KCH Servs., Inc. v. Vanaire, Inc., 2009 WL 2216601 (W.D. Ky. July 22, 2009)
Plaintiff moved the court for default judgment, sanctions, or an adverse inference instruction based on defendant Vanaire’s spoliation of evidence, including the deletion of software and electronically stored information (“ESI”) from its computers. Specifically, following a phone call from plaintiff’s president indicating his belief that Vanaire was using plaintiff’s software, defendant Guillermo Vanegas instructed Vanaire employees to delete any software “that he did not purchase or did not own.” Additionally, even after plaintiff filed its complaint and sent an evidence-preservation letter, Vanaire failed in its duty to preserve “by continuing to delete and overwrite” ESI.
Regarding the question of when Vanaire’s duty to preserve arose, the court stated:
Hankinson's telephone call to Vanegas, Sr. in October 2005 should have put the defendants on notice that issues of software may be relevant to future litigation. For the duty to preserve to have attached, it is not required that Vanegas, Sr. actually knew that litigation was on the horizon, or that the software would be relevant, but only that he "should have known" the software "may be" relevant to future litigation. Id. In October 2005, the defendants were familiar with their competitor's willingness and ability to file suit; Vanegas, Sr. had been personally involved with Vanaire during the 1995 litigation with KCH. See KCH Services, Inc. v. Brooks, et. al., No. 3:95-cv-672-S, Dep. (R. 19), Dec 4., 1995. Even with such experience, Vanegas, Sr. ordered the software deleted immediately after the telephone call, before KCH had an opportunity to inspect. Vanegas Sr.'s conversations with Vanaire employees and other correspondence among Vanaire employees immediately after Hankinson's telephone call show clearly that the defendants were, in fact, alerted to the problem and saw it as such.
To Continue Reading: Click Here
----------------------------------------------
Source: ediscoverylaw.com
Friday, July 31, 2009
Previously Opened Emails Stored for Less than 181 Days in Web-Based Account May be Obtained by Trial Subpoena
U.S. v. Weaver, 2009 WL 2163478 (C.D. Ill. July 15, 2009) (Not Reported)
In this case, the Government sought to discover the contents of defendant’s email sent or received at a Microsoft/MSN Hotmail account. Accordingly, the Government executed a trial subpoena seeking production of “‘the contents of electronic communications (not in ‘electronic storage’ as defined by 18 U.S.C. § 2510(7)’ and specified that the ‘[c]ontents of communications not in ‘electronic storage’ include the contents of previously opened or sent mail.’” Microsoft declined to produce the content of previously accessed, viewed, or downloaded emails that had been stored for fewer than 181 days citing precedent from the Ninth Circuit Court of Appeals that such production would require a warrant. Because Microsoft is located within the Ninth Circuit, it felt it must comply. The Government sought to compel production.
Ultimately, the court determined that production of the emails at issue could be compelled by trial subpoena. To arrive at that conclusion, the court looked primarily to The Stored Communications Act (“The Act”) which governs the disclosure of electronic communications maintained on computers, including the need for a trial subpoena versus a warrant. After undertaking a statutory analysis, the court determined that the applicability of the warrant requirement turned on whether the emails were “in electronic storage” which itself turned on the purpose for which the emails were stored in defendant’s Hotmail account: “the question [was] whether the emails were in storage ‘for the purpose of backup protection’ in which case they [were] in ‘electronic storage’ and protected by the warrant requirement.” That is to say, if the emails were being stored by Microsoft for the purpose of backup protection, they were subject to the warrant requirement.
To Continue Reading: Click Here
----------------------------------------------
Source: ediscoverylaw.com
In this case, the Government sought to discover the contents of defendant’s email sent or received at a Microsoft/MSN Hotmail account. Accordingly, the Government executed a trial subpoena seeking production of “‘the contents of electronic communications (not in ‘electronic storage’ as defined by 18 U.S.C. § 2510(7)’ and specified that the ‘[c]ontents of communications not in ‘electronic storage’ include the contents of previously opened or sent mail.’” Microsoft declined to produce the content of previously accessed, viewed, or downloaded emails that had been stored for fewer than 181 days citing precedent from the Ninth Circuit Court of Appeals that such production would require a warrant. Because Microsoft is located within the Ninth Circuit, it felt it must comply. The Government sought to compel production.
Ultimately, the court determined that production of the emails at issue could be compelled by trial subpoena. To arrive at that conclusion, the court looked primarily to The Stored Communications Act (“The Act”) which governs the disclosure of electronic communications maintained on computers, including the need for a trial subpoena versus a warrant. After undertaking a statutory analysis, the court determined that the applicability of the warrant requirement turned on whether the emails were “in electronic storage” which itself turned on the purpose for which the emails were stored in defendant’s Hotmail account: “the question [was] whether the emails were in storage ‘for the purpose of backup protection’ in which case they [were] in ‘electronic storage’ and protected by the warrant requirement.” That is to say, if the emails were being stored by Microsoft for the purpose of backup protection, they were subject to the warrant requirement.
To Continue Reading: Click Here
----------------------------------------------
Source: ediscoverylaw.com
Rey Anzaldua, Co-Author of "Computer Forensics for Dummies" to be on Talk Forensics
Rey Anzaldua, Co-Author of "Computer Forensics for Dummies" Is This Week's Guest on Talk Forensics Sunday August 2nd at 4pm eastern.
Talk Forensics welcomes Rey Anzaldua, Co-Author of "Computer Forensics for Dummies" to Talk Forensics this Sunday, August 2nd at 4pm eastern. Rey Anzaldua has been doing computer work since 1987 and has worked in the computer field in jobs ranging from university lab assistant to IT Director . He is currently employed by South Texas College as an Assistant Professor teaching computer forensics and security. He has a weekly radio show segment, has done television news stories on computer topics, and has two books on computer forensics, one of which is Computer Forensics for Dummies. A third book is in production at this time with a release date in 2010.
To Continue Reading: Click Here
----------------------------------------------
Source: pr-inside.com
Talk Forensics welcomes Rey Anzaldua, Co-Author of "Computer Forensics for Dummies" to Talk Forensics this Sunday, August 2nd at 4pm eastern. Rey Anzaldua has been doing computer work since 1987 and has worked in the computer field in jobs ranging from university lab assistant to IT Director . He is currently employed by South Texas College as an Assistant Professor teaching computer forensics and security. He has a weekly radio show segment, has done television news stories on computer topics, and has two books on computer forensics, one of which is Computer Forensics for Dummies. A third book is in production at this time with a release date in 2010.
To Continue Reading: Click Here
----------------------------------------------
Source: pr-inside.com
The Legal Health Record Challenge
Leslie: This month's column wraps up our three-part series on the legal EHR. Last month we discussed the legal challenges around genetic information with Barbara Fuller, JD, RHIA, assistant director for ethics, deputy ethics counselor, NationalHumanGenome Research Institute, National Institutes of Health (NIH).
Patty: This was such an interesting conversation about the treatment of DNA information. Highlights from this conversation include the three key topics for HIM professionals to have on their radar: 1) genetic non-discrimination laws, 2) release of genetic information and 3) special protections within the EHR for genetic test information.
Leslie: In Part 1, Michelle Dougherty, RHIA, director of practice leadership at the American Health Information Management Association (AHIMA) framed the dialogue around the legal EHR. Three themes emerged: 1) defining the legal EHR, 2) EHR system functionality required for a business record, and 3) disclosure processes. Michelle and Gwen Hughes also provided a great list of resources for HIM professionals to include in their legal EHR tool kit.
Gwen: I am going to join you again this month and suggest that we visit the topic of e-discovery, the disclosure of information in electronic form.
Patty: Good idea Gwen. This is a growing concern for HIM professionals, health care attorneys and risk managers in an era where the e-discovery rules for health care are just being played out in the legal process. We can look to the Federal Rules of Civil Procedures to guide current thinking on e-discovery as we lead our organizations in the development of processes that support e-discovery. Everything is fair game from e-mails, voice files and meta data, the data about data.
Gwen: Organizations are also evaluating to what extent EHR prompts and alerts are discoverable. It's likely that case law will determine how prompts and alerts will be handled in the future, but for now, it's important that provider organizations include how they treat prompts and alerts in their legal EHR definitions, specifically as it relates to when and how they store this information.
Leslie: It seems to me that it is very important that HIM professionals understand how data, including voice, pictures, videos and waveforms are collected, where they are stored within their organization and how to access that data. This information is likely to be asked during the discovery process. Given the nature of hybrid records and best of breed systems, it is likely that information is stored in multiple information systems.
To Continue Reading: Click Here
----------------------------------------------
Source: http://www.advanceweb.com/
By: Leslie Ann Fox, MA, RHIA, and Patricia T. Sheridan, MBA, RHIA
Patty: This was such an interesting conversation about the treatment of DNA information. Highlights from this conversation include the three key topics for HIM professionals to have on their radar: 1) genetic non-discrimination laws, 2) release of genetic information and 3) special protections within the EHR for genetic test information.
Leslie: In Part 1, Michelle Dougherty, RHIA, director of practice leadership at the American Health Information Management Association (AHIMA) framed the dialogue around the legal EHR. Three themes emerged: 1) defining the legal EHR, 2) EHR system functionality required for a business record, and 3) disclosure processes. Michelle and Gwen Hughes also provided a great list of resources for HIM professionals to include in their legal EHR tool kit.
Gwen: I am going to join you again this month and suggest that we visit the topic of e-discovery, the disclosure of information in electronic form.
Patty: Good idea Gwen. This is a growing concern for HIM professionals, health care attorneys and risk managers in an era where the e-discovery rules for health care are just being played out in the legal process. We can look to the Federal Rules of Civil Procedures to guide current thinking on e-discovery as we lead our organizations in the development of processes that support e-discovery. Everything is fair game from e-mails, voice files and meta data, the data about data.
Gwen: Organizations are also evaluating to what extent EHR prompts and alerts are discoverable. It's likely that case law will determine how prompts and alerts will be handled in the future, but for now, it's important that provider organizations include how they treat prompts and alerts in their legal EHR definitions, specifically as it relates to when and how they store this information.
Leslie: It seems to me that it is very important that HIM professionals understand how data, including voice, pictures, videos and waveforms are collected, where they are stored within their organization and how to access that data. This information is likely to be asked during the discovery process. Given the nature of hybrid records and best of breed systems, it is likely that information is stored in multiple information systems.
To Continue Reading: Click Here
----------------------------------------------
Source: http://www.advanceweb.com/
By: Leslie Ann Fox, MA, RHIA, and Patricia T. Sheridan, MBA, RHIA
Wednesday, July 29, 2009
To Tape or Not to Tape, That Is The Question
Mention Shakespeare and everyone spouts “To be or not to be.” Mention backup, and the question becomes, “To tape or not to tape?” Is tape dead, or do tape-based backup systems still have a place in the modern small business?
Tape was once the only option because hard disks were incredibly expensive. And since old habits die hard, many believe tape is the default standard for backup even today.
Alas, poor Yorick, I knew tape, but tape dwindles in usefulness today, close to useless in the modern small business. Just as VHS tapes gave way to DVDs, tape backups are giving way to hard disk and Internet-based backup. Nearly unlimited disk storage space has changed the backup dynamic in ways tape can't match.
Let's take a look at how disk and online backups protect your data more completely than tape systems. Then, for those who still watch movies on VHS and believe tape is the only “real” backup method, let's look at ways to keep tape systems alive just a little longer.
