Get your house in order with Early Data Assessment: Part I

Calculate data makeup early to create a stable foundation for the future.

If you build a house with a weak foundation, the building is sure to fall apart. The same holds true for e-discovery—if you don’t pay attention to the early stages and properly calculate from the beginning, you’re in for a world of pain down the line.

From information management to identification, preservation and collection, the left side of the industry standard Electronic Discovery Reference Model (EDRM) is truly the foundation of the electronic discovery process. Corporations face this challenge in litigation on a regular basis, and if the house falls down, the finger-pointing will begin.

Picture the EDRM turned 90 degrees to the left, so it stacks up vertically. From that angle, the data makeup of a legal matter’s possibly relevant Electronically Stored Information (ESI) forms the bedrock for successful data preservation, collection, analysis and review strategy. At this nascent stage, Early Data Assessment becomes important.

What is Early Data Assessment?

Early Data Assessment (EDA) has evolved recently as an integral part of the EDRM far-left side workflow. EDA involves preliminary evaluations of data early in the life of a matter. It can include examining the technology and data sources possibly involved in the specific legal matter, not to mention the metadata about that ESI.

The idea behind EDA is to determine the types of data to be potentially preserved, gathered and analyzed, maybe to identify gaps or overlaps in the data, and to begin developing a variety of lists that can be used to help scope the project. EDA also can entail working with the ESI to better understand its substantive content, construct and evaluate potential story lines, craft discovery strategies, and develop e-discovery cost estimates and litigation budgets.

The EDA process is not to be confused with Early Case Assessment which typically relates to assessing legal liability. By contrast, Early Case Assessment usually happens at the onset of a matter as inside or outside counsel assess the viability of a matter, compare it against similar past matters, determine whether insurance coverage may come into play, make decisions about what counsel to retain, and engage in other similar activities focusing on evaluating the entire case early.

To Continue Reading:  Click Here

------------------------------------------------

Source:  Inside Counsel

By:  George Socha and Alon Israely

 

E-Discovery in SEC and FINRA Investigations

Electronic discovery, and the risks of failing to properly retain and produce electronically stored information, is frequently discussed in the context of state and federal court litigation. It is also an increasingly prevalent issue in Securities and Exchange Commission and Financial Industry Regulatory Authority investigations.

The failure to know and comply with the requirements and expectations for e-discovery in these contexts can have a number of adverse consequences for both firms and their personnel, as well as potentially for their counsel. This article highlights some of the key requirements and considerations in identifying, collecting and producing ESI to the SEC or FINRA during an investigation.

SEC INVESTIGATION

The SEC's electronic production guidelines. The SEC Enforcement Manual, which was first made public in October 2008 and was most recently updated in August 2011 (the manual), includes several pages of information pertaining to the production of documents pursuant to subpoena, including a section specifically addressing the format for electronic production of documents to the SEC, including email and other ESI. The manual is designed to provide guidance to enforcement division staff in the investigation of potential violations of the federal securities laws. However, it also provides a helpful roadmap to individuals and entities who may be asked to respond to a voluntary request for information or served with a document subpoena as to what to expect with respect to the electronic production of documents, including the production of email and other ESI.

To Continue Reading: Click Here
--------------------------------------------------
Source: law.com
By: Rachel Tausend and Josh Dutill

Hot data

As the EU updates its regulatory regime, Eduardo Ustaran argues that data protection compliance could be about to get more onerous

What do the collapse of Barings Bank, OJ Simpson’s trial and the European directive on data protection have in common? Answer: they all happened in 1995, well before Google, Facebook, iPhones, apps, cloud computing and the internet as we know it.

An obvious conclusion follows: the ­current data protection regime is no longer fit for purpose. At least, that is the message the European Commission has been hearing since it started its data protection legislative review process two years ago.

Now we are close to seeing a radical new framework. The proposal for a 21st-­century data protection law is still in the making in Brussels’ corridors of power, but we can make an informed guess of what we will be presented with.

Regulation ahoy

Much of the debate surrounding this process so far has been about the form the new framework will take. If, as has been made patently clear, the primary objective of the reform is to achieve the greatest possible degree of harmonisation the commission is likely to favour a regulation over another directive.

To Continue Reading: Click Here
--------------------------------------------------
Source: thelawyer.com
By: Eduardo Ustaran

Think your emails are private? Think again

Ask the average citizen if he thinks his emails and Facebook messages to friends and family members are protected from government snooping, and he’d likely answer, “Sure, the government would have to obtain a warrant before it could go snooping into my personal communications, the same as it must have a good reason to open my physical mail, right?”

Wrong.

Even though far more messages are sent electronically than are sent by “snail mail” (much to the chagrin of the U.S. Postal Service), that snail mail enjoys far more protection from government’s prying eyes than an email or personal Facebook message. This is an anomaly that I and many others — including Facebook, Google and other companies and privacy groups — are working to change through federal legislation. But it’s tough to get members of Congress to pay attention.

The problem is that the degree to which the government can demand access to a person’s “electronic communications” (which include emails, Facebook messages and all other communications sent by phone or computer) is governed by a law that was enacted when the World Wide Web was still in its infancy. The law is the 1980s-era Electronic Communications Privacy Act (“ECPA”), and despite the fact that the law (which was signed by President Reagan in 1986) was intended to provide a high degree of protection for electronic communications, it is woefully outdated and inadequate.

Unfortunately, this administration, like its predecessors, favors the current situation, precisely because it makes it so easy for law enforcement to access those private communications without having to secure a warrant, as normally would be required by the Fourth Amendment.

To Continue Reading: Click Here
--------------------------------------------------
Source: dailycaller.com
By: Bob Barr

E-Discovery Technical Standard at Crossroads

An attempt by the e-discovery industry to standardize how applications share data has gained only modest adoption, and although technical improvements are planned, there are mixed opinions about the project's long-term prospects.

Version 1.0 of the specification, EDRM-XML, debuted from the Electronic Discovery Reference Model organization in February 2008 after being proposed in March 2007. Load files are a common input/output method for e-discovery data. By replacing proprietary approaches with a version built on openly published code, the data becomes more accessible, officials promised. Future versions could also allow users to customize or expand the blueprint as needed, they said.

Three years and six months later, vendor adoption of the specification, now in version 1.2, is notable on a surface level but less so in real-world use. There are 24 companies listed on the project website as having at least one compliant product, but none actively call for their customers to use EDRM-XML as the primary method of moving data. Most remain content using Concordance and Summation load files. Another 14 companies are listed as participants, although officials acknowledge that participating has the minimum requirement of simply being on a conference call.

"It has not been as widely used as we would like to see. But I think that's not really that different from what we were anticipating would be the case," EDRM co-founder and legal technology expert George Socha said, citing industry indifference as the standard's biggest obstacle. "One barrier to adoption is inertia," he said, from St. Paul, Minn.

To Continue Reading: Click Here
--------------------------------------------------
Source: law.com
By: Evan Koblentz

How Google was tripped up by a bad search

An apparent error during the discovery stage of its court battle with Oracle could prove costly for Google

In the end it was a search that let Google down.

