Leicestershire, U.K. police have made an arrest over the sale on eBay of a computer that contained the personal details of thousands of council taxpayers.
A criminal investigation started after the names and addresses, bank account numbers and sort codes of people in the Charnwood Borough Council region of Leicestershire reportedly turned up on a hard drive of a computer sold on eBay.
According to the Daily Mail, the computer was sold on eBay to a Scottish computer expert for just £6.99 (US$14). The expert then used data recovery equipment to discover around 35,000 files, including council tax bills, photographs of council staff and internal memos.
News of the security breach emerged a day after it was disclosed that a computer storing information on up to one million bank customers was sold on eBay for £35.
The council issued a statement stating it had found and is currently retrieving the hard drive. A Charnwood Borough Council spokesperson said the local authority had "acted swiftly" to contain the situation within almost 24 hours.
"The purchaser is cooperating with Charnwood and has stated that the data has not been distributed to any other parties."
A spokesperson from Leicestershire Constabulary confirmed that an arrest has been made. The police nor the council could not be drawn for further comment on the investigation.
To Continue Reading: Click Here
------------------------------------------
Source: pcworld.com
Sunday, August 31, 2008
New Rule 502 to Protect Against Privilege Waiver
Due to the skyrocketing cost of producing electronically stored information in litigation, the U.S. Senate unanimously passed without amendment Senate Bill S. 2450 in February. If, as expected, the bill is approved by the House of Representatives, the long-anticipated new Federal Rule of Evidence 502 should take effect on Dec. 1.
Proposed Rule 502 is intended to reduce the staggering costs of document and ESI review by protecting against waiver of the attorney-client privilege and work-product immunity. The legislation would apply to proceedings commenced after the effective date and, "insofar as is just and practicable," to all proceedings pending on that date -- obviously including many current lawsuits.
In what now is likely its final form, Rule 502 seeks to protect against forfeiting a privilege when disclosure in a federal action is the result of an innocent mistake. The rule also would enforce often-agreed-upon court orders permitting procedures like the so-called "quick peek" that allows requesting parties to assess the producing party's ESI before more definitively delineating the scope of production, and "claw-backs" allowing the return of inadvertent disclosures without claim of waiver.
By way of background, in 2006, House Judiciary Committee Chairman James Sensenbrenner, R-Wis. -- concerned about rising costs associated with ESI -- suggested that the Judicial Conference of the United States consider proposing to Congress a rule dealing with waiver of attorney-client privilege and work-product. Unlike rules of civil procedure, rules governing evidentiary privilege must be approved by an act of Congress pursuant to the Rules Enabling Act, 28 U.S.C. 2074(b).
The Advisory Committee on Evidence Rules accordingly prepared drafts that were revised after testimony from a select group of judges, lawyers and academics, and again revised after two days of public testimony and the consideration of more than 70 written submissions from groups including defense and plaintiffs' lawyers, corporate counsel, the American Bar Association and even prisoners. In late 2007, the Advisory Committee provided its final draft, concluding that the current law on waiver of privilege and work-product is largely responsible for the rising costs of discovery, especially discovery of ESI. The Standing Committee on Rules of Practice and Procedure and the Judicial Conference itself approved the text, which then was introduced as a bill by senators Arlen Specter, R-Pa., and Patrick Leahy, D-Vt.
In complex litigation, lawyers spend significant time in efforts to preserve work-product and the attorney-client privilege because they know that, under existing law in some jurisdictions, if one protected document is produced -- even inadvertently -- there is a risk that a court may find a subject-matter waiver. Subject-matter waiver means that attorney-client privileged communications and work-product are considered waived not only as to the disclosure at issue but as to all related material -- and not only in that instant case, but in all other cases.
To Continue Reading: Click Here
------------------------------------------
Source: law.com
By: Alvin F. Lindsay
Proposed Rule 502 is intended to reduce the staggering costs of document and ESI review by protecting against waiver of the attorney-client privilege and work-product immunity. The legislation would apply to proceedings commenced after the effective date and, "insofar as is just and practicable," to all proceedings pending on that date -- obviously including many current lawsuits.
In what now is likely its final form, Rule 502 seeks to protect against forfeiting a privilege when disclosure in a federal action is the result of an innocent mistake. The rule also would enforce often-agreed-upon court orders permitting procedures like the so-called "quick peek" that allows requesting parties to assess the producing party's ESI before more definitively delineating the scope of production, and "claw-backs" allowing the return of inadvertent disclosures without claim of waiver.
By way of background, in 2006, House Judiciary Committee Chairman James Sensenbrenner, R-Wis. -- concerned about rising costs associated with ESI -- suggested that the Judicial Conference of the United States consider proposing to Congress a rule dealing with waiver of attorney-client privilege and work-product. Unlike rules of civil procedure, rules governing evidentiary privilege must be approved by an act of Congress pursuant to the Rules Enabling Act, 28 U.S.C. 2074(b).
The Advisory Committee on Evidence Rules accordingly prepared drafts that were revised after testimony from a select group of judges, lawyers and academics, and again revised after two days of public testimony and the consideration of more than 70 written submissions from groups including defense and plaintiffs' lawyers, corporate counsel, the American Bar Association and even prisoners. In late 2007, the Advisory Committee provided its final draft, concluding that the current law on waiver of privilege and work-product is largely responsible for the rising costs of discovery, especially discovery of ESI. The Standing Committee on Rules of Practice and Procedure and the Judicial Conference itself approved the text, which then was introduced as a bill by senators Arlen Specter, R-Pa., and Patrick Leahy, D-Vt.
In complex litigation, lawyers spend significant time in efforts to preserve work-product and the attorney-client privilege because they know that, under existing law in some jurisdictions, if one protected document is produced -- even inadvertently -- there is a risk that a court may find a subject-matter waiver. Subject-matter waiver means that attorney-client privileged communications and work-product are considered waived not only as to the disclosure at issue but as to all related material -- and not only in that instant case, but in all other cases.
To Continue Reading: Click Here
------------------------------------------
Source: law.com
By: Alvin F. Lindsay
Did the ILTA Conference Deliver?
The International Legal Technology Association's annual meeting was held last week in Grapevine, Texas, just outside of Dallas. The theme this year was "Global Perspective, Peer Advantage."
The "Peer Advantage" part of the theme carries the most weight. Out of the conferences I attend, including LegalTech, the educational value from peers working in, and responsible for, legal IT in law firm and educational environments is top-notch at ILTA. In this way, it has maintained its historical roots as a Wang user group meeting.
As for the "Global Perspective," that is relevant to the firm's practice or reflective of the multinational nature of the corporation. At the least, there were numerous educational sessions aimed at globalization including "International Discovery and Handling Foreign Language Data," "Deploying, Training and Supporting Desktop and Practice Applications Globally" and "Global Planning: Cultural Differences and Other Challenges" that covered the management of a project team spanning multiple time zones.
In addition to the education from peers and sessions, vendors take the opportunity to update attendees on their products and services. For example, Aderant gave a session on reporting business analytics and Interwoven gave attendees their view of matter life cycle management with WorkSite.
ON THE FLOOR
When I talked to attendees in the exhibit hall, many were interested in finding products for electronic data discovery from collection to review, knowledge management, voice over IP, digital dictation workflow, e-mail archiving and matter-centricity, as well as virtualization and co-location services for disaster recovery. Well, this was not the right show to get a rundown on VoIP systems, co-location providers and virtualization options from vendors. LegalTech New York or Interop are better shows for those vendors to set up booths. And as for knowledge management, it depends on your definition of KM.
To Continue Reading: Click Here
------------------------------------------
Source: law.com
By: Sean Doherty
The "Peer Advantage" part of the theme carries the most weight. Out of the conferences I attend, including LegalTech, the educational value from peers working in, and responsible for, legal IT in law firm and educational environments is top-notch at ILTA. In this way, it has maintained its historical roots as a Wang user group meeting.
As for the "Global Perspective," that is relevant to the firm's practice or reflective of the multinational nature of the corporation. At the least, there were numerous educational sessions aimed at globalization including "International Discovery and Handling Foreign Language Data," "Deploying, Training and Supporting Desktop and Practice Applications Globally" and "Global Planning: Cultural Differences and Other Challenges" that covered the management of a project team spanning multiple time zones.
In addition to the education from peers and sessions, vendors take the opportunity to update attendees on their products and services. For example, Aderant gave a session on reporting business analytics and Interwoven gave attendees their view of matter life cycle management with WorkSite.
ON THE FLOOR
When I talked to attendees in the exhibit hall, many were interested in finding products for electronic data discovery from collection to review, knowledge management, voice over IP, digital dictation workflow, e-mail archiving and matter-centricity, as well as virtualization and co-location services for disaster recovery. Well, this was not the right show to get a rundown on VoIP systems, co-location providers and virtualization options from vendors. LegalTech New York or Interop are better shows for those vendors to set up booths. And as for knowledge management, it depends on your definition of KM.
To Continue Reading: Click Here
------------------------------------------
Source: law.com
By: Sean Doherty
Friday, August 29, 2008
E-Mail Discovery Best Practices
Don't wait to be on the receiving end of a subpoena or regulatory investigation before acting.
Be proactive.
Don't wait to be on the receiving end of a subpoena or regulatory investigation before acting. Whether it is because of Enron, Elliot Spitzer, or the Wall Street Journal, regulators and the courts have become increasingly aggressive in enforcing regulations, all of which involve e-discovery. Courts view e-mails as the place to find out who knew what and when in civil, criminal, or patent litigation. Sooner or later, it will happen to you. So be proactive and invest in processes and products to minimize the impact of e-discovery on your organization.
What you don't know can hurt you.
If only the old adage ("what you don't know won't hurt you") were true. You could simply delete all e-mails and minimize the risk of someone using them against you. But in today's increasingly inter-connected world, that is no longer an option. E-mail flows freely across organizational boundaries, making it impossible to destroy all copies of any given message. Enterprises are better off storing all business-related e-mails and knowing what they contain. Ultimately, when you sit down to determine your legal strategy (e.g., "do we settle or fight?"), it's not unlike playing a game of poker. By storing e-mails, you not only know your cards but you also know the cards that your opponent may have.
Pick your partner carefully.
Given that keyword search tools from e-mail archives or other vendors aren't sufficient, you'll need to pick an e-discovery partner. There are a wide range of e-discovery products and services to choose from. Whatever you decide, make sure that your chosen solution has everything it takes to address the problem: a single interface to all of your e-mail repositories so nothing is missed; the linking of e-mails into discussion threads to establish who knew what and when; the ranking of e-mail search results by relevance; and so on.
To Continue Reading: Click Here
------------------------------------------
Source: my.advisor.com
By: Aaref Hilaly - CEO Clearwell Systems
Be proactive.
Don't wait to be on the receiving end of a subpoena or regulatory investigation before acting. Whether it is because of Enron, Elliot Spitzer, or the Wall Street Journal, regulators and the courts have become increasingly aggressive in enforcing regulations, all of which involve e-discovery. Courts view e-mails as the place to find out who knew what and when in civil, criminal, or patent litigation. Sooner or later, it will happen to you. So be proactive and invest in processes and products to minimize the impact of e-discovery on your organization.
What you don't know can hurt you.
If only the old adage ("what you don't know won't hurt you") were true. You could simply delete all e-mails and minimize the risk of someone using them against you. But in today's increasingly inter-connected world, that is no longer an option. E-mail flows freely across organizational boundaries, making it impossible to destroy all copies of any given message. Enterprises are better off storing all business-related e-mails and knowing what they contain. Ultimately, when you sit down to determine your legal strategy (e.g., "do we settle or fight?"), it's not unlike playing a game of poker. By storing e-mails, you not only know your cards but you also know the cards that your opponent may have.
