Houston, October 30, 2007 - Any firm hiring an unlicensed computer investigator runs the risk of having all information obtained in the process invalidated. Hiring an expert witness to testify in cases involving electronically stored information, computer crimes, misuse of computers, or any other computer related violation carries the same risk.
After January 1, 2008, any company providing information not publicly available, based upon computer investigations, must be licensed by the Texas Department of Public Safety’s Private Security Board. Practicing without a license can result in a Class A Misdemeanor for the first offense, a Class 3 Felony for subsequent violations, monetary fines, and the invalidation of any information obtained by the unlicensed individual or firm.
Electronic evidence is an important element in many of today’s legal cases. Investigations into the misuse of e-mail, cell phones, internet, and many other computer-based communications and activities can be very valuable to litigation.
Corporate Human Resources departments often use the services of computer forensic examiners to determine whether or not there is just cause for terminating an employee. By assuring there is just cause for the termination, a corporation cuts its risk of being sued by a disgruntled employee.
While computer forensics is a very valuable tool for the legal and corporate communities, it is important that the entities acquiring these services protect their investment by hiring an experienced licensed firm to provide the service. Ernesto F. Rojas, President and CEO of Forensic & Security Services, Inc. announced today that his firm has met all obligations under the revised provisions of the Texas occupational code and House Bill 2833. Mr. Rojas stated that meeting these obligations enables the firm to “continue offering our services to our legal, corporate, and private clients without issues of spoliation.”
To Continue Reading: Click Here
----------------------------------------
Source: Webwire
Wednesday, October 31, 2007
eDiscovery: Does Your Enterprise Know Where Its Data Is?
Ten years ago it was important for corporate IT directors and legal teams to understand the locations of information and records, but in today's marketplace it is now a necessity. Due to an ever growing body of guidelines and rules at both the state and federal levels, corporations must now identify, hold, manage and produce potentially relevant information and records more quickly than ever. Failure to do so can result in claims of spoliation and significant sanctions.
For consistency with the terminology used in the amended Federal Rules of Civil Procedure, which became effective in December 2006, this article will refer to information and records as electronically stored information (ESI). For organizations faced with the challenges of addressing ESI, there are three crucial aspects about ESI needed to achieve eDiscovery readiness: (1) knowing the location, (2) understanding the availability or accessibility, and (3) understanding the potential relevance. Because responsibility for addressing ESI typically resides in both the legal and information technology (IT) spheres, it is paramount to have effective communication and interaction between these two groups. This article will address how legal and IT teams can work together to locate and map ESI, in order to meet obligations for both the courts and other government entities.
Often multinational organizations will have the greatest challenge when attempting to locate ESI, but the steps described here can be applied across national boundaries - so long as the applicable laws support such an approach. To begin with, an organization should consider the nature of its IT infrastructure - for example, is this infrastructure centralized, decentralized, or a hybrid? Although locating ESI can be time consuming and costly, the risk mitigation afforded by such efforts can often be priceless. As demonstrated in recent decisions affecting the preservation of ESI (In re Genetically Modified Rice Litig., 2007 WL 1655757 (E.D. Mo. June 5, 2007) ), the courts are frequently demanding corporations not only understand the formats in which ESI resides, but also its locations. Corporations are also expected to possess a defensible method of adequately collecting potentially relevant ESI. Because of the complexities associated with such efforts, it is ideal for corporations to address these issues well before a preservation order is ever issued.
Typical solutions will often involve archiving and document management systems. As information storage requirements continue to grow, corporations often look to improving their data management capabilities. Through the initiation of an enterprise content management (ECM) program, these corporations also have the opportunity to implement needed policies for the capture, storage, management, preservation, searching, and collection of electronic content.
Where such policies tie into ECM, corporations can gain visibility to ESI locations.
But such approaches may be more applicable for sophisticated organizations which possess the ability to initiate, accept and enforce policies and their associated systems. But what happens when an organization is not afforded the capability to act in such a systematic fashion? There are some standard practices that can be utilized with either outside consultants or internal IT departments to still achieve effective results.
One such approach would be to utilize a data cataloging and mapping program, as summarized in the following steps: (1) form a select team of legal, technical, records, and business unit managers that can adequately determine the needs of the business and determine if an in-house or outsourced initiative would be most appropriate; (2) propose the team's recommended solution to senior management; (3) if an outsourced initiative is selected, then prepare to conduct an RFI/RFP process which will include interviews and presentations with potential providers; (4) conduct pre-planning of the initiative, including the determination of project management tasks, key contacts, and the organization's interviewees who have knowledge of enterprise ESI; (5) introduce the initiative by holding a kick-off meeting with all the stakeholders and project team members in attendance; (6) conduct interviews; (7) catalog ESI throughout the enterprise; (8) gather and/or create network topologies; (9) conduct a gap analysis of the results from steps 7 and 8 to determine if any locations were missed; (10) visit on-site and off-site storage facilities; (11) compile all the results into a single comprehensive report; (12) allow time for feedback from the team; (13) modify the report based on team feedback and then present the findings to the stakeholders, and lastly (14) prepare the final documentation and then maintain it on an ongoing basis.
To Continue Reading: Click Here
---------------------------------------
Source: Metro Corporate Counsel
By: Karen Schuler
For consistency with the terminology used in the amended Federal Rules of Civil Procedure, which became effective in December 2006, this article will refer to information and records as electronically stored information (ESI). For organizations faced with the challenges of addressing ESI, there are three crucial aspects about ESI needed to achieve eDiscovery readiness: (1) knowing the location, (2) understanding the availability or accessibility, and (3) understanding the potential relevance. Because responsibility for addressing ESI typically resides in both the legal and information technology (IT) spheres, it is paramount to have effective communication and interaction between these two groups. This article will address how legal and IT teams can work together to locate and map ESI, in order to meet obligations for both the courts and other government entities.
Often multinational organizations will have the greatest challenge when attempting to locate ESI, but the steps described here can be applied across national boundaries - so long as the applicable laws support such an approach. To begin with, an organization should consider the nature of its IT infrastructure - for example, is this infrastructure centralized, decentralized, or a hybrid? Although locating ESI can be time consuming and costly, the risk mitigation afforded by such efforts can often be priceless. As demonstrated in recent decisions affecting the preservation of ESI (In re Genetically Modified Rice Litig., 2007 WL 1655757 (E.D. Mo. June 5, 2007) ), the courts are frequently demanding corporations not only understand the formats in which ESI resides, but also its locations. Corporations are also expected to possess a defensible method of adequately collecting potentially relevant ESI. Because of the complexities associated with such efforts, it is ideal for corporations to address these issues well before a preservation order is ever issued.
Typical solutions will often involve archiving and document management systems. As information storage requirements continue to grow, corporations often look to improving their data management capabilities. Through the initiation of an enterprise content management (ECM) program, these corporations also have the opportunity to implement needed policies for the capture, storage, management, preservation, searching, and collection of electronic content.
Where such policies tie into ECM, corporations can gain visibility to ESI locations.
But such approaches may be more applicable for sophisticated organizations which possess the ability to initiate, accept and enforce policies and their associated systems. But what happens when an organization is not afforded the capability to act in such a systematic fashion? There are some standard practices that can be utilized with either outside consultants or internal IT departments to still achieve effective results.
One such approach would be to utilize a data cataloging and mapping program, as summarized in the following steps: (1) form a select team of legal, technical, records, and business unit managers that can adequately determine the needs of the business and determine if an in-house or outsourced initiative would be most appropriate; (2) propose the team's recommended solution to senior management; (3) if an outsourced initiative is selected, then prepare to conduct an RFI/RFP process which will include interviews and presentations with potential providers; (4) conduct pre-planning of the initiative, including the determination of project management tasks, key contacts, and the organization's interviewees who have knowledge of enterprise ESI; (5) introduce the initiative by holding a kick-off meeting with all the stakeholders and project team members in attendance; (6) conduct interviews; (7) catalog ESI throughout the enterprise; (8) gather and/or create network topologies; (9) conduct a gap analysis of the results from steps 7 and 8 to determine if any locations were missed; (10) visit on-site and off-site storage facilities; (11) compile all the results into a single comprehensive report; (12) allow time for feedback from the team; (13) modify the report based on team feedback and then present the findings to the stakeholders, and lastly (14) prepare the final documentation and then maintain it on an ongoing basis.
To Continue Reading: Click Here
---------------------------------------
Source: Metro Corporate Counsel
By: Karen Schuler
ethos As Law And Technology emerge
Even as we approach the one-year anniversary of discovery-related revisions to the Federal Rules of Civil Procedure (FRCP), they remain collectively one of the hottest topics in the legal profession. The overt commingling of staid legal procedure with its restless suitor, information technology ne "electronically stored information" (ESI), is still (and justifiably) the cause clbre of conferences, seminars and symposiums throughout most jurisdictions.
The ramifications of these FRCP changes to the practice of law are reminiscent of two other federal events: the 1999 Gramm Leach Bliley Act; and, the 2002 Sarbanes Oxley Act. As described below, the former had only temporary impact; and, the later is scripted for relatively narrow application. Effects of the discovery-related revisions to the FRCP will be neither temporary nor narrow.
For almost two years after its passage, the Gramm Leach Bliley Act (GLBA) (also known as the " Financial Modernization Act of 1999 ") and its information security provisions had little impact on the practice of law, except for those attorneys directly involved in the banking industry. After the Federal Trade Commission (FTC) ruled in 2001 that attorneys themselves qualified as "financial institutions" within the FTC's purview, a firestorm ensued. Lawyers were already bound to duties of privacy and confidentiality through each state jurisdiction's Rules of Professional Conduct. Consequent to the GLBA, could the FTC legitimately impose new or different regulations on lawyer-client privacy and confidentiality? The legal industry immediately scrambled to both satisfy and protest the GLBA's information privacy requirements.
In 2003, the FTC announced it would not enforce alleged breaches of the GLBA pending resolution of challenges by various bar associations. In 2005, the U.S. Court of Appeals (D.C. Circuit) held that by attempting to regulate the practice of law, the FTC had clearly exceeded its statutory authority. The FTC's "turf grab" through the GLBA therefore proved of temporary consequence.
In 2002, during the GLBA firestorm, Congress passed the Sarbanes-Oxley Act (SOA) to reform specific aspects of corporate governance. With the SOA came new rules by the Securities & Exchange Commission (SEC) to establish "minimum standards of professional conduct" for certain attorneys. In contrast to the GLBA, the SAO/SEC regulations regarding attorneys' professional conduct remain in force today because they apply only to those attorneys who appear and practice before the SEC; and, they are meant to supplement state rules, not compete with them.
Today, the effects of discovery-related changes to the FRCP are still being sorted. They lack the fatal controversy of the GLBA and the narrow application of the GLBA. The "new rules" of the FRCP are here to stay, with most state jurisdictions considering and adopting similar revisions.
By their nature, the FRCP rules concern litigation. The new FRCP revisions will, however, have profound impact on both litigation and corporate counsel. Whether or not litigation is ever anticipated by a corporation or its counsel, the new ESI rules are of critical importance to every corporate counsel because corporations are a prodigious source of ESI. Failure to adequately appreciate and address these new ESI provisions could have catastrophic consequences to both corporations and their counsel.
Given the dynamic nature of information technology, which is at the root of the new rules, staid legal procedure may be no more. As technology continues to change and emerge, interpretation of the rules of civil procedure will, too. How then to anticipate and accommodate the consequences of the new FRCP? At risk is not only measurable success and sanction, but also intangible reputation and standing. At risk is ethos.
To Continue Reading: Click Here
---------------------------------------
Source: Metro Corporate Counsel
By: Andrea Marshall
The ramifications of these FRCP changes to the practice of law are reminiscent of two other federal events: the 1999 Gramm Leach Bliley Act; and, the 2002 Sarbanes Oxley Act. As described below, the former had only temporary impact; and, the later is scripted for relatively narrow application. Effects of the discovery-related revisions to the FRCP will be neither temporary nor narrow.
