Questioning Courts' Deference to Broad Electronic Searches

Computers and related digital devices like smartphones store increasingly massive amounts of business and personal data. As a result, when law enforcement obtains a digital device during an investigation of suspected financial crime, child pornography, or other offense, a massive cache of unrelated data is inevitably caught in the net.

Although the Fourth Amendment demands that search warrants be particular as to the material sought and seized, prosecutors invariably argue -- and courts often agree -- that the requested search and its execution necessarily must be extremely broad. Many courts acknowledge Fourth Amendment concerns but nonetheless proceed to embrace, implicitly or explicitly, the following notion: Because investigators do not know in advance where any contraband is located, practical considerations allow them to examine every electronic folder and document seized, however briefly, to rule out the possibility that it contains evidence sought by the warrant.

A recent opinion by the 6th U.S. Circuit Court of Appeals, United States v. Richards, has continued this trend toward sanctioning broad searches and did so by citing heavily to an opinion issued earlier in 2011 by the 3rd Circuit, United States v. Stabile. These and similar opinions raise this question: once the government has obtained a search warrant regarding the contents of a hard drive or phone, whether there are any practical limits to what data may be accessed, viewed and ultimately used to convict.

Although these cases often arise in the context of child pornography investigations -- when courts are presumably particularly reluctant to grant suppression -- the general legal principles that they establish of course govern every kind of case, no matter how complex or esoteric the alleged wrongdoing.

To Continue Reading: Click Here
------------------------------------------------------
Source: law.com
By: Peter D. Hardy and Abraham Rein

Leaked Twitter Subpoena Raises Online Privacy Issues

The leaked subpoena sent to Twitter this month by the Suffolk District Attorney’s Office in Boston is causing some hoopla on the web and raising the issue of law enforcement’s access to online personal data.

On Dec. 14, the D.A.’s Office issued a subpoena to Twitter in order to access the account information of two users who tweeted a list of personal information they allegedly obtained by hacking into the Boston Police Patrolmens’ Association. The hackers stole identifying information and Tweeted it to followers. The subpoena requests “available subscriber information, for the account or accounts associated with the following information, including IP address logs for account creation.”

In the subpoena, assistant D.A. Benjamin A. Goldberger requests that the investigation be kept from the Twitter users as to not impede the ongoing probe. But the information was leaked. We reached out to Twitter for comment, but have yet to hear back.

On Dec. 23 one of the accounts under investigation, @p0isAn0N Tweeted, “Haha. Boston PD submitted to Twitter for my information. Lololol? For what? Posting info pulled from public domains? #comeatmebro.”

To Continue Reading: Click Here
------------------------------------------------------
Source: mashable.com
By: Kate Freeman

The Case for In-House eDiscovery

Litigation Growth Moves Organizations to Develop Skills Internally

In mid-2011, Canada's Scotia Bank set up an internal eDiscovery team of three full-time professionals to tackle litigation issues for the institution in 50 countries.

The goal: to preserve, collect, review, manage and produce any electronic evidence relevant to a court case. For Greg Thompson, vice president of enterprise security services at Scotia Bank, Canada's third-largest institution, eDiscovery has become a top concern because of the rising litigation caseload. Failure to comply with an eDiscovery request could result in fines or other penalties.

The main reasons for establishing an internal eDiscovery team, versus outsourcing it: huge cost savings, increased control of data and a better understanding of the litigation process.

"Satisfying a court order is heavy lifting," Thompson says. "The cost and risks of outsourcing this service with regards to the number of litigations we are dealing with has skyrocketed. If you send your data to an external party for investigations, you can expect to pay somewhere around $2,000 per day compared to internal expertise, where we spend around $800 per day."

Scotia Bank's choice is increasingly common among private and public sector organizations worldwide. The expansion of litigations, electronically stored information and the risk of sending data to third parties are pushing these organizations to develop their own eDiscovery capabilities.

"eDiscovery is becoming a big deal," says David Matthews, deputy chief information security officer for the City of Seattle in the U.S., and author of a forthcoming book called "Electronically Stored Information: The Complete Guide to Management, Understanding, Acquisition, Storage, Search, and Retrieval." "Every bit of infrastructure and activity generates electronic data, so organizations and individuals are expected to understand by law where their electronic evidence is and how it's accessed and produced in court."

To Continue Reading:  Click Here

------------------------------------------------------

Source:  Healthcare Info Security

By:  Upasana Gupta

Time To Revise Your Social Media Policy on Who Owns Your Followers

Earlier this fall, a judge ruled that a lawsuit filed by the PhoneDog.com over one of its long-departed employees, Noah Kravitz, has merit. According to Eric Goldman's Technology and Marketing Law Blog, the company is suing Kravitz over three points, including trade secrets and misappropriation of the account. The ruling, reported by Goldman and the New York Times, states that Kravitz is liable for several hundred thousand dollars in damages, calculated at $2.50 per month per Twitter follower.

This isn't the first conflict over who owns your Twitter account, and it certainly won't be the last. When Rick Sanchez left CNN he kept his account but changed the name. This is what Kravitz did when he left PhoneDog.

What this means to me is that now more than ever you need to get your social media policies firmed up and clarified. As in, start a conversation with your corporation counsel asap.

Dell's senior legal counsel Ryan Garcia recommends that any firm creating a social media policy take the time to understand how they are going to be using social media before they put anything together. "You also want to cover both extreme cases, where someone is an experience social media user before they came to the company, as well as a neophyte who learns while on the job." There is risk involved in both situations: a Twitter pro could get sued, as in the case of PhoneDog, from his previous employer. Or a newbie could garner a bunch of followers and then take this newfound popularity to a competitor.

To Continue Reading: Click Here
------------------------------------------------------
Source: readwriteweb.com
By: David Strom

Is Your Company Tweeting Its Way Into Trouble?

In the October 2010 issue of Corporate Counsel, we provided five tips that corporations should follow to avoid "E-Trouble," a term we coined to refer to the devastating impact emails and electronically stored information can have in litigation. With social media use exploding nationwide, the E-Trouble threat has expanded to platforms such as Facebook, Twitter, LinkedIn, MySpace, YouTube, and Foursquare, which all allow users to create profiles and "connect" with others to meet new people; share ideas, news, entertainment, personal information, photographs, and videos; and engage in networking. 


An August 2011 Nielsen Company study found that Americans spend nearly a quarter of their online time on social networking sites and blogs, a 43 percent increase from the previous year. Since social media sites have become increasingly popular for marketing and business purposes, the risk of E-Trouble has increased, and managing that risk is mission-critical for corporations operating in today's online world. 


New York Congressman Anthony Weiner's fall from grace this past summer was caused by his misuse of social media. Weiner's case may be extreme -- he was forced to resign over a scandal begun by a Twitter post -- but the case should serve as a warning: Online activities do not remain "private" and can be very damaging. Even well-educated users exercise poor judgment while utilizing social media sites. 


To Continue Reading: Click Here 
------------------------------------------------------ 
Source: law.com 
By: Judah Lifschitz and Laura Fraher

Weighing the Burden, Court Excuses Plaintiff from Reviewing Millions of Pages from Unallocated Space

I-Med Pharma, Inc. v. Biomatrix, Inc., No. 03-3677 (DRD), 2011 WL 6140658 (D.N.J. Dec. 9, 2011)

“This case highlights the dangers of carelessness and inattention in e-discovery.” In this case, the court affirmed the order of the Magistrate Judge which excused plaintiff from the obligation of reviewing and producing millions of pages of documents recovered from unallocated space files in light of the extreme burden and cost of such an undertaking.