For all practical purposes, hard disks, local or online, provide an infinite pool of data storage space. For local storage, 1TB hard disks (1,000 gigabytes) can be found for around $100. Add a few to a backup server or network attached storage device, and you have years of backup space for the typical small business.
To Continue Reading: Click Here
----------------------------------------------
Source: Computerworld
By: James E. Gaskin
Tape was once the only option because hard disks were incredibly expensive. And since old habits die hard, many believe tape is the default standard for backup even today.
Alas, poor Yorick, I knew tape, but tape dwindles in usefulness today, close to useless in the modern small business. Just as VHS tapes gave way to DVDs, tape backups are giving way to hard disk and Internet-based backup. Nearly unlimited disk storage space has changed the backup dynamic in ways tape can't match.
Let's take a look at how disk and online backups protect your data more completely than tape systems. Then, for those who still watch movies on VHS and believe tape is the only “real” backup method, let's look at ways to keep tape systems alive just a little longer.
For all practical purposes, hard disks, local or online, provide an infinite pool of data storage space. For local storage, 1TB hard disks (1,000 gigabytes) can be found for around $100. Add a few to a backup server or network attached storage device, and you have years of backup space for the typical small business.
To Continue Reading: Click Here
----------------------------------------------
Source: Computerworld
By: James E. Gaskin
Vanish: Now You See Data, Now You Don't
Did you ever wish that you could control the lifetime of your data on the Web? What if you wanted e-mail to self-destruct after a certain time period? A friend of mine sent me information on a product being researched and said I just had to check it out. I am not an easy person to impress, but I was salivating when I finished reading what this product could do.
I assume I have your attention. The University of Washington has developed a product called Vanish, which, simply put, lets information expire. Virtually any information can be set to expire, including e-mail, Facebook posts, blog posts, chat messages and even documents. Not even the content developer can recover the content. The product works by encrypting the data using a key that the user does not even know, and then divides the key into many parts and distributes them over a peer-to-peer network. As new systems join the network and older systems leave the network, the key is eventually lost.
You might be asking, "Why not just use encryption to protect my data?" Remember, a hacker could steal your passphrase with a keylogger. In the case of eDiscovery, you might be required by law to give up your passphrase.
This is a double-edged sword for a security professional. On one hand, we have information that expires and leaves no trace. So we can imagine a world with no more incriminating e-mail or blog posts that can hang your company, or its executives, in a courtroom. On the other hand, you could lose data that can save you, as well. Let's say you had an e-mail that proved you did nothing wrong. That data could be erased also.
However, we live in a world where various retention requirements do in fact exist, and serious questions are raised by such a product. Interestingly, the early coverage of Vanish is full of breathless wonder at the possibility of being released from the tyranny of data that will never die. Domain-b.com quotes one of the researchers saying that the technology is "ahead of the law." Of course, that situation is nothing new for emerging technologies, but doesn't mean that regulations and laws governing data management and retention somehow no longer apply.
To Continue Reading: Click Here
---------------------------------------------------
Source: itbusinessedge.com
By Ralph DeFrangesco
I assume I have your attention. The University of Washington has developed a product called Vanish, which, simply put, lets information expire. Virtually any information can be set to expire, including e-mail, Facebook posts, blog posts, chat messages and even documents. Not even the content developer can recover the content. The product works by encrypting the data using a key that the user does not even know, and then divides the key into many parts and distributes them over a peer-to-peer network. As new systems join the network and older systems leave the network, the key is eventually lost.
You might be asking, "Why not just use encryption to protect my data?" Remember, a hacker could steal your passphrase with a keylogger. In the case of eDiscovery, you might be required by law to give up your passphrase.
This is a double-edged sword for a security professional. On one hand, we have information that expires and leaves no trace. So we can imagine a world with no more incriminating e-mail or blog posts that can hang your company, or its executives, in a courtroom. On the other hand, you could lose data that can save you, as well. Let's say you had an e-mail that proved you did nothing wrong. That data could be erased also.
However, we live in a world where various retention requirements do in fact exist, and serious questions are raised by such a product. Interestingly, the early coverage of Vanish is full of breathless wonder at the possibility of being released from the tyranny of data that will never die. Domain-b.com quotes one of the researchers saying that the technology is "ahead of the law." Of course, that situation is nothing new for emerging technologies, but doesn't mean that regulations and laws governing data management and retention somehow no longer apply.
To Continue Reading: Click Here
---------------------------------------------------
Source: itbusinessedge.com
By Ralph DeFrangesco
Enterprise 2.0 Will Reinvent Corporate Silos
During the last few weeks I have been engaged in a number of discussions about different aspects of the concept of Enterprise 2.0 in the aftermath of the June 2009 Enterprise 2.0 conference here in Boston.
People are coming at this from all kinds of angles and I assume that reflect their professional experiences within areas like Enterprise Content Management (ECM), Customer Relationship Management (CRM), Enterprise Resource Planning (ERP), Knowledge Management (KM), Business Process Management (BPM), Project Portfolio Management, (PPM), Innovation Management (IM) and other such classifications of different aspects of what makes an organization function. AND now we have a new classification with Enterprise 2.0 that we are trying to define.
Each one of these classifications or disciplines has its own set of "magic quadrant" constructed by research firms to assess vendor solutions and "hall of fame" defined by (vendor) associations and Enterprise 2.0 is probably not far behind.
Much discussion was about breaking down the corporate silos to further adoptions of social media tools to improve overall communication. But to quote Paula Thornton -- "there is an issue greater than adoption at play here: hesitation to recognize the breadth and depth of adaptation that needs to occur across the entire enterprise and every aspect of the business model."
Similarly Fred Zimny states: "many business decision makers who decide to dive into the E2.0 sea, often come back more confused than they were before taking that dive. AIIM's year-old survey, which found that 74% of surveyed organizations had no idea what E2.0 meant or how it could be meaningfully applied, likely would've come back with a similar numbers today."
To Continue Reading: Click Here
---------------------------------------------------
Source: socialcomputingjournal.com
By: Poul J. Hebsgaard
People are coming at this from all kinds of angles and I assume that reflect their professional experiences within areas like Enterprise Content Management (ECM), Customer Relationship Management (CRM), Enterprise Resource Planning (ERP), Knowledge Management (KM), Business Process Management (BPM), Project Portfolio Management, (PPM), Innovation Management (IM) and other such classifications of different aspects of what makes an organization function. AND now we have a new classification with Enterprise 2.0 that we are trying to define.
Each one of these classifications or disciplines has its own set of "magic quadrant" constructed by research firms to assess vendor solutions and "hall of fame" defined by (vendor) associations and Enterprise 2.0 is probably not far behind.
Much discussion was about breaking down the corporate silos to further adoptions of social media tools to improve overall communication. But to quote Paula Thornton -- "there is an issue greater than adoption at play here: hesitation to recognize the breadth and depth of adaptation that needs to occur across the entire enterprise and every aspect of the business model."
Similarly Fred Zimny states: "many business decision makers who decide to dive into the E2.0 sea, often come back more confused than they were before taking that dive. AIIM's year-old survey, which found that 74% of surveyed organizations had no idea what E2.0 meant or how it could be meaningfully applied, likely would've come back with a similar numbers today."
To Continue Reading: Click Here
---------------------------------------------------
Source: socialcomputingjournal.com
By: Poul J. Hebsgaard
‘Textual harassment’ a growing liability for employers
Text messaging used as a tool for harassers, but it leaves clear evidence of the misconduct
Text messaging is becoming more common as a method of employee harassment in the workplace and a bigger liability concern for employers, according to employment lawyers cited on the American legal website law.com.
U.S. courts are starting to see harassment cases stemming from inappropriate and harassing messages sent by bosses or co-workers to employees on their cellphones. Most common are male bosses who send text messages to female employees, such as requests for dates or sexual favours. The interesting thing about this behaviour, for which the term “textual harassment” has been coined, is that as soon as it’s committed, the victim has evidence for a complaint with the message on their cellphone.
“We’re actually seeing it happening …lawsuits are being filed, where an employee will testify that one of the means they were harassed by someone was through text messages,” Clint Robison, of law firm Hinshaw and Culbertson in Los Angeles, told law.com. “(Text messages) come up in pure harassment claims and wrongful termination lawsuits, where employees are being deposed and saying, ‘Well, I can prove (harassment) because the dinner date invitation from my boss was sent to me late at night.”
To Continue Reading: Click Here---------------------------------------------------
Source: employmentlawtoday.com
Woman's Tweet Draws Landlord Lawsuit
The Chicago woman is being sued for $50,000 for making a negative remark about her apartment maintenance.
A Chicago-area woman who criticized her landlord on Twitter is facing a $50,000 defamation suit.
Horizon Group Management sued the woman, identified as Amanda Bonnen, on Monday in Cook County Circuit Court, the Chicago Sun-Times reported Tuesday. The company, which claims to manage 1,500 apartments in Chicago, says it was "maliciously and wrongfully" defamed by the defendant's tweet. The person posting the message went by the Twitter name "abonnen."
A member of the family that has run Horizon for 25 years told the Sun-Times the company did not ask the woman to take down the post. "We're a sue first, ask questions later kind of an organization," Jeffrey Michael told the newspaper. On Tuesday, many Twitter users voiced support for Bonnen. A few suggested setting up a legal defense fund and many re-posted abonnen's original comment.
To Continue Reading: Click Here
---------------------------------------------------
Source: informationweek.com
By Antone Gonsalves
A Chicago-area woman who criticized her landlord on Twitter is facing a $50,000 defamation suit.
Horizon Group Management sued the woman, identified as Amanda Bonnen, on Monday in Cook County Circuit Court, the Chicago Sun-Times reported Tuesday. The company, which claims to manage 1,500 apartments in Chicago, says it was "maliciously and wrongfully" defamed by the defendant's tweet. The person posting the message went by the Twitter name "abonnen."
A member of the family that has run Horizon for 25 years told the Sun-Times the company did not ask the woman to take down the post. "We're a sue first, ask questions later kind of an organization," Jeffrey Michael told the newspaper. On Tuesday, many Twitter users voiced support for Bonnen. A few suggested setting up a legal defense fund and many re-posted abonnen's original comment.
To Continue Reading: Click Here
---------------------------------------------------
Source: informationweek.com
By Antone Gonsalves
Think before donating old computers: hidden info could cause identity theft
You may think you’ve erased information on your personal computer by hitting the “delete” button. But experts say you haven’t. It’s still there.
Before you throw away that old computer or donate it to a charity, make sure you’re not giving away your name, age, social security number and mother’s maiden name, said Lynn J. Bruesewitz.
Bruesewitz, owner of St. Charles-based Software Support Systems Inc., wants people to know that they may be vulnerable to identity theft by unwittingly leaving private information on their hard drives.
“Think of your hard drive as a chalk board,” Bruesewitz said. “You can write over what you’ve just written or move to another space on the chalk board and write in the empty space. Computer hard drives are much the same way. The computer flags things for deletion, but in reality that information may stay there forever.”
To Continue Reading: Click Here
---------------------------------------------------
Source: kcchronicle.com
By Tim Kane
Before you throw away that old computer or donate it to a charity, make sure you’re not giving away your name, age, social security number and mother’s maiden name, said Lynn J. Bruesewitz.
Bruesewitz, owner of St. Charles-based Software Support Systems Inc., wants people to know that they may be vulnerable to identity theft by unwittingly leaving private information on their hard drives.