The company suffered a setback in its patent dispute with Oracle last week when a U.S. judge denied Google's request to keep an internal Google email out of the case record. The email, written by a Google engineer, could suggest to a jury that Google knew it needed a license to use Sun's -- now Oracle's -- Java technology in Android.

Ironically, considering this is Google, organizer of the world's information, the email might never have seen the light of day if the search tools used to identify documents covered by attorney-client privilege had done their job, legal experts said.

The incident also shines a light on an area of technology -- electronic discovery -- that's creating big challenges for lawyers as more communication moves online. And it helps explain why Hewlett-Packard is willing to spend US$10 billion to buy Autonomy, one of the biggest providers of e-discovery software and services.

The Google incident apparently stems from a mistake by one of the top law firms it hired to fight Oracle's lawsuit, which accuses Google of patent and copyright infringement in Android. It's a high-stakes case that could potentially cost Google billions of dollars in damages, and force it to start charging handset makers a license fee for Android.

To Continue Reading: Click Here
--------------------------------------------------
Source: computerworld.com

By: James Niccolai

Cell Phone Data and Expectations of Privacy

One can hear the din of cellular telephones everywhere: movie theaters, libraries, and restaurants, to name a few places. While cell phones keep us connected to those who are important in our lives, the technology also has the potential of exposing our movements to others. Cellular telephone transmissions record the general locations of the users through transmissions via cell towers.[FOOTNOTE 1] Over the last 50 years, Fourth Amendment doctrine has continued to evolve to keep pace with technology, endeavoring to protect the privacy and security of every individual against arbitrary intrusions by government agents.[FOOTNOTE 2] More recently, there have been significant though conflicting judicial interpretations concerning government access to cellular telephone records (cell site location information or CSLI), which data has been essential in many criminal investigations. This article will address these cases and the legal issues they present.

EXPECTATION OF PRIVACY

The Fourth Amendment of the U.S. Constitution provides:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or thing to be seized.

To Continue Reading: Click Here
--------------------------------------------------
Source: law.com
By: Peter A. Crusco

The U.S. Requests More User Data from Google Than Any Other Country

Google started publishing requests from governments for user information about a year ago. On Tuesday, it revealed the number of user accounts involved in those requests — revealing that the U.S. not only makes more requests than any other country, but also requests data for far more user accounts than any other country.

Between January and June of 2011, the U.S. made 5,950 requests to Google for user data, more than three times more than the amount requested by India, the next highest country on the list. This isn’t surprising, as the U.S. has remained the leader throughout the period for which Google has made data available, but it is a 70% increase since Google last reported requests.

The number of user accounts affected by these requests on behalf of the U.S. was 11,057 — almost five times as many as India. Google filled nearly all of the requests from the U.S., unlike the requests from most other countries, which it filled anywhere from 0% to 87%.

Google’s motive in making these requests more transparent is a U.S. law regulating government access to online user information called The Electronic Communications Privacy Act (ECPA).

To Continue Reading: Click Here
--------------------------------------------------
Source: mashable.com
By: Sarah Kessler

Federal cyber rules halt LAPD's move to Google Apps

FBI security rules are holding up the Los Angeles Police Department's move to Google Web-based email and office applications, according to contractors. The federal policies, which relate to confidentiality of criminal history data, could prevent certain agencies from ever moving operations to the cloud, or third-party data centers that provide software over the Internet, experts say.

FBI Criminal Justice Information Services security policies require that state and local agencies maintain "management control," or final authority, over the security of criminal justice information, according to bureau officials. In 2009, the City of Los Angeles struck a $7.25 million deal with prime contractor CSC to transition local government systems, including the police department's email, to online software offered by Google.

"The FBI CJIS security requirements must be complied with by CSC and Google before we can migrate to Gmail," Los Angeles Police Chief Information Officer Maggie Goodrich said. "CSC and Google have indicated that they are unable to comply with all of the requirements in the current CJIS policy." Aside from law enforcement employees, all other city personnel -- more than 17,000 employees -- are using Google Apps.

The apparent conflict between federal criminal justice requirements and the nature of cloud computing could deny many agencies the benefits of a cost-saving technology, some law enforcement information-sharing specialists said. Increasingly, state and local governments are outsourcing administrative systems to Web services providers, including Google and Microsoft, to cut costs and collaborate more easily. The federal government is following closely behind with plans to recoup $5 billion by closing more than 2,000 energy-sucking, expensive data centers and shifting IT operations to the cloud.

To Continue Reading: Click Here
--------------------------------------------------
Source: nextgov.com
By: Aliya Sternstein

Can Google Play In Enterprise Software?

Is Google (GOOG), the world’s leading online advertising firm, really committed to becoming a major player in enterprise software? The answer is unclear. In this article we look at the reasons for the stalled deployment of Gmail at one of Google’s largest public sector accounts to date, the city of Los Angeles. We conclude that while Gmail is a first-rate consumer email product, Google does not presently have the right products to be a significant player in enterprise software.

Google Apps in Los Angeles: How an ambitious project went wrong

Probably no other government cloud email deployment has received more attention than the city of Los Angeles’ ongoing attempt to migrate some 30,000 users of an antiquated on-premises email system (based on Novell GroupWise) to Gmail. What makes this case exceptionally interesting is the rich paper trail of official and leaked documents that detail almost every step of the project’s progress – or lack thereof.

When Los Angeles CTO Randi Levin pitched Google’s three-year $7.2 million proposal to the City Council back in 2009, it was greeted with enthusiasm. Going from GroupWise to Google Apps would allow the city to repurpose 92 of the city’s servers and cancel hundreds of thousands of dollars worth of GroupWise licenses. Longer term, the city also hoped to cut back drastically on its Microsoft Office licenses. The move would also save nearly $150,000 per year in power and cooling costs, and would free up the 16 full-time positions devoted to supporting the old system. While the shift from the GroupWise Windows client software to Gmail’s web interface did entail some loss of functionality for the city’s email users, the latter would benefit from a huge gain in email storage space, which would soar from one to 25 gigabytes per user. All this would be delivered for less than $50 per user per year, not counting one-time implementation, training and migration costs.

The city’s original plan was to move all users from GroupWise to Gmail by December 31, 2009. But this proved to be overly optimistic. Today, nearly two years later, 13,000 of the city’s 30,000 users are still on GroupWise. The plan also called for 80% of the city’s users to migrate from Microsoft Office to Google Docs for basic tasks such as word processing, presentations and spreadsheets. However, this migration, which was to have taken place over two years, now appears to be on indefinite hold, and there is real doubt as to whether the basic email migration itself will ever be completed. Both the rapid deployment of Gmail (allowing the early termination of the city’s GroupWise licenses) and the gradual shift away from Microsoft Office were key elements in the cost savings the city expected to achieve from the project. Without them, much of the city’s business case for the migration evaporates.

To Continue Reading: Click Here
--------------------------------------------------
Source: seekingalpha.com

By: Jeff Gould

Leading-Edge Law: Consider the legal effort required to move to the cloud

Many businesses are eager to move all or part of their business computing systems into the cloud. Before taking the leap, give thought to the total cost and legal issues associated with such a move.