Pick your partner carefully.
Given that keyword search tools from e-mail archives or other vendors aren't sufficient, you'll need to pick an e-discovery partner. There are a wide range of e-discovery products and services to choose from. Whatever you decide, make sure that your chosen solution has everything it takes to address the problem: a single interface to all of your e-mail repositories so nothing is missed; the linking of e-mails into discussion threads to establish who knew what and when; the ranking of e-mail search results by relevance; and so on.
To Continue Reading: Click Here
------------------------------------------
Source: my.advisor.com
By: Aaref Hilaly - CEO Clearwell Systems
Managing electronic-discovery consultants and vendors wisely
Some sources estimate that the e-discovery consultant market is presently $3 billion and growing.
Close attorney supervision, good communication and strategic foresight remain necessary, however, to a successful relationship among the litigant, counsel and the e-vendor. Litigants and counsel must also certify the results of a vendor's work, and responsibilities under the procedural rules cannot simply be delegated away.
Why electronic-discovery consultants?
Vendors serve important functions: identifying available electronically stored information; translating information to a form that may be read or understood without actually changing the data; transferring information to an appropriate medium for production during the litigation process; and assisting with forensic analysis if necessary.
"Electronically stored information" under Fed. R. Civ. P. 26 and 34, and similar state rules, is broadly defined.
E-discovery vendors are able to provide expertise in identifying information, using sophisticated software to winnow duplicative or irrelevant information, to access it, and to translate it to a communicable form without changing delicate metadata or other information.
A vendor is able to canvass key employees in a streamlined manner and can efficiently identify relevant data-mines and the information needed for preservation.
F.R.C.P. 26(f) requires that counsel meet and confer at the inception of the litigation regarding sources of electronic information that are "reasonably accessible" and "not reasonably accessible." The vendor can assist in making this determination.
Vendors can also assist with preservation protocols, helping to ensure that complicated auto-delete programs do not eviscerate relevant data or force a company to undertake the expensive process of resorting to back-up tapes to retrieve the data.
To Continue Reading: Click Here
------------------------------------------
Source: masslawyersweekly.com
By: James J. Marcellino and Margaret M. Carleen
Close attorney supervision, good communication and strategic foresight remain necessary, however, to a successful relationship among the litigant, counsel and the e-vendor. Litigants and counsel must also certify the results of a vendor's work, and responsibilities under the procedural rules cannot simply be delegated away.
Why electronic-discovery consultants?
Vendors serve important functions: identifying available electronically stored information; translating information to a form that may be read or understood without actually changing the data; transferring information to an appropriate medium for production during the litigation process; and assisting with forensic analysis if necessary.
"Electronically stored information" under Fed. R. Civ. P. 26 and 34, and similar state rules, is broadly defined.
E-discovery vendors are able to provide expertise in identifying information, using sophisticated software to winnow duplicative or irrelevant information, to access it, and to translate it to a communicable form without changing delicate metadata or other information.
A vendor is able to canvass key employees in a streamlined manner and can efficiently identify relevant data-mines and the information needed for preservation.
F.R.C.P. 26(f) requires that counsel meet and confer at the inception of the litigation regarding sources of electronic information that are "reasonably accessible" and "not reasonably accessible." The vendor can assist in making this determination.
Vendors can also assist with preservation protocols, helping to ensure that complicated auto-delete programs do not eviscerate relevant data or force a company to undertake the expensive process of resorting to back-up tapes to retrieve the data.
To Continue Reading: Click Here
------------------------------------------
Source: masslawyersweekly.com
By: James J. Marcellino and Margaret M. Carleen
Bank's Lost Backup Tapes Contained IDs of 12 Million Clients
Headcount for Bank of New York Mellon's lost backup tapes rises from 4.2 million to 12 million personal identities
The Bank of New York Mellon said yesterday that the backup tapes that were lost by its courier earlier this year may have included personal information on 8 million more people than the initial 4.2 million it originally announced.
The unencrypted storage tapes from BNY Mellon Shareowner Services were lost by a courier earlier this year while transporting the tapes to an offsite storage location. A forensics investigation of the breach determined that there was significantly more sensitive data on the tapes than first thought.
“When we announced [the lost tapes] back in May, we said we were going to do a top to bottom review across the company and go back and review it again,” a Bank of New York Mellon spokesperson said. “When we discovered [there was] this additional data that may have non-public personal data on it, we brought in a third party” to help investigate it, the spokesperson said.
The individuals whose names, addresses, and Social Security numbers were on the tapes are clients of BNY Mellon Shareholder Services, which provides administrative suport to employee stock purchase programs, as well as other financial services. The bank is currently notifying these additional individuals, and has set up a Website for victims for information and updates.
The Bank of New York Mellon maintains that there’s been no evidence of abuse of the exposed personal data thus far. It is offering to the affected individuals two years of free credit monitoring; $25,000 in identity theft insurance with no deductible; and reimbursement for some credit freeze costs.
Meanwhile, the bank has been doing some in-house security rehabilitation, including an outside review of its policies, procedures, and controls, and moving to electronic, encrypted transmission of stored data where possible rather than the use of storage tapes. It’s also conducting employee education and awareness on data security.
To Continue Reading: Click Here
------------------------------------------
Source: darkreading.com
By: Kelly Jackson Higgins
The Bank of New York Mellon said yesterday that the backup tapes that were lost by its courier earlier this year may have included personal information on 8 million more people than the initial 4.2 million it originally announced.
The unencrypted storage tapes from BNY Mellon Shareowner Services were lost by a courier earlier this year while transporting the tapes to an offsite storage location. A forensics investigation of the breach determined that there was significantly more sensitive data on the tapes than first thought.
“When we announced [the lost tapes] back in May, we said we were going to do a top to bottom review across the company and go back and review it again,” a Bank of New York Mellon spokesperson said. “When we discovered [there was] this additional data that may have non-public personal data on it, we brought in a third party” to help investigate it, the spokesperson said.
The individuals whose names, addresses, and Social Security numbers were on the tapes are clients of BNY Mellon Shareholder Services, which provides administrative suport to employee stock purchase programs, as well as other financial services. The bank is currently notifying these additional individuals, and has set up a Website for victims for information and updates.
The Bank of New York Mellon maintains that there’s been no evidence of abuse of the exposed personal data thus far. It is offering to the affected individuals two years of free credit monitoring; $25,000 in identity theft insurance with no deductible; and reimbursement for some credit freeze costs.
Meanwhile, the bank has been doing some in-house security rehabilitation, including an outside review of its policies, procedures, and controls, and moving to electronic, encrypted transmission of stored data where possible rather than the use of storage tapes. It’s also conducting employee education and awareness on data security.
To Continue Reading: Click Here
------------------------------------------
Source: darkreading.com
By: Kelly Jackson Higgins
Thursday, August 28, 2008
Much Ado About Text Searching
The biggest cost of litigation today is the cost of discovery. And the biggest cost of discovery is the cost of retrieving, reviewing and producing responsive documents stored electronically, while not producing those responsive documents that are privileged or contain work product.
Since many cases involve amounts at issue that e-discovery costs could easily dwarf -- and since almost all cases settle -- the challenge is to select a search and review methodology that is rational and proportionate to the amount at issue and, most importantly, that will provide parties and counsel with reasonable assurance that they are meeting their discovery obligations and containing their costs.
From the earliest stages of e-discovery, parties and counsel yearn for predictability. With the marketplace awash in e-discovery technology and service vendors, and with commentators and conferences daily promoting "cutting-edge" e-discovery strategies, surprisingly, fundamental issues relating to search methodology can be overlooked.
Two recent decisions by Magistrate Judge John M. Facciola and Magistrate Judge Paul W. Grimm, knowledgeable and active jurists in the area of e-discovery, address these fundamentals. Facciola's decision in Equity Analytics LLC v. Lundin, 248 F.R.D. 331 (D.D.C. 2008), and Grimm's in Victor Stanley Inc. v. Creative Pipe Inc., No. MJG-06-2662, 2008 WL 2221841 (D. Md. May 29, 2008), teach that, whatever position lawyers advocate concerning search and review methodology, they must demonstrate with robust record evidence why the methodology is appropriate, how it will achieve the proper objective and why it should be ordered instead of the methodology advocated by the other side.
Equity Analytics and Victor Stanley may raise concern that experts will be required in certain circumstances to support the assertions of counsel, but this proposition is unremarkable. Certainly it is in line with well-established jurisprudence regarding instances when scientific and technical information is necessary to resolve disputed facts.
To Continue Reading: Click Here
------------------------------------------
Source: law.com
By: Debra R. Bernard and Mary Rose Hughes
Since many cases involve amounts at issue that e-discovery costs could easily dwarf -- and since almost all cases settle -- the challenge is to select a search and review methodology that is rational and proportionate to the amount at issue and, most importantly, that will provide parties and counsel with reasonable assurance that they are meeting their discovery obligations and containing their costs.
From the earliest stages of e-discovery, parties and counsel yearn for predictability. With the marketplace awash in e-discovery technology and service vendors, and with commentators and conferences daily promoting "cutting-edge" e-discovery strategies, surprisingly, fundamental issues relating to search methodology can be overlooked.
Two recent decisions by Magistrate Judge John M. Facciola and Magistrate Judge Paul W. Grimm, knowledgeable and active jurists in the area of e-discovery, address these fundamentals. Facciola's decision in Equity Analytics LLC v. Lundin, 248 F.R.D. 331 (D.D.C. 2008), and Grimm's in Victor Stanley Inc. v. Creative Pipe Inc., No. MJG-06-2662, 2008 WL 2221841 (D. Md. May 29, 2008), teach that, whatever position lawyers advocate concerning search and review methodology, they must demonstrate with robust record evidence why the methodology is appropriate, how it will achieve the proper objective and why it should be ordered instead of the methodology advocated by the other side.
Equity Analytics and Victor Stanley may raise concern that experts will be required in certain circumstances to support the assertions of counsel, but this proposition is unremarkable. Certainly it is in line with well-established jurisprudence regarding instances when scientific and technical information is necessary to resolve disputed facts.
To Continue Reading: Click Here
------------------------------------------
Source: law.com
By: Debra R. Bernard and Mary Rose Hughes
Digital DNA
According to the old cliché, content is king. For many organisations today, the content that they produce could be considered as the crown jewels of the business, including highly sensitive and valuable data such as financial records, intellectual property and databases of customer records. There are many that would like to get their hands on those gems of information and preventing this data from leaking out of an organisation is of prime concern to governments, enterprises and small businesses alike.
But it is not just data leakage that organisations today fear. Most entities face some kind of regulation and many of those rules mandate that information produced by or received by the organisation, such as in the form of emails, must be kept for a specified period of time and that its integrity must remain intact. For example, by placing controls on who can access what information and what they can do with it so that records cannot be altered by an unauthorised person.
Most of those regulations mandate that all information must be recoverable so that it can be handed over to authorities should there be suspicions of non-compliance or illegal activity. And this is also occurring in private cases as well. Electronic discovery (e-discovery) lawsuits are now fairly commonplace in the US and are growing in importance in Europe, particularly in the UK. This means that organisations must be able to produce any documentation that could be relevant to the lawsuit—and in any format, from word processing documents and emails, to product designs on CAD-CAM systems.
An organisation that has taken steps to secure and effectively govern its information may think that it can prevent its information gems, or even dregs, such as derogatory comments made by an employee, from falling into the wrong hands. Or they may think that they are in a good position to answer regulatory or e-discovery demands with the minimum of fuss.