Pursuant to a stipulation between the parties, defendants hired an expert to conduct a keyword search of plaintiff’s computer network, servers, and related storage devices. Per the court's order, plaintiff was to produce the results of the examination. There were more than 50 search terms, and many were also run in French. Moreover, “the search was not limited to targeted document custodians or relevant time periods. Indeed, the search was not even limited to active files.” The search was instead run “across all data on the computer system” including unallocated space. Unsurprisingly, the results were voluminous, returning 64,382,929 hits in unallocated space alone which represented approximately 95 million pages of data.

Following a telephonic hearing, the Magistrate Judge entered an order permitting plaintiff to withhold data found in the unallocated space and allowing defendants to seek reimbursement for the costs incurred in extracting and searching that data. Among other things, the order was based on findings that the burden of the review would outweigh any potential benefit and that the likelihood of finding relevant, admissible evidence was “minimal.”

To Continue Reading: Click Here
------------------------------------------------------
Source: ediscoverylaw.com

New Utah Rule 26: A Blueprint for Proportionality in eDiscovery

The eDiscovery frenzy that has gripped the American legal system over the past decade has become increasingly expensive. Particularly costly to both clients and courts is the process of preserving, collecting and producing documents. This was supposed to change after the Federal Rules of Civil Procedure (FRCP) were amended in 2006. After all, weren’t the amended rules designed to streamline discovery, allowing parties to focus on the merits while making discovery costs more reasonable? Instead, it seems the rules have spawned more collateral discovery disputes than ever before about preservation, collection and production issues.

As a solution to these costs, the eDiscovery cognoscenti are emphasizing the concept of “proportionality.” Proportionality typically requires that the benefits of discovery be commensurate with its corresponding burdens. Under the Federal Rules of Civil Procedure, the directive that discovery be proportional is found in Rules 26(c), 26(b)(2)(C) and Rule 26(b)(2)(B). Under Rule 26(c), courts may generally issue protective orders that limit or even proscribe discovery that causes “annoyance, embarrassment, oppression, or undue burden or expense.” More specifics are set forth in Rule 26(b)(2)(C), which enables courts to restrict discovery if the requests are unreasonably cumulative or duplicative, the discovery can be obtained from an alternative source that is less expensive or burdensome, or the burden or expense of the discovery outweighs its benefit. In the specific context of electronic discovery, Rule 26(b)(2)(B) restricts the discovery of backup tapes and other electronically stored information that are “not reasonably accessible” due to “undue burden or cost.”

Despite the existence of these provisions, they are often bypassed. The most recent and notable example of this trend is found in Pippins v. KPMG (S.D.N.Y. Oct. 7, 2011). In Pippins, the court ordered the defendant accounting firm to continue preserving thousands of employee hard drives. In so doing, the court sidestepped the firm’s proportionality argument, citing Orbit One v. Numerex (S.D.N.Y. 2010) for the premise that such a standard is “too amorphous” and therefore unworkable. Regardless of cost or burden, the court reasoned that “prudence” required preservation of all relevant materials “until a more precise definition [of proportionality] is created by rule.”

To Continue Reading: Click Here
------------------------------------------------------
Source: eDiscovery 2.0 
By: Philip Favro 

Obama Administration Memorandum Creates New Opportunities For Records Management SMBs

A recent presidential memorandum requires federal agencies to digitize their recordkeeping processes, all but forcing additional collaboration with private companies in the area of e-discovery and records management.

On November 28th, the Obama administration issued a presidential memorandum requiring 480 federal agencies to begin the process of digitizing federal documents and creating electronic records management procedures within their organizations.

The move has important implications not only for federal agencies, but also for private records management firms, many of which will be called upon to assist with the digitization of millions of existing documents and help create processes for the efficient execution of electronic records management on a go-forward basis.

Tasked with overseeing the initiative, the National Archives and Records Administration (NARA) has estimated that the government's trove of paper documents has grown by 475 million pages each year over the past decade.

To Continue Reading: Click Here
------------------------------------------------------
Source: gaebler.com
By: Resources for Entrepreneurs Staff

Overly Onerous E-Discovery Demands Can Backfire

Federal courts have been ruling that prevailing parties are entitled to recover their discovery costs. The costs resulting from electronic discovery continue to be a critical concern for clients and their counsel. Seven years after enactment of cost-shifting provisions into the federal civil rules, substantial e-discovery costs continue to fall heavily on producing parties -- often defendants in complex litigation -- and can rise to a level that affects both pretrial and settlement strategy.

A number of recent federal district court decisions, however, offer some potential relief for parties that, in response to onerous requests, incur significant costs related to collection, review, and production of electronically stored information. These decisions award prevailing parties the costs and expenses of electronic discovery as part of the parties' bill of costs.

The Federal Rules of Civil Procedure provide that "[u]nless a federal statute, these rules, or a court order provides otherwise, costs -- other than attorney's fees -- should be allowed to the prevailing party." Fed R. Civ. P. 54(d)(1) (2006). The fees that can be recovered by a prevailing party are detailed in 28 U.S.C. 1920. That section provides, in part, that a prevailing party may be awarded costs including "[f]ees for exemplification and the costs of making copies of any materials where the copies are necessarily obtained for use in the case[.]" 28 U.S.C. 1920(4) (2008).

To Continue Reading: Click Here
------------------------------------------------------
Source: law.com
By: Benjamin R. Barnett and Rebecca S. Kahan

Compare and Contrast: Network and Internet Remote Collection Tools

After I compared e-discovery self-collection tools in August, readers asked why I didn't include software delivered over the network or the internet. Sending USB drives to custodians to self-collect data and using network-enabled, remote collection software are two ways to reach the same goal, but with different approaches that aren't easily compared.

I sent five providers a request for information about collecting data relevant to litigation from numerous custodians who work outside of a central office location. I specified that the collection should be conducted over the network or internet without sending custodians USB drives.

AccessData, BIA, Guidance Software, and PinPoint Labs responded, describing how their network-enabled products provide real-time management tools to monitor and report on multiple collections — which are not available when you simply deliver a hard drive. With network software, reports during collection can be viewed and downloaded in Microsoft's Excel or .csv format.

To Continue Reading: Click Here
------------------------------------------------------
Source: law.com
By: Sean Doherty

Delaware's Default E-Discovery Developments

On Dec. 8, 2011, the Federal District Court for the District of Delaware posted two new default standards for litigation: the Default Standard for Discovery, Including Discovery of Electronically Stored Information ("ESI") and the Default Standard for Access to Source Code.

These new default standards were developed by the district court's Ad Hoc Committee for Electronic Discovery which included District Court Judge Sue L. Robinson and Magistrate Judge Mary Pat Thynge, practioners from the bar, and in-house counsel. This is the second time that the Delaware default rules have been updated.

The Delaware Federal Court first published default electronic discovery rules in 2004, two years before the 2006 Federal Rules of Civil Procedure ESI amendments. The court updated the default standards in 2007 to address the changes brought on in the 2006 FRCP amendments. These latest revisions address head-on some of the most challenging discovery issues that have arisen since the FRCP amendments went into effect. The discovery standards encourage the parties' cooperation in discovery. However, if the parties fail to agree on the "parameters and/or timing of discovery," then the default standards will apply unless or until the parties reach agreement or the court issues its own orders. (Para. 1.a.) Experience with the prior default standards has, in fact, led parties to cooperate early in the discovery process and tailor their discovery plan to be consistent with the case requirements rather than deal with some of the default provisions.

