IT managers have been reminded of the importance of respecting software licensing laws and other governance requirements.
Jeremy Holt, editor of a new book from BCS, The Chartered Institute for IT, has warned it is a criminal offence to use more than the number of copies of a software program for which a business is licensed.
He noted that IT has changed businesses in many ways, and it is important to keep up to date with what is required legally.
"It's not just the IT department that need to know this, all managers must be aware of the implications of such things as data protection and health and safety," he stated.
"New developments such as cloud computing and open source also create new legal requirements, often things that people don’t automatically consider."
To Continue Reading: Click Here
--------------------------------------
Source: ashdowngroup.com
By: John Lynes
Wednesday, August 31, 2011
N.Y. Federal Judge Limits Access to Cell Phone Location Data
Judge Nicholas Garaufis, of the U.S. District Court for the Eastern District of New York, has issued on important decision about the ability of the government to obtain cell phone location information.
The case is In the Matter of an Application of the United States of America for an Order Authorizing the Release of Historical Cell-Site Information, No. 10-MC-897, United States District Court, E.D. New York (August 22, 2011).
In this matter, the government sought an order compelling Verizon to disclose location information about a suspected criminal's cell phone for 113 days. Magistrate Judge Orenstein had previously denied the government's application. See In the Matter of an Application of the United States of America for an Order Authorizing the Release of Historical Cell-Site Information, No. 10-MJ-0550, United States District Court, E.D. New York (August 27, 2010). Garaufis had previously granted such orders, but decided to consider "anew the constitutionality of ordering this application in light of recent developments in Fourth Amendment jurisprudence."
The court began its analysis by noting that "cellular service providers have records of the geographic location of almost every American at almost every time of day and night ... What does this mean for ordinary Americans? That at all times, our physical movements are being monitored and recorded, and once the Government can make a showing of less-than-probable-cause, it may obtain these records of our movements, study the map our lives, and learn the many things we reveal about ourselves through our physical presence."
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Joshua Engel
The case is In the Matter of an Application of the United States of America for an Order Authorizing the Release of Historical Cell-Site Information, No. 10-MC-897, United States District Court, E.D. New York (August 22, 2011).
In this matter, the government sought an order compelling Verizon to disclose location information about a suspected criminal's cell phone for 113 days. Magistrate Judge Orenstein had previously denied the government's application. See In the Matter of an Application of the United States of America for an Order Authorizing the Release of Historical Cell-Site Information, No. 10-MJ-0550, United States District Court, E.D. New York (August 27, 2010). Garaufis had previously granted such orders, but decided to consider "anew the constitutionality of ordering this application in light of recent developments in Fourth Amendment jurisprudence."
The court began its analysis by noting that "cellular service providers have records of the geographic location of almost every American at almost every time of day and night ... What does this mean for ordinary Americans? That at all times, our physical movements are being monitored and recorded, and once the Government can make a showing of less-than-probable-cause, it may obtain these records of our movements, study the map our lives, and learn the many things we reveal about ourselves through our physical presence."
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Joshua Engel
Saturday, August 27, 2011
Rise of social media blamed for soaring toll of online libel cases
The number of libel cases in which claimants say they have been defamed online has more than doubled in a year – and the growth of social media may be a cause of the surge, according to new research.
But the total number of defamation cases brought rose by only four per cent, from 83 cases in the year ending May 31 last year to 86 in the 12 months to the end of this May, say the figures, drawn from legal information provider Sweet and Maxwell’s Lawtel and Westlaw UK services.
Experts had predicted that there would be a dramatic jump in online defamation cases following the birth of social networking and micro-blogging sites such as Facebook and Twitter.
Barrister Korieh Duodu, a media specialist with law firm Addleshaw Goddard LLP, said: “Social media tools have over a billion users worldwide and are growing rapidly in popularity.
“Nevertheless, they can present a huge problem for individuals and corporates trying to protect their reputations from harmful user-generated content.
“People who find themselves damaged on social media sites can often find it time-consuming and difficult to have the offending material removed, because many platform providers do not accept responsibility for their users’ content.
To Continue Reading: Click Here
--------------------------------------
Source: yorkshirepost.co.uk
But the total number of defamation cases brought rose by only four per cent, from 83 cases in the year ending May 31 last year to 86 in the 12 months to the end of this May, say the figures, drawn from legal information provider Sweet and Maxwell’s Lawtel and Westlaw UK services.
Experts had predicted that there would be a dramatic jump in online defamation cases following the birth of social networking and micro-blogging sites such as Facebook and Twitter.
Barrister Korieh Duodu, a media specialist with law firm Addleshaw Goddard LLP, said: “Social media tools have over a billion users worldwide and are growing rapidly in popularity.
“Nevertheless, they can present a huge problem for individuals and corporates trying to protect their reputations from harmful user-generated content.
“People who find themselves damaged on social media sites can often find it time-consuming and difficult to have the offending material removed, because many platform providers do not accept responsibility for their users’ content.
To Continue Reading: Click Here
--------------------------------------
Source: yorkshirepost.co.uk
Confronting E-Discovery's 'Ill-Defined Preservation Obligation'
Preservation is far and away the most cited trouble spot of e-discovery. It's an area that can land both the client and the lawyer in hot water and one, lawyers say, is fraught with broad, vague standards.
So should clients simply preserve everything at the first sign litigation may be forthcoming?
"My 3-year-old could give that advice," said David J. Walton, the co-head of Cozen O'Connor's e-discovery task force. "Lawyers have to have the guts to make the tough judgment because if you say preserve everything to a client of any size, it will overwhelm you."
It's one thing to preserve the data and quite another to collect and produce it all, he said.
The 2010 Southern District of New York case Pension Committee of the Montreal Pension Plan v. Banc of America Securities made clear a written litigation hold notice was required by the attorney as well as a continued monitoring of the client's preservation policies. But other courts have come down since Pension Committee and not required written hold notices.
LDiscovery's Leonard Deutchman said a party's duty to preserve begins at the first instance litigation might be expected. Sometimes that is obvious, like when the Deepwater Horizon exploded, there was immediately an expectation that litigation might follow. But it's not always that clear. The duty in an employment discrimination case doesn't begin when the employee files a claim with the EEOC, for example, but as early as when he walks out the day he was fired saying "'you'll hear from my attorney,'" Deutchman said.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Gina Passarella
So should clients simply preserve everything at the first sign litigation may be forthcoming?
"My 3-year-old could give that advice," said David J. Walton, the co-head of Cozen O'Connor's e-discovery task force. "Lawyers have to have the guts to make the tough judgment because if you say preserve everything to a client of any size, it will overwhelm you."
It's one thing to preserve the data and quite another to collect and produce it all, he said.
The 2010 Southern District of New York case Pension Committee of the Montreal Pension Plan v. Banc of America Securities made clear a written litigation hold notice was required by the attorney as well as a continued monitoring of the client's preservation policies. But other courts have come down since Pension Committee and not required written hold notices.
LDiscovery's Leonard Deutchman said a party's duty to preserve begins at the first instance litigation might be expected. Sometimes that is obvious, like when the Deepwater Horizon exploded, there was immediately an expectation that litigation might follow. But it's not always that clear. The duty in an employment discrimination case doesn't begin when the employee files a claim with the EEOC, for example, but as early as when he walks out the day he was fired saying "'you'll hear from my attorney,'" Deutchman said.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Gina Passarella
E-Discovery Lane Change for Trucking Litigation
Even without the recently enacted federal and state rules related to electronic data discovery and case precedent interpreting them, the e-discovery landscape for trucking litigation was poised for a sea change in 2011 with the passage of new safety standards for the industry. With the addition of new messaging systems and trip recorders, electronic control modules and satellite tracking equipment, e-discovery has become a "brave new world" for lawyers bringing suit against a trucking company or defending one against a claim.
In the trucking industry, e-discovery rules can affect the entire gamut of commercial carriers. The safety features and technology used in today's trucks will continue to increase the burden on the e-discovery process in these lawsuits -- as opposed to the process in recent years, when a paper format was more common.
The trucking industry has undergone noteworthy regulatory changes, which have eventuated new e-discovery issues. In 2010, the Federal Motor Carrier Safety Administration (FMCSA) launched the Compliance, Safety, Accountability program to toughen safety requirements for commercial motor carriers. This was done to hold trucking companies to a higher standard, and one result is an enhanced ability to gather data during discovery.
And there are a large number of sources of electronically discoverable information to be found within a trucking company. Most commercial carriers use satellite tracking and monitoring devices on trucks to track loads, trailers, and trucks. This is particularly true of large, national outfits. These satellite systems allow quick communication with drivers, but a lot of the electronic information that is transmitted is discoverable evidence in litigation.
One of the more common examples of these satellite systems would be Qualcomm's computer hardware, which is installed on a tractor truck and communicates with satellites in orbit around the planet. In addition to allowing truckers and dispatchers to send text messages about their trips in quick fashion, these systems also allow drivers to record their driving time and submit driving log information that in the past would have been done via paper logs.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: J. Kent Emison
In the trucking industry, e-discovery rules can affect the entire gamut of commercial carriers. The safety features and technology used in today's trucks will continue to increase the burden on the e-discovery process in these lawsuits -- as opposed to the process in recent years, when a paper format was more common.
The trucking industry has undergone noteworthy regulatory changes, which have eventuated new e-discovery issues. In 2010, the Federal Motor Carrier Safety Administration (FMCSA) launched the Compliance, Safety, Accountability program to toughen safety requirements for commercial motor carriers. This was done to hold trucking companies to a higher standard, and one result is an enhanced ability to gather data during discovery.
And there are a large number of sources of electronically discoverable information to be found within a trucking company. Most commercial carriers use satellite tracking and monitoring devices on trucks to track loads, trailers, and trucks. This is particularly true of large, national outfits. These satellite systems allow quick communication with drivers, but a lot of the electronic information that is transmitted is discoverable evidence in litigation.
One of the more common examples of these satellite systems would be Qualcomm's computer hardware, which is installed on a tractor truck and communicates with satellites in orbit around the planet. In addition to allowing truckers and dispatchers to send text messages about their trips in quick fashion, these systems also allow drivers to record their driving time and submit driving log information that in the past would have been done via paper logs.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: J. Kent Emison
Friday, August 26, 2011
Get With The Social Media Program
Firms that prohibit use of social media are fighting a losing battle, and should instead focus on how to use it compliantly, said attendees at a social media conference in Boston.
At the recent LIMRA and LOMA conference on social media, held in Boston, attendees heard about how to take advantage of social networks and to use the tools compliantly. Still, challenges and confusion exist that are holding back the financial services industry at a time when the tools are becoming even more popular.
Christine Campbell, director of marketing at Socialware, new proprietary research showing that adoption of social networks for business purposes is gaining momentum. She stated that more than 75% of respondents are using LinkedIn (up from 59% last year), more than 50% are using Facebook (up from 50% in 2010), and about 35% are using Twitter (which about doubled in a year’s time.)
The conference covered social media from many angles. Here are five confusing points within the industry that surfaced:
1. Constant compliance changes
James Douglas, senior account executive at Smarsh, shared that their recent survey of broker-dealers and registered investment advisors showed the number one concern of respondents is “new and changing regulations.”
2. New social networks
Douglas highlighted “new communications channels” as the second highest concern. Google+ is a perfect example of a new social network that was released this July that is confusing things even more. Plus, it is putting pressure on the other networks to match new well-received features.
To Continue Reading: Click Here
--------------------------------------
Source: fa-mag.com
By: Mike Byrnes
At the recent LIMRA and LOMA conference on social media, held in Boston, attendees heard about how to take advantage of social networks and to use the tools compliantly. Still, challenges and confusion exist that are holding back the financial services industry at a time when the tools are becoming even more popular.
Christine Campbell, director of marketing at Socialware, new proprietary research showing that adoption of social networks for business purposes is gaining momentum. She stated that more than 75% of respondents are using LinkedIn (up from 59% last year), more than 50% are using Facebook (up from 50% in 2010), and about 35% are using Twitter (which about doubled in a year’s time.)
The conference covered social media from many angles. Here are five confusing points within the industry that surfaced:
1. Constant compliance changes
James Douglas, senior account executive at Smarsh, shared that their recent survey of broker-dealers and registered investment advisors showed the number one concern of respondents is “new and changing regulations.”
2. New social networks
Douglas highlighted “new communications channels” as the second highest concern. Google+ is a perfect example of a new social network that was released this July that is confusing things even more. Plus, it is putting pressure on the other networks to match new well-received features.
To Continue Reading: Click Here
--------------------------------------
Source: fa-mag.com
By: Mike Byrnes
E-Discovery Moves to the Cloud
Electronic discovery is moving to the cloud. This is hardly surprising when one considers the client-focused benefits of cloud computing and the extraordinary market opportunities for vendors.
Let’s look at the numbers. The market for electronic discovery continues to grow with some estimates indicating aggregate software and services revenue growth from over $3 billion in 2010 to in excess of $6 billion by the end of 2013. Within this quickly emerging and expanding market, there is a pronounced increase in the acceptance and availability of cloud based electronic discovery offerings. For the two dozen or so leading vendors in this market, the opportunity is staggering.
In order to put this shift into perspective, I caught up with Bret Laughlin, the Founder and CEO of Orange Legal Technologies. Laughlin began his career in the litigation support market in 1995, when he founded a scanning and coding company. Ten years later, the trend toward electronic discovery was evident to him and other vendors taking the lead.
To Continue Reading: Click Here
--------------------------------------
Source: blogs.forbes.com
By: Ben Kerschberg
Let’s look at the numbers. The market for electronic discovery continues to grow with some estimates indicating aggregate software and services revenue growth from over $3 billion in 2010 to in excess of $6 billion by the end of 2013. Within this quickly emerging and expanding market, there is a pronounced increase in the acceptance and availability of cloud based electronic discovery offerings. For the two dozen or so leading vendors in this market, the opportunity is staggering.