To Continue Reading: Click Here
------------------------------------------
Source: it-director.com
By: Fran Howarth
But it is not just data leakage that organisations today fear. Most entities face some kind of regulation and many of those rules mandate that information produced by or received by the organisation, such as in the form of emails, must be kept for a specified period of time and that its integrity must remain intact. For example, by placing controls on who can access what information and what they can do with it so that records cannot be altered by an unauthorised person.
Most of those regulations mandate that all information must be recoverable so that it can be handed over to authorities should there be suspicions of non-compliance or illegal activity. And this is also occurring in private cases as well. Electronic discovery (e-discovery) lawsuits are now fairly commonplace in the US and are growing in importance in Europe, particularly in the UK. This means that organisations must be able to produce any documentation that could be relevant to the lawsuit—and in any format, from word processing documents and emails, to product designs on CAD-CAM systems.
An organisation that has taken steps to secure and effectively govern its information may think that it can prevent its information gems, or even dregs, such as derogatory comments made by an employee, from falling into the wrong hands. Or they may think that they are in a good position to answer regulatory or e-discovery demands with the minimum of fuss.
To Continue Reading: Click Here
------------------------------------------
Source: it-director.com
By: Fran Howarth
Wednesday, August 27, 2008
More than half of SMBs don't have e-mail archiving systems in place
A little over half of small- and medium-sized businesses (SMBs) in the U.S. haven't implemented an e-mail archiving system, but even for those who have, many of them aren't doing enough,
according to a study from GFI Software.
Of the 421 U.S. IT executives at SMBs that GFI surveyed, 53 per cent said they had not implemented an e-mail archiving system within their organizations. However, of the executives that said their organizations had e-mail archiving systems, 35 per cent are relying on end-users to maintain their own archives, 35 per cent use an in-house solution and 33 per cent use tape backups.
The number of people who admitted they didn't have e-mail archiving systems wasn't unexpected, though.
"To be honest, it wasn't surprising," said David Kelleher, communications and research analyst, as well as the project leader for the survey, at GFI Software. "I was speaking to colleagues of mine who have been dealing with e-mail archiving, and some said it was to be expected. Some people were expecting the number to be a bit higher."
Kelleher noted that there has been marked improvement over the past year in the adoption of e-mail archiving systems among SMBs. Growing awareness around the legal and compliance aspects of archiving, especially the e-discovery elements, have pushed many SMBs to implement e-mail archiving systems.
To Continue Reading: Click Here
------------------------------------------
Source: echannelline.com
By: Chris Talbot
according to a study from GFI Software.
Of the 421 U.S. IT executives at SMBs that GFI surveyed, 53 per cent said they had not implemented an e-mail archiving system within their organizations. However, of the executives that said their organizations had e-mail archiving systems, 35 per cent are relying on end-users to maintain their own archives, 35 per cent use an in-house solution and 33 per cent use tape backups.
The number of people who admitted they didn't have e-mail archiving systems wasn't unexpected, though.
"To be honest, it wasn't surprising," said David Kelleher, communications and research analyst, as well as the project leader for the survey, at GFI Software. "I was speaking to colleagues of mine who have been dealing with e-mail archiving, and some said it was to be expected. Some people were expecting the number to be a bit higher."
Kelleher noted that there has been marked improvement over the past year in the adoption of e-mail archiving systems among SMBs. Growing awareness around the legal and compliance aspects of archiving, especially the e-discovery elements, have pushed many SMBs to implement e-mail archiving systems.
To Continue Reading: Click Here
------------------------------------------
Source: echannelline.com
By: Chris Talbot
SaaS Doubts Give Remote Infrastructure Services Life
Remote managed services are a stepping-stone toward cloud computing for companies with economic, legal, or security concerns about software-as-a-service, a Gartner analyst says.
Two years ago, Chiquita Brands International decided to move its 4,000 former Novell (NSDQ: NOVL) GroupWise e-mail users over to Microsoft (NSDQ: MSFT) Exchange. It wanted to get everyone onto the same page as two of the company's other divisions, but it didn't want to deal with the dirty work of a painful migration. And it wanted to avoid hiring new staff to handle the increased complexity of Exchange.
Chiquita found its answer not in software-as-a-service -- which certainly could have sped deployment and made management demands all but zero -- but in Azaleos' remote e-mail management services. Azaleos, run largely by ex-Microsoft employees, moved Chiquita to an on-premises deployment of Exchange that Azaleos monitors and manages from its own headquarters in Seattle.
More Services Insights
Remote managed services are gaining acceptance as a stepping stone toward SaaS or an alternative that companies can use when their economic, legal, or security concerns aren't satisfied enough to buy into SaaS, according to Gartner research VP Matt Cain.
And it's not just in e-mail that remote infrastructure management has found some traction. U.S. engine manufacturer Cummins, for example, contracts with HCL to remotely manage four of its data centers. According to a 2007 McKinsey survey, CIOs estimate 27% of their infrastructure roles could be offshored.
Chiquita CIO Manjit Singh isn't one to automatically shy away from software-as-a-service. The company uses HR services from Workday to manage 26,000 employees. But Singh considers e-mail a different beast than human capital management, at least until service providers get the kinks worked out. "E-mail is the No. 1 app inside most corporations," he said in an interview.
To Continue Reading: Click Here
------------------------------------------
Source: informationweek.com
By: J. Nicholas Hoover
Two years ago, Chiquita Brands International decided to move its 4,000 former Novell (NSDQ: NOVL) GroupWise e-mail users over to Microsoft (NSDQ: MSFT) Exchange. It wanted to get everyone onto the same page as two of the company's other divisions, but it didn't want to deal with the dirty work of a painful migration. And it wanted to avoid hiring new staff to handle the increased complexity of Exchange.
Chiquita found its answer not in software-as-a-service -- which certainly could have sped deployment and made management demands all but zero -- but in Azaleos' remote e-mail management services. Azaleos, run largely by ex-Microsoft employees, moved Chiquita to an on-premises deployment of Exchange that Azaleos monitors and manages from its own headquarters in Seattle.
More Services Insights
Remote managed services are gaining acceptance as a stepping stone toward SaaS or an alternative that companies can use when their economic, legal, or security concerns aren't satisfied enough to buy into SaaS, according to Gartner research VP Matt Cain.
And it's not just in e-mail that remote infrastructure management has found some traction. U.S. engine manufacturer Cummins, for example, contracts with HCL to remotely manage four of its data centers. According to a 2007 McKinsey survey, CIOs estimate 27% of their infrastructure roles could be offshored.
Chiquita CIO Manjit Singh isn't one to automatically shy away from software-as-a-service. The company uses HR services from Workday to manage 26,000 employees. But Singh considers e-mail a different beast than human capital management, at least until service providers get the kinks worked out. "E-mail is the No. 1 app inside most corporations," he said in an interview.
To Continue Reading: Click Here
------------------------------------------
Source: informationweek.com
By: J. Nicholas Hoover
Do RIAA Snoops Need P.I. Licenses?
By now, we all know how the Recording Industry Association of America nabs alleged file sharers, more than 20,000 lawsuits and counting: Hired snoops from MediaSentry -- aka SafeNet -- log onto Kazaa, Limewire or other file sharing programs, peer into open share folders, take screenshots, download a few files and obtain the offending IP addresses.
But in a few states -- Michigan, Texas, Florida, New York, Massachusetts, Oregon and Arizona -- the RIAA's investigators have come under attack by state governments or RIAA defendants. Reason: They are not licensed private investigators in their respective states. Michigan recently told MediaSentry it needed a license (.pdf) to continue practicing.
But demanding a private investigator's license doesn't make such sense for computer forensic work, according to the American Bar Association. In a recent report, the country's largest legal lobbying group urges the states to jettison the idea of, or licensing requirement for computer forensic specialists, especially since most state licensing boards don't demand education in such work.
To Continue Reading: Click Here
------------------------------------------
Source: blog.wired.com
But in a few states -- Michigan, Texas, Florida, New York, Massachusetts, Oregon and Arizona -- the RIAA's investigators have come under attack by state governments or RIAA defendants. Reason: They are not licensed private investigators in their respective states. Michigan recently told MediaSentry it needed a license (.pdf) to continue practicing.
But demanding a private investigator's license doesn't make such sense for computer forensic work, according to the American Bar Association. In a recent report, the country's largest legal lobbying group urges the states to jettison the idea of, or licensing requirement for computer forensic specialists, especially since most state licensing boards don't demand education in such work.
To Continue Reading: Click Here
------------------------------------------
Source: blog.wired.com
Tuesday, August 26, 2008
Electronic Discovery: Managing the Unmanageable
Concrete and common-sense steps that you and your IT team can take to effectively manage the size and cost of e-discovery.
The e-mail or voice-mail message has a familiar and ominous tone: "This is (insert name of in-house counsel here) from the law department. It looks like there may be some litigation involving (insert product name). We don't have a copy of the complaint (or subpoena) yet, but we know we are going to have a pretty tight deadline for responding, and we will need to coordinate with your IT department. You may receive a call from (insert name of law firm you have never heard of before) in the next couple of days to discuss what we need to do in terms of data preservation and our response. If you have any questions, please call or shoot me an e-mail. Thanks very much and have a good day."
And so it begins. It will not be a good day. This message may be the call to arms in an electronic discovery battle that may materially affect your IT plans, projects, personnel and budget.
Benjamin R. Barnett, a partner at Dechert LLPImage Credit: Scott Nibauer.
The critical qualifier is "may." The legal press is chock-full of articles, written by lawyers for lawyers, about how to manage e-discovery. Missing has been straightforward guidance for CIOs about their e-discovery management role. I hope to fill this gap by providing concrete and common-sense steps that you and your IT team can take to effectively manage the size and cost of e-discovery. The first step in this process is to understand some of the e-discovery rules of engagement.
To Continue Reading: Click Here
------------------------------------------
Source: Computerworld
By: Benjamin R. Barnett
The e-mail or voice-mail message has a familiar and ominous tone: "This is (insert name of in-house counsel here) from the law department. It looks like there may be some litigation involving (insert product name). We don't have a copy of the complaint (or subpoena) yet, but we know we are going to have a pretty tight deadline for responding, and we will need to coordinate with your IT department. You may receive a call from (insert name of law firm you have never heard of before) in the next couple of days to discuss what we need to do in terms of data preservation and our response. If you have any questions, please call or shoot me an e-mail. Thanks very much and have a good day."
And so it begins. It will not be a good day. This message may be the call to arms in an electronic discovery battle that may materially affect your IT plans, projects, personnel and budget.
Benjamin R. Barnett, a partner at Dechert LLPImage Credit: Scott Nibauer.
The critical qualifier is "may." The legal press is chock-full of articles, written by lawyers for lawyers, about how to manage e-discovery. Missing has been straightforward guidance for CIOs about their e-discovery management role. I hope to fill this gap by providing concrete and common-sense steps that you and your IT team can take to effectively manage the size and cost of e-discovery. The first step in this process is to understand some of the e-discovery rules of engagement.
To Continue Reading: Click Here
------------------------------------------
Source: Computerworld
By: Benjamin R. Barnett
Monday, August 25, 2008
The EDD Expert Witness: Choose Carefully
The ranks of electronic discovery and computer forensics consultants have multiplied in recent years. Since electronically stored information can be evidence for anything from a white-collar crime to civil litigation to divorce cases, the need for e-discovery and forensics expertise has grown exponentially.
This heavy demand has led to a greater supply of experts with varying degrees of talent, credentials and experience. Because the courts have not established clear standards for e-discovery or computer forensics expertise, lawyers and companies are at a major disadvantage in comparing the quality of the services offered. Attorneys must know enough about e-discovery and computer forensics to distinguish between legitimate and unqualified experts.
