It's easy to feel overwhelmed by the daunting complexity of electronic discovery. There's so much to do in an arena where lawyers feel distinctly disadvantaged. We know we've got to hit the ground running, but so often we're paralyzed instead of galvanized. If only lawyers knew what to do first, certain of making the right choice.
Take heart. There is a reliably correct first step, and it's the identification of sources of electronic evidence. Do it well, and much of the fog hiding the hazards of e-discovery lifts. Pitfalls remain, but you're less likely to stumble into them.
Identification of electronically stored information (ESI) involves more than just a head count of machines, backup tapes, custodians, network storage areas and thumb drives. Certainly, it's important to have a current inventory, but identification of potentially responsive sources of ESI goes deeper. You've got to know what you've got, who's got it, how much they have, where it is, and when it's going away.
Identification anticipates obligations imposed by the Federal Rules of Civil Procedure, such as Rule 26(a)(1)(B)'s requirement that litigants describe and supply the location of ESI going to claims or defenses and Rule 26(f)'s dictate that litigants discuss the forms of ESI. Then there's the duty to identify ESI claimed not reasonably accessible pursuant to Rule 26(b)(2)(B) or as privileged under Rule 26(b)(5)(A). Both must be identified with sufficient particularity to enable your opponent to gauge the merits of the objection.
If you can't properly identify the sources of ESI, you may be compelled to overproduce at enormous cost or run the risk of sanctions for failure to do so. That's not a Catch-22. It's an avoidable consequence of failing to do what the law requires.
Jump-start the identification process by obtaining IT asset inventories and system diagrams. Most medium-size to large businesses track the acquisition, deployment and disposal of computer systems. These assets tend to be depreciated for tax purposes, so the bean counters have to know when they come and go. Follow the money trail.
Similarly, IT departments often track deployment of systems and software for warranty, support and licensure, and they certainly track intranet connections and user privileges, if only to know where the wires from the patch panel lead! Check to see if the IT staff has a network map laying out the relationship between servers, users, business units and backup systems. Even an out-of-date network diagram is a leg up. Now, you're on the hardware and software trail.
To Continue Reading: Click Here
---------------------------------------
Source: law.com
Friday, November 30, 2007
A Partnership Born of Necessity
It cannot be emphasized enough that in-house and outside litigation counsel need to work well together if they are to address a given matter effectively and efficiently. When problems develop in that relationship, as in any other, the fault often lies in a failure to communicate properly. A cooperative and productive relationship between in-house and outside litigation counsel can easily be marred when lines of communication are shut down, even inadvertently.
Our experiences as outside counsel in litigation and arbitration matters and as in-house litigation counsel, as well as our tenure as the co-chairs of the Corporate Litigation Counsel Committee of the Commercial and Federal Litigation Section of the New York State Bar Association, have taught us that the same issues, naturally viewed from different perspectives, often disrupt the relationship between outside and in-house litigation counsel. Whether questions arise concerning billing, staffing, document review and production, or any other issue, tension often can be avoided by deciding on ground rules early in the life of a matter and then trying to keep to those agreements through the resolution of a matter -- unless both parties agree that changed circumstances require a new approach.
There is, of course, a fundamental divergence between the business imperatives driving law firms and their corporate clients that must be recognized: Law firms raise their revenues through increased billings while, to business people, legal costs -- litigation expenses in particular -- are an unwelcome expense that necessarily reduces a company's earnings. It is a fact of corporate life that legal departments are cost centers, not revenue generators. Every dollar spent on legal fees is a dollar that could at least theoretically have been invested in revenue-generating activities.
Beyond those divergent motivations lies a more complex dynamic. Litigation is an inevitable part of business, but one whose costs are often unpredictable because they frequently depend on the uncontrollable actions of third parties. Corporations cannot generally cut litigation costs unilaterally like they sometimes reduce expenses in other areas. In-house and outside litigation counsel can work together, however, to handle cases more efficiently, and thereby control costs, by employing many of these tried and true methods.
To Continue Reading: Click Here
---------------------------------------
Source: law.com
Our experiences as outside counsel in litigation and arbitration matters and as in-house litigation counsel, as well as our tenure as the co-chairs of the Corporate Litigation Counsel Committee of the Commercial and Federal Litigation Section of the New York State Bar Association, have taught us that the same issues, naturally viewed from different perspectives, often disrupt the relationship between outside and in-house litigation counsel. Whether questions arise concerning billing, staffing, document review and production, or any other issue, tension often can be avoided by deciding on ground rules early in the life of a matter and then trying to keep to those agreements through the resolution of a matter -- unless both parties agree that changed circumstances require a new approach.
There is, of course, a fundamental divergence between the business imperatives driving law firms and their corporate clients that must be recognized: Law firms raise their revenues through increased billings while, to business people, legal costs -- litigation expenses in particular -- are an unwelcome expense that necessarily reduces a company's earnings. It is a fact of corporate life that legal departments are cost centers, not revenue generators. Every dollar spent on legal fees is a dollar that could at least theoretically have been invested in revenue-generating activities.
Beyond those divergent motivations lies a more complex dynamic. Litigation is an inevitable part of business, but one whose costs are often unpredictable because they frequently depend on the uncontrollable actions of third parties. Corporations cannot generally cut litigation costs unilaterally like they sometimes reduce expenses in other areas. In-house and outside litigation counsel can work together, however, to handle cases more efficiently, and thereby control costs, by employing many of these tried and true methods.
To Continue Reading: Click Here
---------------------------------------
Source: law.com
Data Searching Strategies For Mobile Devices That Can Help Counsel Win Cases
With complex litigation cases becoming increasingly unwieldy due to cost and the vast amount of data requiring review, counsel is continuously looking for more efficient ways to find the "smoking guns." In that pursuit, critical data that is stored on electronic devices other than computers may be overlooked, potentially threatening the outcome of a case.
Mobile devices, such as cellular phones and PDAs are now vital to how organizations do business. Configured to transmit and receive data as well as log activity, these mobile offices have many of the same functionalities as traditional desktops and laptops.
With businesses relying so heavily on mobile devices, the information that can be gathered from such devices is becoming similar to what can be forensically retrieved from computers. The types of data that can be retrieved from mobile devices include corporate e-mail, personal e-mail, Short Message Service (SMS) text messages, personal notes, calendar entries, photographs, address books, and inbound and outbound call logs. When placed into a timeline of events, this type of information can be invaluable to prove certain facts for a case.
With literally hundreds of devices on the market there is not one single standard of information that can be retrieved from all devices. Because of this, every device related to a dispute needs to be evaluated for the type of information that it may contain. For example, a Motorola RAZR V3 phone will contain more information than a Motorola i415.
Retrieving data from a mobile device is a specialized skill set that requires a professional computer forensic examiner with experience in handling mobile devices. When selecting an examiner to work on such engagements, counsel needs to specifically ask what types of devices they are familiar with and how many times they have successfully analyzed these particular devices in the past. Handling mobile devices requires specialized software, appropriate cabling and, most importantly, the requisite professional experience.
Once an expert is identified, counsel should also ascertain the types of devices that will be forensically examined. Before any work can begin, the expert will need to know the manufacturer and the exact model of the device. When collecting the devices to be analyzed, it is prudent to make sure that both data and power cables are also included.
As with all electronic evidence, it is critical that the chain of custody is properly documented. When devices are being passed from the user to a supervisor, then to a human resources professional who will provide it to counsel and finally to the forensic expert, there is a risk that the integrity of the evidence may be challenged.
To Continue Reading: Click Here
---------------------------------------
Source: metrocorpcounsel.com
Mobile devices, such as cellular phones and PDAs are now vital to how organizations do business. Configured to transmit and receive data as well as log activity, these mobile offices have many of the same functionalities as traditional desktops and laptops.
With businesses relying so heavily on mobile devices, the information that can be gathered from such devices is becoming similar to what can be forensically retrieved from computers. The types of data that can be retrieved from mobile devices include corporate e-mail, personal e-mail, Short Message Service (SMS) text messages, personal notes, calendar entries, photographs, address books, and inbound and outbound call logs. When placed into a timeline of events, this type of information can be invaluable to prove certain facts for a case.
With literally hundreds of devices on the market there is not one single standard of information that can be retrieved from all devices. Because of this, every device related to a dispute needs to be evaluated for the type of information that it may contain. For example, a Motorola RAZR V3 phone will contain more information than a Motorola i415.
Retrieving data from a mobile device is a specialized skill set that requires a professional computer forensic examiner with experience in handling mobile devices. When selecting an examiner to work on such engagements, counsel needs to specifically ask what types of devices they are familiar with and how many times they have successfully analyzed these particular devices in the past. Handling mobile devices requires specialized software, appropriate cabling and, most importantly, the requisite professional experience.
Once an expert is identified, counsel should also ascertain the types of devices that will be forensically examined. Before any work can begin, the expert will need to know the manufacturer and the exact model of the device. When collecting the devices to be analyzed, it is prudent to make sure that both data and power cables are also included.
As with all electronic evidence, it is critical that the chain of custody is properly documented. When devices are being passed from the user to a supervisor, then to a human resources professional who will provide it to counsel and finally to the forensic expert, there is a risk that the integrity of the evidence may be challenged.
To Continue Reading: Click Here
---------------------------------------
Source: metrocorpcounsel.com
Times Are Changing - The World Of ESI
In the old days, plaintiffs would request business records from boxes in dusty warehouses. Attorneys would then review an inventory list of the boxes and pull those that were potentially relevant. Today, employees organize their own electronic data, but neither the records manager nor the IT representatives understand what each individual is really doing. This is the world of "electronically stored information" (ESI). The following article is designed to better equip you to evaluate your current environment and establish routine processes so that you are prepared the next time ESI is sought.
1) Be Proactive
Proactive steps are critical in preparing for electronic discovery. Looking at the types of documents you have and gaining an understanding of the various locations where data is stored will prove beneficial if and when litigation or a regulatory matter arises.
Step 1 - ESI Task Force
Establish an ESI task force comprised of members from the legal department, IT, records, outside counsel and an ESI vendor. This team should begin by comparing paper retention periods to that of electronic data. In addition, they should also familiarize themselves with the network environment and the appropriate locations to preserve and collect data when needed. The team should then focus on streamlining and minimizing the preservation and collection process, and removing personal and administrative garbage from business records.
Step 2 - Evaluation of Network Configuration
Create/Maintain a diagram of the network environment. This will assist in implementing preservation holds. When creating this diagram it is important to consider:
Home computers - Do employees have information at home? Consider what happens to proprietary information if the employee donates or sells the computer, and what if the employee leaves the organization?
VPN connections - Can employees use any computer (i.e. hotel business centers or homes) to access their files and email?
PDA devices - Does the company provide PDA devices such as BlackBerrys or Trios? How is the data transmitted?
Instant Messenger - Is Instant Messenger backed up?
Laptops for departing employees - Are departing employees allowed to take their laptop? Allowing them to leave with computer equipment may subject you to explaining why you let them take the information and, later, trying to recover the computer to produce data. There may also be issues with claiming privilege or trade secrets if departing employees are allowed to maintain proprietary information. Furthermore, proprietary information may become broadcasted across the Internet if the computer is improperly discarded.
To Continue Reading: Click Here
---------------------------------------
Source: metrocorpcounsel.com
1) Be Proactive
Proactive steps are critical in preparing for electronic discovery. Looking at the types of documents you have and gaining an understanding of the various locations where data is stored will prove beneficial if and when litigation or a regulatory matter arises.
Step 1 - ESI Task Force
Establish an ESI task force comprised of members from the legal department, IT, records, outside counsel and an ESI vendor. This team should begin by comparing paper retention periods to that of electronic data. In addition, they should also familiarize themselves with the network environment and the appropriate locations to preserve and collect data when needed. The team should then focus on streamlining and minimizing the preservation and collection process, and removing personal and administrative garbage from business records.
Step 2 - Evaluation of Network Configuration
Create/Maintain a diagram of the network environment. This will assist in implementing preservation holds. When creating this diagram it is important to consider:
Home computers - Do employees have information at home? Consider what happens to proprietary information if the employee donates or sells the computer, and what if the employee leaves the organization?