In order to put this shift into perspective, I caught up with Bret Laughlin, the Founder and CEO of Orange Legal Technologies. Laughlin began his career in the litigation support market in 1995, when he founded a scanning and coding company. Ten years later, the trend toward electronic discovery was evident to him and other vendors taking the lead.
To Continue Reading: Click Here
--------------------------------------
Source: blogs.forbes.com
By: Ben Kerschberg
Wednesday, August 24, 2011
Mitigating Risks in the Cloud
A Checklist for Managing Vendor Relationships
Organizations eager to take advantage of cloud computing need to take a step back and consider many critical privacy and security issues, says Feisal Nanji, executive director at the security consulting firm Techumen.
For example, healthcare organizations should insist on the right "to audit pretty much anything within the environment because if [cloud providers] are doing a good job, then they really have nothing to hide," he says in an interview with HealthcareInfoSecurity's Howard Anderson (transcript below).
In the interview, Nanji points out:
• Regarding data control, "We may have to revise our models for establishing trust and consequences in chain of custody and how we provide access and authentication for our key data assets."
• The movement to the cloud means there will be more interactions between software and systems. And that means organizations must "account for the reality that the user in the cloud may more likely be a machine than another person ... This has very profound implications on how identities are provisioned, authenticated and managed."
• "We must have a clear, concise view of how things are administered." Cloud computing clients should demand that their vendors spell out in advance who can access data, then provide access logs and agree to audits, he says.
To Continue Reading: Click Here
--------------------------------------
Source: govinfosecurity.com
By: Howard Anderson
Organizations eager to take advantage of cloud computing need to take a step back and consider many critical privacy and security issues, says Feisal Nanji, executive director at the security consulting firm Techumen.
For example, healthcare organizations should insist on the right "to audit pretty much anything within the environment because if [cloud providers] are doing a good job, then they really have nothing to hide," he says in an interview with HealthcareInfoSecurity's Howard Anderson (transcript below).
In the interview, Nanji points out:
• Regarding data control, "We may have to revise our models for establishing trust and consequences in chain of custody and how we provide access and authentication for our key data assets."
• The movement to the cloud means there will be more interactions between software and systems. And that means organizations must "account for the reality that the user in the cloud may more likely be a machine than another person ... This has very profound implications on how identities are provisioned, authenticated and managed."
• "We must have a clear, concise view of how things are administered." Cloud computing clients should demand that their vendors spell out in advance who can access data, then provide access logs and agree to audits, he says.
To Continue Reading: Click Here
--------------------------------------
Source: govinfosecurity.com
By: Howard Anderson
Remote E-Discovery Collection Tools Gather Steam
When I first looked at remote collection tools to gather electronically stored information relevant to civil litigation or government investigation, I looked at self-collection tools from AccessData, Guidance Software, Hill Schwartz Spilker Keller, and Pinpoint Laboratories. Since then, Integreon upgraded its Seek and Collect product to version 2 and HSSK will soon have a new self-collection product exclusively distributed by IKON Office Solutions.
Before looking at some of the updates, there are basically two technology options for remote collection:
1. Whole-disk duplication;
2. Targeted collection.
The legal options for remote collection are the same as the technology options. Courts have not determined a best practice in remote collection and selecting either technology goes to the client's e-discovery requirements agreed to by the parties and approved by the court.
From my first story on remote collection, we know that whole-disk duplication is easy, as long as the custodian's source drive disk requirements are met by the collector's target drive. A custodian plugs the drive duplicator in and after the time it takes to duplicate the drive, the collection is complete. It is not only easy, but definitive in scope and exact in time.
Although disk duplication may collect more than you need from the custodian, what is "more" when you can view "less" with search tools and filtering algorithms to get to the information that is relevant and responsive to the matter at hand. And the nice thing about disk duplication is that if the requirements for e-discovery change, you have the whole enchilada and you do not have to return to the custodian for more data, which has no doubt moved on since you last collected. And that may spell "spoliation," if indeed you need to return for some reason.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Sean Doherty
Before looking at some of the updates, there are basically two technology options for remote collection:
1. Whole-disk duplication;
2. Targeted collection.
The legal options for remote collection are the same as the technology options. Courts have not determined a best practice in remote collection and selecting either technology goes to the client's e-discovery requirements agreed to by the parties and approved by the court.
From my first story on remote collection, we know that whole-disk duplication is easy, as long as the custodian's source drive disk requirements are met by the collector's target drive. A custodian plugs the drive duplicator in and after the time it takes to duplicate the drive, the collection is complete. It is not only easy, but definitive in scope and exact in time.
Although disk duplication may collect more than you need from the custodian, what is "more" when you can view "less" with search tools and filtering algorithms to get to the information that is relevant and responsive to the matter at hand. And the nice thing about disk duplication is that if the requirements for e-discovery change, you have the whole enchilada and you do not have to return to the custodian for more data, which has no doubt moved on since you last collected. And that may spell "spoliation," if indeed you need to return for some reason.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Sean Doherty
Tuesday, August 23, 2011
GRC: 7 Questions to Ask Your Cloud Service Provider
If you're overseeing your company's migrations to the cloud, you want assurances that the services you subscribe to won’t present excessive risk. These are the seven hard questions you need to ask of your cloud vendors.
CIOs overseeing migrations to the cloud want assurances that the services their companies subscribe to won’t present excessive risk and will enable them to govern those environments as if they are an extension of the organization. For more on how organizations are handling these issues, read our strategic tech feature, GRC in the Cloud. To get the assurances required from cloud vendors, CIOs need to ask hard questions. That list of questions should include the following:
1.) What will the service do?
Every vendor should offer documentation that spells out functionality. “If that’s something that’s not made available by the vendor, you should certainly ask for it,” says John Pavolotsky, an IT attorney with global law firm Greenberg Traurig. “You want a reasonable assurance that there won’t be any decrease in functionality, or other modifications, during the subscription period.”
2.) How thorough is the vendor’s service-level agreement?
Any SLA worth its weight should specifically address uptime guarantees, as well as incident response times and remedies. These things should be negotiable. Try to ensure you have the ability to terminate the agreement if the SLA frequently isn’t met.
3.) How much will data backup cost, and how quickly can you get at data once it’s been backed up?
Some vendors reportedly ask to be paid all past-due amounts before handing over backed-up data. You can count on the fact that you and your vendor will not agree on how much is owed. It’s best to iron out these issues contractually before your relationship begins.
To Continue Reading: Click Here
--------------------------------------
Source: cioinsight.com
By: Tony Kontzer
CIOs overseeing migrations to the cloud want assurances that the services their companies subscribe to won’t present excessive risk and will enable them to govern those environments as if they are an extension of the organization. For more on how organizations are handling these issues, read our strategic tech feature, GRC in the Cloud. To get the assurances required from cloud vendors, CIOs need to ask hard questions. That list of questions should include the following:
1.) What will the service do?
Every vendor should offer documentation that spells out functionality. “If that’s something that’s not made available by the vendor, you should certainly ask for it,” says John Pavolotsky, an IT attorney with global law firm Greenberg Traurig. “You want a reasonable assurance that there won’t be any decrease in functionality, or other modifications, during the subscription period.”
2.) How thorough is the vendor’s service-level agreement?
Any SLA worth its weight should specifically address uptime guarantees, as well as incident response times and remedies. These things should be negotiable. Try to ensure you have the ability to terminate the agreement if the SLA frequently isn’t met.
3.) How much will data backup cost, and how quickly can you get at data once it’s been backed up?
Some vendors reportedly ask to be paid all past-due amounts before handing over backed-up data. You can count on the fact that you and your vendor will not agree on how much is owed. It’s best to iron out these issues contractually before your relationship begins.
To Continue Reading: Click Here
--------------------------------------
Source: cioinsight.com
By: Tony Kontzer
From the Experts: Document Review with No Pain, All Gain
Text analytics increases review speed, reduces costs, and improves quality
It is said that document review costs are "the forgotten 80 percent." This implies that a strategy to accelerate and organize the actual document review should be contemplated up front, prior to review, and not forgotten until the end.
For projects of any size, document review costs share a direct correlation with volume of information, as more data requires more hours to locate the important, relevant documents. Additionally, human document review is not a process that benefits from economies of scale when data is not strategically organized. Using technology specifically designed to organize documents, combined with a sound review workflow, reduces review costs and compresses the time needed for review.
Text analytics search technology enables smarter review strategies that improve both the speed and quality of the expensive review process. This search technology, which evaluates unstructured text, enables users to automatically group documents into conceptually related subsets. Using text analytics to structure a review allows litigation professionals to significantly reduce discovery costs by increasing review speeds.
Basic Linear Review vs. Text Analytics
Case teams navigate data sets in a linear review by reading each document in order, often by date or control number. Reviewers move through the collection of documents one at a time, identifying responsive documents interspersed with non-responsive ones.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Jay Lieb
It is said that document review costs are "the forgotten 80 percent." This implies that a strategy to accelerate and organize the actual document review should be contemplated up front, prior to review, and not forgotten until the end.
For projects of any size, document review costs share a direct correlation with volume of information, as more data requires more hours to locate the important, relevant documents. Additionally, human document review is not a process that benefits from economies of scale when data is not strategically organized. Using technology specifically designed to organize documents, combined with a sound review workflow, reduces review costs and compresses the time needed for review.
Text analytics search technology enables smarter review strategies that improve both the speed and quality of the expensive review process. This search technology, which evaluates unstructured text, enables users to automatically group documents into conceptually related subsets. Using text analytics to structure a review allows litigation professionals to significantly reduce discovery costs by increasing review speeds.
Basic Linear Review vs. Text Analytics
Case teams navigate data sets in a linear review by reading each document in order, often by date or control number. Reviewers move through the collection of documents one at a time, identifying responsive documents interspersed with non-responsive ones.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Jay Lieb
Friday, August 19, 2011
Privilege Waived? Federal Court Says Don't Blame Your Electronic Discovery Vendor
The buck stops here.
In Thorncreek Apartments III, LLC v. Village of Park Forest (N.D. Ill. Aug. 9, 2011), the Northern District of Illinois held that a litigant that was negligent throughout the discovery process and failed “to check the production database created by the [third-party e-discovery vendor] before it went live online and became available to [opposing] counsel” waived privilege with respect to inadvertently produced documents. (emphasis in original). It is noteworthy that the court never called into question the conduct of the e-discovery vendor. Rather, the first line of defense in such cases clearly lies with the litigant who claims privilege.
Looking forward, the necessary re-review of any production database may involve tens of thousands of documents marked as privileged. (In this case, a lengthy review of 250,000 documents yielded 159 documents claimed as privileged, all of which were produced inadvertently. Such a review would have been easy.) However, the set of documents that might be turned over to opposing counsel is as voluminous as those designated as privileged or otherwise non-responsive. The risks are real; the responsibility imposed on counsel will require serious effort; and the stakes are enormous.
The district court agreed with the plaintiff’s request for an Order finding that six of the 159 documents produced inadvertently by the defendant were not protected from disclosure and that privilege had thereby been waived.
Electronic discovery here was conducted by a major vendor and proceeded in three steps:
To Continue Reading: Click Here
--------------------------------------
Source: blogs.forbes.com
In Thorncreek Apartments III, LLC v. Village of Park Forest (N.D. Ill. Aug. 9, 2011), the Northern District of Illinois held that a litigant that was negligent throughout the discovery process and failed “to check the production database created by the [third-party e-discovery vendor] before it went live online and became available to [opposing] counsel” waived privilege with respect to inadvertently produced documents. (emphasis in original). It is noteworthy that the court never called into question the conduct of the e-discovery vendor. Rather, the first line of defense in such cases clearly lies with the litigant who claims privilege.
Looking forward, the necessary re-review of any production database may involve tens of thousands of documents marked as privileged. (In this case, a lengthy review of 250,000 documents yielded 159 documents claimed as privileged, all of which were produced inadvertently. Such a review would have been easy.) However, the set of documents that might be turned over to opposing counsel is as voluminous as those designated as privileged or otherwise non-responsive. The risks are real; the responsibility imposed on counsel will require serious effort; and the stakes are enormous.
The district court agreed with the plaintiff’s request for an Order finding that six of the 159 documents produced inadvertently by the defendant were not protected from disclosure and that privilege had thereby been waived.
Electronic discovery here was conducted by a major vendor and proceeded in three steps:
To Continue Reading: Click Here
--------------------------------------
Source: blogs.forbes.com
By: Ben Kerschberg
Gibson Dunn - 2011 Mid-Year E-Discovery Update
This 2011 Mid-Year E-Discovery Update analyzes trends and developments in e-discovery based on our review of 187 e-discovery decisions from the federal courts issued between January 1 and June 15, 2011 (listed here in an Appendix). We identified those decisions from various sources, including commercial reporting services and publicly available online repositories.
Highlights from our analysis of these decisions include:
- The number of e-discovery decisions continues to increase at a blistering pace. The 187 decisions we identified in the first half of 2011 represents an 82% increase over the 103 decisions we identified at mid-year 2010.
- The number of instances in which litigants sought sanctions in the first half of 2011 was more than double the number in the same period last year (68 at mid-year 2011 versus 31 at mid-year 2010), and sanctions awards have nearly doubled in absolute terms (38 at mid-year 2011 versus 21 at mid-year 2010).
- Notwithstanding this increase, courts awarded sanctions at essentially the same rate as in 2010 (56% of the instances in which a party sought sanctions in the first half of 2011, versus 55% for the full year in 2010).
- Determining when litigation is "reasonably foreseeable" for purposes of triggering the duty to preserve continued to be a fact-specific analysis.
- Courts continued to emphasize that counsel's responsibility to ensure preservation does not end with timely distribution of a legal hold notice.
- Courts continued to demand cooperation and remained keenly aware of counsel's efforts--or lack thereof--to resolve e-discovery disputes before seeking judicial involvement.
- It turns out that there is such a thing as "discovery karma," at least in the 10th Circuit, and "ankle-biting" an opponent for alleged discovery glitches may not be appreciated, especially when one's own house is not in order.