“Think of your hard drive as a chalk board,” Bruesewitz said. “You can write over what you’ve just written or move to another space on the chalk board and write in the empty space. Computer hard drives are much the same way. The computer flags things for deletion, but in reality that information may stay there forever.”
To Continue Reading: Click Here
---------------------------------------------------
Source: kcchronicle.com
By Tim Kane
Six More Keys to Better Searching
Last month, I talked about how judges are setting new standards for e-discovery keyword searches. I laid out the first four of 10 steps guaranteed to help you fashion more effective, efficient and defensible queries:
1. Start with the request for production.
2. Seek input from key players.
3. Look at what you've got and the tools you'll use.
4. Communicate and collaborate.
This month we cover the next six steps.
5. Incorporate misspellings, variants and synonyms.
Did you know Google got its name because its founders couldn't spell googol? Whether due to typos, transposition, IM-speak, misuse of homophones or ignorance, electronically stored information fairly crawls with misspellings that complicate keyword search. Merely searching for "management" will miss "managment" and "mangement."
To address this, you must either include common variants and errors in your list of keywords or employ a search tool that supports fuzzy searching. The former tends to be more efficient because fuzzy searching (also called approximate string matching) mechanically varies letters, often producing an unacceptably high level of false hits.
To Continue Reading: Click Here
---------------------------------------------------
Source: law.com
By Craig Ball
1. Start with the request for production.
2. Seek input from key players.
3. Look at what you've got and the tools you'll use.
4. Communicate and collaborate.
This month we cover the next six steps.
5. Incorporate misspellings, variants and synonyms.
Did you know Google got its name because its founders couldn't spell googol? Whether due to typos, transposition, IM-speak, misuse of homophones or ignorance, electronically stored information fairly crawls with misspellings that complicate keyword search. Merely searching for "management" will miss "managment" and "mangement."
To address this, you must either include common variants and errors in your list of keywords or employ a search tool that supports fuzzy searching. The former tends to be more efficient because fuzzy searching (also called approximate string matching) mechanically varies letters, often producing an unacceptably high level of false hits.
To Continue Reading: Click Here
---------------------------------------------------
Source: law.com
By Craig Ball
Tuesday, July 28, 2009
10 Things SharePoint Can Do for Your Firm
I often find myself staring at Microsoft SharePoint and wondering how I can do more with it to enable a 21st century law firm; one in which attorneys, clients and staff can easily share ideas, expertise and information across time and distance. How can it be used to reduce costs while expanding the ways in which we collaborate?
In this article I'll suggest 10 ways you can use SharePoint today in your firm to improve attorney effectiveness, deliver better client service and reduce costs. This is not a "how to" but a "what now" article, written to answer that perennial question: "now what?"
1: REPLACE YOUR DOCUMENT MANAGEMENT SYSTEM
Just like a "real" DMS, SharePoint can store millions of documents along with associated versions and metadata. It can be configured to enforce retention policies and approval workflows, to allow each practice group to define their own document properties, to enforce those policies and properties centrally, or some combination thereof.
The most controversial issue relating to the use of SharePoint as a DMS has nothing to do with features or functionality, but rather with the fact that it stores documents in an SQL database as opposed to individual files on disk like leading legal DMS vendors such as
1. Many believe that documents stored in SQL Server are more likely to become corrupt than the same document stored as a file on a disk drive. This concern stems from problems with Binary Large Object (BLOB) storage in early SQL databases during the 1980s and 90s. Old fears die hard;
---------------------------------------------------
Source: law.com
By Mark Gerow
Report: Nagin e-mail box not storing sent items
New Orleans Mayor Ray Nagin's e-mail box has not been storing "sent" items, an issue raised in a report by a technology group hired by the city as it faced a public records lawsuit over Nagin's messages.
The city ended its contract with the Louisiana Technology Council earlier this month, when city technology chief M. Harrison Boyd said the group used flawed methods and reached unfounded conclusions. The council has stood behind its findings — work it called "an initial success" in the report.
When asked about the issue of sent e-mails, Nagin spokeswoman Ceeon Quiett said the city "cannot comment on preliminary findings that have proven to be inaccurate."
She also referred to comments made by Boyd and the city attorney, who on Monday threatened a lawsuit if the council didn't turn over data gleaned from city servers.
The finding about a lack of "sent" messages was included in a July 6 report by the council and which the city made public Monday.
Technology council President Mark Lewis said his group planned to turn over 18,000 items recovered as part of its work. He said those items include notes, calendar items and e-mails, though Lewis could not say how many e-mails.
To Continue Reading: Click Here
---------------------------------------------------
Source: theadvertiser.com
The city ended its contract with the Louisiana Technology Council earlier this month, when city technology chief M. Harrison Boyd said the group used flawed methods and reached unfounded conclusions. The council has stood behind its findings — work it called "an initial success" in the report.
When asked about the issue of sent e-mails, Nagin spokeswoman Ceeon Quiett said the city "cannot comment on preliminary findings that have proven to be inaccurate."
She also referred to comments made by Boyd and the city attorney, who on Monday threatened a lawsuit if the council didn't turn over data gleaned from city servers.
The finding about a lack of "sent" messages was included in a July 6 report by the council and which the city made public Monday.
Technology council President Mark Lewis said his group planned to turn over 18,000 items recovered as part of its work. He said those items include notes, calendar items and e-mails, though Lewis could not say how many e-mails.
To Continue Reading: Click Here
---------------------------------------------------
Source: theadvertiser.com
Monday, July 27, 2009
Data Protection, on an International Scale
Data protection in the U.S. is different from data protection in the UK. And because every government does things differently, it should not come as a surprise that data protection in other countries, like Germany, looks different than in either the UK or the U.S. But as law.com pointed out on Friday, it's where those different laws overlap and contradict each other that a lot of global companies trip up. (I've made similar observations before in the e-discovery context.)
Writer Erik Sherman says determining a "common denominator" that will keep all of the regulators happy is not easy to do. Though Lyndon Group's Ruth Horazcko says the first step to data protection is deciding where the data resides, and thus, which law applies, the answer is not always evident. Hunton & Williams privacy and information management practice head Lisa Sotto points out that even countries in the same region will have different requirements. According to law.com, "They can differ on what can count as user permission to use data, what security requirements are necessary and even how long the information can be retained."
The same is true in the U.S. Outside of the data breach notification law that is part of the HITECH portion of the American Recovery and Reinvestment Act, there are no broad federal data protection laws, but various states have taken stabs at legislating the issue. And each of the state laws is a little bit different.
So how should companies go about crafting a data protection compliance plan? Adam Smith, deputy legal counsel at IT infrastructure services provider Terremark Worldwide says, "I don't think anyone in the IT department is thinking, 'We're in Amsterdam and have capacity in Germany, so let's move this over there and move some to the U.S.' [and then consider the legal issues]."
And if the companies don't want government authorities breathing down their necks, so to speak, to enforce data protection requirements, Smith says the legal department has to "insert [itself] in a risk management role."
To Continue Reading: Click Here
--------------------------------------------------
Source: IT Business Edge
By: Lora Bentley
Writer Erik Sherman says determining a "common denominator" that will keep all of the regulators happy is not easy to do. Though Lyndon Group's Ruth Horazcko says the first step to data protection is deciding where the data resides, and thus, which law applies, the answer is not always evident. Hunton & Williams privacy and information management practice head Lisa Sotto points out that even countries in the same region will have different requirements. According to law.com, "They can differ on what can count as user permission to use data, what security requirements are necessary and even how long the information can be retained."
The same is true in the U.S. Outside of the data breach notification law that is part of the HITECH portion of the American Recovery and Reinvestment Act, there are no broad federal data protection laws, but various states have taken stabs at legislating the issue. And each of the state laws is a little bit different.
So how should companies go about crafting a data protection compliance plan? Adam Smith, deputy legal counsel at IT infrastructure services provider Terremark Worldwide says, "I don't think anyone in the IT department is thinking, 'We're in Amsterdam and have capacity in Germany, so let's move this over there and move some to the U.S.' [and then consider the legal issues]."
And if the companies don't want government authorities breathing down their necks, so to speak, to enforce data protection requirements, Smith says the legal department has to "insert [itself] in a risk management role."
To Continue Reading: Click Here
--------------------------------------------------
Source: IT Business Edge
By: Lora Bentley
Security Manager's Journal: Writing a data retention policy isn't as simple as it sounds
Establishing a policy on how long data must be retained seems easy enough. It isn't. For starters, not all data is the same.
Trouble Ticket
At Issue: It's time for the company to set a new policy on data retention.
Action Plan: Normally, our manager would want to write it. But this time, it's better to let the lawyers take charge.
I got lunch in the company cafeteria last week, and we may end up saving over $40,000 a month as a result.
That's because I bumped into our head legal counsel while waiting in line. "When," I asked, "are we going to drop the requirement to retain all data?"
For several years, we have been forbidden to overwrite any data related to e-mail, home directories, financial systems and several other document repositories and systems. This ban arose from a stock-options grant investigation, now long concluded. Being barred from overwriting backup tapes comes at a cost; we're spending about $40,000 a month just for new tapes. More costs arise because we are prohibited from overwriting the hard drives of departed employees. At least that cost was alleviated recently with a new initiative to capture images of those hard drives before reassigning them to other employees.Couldn't we relax the retention policy and get back to a normal state of affairs? I asked him. Yes, we could, he said, but not until we create a comprehensive data-retention policy. You could help, he said.
To Continue Reading: Click Here
---------------------------------------------------
Source: computerworld.com
By Mathias Thurman
What Is a Backup?
A backup must be made by copying the source data image when it is in a consistent state
The word "backup" gets thrown around so much that folks tuned in to the world of enterprise storage can start getting surly. One of the best ways to annoy a backup administrator is to start talking about how well the backup will facilitate disaster recovery, e-discovery, and compliance! So what is a backup anyway? Is it different from an archive?
SNIA defines a backup as follows:
"A collection of data stored on (usually removable) non-volatile storage media for purposes of recovery in case the original copy of data is lost or becomes inaccessible; also called a backup copy.To be useful for recovery, a backup must be made by copying the source data image when it is in a consistent state."
This description does not strike me as all that useful, so I put this simple question to a number of folks on Twitter and through direct discussion.
I contacted W. Curtis Preston, "Mr. Backup", for his opinion. He pointed out that just about any copy of data can be used as a backup, but not all are equally effective. A simple file copy routine might suffice, but managing this might prove troublesome. Preston also warned about relying on backups for more than simple restore: "using a backup as an archive, for example, doesn't make it an archive!"
To Continue Reading: Click Here---------------------------------------------------
Source: dotnet.sys-con.com
By Stephen Foskett
Sunday, July 26, 2009
How to Comply with Data Encryption Laws
In my last blog post, I pointed out the new laws in Massachusetts and Nevada that require all personal data in transit to be encrypted. That post generated lots of discussion, including thoughtful responses from Steve Duplessie and Joseph Martins, and I urge you to read those as well.
Two key questions remain: What exactly do these laws demand and how will you actually comply with them? Sure, encryption technology is widely available, but actually implementing it has been a slow uphill climb for most IT organizations. Let's examine the implications!
What the Law Requires
In my years of IT consulting, and especially over the last two, where I focused on litigation readiness, I've come to see that laws are rarely as cut and dried and actionable as IT would like. As pointed out by Martins, the Nevada statute is particularly vague. But even the much more lengthy Massachusetts law does not answer the key IT implementation questions. Time will tell how these requirements are interpreted and implemented by the Attourneys General and courts of these two states. Until then, we will have to make some educated guesses based on both the letter and intent of the lawmakers.