For almost two years after its passage, the Gramm Leach Bliley Act (GLBA) (also known as the " Financial Modernization Act of 1999 ") and its information security provisions had little impact on the practice of law, except for those attorneys directly involved in the banking industry. After the Federal Trade Commission (FTC) ruled in 2001 that attorneys themselves qualified as "financial institutions" within the FTC's purview, a firestorm ensued. Lawyers were already bound to duties of privacy and confidentiality through each state jurisdiction's Rules of Professional Conduct. Consequent to the GLBA, could the FTC legitimately impose new or different regulations on lawyer-client privacy and confidentiality? The legal industry immediately scrambled to both satisfy and protest the GLBA's information privacy requirements.
In 2003, the FTC announced it would not enforce alleged breaches of the GLBA pending resolution of challenges by various bar associations. In 2005, the U.S. Court of Appeals (D.C. Circuit) held that by attempting to regulate the practice of law, the FTC had clearly exceeded its statutory authority. The FTC's "turf grab" through the GLBA therefore proved of temporary consequence.
In 2002, during the GLBA firestorm, Congress passed the Sarbanes-Oxley Act (SOA) to reform specific aspects of corporate governance. With the SOA came new rules by the Securities & Exchange Commission (SEC) to establish "minimum standards of professional conduct" for certain attorneys. In contrast to the GLBA, the SAO/SEC regulations regarding attorneys' professional conduct remain in force today because they apply only to those attorneys who appear and practice before the SEC; and, they are meant to supplement state rules, not compete with them.
Today, the effects of discovery-related changes to the FRCP are still being sorted. They lack the fatal controversy of the GLBA and the narrow application of the GLBA. The "new rules" of the FRCP are here to stay, with most state jurisdictions considering and adopting similar revisions.
By their nature, the FRCP rules concern litigation. The new FRCP revisions will, however, have profound impact on both litigation and corporate counsel. Whether or not litigation is ever anticipated by a corporation or its counsel, the new ESI rules are of critical importance to every corporate counsel because corporations are a prodigious source of ESI. Failure to adequately appreciate and address these new ESI provisions could have catastrophic consequences to both corporations and their counsel.
Given the dynamic nature of information technology, which is at the root of the new rules, staid legal procedure may be no more. As technology continues to change and emerge, interpretation of the rules of civil procedure will, too. How then to anticipate and accommodate the consequences of the new FRCP? At risk is not only measurable success and sanction, but also intangible reputation and standing. At risk is ethos.
To Continue Reading: Click Here
---------------------------------------
Source: Metro Corporate Counsel
By: Andrea Marshall
The Quest To Uncover All The Facts: The Role Of Computer Forensics In Electronic Discovery
In today's corporate environment, the vast majority of business documents and communications are stored electronically. Given the relative ease of purging or overwriting electronic data, companies involved in litigation now need to go beyond traditional electronic discovery methods to uncover a case's "smoking gun."
When confronted with a litigation matter that requires electronic discovery, regardless of how complex it may be, the knowledge and skills of seasoned computer forensic or high-tech investigation experts can be invaluable. To be effective, these experts must have a thorough understanding of the forensic techniques utilized in electronic discovery matters.
Computer forensic specialists are typically retained by counsel to preserve, collect and maintain the integrity of the chain of evidence. Depending on the type of evidence that is being collected, there are a number of options available to forensically collect data so that it can, if needed, be produced and admitted into evidence during a legal proceeding.
Before starting the collection process, the computer forensic expert and counsel need to determine the most effective manner to collect needed information. Computer forensic experts are able to collect data from three tiers of information on a custodian's computer. The first tier, which contains the largest amount of data, is a mirror image of the custodian's hard drive. The second tier consists of all active files on the hard drive; while the third tier is limited to user-created files on the hard drive.
One of the most common collection methods used by computer forensic experts is to make a mirror image of the custodian's hard drive. This technique provides a replica of every sector on a hard drive and allows all data, including previously deleted data, to be recovered and reviewed. In instances when the custodian is a current employee, the forensic expert must shut down the individual's computer and then use forensic software to make the mirror image.
Another option for collecting electronic information is to leave the custodian's computer running and use forensic software to copy the hard drive data to either an external drive or a networked storage drive. One potential area of concern for counsel using this method is that unallocated space on the custodian's hard drive, the unused area of a hard drive where deleted files reside, might not be collected.
In situations where the computer forensic expert is requested to make a forensic collection of only active files from a custodian's hard drive, both of the above-referenced methodologies will produce the correct results. Active files are those files that can be readily accessed by the computer's operating system, such as program files, operating system files and user- created files.
However, if counsel requests the complete preservation of both active and deleted files, then it is important that unallocated space is captured during the collection process. As such, the preferred method of collection will involve making a complete mirror image of the custodian's hard drive. In the event that counsel requests only those active files that are user-created, then the forensic specialist will access the custodian's computer using forensic software and with applicable filters can collect only those files that match the specified criteria.
To Continue Reading: Click Here
-------------------------------------------
Source: Metro Corporate Counsel
By: Jerry F. Barbanel and Bruce W. Pixley
When confronted with a litigation matter that requires electronic discovery, regardless of how complex it may be, the knowledge and skills of seasoned computer forensic or high-tech investigation experts can be invaluable. To be effective, these experts must have a thorough understanding of the forensic techniques utilized in electronic discovery matters.
Computer forensic specialists are typically retained by counsel to preserve, collect and maintain the integrity of the chain of evidence. Depending on the type of evidence that is being collected, there are a number of options available to forensically collect data so that it can, if needed, be produced and admitted into evidence during a legal proceeding.
Before starting the collection process, the computer forensic expert and counsel need to determine the most effective manner to collect needed information. Computer forensic experts are able to collect data from three tiers of information on a custodian's computer. The first tier, which contains the largest amount of data, is a mirror image of the custodian's hard drive. The second tier consists of all active files on the hard drive; while the third tier is limited to user-created files on the hard drive.
One of the most common collection methods used by computer forensic experts is to make a mirror image of the custodian's hard drive. This technique provides a replica of every sector on a hard drive and allows all data, including previously deleted data, to be recovered and reviewed. In instances when the custodian is a current employee, the forensic expert must shut down the individual's computer and then use forensic software to make the mirror image.
Another option for collecting electronic information is to leave the custodian's computer running and use forensic software to copy the hard drive data to either an external drive or a networked storage drive. One potential area of concern for counsel using this method is that unallocated space on the custodian's hard drive, the unused area of a hard drive where deleted files reside, might not be collected.
In situations where the computer forensic expert is requested to make a forensic collection of only active files from a custodian's hard drive, both of the above-referenced methodologies will produce the correct results. Active files are those files that can be readily accessed by the computer's operating system, such as program files, operating system files and user- created files.
However, if counsel requests the complete preservation of both active and deleted files, then it is important that unallocated space is captured during the collection process. As such, the preferred method of collection will involve making a complete mirror image of the custodian's hard drive. In the event that counsel requests only those active files that are user-created, then the forensic specialist will access the custodian's computer using forensic software and with applicable filters can collect only those files that match the specified criteria.
To Continue Reading: Click Here
-------------------------------------------
Source: Metro Corporate Counsel
By: Jerry F. Barbanel and Bruce W. Pixley
E-Discovery Requests: Know Your Limits
Electronic discovery, even more so than traditional paper discovery, offers the opportunity to burden unduly an opposing party with overbroad discovery requests, and three recent New York State court decisions have addressed over-reaching document requests seeking electronically stored information (ESI).
Responding to far-reaching requests for the production of e-mails and metadata, as well as electronic information contained on, among other things, hard drives, computer servers, backup tapes, voice mail and personal digital assistants (PDAs) can be very burdensome and extremely costly to the producing party.
Thus, as electronic discovery is becoming more prevalent in New York state practice, courts are taking note of these issues and are recognizing that certain situations do not justify the sometimes over-reaching requests that seek to obtain ESI, especially when requested from nonparties. See e.g., L-3 Communications Corp. v. Kelly,[FOOTNOTE 1] Joyner v. Planned Parenthood Federation,[FOOTNOTE 2] and In the Matter of the Application of John Maura Jr.[FOOTNOTE 3]
LIMITING OVERBROAD DEMANDS FOR ESI
In L-3 Communications, the court found that plaintiff was seeking "unfettered access" to confidential and proprietary information of two nonparty competitors of plaintiff, as well as access to one of the defendant's personal computers. Specifically, plaintiff sought "all documents and e-mail messages contained on [defendant's] personal computer, as well as all passwords and access codes in order to impound, clone, and inspect such computer."[FOOTNOTE 4]
This broad request was rejected by the court because the plaintiff "failed to provide the court with a compelling reason for such broad relief" and plaintiff had "not established its entitlement to the broad disclosure of documents and e-mails stored on, as well as the broad access to, [defendant's] personal computer that it seeks."[FOOTNOTE 5] Plaintiff further alleged that defendant had wrongfully deleted relevant ESI from his computer and was continuing to delete and destroy same after the court had issued a preservation order. The court, however, found that such contentions were "not supported by the record" and "that plaintiff had failed to meet its burden of proving how the document and e-mails in question were crucial to the prosecution of this matter or how the plaintiff was prejudiced by their loss." The court further noted that such deletions took place before the preservation order was issued, and that allegations of continuing deletions was "entirely speculative."[FOOTNOTE 6]
DEMANDS MUST BE TAILORED AND SPECIFIC
In Joyner, plaintiff brought a wrongful termination suit against Planned Parenthood alleging that she was terminated due to, among other things, her complaints of racial pay disparity and repeated complaints about defendant's pattern of alleged discrimination on the basis of race and national origin.[FOOTNOTE 7] During discovery, plaintiff sought, inter alia, information contained in "electronically maintained files," but provided no date or a limitation on the scope for her requests.[FOOTNOTE 8] Defendant objected that the requested search for, and production of, materials would cause it to incur "significant costs."[FOOTNOTE 9] Although plaintiff recognized that she would have to pay for the cost of production, she requested an estimate of the cost so as to be able to "make decisions on [its] scope."[FOOTNOTE 10] The court noted that:
To Continue Reading: Click Here
-----------------------------------------
Source: law.com
Responding to far-reaching requests for the production of e-mails and metadata, as well as electronic information contained on, among other things, hard drives, computer servers, backup tapes, voice mail and personal digital assistants (PDAs) can be very burdensome and extremely costly to the producing party.
Thus, as electronic discovery is becoming more prevalent in New York state practice, courts are taking note of these issues and are recognizing that certain situations do not justify the sometimes over-reaching requests that seek to obtain ESI, especially when requested from nonparties. See e.g., L-3 Communications Corp. v. Kelly,[FOOTNOTE 1] Joyner v. Planned Parenthood Federation,[FOOTNOTE 2] and In the Matter of the Application of John Maura Jr.[FOOTNOTE 3]
LIMITING OVERBROAD DEMANDS FOR ESI
In L-3 Communications, the court found that plaintiff was seeking "unfettered access" to confidential and proprietary information of two nonparty competitors of plaintiff, as well as access to one of the defendant's personal computers. Specifically, plaintiff sought "all documents and e-mail messages contained on [defendant's] personal computer, as well as all passwords and access codes in order to impound, clone, and inspect such computer."[FOOTNOTE 4]
This broad request was rejected by the court because the plaintiff "failed to provide the court with a compelling reason for such broad relief" and plaintiff had "not established its entitlement to the broad disclosure of documents and e-mails stored on, as well as the broad access to, [defendant's] personal computer that it seeks."[FOOTNOTE 5] Plaintiff further alleged that defendant had wrongfully deleted relevant ESI from his computer and was continuing to delete and destroy same after the court had issued a preservation order. The court, however, found that such contentions were "not supported by the record" and "that plaintiff had failed to meet its burden of proving how the document and e-mails in question were crucial to the prosecution of this matter or how the plaintiff was prejudiced by their loss." The court further noted that such deletions took place before the preservation order was issued, and that allegations of continuing deletions was "entirely speculative."[FOOTNOTE 6]
DEMANDS MUST BE TAILORED AND SPECIFIC
In Joyner, plaintiff brought a wrongful termination suit against Planned Parenthood alleging that she was terminated due to, among other things, her complaints of racial pay disparity and repeated complaints about defendant's pattern of alleged discrimination on the basis of race and national origin.[FOOTNOTE 7] During discovery, plaintiff sought, inter alia, information contained in "electronically maintained files," but provided no date or a limitation on the scope for her requests.[FOOTNOTE 8] Defendant objected that the requested search for, and production of, materials would cause it to incur "significant costs."[FOOTNOTE 9] Although plaintiff recognized that she would have to pay for the cost of production, she requested an estimate of the cost so as to be able to "make decisions on [its] scope."[FOOTNOTE 10] The court noted that:
To Continue Reading: Click Here
-----------------------------------------
Source: law.com
Q&A: EMC exec says 'dumb storage' administrators are dinosaurs
Security chief Coviello discusses selling fear, how e-discovery cleans data clutter
Responsible for steering the course of EMC's security franchise, Art Coviello, executive vice president of EMC Corp.'s RSA Security Inc. division, says the unit will eventually contribute $2 billion to EMC's annual revenue. In a recent interview with Computerworld, Coviello talked about a balance between storage and security needs, why administrators focused only on "dumb storage" are a dying breed and why selling risk needs no justification.