To Continue Reading: Click Here
------------------------------------------------------
Source: law.com
By: Mark Michels

Zero e-mail at work 'possible but not easy'

Eliminating the use of e-mail as an internal communication tool among staff in an organization is not impossible, but it is not easy either. While the adoption of social enterprise and collaboration tools is indubitably on the rise, traditional e-mail's ease of use and how it is already entrenched in work culture can be further enhanced with social media integration.

According to Richard Absalom, analyst for consumer IT at Ovum, the move toward zero internal e-mail will gradually catch on among companies.

He explained that social collaboration platforms such as Yammer, Jive and Chatter are seeing growing adoption, though, for the most part these are currently used as additional tools alongside e-mail.

Hence, for some companies, the "next logical step would be to use these social tools as an e-mail replacement", Absalom said in an e-mail interview.

Looking in the long term, new recruits in an organization, especially those from Generation Y, would also generally be happier, more familiar and, hence, productive using social communication tools as opposed to e-mail, he added.

With such tools, employees can also save time from not having to filter through spam and unimportant e-mail messages, he said. There is also the potential for more productivity and easier collaboration through interaction, recommendation and discovery, he added.

To Continue Reading: Click Here
------------------------------------------------------
Source: zdnetasia.com
By: Jaimie Yap 

Plaintiffs Have Their Own Duty to Preserve

Their attorneys must see that they obey it, especially since the client has a vested interest in the dispute

Consider the following hypothetical scenarios:

• the plaintiff claims she was harassed at work, but laments in an online chat room that she has a romantic crush on her boss and is upset that he will not pay attention to her;
• the plaintiff claims he suffers from a debilitating injury that prevents him from working, but on Facebook posts pictures and videos of his post-injury rock-climbing vacation, albeit in a "private" section of his Facebook account that only Facebook "friends" can view; and
• the plaintiff frequently posts daily musings about her employer on a blog called "Ihatemyemplyer.com." She then sues her employer alleging a multitude of claims.

While the focus of electronic discovery is often on the defendant's information technology systems and data sources, litigants should not lose sight of the fact that e-discovery is a two-way street, and obligations apply just as forcefully to plaintiffs -- who often anticipate litigation well in advance of any defendant.

To Continue Reading: Click Here
------------------------------------------------------
Source: law.com
By: Paul Weiner

eDiscovery Confidential: A Look Ahead At 2012

2011 proved to be a lively chapter in the eDiscovery odyssey, with notable acquisitions of eDiscovery vendors by technology giants HP and Symantec, and a growing focus in the federal courts on creating strong judicial standards around eDiscovery.

As the amount of electronically stored information (ESI) continues to grow exponentially, it’s inevitable that the energy of regulators and the courts, along with the capital resources of strategic investors and acquirers, will increasingly be directed at eDiscovery software and services.

At the same time, the burgeoning costs associated with growing ESI will prompt litigants and the courts to look for innovative ways to reduce the cost of eDiscovery while continuing to effectively manage litigation and regulatory matters. Against that backdrop, here are my 5 predictions for eDiscovery in 2012:

1. No Country for Old Pricing
In this era of big data, the amount of electronically stored information has continued to increase significantly, and along with it, the cost of eDiscovery under the industry-standard per-gigabyte pricing model. Because eDiscovery has become an integral part of litigation, market forces will require a re-evaluation of pricing strategies. In order to remain competitive, eDiscovery vendors will begin implementing alternative fee arrangements and flexible pricing structures in order to meet evolving client demands.

To Continue Reading: Click Here
------------------------------------------------------
Source: businesscomputingworld.co.uk
By: Kurt Jensen

Social Media, e-Discovery Bring IT, Legal Closer Together

Working well together is a skill that most of us learned in kindergarten. However, for IT and legal departments, it’s a skill that they are still learning to master. But according to Recommind’s third annual survey on the working relationship between corporate IT and legal departments, the two departments are getting better about working together.


Works Well With Others
According to the report (PDF), which surveyed senior IT managers at enterprises averaging 17,500 employees, both IT and legal are making e-Discovery a higher priority, which seems to be bringing the two departments together. To be more specific, the report highlights a few promising trends.

In 2010, 54.5% rated the relationship between legal and IT has good or very good. In 2011, 52.1% rated it as such. Yet despite the slight decrease, there are other indicators that the relationship between the two is improving. Almost 67% report that legal and IT are meeting to collaborate or strategize at least once per quarter (compared to 48.4% in 2010) and fewer respondents across departments rated e-Discovery as a low or very low priority than they did in 2010.

To Continue Reading: Click Here
------------------------------------------------------
Source: cmswire.com
By: Marisa Peacock

5 steps to choosing the right cloud provider

Is your business considering a switch to cloud computing in the New Year? If so, you might want to take note of the following best practices from Andy Brewerton, Country Manager for cloud back-up specialists, EVault. 


Choosing a cloud provider that’s right for you Andy Brewerton, Country Manager, UK & Ireland, EVault 


According to a recent Forrester Research report, about half of all midsize companies are either pursuing cloud-based services as part of their business practices, or they’re in their near-term implementation. Why? The realised benefits are clear– reduced infrastructure costs, pay-as-you-go services, flexibility, agility, and significantly reduced IT management and oversight. 


Yet despite the massive migration to the cloud, businesses are still confused when it comes to data ownership, data privacy, data location, and cloud IT governance oversight. 


Some of the frequently asked questions are: “Do I own my data in the cloud? Who is responsible for protecting my data? How secure is my service provider? How can providers safeguard my data from ending up across the globe? And, who is actually providing the oversight?” 


It seems that there are always the issues of trust, reliability, compliance and security when you’re looking to partner with a cloud service provider, so to make sure that you are choosing or working with the most secure cloud service provider for you, follow these best practices… 


To Continue Reading: Click Here 
------------------------------------------------------ 
Source: businesscloudnews.com 

How the Proposed 2012 EU Directive on Data Privacy Could Impact Social Media

Last week we held a senior executive round table event at Claridges and one of the topics of discussion was about the proposed European Union (EU) directive on data privacy and the potential impact of this on social media.


As current EU data laws were created in 1995, before the rise of Facebook and other social networking sites, the EU has proposed a new directive on data privacy which is due to come into place in January 2012.


In essence, European politicians are seeking to simplify the EU Data Protection Directive in order to give businesses within the EU only “one law” with “one data protection authority”. Proposed changes to the data law aim to unify the existing legislation of each EU Member State, making it easier for businesses to transfer data.


According to Reuters, EU officials expect the draft legislation to be ready early next year (as early as January 2012) but it could take up to 18 months for the bill to become law, meaning that businesses will still have to comply with disparate laws and often conflicting decisions made by data protection authorities (DPAs) in each of the 27 Member States.


To Continue Reading: Click Here
------------------------------------------------------
Source: business2community.com
By: Joe Stratmann

E-Discovery Pitches Meet Sabermetrics

A pair of e-discovery research projects, intended to test new methods and processes, may also lead to customers receiving extra velocity on sales pitches this spring.


That's because in addition to the final results of the U.S. government's annual Text Retrieval Conference (TREC) Legal Track, due in February, there will also be a new round of the nonprofit Electronic Discovery Institute's own performance study, last conducted in 2006. In both cases, the contests pit teams of document reviewers, using their choice of software, all working on the same data set to learn which methods are the fastest and most thorough.


Such benchmarks may be the e-discovery equivalent of sabermetrics in professional baseball -- the concept that computers and measurements are more useful than a veteran leader's intuition.