Let's examine some of the questions these laws raise:
To Continue Reading: Click Here
---------------------------------------------------
Source: dotnet.sys-con.com
By Stephen Foskett
Two key questions remain: What exactly do these laws demand and how will you actually comply with them? Sure, encryption technology is widely available, but actually implementing it has been a slow uphill climb for most IT organizations. Let's examine the implications!
What the Law Requires
In my years of IT consulting, and especially over the last two, where I focused on litigation readiness, I've come to see that laws are rarely as cut and dried and actionable as IT would like. As pointed out by Martins, the Nevada statute is particularly vague. But even the much more lengthy Massachusetts law does not answer the key IT implementation questions. Time will tell how these requirements are interpreted and implemented by the Attourneys General and courts of these two states. Until then, we will have to make some educated guesses based on both the letter and intent of the lawmakers.
Let's examine some of the questions these laws raise:
To Continue Reading: Click Here
---------------------------------------------------
Source: dotnet.sys-con.com
By Stephen Foskett
Friday, July 24, 2009
The convergence of eDiscovery and eCompliance
Electronically stored information (ESI) is a rich source of material in litigation proceedings, and as a result, eDiscovery has experienced rapid growth during the last five years. It has taken center stage in numerous high-profile cases as corporations have struggled to identify, collect, cull, analyze and review ESI in a cost-effective and defensible manner. The problem is that eDiscovery is largely a reactive and manual process.
Now, with eDiscovery requests growing and the data volume increasing from the gigabyte to the terabyte range, corporations struggle to meet the new regulations and timelines -- largely imposed by the Federal Rules of Civil Procedure (FRCP). Corporations are beginning to look to technology to streamline the traditionally manual discovery process, deliver a defensible process and reduce high labor expenses.
At the same time, information compliance and governance issues have grown to critical proportions. With the pace of regulation continuing to increase, its impact on IT has become substantial. Regulatory compliance has become a critical element in IT decisions in the same way that client/server, ERP and other major technological innovations have in recent years.
To Continue Reading: Click Here
---------------------------------------------------
Source: scmagazineus.com
By Karthik Kannan
Now, with eDiscovery requests growing and the data volume increasing from the gigabyte to the terabyte range, corporations struggle to meet the new regulations and timelines -- largely imposed by the Federal Rules of Civil Procedure (FRCP). Corporations are beginning to look to technology to streamline the traditionally manual discovery process, deliver a defensible process and reduce high labor expenses.
At the same time, information compliance and governance issues have grown to critical proportions. With the pace of regulation continuing to increase, its impact on IT has become substantial. Regulatory compliance has become a critical element in IT decisions in the same way that client/server, ERP and other major technological innovations have in recent years.
To Continue Reading: Click Here
---------------------------------------------------
Source: scmagazineus.com
By Karthik Kannan
Massachusetts Says Encrypt It All!
Everyone in IT knows that much of the data crossing networks around the world is still unencrypted
Protecting personal data, like backup and disaster recovery, can be hard to get people excited about. Although we see the problem plainly and solutions are widely available, it can be hard to convince business management that technologies like encryption are worth the investment. But new regulations promise to change all that: Massachusetts and Nevada have enacted data protection laws that require encryption of personal information in transit.
It's about time, too. Data losses have been all over the news for a decade, and everyone in IT knows that much of the data crossing networks around the world is still unencrypted. The situation with backup tapes is even worse: The majority of corporations still don't encrypt backup data, and most have poorly-controlled procedures for handling tapes. Every day, businesses create backup tapes containing their most critical and personal data and leave them sitting in a box for a stranger to pick up at a loading dock or reception desk.
Nevada's law, NRS 597.970, took effect Oct 1, 2008. It states the encryption requirement quite plainly:
"A business in this State shall not transfer any personal information of a customer through an electronic transmission other than a facsimile to a person outside of the secure system of the business unless the business uses encryption to ensure the security of electronic transmission"
The Massachusetts law, 201 CMR 17.00, takes effect Jan 1, 2010. It's even more restrictive than the Nevada statute, including the following:
To Continue Reading: Click Here
---------------------------------------------------
Source: cio.utilizer.com
By Stephen Foskett
Protecting personal data, like backup and disaster recovery, can be hard to get people excited about. Although we see the problem plainly and solutions are widely available, it can be hard to convince business management that technologies like encryption are worth the investment. But new regulations promise to change all that: Massachusetts and Nevada have enacted data protection laws that require encryption of personal information in transit.
It's about time, too. Data losses have been all over the news for a decade, and everyone in IT knows that much of the data crossing networks around the world is still unencrypted. The situation with backup tapes is even worse: The majority of corporations still don't encrypt backup data, and most have poorly-controlled procedures for handling tapes. Every day, businesses create backup tapes containing their most critical and personal data and leave them sitting in a box for a stranger to pick up at a loading dock or reception desk.
Nevada's law, NRS 597.970, took effect Oct 1, 2008. It states the encryption requirement quite plainly:
"A business in this State shall not transfer any personal information of a customer through an electronic transmission other than a facsimile to a person outside of the secure system of the business unless the business uses encryption to ensure the security of electronic transmission"
The Massachusetts law, 201 CMR 17.00, takes effect Jan 1, 2010. It's even more restrictive than the Nevada statute, including the following:
To Continue Reading: Click Here
---------------------------------------------------
Source: cio.utilizer.com
By Stephen Foskett
Cabinet e-mails ordered destroyed in May, court told
The Basi-Virk case heard another shocking allegation Thursday: Cabinet e-mails sought by defence lawyers for the past two years may have been ordered destroyed as recently as May this year.
The trial judge, B.C. Supreme Court Justice Elizabeth Bennett, was told the e-mails, stored on backup tapes, were sent to a company called EDS Advanced Solutions, which was told in May to no longer retain the data.
That information was contained in a new affidavit by Rosemarie Hayes, manager of the government's information technology services.
Defence lawyer Kevin McCullough asked the judge to make an order as soon as possible for the government to produce any e-mails that may still exist.
The judge said she will make a ruling next Monday on the relevance of the e-mails, if they exist.
Last month, government lawyer George Copley filed two affidavits that said the e-mails being sought might already have been destroyed, including an affidavit from Hayes that said e-mails were on backup tapes that cannot be retrieved after 13 months.
To Continue Reading: Click Here
---------------------------------------------------
Source: vancouversun.com
By Neal Hall and Jonathan Fowlie
The trial judge, B.C. Supreme Court Justice Elizabeth Bennett, was told the e-mails, stored on backup tapes, were sent to a company called EDS Advanced Solutions, which was told in May to no longer retain the data.
That information was contained in a new affidavit by Rosemarie Hayes, manager of the government's information technology services.
Defence lawyer Kevin McCullough asked the judge to make an order as soon as possible for the government to produce any e-mails that may still exist.
The judge said she will make a ruling next Monday on the relevance of the e-mails, if they exist.
Last month, government lawyer George Copley filed two affidavits that said the e-mails being sought might already have been destroyed, including an affidavit from Hayes that said e-mails were on backup tapes that cannot be retrieved after 13 months.
To Continue Reading: Click Here
---------------------------------------------------
Source: vancouversun.com
By Neal Hall and Jonathan Fowlie
Wednesday, July 22, 2009
Knowledge Management on a Typical Day
Progressive firms are able to weave knowledge management from various resources into a cohesive business development strategy. What follows is how one law firm's marketing department might interact with the firm's lawyers about a business opportunity on a typical day.
On alert -- 7:23 a.m. The Google Alert arrived; information systems were preset to notify the marketing department in real time. Industry analysts were monitoring rumors that a subsidiary of XYZ Widgets was experiencing a liquidity crisis. The subsidiary claimed more than $81 million in assets; analysts believed the subsidiary's value was only a fraction of that. Marketing forwarded the alert to the bankruptcy section leader and requested a meeting to consider the possible opportunity. Preparing for the meeting, marketing reviewed the firm's contact database to identify relationships with potential decision-makers in the company and generated a list of connections.
Rapid succession -- 9:12 a.m. During the meeting, questions were fired back and forth:
• Do you agree that a potential opportunity exists?
• What do we know about the subsidiary, XYZ and its industry?
• Where could/will this potential bankruptcy file?
• Is this a good fit for the firm?
• Do we have the capacity to manage a matter like this?
• Can we clear potential conflicts?
• What team should staff the matter?
• Which of our connections represents the strongest relationship?
• How do we approach XYZ to inquire about potential representation?
• Where is XYZ in the decision-making process?
• What is the window of opportunity for approaching XYZ?
• Should we approach XYZ prior to a formal request for proposal?
A decision -- 9:47 a.m. After 35 minutes, the decision was made that Sara (a young partner at the firm) should telephone Max, the assistant general counsel at XYZ, a fellow law school alum with whom she'd previously connected through a professional network online. Although the two had never met face to face, Max was on marketing's mailing list, and was, therefore, familiar with Sara through her writings and speaking engagements that focused on the widget industry.
To Continue Reading: Click Here
---------------------------------------------------
Source: Law.com
By Felicia A. Gojmerac and Paul D. Webb
On alert -- 7:23 a.m. The Google Alert arrived; information systems were preset to notify the marketing department in real time. Industry analysts were monitoring rumors that a subsidiary of XYZ Widgets was experiencing a liquidity crisis. The subsidiary claimed more than $81 million in assets; analysts believed the subsidiary's value was only a fraction of that. Marketing forwarded the alert to the bankruptcy section leader and requested a meeting to consider the possible opportunity. Preparing for the meeting, marketing reviewed the firm's contact database to identify relationships with potential decision-makers in the company and generated a list of connections.
Rapid succession -- 9:12 a.m. During the meeting, questions were fired back and forth:
• Do you agree that a potential opportunity exists?
• What do we know about the subsidiary, XYZ and its industry?
• Where could/will this potential bankruptcy file?
• Is this a good fit for the firm?
• Do we have the capacity to manage a matter like this?
• Can we clear potential conflicts?
• What team should staff the matter?
• Which of our connections represents the strongest relationship?
• How do we approach XYZ to inquire about potential representation?
• Where is XYZ in the decision-making process?
• What is the window of opportunity for approaching XYZ?
• Should we approach XYZ prior to a formal request for proposal?
A decision -- 9:47 a.m. After 35 minutes, the decision was made that Sara (a young partner at the firm) should telephone Max, the assistant general counsel at XYZ, a fellow law school alum with whom she'd previously connected through a professional network online. Although the two had never met face to face, Max was on marketing's mailing list, and was, therefore, familiar with Sara through her writings and speaking engagements that focused on the widget industry.
To Continue Reading: Click Here
---------------------------------------------------
Source: Law.com
By Felicia A. Gojmerac and Paul D. Webb
Tuesday, July 21, 2009
CEOs Risk Damaging Violations By Lagging Behind Latest eDiscovery Regulations Over 60% of Respondents in Metalogix Survey Cite Lack of Direction
Metalogix Software (http://www.metalogix.net), a privately held Microsoft Exchange™ and Microsoft SharePoint™ migration and archiving company, today released the eCompliance and eDiscovery Report 2009, which identifies email archiving trends for 2009 (1). The report presents the results of a recent survey of over 1,500 U.S. and international corporate executives.