How do you respond to claims by critics that security vendors overblow technology risks? I don't sell fear. I sell a concept of understanding risk first and applying security commensurate with the risk. I don't have to justify what we do. It's justifies itself on the merits. I'd rather have an informed and educated customer because it's less time-consuming and easier to do business.
How can businesses simplify e-discovery processes? E-discovery is important because there is not a single bit of data you should keep that you don't need. It's not a question of being afraid to be sued; it's a question of being able to get at the data that you do need. It's like having your house cluttered with clothes that your children have outgrown. If I get rid of extraneous information or data, it's a lot easier for me to focus on high-value [information]. There's still going to be low-value information to keep, but at least you won't have junk.
How are the jobs of IT storage administrators changing? If they are [only managing] dumb storage, they're not going to take advantage of all the features and functionality that a company like EMC can bring. They're going to be dinosaurs.
Are CIOs or business owners really in charge of data storage and security? For a while, business owners were leaving the CIOs and IT organization behind [by trying to solve] lots of legacy [problems], growing data and tighter budgets. Over the last 18 months, you've seen a lot of CIOs reassert themselves and take more control by acting in a far more coordinated way. [CIOs] are also being more demanding of their vendors and in general being more creative.
Do you agree with EMC CEO Joe Tucci that encryption technology should be available to IT without charge? I agree with Joe, because I think encryption is something that is really commoditized.
How do you respond to complaints that encryption hampers device performance? If you do [encryption] in the chip sets, there won't be a performance issue. In the meantime, we'll do it through a SAN switch, and that's what Cisco is doing [with EMC]. We're actually doing [encryption] development in PowerPath. [RSA] was the provider of the [encryption] technology, and I was skeptical. But I've been impressed by its performance characteristics. It won't be for everybody, but a good healthy amount of customers can use PowerPath file encryption and not take a big performance hit.
What are RSA's plans to serve the consumer market? Might we have more of a consumer brand? Maybe to the extent that EMC develops more of a set of consumer services. We'll certainly be an ingredient for that."
To Continue Reading: Click Here
-----------------------------------------
Source: computerworld.com
Responsible for steering the course of EMC's security franchise, Art Coviello, executive vice president of EMC Corp.'s RSA Security Inc. division, says the unit will eventually contribute $2 billion to EMC's annual revenue. In a recent interview with Computerworld, Coviello talked about a balance between storage and security needs, why administrators focused only on "dumb storage" are a dying breed and why selling risk needs no justification.
How do you respond to claims by critics that security vendors overblow technology risks? I don't sell fear. I sell a concept of understanding risk first and applying security commensurate with the risk. I don't have to justify what we do. It's justifies itself on the merits. I'd rather have an informed and educated customer because it's less time-consuming and easier to do business.
How can businesses simplify e-discovery processes? E-discovery is important because there is not a single bit of data you should keep that you don't need. It's not a question of being afraid to be sued; it's a question of being able to get at the data that you do need. It's like having your house cluttered with clothes that your children have outgrown. If I get rid of extraneous information or data, it's a lot easier for me to focus on high-value [information]. There's still going to be low-value information to keep, but at least you won't have junk.
How are the jobs of IT storage administrators changing? If they are [only managing] dumb storage, they're not going to take advantage of all the features and functionality that a company like EMC can bring. They're going to be dinosaurs.
Are CIOs or business owners really in charge of data storage and security? For a while, business owners were leaving the CIOs and IT organization behind [by trying to solve] lots of legacy [problems], growing data and tighter budgets. Over the last 18 months, you've seen a lot of CIOs reassert themselves and take more control by acting in a far more coordinated way. [CIOs] are also being more demanding of their vendors and in general being more creative.
Do you agree with EMC CEO Joe Tucci that encryption technology should be available to IT without charge? I agree with Joe, because I think encryption is something that is really commoditized.
How do you respond to complaints that encryption hampers device performance? If you do [encryption] in the chip sets, there won't be a performance issue. In the meantime, we'll do it through a SAN switch, and that's what Cisco is doing [with EMC]. We're actually doing [encryption] development in PowerPath. [RSA] was the provider of the [encryption] technology, and I was skeptical. But I've been impressed by its performance characteristics. It won't be for everybody, but a good healthy amount of customers can use PowerPath file encryption and not take a big performance hit.
What are RSA's plans to serve the consumer market? Might we have more of a consumer brand? Maybe to the extent that EMC develops more of a set of consumer services. We'll certainly be an ingredient for that."
To Continue Reading: Click Here
-----------------------------------------
Source: computerworld.com
Tuesday, October 30, 2007
How cheap storage can hide criminal activities
Hitachi Global Storage Technologies recently stated that advances in technology make it possible for it to predict 4 terabyte drives on desktops by 2011.
That's great if you're storing media files. It's a nightmare, however, if you're a digital forensics investigator, according to Dave Merkel, vice president of products for Mandiant. He's suggesting that to contend with advances in technology online criminal investigators such as himself may have to change the way they collect and analyze data, if only to secure any hope of an eventual prosecution.
"Something that's a continuing challenge in...chasing bad guys and backtracking and what not is just being able to comb through the ridiculous volumes of information that are out there in order to find anything relevant," he said. "Whether you're trying to look at a civil matter or a criminal matter--whatever it might be--everything's got storage and there's the variety of devices that are involved with that as well."
"Look at the amount of information you can put on a little USB token these days, it's ridiculous. I think it's interesting to note the amount of difficulty that that's going to continue to pose for everyone that is involved in this particular science and then thinking a little bit about some of the areas of innovation that are going to be necessary in order to meet some of those challenges," Merkel added.
"There are significant hurdles that need to be crossed and I think too there's going to be a change in mind set in a couple of areas I think to date forensics in particular thinking about it in a criminal context a lot of default behavior has been copy everything, retain everything, get a hold of everything, and a single simple case, just getting all the data stored out of a single house on a simple crime, you would never analyze all of it," he said.
To Continue Reading: Click Here
-----------------------------------------
Source: zdnetasia.com
That's great if you're storing media files. It's a nightmare, however, if you're a digital forensics investigator, according to Dave Merkel, vice president of products for Mandiant. He's suggesting that to contend with advances in technology online criminal investigators such as himself may have to change the way they collect and analyze data, if only to secure any hope of an eventual prosecution.
"Something that's a continuing challenge in...chasing bad guys and backtracking and what not is just being able to comb through the ridiculous volumes of information that are out there in order to find anything relevant," he said. "Whether you're trying to look at a civil matter or a criminal matter--whatever it might be--everything's got storage and there's the variety of devices that are involved with that as well."
"Look at the amount of information you can put on a little USB token these days, it's ridiculous. I think it's interesting to note the amount of difficulty that that's going to continue to pose for everyone that is involved in this particular science and then thinking a little bit about some of the areas of innovation that are going to be necessary in order to meet some of those challenges," Merkel added.
"There are significant hurdles that need to be crossed and I think too there's going to be a change in mind set in a couple of areas I think to date forensics in particular thinking about it in a criminal context a lot of default behavior has been copy everything, retain everything, get a hold of everything, and a single simple case, just getting all the data stored out of a single house on a simple crime, you would never analyze all of it," he said.
To Continue Reading: Click Here
-----------------------------------------
Source: zdnetasia.com
Narrowing company focus can broaden appeal, sales
Anyone who has ever run a small business knows all about challenges. At the start, and often later as well, there's the hurdle of building a customer base, the issue of finding qualified staff and, above all, the continual quest for cash flow.
But small businesses also boast advantages their much larger rivals don't enjoy. Because they are local and often highly specialized, smaller firms can avail themselves of niche markets and beat bigger players to customers in those segments. And because they don't have to promote nationally or regionally, promotion budgets can stretch further, freeing vital resources for other growth opportunities.
But the biggest advantage small brands possess may be the chance to promote to a narrower window of customers by positioning themselves as experts, said Kate Koziol, president of Chicago's K Squared Marketing and Public Relations.
"You can be an expert on animals or South American bird watching or even the Chilean woodpecker," Koziol said. "The more narrow your scope, the more valuable your expertise to your clients. ... If you narrow down to a focused market, you can concentrate on advertising to that market, doing public speaking to that market, pursuing trade or business press opportunities in that market."
"You're able to hone your focus, and deliver a more impactful message. If you try being all things to all people, you wind up being nothing to no one," she said.
To Continue Reading: Click Here
-----------------------------------------
Source: chicagotribune.com
But small businesses also boast advantages their much larger rivals don't enjoy. Because they are local and often highly specialized, smaller firms can avail themselves of niche markets and beat bigger players to customers in those segments. And because they don't have to promote nationally or regionally, promotion budgets can stretch further, freeing vital resources for other growth opportunities.
But the biggest advantage small brands possess may be the chance to promote to a narrower window of customers by positioning themselves as experts, said Kate Koziol, president of Chicago's K Squared Marketing and Public Relations.
"You can be an expert on animals or South American bird watching or even the Chilean woodpecker," Koziol said. "The more narrow your scope, the more valuable your expertise to your clients. ... If you narrow down to a focused market, you can concentrate on advertising to that market, doing public speaking to that market, pursuing trade or business press opportunities in that market."
"You're able to hone your focus, and deliver a more impactful message. If you try being all things to all people, you wind up being nothing to no one," she said.
To Continue Reading: Click Here
-----------------------------------------
Source: chicagotribune.com
Lucid8 Revs Up e-Discovery & Recovery for Microsoft Exchange with New DigiScope 1.1 for Unparalleled Accuracy and Efficiency
DigiScope™ 1.1 Remains the Best, Most Accurate Solution for Locating and Retrieving Mission-Critical Information, but Now It’s More Than Twice as Fast — and Easier Than Ever to Use
Lucid8 LLC, the company that provides products to increase reliability, improve efficiency, and provide e-Discovery and recoverability services for Microsoft® Exchange Server databases, announced today the availability of the new version 1.1 of its highly-successful DigiScope™.
DigiScope is a simple yet powerful tool that provides advanced e-Discovery, Restore, Export and Analysis capabilities. Version 1.1 of the product works on Microsoft Exchange Server 2000, 2003 and 2007 un-mounted exchange stores and PST files, as well as via direct access to production servers for search and export; and it enables easy drag and drop restore operations.
DigiScope’s user interface has been further enhanced to look and work like Microsoft’s Outlook product. This enables users to quickly become productive in DigiScope without learning an entirely new interface. New features include Enterprise-level views of online and offline stores, Attachment Previews, Message Previews, and simple drag-and-drop operations that make this version even easier to use than DigiScope 1.0. The new DigiScope 1.1 also has tighter integration with DigiVault™ 1.65, Lucid8’s continuous data protection product, to allow seamless retrieval of up-to-the-moment data for e-Discovery or Recovery actions.
DigiScope 1.1 adds new functionality that extends its ease of use and utility to an even higher level. Single touch, wizard-driven and drag-and-drop capabilities allow restoration of the data to the original user, to an alternate user, or to a legal hold area. And, when restoring to a mailbox, if a mailbox does not exist for a user, DigiScope handles the mailbox creation and assignment internally—without further intervention from IT personnel. New export features such as support for all versions of Outlook supported PSTs, TNEF compatible MSGs, XML and “Attachment Only” make DigiScope the most flexible tool for e-Discovery and recovery on the market. It also provides for automated zip and encryption storage of exports to deliver added space savings and security. Topping-off its market-leading features, DigiScope’s advanced search capabilities now also work against both on- and off-line stores, and it has been tuned to load, search, and recover at speeds that exceed any other alternative.
