - deal regularly with human-resource challenges involving former employees.
Your company may be one of the unfortunate ones that faced federal litigation in 2006. Last year 777 federal lawsuits were filed in U.S. District Court in Charleston, with 428 still pending. Those unresolved cases will face the new electronic discovery rules, which took effect in December, with the costs potentially reaching into the millions of dollars.
Additional fact: A document retention policy, or DRP, is the procedure that dictates how a company retains, manages, stores and files information, including electronically stored information.
Some estimates place the number of e-files that are created but never printed as high as 80 percent of all documents within a company. Litigation will be focused on the extraction, retrieval and review of these documents under the new Federal Rules of Civil Procedure, all aimed at gleaning the "corporate knowledge" recorded in those documents.
To view entire release click here
---------------------------------------
Source: Charleston.net
The impact is profound, stretching widely into document retention for virtually every business.
First some facts: 90 percent of companies face lawsuits, all public companies are regulated by the Sarbanes-Oxley Act, and many companies - public or private - deal regularly with human-resource challenges involving former employees.
Your company may be one of the unfortunate ones that faced federal litigation in 2006. Last year 777 federal lawsuits were filed in U.S. District Court in Charleston, with 428 still pending. Those unresolved cases will face the new electronic discovery rules, which took effect in December, with the costs potentially reaching into the millions of dollars.
Additional fact: A document retention policy, or DRP, is the procedure that dictates how a company retains, manages, stores and files information, including electronically stored information.
Some estimates place the number of e-files that are created but never printed as high as 80 percent of all documents within a company. Litigation will be focused on the extraction, retrieval and review of these documents under the new Federal Rules of Civil Procedure, all aimed at gleaning the "corporate knowledge" recorded in those documents.
To view entire release click here
---------------------------------------
Source: Charleston.net
Friday, March 16, 2007
Five Email and Document Management Strategies Key to Reducing Litigation Costs, Improving Preparation
New Federal Rules of Civil Procedure Amendments Require New Records Management, Litigation Readiness Strategies
Smoking-gun documents and emails have beenat the heart of the world's best known corporate legal battles, but the risksof information in litigation have suddenly grown with new U.S. Federalguidelines for e-discovery. How can companies get a handle on the explodingvolume of online content to better address the costs and risks of litigation?Open Text(TM) Corporation (NASDAQ: OTEX, TSX: OTC), a leading provider ofsoftware that helps companies manage their growing stores of emails anddocuments, today released a list of five key technology strategies forlitigation and e-discovery readiness that can help companies be as prepared inthe courtroom as in the boardroom.
"The constant stream of headlines on corporate courtroom dramas hasincreased the pressure to address the litigation risks of electronicinformation," said Timothy Carroll, co-chair of the records managementpractice at Vedder Price, a leading business law firm based in Chicago with alarge litigation and e-discovery practice. "With the recent e-discoveryamendments to the Federal Rules of Civil Procedure, companies need to getbetter prepared and build an ability to address discovery orders directly intotheir information systems."
"Companies are now expected to know where their information or theirrecords live, how they can get to them, where they're stored, and who hasaccess to them. Companies that aren't able to answer those four or five basicquestions are going to be at a disadvantage very early in litigation," Carrollcautions. "The challenges are huge, like an elephant in the corner of theroom, but you cannot digest it in one fell swoop, instead you need to startwith one bite at a time."
To view entire release click here
---------------------------------------
Source: cnw.ca
Smoking-gun documents and emails have beenat the heart of the world's best known corporate legal battles, but the risksof information in litigation have suddenly grown with new U.S. Federalguidelines for e-discovery. How can companies get a handle on the explodingvolume of online content to better address the costs and risks of litigation?Open Text(TM) Corporation (NASDAQ: OTEX, TSX: OTC), a leading provider ofsoftware that helps companies manage their growing stores of emails anddocuments, today released a list of five key technology strategies forlitigation and e-discovery readiness that can help companies be as prepared inthe courtroom as in the boardroom.
"The constant stream of headlines on corporate courtroom dramas hasincreased the pressure to address the litigation risks of electronicinformation," said Timothy Carroll, co-chair of the records managementpractice at Vedder Price, a leading business law firm based in Chicago with alarge litigation and e-discovery practice. "With the recent e-discoveryamendments to the Federal Rules of Civil Procedure, companies need to getbetter prepared and build an ability to address discovery orders directly intotheir information systems."