The report concludes that many corporations need to revamp their strategies for eDiscovery compliance or risk consequences that could affect their bottom lines:
• CEOs have limited knowledge about eCompliance and eDiscovery and are therefore unable to communicate their specific expectations in these areas.
• Almost 50% of respondents do not know their CEO's expectations for compliance archiving.
• CEOs may believe that their organizations have legally compliant email systems ready for eDiscovery requests, but 43% of all respondents report that their organizations are not compliant today with all the regulations that affect them.
• Lost in space--1 in 4 organizations believe it impossible to locate a specific email, even if ordered to do so by a court of law. Respondents at those organizations who are able to find an email estimate they would need 4 or more days to do so.
• Outdated policies and procedures--nearly 66% of organizations still have policies that do not reflect today's economic and legislative realities; in fact, 75% use policies that omit technologies like SharePoint discussion groups and wikis.
To Continue Reading: Click Here
----------------------------------------------
Source: emediawire.com
The report concludes that many corporations need to revamp their strategies for eDiscovery compliance or risk consequences that could affect their bottom lines:
• CEOs have limited knowledge about eCompliance and eDiscovery and are therefore unable to communicate their specific expectations in these areas.
• Almost 50% of respondents do not know their CEO's expectations for compliance archiving.
• CEOs may believe that their organizations have legally compliant email systems ready for eDiscovery requests, but 43% of all respondents report that their organizations are not compliant today with all the regulations that affect them.
• Lost in space--1 in 4 organizations believe it impossible to locate a specific email, even if ordered to do so by a court of law. Respondents at those organizations who are able to find an email estimate they would need 4 or more days to do so.
• Outdated policies and procedures--nearly 66% of organizations still have policies that do not reflect today's economic and legislative realities; in fact, 75% use policies that omit technologies like SharePoint discussion groups and wikis.
To Continue Reading: Click Here
----------------------------------------------
Source: emediawire.com
Jarvis DeBerry: The case of the disappearing e-mail
Here's an assignment for you aspiring novelists. When given the names and background information for four characters and a mystery involving all of them, write a scene that makes it obvious which of them should be believed.
Your characters are:
Anthony Jones. He lied on his job application to New Orleans City Hall by pretending to have a college degree and, yet, was still promoted to interim chief technology officer. A city audit found that he filed false invoices to cover up the high costs of the city's crime cameras contract and that he took an "unlawful trip" financed by a city contractor. In May he was arrested for knocking down and choking his ex-girlfriend.
Greg Meffert. He was the city's first chief technology officer and Jones' former boss. Meffert was the kept man of a city contractor and, while hosting a party aboard the contractor's yacht, pretended that it was his own. While still a city executive, Meffert liberally used that contractor's credit card. Charges include a kid-friendly excursion to Chuck E. Cheese's and several trips to strip clubs.
Mayor Ray Nagin. The party aboard the yacht was in celebration of his 2006 victory at the polls. Nagin took trips funded by Meffert's patron but says he can't remember them. Nagin will not produce his e-mail records but has sermonized about the importance of others preserving theirs. He hired a company to find his missing records, then fired the company when it suggested skullduggery.
To Continue Reading: Click Here
----------------------------------------------
Source: nola.com
By: Jarvis DeBerry
Your characters are:
Anthony Jones. He lied on his job application to New Orleans City Hall by pretending to have a college degree and, yet, was still promoted to interim chief technology officer. A city audit found that he filed false invoices to cover up the high costs of the city's crime cameras contract and that he took an "unlawful trip" financed by a city contractor. In May he was arrested for knocking down and choking his ex-girlfriend.
Greg Meffert. He was the city's first chief technology officer and Jones' former boss. Meffert was the kept man of a city contractor and, while hosting a party aboard the contractor's yacht, pretended that it was his own. While still a city executive, Meffert liberally used that contractor's credit card. Charges include a kid-friendly excursion to Chuck E. Cheese's and several trips to strip clubs.
Mayor Ray Nagin. The party aboard the yacht was in celebration of his 2006 victory at the polls. Nagin took trips funded by Meffert's patron but says he can't remember them. Nagin will not produce his e-mail records but has sermonized about the importance of others preserving theirs. He hired a company to find his missing records, then fired the company when it suggested skullduggery.
To Continue Reading: Click Here
----------------------------------------------
Source: nola.com
By: Jarvis DeBerry
Railgate Looks Even More Like Watergate
Who destroyed email evidence in the BC Legislature Raid case? And why?
What really hurts in matters of this sort is not the fact that they occur, because overzealous people in campaigns do things that are wrong. What really hurts is if you try to cover it up." -- President Richard Nixon on Watergate, August 29, 1972
If you cannot figure anything else out about the complicated Basi-Virk corruption case, understand just this -- during the May provincial election someone in the B.C. government ordered potentially critical email evidence destroyed.
We don't know -- yet -- who gave the order. We don't know -- yet -- why. We don't know -- yet -- whether the order was executed.
But we do know that it happened just before the May 12 election and that the RCMP is now investigating whether deleting backup tapes of the emails of Premier Gordon Campbell, cabinet ministers and staff might constitute obstruction of justice.
And we do know it happened despite Campbell saying on June 23: "The records that should be kept under the law have been kept."
On Monday, B.C. Supreme Court Justice Elizabeth Bennett ruled some emails were "likely relevant" evidence, allowing the defence to ask for a court order to determine if the tapes still exist and to obtain them.
To Continue Reading: Click Here----------------------------------------------
Source: thetyee.ca
By: Bill Tieleman
Five legal concerns about putting your data in the cloud
As a lawyer, the thing that concerns me about the use of cloud-based computing services is that it often involves the transfer of electronic data from internal IT infrastructure to systems managed by third-party vendors.
This change in custody, and potentially control, can create compliance issues. While not intended to be exhaustive, the following five questions are a good start to the analysis, from a legal perspective, that should occur during the planning of a cloud-based project.
1. How do cloud services affect e-discovery obligations?
Litigation discovery obligations extend to documents in a litigant's custody or control. Accordingly, a consumer of cloud computing services may need to preserve, search and collect data placed onto the cloud if that data remains under the consumer's control.
But how do you know whether such data remains under the consumer's control? Courts have noted in similar situations that the service agreement is the starting point for determining whether data in the custody of a third party is under the control of its originator. For that reason, the service agreement is of singular importance when determining the suitability of a given cloud service.
In the most common uses of cloud services, the consumer retains control over its data, and therefore the scope of electronic discovery obligations is unaffected. Nonetheless, the use of cloud-based services can affect the consumer's ability to meet its discovery obligations in a cost-effective and accurate manner.
For example, the consumer will not have the same knowledge of the workings of the cloud service as it would typically have of its own networks, potentially resulting in slower and more costly discovery, with a higher risk of errors. As another example, a lack of direct access to the cloud hardware coupled with the transitory nature of most cloud services may make preserving and collecting forensic information challenging.
To Continue Reading: Click Here
----------------------------------------------
Source: itbusiness.ca
By: Nolan Goldberg
This change in custody, and potentially control, can create compliance issues. While not intended to be exhaustive, the following five questions are a good start to the analysis, from a legal perspective, that should occur during the planning of a cloud-based project.
1. How do cloud services affect e-discovery obligations?
Litigation discovery obligations extend to documents in a litigant's custody or control. Accordingly, a consumer of cloud computing services may need to preserve, search and collect data placed onto the cloud if that data remains under the consumer's control.
But how do you know whether such data remains under the consumer's control? Courts have noted in similar situations that the service agreement is the starting point for determining whether data in the custody of a third party is under the control of its originator. For that reason, the service agreement is of singular importance when determining the suitability of a given cloud service.
In the most common uses of cloud services, the consumer retains control over its data, and therefore the scope of electronic discovery obligations is unaffected. Nonetheless, the use of cloud-based services can affect the consumer's ability to meet its discovery obligations in a cost-effective and accurate manner.
For example, the consumer will not have the same knowledge of the workings of the cloud service as it would typically have of its own networks, potentially resulting in slower and more costly discovery, with a higher risk of errors. As another example, a lack of direct access to the cloud hardware coupled with the transitory nature of most cloud services may make preserving and collecting forensic information challenging.
To Continue Reading: Click Here
----------------------------------------------
Source: itbusiness.ca
By: Nolan Goldberg
Monday, July 20, 2009
Can Cloud Defend Against DDoS Attacks?
If you've been thinking about moving your applications into the cloud but weren't sure how to best justify the investment, you can probably thank the North Koreans for helping to write your business case.
The distributed denial of service (DDoS) attacks - allegedly instigated by North Korea or its backers - that disrupted service for many federal agencies this month were successful because most of these agencies still publish web content on small, easily-saturated network links. Take a look at the two federal offices that were able to sustain the attack for the duration without loss of service - the websites for the White House and the Defense Department. It's no mystery that the White House site sits on servers hosted by Akamai, a distributed content delivery network that provides geo-centric services for content delivery. This means that a person accessing whitehouse.gov from San Francisco will talk to different servers than someone in Washington. The Akamai content network effectively load balances traffic, and this design was likely a key reason the White House wasn't affected by the attacks.
While the definition of cloud computing is still under development, I consider Akamai to be truly one of the original architects of the cloud computing model (although you won't find their site emblazoned with cloud computing marketing 'hype').
The capability that helped the White House fend off these attacks is closely related to another networking concept -- Anycast networking. Anycast is a concept that allows the same content to be served from different physical and geographic locations. This is at the heart of the denial of service problem. When an attacker directs an army of rogue computers at a target website, the hosts are in different locations, but their collective traffic is aggregated to overwhelm the target. However, if each bot in this group talks to a different server depending on its physical location, then you can reduce the overall effectiveness of the mob. This is an effective divide-and-conquer strategy that can help address the problem of DDoS attacks.
To Continue Reading: Click Here
----------------------------------------------
Source: blogs.govinfosecurity.com
By: Eric M. Fiterman
The distributed denial of service (DDoS) attacks - allegedly instigated by North Korea or its backers - that disrupted service for many federal agencies this month were successful because most of these agencies still publish web content on small, easily-saturated network links. Take a look at the two federal offices that were able to sustain the attack for the duration without loss of service - the websites for the White House and the Defense Department. It's no mystery that the White House site sits on servers hosted by Akamai, a distributed content delivery network that provides geo-centric services for content delivery. This means that a person accessing whitehouse.gov from San Francisco will talk to different servers than someone in Washington. The Akamai content network effectively load balances traffic, and this design was likely a key reason the White House wasn't affected by the attacks.
While the definition of cloud computing is still under development, I consider Akamai to be truly one of the original architects of the cloud computing model (although you won't find their site emblazoned with cloud computing marketing 'hype').
The capability that helped the White House fend off these attacks is closely related to another networking concept -- Anycast networking. Anycast is a concept that allows the same content to be served from different physical and geographic locations. This is at the heart of the denial of service problem. When an attacker directs an army of rogue computers at a target website, the hosts are in different locations, but their collective traffic is aggregated to overwhelm the target. However, if each bot in this group talks to a different server depending on its physical location, then you can reduce the overall effectiveness of the mob. This is an effective divide-and-conquer strategy that can help address the problem of DDoS attacks.
To Continue Reading: Click Here
----------------------------------------------
Source: blogs.govinfosecurity.com
By: Eric M. Fiterman
Basi-Virk: Court orders disclosure of Gordon Campbell's emails
BC Supreme Court Justice Elizabeth Bennett has ruled that the emails of Premier Gordon Campbell, most cabinet ministers and political staff are "likely relevant" to the defence in the Basi-Virk case and ordered they be disclosed to the defence.