To Continue Reading: Click Here
-----------------------------------------
Source: businesswire.com
Lucid8 LLC, the company that provides products to increase reliability, improve efficiency, and provide e-Discovery and recoverability services for Microsoft® Exchange Server databases, announced today the availability of the new version 1.1 of its highly-successful DigiScope™.
DigiScope is a simple yet powerful tool that provides advanced e-Discovery, Restore, Export and Analysis capabilities. Version 1.1 of the product works on Microsoft Exchange Server 2000, 2003 and 2007 un-mounted exchange stores and PST files, as well as via direct access to production servers for search and export; and it enables easy drag and drop restore operations.
DigiScope’s user interface has been further enhanced to look and work like Microsoft’s Outlook product. This enables users to quickly become productive in DigiScope without learning an entirely new interface. New features include Enterprise-level views of online and offline stores, Attachment Previews, Message Previews, and simple drag-and-drop operations that make this version even easier to use than DigiScope 1.0. The new DigiScope 1.1 also has tighter integration with DigiVault™ 1.65, Lucid8’s continuous data protection product, to allow seamless retrieval of up-to-the-moment data for e-Discovery or Recovery actions.
DigiScope 1.1 adds new functionality that extends its ease of use and utility to an even higher level. Single touch, wizard-driven and drag-and-drop capabilities allow restoration of the data to the original user, to an alternate user, or to a legal hold area. And, when restoring to a mailbox, if a mailbox does not exist for a user, DigiScope handles the mailbox creation and assignment internally—without further intervention from IT personnel. New export features such as support for all versions of Outlook supported PSTs, TNEF compatible MSGs, XML and “Attachment Only” make DigiScope the most flexible tool for e-Discovery and recovery on the market. It also provides for automated zip and encryption storage of exports to deliver added space savings and security. Topping-off its market-leading features, DigiScope’s advanced search capabilities now also work against both on- and off-line stores, and it has been tuned to load, search, and recover at speeds that exceed any other alternative.
To Continue Reading: Click Here
-----------------------------------------
Source: businesswire.com
Monday, October 29, 2007
Plug EDD Into Global Investigations
As the Foreign Corrupt Practices Act receives increased attention from both the Department of Justice and the Securities and Exchange Commission, more companies are running afoul of its provisions. Because the FCPA applies to transactions in foreign countries, investigating alleged violations of the statute necessarily involves conducting investigations within the relevant countries. Counsel must consider a range of issues, including electronic data discovery, when conducting such an investigation.
The anti-bribery provisions of the FCPA make it unlawful for U.S. companies, and certain foreign issuers of securities, to make a corrupt payment to a foreign official for the purpose of obtaining or retaining business or directing business to any person.
It also requires companies whose securities are listed in the U.S. to meet its accounting provisions. These accounting provisions, designed to operate in tandem with the anti-bribery provisions, require corporations to make and keep books and records that accurately and fairly reflect the transactions of the corporation and to devise and maintain an adequate system of internal accounting controls.
A recent case illustrates the worldwide scope of potential FCPA violations and the need to investigate and report them promptly. On April 26, a subsidiary of Baker Hughes Services International Inc., (a U.S. oil fields products and services provider) pleaded guilty to violating the FCPA and settled related SEC charges. The company agreed to serve a three-year term of organizational probation and paid $11 million in criminal fines, $10 million in civil penalties, and more than $24 million in disgorgement. The company was charged with bribing officials of state-owned companies in Kazakhstan, and with violating the FCPA books and records provisions in Nigeria, Angola, Indonesia, Russia and Uzbekistan, as well as Kazakhstan. In agreeing to the disposition, Justice cited the company's voluntary disclosure and its extensive and thorough internal investigation of its business practices in its high-risk global operations.
Other recent cases in the last two years show the federal government's commitment to strict enforcement of the FCPA and the wide variety of locations across the globe that may become the focal point of an investigation. Among the companies that have been prosecuted and/or subject to SEC enforcement action:
Schnitzer Steel Industries (China and Korea).
Oil States International Inc. (Venezuela).
American Rice Inc. (officers of the company) (Haiti).
Willbros Group Inc. (officers of the company) (Nigeria and Ecuador).
ITXC Corp. (officers of the company) (various African countries).
Titan Corp. (Benin).
GE inVision Inc. (China, Philippines and Thailand).
ABB Ltd. (Nigeria, Angola, and Kazakhstan).
EDD CONSIDERATIONS
When addressing the EDD considerations in an FCPA investigation, the scope of the investigation can be a challenge, in terms of both management and technology support. The international arena significantly complicates the breadth of electronic data discovery processes.
Normal EDD processes considered routine in a strictly stateside situation can become more difficult when having to deal with data residing on systems and networks within foreign company offices.
Planning is the most critical step in the entire EDD process. For starters, companies should have a well-documented records risk management architecture incorporating processes for managing electronically stored information.
An effective records management process should allow general counsel to quickly identify and notify individuals who potentially possess relevant data and then facilitate an efficient evidence collection plan to build a repository of this data.
In reality, very few global firms have internal records management architectures of this maturity or efficiency. Potential issues of spoliation can become a very real concern unless investigations teams are governed by consistently applied methodologies for handling digital evidence.
To Continue Reading: Click Here
-----------------------------------------
Source: Law.com
By William Purcell & Bernard Boit
The anti-bribery provisions of the FCPA make it unlawful for U.S. companies, and certain foreign issuers of securities, to make a corrupt payment to a foreign official for the purpose of obtaining or retaining business or directing business to any person.
It also requires companies whose securities are listed in the U.S. to meet its accounting provisions. These accounting provisions, designed to operate in tandem with the anti-bribery provisions, require corporations to make and keep books and records that accurately and fairly reflect the transactions of the corporation and to devise and maintain an adequate system of internal accounting controls.
A recent case illustrates the worldwide scope of potential FCPA violations and the need to investigate and report them promptly. On April 26, a subsidiary of Baker Hughes Services International Inc., (a U.S. oil fields products and services provider) pleaded guilty to violating the FCPA and settled related SEC charges. The company agreed to serve a three-year term of organizational probation and paid $11 million in criminal fines, $10 million in civil penalties, and more than $24 million in disgorgement. The company was charged with bribing officials of state-owned companies in Kazakhstan, and with violating the FCPA books and records provisions in Nigeria, Angola, Indonesia, Russia and Uzbekistan, as well as Kazakhstan. In agreeing to the disposition, Justice cited the company's voluntary disclosure and its extensive and thorough internal investigation of its business practices in its high-risk global operations.
Other recent cases in the last two years show the federal government's commitment to strict enforcement of the FCPA and the wide variety of locations across the globe that may become the focal point of an investigation. Among the companies that have been prosecuted and/or subject to SEC enforcement action:
Schnitzer Steel Industries (China and Korea).
Oil States International Inc. (Venezuela).
American Rice Inc. (officers of the company) (Haiti).
Willbros Group Inc. (officers of the company) (Nigeria and Ecuador).
ITXC Corp. (officers of the company) (various African countries).
Titan Corp. (Benin).
GE inVision Inc. (China, Philippines and Thailand).
ABB Ltd. (Nigeria, Angola, and Kazakhstan).
EDD CONSIDERATIONS
When addressing the EDD considerations in an FCPA investigation, the scope of the investigation can be a challenge, in terms of both management and technology support. The international arena significantly complicates the breadth of electronic data discovery processes.
Normal EDD processes considered routine in a strictly stateside situation can become more difficult when having to deal with data residing on systems and networks within foreign company offices.
Planning is the most critical step in the entire EDD process. For starters, companies should have a well-documented records risk management architecture incorporating processes for managing electronically stored information.
An effective records management process should allow general counsel to quickly identify and notify individuals who potentially possess relevant data and then facilitate an efficient evidence collection plan to build a repository of this data.
In reality, very few global firms have internal records management architectures of this maturity or efficiency. Potential issues of spoliation can become a very real concern unless investigations teams are governed by consistently applied methodologies for handling digital evidence.
To Continue Reading: Click Here
-----------------------------------------
Source: Law.com
By William Purcell & Bernard Boit
Friday, October 26, 2007
In-House Counsel Seeking Outside E-Discovery Help
A new study finds that in-house lawyers increasingly seek additional help, especially in electronic discovery
A recent study has found that corporate legal departments are increasingly turning to outside counsel to help them manage growing litigation caseloads and navigate new federal rules pertaining to electronic discovery and litigation management.
A growth in caseloads and more time-intensive early-stage litigation work are key factors driving corporate legal departments to increase their reliance on outside counsel.
A recent Robert Half Legal survey of 150 attorneys from 150 of the largest corporations in the United States and Canada found that nearly half (45 percent) of corporate attorneys polled said their legal departments have done more business with outside law firms in the past 12 months, while only 12 percent said usage levels have decreased. Thirty-nine percent reported no change.
Asked what types of projects outside counsel were likely to be assigned, 66 percent of corporate lawyers polled cited litigation support, which includes activities such as witness interviews, document review, case preparation, and, increasingly, e-discovery. E-discovery is a particularly critical part of litigation support today because new Federal Rules of Civil Procedure have increased the complexity and time associated with litigation on the front end. In fact, the new rules have significantly changed the way companies manage litigation.
Uncertainty about how these new rules will be applied in practice has led many corporate lawyers to seek guidance from outside counsel earlier and more frequently in the litigation process.
Other areas in which companies are relying on outside firms, according to the survey, include compliance and regulatory matters (16 percent); patent issues (13 percent); electronic discovery (9 percent); and mergers and acquisitions (3 percent). Another increasingly common reason for turning to outside counsel, as well as to contract attorneys, is the need for legal professionals with knowledge of other languages, particularly for those who can work on patent and intellectual property issues involving Asian countries. For a large, international firm based in New York, Robert Half Legal recently provided 22 Mandarin-speaking attorneys and paralegals on a project basis to translate documents into English and analyze data in a telecommunications case for the law firm's foreign corporate client.
To Continue Reading: Click Here
---------------------------------------
Source: law.com
A recent study has found that corporate legal departments are increasingly turning to outside counsel to help them manage growing litigation caseloads and navigate new federal rules pertaining to electronic discovery and litigation management.
A growth in caseloads and more time-intensive early-stage litigation work are key factors driving corporate legal departments to increase their reliance on outside counsel.
A recent Robert Half Legal survey of 150 attorneys from 150 of the largest corporations in the United States and Canada found that nearly half (45 percent) of corporate attorneys polled said their legal departments have done more business with outside law firms in the past 12 months, while only 12 percent said usage levels have decreased. Thirty-nine percent reported no change.
Asked what types of projects outside counsel were likely to be assigned, 66 percent of corporate lawyers polled cited litigation support, which includes activities such as witness interviews, document review, case preparation, and, increasingly, e-discovery. E-discovery is a particularly critical part of litigation support today because new Federal Rules of Civil Procedure have increased the complexity and time associated with litigation on the front end. In fact, the new rules have significantly changed the way companies manage litigation.
Uncertainty about how these new rules will be applied in practice has led many corporate lawyers to seek guidance from outside counsel earlier and more frequently in the litigation process.
Other areas in which companies are relying on outside firms, according to the survey, include compliance and regulatory matters (16 percent); patent issues (13 percent); electronic discovery (9 percent); and mergers and acquisitions (3 percent). Another increasingly common reason for turning to outside counsel, as well as to contract attorneys, is the need for legal professionals with knowledge of other languages, particularly for those who can work on patent and intellectual property issues involving Asian countries. For a large, international firm based in New York, Robert Half Legal recently provided 22 Mandarin-speaking attorneys and paralegals on a project basis to translate documents into English and analyze data in a telecommunications case for the law firm's foreign corporate client.
To Continue Reading: Click Here
---------------------------------------
Source: law.com
House Gets Subpoena For Doolittle Probe E-mails
The top administrative officer in the House has been subpoenaed for e-mails related to the ongoing criminal investigation of Rep. John Doolittle (R-Calif.), according to a notification read on the House floor Thursday.