Attorneys hire experts to examine digital evidence such as e-mails, documents, Internet chat logs and phone messages. Since hard drives, laptops and personal digital assistants are the source of this electronic evidence, they must be handled and analyzed properly to prevent spoliation, sanctions or having critical evidence deemed inadmissible.
The markets for both e-discovery and forensics services are still relatively young. Legitimate experts know what they can provide; others attempt to profit from market confusion, or to learn new skills on the client's dime. The role of the experts can be best understood by first understanding the investigation/litigation process.
The e-discovery phase involves identifying, collecting and cataloging responsive electronic records in anticipation or at outset of litigation. E-discovery vendors must reduce the data set to a manageable number of relevant, important files. They must ensure that the process is reliable and format the data for attorney review without corrupting the data.
Computer forensics involves identifying, analyzing and forming opinions about electronic evidence to be introduced in court. Since data analyzed during the computer forensics phase are often hidden or embedded within digital files or computer systems, the computer forensics consultant must uncover, preserve and analyze it so it is admissible.
To select a qualified expert witness for a case, an attorney needs to know what precise expertise he or she requires. If the client can properly obtain electronic data for the attorney, the attorney may not need an e-discovery consultant with forensics knowledge. However, if the e-discovery company has little experience or credentials with data collection, chain of custody, court testimony or forensics, the attorney should consider using a vendor with forensics expertise.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Keith Jones and Mauro M. Wolfe
This heavy demand has led to a greater supply of experts with varying degrees of talent, credentials and experience. Because the courts have not established clear standards for e-discovery or computer forensics expertise, lawyers and companies are at a major disadvantage in comparing the quality of the services offered. Attorneys must know enough about e-discovery and computer forensics to distinguish between legitimate and unqualified experts.
Attorneys hire experts to examine digital evidence such as e-mails, documents, Internet chat logs and phone messages. Since hard drives, laptops and personal digital assistants are the source of this electronic evidence, they must be handled and analyzed properly to prevent spoliation, sanctions or having critical evidence deemed inadmissible.
The markets for both e-discovery and forensics services are still relatively young. Legitimate experts know what they can provide; others attempt to profit from market confusion, or to learn new skills on the client's dime. The role of the experts can be best understood by first understanding the investigation/litigation process.
The e-discovery phase involves identifying, collecting and cataloging responsive electronic records in anticipation or at outset of litigation. E-discovery vendors must reduce the data set to a manageable number of relevant, important files. They must ensure that the process is reliable and format the data for attorney review without corrupting the data.
Computer forensics involves identifying, analyzing and forming opinions about electronic evidence to be introduced in court. Since data analyzed during the computer forensics phase are often hidden or embedded within digital files or computer systems, the computer forensics consultant must uncover, preserve and analyze it so it is admissible.
To select a qualified expert witness for a case, an attorney needs to know what precise expertise he or she requires. If the client can properly obtain electronic data for the attorney, the attorney may not need an e-discovery consultant with forensics knowledge. However, if the e-discovery company has little experience or credentials with data collection, chain of custody, court testimony or forensics, the attorney should consider using a vendor with forensics expertise.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Keith Jones and Mauro M. Wolfe
Clearwell makes its e-discovery search more transparent
Clearwell Systems Inc. is adding what it calls "transparent search" to its Clearwell E-Discovery Platform 4.0 appliance for processing and managing email and documents for legal purposes.
Clearwell's transparent search includes new preview, filter, multiple query and report capabilities. It allows customers to customize wild-card searches and quickly filter results to identify and exclude false positive matches. E-Discovery Platform can now run more queries simultaneously to decrease the search time and will display returns for each individual query term. It also now creates a report that documents all search criteria and results, tracking terms that were included and excluded during the search preview to create an audit trail to provide opposing counsel or use in court.
Kamal Shah, Clearwell vice president of marketing, said the vendor recognizes that search for e-discovery is different than enterprise or Web search.
"They all start by entering something in a search box, but that's where the similarities end," Shah said. "Saying one approach can be applied by all is like saying the same person can win the 100 meters and marathon in the Olympics. They have different objectives and business drivers. For enterprise search, it's speed and simplicity. For the Web, it's speed, simplicity and scalability. For e-discovery, it's defensibility – can you defend best practices and show it in court and minimize nonrelevant results because of cost per results?"
To Continue Reading: Click Here
--------------------------------------
Source: searchstorage.techtarget.com
By: Dave Raffo
Clearwell's transparent search includes new preview, filter, multiple query and report capabilities. It allows customers to customize wild-card searches and quickly filter results to identify and exclude false positive matches. E-Discovery Platform can now run more queries simultaneously to decrease the search time and will display returns for each individual query term. It also now creates a report that documents all search criteria and results, tracking terms that were included and excluded during the search preview to create an audit trail to provide opposing counsel or use in court.
Kamal Shah, Clearwell vice president of marketing, said the vendor recognizes that search for e-discovery is different than enterprise or Web search.
"They all start by entering something in a search box, but that's where the similarities end," Shah said. "Saying one approach can be applied by all is like saying the same person can win the 100 meters and marathon in the Olympics. They have different objectives and business drivers. For enterprise search, it's speed and simplicity. For the Web, it's speed, simplicity and scalability. For e-discovery, it's defensibility – can you defend best practices and show it in court and minimize nonrelevant results because of cost per results?"
To Continue Reading: Click Here
--------------------------------------
Source: searchstorage.techtarget.com
By: Dave Raffo
Clean hard drives if recycling computers
It doesn’t take too many years for old computers, televisions and other electronic devices to dominate storage space in garages and attics it they aren’t thrown away.
In Kansas the law allows electronic equipment to be disposed of in a landfill. In Lawrence, there's no city ordinance preventing you from putting an old computer out with your weekly trash pick up.
That isn’t environmentally sound, of course.
If you care about the environment the best thing to do with old electronics is to recycle them. There are several recycling options for Lawrence residents. A complete list of electronic recycling locations can be found on the city’s waste reduction and recycling Web site.
Recycling or trashing old computers raises major concerns with many people. Personal information about finances, credit cards and other subjects can still be on a computer’s hard drive. There are plenty of people out there who know how to dig out that old information and do something with it.
That could be a serious problem.
If you take your computer to a firm or agency for recycling and you are concerned about what might remain on your hard drive, ask if it will be completely cleaned before it is used again, said Kathy Richardson, supervisor of the city’s waste reduction and recycling staff.
There are some products on the market that will erase old information by writing characters over it, according to the firms that make them. Some claim to meet U.S. Department of Defense requirements by writing over old data at least three times.
To Continue Reading: Click Here
--------------------------------------
Source: ljworld.com
By: Mike Belt
In Kansas the law allows electronic equipment to be disposed of in a landfill. In Lawrence, there's no city ordinance preventing you from putting an old computer out with your weekly trash pick up.
That isn’t environmentally sound, of course.
If you care about the environment the best thing to do with old electronics is to recycle them. There are several recycling options for Lawrence residents. A complete list of electronic recycling locations can be found on the city’s waste reduction and recycling Web site.
Recycling or trashing old computers raises major concerns with many people. Personal information about finances, credit cards and other subjects can still be on a computer’s hard drive. There are plenty of people out there who know how to dig out that old information and do something with it.
That could be a serious problem.
If you take your computer to a firm or agency for recycling and you are concerned about what might remain on your hard drive, ask if it will be completely cleaned before it is used again, said Kathy Richardson, supervisor of the city’s waste reduction and recycling staff.
There are some products on the market that will erase old information by writing characters over it, according to the firms that make them. Some claim to meet U.S. Department of Defense requirements by writing over old data at least three times.
To Continue Reading: Click Here
--------------------------------------
Source: ljworld.com
By: Mike Belt
Sunday, August 24, 2008
Recent cases teach valuable EED lessons
Managing discovery of electronically stored information (ESI) is a challenging task. Companies often generate and store huge volumes of data across multiple sources, employees and locations. Further, many discovery requests that seek ESI disregard the costs or burdens imposed on the responding party. As exemplified in the highly publicized Qualcomm case, moreover, failing to collect and produce relevant information can be costly, and courts have severely punished the failure to produce e-mails or documents.1 Qualcomm, for example, recently paid more than $8.5 million in attorney fees in a patent infringement case for failing to produce numerous e-mails during discovery. Similarly, in a shareholder case, DaimlerChrysler was ordered to pay $556,061 in sanctions after certain documents were not produced until trial.2
Cases involving million-dollar meltdowns, however, should remain the rare exception. Trial attorneys are becoming more adept at conducting e-discovery and can learn helpful lessons from recent cases. Recent e-discovery cases teach three important lessons: (1) properly plan for e-discovery; (2) cooperate with opposing counsel; and (3) correct any mistakes early in the case.
Lesson 1: Develop and execute a plan for preservation and production
Companies bristle at the expense and effort required to preserve and collect information, and for attorneys and vendors to review and produce that information in discovery. Litigants' cost concerns are well founded, particularly as complex cases involve enormous amounts of data. Intel, for example, reportedly has produced 150 million pages of documents to AMD in an antitrust case.3 Intel's production amounts to a stack of discovery “somewhere in the neighborhood of a pile 137 miles high.”4 Despite this massive production, Intel is accused of failing to prepare properly for discovery, including not acting to “suspend, that is turn off, the so-called 'auto-delete' function of its email system, which automatically deleted e-mails ... after they have aged for 35 days.”5 Even after producing huge amounts of relevant information, therefore, companies may still face protracted legal skirmishes over missing discovery.
To Continue Reading: Click Here
--------------------------------------
Source: dailyreportonline.com
By: Cass W. Christenson
Cases involving million-dollar meltdowns, however, should remain the rare exception. Trial attorneys are becoming more adept at conducting e-discovery and can learn helpful lessons from recent cases. Recent e-discovery cases teach three important lessons: (1) properly plan for e-discovery; (2) cooperate with opposing counsel; and (3) correct any mistakes early in the case.
Lesson 1: Develop and execute a plan for preservation and production
Companies bristle at the expense and effort required to preserve and collect information, and for attorneys and vendors to review and produce that information in discovery. Litigants' cost concerns are well founded, particularly as complex cases involve enormous amounts of data. Intel, for example, reportedly has produced 150 million pages of documents to AMD in an antitrust case.3 Intel's production amounts to a stack of discovery “somewhere in the neighborhood of a pile 137 miles high.”4 Despite this massive production, Intel is accused of failing to prepare properly for discovery, including not acting to “suspend, that is turn off, the so-called 'auto-delete' function of its email system, which automatically deleted e-mails ... after they have aged for 35 days.”5 Even after producing huge amounts of relevant information, therefore, companies may still face protracted legal skirmishes over missing discovery.
To Continue Reading: Click Here
--------------------------------------
Source: dailyreportonline.com
By: Cass W. Christenson
When All Agree to Delete
Want to get a lawyer's attention? Just mention "data wiping" and "litigation" in the same breath. You might need to administer CPR. Yet there are cases where both sides recognize the need to thoroughly eradicate electronic data, such as when an employee has spirited away proprietary information to a new job and the old employer needs assurance it won't be exploited. It's a simple-sounding task that's harder and more expensive than many lawyers and judges appreciate.
Sure, you could wipe every sector on the hard drives or scuttle the machines into the Mariana Trench, but then you'd have no record of what went where or how it was used. Think also of the legitimate business and personal data that would be lost. Shifting noncontraband data to new media might work, but who can be entrusted with that job, and how will they divvy up the contents of e-mail container files and other amalgams tainted by stolen information?
The former employer could supervise the process, but affording a competitor such unfettered access is often out of the question. Even if these issues are resolved, will ordinary deletion be sufficient? What's to prevent the other side from resurrecting the deleted data once the case is dismissed?
