JASON ATCHLEY : EDISCOVERY : CEIC 2014 TACKLES EDISCOVERY, CYBERSECURITY, AND FORENSICS

 

 
jason atchley

CEIC 2014 Tackles E-Discovery, Cybersecurity and Forensics

Guidance Software’s annual four-day conference addresses issues facing the legal community and an abundance of training.

Monica Bay , Law Technology News

May 30, 2014    |0 Comments


Imarketoon studios, courtesy Guidance Software
Image: marketoon studios, courtesy Guidance Software
Blame it on Target. Or Edward Snowden. But in case you haven’t noticed, legal technology conversations lately aren’t exactly obsessed with predictive coding right now. Instead, firms—and everyday citizens—are more likely to be discussing data breaches, cybercrimes, and concerns about confidential client information.
But according to a new survey by LexisNexis’ Legal & Professional division, while law firms may be talking—they aren’t doing very much about it. The company reports that 89 percent of the 300 legal professionals in 40 states and in 15 practice areas who were recently polled said their firms send confidential information to clients via unencrypted email—relying on a disclaimer at the bottom of the correspondence to serve as protection.
So what are the ramifications? How are law firms, corporate counsel and vendors responding to these sometimes contradictory technology challenges? We can get some clues from last week’s Computer and Enterprise Investigations Conference, annually presented by Guidance Software.
For starters, the company has always thrown a broad cloth around its offerings. Founded in 1997, Guidance has targeted both electronic data discovery and other “digital investigations,” and today offers a line of seven software under the “EnCase” brand (and a line of Tableau forensics products).  The company says its EnCase Enterprise platform “is used by more than half of the Fortune 500,” by the likes of Allstate, Ford, General Electric, Pfizer and Viacom, to name a few.
It’s easy to see that Guidance, and its CEIC conference, covers a wide range of disciplines, including digital forensics, cybersecurity, e-discovery and litigation support, compliance and risk management, information and law enforcement.
Guidance President and CEO Victor Limongelli kicked off the 2014 four-day CEIC event with the opening keynote on May 19, explaining how the company has decided to transition to a “platform” approach for its EnCase suite of products. The concept is to move from a “closed” (self-contained) system to a more collaborative environment, where third parties can plug applications into the EnCase platform and, in effect, customize the operation to meet the specific needs of their organizations.
Perhaps Guidance is also reacting to yet another strong legal industry trend: bring your own devices. About a year ago, Guidance launched its EnCase App Central store (think Apple Inc.’s App Store). It offers apps from third-party developers that can be integrated into the EnCase platform, Limongelli explained. To date, more than 30,000 downloads from the EnCase App Central store, he told the audience.
“It’s all about apps,” observed San Francisco’s Albert Barsocchini, director of strategic consulting at Minnesota-based NightOwl Discovery. He served as an associate general counsel at Guidance for eight years (2003-11). “EnCase is no longer closed,” he said. Now, EnCase products are a foundation, and organizations can build systems on top of that foundation, said Barsocchini.
But don’t think the company is throwing out its babies with the bath water. “With recent attention on data breaches, including Target Corp. and the controversy about Edward Snowden’s disclosure of government documents, I expected to see cybersecurity take center stage,” observed Boston’s David Horrigan, an analyst and counsel at 451 Research.
Guidance has traditionally had three focus areas—forensics, cybersecurity and e-discovery,” he said. “What surprised me was Limongelli’s strong focus on e-discovery, said Horrigan. “The keynote highlighted Guidance’s new e-discovery offerings, including Linked Review, which we expect to be Guidance’s answer to predictive coding,” Horrigan noted.

Read more: http://www.lawtechnologynews.com/id=1202657289579/CEIC-2014-Tackles-E-Discovery%2C-Cybersecurity-and-Forensics#ixzz33Eq0BFmZ

 

Jason Atchley : Data Security : Law Firms Fail to Protect Data When File Sharing

 

jason atchley

Law Firms Fail to Protect Data When File Sharing
LexisNexis survey shows disconnect between security concerns and steps taken to protect data.
Marlisse Silver Sweeney, Law Technology News
May 29, 2014 |3 Comments