The U.S. District Court for the District of Columbia issued the subpoena to Daniel P. Beard, the chief administrative officer of the House, whose office oversees electronic communications for members of Congress and their staff.
"The subpoena was issued in connection with the Justice Department investigation of Congressman Doolittle and seeks material from e-mail backup tapes maintained by the CAO," according to a notification of the subpoena.
This is the latest development in an ongoing Justice Department investigation of the California Republican. Doolittle and six members of his staff were subpoenaed by the same grand jury last month.
The Justice Department has been investigating the lawmaker and his wife in its ongoing public corruption investigation stemming from a probe of jailed former GOP lobbyist Jack Abramoff. T
he FBI raided the couple's Northern Virginia home earlier this year. Doolittle quickly issued a statement through his lawyer saying the raid was related to an investigation of his wife's fundraising firm, Sierra Dominion FInancial Solutions.
The embattled lawmaker was forced to give up his seat on the powerful House Appropriations Committee in the aftermath of that FBI search.
Doolittle's office directed questions about the most recent subpoena to his lawyer, David G. Barger of Williams Mullen. Barger could not immediately be reached for comment.
To Continue Reading: Click Here
---------------------------------------
Source: cbsnews.com
The U.S. District Court for the District of Columbia issued the subpoena to Daniel P. Beard, the chief administrative officer of the House, whose office oversees electronic communications for members of Congress and their staff.
"The subpoena was issued in connection with the Justice Department investigation of Congressman Doolittle and seeks material from e-mail backup tapes maintained by the CAO," according to a notification of the subpoena.
This is the latest development in an ongoing Justice Department investigation of the California Republican. Doolittle and six members of his staff were subpoenaed by the same grand jury last month.
The Justice Department has been investigating the lawmaker and his wife in its ongoing public corruption investigation stemming from a probe of jailed former GOP lobbyist Jack Abramoff. T
he FBI raided the couple's Northern Virginia home earlier this year. Doolittle quickly issued a statement through his lawyer saying the raid was related to an investigation of his wife's fundraising firm, Sierra Dominion FInancial Solutions.
The embattled lawmaker was forced to give up his seat on the powerful House Appropriations Committee in the aftermath of that FBI search.
Doolittle's office directed questions about the most recent subpoena to his lawyer, David G. Barger of Williams Mullen. Barger could not immediately be reached for comment.
To Continue Reading: Click Here
---------------------------------------
Source: cbsnews.com
House Gets Subpoena For Doolittle Probe E-mails
The top administrative officer in the House has been subpoenaed for e-mails related to the ongoing criminal investigation of Rep. John Doolittle (R-Calif.), according to a notification read on the House floor Thursday.
The U.S. District Court for the District of Columbia issued the subpoena to Daniel P. Beard, the chief administrative officer of the House, whose office oversees electronic communications for members of Congress and their staff.
"The subpoena was issued in connection with the Justice Department investigation of Congressman Doolittle and seeks material from e-mail backup tapes maintained by the CAO," according to a notification of the subpoena.
This is the latest development in an ongoing Justice Department investigation of the California Republican. Doolittle and six members of his staff were subpoenaed by the same grand jury last month.
The Justice Department has been investigating the lawmaker and his wife in its ongoing public corruption investigation stemming from a probe of jailed former GOP lobbyist Jack Abramoff. T
he FBI raided the couple's Northern Virginia home earlier this year. Doolittle quickly issued a statement through his lawyer saying the raid was related to an investigation of his wife's fundraising firm, Sierra Dominion FInancial Solutions.
The embattled lawmaker was forced to give up his seat on the powerful House Appropriations Committee in the aftermath of that FBI search.
Doolittle's office directed questions about the most recent subpoena to his lawyer, David G. Barger of Williams Mullen. Barger could not immediately be reached for comment.
To Continue Reading: Click Here
---------------------------------------
Source: cbsnews.com
The U.S. District Court for the District of Columbia issued the subpoena to Daniel P. Beard, the chief administrative officer of the House, whose office oversees electronic communications for members of Congress and their staff.
"The subpoena was issued in connection with the Justice Department investigation of Congressman Doolittle and seeks material from e-mail backup tapes maintained by the CAO," according to a notification of the subpoena.
This is the latest development in an ongoing Justice Department investigation of the California Republican. Doolittle and six members of his staff were subpoenaed by the same grand jury last month.
The Justice Department has been investigating the lawmaker and his wife in its ongoing public corruption investigation stemming from a probe of jailed former GOP lobbyist Jack Abramoff. T
he FBI raided the couple's Northern Virginia home earlier this year. Doolittle quickly issued a statement through his lawyer saying the raid was related to an investigation of his wife's fundraising firm, Sierra Dominion FInancial Solutions.
The embattled lawmaker was forced to give up his seat on the powerful House Appropriations Committee in the aftermath of that FBI search.
Doolittle's office directed questions about the most recent subpoena to his lawyer, David G. Barger of Williams Mullen. Barger could not immediately be reached for comment.
To Continue Reading: Click Here
---------------------------------------
Source: cbsnews.com
Thursday, October 25, 2007
Encrypt data stored off site, warns Louisiana agency
Unencrypted data from college scholarship inquiries lost from Iron Mountain truck
The loss of unencrypted storage media from an Iron Mountain Inc. vehicle last month renewed calls for IT managers to better protect data stored off site.
The Louisiana Office of Student Financial Assistance (LOFSA) said the unencrypted data lost from the vehicle of its contractor on Sept. 19 included the names, birth dates and Social Security numbers of thousands of state residents.
The state agency, based in Port Allen, La., administers several state scholarship programs as well as the state’s 529 College Savings Plan.
Sue Boutte, assistant executive director and chief operating officer of the agency, this week declined to say whether the unencrypted data was stored on tape or disk drives. However, she conceded, “If you trust your data to a courier, then obviously something like this can happen.”
According to Boutte, the incident occurred while the agency was working on a plan to encrypt all backup data stored off site.
“LOFSA was in the process of developing our disaster and recovery plan, but [the loss] occurred before we could get it in place and establish it as a standard plan,” she said.
In a statement, Boston-based Iron Mountain blamed the loss of the device on “a driver [who] did not follow established company procedures when loading the container onto his vehicle.” The statement also noted that the company “encourages” its customers to encrypt backup data.
In a recent interview, Iron Mountain CEO Richard Reese said his firm is working hard to eliminate human error by its employees. For example, the company announced this summer that it is retrofitting its fleet of trucks with a new self-designed security and tracking system.
To Continue Reading: Click Here
---------------------------------------
Source: computerworld.com
The loss of unencrypted storage media from an Iron Mountain Inc. vehicle last month renewed calls for IT managers to better protect data stored off site.
The Louisiana Office of Student Financial Assistance (LOFSA) said the unencrypted data lost from the vehicle of its contractor on Sept. 19 included the names, birth dates and Social Security numbers of thousands of state residents.
The state agency, based in Port Allen, La., administers several state scholarship programs as well as the state’s 529 College Savings Plan.
Sue Boutte, assistant executive director and chief operating officer of the agency, this week declined to say whether the unencrypted data was stored on tape or disk drives. However, she conceded, “If you trust your data to a courier, then obviously something like this can happen.”
According to Boutte, the incident occurred while the agency was working on a plan to encrypt all backup data stored off site.
“LOFSA was in the process of developing our disaster and recovery plan, but [the loss] occurred before we could get it in place and establish it as a standard plan,” she said.
In a statement, Boston-based Iron Mountain blamed the loss of the device on “a driver [who] did not follow established company procedures when loading the container onto his vehicle.” The statement also noted that the company “encourages” its customers to encrypt backup data.
In a recent interview, Iron Mountain CEO Richard Reese said his firm is working hard to eliminate human error by its employees. For example, the company announced this summer that it is retrofitting its fleet of trucks with a new self-designed security and tracking system.
To Continue Reading: Click Here
---------------------------------------
Source: computerworld.com
Morgan Stanley May Face Wave of Suits After Admitting It Withheld E-Mail Evidence
More trouble looms for nation's second-largest securities firm, which has already agreed to pay $12.5M in regulatory case
Attorneys say they are gearing up to file hundreds of lawsuits against Morgan Stanley for allegedly hiding evidence from clients who filed arbitration claims.
The planned suits follow a settlement last month between Morgan Stanley and the Financial Industry Regulatory Authority in which Morgan Stanley conceded it did not provide e-mails to claimants in arbitration proceedings from October 2001 to March 2005.
The nation's second-largest securities firm falsely claimed it lost the e-mail records when its servers were destroyed in the 2001 terrorist attack in New York City.
A high-profile Palm Beach Circuit fraud case brought by billionaire financier Ronald O. Perelman against Morgan Stanley uncovered the existence of backup e-mail files.
In the regulatory case, Morgan Stanley agreed to pay $12.5 million for the violation, including $9.5 million for a claimants' fund and $3 million in FINRA penalties.
But that won't be the last money the financial services giant will shell out for its indiscretion if plaintiffs attorneys can help it. Investors who claim bad advice from Morgan Stanley caused them to lose hundreds of thousands of dollars couldn't prove their cases in arbitration without incriminating e-mails, attorneys say. They contend settlement payouts of $3,000 to $5,000 per claim doesn't come close to making their clients whole again.
Attorneys intend to file new cases on behalf of claimants for spoliation of evidence and are gunning for punitive damages. Attorneys for investors are banking on a line in a letter of acceptance, waiver and consent (AWC) in the FINRA settlement signed by Morgan Stanley stating it can't take any action "denying directly or indirectly any finding in this AWC or create the impression that the AWC is without factual basis."
Coral Springs, Fla., attorney Darren Blum said all he has to do to prove his upcoming cases is walk into an arbitration panel waving the consent settlement, even though Morgan Stanley neither admitted nor denied the facts set out in it.
"You didn't have a fair shot at a hearing because the documents that would have helped your case that [Morgan Stanley] told you were destroyed in 9/11 were either sitting in a warehouse in Brooklyn that [it] knew about and didn't want to tell you, or 25 percent of those e-mails were written over so they were gone forever," said Blum, of Blum & Silver.
Blum uses the eye-catching Internet address SueMorganStanley.com to direct visitors to his law firm's Web site. He said his firm has already spoken to close to 100 clients and expects to file hundreds of lawsuits by year's end.
Fort Lauderdale securities litigator Jeffrey Sonn of Sonn & Erez estimates he has 50 clients whose cases were hurt and they are exploring lawsuits as an option.
---------------------------------------
Source: law.com
Keep 'Smoking Gun' E-Mails From Backfiring
Recent revisions to the Federal Rules of Civil Procedure have focused on the discovery and production of electronically stored information. As alluring as the promise of discovering a smoking-gun e-mail is, such an e-mail only becomes useful in litigation if it can surmount a series of evidentiary hurdles that all too often receive only scant attention and, in many cases, are overlooked entirely.
The latter was the case in Lorraine v. Markel American Ins. Co.[FOOTNOTE 1] On the night of May 17, 2004, lightning struck Jack Lorraine's yacht, Chessie, as it sat at anchor in Chesapeake Bay. Chessie's hull sustained serious damage, which ultimately led to Lorraine and his insurance company, Markel, contesting the scope of an arbitration agreement into which both had earlier entered.
Appearing before Chief Magistrate Judge Paul W. Grimm in the U.S. District Court for the District of Maryland, both Lorraine and Markel moved for summary judgment, each relying heavily on e-mail exchanges appended to their respective motions. Neither party, however, made any effort to authenticate the e-mails. Nor did they consider, let alone address, any of the hearsay issues raised by these e-mails. The parties also ignored the potential implications of the original writings rule.
This utter disregard for these evidentiary issues led the magistrate judge to dismiss both motions. It also prompted him to issue a 50-page opinion that reads as part cautionary tale and part primer on evidentiary issues related to e-discovery. In addition to providing a general reminder that the rules of evidence apply to electronically stored information (ESI), the decision highlights some areas of the rules of evidence that are particularly important for litigators to keep in mind when dealing with ESI.