The precedent-setting ruling will see for the first time the emails of a sitting premier turned over to defence lawyers for three former BC government aides facing corruption charges connected to the $1 billion sale of BC Rail in 2003.
But it remains unclear whether those emails still exist. It was learned last week that backup tapes still existed in early May 2009 but a government order was issued to destroy them. The tapes were sent to an outside contractor for disposal. EDS Advanced Solutions was sent the tapes but it is not known yet if the order to destroy them was completed.
Defence lawyer Michael Bolton, representing David Basi, said Bennett's decision was extremely important.
"This may be the most critical ruling in this case," Bolton said. "It's virtually unprecedented."
To Continue Reading: Click Here
----------------------------------------------
Source: thetyee.ca
By: Bill Tieleman
The precedent-setting ruling will see for the first time the emails of a sitting premier turned over to defence lawyers for three former BC government aides facing corruption charges connected to the $1 billion sale of BC Rail in 2003.
But it remains unclear whether those emails still exist. It was learned last week that backup tapes still existed in early May 2009 but a government order was issued to destroy them. The tapes were sent to an outside contractor for disposal. EDS Advanced Solutions was sent the tapes but it is not known yet if the order to destroy them was completed.
Defence lawyer Michael Bolton, representing David Basi, said Bennett's decision was extremely important.
"This may be the most critical ruling in this case," Bolton said. "It's virtually unprecedented."
To Continue Reading: Click Here
----------------------------------------------
Source: thetyee.ca
By: Bill Tieleman
U.S. Agencies Think About Establishing Cloud Nodes
Tim Grance, program manager for cyber and network security at National Institute of Standards, says standards are essential to cloud computing. And among those standards must be additional standards for moving virtual machines from cloud to cloud, something we still lack.
Grance is one of the federal government's thought leaders on cloud computing. He and Peter Mell, chief scientist at NIST, together author papers on what cloud computing is about and what it requires. A number of federal agencies, such as the Defense Information Systems Agency, NASA and the General Services Administration, are beginning to think in terms of each on owning a node in the cloud, built to a common standard, which would become part of a general cloud infrastructure--Uncle Sam's Cirrus or Cirrocumulus.
This actually a brilliant idea, one that may anticipate where computing is going and provide a model for it ahead of what any private enterprise could do by itself. The Federal government spends $70-$80 billion on IT each year, says Grance. It should do so in a way that best serves its citizens. He is not advocating that the federal government impose cloud standards on the rest of the economy--quite the contrary.
Rather, he thinks federal agencies, such as NIST, must steer a debate over a minimal, reference cloud implementation, and let critics fight it out over the effectiveness of that implementation. If a better cloud architecture emerges, it will speed cloud adoption throughout the economy.
"One of our key metaphors around here is a reference implementation--create a common vocabulary around a reference implementation," he said. If the reference implementation proves itself and passes muster, then federal agencies could proceed, each with its own full implementation. The reference implementation would assure that what worked in one agency's cloud would probably work in another's, even if all the details weren't the same.
Somewhere down the road, the whole federal Cirrocumulus would be greater than the sum of its parts.
Grance declined to take too many sharply defined stands on what a reference implementation should look like, as if he had lots of experience with well meaning, government scientists colliding with the buzz saw of private commercial interests. It will be through a partnership of public and private interests that the federal government gets into cloud computing, although he acknowledged $70-$80 billion of IT spending lining up behind the same standards and options helps insure those alternatives get produced. In addition, he doesn't see either an open source cloud or a heavily proprietary model. "We embrace use of both proprietary and open source software. We try not to take a public stand on which is better," he said.
To Continue Reading: Click Here
----------------------------------------------
Source: Informationweek
By: Charles Babcock
Grance is one of the federal government's thought leaders on cloud computing. He and Peter Mell, chief scientist at NIST, together author papers on what cloud computing is about and what it requires. A number of federal agencies, such as the Defense Information Systems Agency, NASA and the General Services Administration, are beginning to think in terms of each on owning a node in the cloud, built to a common standard, which would become part of a general cloud infrastructure--Uncle Sam's Cirrus or Cirrocumulus.
This actually a brilliant idea, one that may anticipate where computing is going and provide a model for it ahead of what any private enterprise could do by itself. The Federal government spends $70-$80 billion on IT each year, says Grance. It should do so in a way that best serves its citizens. He is not advocating that the federal government impose cloud standards on the rest of the economy--quite the contrary.
Rather, he thinks federal agencies, such as NIST, must steer a debate over a minimal, reference cloud implementation, and let critics fight it out over the effectiveness of that implementation. If a better cloud architecture emerges, it will speed cloud adoption throughout the economy.
"One of our key metaphors around here is a reference implementation--create a common vocabulary around a reference implementation," he said. If the reference implementation proves itself and passes muster, then federal agencies could proceed, each with its own full implementation. The reference implementation would assure that what worked in one agency's cloud would probably work in another's, even if all the details weren't the same.
Somewhere down the road, the whole federal Cirrocumulus would be greater than the sum of its parts.
Grance declined to take too many sharply defined stands on what a reference implementation should look like, as if he had lots of experience with well meaning, government scientists colliding with the buzz saw of private commercial interests. It will be through a partnership of public and private interests that the federal government gets into cloud computing, although he acknowledged $70-$80 billion of IT spending lining up behind the same standards and options helps insure those alternatives get produced. In addition, he doesn't see either an open source cloud or a heavily proprietary model. "We embrace use of both proprietary and open source software. We try not to take a public stand on which is better," he said.
To Continue Reading: Click Here
----------------------------------------------
Source: Informationweek
By: Charles Babcock
Sunday, July 19, 2009
The Trouble With Discovery of ESI Abroad
Globalization and the growing mountain of electronically stored information inevitably will lead to an increase in discovery requests for ESI located abroad. Companies are meeting the challenge of globalization by creating networks of electronic data that allow employees around the world to connect to the same set of data no matter where it is located.
But no consistent methodology exists for U.S. courts to evaluate whether discovery of ESI abroad is appropriate, and if so, the consequences for not complying with a discovery order.
Although international discovery is not a new problem, global companies, the growth of international data infrastructures and the explosion of ESI will bring the issues of e-discovery to the forefront of international litigation. Courts will be faced with comity considerations and issues related to the burden and cost of e-discovery, as well as complex international data protection laws.
In much of the world, countries have adopted legislation that protects the privacy of electronic information. These laws may prohibit the electronic transmission of information across borders, without the express consent of the subject of the communication. In many jurisdictions (notably, many countries in the European Union, which has adopted the EU Privacy Directive), it may be impossible to obtain the consent of employees; such consent often is considered to be inherently coerced due to the subordinate nature of the employee relationship.
The increase in globalization and ESI have led to legislation in some countries to protect the disclosure of certain information. Some of this legislation specifically has targeted the protection against production of data for litigation. A party seeking protection against compelled discovery, relying on the basis that foreign law bars the production, has the burden of proving that the foreign law actually prohibits production of the data at issue.
To Continue Reading: Click Here
---------------------------------------------
Source: law.com
By: Brett Tarr
But no consistent methodology exists for U.S. courts to evaluate whether discovery of ESI abroad is appropriate, and if so, the consequences for not complying with a discovery order.
Although international discovery is not a new problem, global companies, the growth of international data infrastructures and the explosion of ESI will bring the issues of e-discovery to the forefront of international litigation. Courts will be faced with comity considerations and issues related to the burden and cost of e-discovery, as well as complex international data protection laws.
In much of the world, countries have adopted legislation that protects the privacy of electronic information. These laws may prohibit the electronic transmission of information across borders, without the express consent of the subject of the communication. In many jurisdictions (notably, many countries in the European Union, which has adopted the EU Privacy Directive), it may be impossible to obtain the consent of employees; such consent often is considered to be inherently coerced due to the subordinate nature of the employee relationship.
The increase in globalization and ESI have led to legislation in some countries to protect the disclosure of certain information. Some of this legislation specifically has targeted the protection against production of data for litigation. A party seeking protection against compelled discovery, relying on the basis that foreign law bars the production, has the burden of proving that the foreign law actually prohibits production of the data at issue.
To Continue Reading: Click Here
---------------------------------------------
Source: law.com
By: Brett Tarr
Friday, July 17, 2009
A Closer Look at Calif. E-Discovery Law
On June 29, in the midst of the state's budget crisis, Gov. Arnold Schwarzenegger quietly signed into law the Electronic Discovery Act (Assembly Bill 5), which enacts comprehensive electronic discovery rules through amendments to the California Code of Civil Procedure. Because the Legislature deemed it urgent legislation, it is effective immediately.
Almost identical legislation passed the California Legislature unanimously in 2008, but Schwarzenegger vetoed it -- not based on any opposition on its merits, but rather because at that time the governor was vetoing all bills he considered nonpriority during the state's 2008 budget crisis.
Although the legislation largely follows the 2006 e-discovery amendments to the Federal Rules of Civil Procedure, it differs somewhat in its treatment of inaccessible information and in its safe harbor for lost information.
EXPRESSLY PERMITS DISCOVERY OF ESI
The legislation expressly permits discovery of electronically stored information and provides that parties may demand copying, testing, sampling or inspection of such information. See CCP §2031.010(a), (e). In doing so, it recognizes that almost all cases to some extent or another now involve electronic discovery. This should not be surprising, as by some estimates more than 90 percent of all information generated today is in digital form and approximately 70 percent of that information is never reduced to hard copy.
PERMITS DISCOVERY OF 'INACCESSIBLE INFORMATION'
The legislation permits parties to seek discovery of electronically stored information that is from a source that is not reasonably accessible because of undue burden or expense (for example, backup tapes). Unlike under the federal rules, the burden is on the responding party in the first instance to bring a motion for a protective order or to make written objections to such a request.
To Continue Reading: Click Here
---------------------------------------------
Source: law.com
By: Gareth T. Evans
Almost identical legislation passed the California Legislature unanimously in 2008, but Schwarzenegger vetoed it -- not based on any opposition on its merits, but rather because at that time the governor was vetoing all bills he considered nonpriority during the state's 2008 budget crisis.
Although the legislation largely follows the 2006 e-discovery amendments to the Federal Rules of Civil Procedure, it differs somewhat in its treatment of inaccessible information and in its safe harbor for lost information.
EXPRESSLY PERMITS DISCOVERY OF ESI
The legislation expressly permits discovery of electronically stored information and provides that parties may demand copying, testing, sampling or inspection of such information. See CCP §2031.010(a), (e). In doing so, it recognizes that almost all cases to some extent or another now involve electronic discovery. This should not be surprising, as by some estimates more than 90 percent of all information generated today is in digital form and approximately 70 percent of that information is never reduced to hard copy.
PERMITS DISCOVERY OF 'INACCESSIBLE INFORMATION'
The legislation permits parties to seek discovery of electronically stored information that is from a source that is not reasonably accessible because of undue burden or expense (for example, backup tapes). Unlike under the federal rules, the burden is on the responding party in the first instance to bring a motion for a protective order or to make written objections to such a request.
To Continue Reading: Click Here
---------------------------------------------
Source: law.com
By: Gareth T. Evans
Nagin administration dumps e-mail search experts
In the latest twist in a bizarre soap opera, Mayor Ray Nagin's administration has fired a team of technology experts that drew the mayor's ire recently after they claimed that Nagin's missing e-mail messages were intentionally removed by someone with high-level access to the computer system.