- While no reported case addressed the use of predictive coding or other advanced search technologies, there is no doubt that these tools have been noticed, as The New York Times and Forbes focused on their potential impact in featured articles.
To Continue Reading: Click Here
--------------------------------------
Source: gibsondunn.com
By: Gareth T. Evans, Jennifer H. Rearden, G. Charles Nierlich, and Farrah L. Pepper
Addressing the Regulatory and eDiscovery Challenges of Social Media
Is your organization among those that have jumped with both feet into the world of social media?
Recent survey results confirm that social media use is on the rise for almost all organizations across the globe. This is particularly the case in the financial services industry. A recent industry survey confirms that nearly two-thirds of all asset managers are actively using social media for marketing purposes.
Despite its increasing popularity and ubiquity, the securities industry is experiencing growing pains with social media. Just like other industries, financial services providers are struggling with applying notions of information governance to these non-traditional forms of communication. Indeed, with social media becoming an increasingly important data source for both business and legal purposes, it behooves enterprises to develop an information governance strategy with respect to this data. The best practices being followed in this regard by financial services companies should be paradigmatic for organizations across the board.
Social Media Challenges for Financial Services Companies
Many financial services companies are experiencing difficulty supervising or retaining social media communications as required by FINRA Regulatory Notice 10-06. A landmark regulation, FINRA 10-06 was promulgated last year to protect investors from false or misleading claims made on social networking sites. To comply with this regulation, securities firms must develop protocols that enable them to supervise and retain social media content and ensure conformity by their representatives.
To Continue Reading: Click Here
--------------------------------------
Source: eDiscovery 2.0
By: Philip Favro
Recent survey results confirm that social media use is on the rise for almost all organizations across the globe. This is particularly the case in the financial services industry. A recent industry survey confirms that nearly two-thirds of all asset managers are actively using social media for marketing purposes.
Despite its increasing popularity and ubiquity, the securities industry is experiencing growing pains with social media. Just like other industries, financial services providers are struggling with applying notions of information governance to these non-traditional forms of communication. Indeed, with social media becoming an increasingly important data source for both business and legal purposes, it behooves enterprises to develop an information governance strategy with respect to this data. The best practices being followed in this regard by financial services companies should be paradigmatic for organizations across the board.
Social Media Challenges for Financial Services Companies
Many financial services companies are experiencing difficulty supervising or retaining social media communications as required by FINRA Regulatory Notice 10-06. A landmark regulation, FINRA 10-06 was promulgated last year to protect investors from false or misleading claims made on social networking sites. To comply with this regulation, securities firms must develop protocols that enable them to supervise and retain social media content and ensure conformity by their representatives.
To Continue Reading: Click Here
--------------------------------------
Source: eDiscovery 2.0
By: Philip Favro
In Largest-Ever Legal Technology Deal, HP Acquires Autonomy for $10B
Hewlett-Packard on Thursday made its most aggressive move yet to transform itself into a modern business provider by acquiring e-discovery and document management giant Autonomy for $10.3 billion, putting its personal computer division up for sale, and discontinuing its recently launched WebOS mobile device group.
HP says it hopes the majority of its future revenue comes from sales of printers, professional services, software, and enterprise-class hardware, resulting in a structure more similar to that of IBM than Apple.
"Today is about transforming HP for the future," CEO Léo Apotheker said in the Palo Alto, Calif., company's third-quarter earnings call. "HP is at a critical point in its existence."
"Autonomy sees the information transformation and subsequent market opportunity exactly as we do," Apotheker said later in the call. "The two companies and cultures will blend together well ... Bringing Autonomy into the HP world will be seamless and complementary."
The news reverberated throughout the legal technology field, marking its largest-ever acquisition, according to David Horrigan, a Boston-based e-discovery analyst for the 451 Group. The deal's price tag is higher than the combined total of two recent major transactions: Autonomy's $380 million acquisition of Iron Mountain assets and Symantec's $390 million purchase of Clearwell Systems.
But some, like Law Technology News editorial board member and e-discovery columnist Craig Ball, see the Autonomy purchase price as overvalued. "Autonomy's e-discovery revenue stream is high-end but unsustainable based on pricing pressures," he said in an e-mailed response to questions. "If their EDD business mirrors their other units in such things, I predict a $2 billion write-down on a $10 billion transaction within five years."
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Evan Koblentz
HP says it hopes the majority of its future revenue comes from sales of printers, professional services, software, and enterprise-class hardware, resulting in a structure more similar to that of IBM than Apple.
"Today is about transforming HP for the future," CEO Léo Apotheker said in the Palo Alto, Calif., company's third-quarter earnings call. "HP is at a critical point in its existence."
"Autonomy sees the information transformation and subsequent market opportunity exactly as we do," Apotheker said later in the call. "The two companies and cultures will blend together well ... Bringing Autonomy into the HP world will be seamless and complementary."
The news reverberated throughout the legal technology field, marking its largest-ever acquisition, according to David Horrigan, a Boston-based e-discovery analyst for the 451 Group. The deal's price tag is higher than the combined total of two recent major transactions: Autonomy's $380 million acquisition of Iron Mountain assets and Symantec's $390 million purchase of Clearwell Systems.
But some, like Law Technology News editorial board member and e-discovery columnist Craig Ball, see the Autonomy purchase price as overvalued. "Autonomy's e-discovery revenue stream is high-end but unsustainable based on pricing pressures," he said in an e-mailed response to questions. "If their EDD business mirrors their other units in such things, I predict a $2 billion write-down on a $10 billion transaction within five years."
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Evan Koblentz
Wednesday, August 17, 2011
VA Issues Social Media Policy
Agency sets policies and limits on how personnel can use Facebook, Twitter, and other online sites to communicate with veterans and other stakeholders.
The Department of Veterans Affairs has released a policy mandating how its personnel should use social media to collaborate and share information.
The move comes not long after the Government Accountability Office, the federal watchdog agency, criticized agencies and departments for their lack of social media policies even as they increasingly are using the technology.
To be fair, however, some agencies already have instituted policies, and the VA--which has taken great strides lately to embrace emerging technologies and improve how it uses IT--is the latest to join them.
The department's policy encourages growing adoption of social media by its employees but provides boundaries for its use while still allowing for open communication with veterans and other stakeholders, according to the VA.
To Continue Reading: Click Here
--------------------------------------
Source: informationweek.com
By: Elizabeth Montalbano
The Department of Veterans Affairs has released a policy mandating how its personnel should use social media to collaborate and share information.
The move comes not long after the Government Accountability Office, the federal watchdog agency, criticized agencies and departments for their lack of social media policies even as they increasingly are using the technology.
To be fair, however, some agencies already have instituted policies, and the VA--which has taken great strides lately to embrace emerging technologies and improve how it uses IT--is the latest to join them.
The department's policy encourages growing adoption of social media by its employees but provides boundaries for its use while still allowing for open communication with veterans and other stakeholders, according to the VA.
To Continue Reading: Click Here
--------------------------------------
Source: informationweek.com
By: Elizabeth Montalbano
Tuesday, August 16, 2011
Government Agencies Look Within to Solve E-Discovery Woes
The Federal Trade Commission recently launched what's likely to be a broad antitrust investigation of Google. David Shonka, the FTC's principal deputy general counsel, says there is a misperception that government agencies have unlimited resources to shoulder the burden of electronic data discovery costs in big cases like this.
"You have to keep in mind that by the time you take $100 billion in tax revenue and divide it [among] the various shops and departments, the allocation available can be very small," says Shonka, who also heads the agency's E-Discovery Steering Committee. "It is not unusual for the FTC to litigate a company over a product that has a larger advertising budget than our entire appropriation."
Individual agencies find it difficult to keep up with the growing costs and complexity of EDD. A few of the larger agencies do have dedicated EDD staff and processes in place, but many others have neither the experience nor expertise to manage electronically stored information. "It's a tale of two cities, rich and poor," says Jason Baron, director of litigation, U.S. National Archives and Records Administration. "If e-discovery is perceived as a core competency for an agency, it is more likely to get budgeted. But if [EDD] is not seen as an immediate threat, then requests for more advanced software are likely ignored."
According to IDC, a technology research firm, 14 government agencies will experience cutbacks in IT spending between 2011 and 2012. Some cuts will be deep — the Department of Housing and Urban Development plans a 41% cut in IT spending for the next fiscal year (bit.ly/LTN1182b). Last summer the White House asked agencies to cut at least 5% from their budgets by identifying programs that do little to advance their core missions.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Jason Krause
"You have to keep in mind that by the time you take $100 billion in tax revenue and divide it [among] the various shops and departments, the allocation available can be very small," says Shonka, who also heads the agency's E-Discovery Steering Committee. "It is not unusual for the FTC to litigate a company over a product that has a larger advertising budget than our entire appropriation."
Individual agencies find it difficult to keep up with the growing costs and complexity of EDD. A few of the larger agencies do have dedicated EDD staff and processes in place, but many others have neither the experience nor expertise to manage electronically stored information. "It's a tale of two cities, rich and poor," says Jason Baron, director of litigation, U.S. National Archives and Records Administration. "If e-discovery is perceived as a core competency for an agency, it is more likely to get budgeted. But if [EDD] is not seen as an immediate threat, then requests for more advanced software are likely ignored."
According to IDC, a technology research firm, 14 government agencies will experience cutbacks in IT spending between 2011 and 2012. Some cuts will be deep — the Department of Housing and Urban Development plans a 41% cut in IT spending for the next fiscal year (bit.ly/LTN1182b). Last summer the White House asked agencies to cut at least 5% from their budgets by identifying programs that do little to advance their core missions.
To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Jason Krause
The case for compliance as a cloud service
The use of the cloud could actually enhance your ability to manage IT successfully within complex regulations
IT must deal with an increasing number of regulations, many of which come with stiff legal and financial penalties for noncompliance. As cloud computing comes on the scene, it's no wonder that many in IT push back on its use, which in many instances forces you to give up direct control of systems that have to be maintained with these regulations in mind. As one client put it, "Why would I let somebody who does not work here get me arrested?"
But there's another, better way to think about this issue. There is no legal reason why the systems that have to maintain compliance can't exist in the cloud. In fact, it could be better to have some of those systems in the cloud. Unfortunately, many in IT don't see the possibility because of nightmares about a cloud provider's mistake leading to big trouble.
[ In IT today, the action is in the private cloud. InfoWorld's experts take you through what you need to know to do it right in our "Private Cloud Deep Dive" PDF special report. | Also check out our "Cloud Security Deep Dive," our "Cloud Storage Deep Dive," and our "Cloud Services Deep Dive." ]
The trouble with regulations is that they constantly change, and thus need to be managed as if they were a consistently shifting set of users and/or business requirements. This affects how security subsystems function and how information is tracked around the interpretation of government or legal mandates. Therefore, many hundreds of IT shops figure out ways to maintain compliance, perhaps not all resulting in the same solutions -- and that means mistakes, inconsistencies, and wasted effort.
To Continue Reading: Click Here
----------------------------------------------
Source: infoworld.com
By: David Linthicum
IT must deal with an increasing number of regulations, many of which come with stiff legal and financial penalties for noncompliance. As cloud computing comes on the scene, it's no wonder that many in IT push back on its use, which in many instances forces you to give up direct control of systems that have to be maintained with these regulations in mind. As one client put it, "Why would I let somebody who does not work here get me arrested?"
But there's another, better way to think about this issue. There is no legal reason why the systems that have to maintain compliance can't exist in the cloud. In fact, it could be better to have some of those systems in the cloud. Unfortunately, many in IT don't see the possibility because of nightmares about a cloud provider's mistake leading to big trouble.
[ In IT today, the action is in the private cloud. InfoWorld's experts take you through what you need to know to do it right in our "Private Cloud Deep Dive" PDF special report. | Also check out our "Cloud Security Deep Dive," our "Cloud Storage Deep Dive," and our "Cloud Services Deep Dive." ]
The trouble with regulations is that they constantly change, and thus need to be managed as if they were a consistently shifting set of users and/or business requirements. This affects how security subsystems function and how information is tracked around the interpretation of government or legal mandates. Therefore, many hundreds of IT shops figure out ways to maintain compliance, perhaps not all resulting in the same solutions -- and that means mistakes, inconsistencies, and wasted effort.
To Continue Reading: Click Here
----------------------------------------------
Source: infoworld.com
By: David Linthicum
Monday, August 15, 2011
IT Department Takes on Critical e-Discovery Role
After years of minimal involvement in ediscovery, IT is increasingly responsible for the critical data management and collections phases of ediscovery. This article follows up on our previous discussion of ediscovery, "Sea Changes for IT and Ediscovery" Here, we will look at the three driving factors in this change, as well as the place email archives and backup now occupy in meeting new ediscovery responsibilities.
Three Driving Factors for Fast-Growing Data
Fast data growth is a fact of life in private and public sectors. Storage administrators work to manage storage across complex infrastructure, including primary storage, nearline/archival storage, disk-based protection tiers, tape libraries, off-site mirrored storage systems, and individual desktops and laptops.
This is challenging enough simply for managing backup and archive, and ediscovery adds a whole different twist. The bad news as far as ediscovery goes is that 1) these fast-growing data stores house data must be discovered for litigation and compliance, 2) IT must control this data for retention as well as for cost-effective storage management, and 3) each storage type may have dozens or hundreds of storage targets and components, making each sub-environment a discovery challenge all by itself.
IT has been understandably reluctant to take on the ediscovery process in these complex storage environments, but there is no avoiding it anymore. The risk of poor ediscovery is too high. Attorneys understand collection and preservation in a legal sense, but only IT is positioned to provide search access and preservation in complex storage environments.
1. Faster and Wider Collections
Companies used to plead "undue burden" when a collection promised to be time-consuming and expensive. Judges often granted the request if the expense of a search was disproportionate to the matter. The principle of proportionality remains important, but judges are looking at the reasons behind undue burden motions. If the reason for the motion is poorly managed data storage, then the judge is likely to deny it and simply direct the company to bear the cost.