"Companies are now expected to know where their information or theirrecords live, how they can get to them, where they're stored, and who hasaccess to them. Companies that aren't able to answer those four or five basicquestions are going to be at a disadvantage very early in litigation," Carrollcautions. "The challenges are huge, like an elephant in the corner of theroom, but you cannot digest it in one fell swoop, instead you need to startwith one bite at a time."
To view entire release click here
---------------------------------------
Source: cnw.ca
E-Lawyering Requires Rethinking Technology and Law
"This changes everything."
Those three words, wafting on the familiar, buoyant tones of the actor saying them, have staying power. No survivor of the dot-com boom of the 1990s could forget William Shatner's ubiquitous ads on behalf of a certain online travel company.
Indeed, online booking did change the travel industry. When was the last time anyone had a paper ticket, or called a human travel agent just to check flight times? Buyers and sellers of books, music and news all have seen the same cataclysm in their business models -- a subtle but certain shift from dialing a phone number or visiting a store to signing in, logging on and clicking a mouse.
And, in fact, e-commerce lawyers are included in this migration to technology. Just as e-commerce has disrupted the travel, music, book and news retailing industries, the influence of technology on business and the law has also wrought havoc on our legal system. Certainly, the law has always had to adapt specific rules for new technology.
Today, the pervasive role that technology has assumed in business and legal practice, as more and more of our daily lives are lived online, provides a more fundamental challenge to how attorneys practice business law. In an age when "paper file" has become an anachronism and an oxymoron, business law and the way it is practiced have required more than just tinkering with particular rules.
TECHNOLOGY HAS CHANGED THE WAY WE LIVE, AND WORK
Consider, for example, a study of online shopping trends in 2005 by ComScore Networks, as reported in The Wall Street Journal (www.startup.wsj.com/columnists/smalltalk/20061 122-smalltalk.html). According to the study, e-shoppers preferred to buy online not only on weekdays, but even in the middle of the workday -- when their employers presumably thought that their companies' computers were being used for work. (Never mind that the cybershopping was being done despite common Internet-usage policies prohibiting personal online activity.)
But the ComScore data certainly suggest that those "no-using-the-Internet-at-work" policies aren't seriously enforced -- just as comparable workplace policies are ignored offline as well. For example, lunchtime errands often carry past the strict boundaries of the lunch hour, but such "technical violations" are generally permitted, as long as the work the employees are responsible for doing is completed. In fact, allowing employees to shop online may alleviate problems of employees returning late from lunch, if they can complete all their errands from their desks.
To view entire article click here
---------------------------------------
Source: law.com
Those three words, wafting on the familiar, buoyant tones of the actor saying them, have staying power. No survivor of the dot-com boom of the 1990s could forget William Shatner's ubiquitous ads on behalf of a certain online travel company.
Indeed, online booking did change the travel industry. When was the last time anyone had a paper ticket, or called a human travel agent just to check flight times? Buyers and sellers of books, music and news all have seen the same cataclysm in their business models -- a subtle but certain shift from dialing a phone number or visiting a store to signing in, logging on and clicking a mouse.
And, in fact, e-commerce lawyers are included in this migration to technology. Just as e-commerce has disrupted the travel, music, book and news retailing industries, the influence of technology on business and the law has also wrought havoc on our legal system. Certainly, the law has always had to adapt specific rules for new technology.
Today, the pervasive role that technology has assumed in business and legal practice, as more and more of our daily lives are lived online, provides a more fundamental challenge to how attorneys practice business law. In an age when "paper file" has become an anachronism and an oxymoron, business law and the way it is practiced have required more than just tinkering with particular rules.
TECHNOLOGY HAS CHANGED THE WAY WE LIVE, AND WORK
Consider, for example, a study of online shopping trends in 2005 by ComScore Networks, as reported in The Wall Street Journal (www.startup.wsj.com/columnists/smalltalk/20061 122-smalltalk.html). According to the study, e-shoppers preferred to buy online not only on weekdays, but even in the middle of the workday -- when their employers presumably thought that their companies' computers were being used for work. (Never mind that the cybershopping was being done despite common Internet-usage policies prohibiting personal online activity.)
But the ComScore data certainly suggest that those "no-using-the-Internet-at-work" policies aren't seriously enforced -- just as comparable workplace policies are ignored offline as well. For example, lunchtime errands often carry past the strict boundaries of the lunch hour, but such "technical violations" are generally permitted, as long as the work the employees are responsible for doing is completed. In fact, allowing employees to shop online may alleviate problems of employees returning late from lunch, if they can complete all their errands from their desks.