What constitutes "cloud computing" is fiercely debated, but I define cloud computing as using software and/or data storage that is located remotely and that is accessed via an Internet connection, rather than using computers in your offices or remote computers you own and access by a dedicated transmission line.

Here are some popular types of cloud computing:

"Software as a service" ("SaaS" in geekspeak): Using, over the Web, a software program that is owned and hosted by someone else (Google Docs, for example).
Software hosting: Having a cloud provider host at its facilities some or all of the software you have purchased the right to use ("licensed" in lawyer-speak) and would otherwise run on your own computers, except that you now use that software remotely via a Web connection.

Online backup: Using a remote service to periodically back up the data stored on computers on your premises.

The biggest issues businesses contemplating moving to the cloud need to understand are the breadth of the contract-negotiation task and how that impacts the cost-benefit analysis.

To Continue Reading: Click Here
--------------------------------------------------
Source: Richmond Times Dispatch

By: John B. Farmer

Google, Facebook go retro in push to update 1986 privacy law

For a few hours on Capitol Hill yesterday evening, it was October 1986 again, complete with legwarmers, an Apple IIc, pop rocks, Duran Duran, and cell phones the size of a cat.

The companies sponsoring this night of nostalgia include Google and Facebook, which are hoping to visibly highlight how out-of-date a law enacted 25 years ago today has become in an age of cloud computing, gigabit networks, and terabyte storage.

The law in question is the 1986 Electronic Communications Privacy Act, a statute written in the pre-Internet era of telephone modems and the black-and-white Macintosh Plus. A coalition of groups, which include liberal, conservative, and libertarian non-profit organizations as well as companies, hope to convince the U.S. Congress to update the law to include location privacy and to protect documents stored on the Web through services like Google Docs, Flickr, and Picasa. (CNET was the first to report on the creation of this Digital Due Process coalition last year.)

Their not-so-subtle intent of yesterday's back-to-the-future blast: to woo congressional staff. That meant convening this privacy-law bacchanal, probably the first the nation's capital has ever experienced, a few blocks from the Senate and House offices at Top of the Hill on Pennsylvania Avenue, which describes itself as a "World War II-era lounge" featuring "an extensive wine, champagne and martini list."

To Continue Reading: Click Here
--------------------------------------------------
Source: news.cnet.com
By: Declan McCullagh

Court Acknowledges Calls for Caution when Applying "Proportionality Test" to Preservation, Denies Motion for Protective Order

Pippins v. KPMG LLP, No. 11 Civ. 0377 (CM)(JLC), 2011 WL 4701849 (S.D.N.Y. Oct. 7, 2011)

KPMG sought a protective order to limit the scope of its preservation obligation or to shift a portion of its preservation costs to plaintiffs. At the time, the parties awaited ruling on plaintiffs’ Motion to Certify and KPMG was preserving more than 2,500 hard drives at a cost of more than $1,500,000. Following the court’s analysis, the motion was denied.

In this case, the plaintiffs, potential members of a nationwide FLSA collective and/or a putative New York State class, “challenge[d] KPMG’s treatment of certain accountants in its audit practice . . . .” Discovery was stayed pending determination of plaintiffs’ Motion to Certify. KPMG sought a protective order to narrow the scope of its preservation obligation as to the hard drives of former and departing associates. Specifically, KPMG sought an order that would require the preservation of only a random sample of 100 hard drives from among those it had already preserved for this and other litigation. Alternatively, KPMG sought to shift the cost of any preservation beyond the scope it had suggested. At the time of the motion, KPMG had already preserved more than 2,500 hard drives of Audit Associates at a cost of more than $1,500,000. Moreover, KPMG indicated that there were more than 7,500 potential opt-in plaintiffs to the FLSA collective nationwide and more than 1,500 putative class members in New York.

Plaintiffs responded that they were amenable to using sampling as a means to limit the scope of preservation but opposed KPMG’s methodology. Prior to the motion, the parties had engaged in extensive negotiations and mediation in an effort to reach agreement to no avail.

To Continue Reading: Click Here
--------------------------------------------------
Source: ediscoverylaw.com

Social media archiving policies must be realistic

Social media content can, in fact, be a record--a fact some records managers find terrifying and perplexing when they consider the void it creates in e-Discovery and Freedom of Information Act policies.

Since October 2010 the National Archive and Records Administration has instructed federal agencies to archive social media records, including those hosted by third parties. What's more, Gartner predicts that by 2013 half of all companies will have to produce social media content as part of an e-Discovery request, says Jesse Wilkins, director of systems of engagement for AIIM International.

"Many of you share and understand the definition of what a record is...We have to set definitions. We have to have a baseline that says, this is what we mean by social media," said Wilkins during an Oct. 18 presentation at ARMA in Oxon Hill, Md.

While social media policies have to be clear, they also have to be usable. As enterprises set acceptable-use policies for social media, and select employees authorized to represent the company in an official capacity, they sometimes inadvertently lock down the technology. Archiving policies could also become antithetical to the reason for engaging through social media in the first place.

To Continue Reading: Click Here
--------------------------------------------------
Source: Fierce Content Management
By: Molly Bernhart Walker

Google Apps Not Cutting It for LA’s Finest

Two years after the City of Los Angeles approved a $7.25 million deal to move its e-mail and productivity infrastructure to Google Apps, the migration has still not been completed because the Los Angeles Police Department and other agencies are unsatisfied with Google’s security related to the handling of criminal history data.

Los Angeles officials originally expected to roll Google Apps out to its 30,000 users by June 2010, in partnership with systems integration contractor CSC. But that number has been reduced to about 17,000 employees, largely because of security objections raised by the LAPD and other safety-related departments. Advocacy group Consumer Watchdog opposed the deal, and this week released a letter LA officials sent to CSC in August, which states “The City is in receipt of your letter dated May 13, 2011, wherein CSC indicates that it is unable to meet the security requirements of the City and the Los Angeles Police Department (LAPD) for all data and information, pursuant to U.S. DOJ Criminal Justice Information Systems (CJIS) policy requirements.”

The letter further demands a financial credit for the LAPD portion of the contract, and that CSC and Google reimburse Los Angeles for the money it has had to pay Novell for a GroupWise system. A proposed amendment to the LA/Google contract says that “Google shall pay the City for the GroupWise System Costs for the period of July 1, 2011 through November 20, 2012.” Los Angeles’s original plan was to move everyone off GroupWise and other internal software and instead use Gmail, Google Docs, and related Google services.

To Continue Reading: Click Here
--------------------------------------------------
Source: wired.com
By: Jon Brodkin

A Proposal for Preservation Rule Amendments

In 2000, Judge Scheindlin warned, “It is safe to predict that federal courts will see a surge in the number of discovery disputes arising from electronic discovery.” (Scheindlin, S. Rabkin, J., “Electronic Discovery in Federal Civil Litigation: Is Rule 34 Up to the Task?” 41 B.C. L. Rev 327, 341 (2000). Six years later, amendments to the Federal Rules of Civil Procedure established guidelines for eDiscovery but failed to address preservation.