Three Driving Factors for Fast-Growing Data
Fast data growth is a fact of life in private and public sectors. Storage administrators work to manage storage across complex infrastructure, including primary storage, nearline/archival storage, disk-based protection tiers, tape libraries, off-site mirrored storage systems, and individual desktops and laptops.
This is challenging enough simply for managing backup and archive, and ediscovery adds a whole different twist. The bad news as far as ediscovery goes is that 1) these fast-growing data stores house data must be discovered for litigation and compliance, 2) IT must control this data for retention as well as for cost-effective storage management, and 3) each storage type may have dozens or hundreds of storage targets and components, making each sub-environment a discovery challenge all by itself.
IT has been understandably reluctant to take on the ediscovery process in these complex storage environments, but there is no avoiding it anymore. The risk of poor ediscovery is too high. Attorneys understand collection and preservation in a legal sense, but only IT is positioned to provide search access and preservation in complex storage environments.
1. Faster and Wider Collections
Companies used to plead "undue burden" when a collection promised to be time-consuming and expensive. Judges often granted the request if the expense of a search was disproportionate to the matter. The principle of proportionality remains important, but judges are looking at the reasons behind undue burden motions. If the reason for the motion is poorly managed data storage, then the judge is likely to deny it and simply direct the company to bear the cost.
----------------------------------------------
Source: enterprisestorageforum.com
By: Christine Taylor
Source: enterprisestorageforum.com
By: Christine Taylor
Friday, August 12, 2011
For Key Employees' Bad Faith, Intentional Spoliation, Court Imposes Adverse Inference and Monetary Sanctions
E.I. Du Pont De Nemours & Co. v. Kolon Indus., Inc., No. 3:09cv58, 2011 WL 2966862 (E.D. Va. July 21, 2011)
The court found that defendant breached its preservation duty when key employees intentionally deleted ESI in bad faith. Acknowledging Kolon’s (insufficient) attempts to place a litigation hold, the court declined to impose default judgment, but ordered sanctions in the form of attorneys’ fees, expenses and costs related to the motion, and an adverse inference instruction. In so doing, the court rejected arguments that plaintiff suffered no prejudice and that because many of the files were recovered, there was no spoliation.
In this case, plaintiff alleged trade secret misappropriation, theft of confidential business information, conspiracy, and other business torts. Defendant received plaintiff’s complaint on February 4, 2009. On February 6th, defendant issued a litigation hold order to certain upper-level employees. On February 10th, a second litigation hold notice, written in English, was distributed to all employees, most of whom did not speak English. A third litigation hold was later issued to the IT department, but had little effect on the outcome of the spoliation motion.
Despite knowledge of the relevant complaint and/or receipt of a litigation hold notice, many of defendant’s key employees deleted relevant information from their computers and email accounts. These deletions were discovered as the result of defendant’s production of several screen shots with handwritten notes that appeared to identify certain files for deletion (e.g., files were marked “Need to Delete,” “Remove All,” “Get Rid Of,” etc.). Suspicion of spoliation was also raised by the “suspiciously low document production totals” for key employees and the deposition testimony of employees “which assertedly showed that Kolon failed to instruct key employees on their preservation duties. . .” The extent of the deletions, however, was uncovered only upon the court’s request for additional discovery into the apparent spoliation. Forgoing the voluminous details of the spoliation, it suffices to say that plaintiff’s expert concluded that defendant’s employees had deleted at least 17,811 files and email items, many of which were highly relevant to the issues of the case.
To Continue Reading: Click Here
----------------------------------------------
Source: ediscoverylaw.com
The court found that defendant breached its preservation duty when key employees intentionally deleted ESI in bad faith. Acknowledging Kolon’s (insufficient) attempts to place a litigation hold, the court declined to impose default judgment, but ordered sanctions in the form of attorneys’ fees, expenses and costs related to the motion, and an adverse inference instruction. In so doing, the court rejected arguments that plaintiff suffered no prejudice and that because many of the files were recovered, there was no spoliation.
In this case, plaintiff alleged trade secret misappropriation, theft of confidential business information, conspiracy, and other business torts. Defendant received plaintiff’s complaint on February 4, 2009. On February 6th, defendant issued a litigation hold order to certain upper-level employees. On February 10th, a second litigation hold notice, written in English, was distributed to all employees, most of whom did not speak English. A third litigation hold was later issued to the IT department, but had little effect on the outcome of the spoliation motion.
Despite knowledge of the relevant complaint and/or receipt of a litigation hold notice, many of defendant’s key employees deleted relevant information from their computers and email accounts. These deletions were discovered as the result of defendant’s production of several screen shots with handwritten notes that appeared to identify certain files for deletion (e.g., files were marked “Need to Delete,” “Remove All,” “Get Rid Of,” etc.). Suspicion of spoliation was also raised by the “suspiciously low document production totals” for key employees and the deposition testimony of employees “which assertedly showed that Kolon failed to instruct key employees on their preservation duties. . .” The extent of the deletions, however, was uncovered only upon the court’s request for additional discovery into the apparent spoliation. Forgoing the voluminous details of the spoliation, it suffices to say that plaintiff’s expert concluded that defendant’s employees had deleted at least 17,811 files and email items, many of which were highly relevant to the issues of the case.
To Continue Reading: Click Here
----------------------------------------------
Source: ediscoverylaw.com
Is E-Discovery 'Instant Karma' Gonna Get You?
In "Can Court Remedies Police the Production of ESI?" I posed the question of whether Victor Stanley Inc. v. Creative Pipe Inc. in the U.S. District Court for the District of Maryland and Rockwood v. SKF USA in the U.S. District Court for the District of New Hampshire signaled a trend toward courts using sanctions for e-discovery violations as they do the exclusionary rule for Fourth Amendment violations, i.e., to "police" the practice of e-discovery generally by imposing sanctions not simply to punish the litigant, but to deter the future misconduct of others.
Two more recent cases, Lee v. Max International in the 10th U.S. Circuit Court of Appeals and DL v. District of Columbia in the U.S. District Court for the District of Columbia, both decided in May 2011, echo Victor Stanley and Rockwood in making clear that the sanctions they imposed or upheld were meant as much to deter the future misconduct of others as to punish the offenders before the bar, and so continue the trend. Discussion of these opinions will illuminate what courts consider when determining whether to impose sanctions for e-discovery violations and should help counsel advise their clients.
'A TRICKLE OF MATERIAL'
In Lee, the plaintiffs sued defendant for breach of contract. Unsatisfied with the plaintiffs' e-discovery production, the defendant moved to compel and the magistrate judge granted the motion. In response, however, the plaintiffs produced "only a trickle of material," failing to produce materials not only requested by the defendant but subject to the court's production order. The defendant moved for sanctions, specifically for dismissal of the plaintiffs' complaint. The magistrate found that the plaintiffs had "'blatant[ly]' and without apparent excuse flouted" the court's order, but nevertheless afforded the plaintiffs "one more chance to produce the requested documents" while, at the same time, warning them that "continued non-compliance" would result "in the harshest of sanctions."
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Leonard Deutchman
Two more recent cases, Lee v. Max International in the 10th U.S. Circuit Court of Appeals and DL v. District of Columbia in the U.S. District Court for the District of Columbia, both decided in May 2011, echo Victor Stanley and Rockwood in making clear that the sanctions they imposed or upheld were meant as much to deter the future misconduct of others as to punish the offenders before the bar, and so continue the trend. Discussion of these opinions will illuminate what courts consider when determining whether to impose sanctions for e-discovery violations and should help counsel advise their clients.
'A TRICKLE OF MATERIAL'
In Lee, the plaintiffs sued defendant for breach of contract. Unsatisfied with the plaintiffs' e-discovery production, the defendant moved to compel and the magistrate judge granted the motion. In response, however, the plaintiffs produced "only a trickle of material," failing to produce materials not only requested by the defendant but subject to the court's production order. The defendant moved for sanctions, specifically for dismissal of the plaintiffs' complaint. The magistrate found that the plaintiffs had "'blatant[ly]' and without apparent excuse flouted" the court's order, but nevertheless afforded the plaintiffs "one more chance to produce the requested documents" while, at the same time, warning them that "continued non-compliance" would result "in the harshest of sanctions."
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Leonard Deutchman
Study: Smart Phones Fail to Protect Sensitive Financial Data Read more: Study: Smart Phones Fail to Protect Sensitive Financial Data Important: Can
Less than half of mobile phones apps passed a digital firm's security audit. One out of four failed and a third have less serious problems, discovered a test by viaForensics, a digital forensics and security firm.
"There is a serious potential threat for identity or financial theft if a lost smart phone should fall into the wrong hands," the study concluded.
"For instance, if a cybercriminal is able to steal one password, coupled with all of the usernames recovered, would pose a serious threat for someone who uses the same password on many accounts."
Testers easily obtained passwords, PINs, partial credit card numbers, and other sensitive financial data from the smart phones. The tests show that smart phone apps in general often store sensitive data without encryption.
Financial apps, which failed the test 25 percent of the time, are safer than social networking apps, which failed 75 percent of the time.
User names are an important piece of financial information that phone apps should protect. Because many systems need only a user name and password, having the user name means a cyber criminal is half way to hacking your phone. Plus, many people reuse their user name.
To Continue Reading: Click Here
----------------------------------------------
Source: moneynews.com
By: Michael King
"There is a serious potential threat for identity or financial theft if a lost smart phone should fall into the wrong hands," the study concluded.
"For instance, if a cybercriminal is able to steal one password, coupled with all of the usernames recovered, would pose a serious threat for someone who uses the same password on many accounts."
Testers easily obtained passwords, PINs, partial credit card numbers, and other sensitive financial data from the smart phones. The tests show that smart phone apps in general often store sensitive data without encryption.
Financial apps, which failed the test 25 percent of the time, are safer than social networking apps, which failed 75 percent of the time.
User names are an important piece of financial information that phone apps should protect. Because many systems need only a user name and password, having the user name means a cyber criminal is half way to hacking your phone. Plus, many people reuse their user name.
To Continue Reading: Click Here
----------------------------------------------
Source: moneynews.com
By: Michael King
Thursday, August 11, 2011
Text Message Use Among Providers Raise HIPAA Concerns
As the possibilities for electronic communication continue to expand with great speed, use of the technology by hospital employees and physicians without adequate security can expose your facility to HIPAA violations. The increasing use of cell phones and texting as an alternative to voice conversations or e-mail presents real risks for security failures leading to HIPAA violations.
Use of text messaging to physicians on the rise
Some hospital systems now use e-mails instead of the past pager method to notify physicians to contact the hospital about a patient. The e-mails are entered by the hospital employee, converted into a text message and sent to the physician's cellular phone. Physicians frequently request that more patient data is included in the message, such as the patient's name and room number, so the physician can look up the chart prior to returning the call. This system is frequently not encrypted, however, because of the extra expense to the hospital. Some hospital employees may even send text messages directly from their personal cell phone to the physician's personal cell phone to ask for medication orders, instructions, clarification of orders and the like.
Potential HIPAA violations
In both scenarios described above, hospital security systems are not used since the messages go to and/or from personal cell phones. Unless the text messages are protected by the hospital's security system, both practices would be in violation of the HIPAA rules and can have additional consequences in other areas. Clearly, both practices include protected health information under HIPAA, since patients' names are used, rather than a chart number or other non-personal identifying method. Although the use of the PHI without an authorization is permitted under the Privacy Rule of HIPAA for treatment, payment or operations, the use must also meet the Security Standards of HIPAA.
To Continue Reading: Click Here
----------------------------------------------
Source: beckershospitalreview.com
By: Joyce McLaughlin, JD
Use of text messaging to physicians on the rise
Some hospital systems now use e-mails instead of the past pager method to notify physicians to contact the hospital about a patient. The e-mails are entered by the hospital employee, converted into a text message and sent to the physician's cellular phone. Physicians frequently request that more patient data is included in the message, such as the patient's name and room number, so the physician can look up the chart prior to returning the call. This system is frequently not encrypted, however, because of the extra expense to the hospital. Some hospital employees may even send text messages directly from their personal cell phone to the physician's personal cell phone to ask for medication orders, instructions, clarification of orders and the like.
Potential HIPAA violations
In both scenarios described above, hospital security systems are not used since the messages go to and/or from personal cell phones. Unless the text messages are protected by the hospital's security system, both practices would be in violation of the HIPAA rules and can have additional consequences in other areas. Clearly, both practices include protected health information under HIPAA, since patients' names are used, rather than a chart number or other non-personal identifying method. Although the use of the PHI without an authorization is permitted under the Privacy Rule of HIPAA for treatment, payment or operations, the use must also meet the Security Standards of HIPAA.
To Continue Reading: Click Here
----------------------------------------------
Source: beckershospitalreview.com
By: Joyce McLaughlin, JD
When a cloud service vanishes: How to protect your data
Nothing lasts forever, and that includes online services. We look at some dangers in trusting your data to the cloud, and how to prevent problems.
More and more, we rely on Web services as a matter of course. The key word is rely: We assume that the data we upload to, say, a photo-hosting account or blog service today will still be there tomorrow. In large part, that's because we assume the services themselves will still be there tomorrow.
But over the past few years, we've seen plenty of examples of sites that are here today and all-too-gone tomorrow -- for example, Friendster (which dumped user data for a redesign in May) and GeoCities (which shut down in 2009).
In other words, nothing lasts forever. The Web services that we entrust with our data can -- and do -- vanish. And when that happens, you need to have a plan. In the following pages, I'll take a look at some cases where user data was lost or endangered, how the companies (and their users) handled the situation, and what you can do to keep your own information safe.
Don't let this happen to you
Unfortunately, there are plenty of examples of services that have shut down, changed hands or simply lost their data.