To view entire article click here
---------------------------------------
Source: law.com
E-Discovery: 100 Days and Counting
This past weekend, we passed a milestone -- 100 days since the enacting of the new Federal Rules of Civil Procedure as they relate to eDiscovery. In summary, those Rules attempt to give courts guidance for how to treat digital data and information, in whatever form and context it is in.
The Rules try to contain the ever escalating costs that plaintiffs and defendants. So spreadsheets, letters, contracts, e-mails and all of those files that are stored on disk and on tape, on and off the network can, should, and must be “discoverable” to all of the parties engaged in litigation.
So, after 100 days, how are the Rules standing up.
To view entire release click here
---------------------------------------
Source: wallstreetandtech.com
The Rules try to contain the ever escalating costs that plaintiffs and defendants. So spreadsheets, letters, contracts, e-mails and all of those files that are stored on disk and on tape, on and off the network can, should, and must be “discoverable” to all of the parties engaged in litigation.
So, after 100 days, how are the Rules standing up.
To view entire release click here
---------------------------------------
Source: wallstreetandtech.com
Thursday, March 15, 2007
Break 40-bit Adobe PDF Encryption in Minutes with Elcomsoft's Advanced PDF Password Recovery
ElcomSoft Co. Ltd. has released an Enterprise version of its award-winning Advanced PDF Password Recovery software. This program makes it easy to remove both password encryption and usage restrictions from Adobe Acrobat PDF files. APDFPR Enterprise now comes with support of all Adobe Acrobat versions (up to 8.0), including those that use AES encryption, and super-fast guaranteed recovery of PDF files with 40-bit encryption using state-of-the-art "time-memory trade-off" technology.
With the increasing popularity of PDF formatted file, comes an increasing number of problems which occur when authors forget the passwords to their source documents. ElcomSoft has revised version 3.0 of all three editions of its Advanced PDF Password Recovery software (Enterprise, Professional, and Standard) to allow the seemingly impossible recovery of passwords for these documents. This software package handles both owner and user passwords used to protect PDF documents. The latest addition to ElcomSoft's family of password recovery software allows business managers to recover lost and destroyed passwords. It also helps in dealing with employees who, intentionally or unintentionally, are unable to edit and print password-protected PDF files.
APDFPR is also a state-of-the-art computer forensics tool that could be used by law enforcement, military and intelligence agencies to open secure documents. PDF documents protected with access restriction passwords can be decrypted instantly, allowing full access to the document. For documents with "user" passwords (that could not be opened without that password), the program blazes through brute-force password attempts at a rate of a few hundred thousand passwords per second.
To view entire release click here
---------------------------------------
Source: PRWeb
With the increasing popularity of PDF formatted file, comes an increasing number of problems which occur when authors forget the passwords to their source documents. ElcomSoft has revised version 3.0 of all three editions of its Advanced PDF Password Recovery software (Enterprise, Professional, and Standard) to allow the seemingly impossible recovery of passwords for these documents. This software package handles both owner and user passwords used to protect PDF documents. The latest addition to ElcomSoft's family of password recovery software allows business managers to recover lost and destroyed passwords. It also helps in dealing with employees who, intentionally or unintentionally, are unable to edit and print password-protected PDF files.
APDFPR is also a state-of-the-art computer forensics tool that could be used by law enforcement, military and intelligence agencies to open secure documents. PDF documents protected with access restriction passwords can be decrypted instantly, allowing full access to the document. For documents with "user" passwords (that could not be opened without that password), the program blazes through brute-force password attempts at a rate of a few hundred thousand passwords per second.
To view entire release click here
---------------------------------------
Source: PRWeb
Corporations Spend To Avoid Liability in Paperless World
These days it's a good idea to assume any e-mails, text messages, or other pieces of electronic data can be retrieved by forensic information technology experts — no matter how well you think you've deleted or disposed of the information.
The paperless society — especially as it plays itself out in corporate America — has radically changed the way everyone does business. And in-house counsels will argue that their jobs have changed dramatically as a result.
The Argyle Forum's annual conference for chief legal officers yesterday revealed that in-house lawyers are facing a new list of considerations concerning electronic discovery, especially when it comes to companies whose trade secrets are in danger of being stolen by rogue employees.
Federal rules now fully recognize sources of information that are stored electronically. The most prudent and careful companies would do well to set up thorough electronic document retention policies, a panelist at the forum, a partner at Cadwalader, Wickersham & Taft, Jonathan Hoff, said. "Electronic discovery isn't the most entertaining topic, but it should attract the attention of corporate America," he said.