Similarly, organizers of both projects know that real-world customers value cost savings, ease-of-use, and efficient processes, not laboratory results. As such, teams from both sides are discouraged from openly discussing test results and from using results for marketing and sales purposes. Some do anyway, especially after results begin to circulate in the legal technology community. For example, among predictive coding specialists, Equivio this month published advertisements touting its 2010 TREC performance, while its rival Recommind is already asserting high marks based on preliminary results from the 2011 edition. (Law Technology News viewed TREC documents from both years and found mixed evidence of both vendors' claims.)

To Continue Reading: Click Here
------------------------------------------------------
Source: law.com
By: Evan Koblentz

House Judiciary Subcommittee: No Need to Act on EDD Costs

The House Judiciary Subcommittee on the Constitution convened its hearing on "The Costs and Burdens of Civil Discovery" on Tuesday, Dec. 13, to address whether amendments to the Federal Rules of Civil Procedure (FRCP) are needed to ameliorate what the corporate legal community considers to be excessive costs and burdens of e-discovery. In the end, the consensus of the participating members was that the question is being actively studied by the Federal Judicial Conference's Civil Rules Advisory Committee, so there is no reason for Congress to involve itself at this time. 


In his opening statement, Chair Trent Franks stated that the current discovery rules "appear to fall short" of the goal of encouraging the just, speedy, and inexpensive resolution of disputes envisioned by FRCP 1. "Costs are increasing because the discovery rules are too vague," Franks said, and the "[v]ague standards and harsh sanctions leave parties no choice but to preserve excessive amounts of data." 


Rep. Jerrold Nadler, D-N.Y., opened his statement with the observation that the title of the hearing did not "even remotely acknowledge" the critical role discovery plays in uncovering facts so that cases can be resolved on the merits. While acknowledging that electronic data discovery poses new challenges and burdens to litigants, Nadler pointed out that electronic data has also "proven particularly valuable in uncovering critical evidence and improving accountability," and that "we should not lose sight of the tremendous benefits of discovery in our focus on its alleged costs and burdens." Nadler also read from a letter submitted to the subcommittee by the Civil Rules Advisory Committee, which urged the subcommittee "to allow the Rules Committees to continue their consideration of these issues through the thorough, deliberate, and time-tested procedure Congress created in the Rules Enabling Act." 


Next up, Rep. John Conyers, D-Mich., pointedly asked Franks why no members of the advisory committee had been invited to testify at the hearing. When Franks responded that some judges on the Advisory Committee believed it was more appropriate for that committee to convey its position by letter, as opposed to appearing before the Congressional subcommittee, Conyers quipped that "apparently, their letter may not have been as persuasive upon you as they had hoped it would because you determined to continue the hearing anyway." Conyers then noted that less than one-tenth of 1 percent of federal cases involve the level of discovery costs that were subject of the hearing, "which suggests that this hearing may be based on some corporation insistence that they be heard about this matter" rather than a genuine need to consider rules changes.


To Continue Reading:  Click Here
-------------------------------------------------------------
Source:  law.com
By: Henry Kelston

e-Tips and Traps: Is Connecticut ready for new e-discovery rules?

Connecticut state courts leap into the modern world on Jan. 2, 2012 with the implementation of new electronic discovery rules.

In theory, this will make it easier for victims of medical malpractice or corporate wrongdoing to secure “smoking gun” evidence. As with any cases, a lot will depend on the competence of judges and litigators. Still more critical in this rapidly-evolving arena could be the experts hired by opposing parties to either ferret out hidden evidence or demonstrate good faith in the evidence production.

Very few professionals – including vendors, lawyers and judges – know how to collect data for litigation.

“I don’t think the judges know a lot – even the ones who write the opinions,” attorney Julia Brickell of Columbia University told the New Haven Bar Association last month. Brickell, a former vice president and deputy general counsel for Philip Morris USA, currently runs an automated document review firm in New York. She said the costs of electronic discovery – if not managed properly – can be wildly disproportionate to the value of a case.

Most states now have electronic discovery rules, based somewhat on the federal rules adopted in 2006. Basically, the rules force lawyers for opposing parties to meet at the onset of a civil action to work out the sharing of electronically stored information. This will have a huge impact on business because more than 90 percent of business documents are created and stored electronically. Electronic data can be located pretty much anywhere, from sources including flash drives, audio and video files, corporate servers, home and work computers, hard drives, DVDs, CDs and social media.


To Continue Reading: Click Here
------------------------------------------------------
Source: registercitizen.com
By: Bill Murray & Andy Thibault

5 Big Database Breaches Of Late 201

Healthcare breaches have dominated the second half of the year. Consider these lessons learned.

Though the second half of the year has been comparably calmer than the first half's excitement over database breaches at RSA, Sony, and Epsilon, the breach numbers continued to roll in -- especially at healthcare organizations, which made up a disproportionate number of exposed records. Here are some of the biggest breaches that went down in the second half of the year, along with a few database security lessons learned.

1. The Breach Victim: Nemours
Assets Stolen/Affected: Names, addresses, dates of birth, Social Security numbers, insurance data, medical treatment data, and bank account information for 1.6 million patients, vendors, and employees.

Three unencrypted tapes containing a mother lode of personal information on patients, vendors, and employees were lost amid the dust of a facility remodel project when a cabinet that held them since 2004 went missing.

Lessons Learned: Database backups are often the Achilles' heel in enterprise database security. Because of their portability and longevity, database backup tapes are frequently lost in transit or in these types of relocation scenarios. Encryption of data is key to ensuring security even when tapes can't be physically secured.

To Continue Reading: Click Here
------------------------------------------------------
Source: darkreading.com
By: Ericka Chickowski

Old Smartphones Leave Tons Of Data For Digital Dumpster Divers

A recent forensics examination shows how much information is left behind after smartphones are tossed in the discard pile

A recent exploration made by a digital forensics company into a handful of phones found in the smartphone secondary market showed how easy it is to glean information from old or lost phones, even if a factory reset has been committed. Today an expert from Access Data gave Dark Reading the skinny on his findings from his informal research and explained some of the repercussions for both corporations and consumers who don't pick, manage, or dispose of their phones wisely.

"I buy a lot of recycled phones and there is tons of data still on them," says Lee Reiber, director of mobile forensics for AccessData, "I'd guess if you went and grabbed ten phones [from recycling companies], 60 percent of those are going to contain data still."

Reiber says that at the behest of a customer interested in the data lingering on phones sold by used phone resellers and consumers using Craigslist and eBay, he used AccessData's tools to do an in-depth forensics dive into five handsets acquired from this secondary market. The phones were the iPhone 3G, Sanyo 2300, HTC Wildfire, LG Optimus, and HTC Hero. Of those five, the iPhone and the old Sanyo had not been reset and contained what Reiber called logical data, things like active account sign-ons, contacts, and calendar information easily usable by any person who turns on the phone.

Even though all of the Android phones had been wiped through a factory reset, four of the five phones also included information that would take someone with forensics tools and knowledge to extract from more hidden storage locations.

To Continue Reading: Click Here
------------------------------------------------------
Source: darkreading.com
By: Ericka Chickowski

Strong Strong Objections to the Magistrate Judge's Order in 'Pippins'

Since my column last month, in which I discussed the U.S. District Court for the Southern District of New York's 2011 opinion in Pippins v. KPMG, many online journals and bloggers have noted and weighed in on the opinion, in which Magistrate Judge James L. Cott denied KPMG's motion to preserve a sampling of only 100 hard drives that could contain relevant data, as opposed to the 2,500 hard drives the defendant had been preserving at the cost of $1.5 million and an additional 6,500 it might have to preserve. Instead, the court ordered preservation of all 9,000 hard drives. 