Before you include data obliteration as a condition of settlement, be certain you've considered all the steps needed to effectuate reliable eradication, as well as the total cost and potential disruption. Start by determining what's been taken by a focused forensic examination of the ex-employer's machines previously used by the departed employee, a job made harder, but not impossible, if machines have been re-tasked to new users or the employee tried to cover his tracks.
Data enters and leaves computers via a handful of common vectors, such as e-mail, thumb drives, external hard drives, optical media or network transfer. So you'll want to know what files, network areas, Internet sites -- especially Web mail services -- and external storage media the employee accessed, especially in the last weeks on the job.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Craig Ball
Compliance quagmires often alienate legal teams
Recent decisions in Qualcomm v. Broadcom—sanctioning party and counsel for discovery misconduct and referring counsel to state bar and remanding for further proceedings—have thrown into bold relief the complicated issues of electronic data discovery compliance.
Discovery increasingly has become a collaborative project of a company and its internal staff, including in-house counsel—together with outside trial counsel. The allocation of responsibility can be troublesome, however, when courts posit that retained counsel must supervise their clients under conditions not consistent with client expectations.
Professional obligations
The American Bar Association's Model Rules of Professional Conduct (2004) provide the ethical framework to assess professional responsibilities in the context of discovery. Model Rule 3.4, “Fairness to Opposing Party and Counsel,” highlights obligations relating to legally proper discovery requests, including the prohibition on unlawfully altering, destroying or concealing material having potential evidentiary value—including computerized information—or counseling or assisting another to do such an act. The model rules do not differentiate between the ethical obligations applicable to in-house lawyers and those retained to represent the client before the tribunal.
The traditional view is that both are officers of the court, bound by the same ABA Code of Professional Responsibility, and subject to the same sanctions. The primary role in regulating professional conduct rests with state bar associations and their disciplinary bodies, although courts sometimes use the model rules as standards of conduct involving counsel practicing before them.
To Continue Reading: Click Here
--------------------------------------
Source: dailyreportonline.com
By: Tom Allman
Discovery increasingly has become a collaborative project of a company and its internal staff, including in-house counsel—together with outside trial counsel. The allocation of responsibility can be troublesome, however, when courts posit that retained counsel must supervise their clients under conditions not consistent with client expectations.
Professional obligations
The American Bar Association's Model Rules of Professional Conduct (2004) provide the ethical framework to assess professional responsibilities in the context of discovery. Model Rule 3.4, “Fairness to Opposing Party and Counsel,” highlights obligations relating to legally proper discovery requests, including the prohibition on unlawfully altering, destroying or concealing material having potential evidentiary value—including computerized information—or counseling or assisting another to do such an act. The model rules do not differentiate between the ethical obligations applicable to in-house lawyers and those retained to represent the client before the tribunal.
The traditional view is that both are officers of the court, bound by the same ABA Code of Professional Responsibility, and subject to the same sanctions. The primary role in regulating professional conduct rests with state bar associations and their disciplinary bodies, although courts sometimes use the model rules as standards of conduct involving counsel practicing before them.
To Continue Reading: Click Here
--------------------------------------
Source: dailyreportonline.com
By: Tom Allman
Friday, August 22, 2008
Strategies for Preparing for E-Discovery
Many organizations are overwhelmed by the information-management requirements of the U.S. Federal Rules of Civil Procedure, and, in trying to prepare for the worst, they sometimes take actions -- such as retaining all electronic content indefinitely -- that may be counter-productive. Developing a strategy will help mitigate risk.
The amendments to the U.S. Federal Rules of Civil Procedure regarding the discovery of electronically stored information make it imperative for organizations to develop an enterprise-wide strategy to manage its volume. The 2006 amendments to the U.S. Federal Rules of Civil Procedure (FRCP) have changed information management requirements -- not just for lawyers and others involved in discovery, but also for IT professionals and records managers, who now have to be prepared to produce electronic content for discovery and litigation.
Many organizations are overwhelmed by these requirements and, in trying to prepare for the worst, they sometimes take actions -- such as retaining all electronic content indefinitely -- that may be counter-productive. Developing a strategy and a plan of action for handling e-discovery will help organizations mitigate their risk and save them a significant amount of money in the event of litigation.
The FRCP guide civil litigation in U.S. federal courts and are commonly adopted in state and other courts, so they are very influential throughout the United States for all civil procedures. Some of these rules address the process of discovery, which is the pre-trial phase in a lawsuit in which each party can request documents and other evidence from opposing parties. E-discovery deals with discovery of electronically stored information (ESI), including documents and e-mails.
To Continue Reading: Click Here--------------------------------------
Source: cio-today.com
Moving ESI as Real Evidence
John Simek, a computer forensic examiner in Fairfax, Va., recently had a woman come to his office after a divorce proceeding. In court, her husband had presented some mean-spirited e-mails she supposedly sent him from a free Hotmail e-mail account, which led the judge to award the husband sole custody of their children. The woman claimed she'd never seen these messages before, and because the man only presented printouts of the alleged e-mails, Simek knew there was a chance they were fakes. "The bottom line is, it is very easy to dummy up electronic documents," he says.
Simek asked the ex-husband to bring his computer to his computer forensic laboratory at Sensei Enterprises, and as soon as he looked at it, he knew something was wrong. "We started looking around and we managed to recover these fragments of Hotmail sign-up pages and forms where this guy had created the account he used to send these messages himself," he says. "With that kind of evidence behind her, the judge reversed quickly that decision."
The question of the foundation and authentication of digital records is a complicated problem. In an age where anyone with Adobe PhotoShop or other editing software can make clever fakes of just about any type of file, photo or record, courts are trying to sort out what's real. But the nature of electronic records is so different from that of paper that it is bound to trip up the system. "At a certain level it's a very simple problem; at another it's very deep," says George Paul, an attorney with Lewis and Roca in Phoenix and author of the book "Foundations of Digital Evidence." "The bottom line is that there is nothing different about the handling of digital evidence under the rules, but in practice it is a whole different information paradigm."
It's potentially the thorniest question in e-discovery, but one that has received very little attention in the courts. Authenticating digital evidence in civil trials has not gotten a lot of judicial attention in part because most civil cases never go to trial, but also because lawyers and judges tend to treat it no different than paper evidence.
To Continue Reading: Click Here
----------------------------------------
Source: Law.com
By: Jason Krause
Simek asked the ex-husband to bring his computer to his computer forensic laboratory at Sensei Enterprises, and as soon as he looked at it, he knew something was wrong. "We started looking around and we managed to recover these fragments of Hotmail sign-up pages and forms where this guy had created the account he used to send these messages himself," he says. "With that kind of evidence behind her, the judge reversed quickly that decision."
The question of the foundation and authentication of digital records is a complicated problem. In an age where anyone with Adobe PhotoShop or other editing software can make clever fakes of just about any type of file, photo or record, courts are trying to sort out what's real. But the nature of electronic records is so different from that of paper that it is bound to trip up the system. "At a certain level it's a very simple problem; at another it's very deep," says George Paul, an attorney with Lewis and Roca in Phoenix and author of the book "Foundations of Digital Evidence." "The bottom line is that there is nothing different about the handling of digital evidence under the rules, but in practice it is a whole different information paradigm."
It's potentially the thorniest question in e-discovery, but one that has received very little attention in the courts. Authenticating digital evidence in civil trials has not gotten a lot of judicial attention in part because most civil cases never go to trial, but also because lawyers and judges tend to treat it no different than paper evidence.
To Continue Reading: Click Here
----------------------------------------
Source: Law.com
By: Jason Krause
Tech Firms Pitch Tools
With E-Discovery, Lawyers Face Loss Of Client Fees
A growing number of tech companies are riding the rising flood of corporate email and electronic records by pitching software to sift them -- and meeting resistance from lawyers who want a piece of the action.
Lawsuits increasingly rely on electronic documents being produced early on, feeding demand for tools that help archive and retrieve those records, a process known as e-discovery work. Much of that work requires little brainpower or legal training, says Michael Lynch, chief executive of British software company Autonomy Corp., which last year acquired e-discovery company Zantaz for $375 million.
"The old-fashioned way of doing this was having a lot of lawyers doing a lot of simple things," he says. "You would literally have lawyers reading through things saying 'there was chicken for lunch.' You don't need lawyers to know it's a lunch menu."
Among those who have jumped into the field are Hewlett-Packard Co., Xerox Corp., International Business Machines Corp. and EMC Corp., some of whom have bought smaller companies specializing in the work. They say in-house teams using their tools can cut e-discovery costs by half.
But big law firms, facing the loss of lucrative client fees, are crying foul. They question how much of the discovery process can be automated and how much money the tools will really save. They also say companies could end up spending more to fix mistakes. "You need to have some kind of quality control," says Robert Brownstone, a partner with the Silicon Valley law firm Fenwick & West, which consults with companies on how to combine software with lawyer supervision.
To Continue Reading: Click Here
---------------------------------------
Source: The Wall Street Journal
By: Justin Scheck
A growing number of tech companies are riding the rising flood of corporate email and electronic records by pitching software to sift them -- and meeting resistance from lawyers who want a piece of the action.
Lawsuits increasingly rely on electronic documents being produced early on, feeding demand for tools that help archive and retrieve those records, a process known as e-discovery work. Much of that work requires little brainpower or legal training, says Michael Lynch, chief executive of British software company Autonomy Corp., which last year acquired e-discovery company Zantaz for $375 million.
"The old-fashioned way of doing this was having a lot of lawyers doing a lot of simple things," he says. "You would literally have lawyers reading through things saying 'there was chicken for lunch.' You don't need lawyers to know it's a lunch menu."
Among those who have jumped into the field are Hewlett-Packard Co., Xerox Corp., International Business Machines Corp. and EMC Corp., some of whom have bought smaller companies specializing in the work. They say in-house teams using their tools can cut e-discovery costs by half.
But big law firms, facing the loss of lucrative client fees, are crying foul. They question how much of the discovery process can be automated and how much money the tools will really save. They also say companies could end up spending more to fix mistakes. "You need to have some kind of quality control," says Robert Brownstone, a partner with the Silicon Valley law firm Fenwick & West, which consults with companies on how to combine software with lawyer supervision.
To Continue Reading: Click Here
---------------------------------------
Source: The Wall Street Journal
By: Justin Scheck
Thursday, August 21, 2008
Tech-Savvy Millennials Present Workplace Security Risk
The millennials, young adults who grew up with cutting-edge technology, are coming of age and joining the workforce armed with the latest gadgets, which creates new security risks.
As baby boomers get ready to retire, the new generation entering the workplace has grown up with the Internet, iPods, cell phones and interactive communications.
Workers can use some personal technology to take work home, and that's created concern about data security.
Daniel Westman, a lawyer who specializes in protecting intellectual property, said trade secrets used to be kept under lock and key.
"Today, that same data is stored electronically," said Westman, who advises companies about how to protect their data and conducts seminars on managing millennials. "Wide access is given to employees to use these networks, and people who are either sloppy or have bad intent can figure out how to get to that data and copy it , take it, lose it or go to a competitor and start up their own company with it."
To Continue Reading: Click Here
--------------------------------------
Source: NBC4.com
As baby boomers get ready to retire, the new generation entering the workplace has grown up with the Internet, iPods, cell phones and interactive communications.
Workers can use some personal technology to take work home, and that's created concern about data security.
Daniel Westman, a lawyer who specializes in protecting intellectual property, said trade secrets used to be kept under lock and key.
"Today, that same data is stored electronically," said Westman, who advises companies about how to protect their data and conducts seminars on managing millennials. "Wide access is given to employees to use these networks, and people who are either sloppy or have bad intent can figure out how to get to that data and copy it , take it, lose it or go to a competitor and start up their own company with it."