Mr. Hoff said it is imperative for companies to educate their employees on what they can communicate over electronic channels — as well as what they shouldn't be saying. "People think they've deleted emails, but most of the time they're not really deleted," he said.
To view entire article click here
---------------------------------------
Source: nysun.com
By: Jay Akasie
The paperless society — especially as it plays itself out in corporate America — has radically changed the way everyone does business. And in-house counsels will argue that their jobs have changed dramatically as a result.
The Argyle Forum's annual conference for chief legal officers yesterday revealed that in-house lawyers are facing a new list of considerations concerning electronic discovery, especially when it comes to companies whose trade secrets are in danger of being stolen by rogue employees.
Federal rules now fully recognize sources of information that are stored electronically. The most prudent and careful companies would do well to set up thorough electronic document retention policies, a panelist at the forum, a partner at Cadwalader, Wickersham & Taft, Jonathan Hoff, said. "Electronic discovery isn't the most entertaining topic, but it should attract the attention of corporate America," he said.
Mr. Hoff said it is imperative for companies to educate their employees on what they can communicate over electronic channels — as well as what they shouldn't be saying. "People think they've deleted emails, but most of the time they're not really deleted," he said.
To view entire article click here
---------------------------------------
Source: nysun.com
By: Jay Akasie
Wednesday, March 14, 2007
Businesses are Still Not Fully Prepared for FRCP
Three months after changes to the Federal Rules of Civil Procedure (FRCP) went into effect, the vast majority of businesses are still not confident they are prepared to meet the new requirements. According to survey results released today, 94 percent of those people responsible for email policy do not feel their organization is fully prepared to meet FRCP requirements. Even more surprisingly, only 38 percent of those respondents say they are familiar with the changes, which require all companies to know exactly where their electronic documents are stored and to be prepared to make corporate email available to the court in case of a lawsuit.
"We're seeing companies of all sizes struggle with the challenges of FRCP and eDiscovery. The recent case between AMD and Intel is a great example of how even the most technologically advanced companies are having a hard time enforcing their policies and implementing legal holds for email," said Eric Goodwin, CEO, Fortiva. "After seeing the results of the survey, we realize there is still a significant need for resources that businesses can use to help meet FRCP – whether that's help with the policy, or help implementing the policy."
The survey, which was conducted during the last week of February, found that almost half of the respondents (45.9 percent) have no retention policy for email, an important step in meeting FRCP rules. In addition, only 8.4 percent of respondents have met one of the most critical requirements outlined by the FRCP amendments: putting a litigation hold procedure in place. While 10 percent of respondents have made changes to the policy to meet FRCP, over 20 percent are still in the planning stage, and 36 percent were not sure if changes were planned.
"The challenge of understanding and implementing the new FRCP requirements has caused a great deal of concern among corporate legal counsel, partly because meeting that challenge requires cooperation between different departments – including IT, records management, legal and the business units – to make it happen. These survey results indicate that many businesses are clearly still struggling to meet the requirements," said Arthur L. Smith, a member of the Dispute Resolution Practice Group at Husch & Eppenberger in St. Louis and an expert on issues relating to electronic discovery. "Having a sound records management policy and system in place are the important first steps towards meeting the e-discovery challenge posed by the FRCP amendments. Organizations that have not yet started this process should make it a priority or face leaving themselves open to significant risks."
To view entire article click here
---------------------------------------
Source: xtvworld.com
"We're seeing companies of all sizes struggle with the challenges of FRCP and eDiscovery. The recent case between AMD and Intel is a great example of how even the most technologically advanced companies are having a hard time enforcing their policies and implementing legal holds for email," said Eric Goodwin, CEO, Fortiva. "After seeing the results of the survey, we realize there is still a significant need for resources that businesses can use to help meet FRCP – whether that's help with the policy, or help implementing the policy."
The survey, which was conducted during the last week of February, found that almost half of the respondents (45.9 percent) have no retention policy for email, an important step in meeting FRCP rules. In addition, only 8.4 percent of respondents have met one of the most critical requirements outlined by the FRCP amendments: putting a litigation hold procedure in place. While 10 percent of respondents have made changes to the policy to meet FRCP, over 20 percent are still in the planning stage, and 36 percent were not sure if changes were planned.