On Oct. 28, KPMG filed an objection; a week later, on Nov. 4, the U.S. Chamber of Commerce filed an amicus brief in support of KPMG, and a week after that, on Nov. 11, the Washington Legal Foundation filed its amicus brief.  


As discussed in far greater detail in my November column, the plaintiffs in Pippins, KPMG audit associates of different types, challenged KPMG's treatment of them in its audit practice as exempt employees under the federal Fair Labor Standards Act and New York State Labor Law by misclassifying them as exempt employees under the FLSA, causing them to be deprived of overtime wages for time they worked in excess of 40 hours per week. They further alleged that KPMG failed to keep accurate records of the time they worked. The plaintiffs moved for class certification and KPMG objected. KPMG also sought a protective order to limit the scope of its preservation obligations to require it to preserve only a random sample of 100 hard drives from among those hard drives of former audit associates that it had already preserved in the course of this and other litigations. The parties could then search the drives using keywords proposed by plaintiffs. 


In support of its motion for a protective order, KPMG made several arguments. It noted that the plaintiffs' argument that each class member's hard drive had to be preserved because it could hold data that was unique to that class member was inconsistent with its motion to certify the plaintiffs as a class. It argued that it had broadly preserved extensive and detailed human resource records that would establish the job duties and hours of audit associates, thus making preservation of the hard drives irrelevant or, at best, of marginal importance. It strongly asserted that the cost of preserving just the first 2,500 hard drives, at $1.5 million and climbing (the additional 6,500 drives would, presumably, add an additional $3.9 million), was wildly disproportionate to the value of the matter, and that the proportionality test under Federal Rule of Civil Procedure Rule 26(b)(2)(B) should be applied to narrow the universe of drives to be preserved.

To Continue Reading: Click Here 
------------------------------------------------------ 
Source: law.com 
By: Leonard Deutchman

L.A. won't put LAPD on Google's cloud-based email system

The City Council votes to scale back L.A.'s email services contract with Google, saying its technology could not meet the security needs of departments including police and the city attorney's office.

In a setback for Google Inc.'s ambitions to be a major provider of email service to governments, Los Angeles has abandoned plans to move 13,000 law enforcement personnel to the Internet company's cloud-based messaging system.

The Los Angeles City Council voted Wednesday to scale back the city's email services contract with Google, agreeing with staff analysis that the company's technology could not meet the security needs of crucial departments including police and the city attorney's office. The city will continue using Google's email system for 17,000 other employees.

The latest security worries are likely to slow Google's push into the lucrative government email business, analysts said. The Los Angeles contract was considered a marquee win for Google, which two years ago beat Microsoft Corp., the dominant email services provider.

To Continue Reading: Click Here
------------------------------------------------------
Source: latimes.com
By: David Sarno

Carrier IQ Defends Mobile Phone Monitoring Tool as FBI Denies FOIA Request

The FBI denies a Freedom of Information Act request for information the agency has on Carrier IQ as the beleaguered startup continues to assert its tool is not a keylogger.

The FBI has denied a request for information on how the nation's topmost law enforcement agency is using Carrier IQ's mobile diagnostic and monitoring software.

Michael Morisy of Muckrock News filed on Dec. 1 a Freedom of Information Act (FOIA) request for "manuals, documents or other written guidance used to access or analyze data gathered by programs developed or deployed by Carrier IQ." The FBI denied the request on Dec. 7, claiming that complying with the request may "interfere" with "pending or prospective enforcement proceedings."

David Hardy, the section manager of the FBI's Records Management Group, said the FBI has in its possession "responsive documents" pertaining to Carrier IQ but will not release the documents as requested, according to a copy of the letter posted along with the FOIA request on MuckRock.com.

"I have determined that the records responsive to your request are law enforcement records; that there is a pending or prospective law enforcement proceeding relevant to these responsive records," Hardy wrote.

Morisy said it is not clear whether the FBI is using Carrier IQ in its own investigations, whether it is currently investigating the company or a combination of both. However, Jeff Cormier, an attorney with The Next Web, said there is no indication of an ongoing investigation, since the letter mentioned only "pending or prospective" proceedings.

The denial was most likely because Sen. Al Franken, D-Minn., and other congressional lawmakers are asking for the Federal Trade Commission to investigate, according to Cormier. "That is the likely reason why information is being withheld. It's completely inaccurate to state there is an 'ongoing investigation,'" Cormier said.

To Continue Reading: Click Here
------------------------------------------------------
Source: eweek.com
By: Fahmida Y. Rashid

How to Create and Implement an Information Management Policy

Mitigate potential legal risks and costs by applying clear, consistent rules to all data

As is invariably the case in technological advances, the many benefits of digital records are offset by significant risks. Chief among these risks is the cost of electronic discovery during litigation. E-discovery is the use of sophisticated sampling and search tools to mine databases for documents relevant to a lawsuit.

The more files there are to search, the larger a company's e-discovery costs are likely to be. Thanks to IT professionals' commitment to being excellent stewards of data, a company can have tens of thousands of backup tapes stored, each of which can contain 10 million documents – all of which may be subject to e-discovery. The result could be millions of dollars in e-discovery costs in the event of litigation.

The solution to this potential problem is obviously to store less data. But how does a company know what to keep and what to delete? If they are not careful, company executives could find themselves in serious legal trouble (perhaps accused of destroying evidence) if they delete the wrong documents. There is also the danger of deleting information that is vital to company operations.

In the face of these big unknowns, many companies simply do nothing and hope for the best. But, as the old saying goes, hope is not a strategy.

The solution is to create and thoroughly implement an information management policy that clearly lays out what kind of data should be kept and what kind should be deleted. In my experience as an e-discovery professional, very few companies have done this. Fortunately, I worked with a large national firm that recently spent a year designing and implementing such a policy that is working quite well.

To Continue Reading: Click Here
------------------------------------------------------
Source: information-management.com
By: Tom Turner

Keeping your lawyers happy -- it's not impossible!

Is your collaboration system a legal record or a legal risk? To put it simply, if you can just delete information, then it's not a legal record.

If you use your collaboration platform to manage project risk, then you must be able to ensure the integrity of "data records." In an increasingly complex legal and regulatory environment, you must understand completely where your data is, who controls it, and whether how you store it, protect it, share it, and destroy it is consistent with the specific laws that apply to your industry and operation.

An absolutely unbreakable rule is that data records cannot simply be deleted by anyone at any time. They actually must become part of a system of records that is tightly controlled, typically by the legal or records information management department.

That being said, if you are using any kind of collaboration solution that allows data to be permanently deleted by users, then you aren't creating the necessary system of records, putting your organization at significant risk of regulatory and compliance violations, as well as monetary sanctions in the event of a legal hold or e-discovery process.

To Continue Reading: Click Here
------------------------------------------------------
Source: blogs.computerworld.com
By: Leigh Jasper

Still No Bright-Line Rules on Spoliation Sanctions

In 2010, federal courts in New York, Texas, and Maryland rendered well-publicized decisions on the proper factors to consider on a motion for sanctions based on spoliation of electronically stored information. Two issues predominated in each case -- culpability and prejudice. In the first decision, Pension Committee of the University of Montreal Pension Plan v. Banc of America Securities,[FOOTNOTE 1] the court in the Southern District of New York held that sufficiently culpable conduct was enough to warrant severe, even case-dispositive, sanctions irrespective of whether the innocent parties demonstrated that the loss of such ESI was prejudicial.