The rules of evidence relating to authenticity are among the principal obstacles to admission of an electronic document into evidence. Paper documents, some courts have reasoned, can be examined for signs of physical alteration or forgery. Electronic documents, by contrast, are more easily modified without readily apparent signs of alteration. And while some courts therefore have scrutinized electronic documents more carefully, the requirements under the Federal Rules of Evidence for authentication of electronic and "hard copy" documents are one and the same.
The general authentication provision,
Rule 901(b) sets out a non-exclusive, illustrative list of methods by which evidence can be authenticated. While some methods, like 901(b)(2), which allows for authentication by nonexpert opinion on handwriting, are unlikely to be useful when dealing with ESI, other authentication techniques are particularly well suited to ESI and should be given careful consideration when preparing to authenticate (or oppose the authentication of) an electronic document.
---------------------------------------
Source: law.com
Wednesday, October 24, 2007
Forgot Your Password? Just Crack It
ElcomSoft's patent describes a way for a GPU and CPU to decrease the amount of time required to recover forgotten passwords
ElcomSoft on Monday said that it had filed to patent a way to decrease the amount of time required to recover forgotten passwords, not to mention withheld passwords, by a factor of 25.
The technique utilizes the graphics processing unit (GPU) on a computer in addition to its CPU.
Until recently GPUs were ill-suited for password cracking because they couldn't handle the fixed-point calculations required by most cryptography algorithms, ElcomSoft said. Newer CPUs however can perform fixed-point mathematics and with as much 1.5 Gbytes of on-board memory and as many as 128 processing units, they crunch numbers better than general purpose CPUs.
An eight character Windows Vista logon password, for example, has about 55 trillion possible combinations of upper and lowercase letters and numbers, ElcomSoft said. A current dual-core PC, testing about 10,000 possible passwords a second, would take two months to try every possible combination. The company claims that its new technology could complete such a test in three to five days.
ElcomSoft is something of a legend in security software circles. The Russian firm came into notoriety after Dmitry Sklyarov, a Russian citizen employed by ElcomSoft, was arrested and jailed under U.S. DMCA laws for publishing an eBook format that compromised Adobe's software.
Bruce Schneier, CTO of BT Counterpane and noted security expert, isn't particularly impressed. "They're patenting a trick," he said, noting that a computer forensics company called AccessData Corp. has dozens of such tricks.
Schneider points out that password cracking isn't about encryption. It's about the ease with which passwords can be guessed.
AccessData's tricks include creating a dictionary from every printable character string found on the computer where the password-protected application resides. Its software scans for inside documents, in the Windows Registry, in temporary files, in deleted space, everywhere.
To Continue Reading: Click Here
---------------------------------------
Source: Informationweek
By: Thomas Claburn
ElcomSoft on Monday said that it had filed to patent a way to decrease the amount of time required to recover forgotten passwords, not to mention withheld passwords, by a factor of 25.
The technique utilizes the graphics processing unit (GPU) on a computer in addition to its CPU.
Until recently GPUs were ill-suited for password cracking because they couldn't handle the fixed-point calculations required by most cryptography algorithms, ElcomSoft said. Newer CPUs however can perform fixed-point mathematics and with as much 1.5 Gbytes of on-board memory and as many as 128 processing units, they crunch numbers better than general purpose CPUs.
An eight character Windows Vista logon password, for example, has about 55 trillion possible combinations of upper and lowercase letters and numbers, ElcomSoft said. A current dual-core PC, testing about 10,000 possible passwords a second, would take two months to try every possible combination. The company claims that its new technology could complete such a test in three to five days.
ElcomSoft is something of a legend in security software circles. The Russian firm came into notoriety after Dmitry Sklyarov, a Russian citizen employed by ElcomSoft, was arrested and jailed under U.S. DMCA laws for publishing an eBook format that compromised Adobe's software.
Bruce Schneier, CTO of BT Counterpane and noted security expert, isn't particularly impressed. "They're patenting a trick," he said, noting that a computer forensics company called AccessData Corp. has dozens of such tricks.
Schneider points out that password cracking isn't about encryption. It's about the ease with which passwords can be guessed.
AccessData's tricks include creating a dictionary from every printable character string found on the computer where the password-protected application resides. Its software scans for inside documents, in the Windows Registry, in temporary files, in deleted space, everywhere.
To Continue Reading: Click Here
---------------------------------------
Source: Informationweek
By: Thomas Claburn
Gmail Now Has IMAP Support
Announced at Interop New York, the e-mail feature synchs with Outlook Express, Outlook 2007, Outlook 2003, Apple Mail, Windows Mail, and Thunderbird 2.0.
Gmail users can now use IMAP to synchronize e-mail on their iPhones and desktops.
Matthew Glotzbach, product management director for Google Enterprise, announced the release of IMAP support in Gmail Wednesday at Interop New York. Glotzbach, a keynote speaker, said
Gmail account holders can begin using IMAP immediately.
He held it up as an example of Google's attempts at continuous innovation, saying it's one of many new features Google has added since launching Google Applications in February.
"IMAP isn't new, but bringing it together is," he said.
David Murray, associate product manager for Google, wrote about it in a blog posted Wednesday.
"There are two online petitions I've signed in my life," he said. "One was for a 'Xena: Warrior Princess' movie. The other, which I signed a few months before starting at Google, was for Gmail IMAP... It keeps the same information synched across all devices so that whatever you do in one place shows up everywhere else you might access your e-mail. For example, I can read an e-mail in Gmail, then move it to the 'Starred' folder on my iPhone, then archive it by moving it to 'All Mail' in Thunderbird, then see all of those changes on my BlackBerry."
Google has placed a video demonstration on YouTube. Users must change their settings to enable IMAP in their Gmail accounts and configure their mail client or wireless device to download Gmail messages. Google provides instructions on how to do that.
Once the configuration settings are changed, everything users do through e-mail on their iPhones and desktops will be immediately visible on the other device because the changes have been stored on a server. The feature works for several e-mail applications, including Outlook Express, Outlook 2007, Outlook 2003, Apple Mail, Windows Mail, and Thunderbird 2.0.
To Continue Reading: Click Here
---------------------------------------
Source: Informationweek
By: K.C. Jones
Gmail users can now use IMAP to synchronize e-mail on their iPhones and desktops.
Matthew Glotzbach, product management director for Google Enterprise, announced the release of IMAP support in Gmail Wednesday at Interop New York. Glotzbach, a keynote speaker, said
Gmail account holders can begin using IMAP immediately.
He held it up as an example of Google's attempts at continuous innovation, saying it's one of many new features Google has added since launching Google Applications in February.
"IMAP isn't new, but bringing it together is," he said.
David Murray, associate product manager for Google, wrote about it in a blog posted Wednesday.
"There are two online petitions I've signed in my life," he said. "One was for a 'Xena: Warrior Princess' movie. The other, which I signed a few months before starting at Google, was for Gmail IMAP... It keeps the same information synched across all devices so that whatever you do in one place shows up everywhere else you might access your e-mail. For example, I can read an e-mail in Gmail, then move it to the 'Starred' folder on my iPhone, then archive it by moving it to 'All Mail' in Thunderbird, then see all of those changes on my BlackBerry."
Google has placed a video demonstration on YouTube. Users must change their settings to enable IMAP in their Gmail accounts and configure their mail client or wireless device to download Gmail messages. Google provides instructions on how to do that.
Once the configuration settings are changed, everything users do through e-mail on their iPhones and desktops will be immediately visible on the other device because the changes have been stored on a server. The feature works for several e-mail applications, including Outlook Express, Outlook 2007, Outlook 2003, Apple Mail, Windows Mail, and Thunderbird 2.0.
To Continue Reading: Click Here
---------------------------------------
Source: Informationweek
By: K.C. Jones
Can Your Computer Keep a Secret?
Nearly all computers have at least some sensitive data stored on their hard disk, and many have made securing this data a top priority. To help organizations in their quest to understand and find appropriate solutions for safeguarding data at rest, we have written a series of articles on this important subject. The first of these articles, called “Hard Drive Passwords Easily Defeated –the truth about data protection,” focused on the strengths and weaknesses of computer access control. That initial article addressed the lock on the front door so to speak, including the BIOS, the operating system, and hard disk access control systems which require users to authenticate themselves before gaining access to the system or hard disk.
In the second installment of this series, we will be focusing on the next layer of protection – the actual encryption of the data on the disk drive(s). To be more precise, this article covers software based encryption. Our next article, part III, will cover hardware based encryption solutions.
Importance of encryption
While access control mechanisms like the authentication screens presented by the operating system, BIOS or hard disk access control systems do offer basic protection, in most cases they are relatively easy to defeat. For example, all one needs to do is remove a disk drive and mount it in a system where the ID and password is known in order to defeat BIOS or operating system protection and gain access to data on the hard disk.
Encryption on the other hand, if implemented correctly, provides a great deal of protection. Since the actual data is encrypted, an attacker gains nothing by mounting a disk drive in another system because he will still be unable to read any of the actual data. So even if other access controls fail or are broken, the data on the hard disk remains protected.
Another compelling reason to encrypt data is to protect it when the storage device where it resides is no longer of use. When PCs and servers are eventually disposed of or repurposed for reuse, data that has been encrypted is protected and the expense of overwriting the data or physically destroying the device can be mitigated.
Finally and perhaps most important for many organizations, there are numerous laws and regulations that require sensitive data to be encrypted. The consequences of being out of compliance can be life threatening to an organization. The damage done by the theft of just one laptop or disk with sensitive data can easily be millions of dollars.
Overview of software based encryption solutions
Software encryption, the focus of this article, falls into two basic categories, device-oriented systems and file-oriented systems. Each has their advantages and disadvantages.
Device oriented systems are tied to a specific device like a disk drive or a USB drive. The encryption process is typically within the device driver. Once the user has proven their identity any and all data written to the device is automatically and transparently encrypted, and any data read from the device is automatically and transparently decrypted. Unless the user can provide a correct ID and password, the decryption will not function and the data remains encrypted and unintelligible. However, because the encryption is dependent on the device itself, data copied off of the device and stored on some other medium or system is not protected unless the target device or some other process re-encrypts the data.
Device oriented full disk encryption (FDE) products have been available in software since the early 90s. Recently, other types of device-oriented encryption products have begun to emerge.
They are similar to hard disk encryption systems, but these new generation of device encryption products encrypt data on USB drives, CDs, DVDs, and other medium.
File-oriented encryption systems, on the other hand, operate at the application layer. One or more applications encrypt individual files within the applications themselves. When the file is saved on the hard disk or any other medium, it has already been encrypted. Because the encryption occurs in the application, it is not dependant on a device and therefore remains protected wherever it goes. A file encrypted in this manner can be stored anywhere, or sent across a network and remain secure.
File-oriented encryption systems take many forms. They can be manually invoked utilities that encrypt specifically selected files, or they can be tightly integrated within other applications. For example, they may execute as plug-ins within Microsoft® Office, and can be configured to automatically encrypt any files that contain specific words like “confidential” or have data that looks like credit card numbers, social security numbers, etc. As another option, they can encrypt any file being saved in a specific folder which has been specifically designated for secure files.
Because of this latter feature, file oriented encryption systems are sometimes referred to as encrypted file and folder systems.
To Continue Reading: Click Here
-------------------------------------------
Source: Computer Technology Review
By: Bill Bosen
In the second installment of this series, we will be focusing on the next layer of protection – the actual encryption of the data on the disk drive(s). To be more precise, this article covers software based encryption. Our next article, part III, will cover hardware based encryption solutions.
Importance of encryption
While access control mechanisms like the authentication screens presented by the operating system, BIOS or hard disk access control systems do offer basic protection, in most cases they are relatively easy to defeat. For example, all one needs to do is remove a disk drive and mount it in a system where the ID and password is known in order to defeat BIOS or operating system protection and gain access to data on the hard disk.
Encryption on the other hand, if implemented correctly, provides a great deal of protection. Since the actual data is encrypted, an attacker gains nothing by mounting a disk drive in another system because he will still be unable to read any of the actual data. So even if other access controls fail or are broken, the data on the hard disk remains protected.
Another compelling reason to encrypt data is to protect it when the storage device where it resides is no longer of use. When PCs and servers are eventually disposed of or repurposed for reuse, data that has been encrypted is protected and the expense of overwriting the data or physically destroying the device can be mitigated.