"The challenge of understanding and implementing the new FRCP requirements has caused a great deal of concern among corporate legal counsel, partly because meeting that challenge requires cooperation between different departments – including IT, records management, legal and the business units – to make it happen. These survey results indicate that many businesses are clearly still struggling to meet the requirements," said Arthur L. Smith, a member of the Dispute Resolution Practice Group at Husch & Eppenberger in St. Louis and an expert on issues relating to electronic discovery. "Having a sound records management policy and system in place are the important first steps towards meeting the e-discovery challenge posed by the FRCP amendments. Organizations that have not yet started this process should make it a priority or face leaving themselves open to significant risks."
To view entire article click here
---------------------------------------
Source: xtvworld.com
Worldwide: Electronic Discovery: Know What You Have Before Your Adversary Does
Understanding "What, Where & How" in the New Technological Landscape
Federal Rule 26(f)(2) and (3), as well as many similar local federal court rules and state court rules, requires parties to begin the discovery process by identifying and resolving "any issues relating to the disclosure or discovery of electronically stored information, including the form or forms in which it should be produced." The requirement of Fed. R. Civ. P. 26(f) necessarily imposes a duty to survey and identify precise locations of electronically stored information (ESI), a host of possible sites that until now have been collectively referred to as "cyberspace."
The incorporation of ESI into the text of the rule alters profoundly the "what, where and how" of discovery. Failure to understand the technological landscape at the onset of litigation may result in the loss or alteration of important evidence, impairing the ability to prosecute or defend against claims. Likewise, the inability to understand the potential complexities involved in continued preservation, collection and production may place litigants at a disadvantage from the moment that the mandatory discussion with the adversary and the court begins.
In order to avoid pitfalls and maximize the benefit of an early conference (whether required by court rule or simply initiated as good practice), one should understand the new "what, where and how" of e-discovery.
Where?
Perhaps the most challenging question is "where," that is, the quantity and technological variations in the media that are now the subject of discovery. The list of "where" can be exhausting, and parties often don't fully comprehend the extent of their sources until they already have a discovery problem, such as lost or altered data. For evidence of the challenge, one need look no further than the recent news stories revealing the inability of the FBI to determine exactly how many of its own laptops containing sensitive files have gone missing. (See "FBI Lags in Securing Its Laptops and Weapons," The New York Times, Feb. 13, 2007.)
Of course, the more centralized network servers are the primary repositories for e-mails, word-processing documents and other relevant forms of communication within a business. However, the size of a business and the configuration and location of hardware still create challenges for the seemingly basic task of specifying locations of active network information.
The active network is rarely the only place one needs to look for relevant ESI, however. In many network environments, users are permitted access to, or at least are not physically "locked out of," the hard drive of their workstations, where they may store drafts or versions of documents that never resided in a server location, or that may have been automatically deleted over time (such as old e-mails).
The thorough inquiry does not end with networks and office desktops. A complete investigation calls for interviews of users and persons with knowledge (administrative assistants, for example) to determine the extent to which a user transfers ESI to portable disks, laptops, home computers, even portable MP3 players, PDAs and cell phones.
To view entire article click here
---------------------------------------
Source: mondaq.com
By: John J. Coughlin
Federal Rule 26(f)(2) and (3), as well as many similar local federal court rules and state court rules, requires parties to begin the discovery process by identifying and resolving "any issues relating to the disclosure or discovery of electronically stored information, including the form or forms in which it should be produced." The requirement of Fed. R. Civ. P. 26(f) necessarily imposes a duty to survey and identify precise locations of electronically stored information (ESI), a host of possible sites that until now have been collectively referred to as "cyberspace."
The incorporation of ESI into the text of the rule alters profoundly the "what, where and how" of discovery. Failure to understand the technological landscape at the onset of litigation may result in the loss or alteration of important evidence, impairing the ability to prosecute or defend against claims. Likewise, the inability to understand the potential complexities involved in continued preservation, collection and production may place litigants at a disadvantage from the moment that the mandatory discussion with the adversary and the court begins.
In order to avoid pitfalls and maximize the benefit of an early conference (whether required by court rule or simply initiated as good practice), one should understand the new "what, where and how" of e-discovery.
Where?
Perhaps the most challenging question is "where," that is, the quantity and technological variations in the media that are now the subject of discovery. The list of "where" can be exhausting, and parties often don't fully comprehend the extent of their sources until they already have a discovery problem, such as lost or altered data. For evidence of the challenge, one need look no further than the recent news stories revealing the inability of the FBI to determine exactly how many of its own laptops containing sensitive files have gone missing. (See "FBI Lags in Securing Its Laptops and Weapons," The New York Times, Feb. 13, 2007.)