The subsequent decisions, Rimkus Consulting Group Inc. v. Cammarata,[FOOTNOTE 2] and, perhaps more so, Victor Stanley Inc. v. Creative Pipe Inc.,[FOOTNOTE 3] seemed to de-emphasize culpability; focusing instead on the alleged relevance of the spoliated ESI and the resulting prejudice to both the innocent party's case and the truth-finding process. Since these decisions, several federal district courts have weighed in on the proper analysis for ESI spoliation motions with differing results but some trends are emerging.

This article briefly summarizes the three 2010 decisions referenced above with particular emphasis on how those courts analyzed the issues of culpability and prejudice and the relative weight allocated to each such issue in fashioning spoliation sanctions. The article then examines several 2011 decisions to determine whether, and to what extent, federal courts have followed these decisions in considering spoliation motions. Finally, given the uncertainty that remains with respect to ESI spoliation law, the article concludes with recommendations for establishing and maintaining defensible litigation holds, which remain critical in avoiding potentially case-dispositive spoliation sanctions.

To Continue Reading: Click Here
------------------------------------------------------
Source: law.com
By: Keith M. Brandofino and Ian M. Goldrich

Backup Tapes and Archives Bursting at the Seams? The Seven Year Itch Has Technology to Answer the Scratch

Just like Marilyn Monroe stopped traffic in her white dress in The Seven Year Itch, enterprises are being stopped dead in their tracks by the data explosion, lack of information governance policies and overstuffed IT infrastructures. During the 2004-05 timeframe, a large number of enterprises began migrating to an archive, and this trend has kept steady pace since. Archiving historically began with email, but has been recently extended to many other forms of information, including social media, unstructured data and cloud content. This adoption was somewhat related to the historic Zubulake ruling, that required preservation to attach upon “reasonable anticipation of litigation.” Another significant driver behind the archive need is the ability to comply with a range of statutes and regulations. The reality is it is difficult to preserve efficiently and defensibly without an archive and other automatic classification technologies. Some companies still complete the information management and eDiscovery processes manually, but not without peril.

Currently, there is a sudden upsurge in corporations finally starting to shrink the archives that they implemented to manage email, legal preservation requirements and regulatory compliance. After roughly seven years, over which time there have been many advances in technology, a shift in thinking is taking place with regard to information governance and data retention. Change has been borne out of necessity, as infrastructures are suffering with the amount of data they are retaining and the pains associated with searching that data. This shift will enable companies to delete with confidence, clean up their backup tapes, shrink their archives, and manage/expire data on a go-forward basis effectively. Collectively, this type of good information governance hygiene allows organizations to minimize the litigation risk that’s attendant with bloated information stores.

One reason many archives have become so bloated is because many enterprises purchased archiving software, but did not properly enable expiry procedures according to a defensible document retention policy. This resulted in saving everything for the past seven or so years. Another reason for retaining all data in the archive was because enterprises were afraid to delete anything fearing being accused of spoliation and/or the inability to retrieve data that should have been on legal hold. These two reasons combined have resulted in companies being forced to address the impact of having to search this massive amount of data in the archive each time a matter arises. The resulting workflow for data collection is time consuming and expensive, especially for companies that still employ third party vendors for data collection. For many organizations, the situation has become unsustainable from both a legal and IT perspective.

To Continue Reading: Click Here
------------------------------------------------------
Source: e-Discovery 2.0
By: Allison Walton

Secrets of Search – Part One

Two weeks ago I said I would write a blog revealing the secrets of search experts. I am referring to the few technophiles, lawyers, and scientists in the e-discovery world who specialize in the search for relevant electronic evidence in large chaotic collections of ESI such as email. I promised the exposé would include a secret deeply hidden in shadows, one only half-known by a few. Before I can get to the dark secret, I must lay bare a few other search secrets that are not so hidden.

A Secret of Search Already Known to Many

The first secret of search here exposed is the same kind of secret as those revealed in Spilling the Beans on a Dirty Little Secret of Most Trial Lawyers. You probably have heard it already, especially if you have read Judge Peck’s famous wake-up call opinion in William A. Gross Construction Associates, Inc. v. American Manufacturers Mutual Insurance Co., 256 F.R.D. 134, 136 (S.D.N.Y. 2009). He repeated it again recently in his article Predictive Coding: Reading the Judicial Tea Leaves, (Law Tech. News, Oct. 17, 2011), that I wrote about in Judge Peck Calls Upon Lawyers to Use Artificial Intelligence and Jason Baron Warns of a Dark Future of Information Burn-Out If We Don’t. Despite these writings and many CLEs on the subjects, most of your less informed colleagues in the law still don’t know these things, much less litigants or the public at large. It would seem that Jason R. Baron’s dark vision of a future where no one can find anything is still a very real possibility.

The wake-up call on search has a long way to go before it is a shot heard round the world. I am reminded of that on almost a daily basis as I interact, usually indirectly, with opposing counsel in employment cases around the country. They often insist on antiquated search methods. So bear with me while I begin by repeating what you may have already heard before. I promise that the exposé of these more common secrets will also set the stage for revealing the seventh step of incompetence causality that I mentioned in last week’s blog, Tell Me Why?, and the one deep dark search secret that you probably have not heard before. Yes, the one is related to the other.

To Continue Reading: Click Here
------------------------------------------------------
Source: e-discoveryteam.com
By: Ralph Losey

'Pippins v. KPMG' Order Highlights Preservation Burdens

Preservation of electronically stored information continues to be a vexing topic for attorneys and their clients. Judicial expectations vary widely, existing precedent is often unhelpful, and the Federal Rules of Civil Procedure (Federal Rules) do not give guidance on the issue. The lack of guidance, coupled with conflicting judicial standards, often causes parties -- mindful that one misstep could lead to sanctions -- to overpreserve.

Acknowledging the growing cry for guidance on the topic of preservation in the Federal Rules, the Discovery Subcommittee of the Advisory Committee on Civil Rules held a mini-conference on preservation and sanctions on Sept. 9, 2011. The subcommittee, chaired by Judge David Campbell, proposed three wide-ranging, alternative rulemaking proposals: a rule setting forth a detailed list of preservation duties with specific guidance on triggers, scope, and sanctions; a rule providing a more general list of such duties without specific guidance; and a rule focusing only on sanctions in the absence of reasonable preservation-related behavior.[FOOTNOTE 1] It is unclear what, if anything, will come from the subcommittee's initial work.

So, in the absence of guidance, what is a party to do? In Pippins v. KPMG, LLP,[FOOTNOTE 2] KPMG thought it had the right approach. Unable to agree with plaintiffs on the scope of preservation, KPMG moved for a protective order to limit the scope of preservation of computer hard drives or to shift the preservation costs to plaintiffs.

Instead, Magistrate Judge James L. Cott of the Southern District of New York issued a Memorandum and Order requiring KPMG to "preserve the hard drives of thousands of former employees" who could fall within an as yet uncertified nationwide FLSA collective and/or a New York state class at a potential cost of millions of dollars to KPMG. KPMG, supported by an amicus brief filed by the U.S. Chamber of Commerce, has since asked U.S. District Judge Colleen McMahon of the Southern District of New York to set aside the Memorandum and Order.[FOOTNOTE 3] McMahon's opinion will be of keen interest to those who are struggling to contain the significant costs associated with e-discovery and eager for guidance.

To Continue Reading: Click Here
------------------------------------------------------
Source: law.com
By: H. Christopher Boehning and Daniel J. Toal

Will the consumer IT revolution sweep away corporate data privacy?