To Continue Reading: Click Here
--------------------------------------
Source: NBC4.com
E-disclosure rules demand better database backups, warns Forrester
Companies which fail to employ sophisticated backup systems for their databases could find it hard to comply with legal requests for information, according to IT research company Forrester.
The company has published research commissioned by database archiving firm Clearpace Software. Forrester said that companies needed to be able to make their database systems comply with onerous requests for information in legal cases, or e-disclosure.
“An archival system becomes critical when you need to access archived information in response to a legal summons, customer service issue, security investigation or technical issue. The value of archiving grows considerably as it becomes easier to access the archived data," said Noel Yuhanna, principal analyst at Forrester Research, in the report.
Requests for e-disclosure often refer to email or documents held by a firm, but Clearpace believes the same care over storage and accessibility needs to be taken over other kinds of information produced by a firm.
"It is critical that IT managers place the same priority on the long term retention and retrieval of structured data, as they do on managing email and document archives," said a statement from Clearpace.
E-disclosure expert Mark Surguy of Pinsent Masons, the law firm behind OUT-LAW.COM, said that court disclosure of all kinds of electronic information was set to change the technological landscape for large firms.
"Archiving technologies and e-discovery solutions are set to converge with increasing pace. All forms of corporate data are potentially disclosable in litigation, as part of an internal investigation or pursuant to a request from a regulator or law enforcement agency," he said. "An organisation needs the ability to access this data quickly and intelligently in compliance with legal and regulatory requirements."
The Forrester research found that companies have traditionally been faced with two options for database storage. They can keep all their database information live and online, but this is more expensive and less secure than it needs to be for information that is not commonly needed.
To Continue Reading: Click Here
-----------------------------------------
Source: out-law.com
The company has published research commissioned by database archiving firm Clearpace Software. Forrester said that companies needed to be able to make their database systems comply with onerous requests for information in legal cases, or e-disclosure.
“An archival system becomes critical when you need to access archived information in response to a legal summons, customer service issue, security investigation or technical issue. The value of archiving grows considerably as it becomes easier to access the archived data," said Noel Yuhanna, principal analyst at Forrester Research, in the report.
Requests for e-disclosure often refer to email or documents held by a firm, but Clearpace believes the same care over storage and accessibility needs to be taken over other kinds of information produced by a firm.
"It is critical that IT managers place the same priority on the long term retention and retrieval of structured data, as they do on managing email and document archives," said a statement from Clearpace.
E-disclosure expert Mark Surguy of Pinsent Masons, the law firm behind OUT-LAW.COM, said that court disclosure of all kinds of electronic information was set to change the technological landscape for large firms.
"Archiving technologies and e-discovery solutions are set to converge with increasing pace. All forms of corporate data are potentially disclosable in litigation, as part of an internal investigation or pursuant to a request from a regulator or law enforcement agency," he said. "An organisation needs the ability to access this data quickly and intelligently in compliance with legal and regulatory requirements."
The Forrester research found that companies have traditionally been faced with two options for database storage. They can keep all their database information live and online, but this is more expensive and less secure than it needs to be for information that is not commonly needed.
To Continue Reading: Click Here
-----------------------------------------
Source: out-law.com
Beware Masters in E-Discovery
The principal purpose of this article is to warn practitioners about the hidden dangers of having cases assigned by superior court judges to appointed special masters. These masters are appointed frequently under California Code of Civil Procedure §639. The case study outlined below illustrates the danger and vagaries of these appointed private masters.
To be sure, I have long been a proponent of alternative dispute resolution in all of its forms. I have not only been involved in innumerable mediations, arbitrations and sessions with special masters, but I also acted frequently as an arbitrator, mediator and special master. Even so, I have come to realize that the special procedures used to delegate decision-making responsibility to a private master can yield disastrous results.
In the case outlined below, no amount of cajoling could convince the special master assigned to handle all discovery to take control of the case and stop the tactical flood of discovery motions.
It is not uncommon for trial courts to impose limits on discovery. In one recent case, which resulted in a verdict of approximately $500 million, the trial judge limited the litigants to three discovery motions. And it is clear that certain discovery abuses warrant strong sanctions. However, in the current climate, with practitioners being inundated with articles in the media and judicial pronouncements regarding electronic discovery and the availability of sanctions for abuse -- and with only modest legislative or judicial attention being paid to balancing the punishment and the "crime" -- the underlying goal of conducting trials on the merits and obtaining justice within the legal system is being lost in a maze of tactical opportunism. Attention must be paid to the relative significance of the allegedly blameworthy conduct. If not, the tail will increasingly be found wagging the litigation dog.
Discovery matters are frequently assigned to retired judges and/or experienced local trial attorneys and typically involve the payment of significant fees to these appointed special masters -- often in excess of $400 per hour. The authority for the assignment of controversies to a special master is found in California Code of Civil Procedure §§ 638 and 639. Section 638 allows the parties to stipulate that a special master may be appointed to "hear and determine any or all of the issues in an action" and "to ascertain any fact." More important, §639 authorizes the court to appoint a special master even if the parties do not consent.
To Continue Reading: Click Here----------------------------------------------
Source: law.com
By: William J. McLean
Wednesday, August 20, 2008
Guidelines for tape media management
Like any storage or networking technology, some degree of management is required to make sure that a tape library continues to provide reliable recovery of vital business records and information. And data-center veterans know that faulty tape media is a potential source of permanent data loss.
Storage administrators who manage backups and archives spend significant time managing tape media and the information it holds, but still find it a challenge to ascertain much-needed information about tapes and to ensure the protection of the data on tapes.
How many times has a tape been used?
Where did it come from, and when?
Has it experienced any errors?
Is it nearing a time when you should retire it to protect your data?
Nathan Thompson, CEO at Spectra Logic, points out that these questions relate directly to the lifecycle of the tape media as well as the data-protection imperative. Addressing what he calls “media lifecycle management,” Thompson points to cassette-based memory features that can store relevant metadata about the cassette itself as well as the data it contains. The in-cassette feature tracks critical data points for each tape, including the number of loads, errors, and details on the drives and partitions the cartridges were used in.
To Continue Reading: Click Here
-----------------------------------------
Source: InfoStor
By: Mark Ferreli
Storage administrators who manage backups and archives spend significant time managing tape media and the information it holds, but still find it a challenge to ascertain much-needed information about tapes and to ensure the protection of the data on tapes.
How many times has a tape been used?
Where did it come from, and when?
Has it experienced any errors?
Is it nearing a time when you should retire it to protect your data?
Nathan Thompson, CEO at Spectra Logic, points out that these questions relate directly to the lifecycle of the tape media as well as the data-protection imperative. Addressing what he calls “media lifecycle management,” Thompson points to cassette-based memory features that can store relevant metadata about the cassette itself as well as the data it contains. The in-cassette feature tracks critical data points for each tape, including the number of loads, errors, and details on the drives and partitions the cartridges were used in.
To Continue Reading: Click Here
-----------------------------------------
Source: InfoStor
By: Mark Ferreli
Women in eDiscovery Announce Their First Career and Technology Expo
Women in eDiscovery, a non-profit organization committed to providing information and education as a public service to the legal community, today announce their first Career and Technology Expo (CTE) will take place September 18th, 2008 in Washington, D.C. The expo will be held at Document Technologies, Inc. corporate office in the Ronald Reagan Center.
The Career and Technology Expo will feature 29 vendor booths and a demonstration room where a number of products and solutions by vendors, such as Catalyst, Clearwell, Stratify, IPRO and others, will be presented for 30 minutes each. In addition, there will be a resume preparation room and an interview room where recruiters and consulting companies will impart interview and resume tips on a one-on-one basis.
“We are very excited to be bringing both men and women in the legal industry together to educate, support and network with one another,” stated Parvaneh Daneshman, Co-chair of the event and Senior Project Manager at ONSITE3. “The e-discovery industry is growing so rapidly and is changing very quickly. It is great to get a group of leaders and innovators together to discuss hot topics and issues facing them and the rest of the market every day. We expect this to be a great forum for sharing ideas and expertise.”
Women in eDiscovery was formed to bring together businesswomen interested in technology in the legal industry and has grown to nearly 2,300 women with 22 local chapters throughout the United States and more chapters forming overseas. Among the women who have joined the organization are attorneys from law firms and corporations, litigation support professionals, paralegals, legal IT staff, consultants, and vendors.
To Continue Reading: Click Here
----------------------------------------------
Source: dbusinessnews.com
The Career and Technology Expo will feature 29 vendor booths and a demonstration room where a number of products and solutions by vendors, such as Catalyst, Clearwell, Stratify, IPRO and others, will be presented for 30 minutes each. In addition, there will be a resume preparation room and an interview room where recruiters and consulting companies will impart interview and resume tips on a one-on-one basis.
“We are very excited to be bringing both men and women in the legal industry together to educate, support and network with one another,” stated Parvaneh Daneshman, Co-chair of the event and Senior Project Manager at ONSITE3. “The e-discovery industry is growing so rapidly and is changing very quickly. It is great to get a group of leaders and innovators together to discuss hot topics and issues facing them and the rest of the market every day. We expect this to be a great forum for sharing ideas and expertise.”
Women in eDiscovery was formed to bring together businesswomen interested in technology in the legal industry and has grown to nearly 2,300 women with 22 local chapters throughout the United States and more chapters forming overseas. Among the women who have joined the organization are attorneys from law firms and corporations, litigation support professionals, paralegals, legal IT staff, consultants, and vendors.
To Continue Reading: Click Here
----------------------------------------------
Source: dbusinessnews.com
E-Discovery Goes to Criminal Court
In 2002, the U.S. Justice Department launched an investigation to look into alleged price fixing in the DRAM computer chip market. The investigation resulted in $731 million in fines, which was the second largest antitrust recovery ever recorded.
Gary Swanson, an executive at Hynix, a computer chipmaker, was indicted by the Justice Department in October 2006 and charged with joining a global conspiracy to fix prices and rig bids in the DRAM industry. Fifteen other individuals, along with four corporations (Samsung, Infineon Technologies, Hynix and Elpida Memory), were also charged in connection with the massive federal investigation into antitrust violations that were carried out through a worldwide cartel in the DRAM industry. (DRAM, which stands for dynamic random access memory, allows for high-speed computer storage and is an essential component for computers and other electronics.)
Fourteen defendants pleaded guilty while one has remained a fugitive in Korea. Executives from Micron Technologies received amnesty and agreed to testify for the government. Hynix, the world's second largest DRAM manufacturer, pleaded guilty and was ordered to pay a $185 million fine, the third largest criminal fine in U.S. history. Four Korean executives at Hynix to whom Swanson reported also pleaded guilty and agreed to serve prison terms and pay fines. Because he believed that he had not engaged in price fixing or knowingly supported the activities of others, Swanson, on the advice of counsel, decided to go to trial.
Discovery during the case resulted in the government producing more than 19 million electronic pages and 1,152 boxes of hard copy materials. The sheer size of this document dump is a symptom of the proliferation of recorded information in the digital era. In an effort to avoid drowning in this sea of information, BartkoZankel, which represented Swanson in the trial, put together a team of technical experts to assist in the initial organization of the discovery and other related electronically stored information. These experts were also involved in the ongoing interaction with all of this material that would be required during the course of the trial.
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: J. Eric Bartko and Robert Bunzel
Gary Swanson, an executive at Hynix, a computer chipmaker, was indicted by the Justice Department in October 2006 and charged with joining a global conspiracy to fix prices and rig bids in the DRAM industry. Fifteen other individuals, along with four corporations (Samsung, Infineon Technologies, Hynix and Elpida Memory), were also charged in connection with the massive federal investigation into antitrust violations that were carried out through a worldwide cartel in the DRAM industry. (DRAM, which stands for dynamic random access memory, allows for high-speed computer storage and is an essential component for computers and other electronics.)