Of course, the more centralized network servers are the primary repositories for e-mails, word-processing documents and other relevant forms of communication within a business. However, the size of a business and the configuration and location of hardware still create challenges for the seemingly basic task of specifying locations of active network information.
The active network is rarely the only place one needs to look for relevant ESI, however. In many network environments, users are permitted access to, or at least are not physically "locked out of," the hard drive of their workstations, where they may store drafts or versions of documents that never resided in a server location, or that may have been automatically deleted over time (such as old e-mails).
The thorough inquiry does not end with networks and office desktops. A complete investigation calls for interviews of users and persons with knowledge (administrative assistants, for example) to determine the extent to which a user transfers ESI to portable disks, laptops, home computers, even portable MP3 players, PDAs and cell phones.
To view entire article click here
---------------------------------------
Source: mondaq.com
By: John J. Coughlin
Microsoft Brings an Altered Vista to EDD
Vista, Microsoft Corp.'s long-awaited reinvention of its Windows operating system, finally premiered with little fanfare.
No Rolling Stones theme music this time, though users frustrated with ineradicable security holes in Windows XP could have made the case for "19th Nervous Breakdown" or "(I Can't Get No) Satisfaction."
While most businesses are taking a wait-and-see attitude about migrating, sooner or later, they'll make the move. Within two years, Vista will have made significant inroads against XP on business desktops and laptops, and in the home, Vista will dominate. Many Windows users will also upgrade to Office 2007, the latest release of Microsoft's four horsemen: Word, Outlook, Excel and PowerPoint. What does this inexorable Vista and Office creep mean for electronic data discovery and the nerdy little corner of EDD called computer forensics? Only time will tell, but dramatic changes are in store.
VERSIONS
Remember that deluxe Crayola box you longed for as a kid -- the one with the sharpener and colors like "flesh" and "periwinkle?" Well, Vista has nearly as many versions as that box had crayons. There's Vista Home Basic, Home Premium, Business, Enterprise, Ultimate and Vista with Retsyn (okay, I made that last one up). Though all affect EDD to some extent, as you move higher up the evolutionary ladder of Vista versions, you'll bump into features like BitLocker volume encryption that really complicate EDD and forensics.
The big news in Vista is security, especially against prying eyes and careless keystrokes. Business, Enterprise and Ultimate editions include an automatic backup feature called shadow copy that invisibly saves your work to unused disk space to protect you from "Oh, No!" moments -- like saving over an important file. Sounds great, except it salts away all prior versions, including those you don't intend to keep.
Unlike the hidden, fragmented forensic data the federal rules call examples of inaccessible electronically stored information, the Vista shadow copy is a hardy survivor: complete, coherent and readily accessible. Vista grows the volume of discoverable ESI, perhaps significantly.
LITTLE BROTHER
Not only does Vista do a better job hanging on to your work, it also keeps tabs on users as they work, through a feature called Transactional NTFS, or TxF. Bid goodbye to Last Access Times corrupted by peeking at the evidence or antivirus scans.
By default, Vista quits tracking access times as a file property. Instead, TxF logs file system activities, and a counterpart called TxR logs Registry activity. The bottom line is that a user's activity will be closely and constantly tracked, step-by-fateful-step. From the standpoint of investigating claims of evidence destruction, it's less a piecing together of fragments and more a "Let's-look-at-that-again-in-instant-replay" situation.
This means a heck of a lot of new digital evidence out there to preserve and discover.
To view entire article click here
---------------------------------------
Source: law.com
By: Craig Ball
No Rolling Stones theme music this time, though users frustrated with ineradicable security holes in Windows XP could have made the case for "19th Nervous Breakdown" or "(I Can't Get No) Satisfaction."
While most businesses are taking a wait-and-see attitude about migrating, sooner or later, they'll make the move. Within two years, Vista will have made significant inroads against XP on business desktops and laptops, and in the home, Vista will dominate. Many Windows users will also upgrade to Office 2007, the latest release of Microsoft's four horsemen: Word, Outlook, Excel and PowerPoint. What does this inexorable Vista and Office creep mean for electronic data discovery and the nerdy little corner of EDD called computer forensics? Only time will tell, but dramatic changes are in store.