The implications of recent Gartner predictions are clear; consumer-IT technology is loosening business's grip on workforce practices and sensitive data.

By 2012, 73 per cent of the enterprise workforce will be mobile, and 20 per cent of companies will no longer own any IT assets.

By 2013, 80 per cent of businesses will support a workforce using tablets, and by 2014 almost all businesses will supply corporate data through smart-phone apps, as sensitive data migrates beyond office walls to the remote realms of virtual reality and cloud services.

This conjures up visions of corporate informational chaos, endless mobile endpoints handling sensitive data, remote boards thrashing out mergers in virtual meetings and vital data flowing across public networks.

With 372 million mobile devices sold worldwide this year, mobile data storage is replacing PCs, with potentially disastrous consequences.

The average data breach costs UK organisations £1.9 million. With the FSA flexing its punitive muscle and the ICO armed with the power to impose £500,000 fines on negligent organisations, data security is becoming a legal imperative.

In a services economy where reputation is the biggest asset, and a 24/7 media culture where mainstream news converges with social media, the instantaneous effect of data breaches on reputation concerns big business. And for an estimated 80 per cent of SMEs, data breaches lead to bankruptcy.

To Continue Reading: Click Here
------------------------------------------------------
Source: computing.co.uk
By: Phil Evans

In-House Compliance Requires Companywide Efforts

When Frances McLeod and Greg Mason need to find missing money or probe a company's compliance programs, they construct and analyze large datasets of the company's financial transactions. About 75 percent of their global forensic accounting business is driven by compliance and enforcement issues, particularly those related to the U.S. Foreign Corrupt Practices Act (FCPA) -- a priority area for U.S. regulators, and a top concern for general counsel.

Even though they've consulted with corporations and assessed market risks the world over, McLeod continues to be amazed by gaps in company compliance programs that bear on bribery and illicit payments. "There are a lot of companies that still don't get it," says McLeod, who worked in investment banking and on international banking and money-laundering investigations before co-founding Forensic Risk Alliance, a consultancy, in 1999.

Last week, McLeod and her business partner Mason, a statistician who had previously evaluated systems for the U.S. Department of Defense, convened with reporters in New York City for a Q&A presentation on regulatory trends and compliance pitfalls. Their discussion dovetailed with what has been a big year for FCPA enforcement actions, leading many general counsel to question their own compliance preparedness.

To Continue Reading: Click Here
------------------------------------------------------
Source: law.com
By: Catherine Dunn

Top Ten eDiscovery Predictions for 2012

As 2011 comes quickly to a close we’ve attempted, as in years past, to do our best Carnac impersonation and divine the future of eDiscovery. Some of these predictions may happen more quickly than others, but it’s our sense that all will come to pass in the near future – it’s just a matter of timing.

1. Technology Assisted Review (TAR) Gains Speed. The area of Technology Assisted Review is very exciting since there are a host of emerging technologies that can help make the review process more efficient, ranging from email threading, concept search, clustering, predictive coding and the like. There are two fundamental challenges however. First, the technology doesn’t work in a vacuum, meaning that the workflows need to be properly designed and the users need to make accurate decisions because those judgment calls often are then magnified by the application. Next, the defensibility of the given approach needs to be well vetted. While it’s likely not necessary (or practical) to expect a judge to mandate the use of a specific technological approach, it is important for the applied technologies to be reasonable, transparent and auditable since the worst possible outcome would be to have a technology challenged and then find the producing party unable to adequately explain their methodology.

2. The Custodian-Based Collection Model Comes Under Stress. Ever since the days of Zubulake, litigants have focused on “key players” as a proxy for finding relevant information during the eDiscovery process. Early on, this model worked particularly well in an email-centric environment. But, as discovery from cloud sources, collaborative worksites (like SharePoint) and other unstructured data repositories continues to become increasingly mainstream, the custodian-oriented collection model will become rapidly outmoded because it will fail to take into account topically-oriented searches. This trend will be further amplified by the bench’s increasing distrust of manual, custodian-based data collection practices and the presence of better automated search methods, which are particularly valuable for certain types of litigation (e.g., patent disputes, product liability cases).

3. The FRCP Amendment Debate Will Rage On – Unfortunately Without Much Near Term Progress. While it is clear that the eDiscovery preservation duty has become a more complex and risk laden process, it’s not clear that this “pain” is causally related to the FRCP. In the notes from the Dallas mini-conference, a pending Sedona survey was quoted referencing the fact that preservation challenges were increasing dramatically. Yet, there isn’t a consensus viewpoint regarding which changes, if any, would help improve the murky problem. In the near term this means that organizations with significant preservation pains will need to better utilize the rules that are on the books and deploy enabling technologies where possible.

To Continue Reading: Click Here
------------------------------------------------------
Source: eDiscovery 2.0
By: Dean Gonsowski

Losers Pay Electronic Discovery Costs in Several More Cases - This is a Trend Worth Watching

As electronic discovery costs continue to grow and the complexity of litigation increases, lawyers and corporations need to pay closer attention to the document requests that they make during the discovery process. Why? Because ever since Race Tires II awarded EDiscovery costs in favor of the prevailing party, there has been an increase in the number of cases that award these types of expenses. Therefore, expected EDiscovery costs should be added to the list of things to consider before filing a case, and strong consideration should given to the methods utilized to capture and review the data. 

Focusing on crafting a reasonable discovery request and then employing the most cost effective method to analyze and control the data are key to guarding against a large bill should you lose your case. In addition, cost shifting can be prevented if the parties participate in a jointly developed review process with shared expenses. Given the sophistication of software today, it is quite easy to put up confidential walls between data in the same system.

Courts in California and Pennsylvania have recently found that the prevailing party can recovery EDiscovery costs under FRCP 54. How the court interprets 28 U.S.C. § 1920(4), with key language that states, “fees for exemplification and the cost of making copies of any materials where the copies are necessarily obtained for use in the case” is the determining factor. Recently this language has been interpreted to mean that electronic discovery costs that are related to the duplication and production of data are in fact recoverable.

Three recent cases are summarized briefly below to show the results of this recent trend. To obtain the details, you should read the full rulings. My focus is on awareness and options to help you avoid these types of situations moving forward.

To Continue Reading:  Click Here

------------------------------------------------------

Source:  Studeo Legal

By:  Jeffrey Parkhurst

European cloud customers worried by US privacy laws

Local vendors offer protection from Patriot Act

Concern in the European Union that US data protection laws are too lax may have created a new market for European cloud computing services.

A recent survey indicated that 70% of Europeans have concerns about their online data and how well companies secure it and now two Swedish companies, Severalnines and City Network, have begun promoting their newly merged service as "a safe haven from the reaches of the US Patriot Act". Under the controversial act, data from European users of US-based cloud services can secretly be seized by US law enforcement agencies.

"We believe that a service owned and operated locally in the EU, and fully compliant with EU data protection laws, will be very attractive for European companies. US companies with European operations will also benefit from the lower latency of a locally hosted solution," said City Network chairman Johan Christenson.

This gap in the market is also being exploited by other firms such as DNS Europe, Colt and MESH. The latter strongly promotes its location in Germany and "data separation in strict compliance with German data protection laws".

European legislators are also worried about the protection accorded to personal data held in the cloud.

"It is crucial, for European businesses and users, that the data on the cloud is stored in a safe country," said Philippe Juvin, a Member of the European Parliament.

To Continue Reading: Click Here
------------------------------------------------
Source: techcentral.ie
By: IDG News Service

Fighting Lawsuits in the Digital Era

E-discovery excellence could make the difference between life and death for your company.