Finally and perhaps most important for many organizations, there are numerous laws and regulations that require sensitive data to be encrypted. The consequences of being out of compliance can be life threatening to an organization. The damage done by the theft of just one laptop or disk with sensitive data can easily be millions of dollars.
Overview of software based encryption solutions
Software encryption, the focus of this article, falls into two basic categories, device-oriented systems and file-oriented systems. Each has their advantages and disadvantages.
Device oriented systems are tied to a specific device like a disk drive or a USB drive. The encryption process is typically within the device driver. Once the user has proven their identity any and all data written to the device is automatically and transparently encrypted, and any data read from the device is automatically and transparently decrypted. Unless the user can provide a correct ID and password, the decryption will not function and the data remains encrypted and unintelligible. However, because the encryption is dependent on the device itself, data copied off of the device and stored on some other medium or system is not protected unless the target device or some other process re-encrypts the data.
Device oriented full disk encryption (FDE) products have been available in software since the early 90s. Recently, other types of device-oriented encryption products have begun to emerge.
They are similar to hard disk encryption systems, but these new generation of device encryption products encrypt data on USB drives, CDs, DVDs, and other medium.
File-oriented encryption systems, on the other hand, operate at the application layer. One or more applications encrypt individual files within the applications themselves. When the file is saved on the hard disk or any other medium, it has already been encrypted. Because the encryption occurs in the application, it is not dependant on a device and therefore remains protected wherever it goes. A file encrypted in this manner can be stored anywhere, or sent across a network and remain secure.
File-oriented encryption systems take many forms. They can be manually invoked utilities that encrypt specifically selected files, or they can be tightly integrated within other applications. For example, they may execute as plug-ins within Microsoft® Office, and can be configured to automatically encrypt any files that contain specific words like “confidential” or have data that looks like credit card numbers, social security numbers, etc. As another option, they can encrypt any file being saved in a specific folder which has been specifically designated for secure files.
Because of this latter feature, file oriented encryption systems are sometimes referred to as encrypted file and folder systems.
To Continue Reading: Click Here
-------------------------------------------
Source: Computer Technology Review
By: Bill Bosen
EDD Demands Set Global Trap
Intellectual property litigators are, by their very nature, interdisciplinary creatures who weave together different strands of the law to effectively advocate for their clients. Lately, however, the fabric of successful litigation has gotten a little more frayed by the pulls of globalization, e-discovery and data protection.
On Aug. 24, the U.S. District Court for the Central District of California affirmed a critical May 29 discovery decision by the magistrate judge in Columbia Pictures Industries v. Bunnell. While this decision has received much attention in e-discovery circles, the court's ruling on random access memory has overshadowed a larger lesson about international e-discovery and the impossible decision that may face IP litigators: to choose between potentially violating the law of a foreign country and risking discovery sanctions at home.
This dilemma has been around for decades, but the Bunnell decision highlights how e-discovery and IP litigation have together driven up the risk of being trapped between competing demands.
COLUMBIA PICTURES STORY
On Feb. 23, 2006, Columbia Pictures and several other movie producers filed a copyright infringement action alleging online piracy of their movies through the defendants' TorrentSpy Web site. On May 15, 2006, the plaintiffs sought discovery of the defendants' server log data, including the Internet protocol addresses of users and information on downloads. During an evidentiary hearing, at least one defendant conceded that without these materials, a case could not be brought "because such logs are 'essential' to finding direct infringement."
Magistrate Judge Jacqueline Chooljian held that the server log data, stored temporarily in RAM, were "extremely relevant" evidence and that the defendants failed to show that the data were not reasonably accessible due to undue cost or other burden.
The defendants had objected to preserving and producing the Internet protocol addresses in part because that would violate the law of the Netherlands, where their servers were located -- in particular, the Netherlands' Personal Data Protection Act. But Chooljian ruled that the defendants still had to preserve and produce the data.
Their argument was undercut by the fact that, due to recent operational changes, the data for U.S. users were apparently on U.S. servers. However, even if the data were overseas, Chooljian concluded that "it was not clear that the Netherlands' Personal Data Protection Act applies."
Finally, Chooljian found that even if the Dutch law did prohibit disclosure of the information, it did not deprive the court of its power to order production and preservation of the data.
The district court affirmed this ruling, finding that (1) the defendants had not met their burden to show the Dutch law applied and (2) even the law did apply, "it is well settled that [foreign] statutes do not deprive an American court of the power to order a party subject to its jurisdiction to produce evidence even though the act of production may violate that statute."
Finally, the defendants raised several other defenses involving the Stored Communications Act, the Wiretap Act, the Pen Register Statute and the First Amendment, all of which the court found unpersuasive or negated by the fact that the Internet protocol addresses would be masked in the logs provided to the plaintiffs.
To Continue Reading: Click Here
-----------------------------------------
Source Law.com
By David J. Kessler
On Aug. 24, the U.S. District Court for the Central District of California affirmed a critical May 29 discovery decision by the magistrate judge in Columbia Pictures Industries v. Bunnell. While this decision has received much attention in e-discovery circles, the court's ruling on random access memory has overshadowed a larger lesson about international e-discovery and the impossible decision that may face IP litigators: to choose between potentially violating the law of a foreign country and risking discovery sanctions at home.
This dilemma has been around for decades, but the Bunnell decision highlights how e-discovery and IP litigation have together driven up the risk of being trapped between competing demands.
COLUMBIA PICTURES STORY
On Feb. 23, 2006, Columbia Pictures and several other movie producers filed a copyright infringement action alleging online piracy of their movies through the defendants' TorrentSpy Web site. On May 15, 2006, the plaintiffs sought discovery of the defendants' server log data, including the Internet protocol addresses of users and information on downloads. During an evidentiary hearing, at least one defendant conceded that without these materials, a case could not be brought "because such logs are 'essential' to finding direct infringement."
Magistrate Judge Jacqueline Chooljian held that the server log data, stored temporarily in RAM, were "extremely relevant" evidence and that the defendants failed to show that the data were not reasonably accessible due to undue cost or other burden.
The defendants had objected to preserving and producing the Internet protocol addresses in part because that would violate the law of the Netherlands, where their servers were located -- in particular, the Netherlands' Personal Data Protection Act. But Chooljian ruled that the defendants still had to preserve and produce the data.
Their argument was undercut by the fact that, due to recent operational changes, the data for U.S. users were apparently on U.S. servers. However, even if the data were overseas, Chooljian concluded that "it was not clear that the Netherlands' Personal Data Protection Act applies."
Finally, Chooljian found that even if the Dutch law did prohibit disclosure of the information, it did not deprive the court of its power to order production and preservation of the data.
The district court affirmed this ruling, finding that (1) the defendants had not met their burden to show the Dutch law applied and (2) even the law did apply, "it is well settled that [foreign] statutes do not deprive an American court of the power to order a party subject to its jurisdiction to produce evidence even though the act of production may violate that statute."
Finally, the defendants raised several other defenses involving the Stored Communications Act, the Wiretap Act, the Pen Register Statute and the First Amendment, all of which the court found unpersuasive or negated by the fact that the Internet protocol addresses would be masked in the logs provided to the plaintiffs.
To Continue Reading: Click Here
-----------------------------------------
Source Law.com
By David J. Kessler
E-mails as Court Evidence: Be ready to Produce & Afford
United States Federal Courts are reluctant to accept high-computer-forensic costs as a reason to waive production of electronic data. When electronic data like corporate e-mails cannot be easily produced, computer forensic experts are required. Services rendered by computer forensic experts are pricey but it seems this is not a wining argument for a favorable burden/expense analysis under the new standard for Fed. R. Civ. P. 26(b)(2)(C)(iii).
Fed. R. Civ. P. 26(b)(2)(C) (iii) has a revised interpretation standard that becomes effective on December 1st, 2007. Under the new standard, a five-step analysis is required to determine the frequency and limits of discovery, including electronic discovery. The new standard of Fed. R. Civ. P. 26(b)(2)(C) (iii) says: "the burden or expense of the proposed discovery outweighs its likely benefit, considering the needs of the case, the amount in controversy, the parties' resources, the importance of the issues at stake in the action, and the importance of the discovery in resolving the issues." H.R. Doc. No. 110-27 at 139.
In a recent Federal Court case, the court applied this new standard to decide whether a computer forensic examination to recover some lost e-mails created undue burden on the litigant parties. In Peskoff v. Faber, 2007 U.S. Dist. LEXIS 62595, or, 2007 WL 2416119 (D.D.C. Aug. 27, 2007), the US District Court for the District of Columbia ordered the parties to solicit bids from computer forensic companies, that were to recover lost e-mails deemed to be decisive evidence in resolving the issues at stage.
The court ordered Faber, defendant/employer, to produce the company's e-mail where the name of Peskoff, plaintiff/employee, appeared. Faber produced 'some" e-mails that appeared in their company's computers but other e-mails from 2001-2003 were missing. According to the company's policy, items in the ‘trash' and ‘deleted' inbox were automatically deleted after 180
days. Thus, employees were told to open files and store there those e-mails to be saved.
Pestkoff stored some e-mails in those files but Faber claimed those files were empty after an ‘investigation' conducted by its company. Faber failed to provide details as to how its company's ‘investigation' was conducted. Thus, the court deemed necessary to know the content of those missing e-mails and after applying the new standard, the court held that parties were to provide bids from forensic companies able to recover these e-mails from the computers' hard drive.
Work related e-mails have become critical court evidence. Obtaining them may not be a simple task when time and volume of e-mails are at issue. Nonetheless, US Courts are not hesitant to order production of e-mails through computer forensic services. Usually, courts order that the costs be borne by the parties equally. Analog Devices, Inc. v. Michalski, 2006 NCBC 14 is another example of this. In Analog Devices, a trade secret case, the court granted plaintiff's motion to compel production of e-mails from the defendant's (employer) computers, and ordered that the costs be borne by the parties in equal parts.
To Continue Reading: Click Here
----------------------------------------
Source: IBLS
By Martha Arias
Tuesday, October 23, 2007
EDRM Announces XML Standard for E-Discovery Industry
Developed by E-Discovery Industry Leaders, New Standard to Improve Interoperability and Data Transfer Throughout Discovery Process
The Electronic Discovery Reference Model (“EDRM”), an industry group created to develop and establish practical guidelines and standards for electronic discovery, today announced that it has developed an Extensible Markup Language (XML) standard for the easy transfer of electronically stored information (ESI) to and from applications involved in different phases of the discovery process. The new XML standard will help all e-discovery practitioners -- whether vendors, consultants, law firms, in-house counsel or corporate IT departments -- reduce the cost, time and manual work associated with e-discovery.
“In any discovery project, no matter the type of company or legal matter involved, data is stored, collected, reviewed and produced across multiple systems in a very costly and complex process,” said George Socha, co-founder of EDRM and president of Socha Consulting LLC. “The XML standard addresses a major pain point within e-discovery -- moving and formatting the different types of data across all of these disparate systems -- and is an important step towards streamlining the process.”
The XML standard was developed by the XML Project, an EDRM working group consisting of technologists and lawyers from the leading e-discovery vendors, service providers, law firms and corporate end-users. The standard consists of an XML Schema Definition (XSD) that will allow all parties to consistently describe documents, email, attachments and standalone files, as well as the underlying metadata for all of those objects as they move through the e-discovery process. The XML Project has created a validation tool to quickly and efficiently validate that files conform to the XML standard prior to importing the data. Additionally, the XML Project has developed an XML compliance process to help all parties determine whether products conform to the standard and interoperate properly.
In total, the new XML standard provides a number of benefits to users involved in all stages of the e-discovery process, including:
Labor and cost reduction: IT departments, legal teams and service providers no longer have to spend valuable time and resources converting and transferring ESI from system to system
Reduction in errors: Not only can organizations focus on proficiency in a single standard schema as opposed to an infinite number of disparate formats, but the validation tool detects non-conforming load files earlier in the process
Faster e-discovery process: Data can be transferred from system to system more quickly, ultimately leading to a faster overall process
Scalability: The ability to adapt to future technological advances as well as new metadata constructs
To Continue Reading: Click Here
----------------------------------------
Source: Business Wire
The Electronic Discovery Reference Model (“EDRM”), an industry group created to develop and establish practical guidelines and standards for electronic discovery, today announced that it has developed an Extensible Markup Language (XML) standard for the easy transfer of electronically stored information (ESI) to and from applications involved in different phases of the discovery process. The new XML standard will help all e-discovery practitioners -- whether vendors, consultants, law firms, in-house counsel or corporate IT departments -- reduce the cost, time and manual work associated with e-discovery.