Meanwhile, a Virginia firm that specializes in recovering electronic data has been hired by the city to continue searching for the messages.
Louisiana Technology Council President Mark Lewis said Thursday that he learned from WDSU-TV that his contract with the city has been terminated. Lewis, who said he last met with administration officials on July 6, said his repeated efforts to contact city officials by e-mail and phone during the past 10 days have been unsuccessful.
"They put us on hold, " Lewis said, referring to a recent sit-down he had with Harrison Boyd, the city's interim technology director, and his staff regarding the tech team's investigation into lost e-mail messages.
"They said they wanted to review our written report and get back to us on the results of our findings, " he said. "But we never heard from them."
Earlier this month, Lewis and an associate held a news conference, saying their review found that a tech-savvy person had intentionally removed the mayor's e-mail inbox from the server months earlier. Nagin lashed out at the nonprofit group the next day, arguing that assigning blame "is not their charge."
Nagin also suggested that the technology council was eager for "15 minutes of fame, " but also was in over its head. "I just hope that this is not a case where . . . we did not get the company with the expertise that we needed, " the mayor said.
To Continue Reading: Click Here
---------------------------------------------
Source: nola.com
By: Frank Donze
Meanwhile, a Virginia firm that specializes in recovering electronic data has been hired by the city to continue searching for the messages.
Louisiana Technology Council President Mark Lewis said Thursday that he learned from WDSU-TV that his contract with the city has been terminated. Lewis, who said he last met with administration officials on July 6, said his repeated efforts to contact city officials by e-mail and phone during the past 10 days have been unsuccessful.
"They put us on hold, " Lewis said, referring to a recent sit-down he had with Harrison Boyd, the city's interim technology director, and his staff regarding the tech team's investigation into lost e-mail messages.
"They said they wanted to review our written report and get back to us on the results of our findings, " he said. "But we never heard from them."
Earlier this month, Lewis and an associate held a news conference, saying their review found that a tech-savvy person had intentionally removed the mayor's e-mail inbox from the server months earlier. Nagin lashed out at the nonprofit group the next day, arguing that assigning blame "is not their charge."
Nagin also suggested that the technology council was eager for "15 minutes of fame, " but also was in over its head. "I just hope that this is not a case where . . . we did not get the company with the expertise that we needed, " the mayor said.
To Continue Reading: Click Here
---------------------------------------------
Source: nola.com
By: Frank Donze
Google's Personalized Search Challenged By Patent Lawsuit
A lawsuit filed on Thursday claims that iGoogle and other Google search personalization efforts rely on patented technology.
Google (NSDQ: GOOG) is being sued for allegedly infringing on search engine personalization patents owned by Personalized User Model (PUM), a Texas partnership based in New York.
The lawsuit was filed on Thursday in a U.S. district court in Delaware.
Google has not yet been served with the lawsuit. Attorney Marc S. Friedman of Sonnenschein Nath & Rosenthal, the law firm representing PUM, said that will happen on Friday.
"Google is being sued for patent infringement for one reason -- it is using PUM's technology and has benefited greatly from it," said Roy Twersky, an owner of PUM and one of the original inventors, in a statement.
Twersky and his co-inventors, Yochai Konig and Michael Berthold, were issued related search patents in 2005 and 2008 covering search personalization. The 2008 patent is an expansion on the 2005 patent, "Automatic, personalized online information and product services."
According to a spokesperson for Sonnenschein Nath & Rosenthal, Google knew about the 2005 PUM patent because a personalization patent that it filed in 2003 was rejected. The 2005 PUM patent, filed in 2000, was being examined at that time. That's why the lawsuit alleges willful infringement, a charge that brings higher damages.
Twersky and Konig now work at a San Francisco-based speech recognition and Click Here
---------------------------------------------
Source: informationweek.com
By: Thomas Claburn
Google (NSDQ: GOOG) is being sued for allegedly infringing on search engine personalization patents owned by Personalized User Model (PUM), a Texas partnership based in New York.
The lawsuit was filed on Thursday in a U.S. district court in Delaware.
Google has not yet been served with the lawsuit. Attorney Marc S. Friedman of Sonnenschein Nath & Rosenthal, the law firm representing PUM, said that will happen on Friday.
"Google is being sued for patent infringement for one reason -- it is using PUM's technology and has benefited greatly from it," said Roy Twersky, an owner of PUM and one of the original inventors, in a statement.
Twersky and his co-inventors, Yochai Konig and Michael Berthold, were issued related search patents in 2005 and 2008 covering search personalization. The 2008 patent is an expansion on the 2005 patent, "Automatic, personalized online information and product services."
According to a spokesperson for Sonnenschein Nath & Rosenthal, Google knew about the 2005 PUM patent because a personalization patent that it filed in 2003 was rejected. The 2005 PUM patent, filed in 2000, was being examined at that time. That's why the lawsuit alleges willful infringement, a charge that brings higher damages.
Twersky and Konig now work at a San Francisco-based speech recognition and Click Here
---------------------------------------------
Source: informationweek.com
By: Thomas Claburn
Thursday, July 16, 2009
Court Orders Adverse Inference for Spoliation of CEO's Data but Finds No Obligation to Preserve Relevant Data of Third Party Consultants
Goodman v. Praxair Servs., Inc., 2009 WL 1955805 (D. Md. July 7, 2009)
In this case arising from a claim for breach of contract, plaintiff Goodman alleged that defendant Praxair Services, Inc. (formerly Tracer) (“Tracer/PSI”) spoliated relevant data and was deserving of sanctions. Specifically, Goodman alleged that Tracer/PSI violated is duty to preserve when it failed to implement a litigation hold resulting in a significant loss of data, including the contents of relevant hard drives and emails, and where its CEO deliberately deleted data, among other things. Goodman also sought sanctions for the spoliation of Tracer/PSI’s third-party consultants’ files. The court granted in part and denied in part Goodman’s motion and ordered an adverse inference against Tracer/PSI.
Disagreement arose as to Goodman’s payment for his participation in a project to waive testing requirements for certain of Tracer/PSI’s products. The dispute revolved around who was responsible for the success of the project, Goodman, or other third-party consultants. Litigation ensued. Goodman suspected that Tracer/PSI failed to preserve relevant evidence and filed a motion for sanctions. The court’s opinion established the following facts:
• Tracer/PSI failed to institute a litigation hold;
• The hard drives of two “key players” and 43 other hard drives were replaced following Praxair Services acquisition of Tracer, despite a duty to preserve;
• Potentially relevant emails were deleted by Tracer’s CEO;
• Tracer’s email systems were “taken off line” in the conversion to Lotus Notes following Praxair’s acquisition of Tracer and no effort was undertaken to search for relevant emails on disaster recovery back up tapes;
• The hard drive of Tracer’s CEO was re-imaged without preserving the relevant data thereon; and
• The working papers of Tracer/PSI’s third-party consultants were not preserved, among other things.
The court established the three elements a party seeking spoliation sanctions must prove: 1) the party controlling the evidence had a duty to preserve it, 2) the destruction of the evidence was accompanied by a “culpable stated of mind”, and 3) the evidence was relevant to the party’s claims or defenses.
To Continue Reading: Click Here
---------------------------------------------
Source: ediscoverylaw.com
In this case arising from a claim for breach of contract, plaintiff Goodman alleged that defendant Praxair Services, Inc. (formerly Tracer) (“Tracer/PSI”) spoliated relevant data and was deserving of sanctions. Specifically, Goodman alleged that Tracer/PSI violated is duty to preserve when it failed to implement a litigation hold resulting in a significant loss of data, including the contents of relevant hard drives and emails, and where its CEO deliberately deleted data, among other things. Goodman also sought sanctions for the spoliation of Tracer/PSI’s third-party consultants’ files. The court granted in part and denied in part Goodman’s motion and ordered an adverse inference against Tracer/PSI.
Disagreement arose as to Goodman’s payment for his participation in a project to waive testing requirements for certain of Tracer/PSI’s products. The dispute revolved around who was responsible for the success of the project, Goodman, or other third-party consultants. Litigation ensued. Goodman suspected that Tracer/PSI failed to preserve relevant evidence and filed a motion for sanctions. The court’s opinion established the following facts:
• Tracer/PSI failed to institute a litigation hold;
• The hard drives of two “key players” and 43 other hard drives were replaced following Praxair Services acquisition of Tracer, despite a duty to preserve;
• Potentially relevant emails were deleted by Tracer’s CEO;
• Tracer’s email systems were “taken off line” in the conversion to Lotus Notes following Praxair’s acquisition of Tracer and no effort was undertaken to search for relevant emails on disaster recovery back up tapes;
• The hard drive of Tracer’s CEO was re-imaged without preserving the relevant data thereon; and
• The working papers of Tracer/PSI’s third-party consultants were not preserved, among other things.
The court established the three elements a party seeking spoliation sanctions must prove: 1) the party controlling the evidence had a duty to preserve it, 2) the destruction of the evidence was accompanied by a “culpable stated of mind”, and 3) the evidence was relevant to the party’s claims or defenses.
To Continue Reading: Click Here
---------------------------------------------
Source: ediscoverylaw.com
McKinnon hacking case relies on hearsay - internal CPS document
Evidence supplied by the US authorities to the UK to support legal proceedings against Pentagon Hacker, Gary McKinnon, relies on hearsay and may be impossible to prove in court, according to an internal Crown Prosecution Service document.
The document obtained by Computer Weekly calls into question the forensic evidence supplied by the US to link McKinnon to hacked US military systems. It casts doubt on claims that McKinnon's activities damaged thousands of US military computers.
The document, Review Note 3 - 26 February 2009, was complied by Russell Tyner, lawyer for the CPS's Organised Crime division for the Department of Public Prosectutions.
The DPP used the review to support its decision of 26 February not to prosecute McKinnon in the UK. It concluded that there was not enough evidence.
The document highlights a series of gaps in the evidence supplied by the US to the UK, to support McKinnon's prosecution.
To Continue Reading: Click Here
---------------------------------------------
Source: computerweekly.com
By: Mark Ballard
The document obtained by Computer Weekly calls into question the forensic evidence supplied by the US to link McKinnon to hacked US military systems. It casts doubt on claims that McKinnon's activities damaged thousands of US military computers.
The document, Review Note 3 - 26 February 2009, was complied by Russell Tyner, lawyer for the CPS's Organised Crime division for the Department of Public Prosectutions.
The DPP used the review to support its decision of 26 February not to prosecute McKinnon in the UK. It concluded that there was not enough evidence.
The document highlights a series of gaps in the evidence supplied by the US to the UK, to support McKinnon's prosecution.
To Continue Reading: Click Here
---------------------------------------------
Source: computerweekly.com
By: Mark Ballard
Destruction of e-mail records puts heat on B.C. Premier
Tapes containing the e-mail correspondence of B.C. Premier Gordon Campbell and members of his cabinet that lawyers in a government corruption trial have insisted are critical to the defence of their clients were ordered destroyed in early May, The Globe and Mail has learned.
According to several sources, the person responsible for managing the government e-mail delivery service has filed an affidavit in court that contains the potentially politically explosive information.
In her affidavit, Rosemarie Hayes, director of Messaging and Collaboration Services, Workplace Technology Services (WTS), states that at the beginning of May of this year, her department requested that backup tapes of government e-mails created prior to May of 2004 be expunged from the system. The e-mails are the subject of a legal proceeding and as such should not have been deleted, according to the government's own guidelines.