VPN connections - Can employees use any computer (i.e. hotel business centers or homes) to access their files and email?
PDA devices - Does the company provide PDA devices such as BlackBerrys or Trios? How is the data transmitted?
Instant Messenger - Is Instant Messenger backed up?
Laptops for departing employees - Are departing employees allowed to take their laptop? Allowing them to leave with computer equipment may subject you to explaining why you let them take the information and, later, trying to recover the computer to produce data. There may also be issues with claiming privilege or trade secrets if departing employees are allowed to maintain proprietary information. Furthermore, proprietary information may become broadcasted across the Internet if the computer is improperly discarded.
To Continue Reading: Click Here
---------------------------------------
Source: metrocorpcounsel.com
Joint Decision Making For Records Management — Too Many Cooks?
The CIO once made all the IT decisions. Described by BusinessWeek as "Management’s Newest Star," CIOs took niche technology knowledge all the way to the corporate suite and legitimized a language most executives didn’t speak—ERP, applications development, data quality, information integrity.
But today, things are changing. IT is becoming more democratized. One reason in particular is the several new or updated regulations dictating the management of corporate records and changing requirements for litigation readiness. Now, non-IT constituents, including corporate counsel and the entire legal team, HR and the CFO often have a say in corporate policies and technology purchasing decisions as well.
Companies of all types and sizes are discovering that the new regulations (i.e. amendments to FRCP) and a changing litigation environment are forcing them -- for better or for worse -- to adopt a team approach to policy development and technology purchasing decisions. But just what exactly are the implications of this new decision by committee necessitated by a changing business environment?
Perhaps the most important implications involve the CIO and the IT department and its role within the organization. Because records management is changing the corporate paradigm, the role of IT has also been altered. For example, IT is increasingly reporting to general counsel and is concerned with a whole host of legal issues – as they relate to IT. But as the IT department evolves, the CIO still needs to maintain his or her technology expert role.
To Continue Reading: Click Here
---------------------------------------
Source: ecmconnection.com
But today, things are changing. IT is becoming more democratized. One reason in particular is the several new or updated regulations dictating the management of corporate records and changing requirements for litigation readiness. Now, non-IT constituents, including corporate counsel and the entire legal team, HR and the CFO often have a say in corporate policies and technology purchasing decisions as well.
Companies of all types and sizes are discovering that the new regulations (i.e. amendments to FRCP) and a changing litigation environment are forcing them -- for better or for worse -- to adopt a team approach to policy development and technology purchasing decisions. But just what exactly are the implications of this new decision by committee necessitated by a changing business environment?
Perhaps the most important implications involve the CIO and the IT department and its role within the organization. Because records management is changing the corporate paradigm, the role of IT has also been altered. For example, IT is increasingly reporting to general counsel and is concerned with a whole host of legal issues – as they relate to IT. But as the IT department evolves, the CIO still needs to maintain his or her technology expert role.
To Continue Reading: Click Here
---------------------------------------
Source: ecmconnection.com
Thursday, November 29, 2007
Roundtable: How Legal Trends Of 2007 Will Affect Your Future Technological Decisions And Solutions
The Editor interviews Afshin Behnia , President & CEO, Mitratech; Tom Klaff , CEO, Surety LLC; Dan Lucky , Vice President-Data Management Solutions and David Gaines , Vice President- Security, Microstrategies, Inc.; Bettina Tweardy Riveros , Associate General Counsel and Director of Product Development, Corporation Service Company (CSC); Karen Schuler , Vice President of Consulting, ONSITE 3 .
Editor: What legal trends in 2007 had the greatest impact on law departments' technology solutions?
Behnia : On December 1, 2006 amendments to the Federal Rules of Civil Procedure (FRCP) took effect, requiring US organizations to address issues regarding electronically stored evidence at the outset of litigation. Rule 37(f) grants organizations a safe harbor for data destruction when it is due to routine operations and done in good faith - but this rule also requires that, at a minimum, organizations integrate legal hold procedures into their systematized frameworks.
While a variety of technologies can be used to apply litigation holds, a multidisciplinary approach is required. Anyone who thinks that IT can implement a hold assumes that the problem is exclusively a technical one. It is not. Legal, HR, and records management professionals all have important roles to play in the process.
We have seen companies respond in one of three ways: Reactionary - purchasing a litigation-hold point solution outside of their matter management technology which results in inefficiencies and high ownership costs; Elusively - deferring the problem to IT by pigeonholing it into a larger Records Management project which ends up costing more time and money than estimated while falling short on the functionality to meet the FRCP rules, and S trategically - by building their litigation hold processes into their existing matter management system for an integrated solution.
Klaff: Without question, the e-discovery amendments to the Federal Rules of Civil Procedure had the most significant impact on legal technology and that impact will resonate for the next several years.
Lucky and Gaines: The new e-discovery rules in the Federal Rules of Civil Procedure. They are being widely adopted by the state court systems.
Riveros: Corporate legal departments are increasingly faced with managing a broader array of risk across their organization to protect their board and shareholders, while faced with the need for increased productivity and budget compression. Effective risk management requires the aggregation of disparate data, knowledge, and documents across multiple systems and a dispersed organizational structure. Examples include internal management and reporting obligations in the litigation and compliance arenas as well as external legal hold preservation obligations in the e-discovery arena. Broad-based and flexible matter and document management solutions are critical to success.
Schuler: Beyond the amended Federal Rules of Civil Procedure which took effect just prior to 2007, discovery preparedness is perhaps the single most significant trend of the year in terms of how law departments are approaching technology solutions. As opposed to taking a reactive approach to e-discovery, discovery preparedness promotes a proactive approach, such as creating litigation hold communication policies, implementing e-discovery teams, cataloging and mapping locations and types of data across the organization and assessing the need to address structured data. There were also other legal trends influencing law departments, including (1) engagement of technologists internally to assist corporations in creating e-discovery task forces; (2) emergence of document review tools to enable corporate administration and oversight for driving productivity of review projects; (3) increasing availability of educational resources for legal teams, and (4) Safe Harbor certification for U.S.-based e-discovery providers to allow handling of data from the European Union, thus resolving data privacy concerns.
To Continue Reading: Click Here
---------------------------------------
Source: metrocorpcounsel.com
Editor: What legal trends in 2007 had the greatest impact on law departments' technology solutions?
Behnia : On December 1, 2006 amendments to the Federal Rules of Civil Procedure (FRCP) took effect, requiring US organizations to address issues regarding electronically stored evidence at the outset of litigation. Rule 37(f) grants organizations a safe harbor for data destruction when it is due to routine operations and done in good faith - but this rule also requires that, at a minimum, organizations integrate legal hold procedures into their systematized frameworks.
While a variety of technologies can be used to apply litigation holds, a multidisciplinary approach is required. Anyone who thinks that IT can implement a hold assumes that the problem is exclusively a technical one. It is not. Legal, HR, and records management professionals all have important roles to play in the process.
We have seen companies respond in one of three ways: Reactionary - purchasing a litigation-hold point solution outside of their matter management technology which results in inefficiencies and high ownership costs; Elusively - deferring the problem to IT by pigeonholing it into a larger Records Management project which ends up costing more time and money than estimated while falling short on the functionality to meet the FRCP rules, and S trategically - by building their litigation hold processes into their existing matter management system for an integrated solution.
Klaff: Without question, the e-discovery amendments to the Federal Rules of Civil Procedure had the most significant impact on legal technology and that impact will resonate for the next several years.
Lucky and Gaines: The new e-discovery rules in the Federal Rules of Civil Procedure. They are being widely adopted by the state court systems.
Riveros: Corporate legal departments are increasingly faced with managing a broader array of risk across their organization to protect their board and shareholders, while faced with the need for increased productivity and budget compression. Effective risk management requires the aggregation of disparate data, knowledge, and documents across multiple systems and a dispersed organizational structure. Examples include internal management and reporting obligations in the litigation and compliance arenas as well as external legal hold preservation obligations in the e-discovery arena. Broad-based and flexible matter and document management solutions are critical to success.
Schuler: Beyond the amended Federal Rules of Civil Procedure which took effect just prior to 2007, discovery preparedness is perhaps the single most significant trend of the year in terms of how law departments are approaching technology solutions. As opposed to taking a reactive approach to e-discovery, discovery preparedness promotes a proactive approach, such as creating litigation hold communication policies, implementing e-discovery teams, cataloging and mapping locations and types of data across the organization and assessing the need to address structured data. There were also other legal trends influencing law departments, including (1) engagement of technologists internally to assist corporations in creating e-discovery task forces; (2) emergence of document review tools to enable corporate administration and oversight for driving productivity of review projects; (3) increasing availability of educational resources for legal teams, and (4) Safe Harbor certification for U.S.-based e-discovery providers to allow handling of data from the European Union, thus resolving data privacy concerns.
To Continue Reading: Click Here
---------------------------------------
Source: metrocorpcounsel.com
Getting ESI Evidence Admitted: Lorraine v. Markel American Insurance Co.
Much has been written about a company's obligation to preserve, produce, and even restore electronically stored information ("ESI"), but much less has been written about the ways in which ESI can actually be used as evidence to prove one's case or defend against a charge. That is changing, as shown by the recent case of Lorraine v. Markel American Insurance Co. , 241 F.R.D. 534 (D.Md. May 4, 2007).
On May 17, 2004, plaintiff's yacht was damaged by lightning while anchored in the Chesapeake Bay. An arbitrator found that lightning was the cause of the damage, but limited the award to $14,100. Plaintiff brought a federal action to enforce the arbitrator's finding but to set aside the limits placed on the award, claiming the arbitrator exceeded his authority. Defendant/ Counter-Plaintiff Markel American Insurance Company counterclaimed to enforce the arbitrator's award (including its damage limitation) in full.
The problem for both sides was that neither supplied the evidentiary foundation needed for the court to rely upon various e-mails and other ESI offered in support of and in opposition to the arbitrator's award. The Court thus took the opportunity to discuss how ESI should be proffered in admissible form so it can be relied upon. As the Court stated: "Given the pervasiveness today of electronically prepared and stored records counsel must be prepared to recognize and appropriately deal with the evidentiary issues associated with the admissibility of electronically generated and stored evidence." 241 F.R.D. at 537. "[C]onsidering the significant costs associated with discovery of ESI, it makes little sense to go to all the bother and expense to get electronic information only to have it excluded from evidence because the proponent cannot lay a sufficient foundation to get it admitted." Id . at 538.
Lorraine details a number of evidentiary rules that must be considered when ESI is proffered, including: (1) whether the ESI is relevant (Federal Rule of Evidence 401); (2) whether the ESI is authentic (Rule 901); (3) whether the ESI is hearsay and, if so, whether it meets an applicable exception (Rules 801, 803, 804 and 807); (4) whether the ESI is an original or acceptable duplicate (or "best evidence") or meets an exception (Rules 1001 through 1008); and (5) whether the probative value of the ESI is outweighed by unfair prejudice (Rule 403). Id .
Space limitations prevent discussing every evidentiary problem examined in Lorraine , so this summary focuses on two concerns: authentication and hearsay.
To Continue Reading: Click Here
---------------------------------------
Source: metrocorpcounsel.com
On May 17, 2004, plaintiff's yacht was damaged by lightning while anchored in the Chesapeake Bay. An arbitrator found that lightning was the cause of the damage, but limited the award to $14,100. Plaintiff brought a federal action to enforce the arbitrator's finding but to set aside the limits placed on the award, claiming the arbitrator exceeded his authority. Defendant/ Counter-Plaintiff Markel American Insurance Company counterclaimed to enforce the arbitrator's award (including its damage limitation) in full.
The problem for both sides was that neither supplied the evidentiary foundation needed for the court to rely upon various e-mails and other ESI offered in support of and in opposition to the arbitrator's award. The Court thus took the opportunity to discuss how ESI should be proffered in admissible form so it can be relied upon. As the Court stated: "Given the pervasiveness today of electronically prepared and stored records counsel must be prepared to recognize and appropriately deal with the evidentiary issues associated with the admissibility of electronically generated and stored evidence." 241 F.R.D. at 537. "[C]onsidering the significant costs associated with discovery of ESI, it makes little sense to go to all the bother and expense to get electronic information only to have it excluded from evidence because the proponent cannot lay a sufficient foundation to get it admitted." Id . at 538.