MySpace. The slow death and muddled rebirth of MySpace -- once a fiercely popular social network, overshadowed by the rise of Facebook -- raised a lot of questions about what would happen to existing users' data and whether or not there would be an easy way to bulk-export any of that information.
To Continue Reading: Click Here
----------------------------------------------
Source: computerworld.com
By: Serdar Yegulalp
More and more, we rely on Web services as a matter of course. The key word is rely: We assume that the data we upload to, say, a photo-hosting account or blog service today will still be there tomorrow. In large part, that's because we assume the services themselves will still be there tomorrow.
But over the past few years, we've seen plenty of examples of sites that are here today and all-too-gone tomorrow -- for example, Friendster (which dumped user data for a redesign in May) and GeoCities (which shut down in 2009).
In other words, nothing lasts forever. The Web services that we entrust with our data can -- and do -- vanish. And when that happens, you need to have a plan. In the following pages, I'll take a look at some cases where user data was lost or endangered, how the companies (and their users) handled the situation, and what you can do to keep your own information safe.
Don't let this happen to you
Unfortunately, there are plenty of examples of services that have shut down, changed hands or simply lost their data.
MySpace. The slow death and muddled rebirth of MySpace -- once a fiercely popular social network, overshadowed by the rise of Facebook -- raised a lot of questions about what would happen to existing users' data and whether or not there would be an easy way to bulk-export any of that information.
To Continue Reading: Click Here
----------------------------------------------
Source: computerworld.com
By: Serdar Yegulalp
The legal traps of cloud computing
Being unable to retrieve data hosted overseas, downtime stretching for days and recovery costs that reach into the tens of thousands – these are just some of the problems small businesses are now facing when moving into the cloud.
Legal experts say while this relatively new market is providing many businesses with prospects to grow faster than they thought possible, many are being caught up in data disasters that leave them crippled and in debt.
"I think the transformation with cloud computing is not necessarily technical but rather contractual," says Logica Australia chief information security officer Ajoy Ghosh.
"There are many companies now being locked into contracts. Of course, larger buyers, such as governments and banks, are able to exert market influence, but for the vast majority of buyers they have to accept the contracts as they are."
Recent disasters such as the Lush, Distribute.IT and Amazon outrages have proven just how crucial planning for the cloud is. Especially after the recent Amazon outage which took offline a host of sites including FourSquare and Yelp.
A range of legal experts working in the IT industry say many small businesses are completely unaware of where their data is located, how much it is costing them, and many don't even know if they'll get their data back if they ask for it.
To Continue Reading: Click Here
----------------------------------------------
Source: smartcompany.com.au
By: Patrick Stafford
Legal experts say while this relatively new market is providing many businesses with prospects to grow faster than they thought possible, many are being caught up in data disasters that leave them crippled and in debt.
"I think the transformation with cloud computing is not necessarily technical but rather contractual," says Logica Australia chief information security officer Ajoy Ghosh.
"There are many companies now being locked into contracts. Of course, larger buyers, such as governments and banks, are able to exert market influence, but for the vast majority of buyers they have to accept the contracts as they are."
Recent disasters such as the Lush, Distribute.IT and Amazon outrages have proven just how crucial planning for the cloud is. Especially after the recent Amazon outage which took offline a host of sites including FourSquare and Yelp.
A range of legal experts working in the IT industry say many small businesses are completely unaware of where their data is located, how much it is costing them, and many don't even know if they'll get their data back if they ask for it.
To Continue Reading: Click Here
----------------------------------------------
Source: smartcompany.com.au
By: Patrick Stafford
LinkedIn opts 100 million users into sharing private information within advertisements
LinkedIn users are upset that the company has taken the Facebook approach in regards to online privacy with a recent change to the privacy policy. Under the guise of providing more privacy control to the user, the social network has automatically opted-in its 100 million users into the social advertising program without informing them of the change beyond a blog post. When a LinkedIn user views a third-party advertisement on the social network, they will see user profile pictures and names of connections if that connection has recommended or followed a brand. Any time that a user follows a brand, they unwittingly become a cheerleader for the company or organization if it advertises through LinkedIn.
In order to opt out of social advertising, the LinkedIn user has to take four steps to escape third-party advertisements:
1.) Hover over the user name in the top right hand corner of any LinkedIn page and click ‘Settings’.
2.) On the Settings page, click ‘Account’.
3.) On the Account tab, click ‘Manage Social Advertising’.
4.) Uncheck the box next to “LinkedIn may use my name, photo in social advertising.” and click the save button.
To Continue Reading: Click Here
----------------------------------------------
Source: digitaltrends.com
By: Mike Flacy
In order to opt out of social advertising, the LinkedIn user has to take four steps to escape third-party advertisements:
1.) Hover over the user name in the top right hand corner of any LinkedIn page and click ‘Settings’.
2.) On the Settings page, click ‘Account’.
3.) On the Account tab, click ‘Manage Social Advertising’.
4.) Uncheck the box next to “LinkedIn may use my name, photo in social advertising.” and click the save button.
To Continue Reading: Click Here
----------------------------------------------
Source: digitaltrends.com
By: Mike Flacy
Wednesday, August 10, 2011
CFPB embraces social media but archiving Twitter, Facebook messages is challenge
The new Consumer Financial Protection Bureau is encouraging Americans to contact it through the agency’s Facebook page, YouTube channel and Flickr account. And on Twitter, the CFPB is already herding a conversation with consumers around its plan for a simple one-page mortgage summary, using the hashtag #KnowBeforeYouOwe.
But as the CFPB’s online strategy blazes new trails, it comes with significantly less sexy bureaucratic responsibilities such as how to protect and manage personal identifiable information that often accompanies consumers’ use of social media.
The agency recently launched the process to build a records system to manage all the information it gathers from its Twitter followers and Facebook friends. The CFPB Social Networks and Citizen Engagement System will store each consumer complaint or suggestion along with a consumer’s IP address, geographic location, birth date, business affiliation and other demographic information. The records may be disclosed, the CFPB said, if needed by Congressional offices, agency contractors, law enforcement authorities, or as part of court litigation.
A CFPB spokeswoman declined to comment.
"The use of social media will enable the [bureau] to interact with the public in effective and meaningful ways, encourage the wide sharing of consumer financial information and the strengthening of an online community of consumers, and ensure that critical information about the agency and key consumer finance issues is distributed," the CFPB said in the recent Federal Register notice.
To Continue Reading: Click Here
----------------------------------------------
Source: iwatchnews.org
By: Amy Biegelsen
But as the CFPB’s online strategy blazes new trails, it comes with significantly less sexy bureaucratic responsibilities such as how to protect and manage personal identifiable information that often accompanies consumers’ use of social media.
The agency recently launched the process to build a records system to manage all the information it gathers from its Twitter followers and Facebook friends. The CFPB Social Networks and Citizen Engagement System will store each consumer complaint or suggestion along with a consumer’s IP address, geographic location, birth date, business affiliation and other demographic information. The records may be disclosed, the CFPB said, if needed by Congressional offices, agency contractors, law enforcement authorities, or as part of court litigation.
A CFPB spokeswoman declined to comment.
"The use of social media will enable the [bureau] to interact with the public in effective and meaningful ways, encourage the wide sharing of consumer financial information and the strengthening of an online community of consumers, and ensure that critical information about the agency and key consumer finance issues is distributed," the CFPB said in the recent Federal Register notice.
To Continue Reading: Click Here
----------------------------------------------
Source: iwatchnews.org
By: Amy Biegelsen
What is document management in the cloud
Cloud based document management customers have complete organizational control over all their business files, email, and documents. They can get to everything to do with any client, case, patient, project or personal files instantly. They waste 0 minutes searching and hunting through cabinets or files or standing at copier or faxes. They work, share, and publish at any time, from anywhere with a browser and a connection. They know the business of their business is safe and secure.
They can do all this because cloud based document management companies let you decide how to catalog and share their files from any source; paper, digital, email, attachments, word processers, spreadsheets and on and on. Co-workers, partners, and teammates all know where everything is because their cloud portal should catalog and file everything the same way by everyone, everytime to keep them on the same page. Their work is safely locked away encrypted, secure and HIPAA compliant in the Cloud, available 24/7 from anywhere to those with the right credentials. No hunting through their own or others File and folder labyrinths. Cloud storage users aren't worried about restoring crashed drives and programs - their entire library is ready for business with a login name and password.
MARKET OPPORTUNITY:
They can do all this because cloud based document management companies let you decide how to catalog and share their files from any source; paper, digital, email, attachments, word processers, spreadsheets and on and on. Co-workers, partners, and teammates all know where everything is because their cloud portal should catalog and file everything the same way by everyone, everytime to keep them on the same page. Their work is safely locked away encrypted, secure and HIPAA compliant in the Cloud, available 24/7 from anywhere to those with the right credentials. No hunting through their own or others File and folder labyrinths. Cloud storage users aren't worried about restoring crashed drives and programs - their entire library is ready for business with a login name and password.
MARKET OPPORTUNITY:
Forrester believes that cloud computing is a sustainable, long-term IT paradigm, and the successor to previous mainframe, client/server, and network computing eras. Underpinned by both technology and economic disruptions, the cloud will fundamentally change the way technology providers engage with business customers and individual users.
To Continue Reading: Click Here
----------------------------------------------
Source: hostreview.com
By: Doug Thaler
To Continue Reading: Click Here
----------------------------------------------
Source: hostreview.com
By: Doug Thaler
Lawyers Struggle to Get a Grasp on E-Discovery
The e-discovery scales of justice are consistently tugged between ever-expanding forms of data on one hand and improving technology and know-how to manage that data on the other.
The question becomes how to bridge a gap that keeps getting wider and is compounded by the tension between the bench and bar's interest in broad discovery and a desperation to quell staggering e-discovery costs that threaten to overshadow the merits of litigation.
Attorneys have said e-discovery can eat up between 50 to 80 percent of a litigation budget. Even on the low end, that verges on the minnow that ate the whale.
There is no shortage of disagreements on both the problems and the possible solutions regarding e-discovery.
Some say recent amendments to the Federal Rules of Civil Procedure were a help, others say they don't go far enough. Some say the courts need to catch up to the times and get more involved in e-discovery disputes from the get go, while others say it will simply take time for case law to develop. Defense lawyers say plaintiffs use discovery as a bargaining chip to elicit settlements from large companies with lots of data. Plaintiffs lawyers say the justice system has long provided for open discovery.
What everyone seems to agree upon is that electronic discovery continues to be the tail that wags the dog in many cases, that these issues will only become more prevalent, that e-discovery is now a strategic aspect of litigation and that every litigator should have some degree of knowledge on the subject or at least know who to turn to when they don't know something.
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Gina Passerella
The question becomes how to bridge a gap that keeps getting wider and is compounded by the tension between the bench and bar's interest in broad discovery and a desperation to quell staggering e-discovery costs that threaten to overshadow the merits of litigation.
Attorneys have said e-discovery can eat up between 50 to 80 percent of a litigation budget. Even on the low end, that verges on the minnow that ate the whale.
There is no shortage of disagreements on both the problems and the possible solutions regarding e-discovery.
Some say recent amendments to the Federal Rules of Civil Procedure were a help, others say they don't go far enough. Some say the courts need to catch up to the times and get more involved in e-discovery disputes from the get go, while others say it will simply take time for case law to develop. Defense lawyers say plaintiffs use discovery as a bargaining chip to elicit settlements from large companies with lots of data. Plaintiffs lawyers say the justice system has long provided for open discovery.
What everyone seems to agree upon is that electronic discovery continues to be the tail that wags the dog in many cases, that these issues will only become more prevalent, that e-discovery is now a strategic aspect of litigation and that every litigator should have some degree of knowledge on the subject or at least know who to turn to when they don't know something.
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Gina Passerella
Tuesday, August 09, 2011
Do You Control Your E-Mail or Does It Control You?
Busy professionals have no trouble coming up with excuses -- reasons why they can't do marketing, don't have time for business development, and can't write or blog. Perhaps my favorite excuse is: "I don't even have time to answer all my e-mail -- how can I find time to do one more thing?"
I find this excuse humorous because of the extreme urgency it attached to answering every single e-mail. Many professionals have let their e-mail take control of their lives. This is not only irrational; it costs lawyers and their firms money.
Here are some ways to break out of this dilemma.
LESSONS FROM TIM FERRIS
Tim Ferris, author of "The Four-Hour Work Week," offers two solutions to this problem -- one quite extreme and another that is far more practical. First, whenever he goes on vacation, he sets up an auto-responder that basically says, "I'm out of the country for the next 30 days. Any e-mail you send me during this time will be deleted. If it is really important, please send me another e-mail upon my return."
Okay, so lawyers can't get away with talking to their clients that way. Tim's second solution involves what he calls "batching." Instead of checking your e-mail every 15 minutes, schedule a couple of times each day to catch up. It's far more efficient to block out an hour of time to check e-mails than to constantly interrupt your work.
To Continue Reading: Click Here
---------------------------------------------------
Source: Law.com
By: Adrian Dayton
Don't Confuse Oranges With Apples: E-Discovery on Macintosh Systems
Finding e-discovery fruit on Macintosh computers requires different tactics than harvesting Windows.
As if dealing with electronic data discovery in a predominately Microsoft Windows world is not difficult enough, Apple's Macintosh computer systems are increasingly finding their way into corporate environments and present unique discovery challenges. Lawyers who assume they can simply use a standard Windows discovery approach when dealing with Macs may be committing an error in logical reasoning — similar to comparing apples to oranges.
During the identification stage lawyers typically reach out to relevant custodians and the client's IT contacts to gain an understanding of key issues, and the systems and electronically stored information that may come into play.
At this stage, the litigation team is defining what data may be potentially responsive, where and how it is stored, and how it can be efficiently and effectively harvested — often with an eye toward review and production. Standard Windows practices at this stage may prove inadequate to handle the differences between the Microsoft and Apple operating systems.