In 2010, Judge Scheindlin admonished, “By now, it should be abundantly clear that the duty to preserve means what it says.” (Pension Committee of the Univ. of Montreal Pension Plan v. Banc of America Securities LLC, et al., 685 F. Supp. 2d 456, 462 (S.D.N.Y. Jan. 15, 2010).

Unfortunately, what should be “abundantly clear” is still unclear. There are no rules clarifying preservation. The problem is especially vexing and expensive because preservation decisions happen so early, well before the parties meet under Rule 26 or the courts get involved and can limit the scope of discovery. By the time the rules kick in, the preservation decisions may be irreversible. Parties trying to decide if and how a lawsuit affects information management practices, back-up tape rotation practices, or email server policies, must apply the “better safe than sorry” rule and save unreasonably large volumes of ESI.

Will it take another 6 years to pass rules on preservation? The Judicial Conference Subcommittee on Discovery recently made excellent progress at a meeting in Texas identifying some of the problems created by the hole in the 2006 amendments.

To Continue Reading:  Click Here

--------------------------------------------------

Source:  eDiscovery Myth

By:  William Belt

Legalities of Social Media Costing Millions

New data has revealed employers are not keeping pace with social media, and as a result are spending millions on legal loopholes due to poorly updated workplace policies and contracts.

According to UK based research by commercial law firm DLA Piper, one in three businesses have been forced to undertake legal proceedings against employees because of defamatory, sensitive, or classified information about their organisation on a social media network.

The research also revealed just 25% of businesses have a tailored media policy, and less than half (43%) had a social media policy that was linked to their IT or HR policies.

To Continue Reading: Click Here
--------------------------------------------------
Source: International Business Times

Judge Peck Calls Upon Lawyers to Use Artificial Intelligence and Jason Baron Warns of a Dark Future of Information Burn-Out If We Don’t

This blog will report on a new article by Judge Andrew Peck endorsing the use of artificial intelligence and a recent speech by Jason R. Baron warning of a coming digital dark age of information overload. The two events, much like 7 of 9, make a compelling argument for law to embrace technology, not run from it.

Judge Peck’s Article on Predictive Coding

Judge Peck’s article brings good news to all those stressed by the costs and difficulties of e-discovery. The article shows that artificial intelligence can help alleviate this stress when it is used judiciously. Predictive Coding: Reading the Judicial Tea Leaves, (Law Tech. News, Oct. 17, 2011).

Judge Peck reviews the old days of linear paper review and is glad to see them go. He cites to the study by Herb Roitblatt, Ann Kershaw and Patrick Oot, that suggests computer assisted review is at least as accurate as manual review. Document Categorization in Legal Electronic Discovery: Computer Classification vs. Manual Review, Journal of Am. Society for Information Science & Technology, 61(1):70-80 (2010). Then he cites the study by Maura Grossman and University of Waterloo professor Gordon Cormack, using data from the Text Retrieval Conference Legal Track, which concluded that “[T]he idea that exhaustive manual review is the most effective — and therefore the most defensible — approach to document review is strongly refuted. Technology-assisted review can (and does) yield more accurate results than exhaustive manual review, with much lower effort.” Technology-Assisted Review in E-Discovery Can Be More Effective and More Efficient Than Exhaustive Manual Review, Richmond J. of Law & Tech., Vol. XVII, Issue 3, 1-48 (2011).

Next, Judge Peck addresses search based on keywords and shows how it is a rather primitive, last-century application of computer assistance, especially when applied without sampling, testing, and transparency. He uses my Go Fish analogy to illustrate how even this simple technology is not being used correctly by many attorneys.

To Continue Reading: Click Here
--------------------------------------------------
Source: e-Discoveryteam.com
By: Ralph Losey

The Legal Hold Notice is Privileged, but What About the Process?

It is not an uncommon question: is my legal hold notice privileged? I’ve always contended that it is, and the court in Cannata v. Wyndham Worldwide Corp., 2011 WL 3495987 (D. Nev. Aug. 10, 2011) agreed. However, the question that comes up less often, but was also answered by the court, is whether the legal hold process is privileged. Again, I think the court got it right, but it is a cautionary tale nonetheless.

In Cannata, the sexual harassment and discrimination plaintiffs served the defendant with a Rule 30(b)(6) deposition notice, one of the topics of which was the litigation hold. The defendant sought a protective order limiting the plaintiffs to an interrogatory on the identity of those that received the notice and what they were told to do. The court agreed that where spoliation is not an issue, the legal hold notice itself is generally protected by the attorney-client privilege and work product doctrine. However, the court held that defendant’s previously produced summary of its legal hold process was not sufficient, and that the plaintiffs were entitled to know “what has actually happened in this case, i.e., when and to whom the litigation hold letter was given, what kinds and categories of ESI were included in defendant’s litigation hold letter, and what specific actions defendant’s employees were instructed to take to that end.”

Cannata is an excellent illustration of the intersection of law and process. The decision about whether to issue a litigation hold notice is a legal decision, and the communications by which that decision is communicated is generally protected as a privileged communication. However, execution of that decision – the steps a company takes to actually preserve information – is a business process. While I don’t agree that such information should be discoverable absent some evidence that information was not, in fact, preserved, this case highlights the importance of having a documented legal hold process, and of documenting the execution of that process.

To Continue Reading:  Click Here

---------------------------------------------------

Source:  e-Discovery Myth (Leclair Ryan)

By:  Dennis Kiker

Read It, Ignore It, Delete It, Or Scoff At It, But Don't Reply To All

Ok, does it get much more annoying?  You’re finally focusing on your work and having a very productive Monday morning so far.   Then you get that familiar “bing” – the 82^nd e-mail of the morning already from 1 of 25 addressees on a prior e-mail, who responds “I agree” or “LOL!” or “Yes, Jon, let’s set that up” (and, oh by the way, you’re not Jon).  

Then, everyone else on the e-mail uses Reply to All to ask everyone else to quit using Reply to All, or “Please take me off this e-mail string.”  And then, people use Reply to All to apologize to everyone for using Reply to All.   And you find yourself reading and deleting for over an hour, and longing for the days when faxes were the newest “nano-second” technology.

It’s a little something called “netiquette”, which Wikipedia defines to include such common characteristics as “misuse of the Reply to All.”   Even Facebook has a dedicated page entitled “Educating Users On Reply To All Button Etiquette.”   Yes, social media is supposed to be easy and informal, and perhaps even provide your company with some benefits.   Still, you find this Reply to All thing to be ANNOYING (proper netiquette also suggests that one refrain from typing excessively in all caps).

But beyond that, it is potentially harmful to your business.   First, a Reply to All risks the disclosure of personal information, or company trade secrets to unwanted recipients, both inside and outside the four walls of your office.   Second, the one-click option of Reply to All makes it easier to send jokes and off-hand comments to others (even unintended) who may not welcome them.   Third, the lack of productivity can be staggering, when your employees are spending countless hours opening, reading, and deleting e-mails that have no relevance to their particular day or responsibilities.