When a company is hit with litigation, the pressure becomes intense to collect and understand the potentially relevant, electronically stored information that may support or undermine defense of the case. That pressure comes from the need to understand the scope and risk of the matter, so the company can strategize how to defend the lawsuit. The pressure also comes from the potentially high costs involved in collecting and processing the information.

As the amount of digital information grows exponentially, many organizations are establishing in-house e-discovery processes to reduce the cost and speed up the processes associated with outsourcing the work. In a 2010 e-discovery report from the Taneja Group, analysts Christine Taylor and Jeff Boles surveyed large companies on their e-discovery processes. Half of the respondents reported having an internal e-discovery capability. The analysts said this number indicates that a tipping point has been achieved for on-premises e-discovery, also called insourcing.

As part and parcel of this insourcing process, most companies implement software and hardware technology to support the change from outsourcing. Most often, the burden of implementing and maintaining the technology falls squarely on the shoulders of the IT department.

To Continue Reading: Click Here
------------------------------------------------
Source: baselinemag.com
By: Amanda Berger

Two-fifths of firms still rely on tape to backup data - survey

Two-fifths of companies in Europe are increasing the risk of security breaches and data loss by still relying on tape to backup their data, a survey by EMC suggests.

The EMC European Disaster Recovery Survey 2011, which covered 1,750 companies across Europe, found that businesses are spending, on average, 10pc of their information technology (IT) budgets on backup and recovery.

But 40pc of companies still rely on tape when storing a copy of a backup off-site for disaster recovery, with an average annual cost of €74,000 spent on transporting, storing, testing and replacing tapes.

Where tape is used for disaster recovery purposes, 10pc still have an employee take home a copy of the backup tapes with them.

The survey found that, overall, most (80pc) of organisations using tape want to move beyond it, with speed of restoration, faster backups and lack of durability cited among the main reasons.

To Continue Reading: Click Here
------------------------------------------------
Source: siliconrepublic.com
By: EMC

e-Tips & Traps: The Care of eDocs is crucial for business

Electronic data includes any information that used to be stored on paper.

As the Internet matured as a long-term information holder and the prices of computers dropped, business learned of the necessity to digitize information in certain formats. From billing records and prescriptions to accident reports, court motions and real estate transactions, some companies have learned the hard way that their data must be safe and accessible.

For example, Hartford’s Brainard Airport was slapped by Connecticut’s Supreme Court for intentionally discarding an accident report. The case – despite pages of the standard legal mumbo jumbo – actually reflects common sense.

A plaintiff in a lawsuit was struck and injured by the wing of an aircraft while walking with his flight instructor. Because Brainard authorities tossed the accident report filed by a third party, the Federal Aviation Administration was never notified and did not conduct an investigation.

The 2007 ruling is considered a key “spoliation” case for Connecticut. Spoliation is the intentional or negligent withholding, hiding, altering, or destroying of evidence relevant to a legal proceeding. This particular ruling is significant because it reaches beyond the defendant owner of the plane that struck the student pilot to a third party, Brainard Airport.

Federal courts formally recognized the need to protect electronic data in 2006, and most states followed with their own versions of the Federal Rules of Civil Procedure. Key change: Before 2006, discovery and production of documents began shortly before trial; now, e-discovery begins as soon as a lawsuit is filed.

To Continue Reading: Click Here
------------------------------------------------
Source: registercitizen.com
By: Andy Thibault

Congress Probes TRICARE Breach

Five members of Congress have sent a bipartisan letter to the director of TRICARE, the military health program, asking detailed questions about a recent breach that affected 4.9 million beneficiaries.

In the incident, a TRICARE business associate, Science Applications International Corp., reported that unencrypted computer backup tapes containing TRICARE patient information, including Social Security numbers, were stolen from an employee's car (see: New Offer for TRICARE Breach Victims). TRICARE already faces a class action lawsuit as a result of the case (see: TRICARE Hit With $4.9 Billion Lawsuit).

In the Dec. 2 letter, the members of the House of Representatives characterize the breach as "an extremely serious and substantial lapse in security" and point out that SAIC has been responsible for at least six other security incidents.

"SAIC has received more than $20 billion in federal contracts over the previous three fiscal years, according to USA spending.gov," the letter notes. "This is despite the fact that federal officials have lodged complaints against the company's conduct for years."

To Continue Reading: Click Here
------------------------------------------------
Source: govinfosecurity.com
By: Howard Anderson

4 'friends' corporate legal officers should avoid on Facebook

Holiday parties and events are approaching and with that a fair amount of socializing is expected. At this time of year we meet colleagues and make new friends from different departments and industries, many of whom may wish to stay in touch all year round and what better way to do that than by adding them to your Facebook ‘friends list’?

Deciding whether or not to accept a ‘friend request’ from a colleague, boss or even a former employee on Facebook is a problem many professionals face.

The idea of reconnecting with old friends or former work colleagues may seem intriguing, but if not done with care, there can be some repercussions and the wrong person can end up on your friends list.

For corporate secretaries rushing to fill their friends list, it’s always a good idea to know who has access to your Facebook page, especially if you are new to the application. Often, in legal, compliance and governance roles, there is an expectation of neutrality and objectivity among friends – even in a public forum.

To Continue Reading: Click Here
------------------------------------------------
Source: businessinsider.com
By: Aarti Maharaj

5 ways to benefit from NIST's cloud road map now

Most government technology managers face the common problem of how to keep up with policy flow, the steady and sometimes torrential stream of IT directives, guidance and requirements from oversight agencies on how to modernize agency systems.

But in area of cloud computing, at least, help is on the way. On Nov. 2, the National Institute of Standards and Technology released a “cloud computing technology road map,” a set of steps to setting up cloud systems that its creators said would help clear their path to cloud adoption.

The draft document, "U.S. Government Cloud Computing Technology Roadmap, Release 1.0" (NIST Special Publication 500-293) defines high-priority requirements for standards, official guidance and technology developments that need to be met for agencies to accelerate their migration to the cloud model.

“The Tech Roadmap aggregates the ocean of information out there regarding the cloud,” said Fred Whiteside, manager of the Commerce Department’s critical infrastructure protection program. The plan “takes the finger of the federal manager and places it on the things he needs to know to move forward with cloud adoption,” said Whiteside, who is also chairman of the NIST Cloud Computing Security Working Group.

Deployed correctly, cloud computing has the potential to greatly reduce waste, increase data center efficiency and usage rates, and lower operating costs, federal officials said. It should also eventually cut down the policy thicket.

To Continue Reading: Click Here
------------------------------------------------
Source: gcn.com
By: Rutrell Yasin

When Preservation Requests Are Wielded as Weapons

Cooperation in e-discovery doesn't mean bowing to your opponent's demands for over-preservation.

Have you noticed how corporate counsel are flexing their collective muscle in an effort to rein in e-discovery? Their rallying cry is that plaintiffs have begun to "weaponize" preservation. That is, plaintiffs are demanding preservation of electronically stored information with such breadth that corporations are settling just to avoid the cost of finding and protecting their own discoverable data.

The weapon of mass (self) destruction is a preservation letter reminding defendants of the common law duty to preserve relevant evidence.

It typically mixes sweeping "any and all" generalities with litanies of specifics that "include, but are not limited to" every form of newfangled storage since Thomas Edison recorded "Mary Had a Little Lamb" on tinfoil.

To Continue Reading: Click Here
------------------------------------------------
Source: law.com
By: Craig Ball