Lorraine details a number of evidentiary rules that must be considered when ESI is proffered, including: (1) whether the ESI is relevant (Federal Rule of Evidence 401); (2) whether the ESI is authentic (Rule 901); (3) whether the ESI is hearsay and, if so, whether it meets an applicable exception (Rules 801, 803, 804 and 807); (4) whether the ESI is an original or acceptable duplicate (or "best evidence") or meets an exception (Rules 1001 through 1008); and (5) whether the probative value of the ESI is outweighed by unfair prejudice (Rule 403). Id .
Space limitations prevent discussing every evidentiary problem examined in Lorraine , so this summary focuses on two concerns: authentication and hearsay.
To Continue Reading: Click Here
---------------------------------------
Source: metrocorpcounsel.com
Navigating The Complexities Of U.S.-E.U. Data Protection And Electronic Discovery Issues
.S. multinationals that are making efforts to comply with data protection and e-discovery laws, rules and regulations in both the U.S. as well as other international jurisdictions face a multitude of challenges. If they are not in compliance, multinationals also bear the additional risk of significant sanctions, including monetary penalties. By identifying the appropriate experts within an organization and through proper planning, multinational organizations can ensure that they are in compliance.
Collecting and processing their own data in the U.S when the data resides internationally are among the more challenging issues facing U.S. multinationals. Two of the more common situations that they are confronted with relate to dealing with discovery orders for a U.S. based litigation that involves data from their own E.U. based employees; and being involved in an extremely sensitive and highly confidential internal investigation that relates to employees that are located in the E.U.
The Federal Rules of Civil Procedure, amended in December 2006, have cemented the significance of electronic discovery for the foreseeable future. As a result of these amendments, corporate counsel are not merely concerned with the costs, but also with the risks and potential sanctions associated with non-compliance of a discovery order. Counsel is not only challenged with how to develop the right approach to deal with U.S. based discovery, but also the multitude of data protection laws that exist in the U.S., E.U. and other jurisdictions.
With the costs of compliance with data privacy skyrocketing to approximately $21 billion by 20111 , companies are taking proactive measures to deal with data privacy concerns. More and more often, U.S. multinationals are creating Chief Privacy Officer positions and hiring a worldwide support staff to manage the risks and liabilities associated with compliance as well as the wide-ranging issues currently facing their companies.
Data protection laws have existed for a number of years and the E.U. has taken a strong stance in this area. The E.U. Data Protection Directive, which serves as a framework from which the 27 E.U. member states operate, is a primary example of the E.U.'s commitment to data privacy.
The E.U. Data Protection Directive is not the only requirement that should be of concern to U.S. multinationals. With each E.U. member state able to develop its own data protection legislation, organizations need to be sure that they can comply with every member states' requirements, which makes compliance by U.S. multinationals challenging at times. The U.S. and E.U. have maintained constant communication over the years to ensure cooperation and compliance with both U.S. and E.U. laws, as well as the laws of its member states.
To Continue Reading: Click Here
---------------------------------------
Source: metrocorpcounsel.com
Collecting and processing their own data in the U.S when the data resides internationally are among the more challenging issues facing U.S. multinationals. Two of the more common situations that they are confronted with relate to dealing with discovery orders for a U.S. based litigation that involves data from their own E.U. based employees; and being involved in an extremely sensitive and highly confidential internal investigation that relates to employees that are located in the E.U.
The Federal Rules of Civil Procedure, amended in December 2006, have cemented the significance of electronic discovery for the foreseeable future. As a result of these amendments, corporate counsel are not merely concerned with the costs, but also with the risks and potential sanctions associated with non-compliance of a discovery order. Counsel is not only challenged with how to develop the right approach to deal with U.S. based discovery, but also the multitude of data protection laws that exist in the U.S., E.U. and other jurisdictions.
With the costs of compliance with data privacy skyrocketing to approximately $21 billion by 20111 , companies are taking proactive measures to deal with data privacy concerns. More and more often, U.S. multinationals are creating Chief Privacy Officer positions and hiring a worldwide support staff to manage the risks and liabilities associated with compliance as well as the wide-ranging issues currently facing their companies.
Data protection laws have existed for a number of years and the E.U. has taken a strong stance in this area. The E.U. Data Protection Directive, which serves as a framework from which the 27 E.U. member states operate, is a primary example of the E.U.'s commitment to data privacy.
The E.U. Data Protection Directive is not the only requirement that should be of concern to U.S. multinationals. With each E.U. member state able to develop its own data protection legislation, organizations need to be sure that they can comply with every member states' requirements, which makes compliance by U.S. multinationals challenging at times. The U.S. and E.U. have maintained constant communication over the years to ensure cooperation and compliance with both U.S. and E.U. laws, as well as the laws of its member states.
To Continue Reading: Click Here
---------------------------------------
Source: metrocorpcounsel.com
NASCIO: Cross-government collaboration key to e-discovery
State governments looking to embark on e-discovery should first seek collaboration with a range of stakeholders.
That’s the view of a newly published research brief from the National Association of State Chief Information Officers (NASCIO). The report provides starting points to help CIOs improve states’ ability to handle requests for electronic information. The document follows a September NASCIO issue brief promoting CIOs’ awareness of electronic means of retrieving documents for legal cases.
The reports come at a time when changes in civil litigation promise to heighten the need to produce electronic materials. Amendments to the Federal Rules of Civil Procedure, which went into effect a year ago, specify the types of electronically stored information that an organization could be asked to produce in a lawsuit’s discovery phase.
According to the NASCIO report, state courts are likely to establish similar requirements. The amendments “provide one more reason for states to better manage the information and knowledge assets that are held across the enterprise,” the issue brief states.
For those just starting down that path, NASCIO pointed to the importance of cross-government collaboration. A multidisciplinary team should manage an electronic records management effort, which NASCIO said “can reduce the risks associated with e-discovery.”
Gary Robinson, CIO for Washington state and chairman of NASCIO’s E-Discovery Working Group, said many state entities contribute to records retention and e-discovery. He cited information services groups, agencies responsible for retention schedules, archivists, legal counsel and risk management offices as examples.
According to NASCIO, a state’s electronic records management program will likely follow a progression that includes the following steps:
To Continue Reading: Click Here
---------------------------------------
Source: fcw.com
That’s the view of a newly published research brief from the National Association of State Chief Information Officers (NASCIO). The report provides starting points to help CIOs improve states’ ability to handle requests for electronic information. The document follows a September NASCIO issue brief promoting CIOs’ awareness of electronic means of retrieving documents for legal cases.
The reports come at a time when changes in civil litigation promise to heighten the need to produce electronic materials. Amendments to the Federal Rules of Civil Procedure, which went into effect a year ago, specify the types of electronically stored information that an organization could be asked to produce in a lawsuit’s discovery phase.
According to the NASCIO report, state courts are likely to establish similar requirements. The amendments “provide one more reason for states to better manage the information and knowledge assets that are held across the enterprise,” the issue brief states.
For those just starting down that path, NASCIO pointed to the importance of cross-government collaboration. A multidisciplinary team should manage an electronic records management effort, which NASCIO said “can reduce the risks associated with e-discovery.”
Gary Robinson, CIO for Washington state and chairman of NASCIO’s E-Discovery Working Group, said many state entities contribute to records retention and e-discovery. He cited information services groups, agencies responsible for retention schedules, archivists, legal counsel and risk management offices as examples.
According to NASCIO, a state’s electronic records management program will likely follow a progression that includes the following steps:
To Continue Reading: Click Here
---------------------------------------
Source: fcw.com
FRCP Still Posing Challenges
Year-old rules for legal e-discovery still flummox both legal, IT departments
It's almost a year to the day since the U.S. government overhauled the Federal Rules of Civil Procedure (FRCP) in an attempt to streamline the country's legal system. So what better time to take a look at how enterprises are dealing with the technology implications of FRCP?
The rules themselves comprise 60 pages of legalese, but the gist is that corporate lawyers must not only produce electronic documents in the event of litigation, but produce them as part of the pretrial process. If they fail, a judge can slam a company with sizable penalties.
For IT managers and CIOs, this means a serious rethink of how data is both stored and retrieved. Increasingly, firms' IT staffs are finding themselves at the forefront of legal disputes, particularly when faced with a "legal hold" request to prevent key emails and files from being deleted.
"Everyone has to contend with the fact that information is recorded and transmitted in electronic format," says Tom Allman, former general counsel of BASF, and co-chair of Lawyers for Civil Justice, which advocated for the amendments. "My belief is that there has been a gradual but important change in peoples' attitudes."
A survey of legal trends by law firm Fulbright and Jaworski released earlier this year appears to bear this out, revealing that 89 percent of U.S. firms now have legal hold policies in place, up from 76 percent just two years ago.
Other indications nonetheless suggest that many firms are still struggling with some of the technology aspects of the FRCP amendments.
To Continue Reading: Click Here
---------------------------------------
Source: byteandswitch.com
It's almost a year to the day since the U.S. government overhauled the Federal Rules of Civil Procedure (FRCP) in an attempt to streamline the country's legal system. So what better time to take a look at how enterprises are dealing with the technology implications of FRCP?
The rules themselves comprise 60 pages of legalese, but the gist is that corporate lawyers must not only produce electronic documents in the event of litigation, but produce them as part of the pretrial process. If they fail, a judge can slam a company with sizable penalties.
For IT managers and CIOs, this means a serious rethink of how data is both stored and retrieved. Increasingly, firms' IT staffs are finding themselves at the forefront of legal disputes, particularly when faced with a "legal hold" request to prevent key emails and files from being deleted.
"Everyone has to contend with the fact that information is recorded and transmitted in electronic format," says Tom Allman, former general counsel of BASF, and co-chair of Lawyers for Civil Justice, which advocated for the amendments. "My belief is that there has been a gradual but important change in peoples' attitudes."
A survey of legal trends by law firm Fulbright and Jaworski released earlier this year appears to bear this out, revealing that 89 percent of U.S. firms now have legal hold policies in place, up from 76 percent just two years ago.
Other indications nonetheless suggest that many firms are still struggling with some of the technology aspects of the FRCP amendments.
To Continue Reading: Click Here
---------------------------------------
Source: byteandswitch.com
Special Counsel is under investigation
HEAD of the US Office of Special Counsel is being investigated for having had some computers' hard disks scrubbed, the Washington Post has reported.
Scott Bloch is in charge of the federal government agency that's responsible for enforcing the prohibition against serving federal employees becoming involved in partisan political activities and for protecting government whistleblowers.
His office is conducting the investigation seeking to determine whether former presidential assistant Karl Rove and other White House staffers committed any illegal partisan political acts while in office.
Appropriate targets for such an investigation might be anything like, well... say, orchestrating the "caging", that is, systematic disenfranchisement, of minority voters in swing states during the runup to the 2004 elections. Or,... conspiring with the appointees in the US Justice Department to politicise that organisation, including arranging political screening in the hiring of attorneys and dismissing US Attorneys who refused to indict political opponents just prior to elections or who pursued the corruption prosecutions of Republican political party loyalists.
According to an article that appeared last April in the Los Angeles Times, the Office of Special Counsel is looking into "the firing of at least one U.S. attorney, missing White House e-mails, and White House efforts to keep presidential appointees attuned to Republican political priorities." Mr. Bloch told the Times in April, "We will take the evidence where it leads us. We will not leave any stone unturned." That does sound like he's independent and trying to do his job.
Now, at the instigation of the White House, Mr. Bloch is being investigated, by the inspector general of the Office of Personnel Management, over claims that he dismissed whistleblowers' allegations without appropriate investigations and that he illegally retaliated against employees.
Investigators recently learned that Mr. Bloch bypassed his agency's computer support staff to have all of the files erased from his office computer as well as two computers used by top assistants who had departed. They are looking into whether the hard disk erasures were part of a coverup or otherwise improper.
To Continue Reading: Click Here
---------------------------------------
Source: theinquirer.net
Scott Bloch is in charge of the federal government agency that's responsible for enforcing the prohibition against serving federal employees becoming involved in partisan political activities and for protecting government whistleblowers.