Fourteen defendants pleaded guilty while one has remained a fugitive in Korea. Executives from Micron Technologies received amnesty and agreed to testify for the government. Hynix, the world's second largest DRAM manufacturer, pleaded guilty and was ordered to pay a $185 million fine, the third largest criminal fine in U.S. history. Four Korean executives at Hynix to whom Swanson reported also pleaded guilty and agreed to serve prison terms and pay fines. Because he believed that he had not engaged in price fixing or knowingly supported the activities of others, Swanson, on the advice of counsel, decided to go to trial.
Discovery during the case resulted in the government producing more than 19 million electronic pages and 1,152 boxes of hard copy materials. The sheer size of this document dump is a symptom of the proliferation of recorded information in the digital era. In an effort to avoid drowning in this sea of information, BartkoZankel, which represented Swanson in the trial, put together a team of technical experts to assist in the initial organization of the discovery and other related electronically stored information. These experts were also involved in the ongoing interaction with all of this material that would be required during the course of the trial.
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: J. Eric Bartko and Robert Bunzel
Black Hat 2008 Aftermath
Lawyers' guide to security concerns involving computers and networks
As always, the 2008 Black Hat security conference in Las Vegas, N.V., was full of cutting-edge computer security research, the latest in computer security vulnerabilities, and more than a little controversy.
Since the beginning of the Black Hat conference 15 years ago, the show has always been a place for the elite of the computer security industry to release their latest work on what is known as "zero-day exploits." A zero day or "0-day" exploit is a previously unknown computer security vulnerability that is released before vendors like Microsoft have a chance to release a security fix. There were fewer zero-day exploit presentations this year than we have seen in the recent past, but the ones that were presented were big.
The most popular presentation at Black Hat 2008 was on the Internetwide DNS vulnerability discovered by Dan Kaminsky, director of penetration testing for IOActive. Over 2,000 attendees packed into an 800-person capacity room to hear Mr. Kaminsky tell the intriguing story of how he had been working on a nonsecurity related, Web-caching project for a friend at Wikipedia. Dan was looking into how Domain Name Servers (DNS), the computers on the Internet that convert computer names (like www.law.com) to IP addresses (and vice versa). Looking for ways to improve performance, he stumbled upon a "DNS cache poisoning" vulnerability.
DNS cache poisoning is a technique that allows a hacker to introduce forged DNS information into other DNS servers. The result of a DNS cache poisoning attack allows the hacker to take control of portions of the Internet or redirect all users of a search engine to malicious content. Dan immediately recognized that his newly discovered vulnerability didn't just affect one software vendor but instead affected every vendor worldwide whose products relied upon DNS standards. Kaminsky literally discovered a security vulnerability that affected every user on the Internet. Being a consummate security professional, Dan realized that the effect of releasing such dangerous vulnerability information before vendors had a chance to release security fixes would present a global problem.
In our interview with Kaminsky, he frequently credited the "team effort" of all the major software vendors and Internet security bodies with how rapidly and quietly they gathered in Redmond, Wash., to come up with a solution to the DNS problem. After several days of deliberation on various solutions, Kaminsky said that they "decided on a port randomization fix because it was doable, not because it was ideal."
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Keith Jones and Brian Dykstra
As always, the 2008 Black Hat security conference in Las Vegas, N.V., was full of cutting-edge computer security research, the latest in computer security vulnerabilities, and more than a little controversy.
Since the beginning of the Black Hat conference 15 years ago, the show has always been a place for the elite of the computer security industry to release their latest work on what is known as "zero-day exploits." A zero day or "0-day" exploit is a previously unknown computer security vulnerability that is released before vendors like Microsoft have a chance to release a security fix. There were fewer zero-day exploit presentations this year than we have seen in the recent past, but the ones that were presented were big.
The most popular presentation at Black Hat 2008 was on the Internetwide DNS vulnerability discovered by Dan Kaminsky, director of penetration testing for IOActive. Over 2,000 attendees packed into an 800-person capacity room to hear Mr. Kaminsky tell the intriguing story of how he had been working on a nonsecurity related, Web-caching project for a friend at Wikipedia. Dan was looking into how Domain Name Servers (DNS), the computers on the Internet that convert computer names (like www.law.com) to IP addresses (and vice versa). Looking for ways to improve performance, he stumbled upon a "DNS cache poisoning" vulnerability.
DNS cache poisoning is a technique that allows a hacker to introduce forged DNS information into other DNS servers. The result of a DNS cache poisoning attack allows the hacker to take control of portions of the Internet or redirect all users of a search engine to malicious content. Dan immediately recognized that his newly discovered vulnerability didn't just affect one software vendor but instead affected every vendor worldwide whose products relied upon DNS standards. Kaminsky literally discovered a security vulnerability that affected every user on the Internet. Being a consummate security professional, Dan realized that the effect of releasing such dangerous vulnerability information before vendors had a chance to release security fixes would present a global problem.
In our interview with Kaminsky, he frequently credited the "team effort" of all the major software vendors and Internet security bodies with how rapidly and quietly they gathered in Redmond, Wash., to come up with a solution to the DNS problem. After several days of deliberation on various solutions, Kaminsky said that they "decided on a port randomization fix because it was doable, not because it was ideal."
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Keith Jones and Brian Dykstra
Tuesday, August 19, 2008
Forrester urges users to avoid overkill with email archiving
Everyone and their brother has an email archiving story to tell you these days, or so it seems. But Forrester Research analyst Jo Maitland told Forrester clients in a teleconference titled “Email Archiving Mistakes to Avoid” to keep things simple in their selection of a product and setting of policies.
Users need to begin with a strategy that addresses backup and archiving separately (apparently not everyone in the storage industry read Mr W. Backup’s definitive “Backups are not Archives” article a couple years ago…). Then, they should take into account their requirements for the deployment - whether it will be for end user restore/Exchange optimization, or for legal discovery.
According to Maitland, this is the most crucial step in determining which product will work best in a given environment, and one not everyone clearly understands. This isn’t helped by an overcrowded market with vendors trying to shout over each other with ever-more-complex features, but Maitland boiled it down to a few key things. An archive for e-Discovery should mark data for legal hold and notify an administrator when new content hits an existing search; those seeking an archive for legal discovery should also try to look for one that covers more data types than just email.
For email optimization and end user restore, the product should allow access to emails via a Web browser, automatically copy messages to the archive and delete them from primary storage (too many stub files can still clog up the mail server), and allow simple retrieval back to the inbox.
The two purposes for an archive - eDiscovery and end user restore - can be mutually exclusive, Maitland said.
Once the requirements are determined, Maitland advised that policies be set - and once again, kept as simple as possible. “Nirvana policies are not practical,” she said. If policies are too strict or too lax, she pointed out, “everybody ignores the policy and finds underground ways of keeping their data anyway.” A 30-day deletion policy, moreover, “flies in the face of 10 years of best practices in records management,” and can still expose a company to risk when it needs some data to defend itself. But keeping data forever quickly overwhelms today’s search and indexing tools.
To Continue Reading: Click Here
----------------------------------------------
Source: storage.blogs.techtarget.com
Users need to begin with a strategy that addresses backup and archiving separately (apparently not everyone in the storage industry read Mr W. Backup’s definitive “Backups are not Archives” article a couple years ago…). Then, they should take into account their requirements for the deployment - whether it will be for end user restore/Exchange optimization, or for legal discovery.
According to Maitland, this is the most crucial step in determining which product will work best in a given environment, and one not everyone clearly understands. This isn’t helped by an overcrowded market with vendors trying to shout over each other with ever-more-complex features, but Maitland boiled it down to a few key things. An archive for e-Discovery should mark data for legal hold and notify an administrator when new content hits an existing search; those seeking an archive for legal discovery should also try to look for one that covers more data types than just email.
For email optimization and end user restore, the product should allow access to emails via a Web browser, automatically copy messages to the archive and delete them from primary storage (too many stub files can still clog up the mail server), and allow simple retrieval back to the inbox.
The two purposes for an archive - eDiscovery and end user restore - can be mutually exclusive, Maitland said.
Once the requirements are determined, Maitland advised that policies be set - and once again, kept as simple as possible. “Nirvana policies are not practical,” she said. If policies are too strict or too lax, she pointed out, “everybody ignores the policy and finds underground ways of keeping their data anyway.” A 30-day deletion policy, moreover, “flies in the face of 10 years of best practices in records management,” and can still expose a company to risk when it needs some data to defend itself. But keeping data forever quickly overwhelms today’s search and indexing tools.
To Continue Reading: Click Here
----------------------------------------------
Source: storage.blogs.techtarget.com
Monday, August 18, 2008
Keep Information Management, E-Discovery on Target
Getting under control both information management and records that are responsive to e-discovery serves the dual purpose of promoting business efficiency and legal compliance. While these arenas are interrelated, they need to be addressed in very different ways -- using different staff and technology and involving different policies.
Homing in on information management and the records responsive to e-discovery serves the dual purpose of promoting business efficiency and legal compliance. A financial institution embroiled in a lawsuit failed to produce all responsive information to its adversary. At trial, rather than focusing on the underlying business issues, the court focused on the institution's host of information-mismanagement snafus, which served only to magnify the issues about which the lawsuit had been filed. Indeed, under the information-mismanagement spotlight, the company's conduct appeared so bad that the jury punished it in an amount approaching $1.5 billion -- a damages award motivated largely by the company's e-discovery failings. Thus, although the company began with a relatively straightforward legal claim, with reasonable defenses and tolerable downside risk, it ended financially eviscerated, with careers in ruins and interminable bad press.
Under scrutiny, how many organizations would fare better?
For most companies involved in any significant litigation, getting the discovery of electronic information under control is like drinking from a fire hose. Billions of business messages are being sent daily and, according to the 2006 University of California study "Too Much Information," the equivalent of 30 linear feet of books in new e-information is being generated every year for every person on the globe. It is no wonder that producing "anything and everything potentially responsive" to a document request served in the context of a lawsuit seems so daunting as to be impossible.
To Continue Reading: Click Here
----------------------------------------------
Source: newsfactor.com
Homing in on information management and the records responsive to e-discovery serves the dual purpose of promoting business efficiency and legal compliance. A financial institution embroiled in a lawsuit failed to produce all responsive information to its adversary. At trial, rather than focusing on the underlying business issues, the court focused on the institution's host of information-mismanagement snafus, which served only to magnify the issues about which the lawsuit had been filed. Indeed, under the information-mismanagement spotlight, the company's conduct appeared so bad that the jury punished it in an amount approaching $1.5 billion -- a damages award motivated largely by the company's e-discovery failings. Thus, although the company began with a relatively straightforward legal claim, with reasonable defenses and tolerable downside risk, it ended financially eviscerated, with careers in ruins and interminable bad press.
Under scrutiny, how many organizations would fare better?
For most companies involved in any significant litigation, getting the discovery of electronic information under control is like drinking from a fire hose. Billions of business messages are being sent daily and, according to the 2006 University of California study "Too Much Information," the equivalent of 30 linear feet of books in new e-information is being generated every year for every person on the globe. It is no wonder that producing "anything and everything potentially responsive" to a document request served in the context of a lawsuit seems so daunting as to be impossible.
To Continue Reading: Click Here
----------------------------------------------
Source: newsfactor.com
Even More Thoughts on Forensics
Acquiring disks is a very important part of digital forensics. In my past blogs I discussed some aspects of forensics with respect to VMware ESX servers. This is the last part of the series.