U.S. law firms may be worried about the security risks of sharing confidential information online, but a new survey by LexisNexis’ legal and professional division reveals that they are not doing much about it.
Unencrypted email remains by far the most prominent way that law firms share privileged communications with their clients, with 89 percent of respondents reporting that it is the firm’s primary method of distributing information. 
In March, the company canvassed about 300 legal professionals in 40 states across 15 different practice areas. Results show that although respondents were aware of the risks, and wary of them, the most common method of securing documents and protecting privilege was the use of a confidentiality statement at the bottom of an email, with 77 percent of firms reporting this was their primary line of defense.
“There’s clearly a disconnect between expressed security concerns and measures law firms employ to protect their clients and themselves,” said Christopher Anderson, a senior product manager at LexisNexis, in a statement. “Relying on a mere statement of confidentiality when sharing privileged communications by email is a weak measure—and further it might protect the law firm but affords very little protection for the client,” he said.
A minority of law firms go a step further to protect their information, with 22 percent saying they use email encryption,14 percent using a password to protect documents and 13 percent employing a secure file-sharing site. At the reverse end of the spectrum, 4 percent of respondents said they take no measures at all to protect private information. “Law firms need to perform their due diligence, stay abreast of technology and ultimately protect their clients’ interest online just as they do in providing legal counsel,” said Anderson.
Attorney Marlisse Silver Sweeney is a freelance writer based in Vancouver. Twitter: @MarlisseSS.
Companies, agencies mentioned: LexisNexis

Read more: http://www.lawtechnologynews.com/id=1401279925290/Law-Firms-Fail-to-Protect-Data-When-File-Sharing#ixzz338kEgR00

Posted by Jason Atchley at 3:53 PM

Jason Atchley : Legal Technology : How To Move Firm Tech To The Cloud

 

 
jason atchley

How To Move Firm Tech to the Cloud

Switching to software as a service can save money and free up IT staff for value-added services.

Philip Wisoff, Law Technology News

May 28, 2014    |0 Comments
Sun in sky with clouds.Clipart.com

Most law firms dish up technology by implementing and supporting systems in-house. They have little choice but to deal with upgrades and replacements because vendors continually displace “obsolete” older versions of applications and hardware. These upgrades are usually costly and disruptive. Certainly, some changes are warranted but much of the turmoil absorbs IT staff resources and creates little value for a firm. The advent of cloud computing and managed services is providing firms a viable alternative.
CLOUD AND MANAGED SERVICES DEFINED

In general, there are two types of cloud services. The first, often called Software as a Service, involves an application—or set of like applications—run by a third-party vendor and accessed through the Internet via a web browser. The second approach involves data that is stored or shared via a third party’s infrastructure and accessed via the Internet. Examples of this type of service (security issues aside) would be Dropbox or Apple’s iCloud.

Let’s focus on SaaS. With these services, firm personnel access an application(s) via the Web to perform their day-to-day work. Their work product and data is stored on the vendor’s systems. Several vendors have set up integrated application sets (suites) that include practice management, document management, time entry, and billing for law firms.

As attractive as cloud services seem, however, firm lawyers may be uncomfortable about having the firm’s data completely managed and stored by an outside vendor. The use of managed services is one way to address this issue.

With managed services, the firm maintains ownership of server and data center equipment, but contracts to have the day-to-day operations and upgrades managed by a vendor. It is possible to set up these services so they mimic a cloud service—thus the term “private cloud.” There are many shades within the spectrum of managed services, with vendors owning more or less of the infrastructure and applications.

The advantages of cloud-based services are many. They include:

• Access from anywhere there are Internet connections.
• Reduced need to manage IT infrastructure (servers and data storage) within your firm.
• Application and hardware upgrades handled by the vendor.
• Predictable (fixed) pricing—usually based on the number of users.
• Reduced capital spending.
• Business continuity built-in.
• Good vendors provide 24/7 support.

Managed services have similar advantages. However, the level of benefits from reduced capital spending and avoidance of software and hardware upgrade hassles will depend on how much of the IT infrastructure and associated applications continues to be maintained in-house by the firm.

The other major advantage of both approaches is the potential impact on IT staff utilization. With in-house systems, as much as 75 percent of staff time is dedicated to maintenance. By moving to cloud or manage services this maintenance component can be dramatically reduced. Of course, IT staff will need to take on a bigger role managing the vendors. The change nevertheless should free up significant IT staff time for value-added services that help the firm make better use of technology, particularly in pursuit of superior client service.