His office is conducting the investigation seeking to determine whether former presidential assistant Karl Rove and other White House staffers committed any illegal partisan political acts while in office.
Appropriate targets for such an investigation might be anything like, well... say, orchestrating the "caging", that is, systematic disenfranchisement, of minority voters in swing states during the runup to the 2004 elections. Or,... conspiring with the appointees in the US Justice Department to politicise that organisation, including arranging political screening in the hiring of attorneys and dismissing US Attorneys who refused to indict political opponents just prior to elections or who pursued the corruption prosecutions of Republican political party loyalists.
According to an article that appeared last April in the Los Angeles Times, the Office of Special Counsel is looking into "the firing of at least one U.S. attorney, missing White House e-mails, and White House efforts to keep presidential appointees attuned to Republican political priorities." Mr. Bloch told the Times in April, "We will take the evidence where it leads us. We will not leave any stone unturned." That does sound like he's independent and trying to do his job.
Now, at the instigation of the White House, Mr. Bloch is being investigated, by the inspector general of the Office of Personnel Management, over claims that he dismissed whistleblowers' allegations without appropriate investigations and that he illegally retaliated against employees.
Investigators recently learned that Mr. Bloch bypassed his agency's computer support staff to have all of the files erased from his office computer as well as two computers used by top assistants who had departed. They are looking into whether the hard disk erasures were part of a coverup or otherwise improper.
To Continue Reading: Click Here
---------------------------------------
Source: theinquirer.net
One Year Later - Forty-Four Percent of Corporate Counsel Report Companies Being Unprepared for Onset of Revised Federal Rules for E-Discovery
Forty-four percent of corporate counsel attorneys revealed their companies were not prepared when the revised Federal Rules of Civil Procedure (FRCP) for e-discovery came into effect in December 1, 2006, according to the recently conducted LexisNexis® Corporate Counsel Survey. Additionally, 20 percent of corporate counsel were unaware of whether or not their company was prepared for the amendments to the federal rules prior to implementation. The survey also suggests that some significant challenges and misconceptions about the rules are still prevalent, but that companies have made strides in 2007 to be better prepared.
The survey, conducted by LexisNexis during the Association of Corporate Counsel 2007 Annual Meeting in late October, also revealed the top challenges that corporate counsel have encountered in their attempts to comply with the new rules, and whether the revised rules have resulted in cost reductions or increased discovery workload. Results are being released to coincide with the first anniversary of the new rules on December 1, 2007.
This is the second year in a row that the LexisNexis Corporate Counsel Survey has been conducted each time soliciting opinion about the new FRCP for e-discovery. It is part of the LexisNexis effort to continually monitor the legal market in order to provide a set of Total Practice Solutions capabilities addressing the complex and changing needs of legal professionals.
Results of the LexisNexis Corporate Counsel Survey bring to light how unprepared corporate counsel attorneys felt they were when new amendments to the federal rules went into effect a year ago, and that challenges still exist, said Courtney Barton, attorney and vice president of industry relations at LexisNexis® Applied Discovery®. But, results also indicate that over the last year many corporate counsel have begun to take the fundamental steps necessary to ensure their companies are better prepared for discovery and litigation.
To Continue Reading: Click Here
---------------------------------------
Source: ad-hoc-new.de
The survey, conducted by LexisNexis during the Association of Corporate Counsel 2007 Annual Meeting in late October, also revealed the top challenges that corporate counsel have encountered in their attempts to comply with the new rules, and whether the revised rules have resulted in cost reductions or increased discovery workload. Results are being released to coincide with the first anniversary of the new rules on December 1, 2007.
This is the second year in a row that the LexisNexis Corporate Counsel Survey has been conducted each time soliciting opinion about the new FRCP for e-discovery. It is part of the LexisNexis effort to continually monitor the legal market in order to provide a set of Total Practice Solutions capabilities addressing the complex and changing needs of legal professionals.
Results of the LexisNexis Corporate Counsel Survey bring to light how unprepared corporate counsel attorneys felt they were when new amendments to the federal rules went into effect a year ago, and that challenges still exist, said Courtney Barton, attorney and vice president of industry relations at LexisNexis® Applied Discovery®. But, results also indicate that over the last year many corporate counsel have begun to take the fundamental steps necessary to ensure their companies are better prepared for discovery and litigation.
To Continue Reading: Click Here
---------------------------------------
Source: ad-hoc-new.de
Computer Hard Drive Search
Experts say all information put on computer hard drives, can be recovered even if it's deleted.
NEWSCHANNEL 5 wanted to find out how hard it would be to recover personal information from a computer hard drive.
We bought a computer from a pawnshop and began inspecting it.
NEWSCHANNEL 5's computer technician inspected the computer and at first glance thought there was nothing to be found.
But when we took it to a computer forensics expert, it was a different story.
Computer forensics expert Rey Anzaldua, found everything from family photos, to pornography hidden on the drive.
After running expensive recovery software on the drive for six hours, he found plenty of personal information that could have been used by identity thieves.
"We've got so much data we could probably rebuild their whole lives." says Anzaldua.
But NEWSCHANNEL 5 has learned you don't have to be an expert to get the information, in fact you can buy data mining tools for less than seventy dollars online.
Experts say if you're planning to get rid of your computer you need to remember to take precautions.
You can buy drive wiping software online, it's inexpensive, and it takes most of the information off the drive, making it nearly impossible for the average thief to get your information
---------------------------------------
Source: newschannel5.tv
Wednesday, November 28, 2007
E-Mail Search Takes Byte Out of RNC Coffers
Nothing comes cheap in Washington, including Karl Rove's missing e-mails. Just ask the Republican National Committee, which seems to be spending a pretty penny looking for them.
Earlier this year, it was discovered that Rove and other White House aides had been using private e-mail accounts at the RNC to send messages about controversial government matters, such as the firings of U.S. attorneys. When investigators came calling, the RNC couldn't find the e-mails but promised to look.
Now, The Sleuth has learned, the hunt for those missing gigabytes has cost the RNC more than $250,000.
According to an RNC filing with the Federal Election Commission, the committee paid $231,615 in October to Stroz Friedberg, a forensics firm chock full of former FBI agents hired to retrieve the lost electronic data. The report shows the committee also paid $41,217 in October to Covington & Burling, the law firm representing the RNC on the missing e-mail controversy.
Democrats in Congress are hot to lay their hands on the e-mails as they try to figure out just how much political considerations were influencing policy, like the prosecutors purge or the dispensing of HUD grants. Earlier this month, a federal judge ordered the White House not to destroy any backup tapes of its e-mail.
To Continue Reading: Click Here
---------------------------------------
Source: washingtonpost.com
Earlier this year, it was discovered that Rove and other White House aides had been using private e-mail accounts at the RNC to send messages about controversial government matters, such as the firings of U.S. attorneys. When investigators came calling, the RNC couldn't find the e-mails but promised to look.
Now, The Sleuth has learned, the hunt for those missing gigabytes has cost the RNC more than $250,000.
According to an RNC filing with the Federal Election Commission, the committee paid $231,615 in October to Stroz Friedberg, a forensics firm chock full of former FBI agents hired to retrieve the lost electronic data. The report shows the committee also paid $41,217 in October to Covington & Burling, the law firm representing the RNC on the missing e-mail controversy.
Democrats in Congress are hot to lay their hands on the e-mails as they try to figure out just how much political considerations were influencing policy, like the prosecutors purge or the dispensing of HUD grants. Earlier this month, a federal judge ordered the White House not to destroy any backup tapes of its e-mail.
To Continue Reading: Click Here
---------------------------------------
Source: washingtonpost.com
Survey Says: Businesses Settling Lawsuits to Avoid eDiscovery
According to a new study conducted by iTracks for email archiving provider Fortiva, one in five businesses have settled a lawsuit to avoid the costly and time consuming task of searching through and recovering email.
According to the Fortiva the survey, which canvassed the opinions of legal discovery professionals, shows that a significant number of businesses have been negatively impacted by issues related to e-discovery. Somewhat alarmingly, one-fifth of those surveyed claimed that their business has settled a lawsuit to avoid complications with eDiscovery.
According to newly amended Federal Rules of Civil Procedure (FRCP) that come into effect in the US on December 1, all email has been deemed discoverable and parties to a lawsuit must meet within 99 days of a civil action being launched for a meet and confer session to disclose what information will be produced and the format in which it must be presented.
Due to this, businesses need to know where all emails are stored, how long they have been there, and they need be able to access them for presentation in a reasonable timeframe. The new rules also require businesses to be prepared to enforce a litigation hold on any email that might be relevant to a potential case, meaning that those emails cannot be deleted until the issue is resolved.
To Continue Reading: Click Here
---------------------------------------
Source: idm.net.au
According to the Fortiva the survey, which canvassed the opinions of legal discovery professionals, shows that a significant number of businesses have been negatively impacted by issues related to e-discovery. Somewhat alarmingly, one-fifth of those surveyed claimed that their business has settled a lawsuit to avoid complications with eDiscovery.
According to newly amended Federal Rules of Civil Procedure (FRCP) that come into effect in the US on December 1, all email has been deemed discoverable and parties to a lawsuit must meet within 99 days of a civil action being launched for a meet and confer session to disclose what information will be produced and the format in which it must be presented.
Due to this, businesses need to know where all emails are stored, how long they have been there, and they need be able to access them for presentation in a reasonable timeframe. The new rules also require businesses to be prepared to enforce a litigation hold on any email that might be relevant to a potential case, meaning that those emails cannot be deleted until the issue is resolved.
To Continue Reading: Click Here
---------------------------------------
Source: idm.net.au
One Year Later: Kroll Ontrack Reveals the Most Significant Electronic Discovery Cases under the New Federal Rules of Civil Procedure
As the one year anniversary of the amended Federal Rules of Civil Procedure (FRCP) approaches, Kroll Ontrack(R), the industry's largest provider of electronic discovery and computer forensics services, today announced a breakdown of the reported electronic discovery opinions from 2007 as well as a list of the year's top five most significant discovery cases.
Focusing primarily on interpreting the new FRCP, common topics reoccurring in judicial opinions issued in 2007 included: the importance of early case conferences, the accessibility of electronically stored information, and what to do when parties fail to play by the new rules. Thus far, approximately 105 e-discovery opinions were reported since December 1, 2006. The major issues involved in these cases break down as follows:
-- 25% of cases addressed discovery requests and motions to compel
-- 24% of cases addressed spoliation/sanction
-- 23% of cases addressed issues involving the form of production
-- 9% of cases addressed preservation/litigation holds
-- 7% of cases addressed attorney-client privilege and waiver
-- 6% of cases addressed production fees
-- 6% of cases addressed admissibility of electronic evidence
To Continue Reading: Click Here
---------------------------------------
Source: pr-inside.com
Focusing primarily on interpreting the new FRCP, common topics reoccurring in judicial opinions issued in 2007 included: the importance of early case conferences, the accessibility of electronically stored information, and what to do when parties fail to play by the new rules. Thus far, approximately 105 e-discovery opinions were reported since December 1, 2006. The major issues involved in these cases break down as follows:
-- 25% of cases addressed discovery requests and motions to compel
-- 24% of cases addressed spoliation/sanction
-- 23% of cases addressed issues involving the form of production
-- 9% of cases addressed preservation/litigation holds
-- 7% of cases addressed attorney-client privilege and waiver
-- 6% of cases addressed production fees
-- 6% of cases addressed admissibility of electronic evidence
To Continue Reading: Click Here
---------------------------------------
Source: pr-inside.com
Security Crossroads: E-Discovery and Your CIRT
Walk into any organization today and you're likely to find some sort of computer incident response team (CIRT). If you're lucky, you'll also find a CIRT that is well organized and seamlessly laced into each functional area of the organization.
Speaking of laced, many organizations are finding that the new kid on the block, e-discovery, already overlaps with many of core components of a well-defined CIRT. So it begs the question, should e-discovery be a functional component of the CIRT?