To Continue Reading:  Click Here

--------------------------------------------------

Source:  Social Media Employment Law Blog

By:  Michael Schmidt

Amending the FRCP: More Questions than Answers

Outcry from many in the legal community has caused a number of groups to consider whether the Federal Rules of Civil Procedure (FRCP) should be amended. The dialogue began in earnest a year ago at the Duke Civil Litigation Conference and picked up speed following an eDiscovery “mini-conference” held in Dallas last month (led by the Discovery Subcommittee – appointed by the Advisory Committee on Civil Rules). The rules amendment topic is so hot that the Sedona Conference (WG1) spent most of its two day annual meeting discussing the need for amendments and evaluating a range of competing proposals.

During this dialogue (which I can’t quote verbatim) a number of things became clear to me…

1. This rules amendment quandary is a bit of a chicken and egg riddle — meaning that it’s hard to cast support wholeheartedly for a rules change if there isn’t a good consensus for what a particular change would accomplish and what the long term consequences might be as technology quickly morphs. As an example, if there was a redefined preservation trigger that started the duty to preserve when there was a reasonable “certainty” of litigation (versus a mere “likelihood”), would this really make a material impact? Or, would this inquiry still be as highly fact specific as it is today? Would this still be similarly prone to the 20/20 hindsight judgment that’s inevitable as well?

2. While it is clear that preservation has become a more complex and risk laden process, it’s not clear that this “pain” is causally related to the FRCP. In the notes from the Dallas mini-conference, a pending Sedona survey was quoted, referencing the fact that preservation challenges were overwhelmingly increasing:

To Continue Reading: Click Here
--------------------------------------
Source: e-Discovery 2.0
By: Dean Gonsowski

Predictive Coding: Reading the Judicial Tea Leaves

Technology-assisted document review, often called "predictive coding," is a hot topic among e-discovery practitioners these days. If properly used, these tools can result in substantial cost savings to parties dealing with large litigation data volumes. While there has been growing support for employing these technologies, using them requires careful thought and planning in the event that their use is challenged.

U.S. District Court Magistrate Judge Andrew Peck 's recent article, "Search, Forward: Will manual document review and keyword searches be replaced by computer-assisted coding?" is the latest judicial endorsement for predictive coding. Southern District of New York's Peck observes anecdotal reticence to its adoption because there is no express judicial decision supporting the technology. "Until there is a judicial opinion approving (or even critiquing) the use of predictive coding, counsel will just have to rely on this article as a sign of judicial approval," wrote Peck.

He is not alone in his support of computer-assisted document review. Magistrate Judge John Facciola of the U.S. District Court for the District of Columbia encouraged its consideration in Disability Rights Council of Greater Wash. v. Wash. Metro. Transit Auth., 242 F.R.D. 139, 148 (D.D.C. 2007) ("I bring to the parties' attention recent scholarship that argues that concept searching, as opposed to keyword searching, is more efficient and more likely to produce the most comprehensive results.")

To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Mark Michels

How global laws protect your data

Companies that store customers' information in a number of different countries have to adhere to a huge amount of legislation

In February last year, three Google executives were handed suspended six month prison sentences by an Italian court for violating the privacy of a boy with Down's Syndrome by allowing the website to broadcast video of him being bullied in a school in Turin. Although the video had been uploaded in Italy back in 2006, it had been processed by servers in the US and Ireland. No content had been hosted in Italy, but Google's Italian office was enough to give the Italian courts jurisdiction.

For companies wanting to store data in the cloud there is a minefield of data protection laws to negotiate, so it is essential to know which country your data is physically stored in. "Most organisations don't even know what data they have," says Tony Lock, programme director at IT services consultancy Freeform Dynamics. "They are unsure where all the data is and once they've found it they are unsure how to protect it."

The European Union's Data Privacy Directive is crucial for UK firms. Created to facilitate the free movement of sensitive private information within Europe, it also makes it hard for data to be moved outside the region. Implemented across Europe but with local variations, the requirement for UK firms is to take "appropriate technical and organisational measures" to protect data. Italy goes further and sets out what those measures should be and Denmark requires internet transmission of such data to be encrypted.

To Continue Reading: Click Here
--------------------------------------
Source: guardian.co.uk
By: Juliette Garside

Corporate Counsel Question Accountability in E-Discovery

Accountability and quantification are as significant hurdles as cost when corporate counsel shop for e-discovery software, a new report concludes.

Enterprise Strategy Group's latest research, "E-Discovery Market Trends: A View From the Legal Department," released Wednesday, includes results from 48 counsel at companies of at least 500 employees. Of those, 86 percent said e-discovery expertise is important when they hire outside counsel and 64 percent requested alternative fee arrangements, the report states.

Accountability, according to 71 percent of responding companies, focuses on sampling to track document review accuracy in individual cases. Comparing results to other cases was an example cited by 50 percent of companies, and comparing to other reviews was cited by 43 percent. Only 29 percent use software to measure individual reviewer productivity.

To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Evan Koblentz

Markel: Data Breaches Not Just Aimed at Large Companies Any More

Hackers, known for going after large organizations to steal data, now have an eye toward easy pickings in smaller companies, according to Markel’s IT and data-privacy underwriting expert.

Jake Kouns, Markel’s senior director of technology, left his job in IT to join Markel six years ago and is determined to rid businesses of the “it-can’t-happen-to-me” attitude toward insurance for data breaches.

“The risk is real, and it doesn’t matter what the size of your organization is,” he says from the National Association of Professional Surplus Lines Offices (NAPSLO) convention here.

Although the thefts of records at large corporations such as Sony have garnered headlines, hackers are finding easy pickings, going after small-to-midsize businesses, which Kouns says he wants to educate and insure.

“They [hackers] are finding it easier to steal in small increments,” he explains. “Think about it—people start really looking for you when you take millions of records.”

Kouns points out that news accounts of Sony’s data breach appear to imply there was one breach, but the corporation was actually hacked 21 times.

To Continue Reading: Click Here
--------------------------------------
Source: propertycasualty360.com
By: Chad Hemenway

The Case for Bringing Predictive Coding to Court

For more than a decade, the legal community has struggled to effectively use technology to find "smoking guns" during document review in electronic data discovery -- while containing the costs of that technology (and the humans who must manage it). It's not an easy mission. Everything from creating nuanced keywords to hiring the right reviewers can make or break a case. And technology can get expensive, fast; there's no point in spending $500,000 to review files on a case with an exposure of $100,000.

In our October issue of Law Technology News, U.S. Magistrate Judge Andrew Peck helps us understand the challenges of beginning the electronic data discovery process in a case. In "Search, Forward" New York-based Peck provides context with a look at the development of today's options.

Peck describes the beginning of his career, where -- like so many of us -- he spent long hours as a young attorney wading through acres of paper files, trying to "code" the contents for privilege and content relevant to the case. "Review was linear," he remembers. "There was no way to deduplicate documents or organize them by types. You reviewed whatever box landed on your desk; colleagues might be reviewing a carbon copy of the same file. Hopefully, you coded it the same."

But, he notes, some professionals still cling to that model. "Despite its flaws, many senior lawyers (and some clients) still consider manual review to be the 'gold standard' against which other review techniques are compared."