The affidavit apparently does not say who gave the order to kill the electronic records or why.
Ms. Hayes did not return a call from The Globe and Mail requesting to speak about the contents of her affidavit.
To Continue Reading: Click Here
---------------------------------------------
Source: theglobeandmail.com
By: Gary Mason
According to several sources, the person responsible for managing the government e-mail delivery service has filed an affidavit in court that contains the potentially politically explosive information.
In her affidavit, Rosemarie Hayes, director of Messaging and Collaboration Services, Workplace Technology Services (WTS), states that at the beginning of May of this year, her department requested that backup tapes of government e-mails created prior to May of 2004 be expunged from the system. The e-mails are the subject of a legal proceeding and as such should not have been deleted, according to the government's own guidelines.
The affidavit apparently does not say who gave the order to kill the electronic records or why.
Ms. Hayes did not return a call from The Globe and Mail requesting to speak about the contents of her affidavit.
To Continue Reading: Click Here
---------------------------------------------
Source: theglobeandmail.com
By: Gary Mason
Wednesday, July 15, 2009
Miami Man Guilty Of Hacking
A Miami man has been sentenced to a year and a day in federal prison after pleading guilty to computer fraud.
Lesmany Nunez, 30, was also ordered, on his release from prison, to serve three years of supervised release, with a special condition that he perform 100 hours of community service by lecturing young people on the implications of hacking into other people’s computers and networks. Nunez was also ordered to pay $31,560 in restitution.
According to the pleadings and in-court statements, Nunez was a former computer support technician at Quantum Technology Partners (QTP), located in Miami-Dade County. QTP provides data storage, email communication and scheduling for their client companies.
Late one Friday night, Nunez remotely accessed QTP’s network without authorization, using an administrator account and password. After changing the passwords of all of the IT system administrators, Nunez shut down almost all of their servers. Nunez also deleted files which would have made the re-installation of data from backup tapes easier and less time consuming. In so doing, QTP and their clients could not perform their normal business functions for a number of days.
To Continue Reading: Click Here
---------------------------------------------
Source: northcountrygazette.com
Lesmany Nunez, 30, was also ordered, on his release from prison, to serve three years of supervised release, with a special condition that he perform 100 hours of community service by lecturing young people on the implications of hacking into other people’s computers and networks. Nunez was also ordered to pay $31,560 in restitution.
According to the pleadings and in-court statements, Nunez was a former computer support technician at Quantum Technology Partners (QTP), located in Miami-Dade County. QTP provides data storage, email communication and scheduling for their client companies.
Late one Friday night, Nunez remotely accessed QTP’s network without authorization, using an administrator account and password. After changing the passwords of all of the IT system administrators, Nunez shut down almost all of their servers. Nunez also deleted files which would have made the re-installation of data from backup tapes easier and less time consuming. In so doing, QTP and their clients could not perform their normal business functions for a number of days.
To Continue Reading: Click Here
---------------------------------------------
Source: northcountrygazette.com
'Textual Harassment' No Laughing Matter
"Textual harassment" is nothing to LOL about, warn employment lawyers.
Attorneys say that text messaging in the workplace is turning into a growing liability for employers, which are landing in court over inappropriate and offensive texts that are popping up on employees' cell phones.
Perhaps the biggest culprits, they note, are male bosses who are sending scandalous text messages to female employees, asking them out on dates or promising promotions in exchange for sexual favors. These texts are explosive evidence in lawsuits, they said, and pretty tough to dispute.
"We're actually seeing it happening ... lawsuits are being filed, where an employee will testify that one of the means that they were harassed by someone was through text messages," said Clint Robison of the Los Angeles office of Chicago's Hinshaw & Culbertson, who is handling several textual harassment lawsuits on behalf of employers. "[Text messages] come up in pure harassment claims and wrongful termination lawsuits, where employees are being deposed and saying, 'Well, I can prove [harassment] because the dinner date invitation from by boss was sent to me by my boss late at night.'"
Robison is currently handling four lawsuits in which employees are suing their employers over inappropriate texting at work. Two cases involve female workers who allege their supervisors harassed them by sending them inappropriate text messages, hinting at promotions in exchange for sexual favors. Another involves co-workers creating a hostile work environment by exchanging messages back and forth that another employee found offensive.
To Continue Reading: Click Here
---------------------------------------------
Source: law.com
By: Tresa Baldas
Attorneys say that text messaging in the workplace is turning into a growing liability for employers, which are landing in court over inappropriate and offensive texts that are popping up on employees' cell phones.
Perhaps the biggest culprits, they note, are male bosses who are sending scandalous text messages to female employees, asking them out on dates or promising promotions in exchange for sexual favors. These texts are explosive evidence in lawsuits, they said, and pretty tough to dispute.
"We're actually seeing it happening ... lawsuits are being filed, where an employee will testify that one of the means that they were harassed by someone was through text messages," said Clint Robison of the Los Angeles office of Chicago's Hinshaw & Culbertson, who is handling several textual harassment lawsuits on behalf of employers. "[Text messages] come up in pure harassment claims and wrongful termination lawsuits, where employees are being deposed and saying, 'Well, I can prove [harassment] because the dinner date invitation from by boss was sent to me by my boss late at night.'"
Robison is currently handling four lawsuits in which employees are suing their employers over inappropriate texting at work. Two cases involve female workers who allege their supervisors harassed them by sending them inappropriate text messages, hinting at promotions in exchange for sexual favors. Another involves co-workers creating a hostile work environment by exchanging messages back and forth that another employee found offensive.
To Continue Reading: Click Here
---------------------------------------------
Source: law.com
By: Tresa Baldas
Tuesday, July 14, 2009
UBS Charges 3 Ex-Employees With Code Theft
Goldman Sachs is not the only Wall Street firm taking an ex-employee to court with the charge of theft of trade secrets in the form of valuable, proprietary trading code.
Swiss bank UBS AG confirmed Monday that it filed papers in March charging three ex-employees with “misappropriation of trade secrets.” The “misappropriation” included 25,000 lines of source code used in UBS’s “trade secret algorithmic trading programs,” according to documents submitted with the New York State Supreme Court.
The bank is charging three former employees in the firm’s algorithmic trading group of having “collectively coordinated and planned together” to move to new jobs at New York-based Jefferies & Company while still technically in the employee of UBS, taking with them UBS trade secrets, breaching their employment contracts and fiduciary duties and resulting in unfair competition.
The three charged are: Jatin Suryawanshi, the former managing director and head of the unit; Partha Sarkar, an executive director and Sanjay Girdhar, a group director. In June, Jefferies publicly announced that Saryawanshi had joined the firm as a managing director and head of its global quantitative strategies trading unit while Sarkar and Girdhar had joined the unit as senior vice presidents.
To Continue Reading: Click Here
---------------------------------------------
Source: securitiesindustry.com
By: Katherine Heires
Swiss bank UBS AG confirmed Monday that it filed papers in March charging three ex-employees with “misappropriation of trade secrets.” The “misappropriation” included 25,000 lines of source code used in UBS’s “trade secret algorithmic trading programs,” according to documents submitted with the New York State Supreme Court.
The bank is charging three former employees in the firm’s algorithmic trading group of having “collectively coordinated and planned together” to move to new jobs at New York-based Jefferies & Company while still technically in the employee of UBS, taking with them UBS trade secrets, breaching their employment contracts and fiduciary duties and resulting in unfair competition.
The three charged are: Jatin Suryawanshi, the former managing director and head of the unit; Partha Sarkar, an executive director and Sanjay Girdhar, a group director. In June, Jefferies publicly announced that Saryawanshi had joined the firm as a managing director and head of its global quantitative strategies trading unit while Sarkar and Girdhar had joined the unit as senior vice presidents.
To Continue Reading: Click Here
---------------------------------------------
Source: securitiesindustry.com
By: Katherine Heires
Interesting Facts About Data Loss
It’s often been said that the best day to start a diet is TOMORROW. Too often, data protection is seen in the same light.
Given that your hard drive has about a 1 in 10 chance of failing this year, I thought it would be interesting to take a look at some of the leading causes of critical data loss, and what you can do to protect yourself.
Hardware Malfunctions:
Have you ever gotten an error message stating that your storage device wasn’t recognized, or heard a rattling noise come out from your hard drive? Physical crashes can be the result of faulty circuits, electrical problems, or the reader head crashing into the plate of your hard drive.
These can usually be prevented by using surge protectors, and making sure not to bang your computer around too much.
Physical media failure isn’t just limited to hard drives either. Backup tapes, DVDs, and even USB sticks can become damaged. When this happens, you usually won’t find out until you need to perform an emergency recovery.
To Continue Reading: Click Here
---------------------------------------------
Source: net4now.com
Given that your hard drive has about a 1 in 10 chance of failing this year, I thought it would be interesting to take a look at some of the leading causes of critical data loss, and what you can do to protect yourself.
Hardware Malfunctions:
Have you ever gotten an error message stating that your storage device wasn’t recognized, or heard a rattling noise come out from your hard drive? Physical crashes can be the result of faulty circuits, electrical problems, or the reader head crashing into the plate of your hard drive.
These can usually be prevented by using surge protectors, and making sure not to bang your computer around too much.
Physical media failure isn’t just limited to hard drives either. Backup tapes, DVDs, and even USB sticks can become damaged. When this happens, you usually won’t find out until you need to perform an emergency recovery.
To Continue Reading: Click Here
---------------------------------------------
Source: net4now.com
The frustrations of e-discovery
As escalating volumes and types of information drive swelling e-discovery costs, many firms are exploring how information retrieval technology can support critical steps in the e-discovery process. Manually reviewing documents represents the largest direct cost associated with e-discovery. To control this expense and mitigate legal risk, businesses are re-examining strategies, processes and technology investments.
Currently, few companies report having a holistic approach to e-discovery. Forrester’s research suggests just 23 per cent have an end-to-end approach to gather and filter data. And two-thirds consider their e-discovery strategy reactive rather than proactive.
We asked if firms were confident that, if challenged, their organisation could demonstrate that its electronically stored information was accurate, accessible and trustworthy. Fewer than one in five was very confident.
Several factors account for this lack of confidence. These include large and growing volumes of content; diverse applications, tools, and file types; undocumented, disorganised data architectures; increased litigation and rapidly changing case law; and a fragmented vendor ecosystem.
Although a variety of electronically stored information can be relevant to e-discovery, most litigation to date has focused on email, loose files, and employee desktops. Other content types will become increasingly important for e-discovery.
To Continue Reading: Click Here
---------------------------------------------
Source: forrester.computing.co.uk
By: Brian Hill
Currently, few companies report having a holistic approach to e-discovery. Forrester’s research suggests just 23 per cent have an end-to-end approach to gather and filter data. And two-thirds consider their e-discovery strategy reactive rather than proactive.
We asked if firms were confident that, if challenged, their organisation could demonstrate that its electronically stored information was accurate, accessible and trustworthy. Fewer than one in five was very confident.
Several factors account for this lack of confidence. These include large and growing volumes of content; diverse applications, tools, and file types; undocumented, disorganised data architectures; increased litigation and rapidly changing case law; and a fragmented vendor ecosystem.
Although a variety of electronically stored information can be relevant to e-discovery, most litigation to date has focused on email, loose files, and employee desktops. Other content types will become increasingly important for e-discovery.
To Continue Reading: Click Here
---------------------------------------------
Source: forrester.computing.co.uk
By: Brian Hill
Subscribe to:
Posts (Atom)