VERSIONS
Remember that deluxe Crayola box you longed for as a kid -- the one with the sharpener and colors like "flesh" and "periwinkle?" Well, Vista has nearly as many versions as that box had crayons. There's Vista Home Basic, Home Premium, Business, Enterprise, Ultimate and Vista with Retsyn (okay, I made that last one up). Though all affect EDD to some extent, as you move higher up the evolutionary ladder of Vista versions, you'll bump into features like BitLocker volume encryption that really complicate EDD and forensics.
The big news in Vista is security, especially against prying eyes and careless keystrokes. Business, Enterprise and Ultimate editions include an automatic backup feature called shadow copy that invisibly saves your work to unused disk space to protect you from "Oh, No!" moments -- like saving over an important file. Sounds great, except it salts away all prior versions, including those you don't intend to keep.
Unlike the hidden, fragmented forensic data the federal rules call examples of inaccessible electronically stored information, the Vista shadow copy is a hardy survivor: complete, coherent and readily accessible. Vista grows the volume of discoverable ESI, perhaps significantly.
LITTLE BROTHER
Not only does Vista do a better job hanging on to your work, it also keeps tabs on users as they work, through a feature called Transactional NTFS, or TxF. Bid goodbye to Last Access Times corrupted by peeking at the evidence or antivirus scans.
By default, Vista quits tracking access times as a file property. Instead, TxF logs file system activities, and a counterpart called TxR logs Registry activity. The bottom line is that a user's activity will be closely and constantly tracked, step-by-fateful-step. From the standpoint of investigating claims of evidence destruction, it's less a piecing together of fragments and more a "Let's-look-at-that-again-in-instant-replay" situation.
This means a heck of a lot of new digital evidence out there to preserve and discover.
To view entire article click here
---------------------------------------
Source: law.com
By: Craig Ball
Tuesday, March 13, 2007
Holding that Accessible Data Must be Produced at the Cost of the Producing Party, Court Orders Defendant to Conduct Further Email Search
Peskoff v. Faber, 2007 WL 530096 (D.D.C. Feb. 28, 2007)
A previous e-discovery order in this case dated July 11, 2006, was summarized here. At that time, the parties had disagreed about whether certain additional emails existed. Magistrate Judge John M. Facciola had explained that the requested emails, “if they exist, could be located in one or more of several places: (1) Peskoff’s NextPoint Management email account; (2) the email accounts of other employees, agents, officers and representatives of the NextPoint entities; (3) the hard drive of Peskoff’s computer or any other depository for NextPoint emails, searchable with key words; (4) other places within Peskoff’s computer, such as its ‘slack space,’ searchable with the help of a computer forensic technologies; and (5) backup tapes of Mintz Levin’s servers.” In the previous order, the court had ordered defendant to submit an affidavit describing in detail the nature and scope of its search for responsive electronically stored information.
In this most recent decision, the magistrate judge reviewed the parties’ supplemental submissions and ordered the defendant to perform another and more complete search. He found that, of the five areas described by the court where the requested emails may exist, Faber's search only involved two, each of which was questionable in its scope. Defendant had produced the entire hard drive of Peskoff’s computer, though no preliminary search of its contents was conducted due to the anticipated cost of such a search. Defendant did not oppose a forensic search of the hard drive, but maintained that plaintiff should cover the expense. Defendant also claimed to have preserved Peskoff’s email account in an archive that was created approximately two months after Peskoff’s departure. Defendant apparently did not search any other email accounts, would not pay for a forensic expert to search the slack space of Peskoff’s computer, and reported that, because backup tapes were overwritten every two weeks, anything from the relevant time period was “long gone.”
The court noted that there were significant and unexplained gaps in what was produced, and that the other types of searches the court had previously suggested were not done. The court continued:
Defendant has not challenged my suggestion of the additional searches that could be performed to ensure a more comprehensive analysis of available electronic data. Yet, defendant did not conduct any of these possible searches. As I pointed out in my previous opinion, written before the new federal rules regarding electronic discovery became effective, the producing party has the obligation to search available electronic systems for the information demanded. The new Federal Rule of Civil Procedure pertaining to electronically stored information makes this explicit. Under the new pertinent rule, the producing party is relieved of producing specifically identified inaccessible data only upon a showing of undue burden or cost. Fed. R. Civ. P. 26(b)(2)(B). Even then, the court may order discovery of the data identified as inaccessible "if the requesting party shows good cause, considering the limitations of Rule 26(b)(2)(C)," i.e., the rule that balances the costs of the discovery demanded against its benefits. The obvious negative corollary of this rule is that accessible data must be produced at the cost of the producing party; cost-shifting does not even become a possibility unless there is first a showing of inaccessibility. Thus, it cannot be argued that a party should ever be relieved of its obligation to produce accessible data merely because it may take time and effort to find what is necessary.