To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Monica Bay

E-Discovery 'Command' Culture Must Collapse

Collaboration must replace top-down culture before e-discovery costs can be reduced, Colo. event panelists contend

A dominant theme permeated Friday's fifth annual Colorado Association of Litigation Support Professionals' E-Discovery Summit: To succeed, litigants must embrace the concept of e-discovery teams and jettison the traditional vertical hierarchies where a senior partner or general counsel channels General George Patton.

"Command" models are doomed to failure, several panelists insisted. The time has come, they said, for true collaboration -- not only internally, but with opponents.

U.S. District Court (Colorado) Magistrate Judge Michael Hegarty kicked off the daylong conference, explaining his expectations from litigants. He served for 14 years as an Assistant U.S. Attorney with civil division in Denver, and was chief of the division for three years, before taking the bench in 2006. Hegarty surprised many in the office with his report that less than 1 percent of Colorado cases go to trial, and that very few litigators bring up electronic data discovery issues in early conferences, which "can be detrimental the the case."

Hegarty urged parties to adopt EDD protocols, and said he takes a hands-off posture in his court. "I believe in minimalist court intervention in how you want to try your case," he told the audience of approximately 160 paralegals, attorneys, and litigation support professionals at Denver's Grand Hyatt hotel. When asked if judges should raise issues about EDD if litigators did not, Hegarty said that basically, that was not the judges' responsibility.

Hegarty said he is skeptical about counsel's predictions about EDD costs. "I don't trust attorneys when they come in and tell me how much it will cost," he said. "I don't believe lawyers are lying," he said, by way of caveat, but went on to say that lawyers aren't properly estimating costs. He said he approves predictive coding in some cases, to help keep costs in check.

To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Monica Bay

Is it legal to send your data overseas?

Clearing the fog around cloud sovereignty.

Companies considering moving business information to overseas cloud-computing services must weigh up the potential impact of more than 450 separate Acts of Parliament, experts warn.

While countless Australian businesses are already hosting wesites and applications on cloud services overseas using services from Amazon, Google and Microsoft, Anthony Wong – an intellectual property lawyer who runs AGW Consulting and is current president of the Australian Computer Society – warns they must ensure cloud data doesn't violate strict Australian business laws mandating customer privacy, retention of corporate records, enduring access to information, and so on.

"Just because your data is in the cloud doesn't mean you're absolved from your responsibility [to control business data]", says Wong.

Advertisement: Story continues below He advises any business considering cloud computing to weigh its responsibilities under legislation including the Electronic Transactions Act 2003, Spam Act 2003, Cybercrime Act 2001, Copyright Amendment (Digital Agenda) Act 2000, Privacy Amendment (Private Sector) Act 2000, Privacy Act 1988, Archives Act 1983, Freedom of Information Act 1982, and Telecommunications (Interception) Act 1979.

To Continue Reading: Click Here
--------------------------------------
Source: The Sydney Morning Herald
By: David Braue

Social Media Can Hurt You In A Lawsuit

Social media postings could soon join email as a common part of the legal discovery process. Here's what SMBs need to know to protect themselves.

Social media has already become The Next Big Thing. Could it soon be the next big thing in business lawsuits?

The short answer: Yes, according to Jamie Brigman, director of product management and technical strategy at Applied Discovery. Brigman's employer, a LexisNexis subsidiary, does electronic discovery work for legal cases. Though not common today, Brigman said the information that companies and their employees share on social sites is poised become a significant piece of the discovery process during civil litigation over business-related disputes.

"[Lawyers] are always concerned about risk," Brigman said in an interview. "They're looking for what kind of information is discoverable in the future."

The potential legal risks of social media increase each time a site adds features intended to better collect--and share--information, business or personal. Take Facebook's recent platform overhaul, which included the introduction of the Timeline feature.

To Continue Reading: Click Here
--------------------------------------
Source: Information Week
By: Kevin Casey

Managing risk in the cloud

The steps to preserve information assurance in a shift to cloud computing

Cloud computing allows the procurement of IT services from both internal and external suppliers to be optimised because the services are delivered remotely in a standard way. The cloud is not a single model, but covers a wide spectrum from applications shared between multiple tenants to virtual servers used by one customer.

The key benefit is one of scale; a cloud provider can potentially offer a better service at a lower cost because it has a large enough operation to afford the skilled people and state-of-the-art technology necessary for a secure service. In general, a large cloud provider is likely to provide a better and more secure IT service at a lower cost than a small to medium sized organisation could provide itself.

While the public cloud offers applications shared by multiple customers, the community cloud is confined to a selected group (for example, government or healthcare) and membership is strictly controlled. This reduces the risks from the activities of co-tenants while retaining many of the benefits of scale. The private cloud provides applications and infrastructure dedicated to a particular organisation, allowing it to outsource the management of its IT infrastructure while retaining tighter control over the location and management of the resources. The price for this is that the costs are likely to be higher than for a public cloud because there is less potential for economy of scale, and resilience may be lower because of the limit on resources available.

The information security risk associated with cloud computing depends on the service and delivery models, and the specific risks depend on the individual requirements of the organisation. Common security concerns across this spectrum are ensuring the confidentiality, integrity and availability of the services and data.

To Continue Reading: Click Here
--------------------------------------
Source: guardian.co.uk
By: Mike Small

Google Your Company's Code of Conduct

There's a Forty Percent Chance It Fails To Address Data Privacy, and Why it Should

It is tough to escape Google. The search engine is ubiquitous. It finds whatever we are looking for in a split second. Google Maps helps us find the quickest route across town. Google Alerts lets us know when our friends or clients are in the news. Gmail accounts read our email and tells us when there is an advertisement that we may find interesting.

But when we use Google's services, we share personal information—what we are searching for, our location, and our identity. The same may be said for social networking sites such as Facebook. Personal data gathered in these contexts can include information such as an individual's name, address, phone number, email address, employee number, social security number, national identifier, or credit card number. How companies such as Google protect this information has generated attention from the Federal Trade Commission recently.

In March 2011, Google agreed to settle FTC charges that it was not doing enough to protect personal data when it launched its social network, Google Buzz, including violating the EU-US Safe Harbor framework. According to the FTC complaint, Google launched its Buzz network through its Gmail web-based email product and the options for declining or leaving the social network were ineffective, thus violating Google's own published privacy policy. For the first time, the FTC required a company to implement a comprehensive privacy program to protect the privacy of consumers' information.

But the information that consumers share with companies such as Google and Facebook pales in comparison to information that companies have about their employees and customers—social security, tax, and medical information. What are employers doing to protect this data?

To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Ryan McConnell, Margaret Cox Mousoudakis, and Katharine Southard

Legal Reform Needed to Govern Data, Experts Said

Legal experts and law enforcement agents say new and updated laws are required to protect user privacy while allowing law enforcement to catch cybercriminals.

A revamp to the 1986 Electronic Communications Privacy Act will help set policy around new technology that the creators of that law didn't imagine, panelists said during a cybercrime conference hosted by the University of Washington's School of Law on Friday.

The act was written long before current email systems were devised. "In 1986, no one thought email would be stored indefinitely, so the statute says that 180-day-old email is stale and therefore not in need of protection," explained Sharon Nelson, formerly the director of the Shidler Center for Law, Commerce and Technology at the University of Washington School of Law.