E-Discovery and CIRT Defined
Before we continue, let's just be clear on what a CIRT and e-discovery are.Electronic discovery, or e-discovery, refers to discovery in civil litigation, which deals with information in electronic form. In this context, electronic form means stored as binary data. Electronic information is different from information stored on paper because of its intangible form, volume, transience, and persistence. Also, electronic information is usually accompanied by metadata, which is rarely present in paper documents.
Examples of the types of data included in e-discovery include e-mail, instant messaging chats, Microsoft Office files, accounting databases, CAD/CAM files, Web sites, and any other electronically-stored information which could be considered relevant evidence in a lawsuit or criminal inquiry. Also included in e-discovery is "raw data" which Forensic Investigators can review for hidden evidence.
Individuals working in the field of electronic discovery commonly refer to the field as Litigation Support.
A computer incident response team (CIRT) is a carefully selected and well-trained group of people whose purpose is to promptly and correctly handle an incident so that it can be quickly contained, investigated, and recovered from. It is typically comprised of members from within the company. By necessity, they must be people that can drop what they're doing at a moment's notice and have the authority to make decisions and take actions with little in the way of red tape.
As an integral part of the CIRT, the members of the Information Security team are the employees who are trained in the area of handling electronic incidents. They are valuable assets not only because of the ability to manage a multitude of incidents, but for their ability to provide options -- and the implications of those options -- to management and other members of the team. Information Security's role includes assessing the extent of the damage, containment, basic forensics, and recovery.
To Continue Reading: Click Here
---------------------------------------
Source: enterpriseitplanet.com
Speaking of laced, many organizations are finding that the new kid on the block, e-discovery, already overlaps with many of core components of a well-defined CIRT. So it begs the question, should e-discovery be a functional component of the CIRT?
E-Discovery and CIRT Defined
Before we continue, let's just be clear on what a CIRT and e-discovery are.Electronic discovery, or e-discovery, refers to discovery in civil litigation, which deals with information in electronic form. In this context, electronic form means stored as binary data. Electronic information is different from information stored on paper because of its intangible form, volume, transience, and persistence. Also, electronic information is usually accompanied by metadata, which is rarely present in paper documents.
Examples of the types of data included in e-discovery include e-mail, instant messaging chats, Microsoft Office files, accounting databases, CAD/CAM files, Web sites, and any other electronically-stored information which could be considered relevant evidence in a lawsuit or criminal inquiry. Also included in e-discovery is "raw data" which Forensic Investigators can review for hidden evidence.
Individuals working in the field of electronic discovery commonly refer to the field as Litigation Support.
A computer incident response team (CIRT) is a carefully selected and well-trained group of people whose purpose is to promptly and correctly handle an incident so that it can be quickly contained, investigated, and recovered from. It is typically comprised of members from within the company. By necessity, they must be people that can drop what they're doing at a moment's notice and have the authority to make decisions and take actions with little in the way of red tape.
As an integral part of the CIRT, the members of the Information Security team are the employees who are trained in the area of handling electronic incidents. They are valuable assets not only because of the ability to manage a multitude of incidents, but for their ability to provide options -- and the implications of those options -- to management and other members of the team. Information Security's role includes assessing the extent of the damage, containment, basic forensics, and recovery.
To Continue Reading: Click Here
---------------------------------------
Source: enterpriseitplanet.com
Tuesday, November 27, 2007
Global Economy Attracts Global Antitrust Scrutiny
Economic globalization is increasingly being matched by greater antitrust enforcement as more nations scrutinize mergers and fight price-fixing.
For corporations it can mean more paperwork to complete mergers, as in the case of Google (NSDQ: GOOG), which filed with Australia, Brazil, Europe and the United States to buy DoubleClick. Australia and Brazil have approved the deal while Europe and the United States are still considering it.
And there are more venues to battle rivals. Advanced Micro Devices (NYSE: AMD) failed to convince Washington to probe Intel (NSDQ: INTC) for allegedly offering discounts to computer makers to keep them from using AMD processor chips. But Japan, South Korea and European Union have opened investigations.
Another consequence is that firms caught fixing prices face prosecution in more jurisdictions.
While the United States has encouraged other countries to create competition watchdogs, there are also worries in U.S. antitrust circles as the number of agencies grows.
India's new Competition Act, which has not yet been implemented, has raised eyebrows in Washington because of its low threshold for claiming jurisdiction on mergers. Further, approval for even noncontroversial deals could take 210 days.
And there is some fear in the United States that China will use its new law, which is expected to go into force next year, to protect domestic industry. "They could enforce it in a perfectly professional and responsible way, or they could really play games with it," said Barry Hawk, director of the Fordham Competition Law Institute.
GLOBAL ANTITRUST ENFORCEMENT RELATIVELY NEW
The first U.S. federal legislation came in 1890, when the Congress got fearful of corporate power and passed the Sherman Act which was used to break up the Standard Oil trust in 1911.
By 1960, just Australia, Britain, Canada, Chile, Germany, Japan, Norway and the United States had antitrust legislation, and most failed to enforce their laws.
"The United States had the only robust antitrust enforcement for many years," said Eleanor Fox, who teaches at the New York University School of Law.
But the Berlin Wall came down in 1989, and former Russian satellites in the process of creating market economies adopted antitrust laws on the advice of Washington and western Europe.
"They often did it on faith. They adopted it without knowing how to apply it," said Fox. "(The laws were) to contain the greed that they thought would come with capitalism."
To Continue Reading: Click Here
---------------------------------------
Source: Informationweek
By Rueters
For corporations it can mean more paperwork to complete mergers, as in the case of Google (NSDQ: GOOG), which filed with Australia, Brazil, Europe and the United States to buy DoubleClick. Australia and Brazil have approved the deal while Europe and the United States are still considering it.
And there are more venues to battle rivals. Advanced Micro Devices (NYSE: AMD) failed to convince Washington to probe Intel (NSDQ: INTC) for allegedly offering discounts to computer makers to keep them from using AMD processor chips. But Japan, South Korea and European Union have opened investigations.
Another consequence is that firms caught fixing prices face prosecution in more jurisdictions.
While the United States has encouraged other countries to create competition watchdogs, there are also worries in U.S. antitrust circles as the number of agencies grows.
India's new Competition Act, which has not yet been implemented, has raised eyebrows in Washington because of its low threshold for claiming jurisdiction on mergers. Further, approval for even noncontroversial deals could take 210 days.
And there is some fear in the United States that China will use its new law, which is expected to go into force next year, to protect domestic industry. "They could enforce it in a perfectly professional and responsible way, or they could really play games with it," said Barry Hawk, director of the Fordham Competition Law Institute.
GLOBAL ANTITRUST ENFORCEMENT RELATIVELY NEW
The first U.S. federal legislation came in 1890, when the Congress got fearful of corporate power and passed the Sherman Act which was used to break up the Standard Oil trust in 1911.
By 1960, just Australia, Britain, Canada, Chile, Germany, Japan, Norway and the United States had antitrust legislation, and most failed to enforce their laws.
"The United States had the only robust antitrust enforcement for many years," said Eleanor Fox, who teaches at the New York University School of Law.
But the Berlin Wall came down in 1989, and former Russian satellites in the process of creating market economies adopted antitrust laws on the advice of Washington and western Europe.
"They often did it on faith. They adopted it without knowing how to apply it," said Fox. "(The laws were) to contain the greed that they thought would come with capitalism."
To Continue Reading: Click Here
---------------------------------------
Source: Informationweek
By Rueters
Why Data Security for Non-Production Computer Systems Is Important
Most business enterprises are well aware of the need to protect their production computers from unauthorized access. Data security procedures are now routinely required by governmental regulation, such as Sarbanes-Oxley or HIPAA, or by industry self-regulation, such as through the PCI Security Standards Council. Even with such requirements, reports of data breaches are regularly reported in the press, exposing businesses to fallout ranging from unwanted media attention as the most basic response to potential legal exposure and costs as the most severe.
While the industry has moved to deal with the most egregious aspects of data theft, many computer systems still remain vulnerable to attack at some level. But there is yet another tier of computer data that remains practically untouched and unprotected by today’s new data security procedures – non-production systems used for in-house development, testing and training purposes. These “open” systems leave a large hole in the security practices at companies of all sizes and locations across the globe.
To put the size of the security threat into perspective, according to the Privacy Rights Clearing House (www.privacyrights.org), there have been over 605 reported breaches resulting in over 167 million data records containing sensitive personal information compromised since January 10, 2005. These 167 million data records are estimated to be less than half of the actual number of data records compromised as numerous reporting organizations either did not know the number or did not disclose the number of records compromised.
The organizations affected include both public and private companies, non-profits, and municipal, county, state and federal governments. Literally every industry is touched, and highly sensitive health, financial, employment, credit card, social security and other personal information (data) is compromised.
Understanding the Threat
Insider threats lead the way, accounting for approximately 60% of the breaches. The black market for sensitive personal information provides a powerful lure to some individuals, as stolen data has become a highly lucrative business. For example, credit card information brings $1.50/record and medical identity card information is worth even more at $5-$50/record.
Most organizations prefer to test their applications with “real data” in both their development and test environments, as this provides the best scenario to ensure applications work properly.
However, typical control (people, process and technology) practices and security measures taken in development and test environments are a fraction of what is practiced within production environments. As a result, many companies inadvertently jeopardize highly sensitive information at the application development level.According to Louis Carpenito, CISSP CISM, an independent senior security executive with a lengthy record of data security experience with such organizations as Symantec, Fidelity Investments and Johnson & Johnson, “In today’s software development world, many organizations have diversified their development resource.
They either have development sites off shore (owned or contracted), contract coding to companies within their respective countries, hire contractors to work within their development facilities, and/or employ people to develop their software.”
“Since non-production environments are generally open with little or no logging and monitoring and are often accessed remotely,” Carpenito says, “they pose an easy target for data thieves, and quite simply invite both inside and external threats to harvest sensitive personal information with relative ease and without detection.”Protecting Confidential Data in Non-
Secure Environments
In order to shore up defenses against these potential data breaches, organizations need to ensure they protect confidential data contained in non-production environments According to a Gartner Research (www.Gartner.com), businesses experience losses of up to $60 billion annually due to security gaps. In fact, removing a defect after software is operational can cost between two and five times as much as correcting the error within the development and QA process.
To help secure the many unprotected copies of confidential data that exist across the enterprise, a new class of data security software is being developed to enable organizations to automatically apply protection schemes to sensitive data while maintaining its integrity and test validity. This technology should cover three crucial components for addressing data security at the application development level.
First, organizations should seek a solution that enables them to use, customize and create sophisticated rules for masking or obfuscating sensitive information that has been moved into testing, training and other sandbox environments. Second, they should ensure their solution provides access control to sensitive information within systems like SAP. Finally, an effective solution will automatically identify and change every instance of sensitive data element in SAP’s complex data structures to minimize manual processes involved in securing information across all testing and development processes and systems.
To Continue Reading: Click Here
--------------------------------------
Source: Computer Technology Review
By: Alan Peters
While the industry has moved to deal with the most egregious aspects of data theft, many computer systems still remain vulnerable to attack at some level. But there is yet another tier of computer data that remains practically untouched and unprotected by today’s new data security procedures – non-production systems used for in-house development, testing and training purposes. These “open” systems leave a large hole in the security practices at companies of all sizes and locations across the globe.
To put the size of the security threat into perspective, according to the Privacy Rights Clearing House (www.privacyrights.org), there have been over 605 reported breaches resulting in over 167 million data records containing sensitive personal information compromised since January 10, 2005. These 167 million data records are estimated to be less than half of the actual number of data records compromised as numerous reporting organizations either did not know the number or did not disclose the number of records compromised.
The organizations affected include both public and private companies, non-profits, and municipal, county, state and federal governments. Literally every industry is touched, and highly sensitive health, financial, employment, credit card, social security and other personal information (data) is compromised.
Understanding the Threat
Insider threats lead the way, accounting for approximately 60% of the breaches. The black market for sensitive personal information provides a powerful lure to some individuals, as stolen data has become a highly lucrative business. For example, credit card information brings $1.50/record and medical identity card information is worth even more at $5-$50/record.
Most organizations prefer to test their applications with “real data” in both their development and test environments, as this provides the best scenario to ensure applications work properly.