To successfully handle Macs, lawyers need an understanding about the locations that are likely to contain potentially discoverable user data and the unique Mac features that may affect their discovery plan. Here are a few tips, but caveat: many apply only to recent Mac operating systems.
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Bobby Malhotra
As if dealing with electronic data discovery in a predominately Microsoft Windows world is not difficult enough, Apple's Macintosh computer systems are increasingly finding their way into corporate environments and present unique discovery challenges. Lawyers who assume they can simply use a standard Windows discovery approach when dealing with Macs may be committing an error in logical reasoning — similar to comparing apples to oranges.
During the identification stage lawyers typically reach out to relevant custodians and the client's IT contacts to gain an understanding of key issues, and the systems and electronically stored information that may come into play.
At this stage, the litigation team is defining what data may be potentially responsive, where and how it is stored, and how it can be efficiently and effectively harvested — often with an eye toward review and production. Standard Windows practices at this stage may prove inadequate to handle the differences between the Microsoft and Apple operating systems.
To successfully handle Macs, lawyers need an understanding about the locations that are likely to contain potentially discoverable user data and the unique Mac features that may affect their discovery plan. Here are a few tips, but caveat: many apply only to recent Mac operating systems.
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Bobby Malhotra
Cloud Computing: 4 Tips for Regulatory Compliance
Cloud computing makes it harder for enterprises to be sure they're complying with industry and government regulations. IT and legal experts offer CIOs advice on how to stay in compliance even when their applications reside in the cloud.
Cloud computing seems simple in concept, and indeed, simplicity of operation, deployment and licensing are its most appealing assets. But when it comes to questions of compliance, once you scratch the surface you'll find more questions than you asked in the first place, and more to think about than ever before.
Compliance covers a lot of ground, from government regulations such as Sarbanes-Oxley and the European Union Data Protection Act, to industry regulations such as PCI DSS for payment cards and HIPAA for health data. You may have internal controls in place, but moving to a public-cloud infrastructure platform, a cloud-based application suite or something in between will mean giving up some controls to the cloud vendor.
That's a position many auditors—and CIOs and CEOs—find themselves in today. They want to know how to leap into cloud computing in a way that preserves their good standing in regulatory compliance. Here are four tips for keeping tabs on compliance in the cloud, from analysts, vendors and consultants.
1. Be aware of new challenges the cloud may add to your IT workload.
When you evaluate cloud vendors, start by looking for sound practices and strategies for user identity and access management, data protection and incident response. These are baseline compliance requirements. Then, as you map specific compliance requirements to your prospective cloud vendor's controls, you'll likely face some cloud-specific challenges.
Data location is one. The EU Data Protection Act, for example, strives to keep personal information within the European Union. To comply, your cloud vendor should keep your European customer data on servers located in Europe.
To Continue Reading: Click Here
----------------------------------------------
Source: cio.com
By: Jim Buchanan
Cloud computing seems simple in concept, and indeed, simplicity of operation, deployment and licensing are its most appealing assets. But when it comes to questions of compliance, once you scratch the surface you'll find more questions than you asked in the first place, and more to think about than ever before.
Compliance covers a lot of ground, from government regulations such as Sarbanes-Oxley and the European Union Data Protection Act, to industry regulations such as PCI DSS for payment cards and HIPAA for health data. You may have internal controls in place, but moving to a public-cloud infrastructure platform, a cloud-based application suite or something in between will mean giving up some controls to the cloud vendor.
That's a position many auditors—and CIOs and CEOs—find themselves in today. They want to know how to leap into cloud computing in a way that preserves their good standing in regulatory compliance. Here are four tips for keeping tabs on compliance in the cloud, from analysts, vendors and consultants.
1. Be aware of new challenges the cloud may add to your IT workload.
When you evaluate cloud vendors, start by looking for sound practices and strategies for user identity and access management, data protection and incident response. These are baseline compliance requirements. Then, as you map specific compliance requirements to your prospective cloud vendor's controls, you'll likely face some cloud-specific challenges.
Data location is one. The EU Data Protection Act, for example, strives to keep personal information within the European Union. To comply, your cloud vendor should keep your European customer data on servers located in Europe.
To Continue Reading: Click Here
----------------------------------------------
Source: cio.com
By: Jim Buchanan
Gartner: Enterprises Must Revise Privacy Policies
Privacy policies need revamping for cloud, location-based services, security breaches and new regulations
As a result of recent high-profile data breaches and various changes in technology, organisations are expected to revise privacy policies by the end of next year, Gartner researchers predict.
As cloud computing and location-based services proliferate, organisations are grappling with the privacy implications of having data reside outside corporate control, Gartner said in a report released on 8 August.
Privacy ‘chronically underfunded’
The steady string of data breaches that have hit practically every industry sector and organisations of all sizes, and changes in compliance regulations will also force organisations to review and revise their current privacy policies before the end of 2012, Gartner analysts said.
New threats to personal data and privacy emerged in 2010, but budgets for implementing privacy protection remained low, wrote Carsten Casper, research director at Gartner. Casper expects the budget crisis to continue throughout 2011 and 2012, with privacy programmes “chronically underfunded”.
More than half of companies will tweak the policies they already have to bring them up-to-date with new technologies and computing models, Gartner said. Data breaches ranked high on the priority list because they affect so many aspects of the business. But preparing for and following up on breaches was “straightforward”, and privacy officials should not be spending more than 10 percent of their time dealing with data breaches, according to Gartner.
“Most controls exist anyway if security management is working properly,” according to Gartner.
To Continue Reading: Click Here
----------------------------------------------
Source: eweekeurope.co.uk
By: Fahmida Y Rashid
As a result of recent high-profile data breaches and various changes in technology, organisations are expected to revise privacy policies by the end of next year, Gartner researchers predict.
As cloud computing and location-based services proliferate, organisations are grappling with the privacy implications of having data reside outside corporate control, Gartner said in a report released on 8 August.
Privacy ‘chronically underfunded’
The steady string of data breaches that have hit practically every industry sector and organisations of all sizes, and changes in compliance regulations will also force organisations to review and revise their current privacy policies before the end of 2012, Gartner analysts said.
New threats to personal data and privacy emerged in 2010, but budgets for implementing privacy protection remained low, wrote Carsten Casper, research director at Gartner. Casper expects the budget crisis to continue throughout 2011 and 2012, with privacy programmes “chronically underfunded”.
More than half of companies will tweak the policies they already have to bring them up-to-date with new technologies and computing models, Gartner said. Data breaches ranked high on the priority list because they affect so many aspects of the business. But preparing for and following up on breaches was “straightforward”, and privacy officials should not be spending more than 10 percent of their time dealing with data breaches, according to Gartner.
“Most controls exist anyway if security management is working properly,” according to Gartner.
To Continue Reading: Click Here
----------------------------------------------
Source: eweekeurope.co.uk
By: Fahmida Y Rashid
Monday, August 08, 2011
Robot Review
Will predictive coding win the trust of the courts?
In February, Above the Law declared predictive coding its "legal technology buzzword of 2011." More recently, as covered on EDD Update, the buzz became a deafening roar as one e-discovery provider, Recommind, announced a patent for its "predictive coding" technology. Understandably, other providers offering what they believed to be "predictive coding" tools were quite miffed and the notion of patenting predictive coding remains hotly debated.
Let's take a deeper dive into what "predictive coding" really means, explore some of its purported benefits, and delve into the biggest question for many practitioners and litigants: Is it reasonable and therefore defensible to use?
We'll start with what predictive coding is not. It is not the previously accepted paradigm of "linear" document review, which involves human reviewers manually reviewing and coding documents that might have been subject to some simple applications of limiting and organizing factors, such as custodian, date ranges and keyword terms. These reviewers are the legions of lawyers referenced by John Markoff in The New York Times' report, "Armies of Expensive Lawyers, Replaced by Cheaper Software," 03/04/11.
While linear review might offer value in matters with small amounts of electronically stored information (ESI) — or other concerns that necessitate human eyes on every page — it can become unwieldy when facing huge volumes of data. Within the Electronic Discovery Reference Model (edrm.net) life cycle, document review is widely-believed to be the most costly component, because cases now can involve terabytes of data. If document reviewers analyze every document, page by page, with reviewers charging by the hour, that generates quite a bill.
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Farrah Pepper
In February, Above the Law declared predictive coding its "legal technology buzzword of 2011." More recently, as covered on EDD Update, the buzz became a deafening roar as one e-discovery provider, Recommind, announced a patent for its "predictive coding" technology. Understandably, other providers offering what they believed to be "predictive coding" tools were quite miffed and the notion of patenting predictive coding remains hotly debated.
Let's take a deeper dive into what "predictive coding" really means, explore some of its purported benefits, and delve into the biggest question for many practitioners and litigants: Is it reasonable and therefore defensible to use?
We'll start with what predictive coding is not. It is not the previously accepted paradigm of "linear" document review, which involves human reviewers manually reviewing and coding documents that might have been subject to some simple applications of limiting and organizing factors, such as custodian, date ranges and keyword terms. These reviewers are the legions of lawyers referenced by John Markoff in The New York Times' report, "Armies of Expensive Lawyers, Replaced by Cheaper Software," 03/04/11.
While linear review might offer value in matters with small amounts of electronically stored information (ESI) — or other concerns that necessitate human eyes on every page — it can become unwieldy when facing huge volumes of data. Within the Electronic Discovery Reference Model (edrm.net) life cycle, document review is widely-believed to be the most costly component, because cases now can involve terabytes of data. If document reviewers analyze every document, page by page, with reviewers charging by the hour, that generates quite a bill.
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Farrah Pepper
Facebook’s Smoking Gun in the Ceglia Case? The Authentic Contract
On Friday, Facebook’s lawyers made news when they told a court hearing a lawsuit brought by the alleged initial investor in Facebook, Paul Ceglia, that they’d found the “smoking gun” proving the alleged investment contract was a fraud.
But the document filed to the court that contained the “smoking gun” allegations didn’t specify what the smoking gun was.
The answer?
Facebook says they’ve found the “authentic contract” between Ceglia and Zuckerberg. Facebook is also charging that Ceglia, who they say is now living in Ireland, is holding back electronic storage devices he intentionally tried to hide from them.
Both parties agree that in 2003 Ceglia hired Zuckerberg, then a Harvard undergrad, to do work for his StreetFax company. But Ceglia filed suit in 2010, saying the contract also included $1,000 initial funding for Facebook, and that he’s entitled to more than half of the social networking giant.
Facebook argues the contract Ceglia produced electronically is a forgery and that Ceglia is a known con artist.
And now Facebook says that in the course of discovery — where Ceglia’s lawyers turned over to Facebook a number of computers and hard drives — that it has found the original “authentic contract” and proof that there are other “storage devices” that Ceglia is intentionally hiding from them in violation of a court order.
To Continue Reading: Click Here
----------------------------------------------
Source: wired.com
By: Ryan Singel
But the document filed to the court that contained the “smoking gun” allegations didn’t specify what the smoking gun was.
The answer?
Facebook says they’ve found the “authentic contract” between Ceglia and Zuckerberg. Facebook is also charging that Ceglia, who they say is now living in Ireland, is holding back electronic storage devices he intentionally tried to hide from them.
Both parties agree that in 2003 Ceglia hired Zuckerberg, then a Harvard undergrad, to do work for his StreetFax company. But Ceglia filed suit in 2010, saying the contract also included $1,000 initial funding for Facebook, and that he’s entitled to more than half of the social networking giant.
Facebook argues the contract Ceglia produced electronically is a forgery and that Ceglia is a known con artist.
And now Facebook says that in the course of discovery — where Ceglia’s lawyers turned over to Facebook a number of computers and hard drives — that it has found the original “authentic contract” and proof that there are other “storage devices” that Ceglia is intentionally hiding from them in violation of a court order.
To Continue Reading: Click Here
----------------------------------------------
Source: wired.com
By: Ryan Singel
Saturday, August 06, 2011
Security and Privacy Standards for Cloud Services
New computer and network services provided by web-based applications, cloud computing, and mobile computing platforms can reduce computing costs and provide lawyers with the resources to accomplish their clients' missions without straying far from their core competencies. To fully embrace these new technologies, service providers need to maintain information security and ensure lawyers that when they transmit and store information in the cloud, it is not for all the world to see.
For service providers to achieve and maintain information security sufficient to safeguard firm and client information, providers should adhere to appropriate standards and policies, even applicable legislation, and implement technical security controls that comply with the requirements that correspond to their customers' needs. Although there are numerous standards bearers that include international, federal, and state organizations, one to which I pay particular attention is the National Institute of Standards and Technology Information Technology Laboratory (NIST) and their 800 series Special Publications.
NIST 800 series publications present documents of interest to the computer security community. And what interests the security community should interest the legal community because lawyers are both consumers and providers of technology. Lawyers as a group are consumers like any other professional service or industry, but they are also providers in the sense that they provide electronic services such as e-discovery, electronic filing, and secure electronic communications for clients that at times must be performed in confidence and at all times with competence.
Recently, NIST published their Draft Cloud Computing Synopsis and Recommendations (May 12, 2011). It is a must-read for anyone contemplating cloud computing, or as attorney Craig Ball laid it out, contemplating "three on-demand service models delivered via a network."
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Sean Doherty
For service providers to achieve and maintain information security sufficient to safeguard firm and client information, providers should adhere to appropriate standards and policies, even applicable legislation, and implement technical security controls that comply with the requirements that correspond to their customers' needs. Although there are numerous standards bearers that include international, federal, and state organizations, one to which I pay particular attention is the National Institute of Standards and Technology Information Technology Laboratory (NIST) and their 800 series Special Publications.
NIST 800 series publications present documents of interest to the computer security community. And what interests the security community should interest the legal community because lawyers are both consumers and providers of technology. Lawyers as a group are consumers like any other professional service or industry, but they are also providers in the sense that they provide electronic services such as e-discovery, electronic filing, and secure electronic communications for clients that at times must be performed in confidence and at all times with competence.