That means law enforcement doesn't need a warrant to access emails from 180 days ago, or emails and other data stored in the cloud, experts said.

Law enforcement and privacy advocates disagree on exactly how the law should be updated to accommodate data saved in the cloud.

To Continue Reading: Click Here
--------------------------------------
Source: pcworld.com
By: Nancy Gohring

Coverage Quandary: Is Cyber-Insurance Necessary?

It's been a wild year for cybercrimes, with allegations of phone hacking at Rupert Murdoch's media empire, and the arrest of 14 people for alleged attacks on PayPal's website in retaliation for its decision to suspend WikiLeaks' accounts. The U.S. Senate, International Monetary Fund, Lockheed Martin, Citigroup, Google, and Sony were among organizations that disclosed hacker attacks, reported Reuters.

It all may be falling far too close to home for BigLaw firms and corporate counsel, who are beginning to shop for — or at least ask a lot of questions about — cyber-insurance. Queries include exactly what the policies cover and cost, how insurers quantify losses, and whether the policies are necessary.

"There is lots of chatter," says Anne Marie Davine, managing director of Marsh's U.S. law firm practice. "Rarely do we have a meeting with clients or potential clients where this topic doesn't come up." Marsh's website defines cyber risk as "a wide range of internet and network exposures" that include theft or manipulation of sensitive or private information (e.g., financial or health records); viruses that can destroy data, damage hardware, cripple systems; and computer fraud.

Cyber-insurance has been around for a decade, but recent trends are prompting a closer look. The number of insurers has increased, and providers are starting to offer cyber insurance specifically tailored for law firms. Davine estimates that there are about a dozen standalone policies from a range of insurers, including AXIS Insurance, Monitor Liability Managers, and CNA. Others offer coverage as part of legal professional errors and omissions coverage, such as Travelers' "network and information security offense" policies for small to mid-sized law firms. (Travelers offers separate CyberRisk coverage for large organizations, but it's not legal industry-specific.)

To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Tam Harbert

Taking the Pulse of Your Organization's Backup Processes

One would be hard pressed these days to find an IT executive who believes his or her backup process is healthy. In fact, most would probably say the opposite: that their backup processes are broken. Organizations know this and yet they feel unable to respond since budget freezes, staff reductions and new internal and external requirements make fixing the problem seem impossible. This perception, however, is false. IT can heal backup under current circumstances.

Five considerations for better backup
Fixing backup is not a simple matter, nor should it be presented as such. However, there are five considerations we can examine when discussing the opportunity to improve the backup situation plaguing data centers.

1. Determine the biggest pain points you need to solve. Most IT organizations need some immediate relief from current backup pain, including day-to-day tactical problems such as failed backups and recoveries. They also need to meet heightened recovery expectations with fewer resources; that is, recover data when and where needed to meet demanding service level agreements (SLAs). Additional goals will likely include gaining adaptability, flexibility and scalability, as well as the ability to respond to constantly changing demands without disruptive changes to the backup infrastructure. This might also be an opportune moment to make sure whatever changes you make will support the test and development environments that require multiple copies of production data. With shrinking application development windows, access to near-real time copies of production data for testing is important.

2. Move backup to disk. Backup to tape for disaster recovery (DR) purposes is costly, time consuming and ineffective when time-to-recovery is the primary measure of effectiveness. The trap that organizations must be careful not to fall into is assuming that they can solve such a problem using outdated tape methodologies. Backup and recovery may be the immediate pain points that companies seek to address, but backup and recovery problems reflect the new challenges that organizations face when optimizing existing backup infrastructures for DR.

Disk is the lynchpin to redesigning a corporation’s backup infrastructure. It solves existing backup and recovery problems while giving organizations new ways to use the backup data that were not available when data was stored to tape. First, companies must look to implement a disk-based storage system as a backup target. This includes disk targets such as networked attached storage (NAS) or virtual tape libraries (VTLs), as well as other advanced forms of disk-based data protection such deduplication, WAN optimized replication and continuous data protection (CDP) using advanced snapshot technology.

To Continue Reading: Click Here
--------------------------------------
Source: wwpi.com
By: Mike DiMeglio

Cloud Standards Customer Council Seeks To Guide Deployments, Standards

The Cloud Standards Customer Council (CSCC), an end-user advocacy group created to help shape cloud standards, launched a new guide to cloud computing Wednesday designed to get organizations up to speed with cloud computing.

The CSCC's "Practical Guide to Cloud Computing" comprises best practices, resources and expertise from consultants, vendors and end-user customers on cloud deployments and how companies can get their feet wet in the cloud.

Organizations that are plotting their cloud strategies have questions around best practices, said Melvin Greer, Senior Fellow and Chief Strategist, Cloud Computing, Lockheed Martin (NYSE:LMT ); chair, CSCC steering committee; and chair of the CSCC Practical Guide to Cloud Computing Working Group, in a webinar Wednesday.

He addded that the CSCC and the new guide are designed to advise organizations on how to get started, how to complete their cloud search and offer guidelines for cloud services implementations.

The guide serves as a reference document that offers actionable steps that companies can take as they navigate cloud computing, Greer said. It includes input and feedback from the CSCC's roughly 200 members, including CA Technologies, IBM (NYSE:IBM), Lockheed Martin and a host of others.

To Continue Reading: Click Here
--------------------------------------
Source: crn.com
By: Andrew R. Hickey

How New Labor Guidelines Could Affect Your Social Media Policy

While social media has been around for a while, there are still aspects of it that are very new, such as policy development. Such policies have to stand the test of time and evolve as the workplace — and the social media platforms and their usage — changes.

In August, the National Labor Relations Board (NLRB) released a report on the outcome of investigations into 14 cases involving the use of social media and employers’ social media policies. The NLRB is an independent agency in the U.S. government that protects employees’ rights to join together to improve wages and working conditions, with or without a union.

Here’s an overview of the report and some pointers on what your company should consider when it comes to social media policy development.

Why Is This Report Important?

Eric B. Meyer, a partner in the labor and employment group of the law firm Dilworth Paxson LLP, explains the report’s significance. “It provides a window into what the NLRB considers legal and illegal, not only with respect to employers who discipline employees based solely on social media content that employees publish, but also as to social media policies that employers implement.

To Continue Reading: Click Here
--------------------------------------
Source: mashable.com
By: Sharlyn Lauby

Ninth Circuit Extends Scope of Electronic Communications Privacy Act to Foreign Citizens

The Ninth Circuit unequivocally extended the protections of the Electronic Communications Privacy Act (“ECPA”) to foreign citizens yesterday. In Suzlon Energy Ltd. v. Microsoft Corp. — F.3d — (9th Cir. 2011), the court held that the ECPA protects the emails of non-citizens that are stored in the United States from disclosure.

At issue were various emails belonging to an Indian citizen that were stored in his Microsoft Hotmail account. Relying on the plain language of the statute, the district court rejected the plaintiff energy provider’s request that Microsoft turn over the emails for use in an Australian-based legal proceeding. The Ninth Circuit agreed, finding that the protections of the ECPA expressly encompassed “any person” whose emails were stored “on a domestic server, by a domestic corporation.”