However, typical control (people, process and technology) practices and security measures taken in development and test environments are a fraction of what is practiced within production environments. As a result, many companies inadvertently jeopardize highly sensitive information at the application development level.According to Louis Carpenito, CISSP CISM, an independent senior security executive with a lengthy record of data security experience with such organizations as Symantec, Fidelity Investments and Johnson & Johnson, “In today’s software development world, many organizations have diversified their development resource.
They either have development sites off shore (owned or contracted), contract coding to companies within their respective countries, hire contractors to work within their development facilities, and/or employ people to develop their software.”
“Since non-production environments are generally open with little or no logging and monitoring and are often accessed remotely,” Carpenito says, “they pose an easy target for data thieves, and quite simply invite both inside and external threats to harvest sensitive personal information with relative ease and without detection.”Protecting Confidential Data in Non-
Secure Environments
In order to shore up defenses against these potential data breaches, organizations need to ensure they protect confidential data contained in non-production environments According to a Gartner Research (www.Gartner.com), businesses experience losses of up to $60 billion annually due to security gaps. In fact, removing a defect after software is operational can cost between two and five times as much as correcting the error within the development and QA process.
To help secure the many unprotected copies of confidential data that exist across the enterprise, a new class of data security software is being developed to enable organizations to automatically apply protection schemes to sensitive data while maintaining its integrity and test validity. This technology should cover three crucial components for addressing data security at the application development level.
First, organizations should seek a solution that enables them to use, customize and create sophisticated rules for masking or obfuscating sensitive information that has been moved into testing, training and other sandbox environments. Second, they should ensure their solution provides access control to sensitive information within systems like SAP. Finally, an effective solution will automatically identify and change every instance of sensitive data element in SAP’s complex data structures to minimize manual processes involved in securing information across all testing and development processes and systems.
To Continue Reading: Click Here
--------------------------------------
Source: Computer Technology Review
By: Alan Peters
Survey Shows One in Five Businesses Have Settled a Lawsuit to Avoid the Cost of Recovering and Searching Through Email
As the one-year anniversary of the amended Federal Rules of Civil Procedure (FRCP) approaches on December 1, a survey of professionals directly involved in legal discovery shows that a significant number of businesses have been negatively impacted by the challenges of e-discovery. In fact, one-fifth of the professionals say their business has settled a lawsuit to avoid the cost of recovering and searching through electronic documents such as email. The survey, conducted by iTracks for Fortiva, a leading on-demand email archiving provider, also showed that a majority of businesses are now actively taking steps to reduce risk and meet FRCP requirements by improving their e-discovery processes.
“As more and more lawsuits focus on electronic evidence, the cost – and risk – of being unprepared for e-discovery keeps going up,” said Eric Goodwin. “It’s clear that in the year since the amended FRCP went into effect, the majority of businesses have recognized that fact and are doing something about it. There’s still a long way to go, but these results are very positive and they indicate that most companies are on the right path.”
The new FRCP states that all email is discoverable, and that parties to a lawsuit must meet within 99 days of a civil action being launched for a meet and confer session to disclose what information will be produced and the format in which it must be presented. As a result, businesses need to know where all emails are stored and for how long, and they need to ensure that they can access those emails and present them to opposing counsel in a reasonable timeframe. The new rules also require businesses to be prepared to enforce a litigation hold on any email that might be relevant to a potential case, meaning that those emails cannot be deleted until the issue is resolved.
Based on the results, nearly half (47 percent) of respondents do not agree that their legal team can effectively review relevant email in the 99-day window before the meet and confer session.
To address this, 51 percent say they have implemented, or are planning to implement technology that allows them to easily search and review email. Similarly, more than one-third of businesses (36.7 percent) are already enforcing a formal retention policy for email, while another 40 percent are currently in the planning stage to enforce a formal policy.
Surprisingly, while 68 percent of respondents face at least one litigation hold each year, just 37 percent have a formal litigation hold process in place. Once again, this appears to be changing as another 36 percent of respondents are currently planning to create and enforce a formal litigation hold process.
Despite the generally pro-active approach most businesses appear to be embracing, the survey showed there is still reason for businesses to be diligent about this process. Other findings from the survey include:
37 percent of respondents conduct more than 21 searches through old email to gather information for legal reasons each year;
• Nearly half of respondents (40 percent ) reported that their organization searches through email five or more times each year in response to a formal legal discovery request;
• 35 percent are not confident that emails are fully reviewed to ensure attorney-client privilege is not waived before being sent to opposing counsel during Discovery;
• Of those who were familiar with the costs of litigation, more than half (51 percent) claimed the average cost of litigation (excluding settlement costs) was over $200,000, with 8 percent putting the average cost over $1 million.
Survey MethodologyThe survey was conducted by iTracks research between November 7 and November 23, 2007 among 90 professionals directly involved with legal discovery in North America. The median business size was 600 employees and the mean was 1405.
To Continue Reading: Click Here
----------------------------------------
Source: PR Web
“As more and more lawsuits focus on electronic evidence, the cost – and risk – of being unprepared for e-discovery keeps going up,” said Eric Goodwin. “It’s clear that in the year since the amended FRCP went into effect, the majority of businesses have recognized that fact and are doing something about it. There’s still a long way to go, but these results are very positive and they indicate that most companies are on the right path.”
The new FRCP states that all email is discoverable, and that parties to a lawsuit must meet within 99 days of a civil action being launched for a meet and confer session to disclose what information will be produced and the format in which it must be presented. As a result, businesses need to know where all emails are stored and for how long, and they need to ensure that they can access those emails and present them to opposing counsel in a reasonable timeframe. The new rules also require businesses to be prepared to enforce a litigation hold on any email that might be relevant to a potential case, meaning that those emails cannot be deleted until the issue is resolved.
Based on the results, nearly half (47 percent) of respondents do not agree that their legal team can effectively review relevant email in the 99-day window before the meet and confer session.
To address this, 51 percent say they have implemented, or are planning to implement technology that allows them to easily search and review email. Similarly, more than one-third of businesses (36.7 percent) are already enforcing a formal retention policy for email, while another 40 percent are currently in the planning stage to enforce a formal policy.
Surprisingly, while 68 percent of respondents face at least one litigation hold each year, just 37 percent have a formal litigation hold process in place. Once again, this appears to be changing as another 36 percent of respondents are currently planning to create and enforce a formal litigation hold process.
Despite the generally pro-active approach most businesses appear to be embracing, the survey showed there is still reason for businesses to be diligent about this process. Other findings from the survey include:
37 percent of respondents conduct more than 21 searches through old email to gather information for legal reasons each year;
• Nearly half of respondents (40 percent ) reported that their organization searches through email five or more times each year in response to a formal legal discovery request;
• 35 percent are not confident that emails are fully reviewed to ensure attorney-client privilege is not waived before being sent to opposing counsel during Discovery;
• Of those who were familiar with the costs of litigation, more than half (51 percent) claimed the average cost of litigation (excluding settlement costs) was over $200,000, with 8 percent putting the average cost over $1 million.
Survey MethodologyThe survey was conducted by iTracks research between November 7 and November 23, 2007 among 90 professionals directly involved with legal discovery in North America. The median business size was 600 employees and the mean was 1405.
To Continue Reading: Click Here
----------------------------------------
Source: PR Web
Monday, November 26, 2007
Google Cracks Passwords too
Researchers at Cambridge University’s computer science department successfully used Google to crack passwords obfuscated in the Message-Digest Algorithm 5 (MD5) format.
Initially, Steven Murdoch, a security researcher who runs the Light Blue Touchpaper blog, found out that an intruder had broken into his website. Even the administrator account in the Wordpress blogging software was installed on the server.
After taking his system to computer forensics, he discovered the extent of damage.
Wordpress passwords are MD5 hashed and stored in the user database. Thus to recover this hacked password, Murdoch wrote a script which hashed all words in the English dictionary to find a match. However this was an unsuccessful attempt.
The next time Murdoch switched to a Russian dictionary. Comments in Russian language were discovered in the new code installed on the server. When even this attempt failed, Murdoch decided to try Google.
To Continue Reading: Click Here
----------------------------------------
Source: techshout.com
Security Manager's Journal: E-discovery Prompts a Second Look at Data Retention
How much data is too much? New e-discovery rules burden IT with searching archived information
I was called to our general counsel’s office to discuss electronic-discovery laws that went into effect last year. I was glad, since addressing this topic is long overdue for us.
Top executives often come to recognize important issues in ways that are less than ideal. In this case, our attorney had attended a dinner conference sponsored by a vendor that suggested to its guests that its product was the answer to their e-discovery worries. The attorney described it as an elegant dinner — you would expect fine wine, but he apparently had drunk the Kool-Aid.
We are not required by any current industry certification, attestation or regulation to retain data, other than our financials, which is a Sarbanes-Oxley Act and IRS requirement. But we nonetheless retain a lot of data, and e-discovery regulations are a good reason to re-evaluate our retention policies.
I’m not a lawyer, but here’s what I understand about the e-discovery amendment to the Federal Rules of Civil Procedure. Say, for example, that an employee accuses a supervisor of harassment. The human resources and legal departments could then anticipate that there might be some sort of legal action. Under the new rules, the IT department would have to begin collecting all digital communications that the parties involved had sent or received. We would take similar action if the company was subpoenaed and ordered to collect relevant communications.
There are many more instances that could trigger the e-discovery provisions, but the key thing is that retention is not required before some triggering event occurs. But if you have retained data, that is also subject to e-discovery.
So, if we didn’t have a retention policy, we wouldn’t have any archived data to search and provide to the authorities. We wouldn’t have to expend resources to search through archived data. And we’re talking about a lot of resources, both in time and money, with the money going to pay for a product like the one our general counsel had heard about at the dinner. That’s why we need to decide whether to adjust our data retention policy.
Retention Issues
As I said, we retain a lot without being required to do so. And our company is hardly unique. We back up certain data repositories — source code, design documents, service manuals and device configurations — to handle various disaster recovery and business continuity issues.
Of course, we also provide our employees with e-mail and a “home” directory: a dedicated drive share on a Windows file server for storing business- related data. Those 8,000 home directories and e‑mail accounts get backed up every night. But while e-mail is stored on a server, mail relays also contain information related to the receipt of e-mail. We use IP telephony, and voice-mail messages are stored as .wav files on a server, but they can also be sent to an employee’s e-mail.
To Continue Reading: Click Here
----------------------------------------
Source: computerworld.com
By: Mathias Thurman
I was called to our general counsel’s office to discuss electronic-discovery laws that went into effect last year. I was glad, since addressing this topic is long overdue for us.
Top executives often come to recognize important issues in ways that are less than ideal. In this case, our attorney had attended a dinner conference sponsored by a vendor that suggested to its guests that its product was the answer to their e-discovery worries. The attorney described it as an elegant dinner — you would expect fine wine, but he apparently had drunk the Kool-Aid.
We are not required by any current industry certification, attestation or regulation to retain data, other than our financials, which is a Sarbanes-Oxley Act and IRS requirement. But we nonetheless retain a lot of data, and e-discovery regulations are a good reason to re-evaluate our retention policies.
I’m not a lawyer, but here’s what I understand about the e-discovery amendment to the Federal Rules of Civil Procedure. Say, for example, that an employee accuses a supervisor of harassment. The human resources and legal departments could then anticipate that there might be some sort of legal action. Under the new rules, the IT department would have to begin collecting all digital communications that the parties involved had sent or received. We would take similar action if the company was subpoenaed and ordered to collect relevant communications.
There are many more instances that could trigger the e-discovery provisions, but the key thing is that retention is not required before some triggering event occurs. But if you have retained data, that is also subject to e-discovery.
So, if we didn’t have a retention policy, we wouldn’t have any archived data to search and provide to the authorities. We wouldn’t have to expend resources to search through archived data. And we’re talking about a lot of resources, both in time and money, with the money going to pay for a product like the one our general counsel had heard about at the dinner. That’s why we need to decide whether to adjust our data retention policy.
Retention Issues
As I said, we retain a lot without being required to do so. And our company is hardly unique. We back up certain data repositories — source code, design documents, service manuals and device configurations — to handle various disaster recovery and business continuity issues.