(Some citations omitted.) Accordingly, the court ordered defendant to conduct a search of all depositories of electronic information in which one may reasonably expect to find all emails to Peskoff, from Peskoff, or in which the word "Peskoff" appears. It further ordered:
Defendant must also file a statement under oath by the person who conducts the search, explaining how the search was conducted, of which electronic depositories, and how it was designed to produce and did in fact produce all of the emails I have just described. I must insist that the person performing the search have the competence and skill to do so comprehensively. An evidentiary hearing will then be held, at which I expect the person who made the attestation to testify and explain how he or she conducted the search, his or her qualifications to conduct the search, and why I should find the search was adequate.
To view entire decision: click here
---------------------------------------
Source: eDiscoveryLaw.com
A previous e-discovery order in this case dated July 11, 2006, was summarized here. At that time, the parties had disagreed about whether certain additional emails existed. Magistrate Judge John M. Facciola had explained that the requested emails, “if they exist, could be located in one or more of several places: (1) Peskoff’s NextPoint Management email account; (2) the email accounts of other employees, agents, officers and representatives of the NextPoint entities; (3) the hard drive of Peskoff’s computer or any other depository for NextPoint emails, searchable with key words; (4) other places within Peskoff’s computer, such as its ‘slack space,’ searchable with the help of a computer forensic technologies; and (5) backup tapes of Mintz Levin’s servers.” In the previous order, the court had ordered defendant to submit an affidavit describing in detail the nature and scope of its search for responsive electronically stored information.
In this most recent decision, the magistrate judge reviewed the parties’ supplemental submissions and ordered the defendant to perform another and more complete search. He found that, of the five areas described by the court where the requested emails may exist, Faber's search only involved two, each of which was questionable in its scope. Defendant had produced the entire hard drive of Peskoff’s computer, though no preliminary search of its contents was conducted due to the anticipated cost of such a search. Defendant did not oppose a forensic search of the hard drive, but maintained that plaintiff should cover the expense. Defendant also claimed to have preserved Peskoff’s email account in an archive that was created approximately two months after Peskoff’s departure. Defendant apparently did not search any other email accounts, would not pay for a forensic expert to search the slack space of Peskoff’s computer, and reported that, because backup tapes were overwritten every two weeks, anything from the relevant time period was “long gone.”
The court noted that there were significant and unexplained gaps in what was produced, and that the other types of searches the court had previously suggested were not done. The court continued:
Defendant has not challenged my suggestion of the additional searches that could be performed to ensure a more comprehensive analysis of available electronic data. Yet, defendant did not conduct any of these possible searches. As I pointed out in my previous opinion, written before the new federal rules regarding electronic discovery became effective, the producing party has the obligation to search available electronic systems for the information demanded. The new Federal Rule of Civil Procedure pertaining to electronically stored information makes this explicit. Under the new pertinent rule, the producing party is relieved of producing specifically identified inaccessible data only upon a showing of undue burden or cost. Fed. R. Civ. P. 26(b)(2)(B). Even then, the court may order discovery of the data identified as inaccessible "if the requesting party shows good cause, considering the limitations of Rule 26(b)(2)(C)," i.e., the rule that balances the costs of the discovery demanded against its benefits. The obvious negative corollary of this rule is that accessible data must be produced at the cost of the producing party; cost-shifting does not even become a possibility unless there is first a showing of inaccessibility. Thus, it cannot be argued that a party should ever be relieved of its obligation to produce accessible data merely because it may take time and effort to find what is necessary.
(Some citations omitted.) Accordingly, the court ordered defendant to conduct a search of all depositories of electronic information in which one may reasonably expect to find all emails to Peskoff, from Peskoff, or in which the word "Peskoff" appears. It further ordered:
Defendant must also file a statement under oath by the person who conducts the search, explaining how the search was conducted, of which electronic depositories, and how it was designed to produce and did in fact produce all of the emails I have just described. I must insist that the person performing the search have the competence and skill to do so comprehensively. An evidentiary hearing will then be held, at which I expect the person who made the attestation to testify and explain how he or she conducted the search, his or her qualifications to conduct the search, and why I should find the search was adequate.
To view entire decision: click here
---------------------------------------
Source: eDiscoveryLaw.com
Subscribe to:
Posts (Atom)