Recently, NIST published their Draft Cloud Computing Synopsis and Recommendations (May 12, 2011). It is a must-read for anyone contemplating cloud computing, or as attorney Craig Ball laid it out, contemplating "three on-demand service models delivered via a network."
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Sean Doherty
Friday, August 05, 2011
Data Sovereignty in the cloud
There’s no doubt that cloud computing can offer significant advantages for many businesses. The ability to access an extensible, flexible infrastructure without the overhead associated of of the typical DIY approach can deliver substantial cost and operational benefits to many businesses. However, many industries, either through law or by preference, can’t use offshore cloud providers.
A recent study by Gartner says that “public cloud computing solutions are being driven predominately by U.S.-based suppliers and are being delivered through data centers being built in the U.S. Therefore, although the dynamics driving the demand for public cloud computing are largely consistent, there is a significant difference in its supply dynamics. This has created anxiety for non-U.S. enterprise IT organizations, because the location of data creates a new set of risk management contingencies.”
That challenge is one that is now being faced by many companies and it can have significant legal implications. In Singapore Monetary Authority of Singapore can jail or fine companies that don’t carry out appropriate due diligence. The Australian Prudential Regulatory Authority (APRA) has written an open letter to financial bodies advising executives to evaluate cloud computing as a new form of outsourcing or offshoring that requires APRA's approval. The European Union has issued a directive stating that that the transfer of personal data outside the EU can only be done where the country in question provides an adequate level of protection.
To Continue Reading: Click Here
----------------------------------------------
Source: searchcio.techtarget.com.au
By: Anthony Caruana
A recent study by Gartner says that “public cloud computing solutions are being driven predominately by U.S.-based suppliers and are being delivered through data centers being built in the U.S. Therefore, although the dynamics driving the demand for public cloud computing are largely consistent, there is a significant difference in its supply dynamics. This has created anxiety for non-U.S. enterprise IT organizations, because the location of data creates a new set of risk management contingencies.”
That challenge is one that is now being faced by many companies and it can have significant legal implications. In Singapore Monetary Authority of Singapore can jail or fine companies that don’t carry out appropriate due diligence. The Australian Prudential Regulatory Authority (APRA) has written an open letter to financial bodies advising executives to evaluate cloud computing as a new form of outsourcing or offshoring that requires APRA's approval. The European Union has issued a directive stating that that the transfer of personal data outside the EU can only be done where the country in question provides an adequate level of protection.
To Continue Reading: Click Here
----------------------------------------------
Source: searchcio.techtarget.com.au
By: Anthony Caruana
Missing USB drive, found in pub, contained unencrypted data
Two London housing groups have been forced to issue public undertakings to improve their security after a USB stick containing thousands of their tenants’ details was found in a pub.
The Information Commissioners Office (ICO) was alerted to the missing USB drive, which contained unencrypted data, after it was found by a member of the public and handed in to the police.
According to the ICO, the device belonged to a contractor who was employed by both the Wandle Housing Association and Lewisham Homes. The worker had copied details of over 25,000 Lewisham and Wandle tenants. Nearly 800 of the records belonging to Lewisham Homes also contained tenants’ bank account details.
Neither of the housing groups has been fined, but both Wandle and Lewisham have signed undertakings with the ICO to make specific improvements to the way they implement and enforce security policy.
In the case of Lewisham, Chief Executive Andrew Potter admitted the contractor had copied the data to his device due to problems encountered backing up work on the data controller’s network. He also admitted there had been no effective measures in place to prevent the use of personal or unencrypted USB devices on the data controller’s systems, and there was no provision for training contract workers in the data controller’s policies on data protection.
To Continue Reading: Click Here
----------------------------------------------
Source: searchsecurity.techtarget.co.uk
By: Ron Condon
The Information Commissioners Office (ICO) was alerted to the missing USB drive, which contained unencrypted data, after it was found by a member of the public and handed in to the police.
According to the ICO, the device belonged to a contractor who was employed by both the Wandle Housing Association and Lewisham Homes. The worker had copied details of over 25,000 Lewisham and Wandle tenants. Nearly 800 of the records belonging to Lewisham Homes also contained tenants’ bank account details.
Neither of the housing groups has been fined, but both Wandle and Lewisham have signed undertakings with the ICO to make specific improvements to the way they implement and enforce security policy.
In the case of Lewisham, Chief Executive Andrew Potter admitted the contractor had copied the data to his device due to problems encountered backing up work on the data controller’s network. He also admitted there had been no effective measures in place to prevent the use of personal or unencrypted USB devices on the data controller’s systems, and there was no provision for training contract workers in the data controller’s policies on data protection.
To Continue Reading: Click Here
----------------------------------------------
Source: searchsecurity.techtarget.co.uk
By: Ron Condon
Thursday, August 04, 2011
Ethical Bounds of Using Evidence From Social Networks
Millions of people every day post their thoughts, concerns, and day-to-day experiences on Facebook, MySpace, Twitter, and other social networking sites.[FOOTNOTE 1] The contents of these sites have become a potentially invaluable source of information for attorneys preparing for litigation.
Divorce attorneys, for instance, routinely scour an adversary's Facebook page for evidence of infidelity.[FOOTNOTE 2] In criminal cases, it is common for prosecutors to obtain and exploit incriminating evidence obtained from a defendant's social networking account.[FOOTNOTE 3] And attorneys defending personal injury actions may find helpful impeaching evidence on a plaintiff's Facebook page.[FOOTNOTE 4]
Indeed, there are an infinite number of contexts within which information posted on social networking sites may be relevant to litigation. With the growing use of social networking sites, lawyers need to be aware of the ethical issues such evidence presents.
Three recent ethics opinions have begun to define the ethical bounds within which New York lawyers may exploit information on social networking sites.
The most recent of these addresses the ethical limits within which lawyers may monitor jurors' social networking accounts during trial.[FOOTNOTE 5] The other two, addressing the propriety of accessing social networking sites[FOOTNOTE 6] and "friending" witnesses,[FOOTNOTE 7] respectively, were previously discussed in Mark Berman's article appearing in the Nov. 2, 2010, issue of this publication.[FOOTNOTE 8]
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: H. Christopher Boehning and Daniel J. Toal
Divorce attorneys, for instance, routinely scour an adversary's Facebook page for evidence of infidelity.[FOOTNOTE 2] In criminal cases, it is common for prosecutors to obtain and exploit incriminating evidence obtained from a defendant's social networking account.[FOOTNOTE 3] And attorneys defending personal injury actions may find helpful impeaching evidence on a plaintiff's Facebook page.[FOOTNOTE 4]
Indeed, there are an infinite number of contexts within which information posted on social networking sites may be relevant to litigation. With the growing use of social networking sites, lawyers need to be aware of the ethical issues such evidence presents.
Three recent ethics opinions have begun to define the ethical bounds within which New York lawyers may exploit information on social networking sites.
The most recent of these addresses the ethical limits within which lawyers may monitor jurors' social networking accounts during trial.[FOOTNOTE 5] The other two, addressing the propriety of accessing social networking sites[FOOTNOTE 6] and "friending" witnesses,[FOOTNOTE 7] respectively, were previously discussed in Mark Berman's article appearing in the Nov. 2, 2010, issue of this publication.[FOOTNOTE 8]
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: H. Christopher Boehning and Daniel J. Toal
Lesson From The News Of The World Scandal: Data Is Forever
Here are three lessons from The News of the World scandal: one, we are all data-makers tapping away on data collecting devices; two, you can expunge the data-maker and devices, but never the data. And three, data may age, but does not go away.
When you deploy a company-issued computer, the employee effectively becomes a corporate data-maker by immediately generating communications which are instantly distributed through email. For all organizations, this vast and exponentially increasing data is evidence–and for an organization like The News of the World, this data suddenly turns into evidence in a global scandal.
The News of the World tried to rid itself of the data maker, news editor Ian Edmondson, and his device by recycling his PC, hence deleting any potential evidence.
Or so they thought.
The Problem
Corporate data is not fragile. Deleting an email, shredding a hard drive, even decommissioning an entire email server does not purge corporate data. As quickly as employees create content, corporate technology teams are making copies – for disaster recovery, for instance. If an organization is faced with a disaster such as a flood or a fire, these copies can quickly be restored and the business will not miss a beat.
Organizations that claim that the data has been purged don’t realize that what they purged was only one of the copies and that many, many others exist. Redundancy is at the core of these disaster recovery procedures deployed by the technology teams in every public corporation. It is a process that runs every day and will make a copy of every new file and email created by every employee: If something happens to your PC, all data can easily be restored.
To Continue Reading: Click Here
----------------------------------------------
Source: blogs.forbes.com
By: Eric Savitz & Jim McGann
When you deploy a company-issued computer, the employee effectively becomes a corporate data-maker by immediately generating communications which are instantly distributed through email. For all organizations, this vast and exponentially increasing data is evidence–and for an organization like The News of the World, this data suddenly turns into evidence in a global scandal.
The News of the World tried to rid itself of the data maker, news editor Ian Edmondson, and his device by recycling his PC, hence deleting any potential evidence.
Or so they thought.
The Problem
Corporate data is not fragile. Deleting an email, shredding a hard drive, even decommissioning an entire email server does not purge corporate data. As quickly as employees create content, corporate technology teams are making copies – for disaster recovery, for instance. If an organization is faced with a disaster such as a flood or a fire, these copies can quickly be restored and the business will not miss a beat.
Organizations that claim that the data has been purged don’t realize that what they purged was only one of the copies and that many, many others exist. Redundancy is at the core of these disaster recovery procedures deployed by the technology teams in every public corporation. It is a process that runs every day and will make a copy of every new file and email created by every employee: If something happens to your PC, all data can easily be restored.
To Continue Reading: Click Here
----------------------------------------------
Source: blogs.forbes.com
By: Eric Savitz & Jim McGann
4 Things To Consider In Cloud Contracts
SMBs need to consider things like service availability, service level, and data security when reviewing a cloud contract, says an attorney with IT and outsourcing expertise.
If you read your cloud vendor contracts the same way you pore over, say, software licensing deals, you might make a huge mistake.
That's the overarching thing businesses need to bear in mind when signing on with cloud computing vendors, according to Matthew A. Karlyn, a partner at Foley & Lardner. Karlyn's legal work focuses on IT, outsourcing, privacy, security, and information management matters. He notes that traditional contracts for on-premises technology simply don't address the same needs and risks inherent in infrastructure and applications hosted by an offsite vendor. Karlyn said he fields at least a couple calls a week from clients with cloud access, security, or other issues where they believe the vendor is at fault.
"It happens all the time, and the first place we always turn is to the contract," Karlyn said.
Small and midsize businesses are reviewing and signing plenty of those contracts in 2011: $11 billion worth worldwide, according to a current Techaisle estimate. Certainly, consult with your own legal counsel on contract matters. But it's a good idea to have in-house knowledge, too--it can help you develop a sharper vendor selection process, ease fears around moving to the cloud, and ensure productive outcomes from doing so.
To Continue Reading: Click Here
----------------------------------------------
Source: informationweek.com
By: Kevin Casey
If you read your cloud vendor contracts the same way you pore over, say, software licensing deals, you might make a huge mistake.
That's the overarching thing businesses need to bear in mind when signing on with cloud computing vendors, according to Matthew A. Karlyn, a partner at Foley & Lardner. Karlyn's legal work focuses on IT, outsourcing, privacy, security, and information management matters. He notes that traditional contracts for on-premises technology simply don't address the same needs and risks inherent in infrastructure and applications hosted by an offsite vendor. Karlyn said he fields at least a couple calls a week from clients with cloud access, security, or other issues where they believe the vendor is at fault.
"It happens all the time, and the first place we always turn is to the contract," Karlyn said.
Small and midsize businesses are reviewing and signing plenty of those contracts in 2011: $11 billion worth worldwide, according to a current Techaisle estimate. Certainly, consult with your own legal counsel on contract matters. But it's a good idea to have in-house knowledge, too--it can help you develop a sharper vendor selection process, ease fears around moving to the cloud, and ensure productive outcomes from doing so.
To Continue Reading: Click Here
----------------------------------------------
Source: informationweek.com
By: Kevin Casey
E-Discovery Drives $576K Costs Levied on Plaintiffs
For plaintiffs, the cost of losing a case is skyrocketing in antitrust and other complex, document-intensive litigation now that the federal courts are routinely approving hefty bills for e-discovery services in the standard taxation of costs.
Illustrating that trend is the recent decision by the clerk in the U.S. District Court for the Eastern District of Pennsylvania to tax costs of more than $576,000 against the losing plaintiffs in In re Aspartame Antitrust Litigation.
Lawyers for the plaintiffs complained in a lengthy brief that the bills of costs were "nothing short of astronomical."
Attorneys Dianne M. Nast and Erin C. Burns of Roda Nast in Lancaster argued that the defense team was "apparently under the mistaken impression that plaintiffs are obligated to reimburse defendants for the entire cost of their document management and production protocols."
Nast and Burns led a team of plaintiffs lawyers who accused the three top manufacturers of aspartame of engaging in a price-fixing scheme.
But the trial judge ultimately dismissed the case after finding that the named plaintiffs' claims were time-barred and could not be salvaged on a theory of fraudulent concealment. The 3rd U.S. Circuit Court of Appeals upheld the dismissal in January 2011.
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Shannon P. Duffy
Illustrating that trend is the recent decision by the clerk in the U.S. District Court for the Eastern District of Pennsylvania to tax costs of more than $576,000 against the losing plaintiffs in In re Aspartame Antitrust Litigation.
Lawyers for the plaintiffs complained in a lengthy brief that the bills of costs were "nothing short of astronomical."
Attorneys Dianne M. Nast and Erin C. Burns of Roda Nast in Lancaster argued that the defense team was "apparently under the mistaken impression that plaintiffs are obligated to reimburse defendants for the entire cost of their document management and production protocols."
Nast and Burns led a team of plaintiffs lawyers who accused the three top manufacturers of aspartame of engaging in a price-fixing scheme.