Of course, we also provide our employees with e-mail and a “home” directory: a dedicated drive share on a Windows file server for storing business- related data. Those 8,000 home directories and e‑mail accounts get backed up every night. But while e-mail is stored on a server, mail relays also contain information related to the receipt of e-mail. We use IP telephony, and voice-mail messages are stored as .wav files on a server, but they can also be sent to an employee’s e-mail.
To Continue Reading: Click Here
----------------------------------------
Source: computerworld.com
By: Mathias Thurman
Maine, other states, set out to store electronic documents
Surrounded by cardboard boxes and musty volumes holding generations of state records, Maine Archivist David Cheever picks up a fragile bundle of paper records that are bound, as was long customary, in thin ribbon that became known as red tape.
Today, an increasing volume of state records is bound in a different way: inside the electronic circuitry of computers, says Cheever.
In Maine and other states, official record-keepers are searching for ways to preserve e-mails and other electronically stored information that will be of interest to researchers, policy makers and the public in years to come. In northern New England, Vermont is dealing with the issue and New Hampshire knows it will have to.
"It's not a question of whether we can afford it, but a question of whether we can afford not to," said Cheever.
"The last thing you want is for the public to lose faith in government because of the inability to preserve the record that validates and substantiates the process by which actions are taken and decisions made."
With 13,000 e-mail accounts in Maine state government alone, there are bound to be some important communications that should be saved, but vanish into cyberspace because there is no formal procedure for preserving them, Cheever said. The issue did not develop overnight.
Since 1970, governments have been developing ways to extract material from a variety of record-keeping systems, such as punch cards, said Victoria Irons Walch, executive director of the Council of State Archivists in Iowa City, Iowa.
In Maine, Angus King, who governed from 1995 to 2003, recognized the issue and directed that his e-mails be made into hard copy for archival purposes, establishing at least an informal state protocol for saving electronic copy.
Now, Maine is moving toward a more formal procedure. The state is screening bids from 14 companies that are outlining ways to capture, store and maintain electronic files. This may also bring about a way to sift through e-mails by using keywords to isolate and capture those containing information about pertinent subjects.
To Continue Reading: Click Here
----------------------------------------
Source: boston.com
Today, an increasing volume of state records is bound in a different way: inside the electronic circuitry of computers, says Cheever.
In Maine and other states, official record-keepers are searching for ways to preserve e-mails and other electronically stored information that will be of interest to researchers, policy makers and the public in years to come. In northern New England, Vermont is dealing with the issue and New Hampshire knows it will have to.
"It's not a question of whether we can afford it, but a question of whether we can afford not to," said Cheever.
"The last thing you want is for the public to lose faith in government because of the inability to preserve the record that validates and substantiates the process by which actions are taken and decisions made."
With 13,000 e-mail accounts in Maine state government alone, there are bound to be some important communications that should be saved, but vanish into cyberspace because there is no formal procedure for preserving them, Cheever said. The issue did not develop overnight.
Since 1970, governments have been developing ways to extract material from a variety of record-keeping systems, such as punch cards, said Victoria Irons Walch, executive director of the Council of State Archivists in Iowa City, Iowa.
In Maine, Angus King, who governed from 1995 to 2003, recognized the issue and directed that his e-mails be made into hard copy for archival purposes, establishing at least an informal state protocol for saving electronic copy.
Now, Maine is moving toward a more formal procedure. The state is screening bids from 14 companies that are outlining ways to capture, store and maintain electronic files. This may also bring about a way to sift through e-mails by using keywords to isolate and capture those containing information about pertinent subjects.
To Continue Reading: Click Here
----------------------------------------
Source: boston.com
Keeping Up With EDD Blogs and Tools
As I wrote last month in the first half of this two-part column, no lawyer today can afford to ignore electronic data discovery. No matter the case, digital data is likely to be implicated. That means lawyers urgently need to understand EDD and keep abreast of developments in the field.
In last month's column, I looked at some of the more useful Web sites for learning about and keeping current with this essential area of practice. This month, I survey blogs about e-discovery and look at some vendor sites that include useful resources.
E-DISCOVERY BLOGS
As I write this column, at least two e-discovery blogs have launched within the last two weeks, attesting to the significance of this field. Of the 19 blogs surveyed here, some focus on e-discovery law and practice and others on the e-discovery industry, but all are potentially useful for keeping current with the field.
Alextronic Discovery. Alexander Lubarsky, the California litigator who writes this blog, admits to a bit of writer's block lately, but vows to pick up the pace of his postings. If he does, his blog is worth following.
Dennis Kennedy. Lawyer and consultant Kennedy writes about a range of legal-technology topics and frequently covers e-discovery.
EDD Blog Online. Written by Jeff Fehrman, president of Electronic Evidence Labs, a division of vendor ONSITE3, and consultant Bob Krantz, this blog promises an "insider's look" at e-discovery. Many of the posts are excerpts of articles from other sources.
EDD Update. Unveiled in September as a joint project of Law Technology News and Law.com Legal Technology, this blog is a venue for posting breaking news, key verdicts and judicial rulings, articles, press releases and more. It features a board of contributors that includes leading lawyers and consultants in the field -- and also me.
E-Discovery and Computer Forensic Blog. The blog of a Los Angeles e-discovery company, many posts are full-text articles from other sources.
E-Discovery in the Trenches. When he launched this blog in April 2007, Jerry Bui, an e-discovery manager with KPMG, dedicated it to those who work "directly in the trenches on EDD projects." Since May, he has posted nothing new.
E-Discovery Team. Ralph Losey, co-chair of the e-discovery team at the law firm Akerman Senterfitt in Orlando, Fla. writes this top-notch blog. His posts are frequent and substantive, covering both EDD law and practice.
E-discovery 2.0. Subtitled, "Thoughts about the evolution of e-discovery," this blog is written by Aaref Hilaly, CEO of e-discovery company Clearwell Systems Inc.
Electronic Discovery and Evidence. Michael Arkfeld, author of the treatise, Electronic Discovery and Evidence, uses this blog to report updates in the law of e-discovery, although his postings are infrequent.
Electronic Discovery Blog. Before he became an attorney, the author of this blog, W. Lawrence Wescott II, was an IT manager, a background that enables him to write knowledgeably about both law and technology.
To Continue Reading: Click Here
----------------------------------------
Source: law.com
By: Robert J. Ambrogi
In last month's column, I looked at some of the more useful Web sites for learning about and keeping current with this essential area of practice. This month, I survey blogs about e-discovery and look at some vendor sites that include useful resources.
E-DISCOVERY BLOGS
As I write this column, at least two e-discovery blogs have launched within the last two weeks, attesting to the significance of this field. Of the 19 blogs surveyed here, some focus on e-discovery law and practice and others on the e-discovery industry, but all are potentially useful for keeping current with the field.
Alextronic Discovery. Alexander Lubarsky, the California litigator who writes this blog, admits to a bit of writer's block lately, but vows to pick up the pace of his postings. If he does, his blog is worth following.
Dennis Kennedy. Lawyer and consultant Kennedy writes about a range of legal-technology topics and frequently covers e-discovery.
EDD Blog Online. Written by Jeff Fehrman, president of Electronic Evidence Labs, a division of vendor ONSITE3, and consultant Bob Krantz, this blog promises an "insider's look" at e-discovery. Many of the posts are excerpts of articles from other sources.
EDD Update. Unveiled in September as a joint project of Law Technology News and Law.com Legal Technology, this blog is a venue for posting breaking news, key verdicts and judicial rulings, articles, press releases and more. It features a board of contributors that includes leading lawyers and consultants in the field -- and also me.
E-Discovery and Computer Forensic Blog. The blog of a Los Angeles e-discovery company, many posts are full-text articles from other sources.
E-Discovery in the Trenches. When he launched this blog in April 2007, Jerry Bui, an e-discovery manager with KPMG, dedicated it to those who work "directly in the trenches on EDD projects." Since May, he has posted nothing new.
E-Discovery Team. Ralph Losey, co-chair of the e-discovery team at the law firm Akerman Senterfitt in Orlando, Fla. writes this top-notch blog. His posts are frequent and substantive, covering both EDD law and practice.
E-discovery 2.0. Subtitled, "Thoughts about the evolution of e-discovery," this blog is written by Aaref Hilaly, CEO of e-discovery company Clearwell Systems Inc.
Electronic Discovery and Evidence. Michael Arkfeld, author of the treatise, Electronic Discovery and Evidence, uses this blog to report updates in the law of e-discovery, although his postings are infrequent.
Electronic Discovery Blog. Before he became an attorney, the author of this blog, W. Lawrence Wescott II, was an IT manager, a background that enables him to write knowledgeably about both law and technology.
To Continue Reading: Click Here
----------------------------------------
Source: law.com
By: Robert J. Ambrogi
Wednesday, November 21, 2007
British data breach affects 25 million
British government officials said today that the personal information for some 25 million people – about half of the country's population – was lost after two computer disks being transported between government departments went missing.
In a statement to the House of Commons, Chancellor Alistair Darling explained that the data had been held on two disks that had been sent to the National Audit Office (NAO) from a Revenue and Customs tax authority (HMRC) office. Paul Gray, chairman of the HMRC, announced his resignation Tuesday after the breach was made public.
The disks - which contained names, addresses, birth dates, national insurance numbers and banking details - were said to be password protected but not encrypted.
Darling said the disks had been sent by a junior HMRC employee through a courier, but the package was not registered or recorded, a violation of HMRC policy.
When the disks failed to arrive, a second disk was sent by registered post which did arrive at the NAO.
A police investigation was launched to find the missing disks, but officials tried to reassure residents that they are in no immediate danger for identity theft or other fraud.
"I regard this as an extremely serious failure by HMRC and appropriate steps are in place," Darling said. "There is no evidence of unusual activity and police have no reason to believe the data has fallen into the wrong hands."
He added that HMRC has now introduced changes in its security procedures and that "the government took the protection of personal data extremely seriously".
Calling the incident a "catastrophic mistake," Shadow Chancellor George Osborne asked: "What is the point of this House passing laws to protect people's private data if those laws are not followed by government?"
Industry figures were quick to condemn HMRC and the government.
Tom de Jongh, product manager at encryption specialist SafeBoot, said: "The responsibility must lie with the people in charge, and it is only right that Mr. Gray resigned. Under his leadership, mandatory security measures should have been in place to make sure these mistakes do not occur."
Greg Day, security analyst at McAfee, said that the loss of the data by HMRC served as "yet another example of the danger of putting sensitive information on an easy-to-lose format, such as disks, and the result of internal policies not being backed up by good security practice."
To Continue Reading: Click Here
----------------------------------------
Source: SC Magazine
By: Paul Fisher
In a statement to the House of Commons, Chancellor Alistair Darling explained that the data had been held on two disks that had been sent to the National Audit Office (NAO) from a Revenue and Customs tax authority (HMRC) office. Paul Gray, chairman of the HMRC, announced his resignation Tuesday after the breach was made public.
The disks - which contained names, addresses, birth dates, national insurance numbers and banking details - were said to be password protected but not encrypted.
Darling said the disks had been sent by a junior HMRC employee through a courier, but the package was not registered or recorded, a violation of HMRC policy.
When the disks failed to arrive, a second disk was sent by registered post which did arrive at the NAO.
A police investigation was launched to find the missing disks, but officials tried to reassure residents that they are in no immediate danger for identity theft or other fraud.
"I regard this as an extremely serious failure by HMRC and appropriate steps are in place," Darling said. "There is no evidence of unusual activity and police have no reason to believe the data has fallen into the wrong hands."
He added that HMRC has now introduced changes in its security procedures and that "the government took the protection of personal data extremely seriously".
Calling the incident a "catastrophic mistake," Shadow Chancellor George Osborne asked: "What is the point of this House passing laws to protect people's private data if those laws are not followed by government?"
Industry figures were quick to condemn HMRC and the government.
Tom de Jongh, product manager at encryption specialist SafeBoot, said: "The responsibility must lie with the people in charge, and it is only right that Mr. Gray resigned. Under his leadership, mandatory security measures should have been in place to make sure these mistakes do not occur."