“In any discovery project, no matter the type of company or legal matter involved, data is stored, collected, reviewed and produced across multiple systems in a very costly and complex process,” said George Socha, co-founder of EDRM and president of Socha Consulting LLC. “The XML standard addresses a major pain point within e-discovery -- moving and formatting the different types of data across all of these disparate systems -- and is an important step towards streamlining the process.”
The XML standard was developed by the XML Project, an EDRM working group consisting of technologists and lawyers from the leading e-discovery vendors, service providers, law firms and corporate end-users. The standard consists of an XML Schema Definition (XSD) that will allow all parties to consistently describe documents, email, attachments and standalone files, as well as the underlying metadata for all of those objects as they move through the e-discovery process. The XML Project has created a validation tool to quickly and efficiently validate that files conform to the XML standard prior to importing the data. Additionally, the XML Project has developed an XML compliance process to help all parties determine whether products conform to the standard and interoperate properly.
In total, the new XML standard provides a number of benefits to users involved in all stages of the e-discovery process, including:
Labor and cost reduction: IT departments, legal teams and service providers no longer have to spend valuable time and resources converting and transferring ESI from system to system
Reduction in errors: Not only can organizations focus on proficiency in a single standard schema as opposed to an infinite number of disparate formats, but the validation tool detects non-conforming load files earlier in the process
Faster e-discovery process: Data can be transferred from system to system more quickly, ultimately leading to a faster overall process
Scalability: The ability to adapt to future technological advances as well as new metadata constructs
To Continue Reading: Click Here
----------------------------------------
Source: Business Wire
Examining E-Discovery Chain of Custody
Exploring the issues surrounding chain of custody for electronic evidence may sound like a great cure for insomnia -- the prospect of filling out endless log forms is enough to put anyone to sleep. But a string of recent judicial sanctions over chain of custody for electronic evidence has made the dry issue a hot topic -- one that can make or break your case.
Though a simple concept, chain of custody can be challenging to uphold for electronic data. Potential electronic evidence must be accounted for from the moment of discovery until admittance at trial to prove its authenticity. Documenting the chain of custody of potential, relevant evidence to disprove tampering or alteration is critical to admissibility at trial.
"Preservation of the chain of custody for electronic evidence [...] is key to the integrity of virtually every subsequent step [leading to trial]," electronic evidence and computer forensics expert Craig Ball says. "In some instances, it's the sole leg on which the integrity of the case stands or falls."
E-EVIDENCE -- FROM THE CONCRETE TO THE ABSTRACT
Before the era of electronic data, chain of custody log forms were filled out to track potential tangible evidence. The forms recorded who handled the evidence and its path during the investigation, until the end of trial. Mostly, chain of custody was relevant to criminal cases.
In a properly handled criminal investigation, all tangible items, such as a murder weapon or blood-soaked clothing, were carefully gathered, identified, bagged, tagged, tested and kept safe in an evidence room until trial. Chain of custody paperwork (usually a handwritten log) was updated every time the item changed hands, from initial collection to trial, and those log forms were usually stored with evidentiary objects to prove authenticity and absence of tampering.
Fast forward to the present, where electronic discovery has added a whole new level of complexity to the rather straightforward chain of custody concept. Physical object tracking still remains intact for criminal cases, but chain of custody isn't just an issue for criminal cases any more. In modern litigation practice, electronically stored information now figures into many different types of cases -- both criminal and civil.
Tom O'Connor, a litigation support consultant and director of the Legal Electronic Document Institute in Seattle, says that the No. 1 request for e-discovery that he's seeing in Washington state is for divorce cases, not criminal ones. Investigators confiscate and search laptops and home computers for proof of adulterous affairs, hidden financial assets and the like -- a far cry from the notorious bloody glove in the O.J. case.
When evidence is in electronic form, chain of custody suddenly becomes two-dimensional -- both tangible and intangible objects need to be tracked and preserved. Brett Burney, e-discovery consultant and president of Burney Consultants, notes that "when applying chain of custody to digital evidence, there are physical, tangible items such as the laptops, PCs, hard drives, CDs, backup tapes, digital cameras, thumb drives, etc., which need to be tracked. However, you must also track handling of the intangible data such as documents, e-mails and the all-important metadata, which captures details such as when files and messages were created, last updated and deleted."
The biggest violation that Burney sees in electronic discovery chain of custody is right at the beginning, when law enforcement, IT people or attorneys turn on computers which have been identified as potential sources of electronic evidence. Powering up computers destroys or overwrites valuable clues and changes metadata, which can lead to charges of spoliation and possible inadmissibility of the digital evidence.
Initially, Burney recommends not touching the computers, even if lawyers or the client are pressuring you to do so. When you decide it's OK to turn them on, document everything that you do -- which files you opened, every action and search you performed, and the time and date of every step. Burney says that while his copious notes are not necessarily admissible evidence, if he is called to the stand to testify about his actions, he can refer to his writings to document exactly what was done to the digital files. This type of due diligence preserves a defensible chain of custody for electronic evidence.
MAKING A FORENSICALLY SOUND COPY OF ELECTRONIC EVIDENCE
In the case of a murder weapon, it's crucial to prove where and when the item was discovered, what fingerprints, hair and residue were detected, and to link it to the crime scene and defendant. For electronic evidence, actual analysis is virtually never performed on the actual hardware (laptop, PC, etc.). Instead, the electronic evidence is "copied" from the original data source and all analyzing is done using that replica.
To Continue Reading: Click Here
-----------------------------------------
Source: law.com
Though a simple concept, chain of custody can be challenging to uphold for electronic data. Potential electronic evidence must be accounted for from the moment of discovery until admittance at trial to prove its authenticity. Documenting the chain of custody of potential, relevant evidence to disprove tampering or alteration is critical to admissibility at trial.
"Preservation of the chain of custody for electronic evidence [...] is key to the integrity of virtually every subsequent step [leading to trial]," electronic evidence and computer forensics expert Craig Ball says. "In some instances, it's the sole leg on which the integrity of the case stands or falls."
E-EVIDENCE -- FROM THE CONCRETE TO THE ABSTRACT
Before the era of electronic data, chain of custody log forms were filled out to track potential tangible evidence. The forms recorded who handled the evidence and its path during the investigation, until the end of trial. Mostly, chain of custody was relevant to criminal cases.
In a properly handled criminal investigation, all tangible items, such as a murder weapon or blood-soaked clothing, were carefully gathered, identified, bagged, tagged, tested and kept safe in an evidence room until trial. Chain of custody paperwork (usually a handwritten log) was updated every time the item changed hands, from initial collection to trial, and those log forms were usually stored with evidentiary objects to prove authenticity and absence of tampering.
Fast forward to the present, where electronic discovery has added a whole new level of complexity to the rather straightforward chain of custody concept. Physical object tracking still remains intact for criminal cases, but chain of custody isn't just an issue for criminal cases any more. In modern litigation practice, electronically stored information now figures into many different types of cases -- both criminal and civil.
Tom O'Connor, a litigation support consultant and director of the Legal Electronic Document Institute in Seattle, says that the No. 1 request for e-discovery that he's seeing in Washington state is for divorce cases, not criminal ones. Investigators confiscate and search laptops and home computers for proof of adulterous affairs, hidden financial assets and the like -- a far cry from the notorious bloody glove in the O.J. case.
When evidence is in electronic form, chain of custody suddenly becomes two-dimensional -- both tangible and intangible objects need to be tracked and preserved. Brett Burney, e-discovery consultant and president of Burney Consultants, notes that "when applying chain of custody to digital evidence, there are physical, tangible items such as the laptops, PCs, hard drives, CDs, backup tapes, digital cameras, thumb drives, etc., which need to be tracked. However, you must also track handling of the intangible data such as documents, e-mails and the all-important metadata, which captures details such as when files and messages were created, last updated and deleted."
The biggest violation that Burney sees in electronic discovery chain of custody is right at the beginning, when law enforcement, IT people or attorneys turn on computers which have been identified as potential sources of electronic evidence. Powering up computers destroys or overwrites valuable clues and changes metadata, which can lead to charges of spoliation and possible inadmissibility of the digital evidence.
Initially, Burney recommends not touching the computers, even if lawyers or the client are pressuring you to do so. When you decide it's OK to turn them on, document everything that you do -- which files you opened, every action and search you performed, and the time and date of every step. Burney says that while his copious notes are not necessarily admissible evidence, if he is called to the stand to testify about his actions, he can refer to his writings to document exactly what was done to the digital files. This type of due diligence preserves a defensible chain of custody for electronic evidence.
MAKING A FORENSICALLY SOUND COPY OF ELECTRONIC EVIDENCE
In the case of a murder weapon, it's crucial to prove where and when the item was discovered, what fingerprints, hair and residue were detected, and to link it to the crime scene and defendant. For electronic evidence, actual analysis is virtually never performed on the actual hardware (laptop, PC, etc.). Instead, the electronic evidence is "copied" from the original data source and all analyzing is done using that replica.
To Continue Reading: Click Here
-----------------------------------------
Source: law.com
Monday, October 22, 2007
Socha, Gelbmann Admit Even EDD Experts Make Mistakes
George Socha and Thomas Gelbmann have issued the following advisory about the corrections to the 2007 Socha/Gelbmann EDD Survey:
Each year, in compiling the results of our survey, we take great care to double check our work, both before and after publication. This year, we discovered two errors in the course of a follow-up review after the initial publication: a series of interlinked PivotTables weren't properly refreshed, and we hadn't incorporated completed data from three providers. We have corrected those errors and as a result are issuing revised software and services provider rankings. The revised overview information is at www.sochaconsulting.com/2007survey.htm and the details are at www.sochaconsulting.com/2007surveyresults.php.
OUR METHODOLOGY
This year we started with data from about 115 provider and consumer organizations. For each organization, we created a spreadsheet file containing between 35 and 38 worksheets, each worksheet representing a top-level category information, such as Capacity, Experience/Reputation, Revenue, etc.
From these spreadsheets, we created 93 consolidated spreadsheets. These files are organized by topic, such as software usage, electronic discovery work volume, geographic coverage, project sizes and the like. We use these spreadsheets for the hundreds of analyses we perform to examine areas such as the differing views held by consumers and providers.
To perform the analyses, we use a variety of Excel tools such as filters (ways of working with subsets of data); analytic functions such as IF, vlookup, average, max and countif; and Pivot Tables reports (interactive reports that combine and compare large amounts of data).
To Continue Reading: Click Here
-----------------------------------------
Source: law.com
Each year, in compiling the results of our survey, we take great care to double check our work, both before and after publication. This year, we discovered two errors in the course of a follow-up review after the initial publication: a series of interlinked PivotTables weren't properly refreshed, and we hadn't incorporated completed data from three providers. We have corrected those errors and as a result are issuing revised software and services provider rankings. The revised overview information is at www.sochaconsulting.com/2007survey.htm and the details are at www.sochaconsulting.com/2007surveyresults.php.
OUR METHODOLOGY
This year we started with data from about 115 provider and consumer organizations. For each organization, we created a spreadsheet file containing between 35 and 38 worksheets, each worksheet representing a top-level category information, such as Capacity, Experience/Reputation, Revenue, etc.
From these spreadsheets, we created 93 consolidated spreadsheets. These files are organized by topic, such as software usage, electronic discovery work volume, geographic coverage, project sizes and the like. We use these spreadsheets for the hundreds of analyses we perform to examine areas such as the differing views held by consumers and providers.
To perform the analyses, we use a variety of Excel tools such as filters (ways of working with subsets of data); analytic functions such as IF, vlookup, average, max and countif; and Pivot Tables reports (interactive reports that combine and compare large amounts of data).
To Continue Reading: Click Here
-----------------------------------------
Source: law.com
Subscribe to:
Posts (Atom)