But the trial judge ultimately dismissed the case after finding that the named plaintiffs' claims were time-barred and could not be salvaged on a theory of fraudulent concealment. The 3rd U.S. Circuit Court of Appeals upheld the dismissal in January 2011.
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Shannon P. Duffy
Wednesday, August 03, 2011
Google+: 5 Legal Issues for Businesses
As Google+ attracts more users, businesses need to be wary of its implications within the enterprise. Here are five tips from a legal expert to help your company navigate the new Google+ waters.
As Google+ grows in popularity—now with more than 20 million users—the new social network is triggering a number of questions with legal implications from businesses about potential policy changes, data retention issues and more, according to Joshua Kubicki, senior director of legal and corporate practices at Applied Discovery, an e-discovery provider that works with corporations preparing for and responding to legal actions.
"Google+ changes things by expanding things," Kubicki says. "This isn't just another platform, it's Google's platform, which brings up a lot of issues surrounding privacy like what information Google collects and how they use that information, which isn't necessarily a bad thing. Consumers are constantly trading off privacy to gain products, innovations and services."
To prepare for the potential surge in Google+ interest, Kubicki offers five recommendations that businesses should consider when allowing employees access to Google+ from within the enterprise and on enterprise-issued devices.
1. Include Google+ in Your Social Media Policy
Social media policies and acceptable-use policies are important to businesses for a number of reasons, including ensuring that employees understand which behaviors are and are not appropriate, as well as potential consequences.
To Continue Reading: Click Here
----------------------------------------------
Source: cio.com
By: Kristin Burnham
As Google+ grows in popularity—now with more than 20 million users—the new social network is triggering a number of questions with legal implications from businesses about potential policy changes, data retention issues and more, according to Joshua Kubicki, senior director of legal and corporate practices at Applied Discovery, an e-discovery provider that works with corporations preparing for and responding to legal actions.
"Google+ changes things by expanding things," Kubicki says. "This isn't just another platform, it's Google's platform, which brings up a lot of issues surrounding privacy like what information Google collects and how they use that information, which isn't necessarily a bad thing. Consumers are constantly trading off privacy to gain products, innovations and services."
To prepare for the potential surge in Google+ interest, Kubicki offers five recommendations that businesses should consider when allowing employees access to Google+ from within the enterprise and on enterprise-issued devices.
1. Include Google+ in Your Social Media Policy
Social media policies and acceptable-use policies are important to businesses for a number of reasons, including ensuring that employees understand which behaviors are and are not appropriate, as well as potential consequences.
To Continue Reading: Click Here
----------------------------------------------
Source: cio.com
By: Kristin Burnham
Twitter, Facebook, and the peril of e-discovery
It's been more than 15 years since e-mail began to enliven (or blight, depending on your perspective) the discovery process. By now-despite some notable fiascos (see, for instance, here and here)--we've got well-established case law to guide lawyers and their clients in e-mail production. Too bad that's yesterday's means of communication. Today it's all about Twitter, Facebook, and Google +1, whatever that is. So to celebrate establishing a Twitter account for On the Case (@AlisonFrankel), I figured I'd look at the e-discovery frontier of social media.
The news isn't very good. What little consideration the courts have given to social media discovery has been in the context of postings by individuals, not corporations. And all signals indicate that social media data is broadly discoverable. As Gibson, Dunn & Crutcher explains in its just-published e-discovery report, courts continue to find that when you post to Facebook, Twitter, or their equivalents, you give up the expectation of privacy, even if you've sent private messages or set up restrictions on who can see your profile. Judges are increasingly likely to order litigants to provide access to their social media accounts and to preserve their posts. In May, for instance, a Pennsylvania state court judge ruled that a personal injury plaintiff had to turn over even his private Facebook posts to the defense.
To Continue Reading: Click Here
----------------------------------------------
Source: Thomson Reuters
By: Alison Frankel
The news isn't very good. What little consideration the courts have given to social media discovery has been in the context of postings by individuals, not corporations. And all signals indicate that social media data is broadly discoverable. As Gibson, Dunn & Crutcher explains in its just-published e-discovery report, courts continue to find that when you post to Facebook, Twitter, or their equivalents, you give up the expectation of privacy, even if you've sent private messages or set up restrictions on who can see your profile. Judges are increasingly likely to order litigants to provide access to their social media accounts and to preserve their posts. In May, for instance, a Pennsylvania state court judge ruled that a personal injury plaintiff had to turn over even his private Facebook posts to the defense.
To Continue Reading: Click Here
----------------------------------------------
Source: Thomson Reuters
By: Alison Frankel
Monday, August 01, 2011
E-Discovery Process, Policy More Important Than Tools
With the maturing of the e-Discovery marketplace, it can be easy — too easy — to think that it's all just a matter of using the right tool. But as with most business processes, and particularly with e-Discovery, it's a matter of policy and process as well.
E-Discovery Becoming Big Business
With events occurring this year such as the first Gartner e-Discovery Magic Quadrant and Symantec's acquisition of Clearwell Systems, it's obvious that the e-Discovery tools business has hit the big time. No longer does it seem solely the purview of wizened gnomes in basements meticulously poring through scanned documents like the Gringotts Wizarding Bank in the Harry Potter movies, but now something that could be done swiftly and automatically by machines.
To Continue Reading: Click Here
----------------------------------------------
Source: cmswire.com
By: Sharon Fisher
E-Discovery Becoming Big Business
With events occurring this year such as the first Gartner e-Discovery Magic Quadrant and Symantec's acquisition of Clearwell Systems, it's obvious that the e-Discovery tools business has hit the big time. No longer does it seem solely the purview of wizened gnomes in basements meticulously poring through scanned documents like the Gringotts Wizarding Bank in the Harry Potter movies, but now something that could be done swiftly and automatically by machines.
No less an authority than John Markoff of the New York Times wrote earlier this year about how "armies" of attorneys were being replaced by software, which was not only faster but more accurate:
The computers seem to be good at their new jobs. Mr. Herr, the former chemical company lawyer, used e-Discovery software to reanalyze work his company’s lawyers did in the 1980s and ’90s. His human colleagues had been only 60% accurate, he found."
To Continue Reading: Click Here
----------------------------------------------
Source: cmswire.com
By: Sharon Fisher
Knowledge management know-how
Knowledge is the secret sauce that keeps clients coming back to you. You ought to bottle it.
But first, you have to know what you want to bottle, and why. Ted Tjaden, McMillan LLP’s national director of knowledge management, sought to help people understand the what and why in a 2009 paper entitled “The Seven Faces of Legal Knowledge Management.”
Here’s Tjaden’s list of the what:
1. Document/records management
2. Precedent development
3. Legal research/intranet content delivery
4. Professional development / training
5. Litigation support
6. Practice management
7. Client-facing initiatives/alternative fee billing
But first, you have to know what you want to bottle, and why. Ted Tjaden, McMillan LLP’s national director of knowledge management, sought to help people understand the what and why in a 2009 paper entitled “The Seven Faces of Legal Knowledge Management.”
Here’s Tjaden’s list of the what:
1. Document/records management
2. Precedent development
3. Legal research/intranet content delivery
4. Professional development / training
5. Litigation support
6. Practice management
7. Client-facing initiatives/alternative fee billing
And here’s the why: “In simple terms, knowledge management (KM)… is about working smarter, leveraging the collective wisdom of the firm or department, and not reinventing the wheel.”
Care to explore more what and why, with a dash of how thrown in? Read on.
KM best practices
KM exists because it helps businesses improve the bottom line. Consider some of the following best practices for your law firm.
Encourage information sharing
Nurture a firm culture that encourages stars to share their secret sauce with colleagues, thus raising everybody’s game.
Sharing can also happen outside the firm. Tjaden regularly meets with fellow knowledge management professionals from other law firms to share insights.
To Continue Reading: Click Here
----------------------------------------------
Source: lawyersweekly.ca
By: Luigi Benetton
Care to explore more what and why, with a dash of how thrown in? Read on.
KM best practices
KM exists because it helps businesses improve the bottom line. Consider some of the following best practices for your law firm.
Encourage information sharing
Nurture a firm culture that encourages stars to share their secret sauce with colleagues, thus raising everybody’s game.
Sharing can also happen outside the firm. Tjaden regularly meets with fellow knowledge management professionals from other law firms to share insights.
To Continue Reading: Click Here
----------------------------------------------
Source: lawyersweekly.ca
By: Luigi Benetton
The Brave New World Of Predictive Coding
The Editor interviews Alitia Faccone , Partner in the Business and Financial Services group of McCarter & English, LLP.
Editor: In its July interview, Recommind states that it has developed patented technology that achieves high levels of savings in e-discovery and in other applications. What are your general reactions?
Faccone: The development of a program such as Recommind's is extremely important, but it does not represent a complete sea change. Emerging technologies such as concept clustering and predictive coding are not entirely new to the marketplace, and have long been in development and increasing use. What is exciting is the increased levels of awareness and acceptance of these tools. Predictive coding represents a major step forward in streamlining the e-discovery process, but the software must "learn" the coding from an initial round of manual attorney coding. Recommind's technology, and tools like it, present real opportunities for efficiency and cost savings, but clients must recognize that as a result of document review, production has not been reduced to simply hitting a switch. Any document review tool is just that: an implement that is only as effective as the attorneys who use it. Moreover, attorneys must continue to oversee the coding process by conducting quality control checks and adjusting the coding for any errors. In that sense, it is much like the initial transition from paper-based to computer-based document review.
Editor: What implications do that and similar approaches have on the need to address ESI issues in the FRCP?
Faccone: Rule changes should only be made after a thorough, deliberative and analytical process. For example, the Advisory Committee on Civil Rules is currently considering whether rule changes to address preservation and related sanctions issues for a failure to preserve are viable and desirable. But even these deliberations have come after much dialogue by leading practitioners and courts who have been considering the issue for some time, such as at last year's Duke Conference on Civil Procedure and eDiscovery.
To Continue Reading: Click Here
----------------------------------------------
Source: metrocorpcounsel.com
Editor: In its July interview, Recommind states that it has developed patented technology that achieves high levels of savings in e-discovery and in other applications. What are your general reactions?
Faccone: The development of a program such as Recommind's is extremely important, but it does not represent a complete sea change. Emerging technologies such as concept clustering and predictive coding are not entirely new to the marketplace, and have long been in development and increasing use. What is exciting is the increased levels of awareness and acceptance of these tools. Predictive coding represents a major step forward in streamlining the e-discovery process, but the software must "learn" the coding from an initial round of manual attorney coding. Recommind's technology, and tools like it, present real opportunities for efficiency and cost savings, but clients must recognize that as a result of document review, production has not been reduced to simply hitting a switch. Any document review tool is just that: an implement that is only as effective as the attorneys who use it. Moreover, attorneys must continue to oversee the coding process by conducting quality control checks and adjusting the coding for any errors. In that sense, it is much like the initial transition from paper-based to computer-based document review.
Editor: What implications do that and similar approaches have on the need to address ESI issues in the FRCP?
Faccone: Rule changes should only be made after a thorough, deliberative and analytical process. For example, the Advisory Committee on Civil Rules is currently considering whether rule changes to address preservation and related sanctions issues for a failure to preserve are viable and desirable. But even these deliberations have come after much dialogue by leading practitioners and courts who have been considering the issue for some time, such as at last year's Duke Conference on Civil Procedure and eDiscovery.
To Continue Reading: Click Here
----------------------------------------------
Source: metrocorpcounsel.com
E-Discovery Certification: Sham Exams?
Organizations offering to certify electronic data discovery professionals are sprouting up faster than dandelions in May grass — and preying on the members of our legal community who may be the least able to afford the "services" and may not realize how flimsy the certifications may be. The basic premise: Pay $995 to take an exam, offered by a newly formed for-profit organization that has an advisory board full of names you don't recognize. If you pass, they will hand you a piece of paper declaring that you are certified to handle e-discovery.
Unfortunately, too many of these organizations target young, ambitious contract attorneys, paralegals, and litigation support professionals who are trying to better their careers. New lawyers may not even realize the serious ethical challenges created by state bar rules that tightly control how lawyers can present credentials to the public. For example, the California bar strictly regulates specialization, and many other states have ethics rules that forbid lawyers from announcing that they have passed certification programs. The bottom line — hard work and even harder earned dollars are being extracted for a certification that may not be worth the paper it's printed on.
John Rosenthal, litigation partner at Winston and Strawn, and chair of the firm's e-discovery and electronic information practice group, distinguishes between the need for continuing legal education versus certification. "First, it is unethical in many jurisdictions to hold oneself out as either a specialist or certified in a particular practice. Second, many of the certifications are not offered by an accredited law school or college." His third point: the certifications are not meaningful because there is no industry standard as to what candidates will be certified in. "At most, all that should be offered is a certificate of attendance of a course or program."
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Patrick Oot
Unfortunately, too many of these organizations target young, ambitious contract attorneys, paralegals, and litigation support professionals who are trying to better their careers. New lawyers may not even realize the serious ethical challenges created by state bar rules that tightly control how lawyers can present credentials to the public. For example, the California bar strictly regulates specialization, and many other states have ethics rules that forbid lawyers from announcing that they have passed certification programs. The bottom line — hard work and even harder earned dollars are being extracted for a certification that may not be worth the paper it's printed on.
John Rosenthal, litigation partner at Winston and Strawn, and chair of the firm's e-discovery and electronic information practice group, distinguishes between the need for continuing legal education versus certification. "First, it is unethical in many jurisdictions to hold oneself out as either a specialist or certified in a particular practice. Second, many of the certifications are not offered by an accredited law school or college." His third point: the certifications are not meaningful because there is no industry standard as to what candidates will be certified in. "At most, all that should be offered is a certificate of attendance of a course or program."
To Continue Reading: Click Here
----------------------------------------------
Source: law.com
By: Patrick Oot
Subscribe to:
Posts (Atom)