Greg Day, security analyst at McAfee, said that the loss of the data by HMRC served as "yet another example of the danger of putting sensitive information on an easy-to-lose format, such as disks, and the result of internal policies not being backed up by good security practice."
To Continue Reading: Click Here
----------------------------------------
Source: SC Magazine
By: Paul Fisher
Is e-mail dead? Hardly
Its use is growing right alongside texting and IM among younger Net users
A flurry of blogs and news items on the Internet last week suggested that young Internet users are increasingly relying on instant messaging, texting and social networking sites to communicate, often via mobile devices, and almost to the exclusion of e-mail.
One of those blogs, by Chad Lorenz at Slate, even asserted that "e-mail is looking obsolete," under the headline "The Death of E-Mail." <>
But the reality is much more complex. Some market reports and analysts predict that e-mail accounts will continue to grow as other messaging modes gain popularity and as use of the Internet expands globally.
And while teenagers under 18 appear to often eschew e-mail for social networks or IM, three college students under 21 said in interviews that they rely on e-mail as much as other modes of communication for complicated, lengthier or formal interactions, such as with professors, and with other students involved in group projects and other school work.
The college crowd
"I used IM a lot in high school, but my IM use decreased in college," said Matt Melymuka, a junior majoring in finance at Georgetown University in Washington. "I use e-mail a lot ... very frequently," he said, noting that he sends e-mail to professors about assignments and to other students involved in group projects for classes.
He estimated that the university sends about 10 broadcast e-mails every day on a range of subjects including public safety. "E-mail is the most formal and best means of communicating, definitely," he said.
However, Melymuka also declared himself a "pretty big" text messaging user, finding that sending text messages from his cell phone is more useful than e-mail for quick social interactions.
In similar fashion, Andy Tybus, a freshman majoring in mechanical engineering at the University of New Hampshire in Durham, said he checks e-mail at least three times a week to communicate with project group members and to monitor official messages from school officials.
But Tybus also has a Facebook page that he checks daily for messages and a Treo wireless handheld that he uses to check and send e-mail.
Another UNH freshman, Ben Parker, who is studying music education, said he checks e-mail as many as three times a day to monitor changes in homework or ensemble rehearsals. The school's public safety officials also use e-mail to notify students about safety concerns. "A lot of students here use e-mail," he said. "You have to check it for classes and homework, so it's really important."
To Continue Reading: Click Here
----------------------------------------
Source: Computerworld
By: Matt Hamblen
A flurry of blogs and news items on the Internet last week suggested that young Internet users are increasingly relying on instant messaging, texting and social networking sites to communicate, often via mobile devices, and almost to the exclusion of e-mail.
One of those blogs, by Chad Lorenz at Slate, even asserted that "e-mail is looking obsolete," under the headline "The Death of E-Mail." <>
But the reality is much more complex. Some market reports and analysts predict that e-mail accounts will continue to grow as other messaging modes gain popularity and as use of the Internet expands globally.
And while teenagers under 18 appear to often eschew e-mail for social networks or IM, three college students under 21 said in interviews that they rely on e-mail as much as other modes of communication for complicated, lengthier or formal interactions, such as with professors, and with other students involved in group projects and other school work.
The college crowd
"I used IM a lot in high school, but my IM use decreased in college," said Matt Melymuka, a junior majoring in finance at Georgetown University in Washington. "I use e-mail a lot ... very frequently," he said, noting that he sends e-mail to professors about assignments and to other students involved in group projects for classes.
He estimated that the university sends about 10 broadcast e-mails every day on a range of subjects including public safety. "E-mail is the most formal and best means of communicating, definitely," he said.
However, Melymuka also declared himself a "pretty big" text messaging user, finding that sending text messages from his cell phone is more useful than e-mail for quick social interactions.
In similar fashion, Andy Tybus, a freshman majoring in mechanical engineering at the University of New Hampshire in Durham, said he checks e-mail at least three times a week to communicate with project group members and to monitor official messages from school officials.
But Tybus also has a Facebook page that he checks daily for messages and a Treo wireless handheld that he uses to check and send e-mail.
Another UNH freshman, Ben Parker, who is studying music education, said he checks e-mail as many as three times a day to monitor changes in homework or ensemble rehearsals. The school's public safety officials also use e-mail to notify students about safety concerns. "A lot of students here use e-mail," he said. "You have to check it for classes and homework, so it's really important."
To Continue Reading: Click Here
----------------------------------------
Source: Computerworld
By: Matt Hamblen
Tuesday, November 20, 2007
Sending E-mail Into Thin Air
White House officials acknowledge they're missing millions of e-mail messages that federal law required them to preserve. They've failed to explain how the e-mail disappeared. And they've yet to provide details on what they're doing to try to recover the messages and prevent further deletions.
But, true to form, the Bush administration had no trouble finding the audacity necessary to argue in court that a federal judge should accept a promise that every effort is under way to keep records intact.
Fortunately, the judge decided that a formal order, which carries penalties for noncompliance, would be a wise precaution.5 million missingLast week's order was "an important and necessary first step toward restoring and preserving for the public all the records of this administration, not just those self-selected for preservation by an administration committed more to secrecy than compliance with the law," said Anne Weismann, chief counsel for the Citizens for Responsibility and Ethics in Washington, the organization that brought the suit. "This is the first time a federal court has issued a temporary restraining order against the Bush administration."
Under federal law, White House officials can't destroy records, including e-mail, without an OK from the national archivist.
But some e-mail between March 2003 and October 2005 is missing. Officials at the watchdog group Citizens for Responsibility and Ethics in Washington say they've been told by internal sources that 5 million messages or more are gone.
To Continue Reading: Click Here
---------------------------------------
Source: theledger.com
But, true to form, the Bush administration had no trouble finding the audacity necessary to argue in court that a federal judge should accept a promise that every effort is under way to keep records intact.
Fortunately, the judge decided that a formal order, which carries penalties for noncompliance, would be a wise precaution.5 million missingLast week's order was "an important and necessary first step toward restoring and preserving for the public all the records of this administration, not just those self-selected for preservation by an administration committed more to secrecy than compliance with the law," said Anne Weismann, chief counsel for the Citizens for Responsibility and Ethics in Washington, the organization that brought the suit. "This is the first time a federal court has issued a temporary restraining order against the Bush administration."
Under federal law, White House officials can't destroy records, including e-mail, without an OK from the national archivist.
But some e-mail between March 2003 and October 2005 is missing. Officials at the watchdog group Citizens for Responsibility and Ethics in Washington say they've been told by internal sources that 5 million messages or more are gone.
To Continue Reading: Click Here
---------------------------------------
Source: theledger.com
Computer forensics in the age of compliance
Breaking down the process for FISMA, PCI and HIPAA
In previous articles, I've discussed log management and incident response in the age of compliance. It's time to cover a separate topic that has connections to both log analysis and incident management, but is different enough to justify its own article: digital forensics.
Digital forensics is the process of using the scientific method to examine digital media in order to establish facts for legal purposes, especially judicial review. It involves the systematic inspection of IT systems, especially data-storage devices, for evidence of a civil wrongdoing or criminal act.
Because of its focus on facts and scientific method, computer forensics processes must adhere to courtroom standards of admissible evidence, which severely complicates some of the otherwise simple data-analysis tasks such as looking at logs to determine who connected to the system. Thus, forensic investigation of computer evidence is different from a routine review of logs and system data, which often produces "hunch-quality data" and not facts.
For example, if you see a source IP address that resolves to "jsmith.example.com," you might assume that John Smith is responsible for that traffic. That deduction might be good enough for an informal investigation, but it will certainly not be sufficient in court.
Not just about hard drives
A common example of a computer forensic investigation is a search for child pornography, during which an investigator removes a hard drive from a computer, loads the disk into a forensics tool and reviews the contents to find illegal image files that a user is hiding or thought he had deleted. However, digital forensics has a broader reach than this case, and electronic evidence can be collected from a variety of sources, including network gear, desktops and servers, mobile devices, and databases.
Review of data produced by these IT components can, for example, show investigators of a data breach whether company employees have accessed confidential data, what steps they took to obtain the data and what they did with it. This is where the link between log data and computer forensics becomes most obvious -- logs become the first place to look during the investigation. Even though sometimes seen as difficult to analyze, logs are still easier to obtain and review than full disk contents. If logs are generated, they can help to figure out the who, what, where, when and how of user and system activities.
To Continue Reading: Click Here
---------------------------------------
Source: Computer World
In previous articles, I've discussed log management and incident response in the age of compliance. It's time to cover a separate topic that has connections to both log analysis and incident management, but is different enough to justify its own article: digital forensics.
Digital forensics is the process of using the scientific method to examine digital media in order to establish facts for legal purposes, especially judicial review. It involves the systematic inspection of IT systems, especially data-storage devices, for evidence of a civil wrongdoing or criminal act.
Because of its focus on facts and scientific method, computer forensics processes must adhere to courtroom standards of admissible evidence, which severely complicates some of the otherwise simple data-analysis tasks such as looking at logs to determine who connected to the system. Thus, forensic investigation of computer evidence is different from a routine review of logs and system data, which often produces "hunch-quality data" and not facts.
For example, if you see a source IP address that resolves to "jsmith.example.com," you might assume that John Smith is responsible for that traffic. That deduction might be good enough for an informal investigation, but it will certainly not be sufficient in court.
Not just about hard drives
A common example of a computer forensic investigation is a search for child pornography, during which an investigator removes a hard drive from a computer, loads the disk into a forensics tool and reviews the contents to find illegal image files that a user is hiding or thought he had deleted. However, digital forensics has a broader reach than this case, and electronic evidence can be collected from a variety of sources, including network gear, desktops and servers, mobile devices, and databases.
Review of data produced by these IT components can, for example, show investigators of a data breach whether company employees have accessed confidential data, what steps they took to obtain the data and what they did with it. This is where the link between log data and computer forensics becomes most obvious -- logs become the first place to look during the investigation. Even though sometimes seen as difficult to analyze, logs are still easier to obtain and review than full disk contents. If logs are generated, they can help to figure out the who, what, where, when and how of user and system activities.
To Continue Reading: Click Here
---------------------------------------
Source: Computer World
What's important for 2008?
We recently conducted a study asking CIOs, e-mail system admins and others about the importance of various initiatives over the next 12 months.
Of the 10 initiatives about which we asked these individuals, improving antispyware capabilities was determined to be the most important area for investment in 2008 – 69% of respondents told us that improving their antispyware systems was important or extremely important, while only 6% indicated that this was not an important initiative.
Almost as important were improving disaster recovery and business continuity capabilities – 68% viewed improving these capabilities as important or extremely important, while only 11% felt that this was not an important area for their organizations next year.
An interesting finding from the study focused on e-mail archiving: while 56% of respondents told us that deploying or improving their e-mail archiving capabilities for e-discovery purposes was important or extremely important, 67% told us that archiving for storage management was important.
This last point indicates the direction that e-mail archiving is going. While archiving has traditionally been deployed for regulatory compliance and more recently for e-discovery applications, many organizations are now viewing archiving as a useful tool for managing e-mail storage growth, the leading messaging-related problem cited by decision makers in numerous Osterman Research surveys.
To Continue Reading: Click Here
---------------------------------------
Source: Network World
Of the 10 initiatives about which we asked these individuals, improving antispyware capabilities was determined to be the most important area for investment in 2008 – 69% of respondents told us that improving their antispyware systems was important or extremely important, while only 6% indicated that this was not an important initiative.
Almost as important were improving disaster recovery and business continuity capabilities – 68% viewed improving these capabilities as important or extremely important, while only 11% felt that this was not an important area for their organizations next year.
An interesting finding from the study focused on e-mail archiving: while 56% of respondents told us that deploying or improving their e-mail archiving capabilities for e-discovery purposes was important or extremely important, 67% told us that archiving for storage management was important.
This last point indicates the direction that e-mail archiving is going. While archiving has traditionally been deployed for regulatory compliance and more recently for e-discovery applications, many organizations are now viewing archiving as a useful tool for managing e-mail storage growth, the leading messaging-related problem cited by decision makers in numerous Osterman Research surveys.
To Continue Reading: Click Here
---------------------------------------
Source: Network World
Subscribe to:
Posts (Atom)