The Suzlon Energy opinion has three additional noteworthy points. First, the Ninth Circuit declined to create by judicial fiat a “civil litigation” exception that would allow the production of the emails. Such an exception would have eviscerated the privacy concerns regarding electronically stored communications that Congress specifically invoked in enacting the statute.

The court also refused to find that the defendant’s status as a party to litigation constituted “implied consent” to the production of his Hotmail emails. Such a finding is consistent with other jurisprudence holding that participation in legal proceedings does not waive the protections of the ECPA.

To Continue Reading: Click Here
--------------------------------------
Source: eDiscovery 2.0
By: Philip Favro

New Ethical Issues and Challenges in E-Discovery

The rise of e-discovery and the globalization of electronic information has caused a drastic increase in the ethical issues and challenges attorneys face when compared to the paper world. Attorneys are facing emerging challenges both inside and outside their legal teams, regarding the supervision of vendors, contract attorneys, overseas labor, and in-house counsel; the need for cooperation and transparency with opposing counsel; and the discovery of electronic information stored outside the United States. Attorneys must use increasing care to avoid these ethical pitfalls.

WITHIN THE LEGAL TEAM

The vast increase in the amount of information involved in e-discovery has led to an increase in the number of players in the e-discovery process. As a result, attorneys need to be skilled not only in the practice of law, but the management of vendors, contract attorneys, legal support, and in-house counsel. A 2010 study showed that sanctions for e-discovery violations are increasingly common, and monetary sanctions are increasing. Dan H. Willoughby, Jr., Rose Hunter Jones, Gregory R. Antine, "Sanctions for E-Discovery Violations: By the Numbers," 60 Duke L.J. 789 (2010).

Sanctions for e-discovery violations vary by case, jurisdiction, and culpability of the parties and attorneys at issue. Recent sanctions have included adverse inference, monetary sanctions, attorney's fees, cost shifting, and imposition of additional discovery responsibilities. See E.I. Du Pont De Nemours & Co. v. Kolon Indus. Inc., No. 3:09cv58, 2011 WL 2966862 (E.D. Va. July 21, 2011) (imposing adverse inference and monetary sanctions for intentional spoliation and bad faith); Genger v. TR Investors, LLC, No. 592, 2010, 2011 WL 2802832 (Del. July 18, 2011) (imposing monetary sanctions and payment of attorney's fees); PIC Grp. Inc. v. LandCoast Insulation Inc., No. 1:09-CV-662-KS-MTP, 2011 WL 2669144 (S.D. Miss. July 7, 2011) (ordering additional discovery and payment of attorney's costs and fees, and ordering that payment be made by defendant, not insurance company).

To Continue Reading: Click Here
--------------------------------------
Source: law.com
By: Elizabeth E. McGinn and Karen M. Morgan

Do you know where your data is?

In the beginning, when cloud computing was all about public cloud services, many finance chiefs held back because of their concerns about the safety and security of their valuable and sensitive corporate data. But things change - well, some things.

Putting it in the hands of a third party - outside the firewall, on multi-tenant boxes - emerged as a security risk too far in survey after survey, despite widespread awareness of the cloud's potential to deliver business benefits, cost savings and strategic opportunities.

The cloud has evolved. Public clouds have been joined by private clouds, and hybrid clouds, and other variations on the theme, and use of them is increasing.

However, finance chiefs remain cautious. When a recent Deloitte survey found half of CFOs using cloud computing or planning to within two years, a whopping 89 percent were, perhaps understandably, still citing data security as their main reason for holding back. Meanwhile, uncertainty about the location of data concerned just 44 percent, and legal issues 40 percent - and this may need to change.

"This is a complicated area," says Alistair Maughan, a partner at the international law firm Morrison Foerster.

The explosion in cloud computing has increased use of third party service providers, and some of them in turn use other third party providers to host and backup data, so its physical location can be hard to pin down (a problem), as can the legislation that applies to it and the jurisdictions in which this can apply (another problem).

"Generally speaking, the law that's applicable is the law of the country where the data controller is located," says Maughan; but there are some exceptions (yet another problem).

To Continue Reading: Click Here
--------------------------------------
Source: news.idg.no
By: Leslie Meall

Your Facebook Data File: Everything You Never Wanted Anyone to Know

A group of Austrian students called Europe v. Facebook recently got their hands on their complete Facebook user data files - note, this is not the same file Facebook sends if you request your personal history through the webform in Account Settings.

See, Facebook wants you to feel safe and warm and fuzzy about controlling your own privacy. As we move into the era of the Open Graph and apps that autopost your activities, users are raising serious questions about data collection and privacy.

To help quell these fears, Facebook lets users download their their own data, as they said in an official statement to the Wall Street Journal blog Digits:

“We believe that every Facebook user owns his or her own data and should have simple and easy access to it. That is why we’ve built an easy way for people to download everything they have ever posted on Facebook, including all of their messages, posts, photos, status updates and profile information. People who want a copy of the information they have put on Facebook can click a link located in ‘Account Settings’ and easily get a copy of all of it in a single download. To protect the information, this feature is only available after the person confirms his or her password and answers appropriate security questions.”

Phew, that’s good. But wait... how come the students over at Europe v. Facebook got a different, more complete file when requested through Section 4 DPA + Art. 12 Directive 95/46/EG, a European privacy law? The carefully crafted statement above says they will give you access to everything you’ve put on Facebook - but what about the data Facebook collects without your knowledge?

To Continue Reading: Click Here
--------------------------------------
Source: sheknows.com
By: Laura Willard

Exclusive: HP's new software guy hints at products to come

Mike Lynch, CEO of Autonomy, tells InfoWorld how Autonomy's technology may surface in HP's product mix

In August, HP announced it would spend $10 billion to acquire Autonomy, Britain's largest software company -- a leader in enterprise search, compliance, and cloud archiving with an impressive list of Fortune 50 customers. A classic Silicon Valley soap opera ensued, starring none other than Larry Ellison, who in a September earnings call accused Autonomy founder and CEO Mike Lynch of shopping Autonomy to Oracle prior to agreeing to the acquisition by HP. Lynch has denied the charge.

Either way, the bottom line is that HP's new CEO Meg Whitman has confirmed the acquisition will go through -- and last week the Wall Street Journal reported that the deal will close as early as today. So what can we expect from the union of HP and Autonomy?

[ InfoWorld published the first in-depth interview with HP's previous CEO, Léo Apotheker. Is HP's acquisition of Autonomy a wise move? ]

In my interview with Lynch, we covered a range of solutions that will likely flow from Autonomy, which he says will remain a "fairly independent" independent business division of HP. Here's a quick summary of what Autonomy brings to the party:

A very big public cloud. According to Lynch, Autonomy has a huge hosted e-discovery and archiving service: "A lot of commentators have missed that Autonomy's cloud business is now very large. It's now about 30 petabytes. And that's heterogeneous data -- it's desktops, it's messages -- so what you've got is a great resource if you've got questions about what's going on in a company.

To Continue Reading: Click Here
--------------------------------------
Source: www.infoworld.com
By: Eric Knorr