To acquire a VM from a VMFS you must use a forensically sound method. One that duplicates the blocks used by the VM disk, memory, and meta files. Not a method that makes a copy. A copy is not an exact copy as file slack space (the space unused within a block) is ignored. We want this space.
There are several tools that will do this, but only one is currently available on all VMware ESX/ESXi. This is the dd tool. dd will allow you to duplicate the blocks used by the files and not just the files themselves. To copy a file or a directory you need to have some remote or USB storage available that is big enough to hold the data you want to duplicate.
To Continue Reading: Click Here
----------------------------------------------
Source: itworld.com
To acquire a VM from a VMFS you must use a forensically sound method. One that duplicates the blocks used by the VM disk, memory, and meta files. Not a method that makes a copy. A copy is not an exact copy as file slack space (the space unused within a block) is ignored. We want this space.
There are several tools that will do this, but only one is currently available on all VMware ESX/ESXi. This is the dd tool. dd will allow you to duplicate the blocks used by the files and not just the files themselves. To copy a file or a directory you need to have some remote or USB storage available that is big enough to hold the data you want to duplicate.
To Continue Reading: Click Here
----------------------------------------------
Source: itworld.com
On Company Equipment, Don't Expect Privacy
Most people are getting very comfortable with technology. Non-typers have evolved into typers. Non-writers have learned to get by. People once not inclined to make telephone calls now make them without blinking. Using technology, though, may put them at risk either on or off the job site.
Hope Haslam, director of Consulting Services at Epiq Systems Inc., headquartered in Kansas City, Kan., works in the New York City-based eDiscovery Group, which advises corporate and legal clients about large volumes of stored electronic data that might become part of a lawsuit, if it hasn't already.
"We identify relevant data," she says, (which suggests that) "the trend to mix work and life might well be colliding on technology at work and at home or on the road. If someone is on a PDA or laptop or personal machines at home, we can advise the corporation to go out and collect that data. This can be frightening to employees, because there could be some very personal information there."
A Dallas resident, she says that in Texas, pornography gets reported, even though it's totally unrelated to work. Of course, if you reveal any ailments or other information you didn't want the world to know, it's too late. You've already left a digital footprint.
Let's say you own a cell phone, for which your company reimburses you every so often. Whose phone is it? "All of this is getting very sticky," she says. Employers will have some rights to it. Her solution is to tote two telephones, everywhere.
To Continue Reading: Click Here----------------------------------------------
Source: courant.com
Cloud Computing : What are the risks involved ?
With the dotcom boom, the data involved is also booming. The amount of data that needs computing or the data that needs utmost security is increasing at a faster rate. To maintain this data burst, a novel technology is shining on the shores and that is “Cloud Computing”.
Cloud Computing can be defined as an application that will involve the transfer of massive data and other IT resources from the desktop of the concerned firm to a third party storage system for computing.
Cloud Computing can be thought as the process involving collection of data from a large pool of interconnected servers and computers. It involves hefty tasks like searching for the queries, financial modeling and some other large scale tasks.
Cloud computing is facing many threats and these risks should be removed quickly so that cloud computing can grow in its pace.
A. Data storage location: in Cloud computing, the location where data is going to be stored is not definite. The customers can have large or small data locations. This aspect can be really injurious; in case of international business organizations. Because organization can’t be sure about the data location country. Every country has its own privacy and data management laws that applied on stored data. In case of banking services, a country can expect its citizen’s data to be stored on their home directory, but in case of cloud computing, it can never be sure.
B. Data mixing: Data in a cloud is basically shared information. In cloud computing, different computer share servers or data bases. This can lead to crisis of data mixing. Although you will also have security about data mixing, but you never know when you are going to face a problem related with data mixing.
C. Privileged user access: In cloud computing, it is not necessary that processing of data tales place within the organization. Users of cloud computing finds it risky to access sensitive data outside the organization or business house. Because, outside data processing can lead to ignorance of physical, logical and personnel controls.
To Continue Reading: Click Here
----------------------------------------------
Source: itvoir.com
Cloud Computing can be defined as an application that will involve the transfer of massive data and other IT resources from the desktop of the concerned firm to a third party storage system for computing.
Cloud Computing can be thought as the process involving collection of data from a large pool of interconnected servers and computers. It involves hefty tasks like searching for the queries, financial modeling and some other large scale tasks.
Cloud computing is facing many threats and these risks should be removed quickly so that cloud computing can grow in its pace.
A. Data storage location: in Cloud computing, the location where data is going to be stored is not definite. The customers can have large or small data locations. This aspect can be really injurious; in case of international business organizations. Because organization can’t be sure about the data location country. Every country has its own privacy and data management laws that applied on stored data. In case of banking services, a country can expect its citizen’s data to be stored on their home directory, but in case of cloud computing, it can never be sure.
B. Data mixing: Data in a cloud is basically shared information. In cloud computing, different computer share servers or data bases. This can lead to crisis of data mixing. Although you will also have security about data mixing, but you never know when you are going to face a problem related with data mixing.
C. Privileged user access: In cloud computing, it is not necessary that processing of data tales place within the organization. Users of cloud computing finds it risky to access sensitive data outside the organization or business house. Because, outside data processing can lead to ignorance of physical, logical and personnel controls.
To Continue Reading: Click Here
----------------------------------------------
Source: itvoir.com
Sunday, August 17, 2008
Investigator says forensic search of hard drive takes time
Computer crimes investigators usually need between 50 and 70 hours to conduct a complete forensic investigation of a hard drive, said Lt. John Wilhelm, commander of the Maryland State Police computer crimes section.
Investigators begin by creating forensic copies of a computer's hard drive and copying all of the information onto their own equipment, Wilhelm said. Just making the copy could take a few hours or a few days, depending on the size of the hard drive being copied, he said.
"It's not like CSI (CBS television show "CSI: Crime Scene Investigation"), where in 30 minutes, they have everything they need," Wilhelm said. "Television distorts it so much."
Months of work
Wilhelm said he knows of no computer forensics lab that has finished a case in less than four months.
He said investigating violent crimes usually takes priority, but if investigators have information about a child being harmed in the making of child pornography, those cases also take precedence.
Maryland State Police computer crimes investigators usually receive about six months of training, although no set training is mandated, Wilhelm said.
Investigators can recover data from cell phones, CDs, DVDs, iPods, flash drives and anything else that has any sort of memory, Wilhelm said. His investigators once searched an Xbox game system in connection with a case.
When investigating a case dealing with images, such as a case surrounding child pornography allegations, investigators can use software to automatically search the data for image files. Once the image files are found, however, the investigator must manually search all of the files for anything deemed potentially criminal, Wilhelm said.
In child pornography investigations, an important element is identifying the children in the pictures, Wilhelm said.
Wilhelm's computer crimes section, which works out of a Columbia, Md., office, was not involved in the investigation of former Maryland Del. Robert A. McKee. He said, however, his state police investigators handle forensic computer work for agencies throughout the state.
To Continue Reading: Click Here
----------------------------------------------
Source: herald-mail.com
Investigators begin by creating forensic copies of a computer's hard drive and copying all of the information onto their own equipment, Wilhelm said. Just making the copy could take a few hours or a few days, depending on the size of the hard drive being copied, he said.
"It's not like CSI (CBS television show "CSI: Crime Scene Investigation"), where in 30 minutes, they have everything they need," Wilhelm said. "Television distorts it so much."
Months of work
Wilhelm said he knows of no computer forensics lab that has finished a case in less than four months.
He said investigating violent crimes usually takes priority, but if investigators have information about a child being harmed in the making of child pornography, those cases also take precedence.
Maryland State Police computer crimes investigators usually receive about six months of training, although no set training is mandated, Wilhelm said.
Investigators can recover data from cell phones, CDs, DVDs, iPods, flash drives and anything else that has any sort of memory, Wilhelm said. His investigators once searched an Xbox game system in connection with a case.
When investigating a case dealing with images, such as a case surrounding child pornography allegations, investigators can use software to automatically search the data for image files. Once the image files are found, however, the investigator must manually search all of the files for anything deemed potentially criminal, Wilhelm said.
In child pornography investigations, an important element is identifying the children in the pictures, Wilhelm said.
Wilhelm's computer crimes section, which works out of a Columbia, Md., office, was not involved in the investigation of former Maryland Del. Robert A. McKee. He said, however, his state police investigators handle forensic computer work for agencies throughout the state.
To Continue Reading: Click Here
----------------------------------------------
Source: herald-mail.com
Cyber crime: Big Brother is watching
John Fotiadis and Yingyong Karnchanapayap explain how Thailand's new Computer Crimes Act is, perhaps, too expansive
On July 19, 2007, Thailand's new Computer Crimes Act (CCA) took effect. CCA Section 26 made data retention mandatory for all service providers, who would be required to keep records of their users' e-mail, chat, internet usage and personal identification for a minimum of 90 days. The details of this mandatory data retention were left to the Information and Communication Technology (ICT) Ministry.
On Aug 23, 2007, the ICT Ministry issued a Notification detailing the data records to be retained as well as explaining which service providers are affected. The requirements will become universally effective on Aug 24, 2008.
Under the CCA, Section 3 and the Notification, a service provider is defined as either (a) a person who provides internet access or computer communications to other persons, or (b) a person who provides data storage services to another person.
At first blush, the definition of service provider appears intended to apply to operators of internet or e-mail services to third parties. However, the ministry is taking a very broad interpretation of the phrase "other persons" to include services rendered by an operator to its own staff/representatives.
Based on such interpretation, the ministry is stating that all entities within Thailand that offer internet access, computer communication, or data storage to their staff fall within the CCA's data retention requirements. This is to say that nearly any party that uses a computer is required to log all data traffic and maintain personal data identifying users for 90 days or be subject to a criminal fine of up to 500,000 baht. Yet there is no similar requirement under Thai law for private operators to maintain logs of telephone or facsimile usage.
Due to the ministry's expanded interpretation of service providers, many people may still believe that the data retention requirements apply only to public service providers. This may prove to be a costly error.
To Continue Reading: Click Here
----------------------------------------------
Source: AsiaMedia
On July 19, 2007, Thailand's new Computer Crimes Act (CCA) took effect. CCA Section 26 made data retention mandatory for all service providers, who would be required to keep records of their users' e-mail, chat, internet usage and personal identification for a minimum of 90 days. The details of this mandatory data retention were left to the Information and Communication Technology (ICT) Ministry.
On Aug 23, 2007, the ICT Ministry issued a Notification detailing the data records to be retained as well as explaining which service providers are affected. The requirements will become universally effective on Aug 24, 2008.
Under the CCA, Section 3 and the Notification, a service provider is defined as either (a) a person who provides internet access or computer communications to other persons, or (b) a person who provides data storage services to another person.
At first blush, the definition of service provider appears intended to apply to operators of internet or e-mail services to third parties. However, the ministry is taking a very broad interpretation of the phrase "other persons" to include services rendered by an operator to its own staff/representatives.
Based on such interpretation, the ministry is stating that all entities within Thailand that offer internet access, computer communication, or data storage to their staff fall within the CCA's data retention requirements. This is to say that nearly any party that uses a computer is required to log all data traffic and maintain personal data identifying users for 90 days or be subject to a criminal fine of up to 500,000 baht. Yet there is no similar requirement under Thai law for private operators to maintain logs of telephone or facsimile usage.
Due to the ministry's expanded interpretation of service providers, many people may still believe that the data retention requirements apply only to public service providers. This may prove to be a costly error.
To Continue Reading: Click Here
----------------------------------------------
Source: AsiaMedia
Subscribe to:
Posts (Atom)