CAVEATS

These services are not a magic bullet. No contract with a cloud or managed services vendor should be entered into without the proper due diligence. Most importantly, firms need to make sure the vendor is financially sound and has a good track record, that a sufficient level of technology infrastructure and back-up is in place, and that firm data will be properly secured. It is important to “kick the tires” by testing the service thoroughly before making a commitment. Understanding how to get firm data back when the service is no longer needed is also critical.

A firm’s telecommunications network is what connects it to these services. To get best performance, a firm will need a robust network infrastructure that provides a high-speed telecommunications network connecting all your office-based systems with the cloud vendor and the Internet.

Using cloud-based applications may mean that firms will have to give up some ability to customize software and hardware for particular firm and lawyer needs. For example, the ability to customize interfaces or financial reports may be limited, or lawyers may have to live with restrictions on how quickly old documents can be retrieved. At some firms, cultural preferences will have to be considered and carefully managed. 

MAKING THE TRANSITION

Transitioning from in-house-based systems to a cloud or managed services platform will require thorough planning to get the most benefit and minimize disruption. This change will not only affect how people in the firm access systems and information, but may require people to learn new systems and new ways of working. Also, significant role changes may be required for the in-house IT staff. Anticipating these changes and their impact will be an important to achieving the benefits of the systems transition and a successful project.The following steps are recommended:

1. Identify the applications and systems that will be transitioned. Determine if the target will be managed services or a move to cloud applications.
2. Clearly document your firm’s requirements for performance, availability, security, and functionality for the systems and applications that will be moved.
3. Identify and choose the service vendor or vendor(s) based on the requirements. This is typically done via a “request for proposal” process.
4. Develop a detailed transition plan for each application. Determine the human impact and develop appropriate change management, communications and training plans.
5. Run a pilot test with either a small group of people and/or a particular application. Adjust your plans based on the results of the test. Include a test of the vendor’s back-up and recovery processes.
6. Rollout to the firm.

Depending on the number of applications and the size of the firm, a transition could take from six to 18 months. Success with this type of project will depend on strong support from firm management and strong project management from the IT staff (or consultant if the skills do not exist in-house). The cost will also be highly dependent on firm size, geography and the applications and hardware involved.

Cloud and managed services hold great promise for law firms and other businesses. The potential for improving a firm’s access to technology while scaling back on the need for in-house technology infrastructure makes these service compelling. Done correctly, firms will benefit tremendously by spending more time focused on their core business of delivering outstanding service and results to clients rather than distracting technology issues far removed from that core.

Philip Wisoff is a principal at MTC Services, based in the New York Metro Area.
 
 
Companies, agencies mentioned: Apple | IT | MTC Services

Read more: http://www.lawtechnologynews.com/id=1202656708586/How-To-Move-Firm-Tech-to-the-Cloud-#ixzz3313OW5Cs

 

Jason Atchley : Social Media : How Social Media Can Destroy Your Company

 

jason atchley

How Social Media Can Destroy Your Company

Ask the Marketers: Five experts identify the worst mistakes legal tech vendors make when using social media.

Law Technology News

May 27, 2014    |0 Comments

The Question: What are the three worst mistakes legal technology vendors make when using social media?
» Christy Burkepresident, Burke & Co., New York. Email: cburke@burke-company.com. Website: www.burke-company.com.

1. Beware the overshare. Avoid providing TMI (too much information) a la Miley Cyrus. We’ve all seen ttweeters who tell us every time they go to Starbucks, or folks that post several times each hour. Not only does this annoy readers and prompt them to un-follow you, but it also gives the impression that you have nothing better to do than to post inane content all day long. Post frequently only when you have meaningful content to convey, like when you’re at LegalTech or the International Legal Technology Association and new people and ideas are inspiring your posts.

2. Don’t be MIA. Ever go to look up a company’s LinkedIn, Twitter or Facebook page, only to find that it doesn’t exist or is so scarcely populated that it looks like a dummy corporation for the Mob?  Not good!  Vendors need to establish sites on at least these three main social media venues.  Even if the sites are not constantly posted to, the content about the company should be accurate.

3. Be Proactive, Not Reactive. Many social media blunders result from vendors seeing a competitor’s activity and trying to pull stunts to outdo them. Hasty and reckless social media activity can be incredibly damaging and it lives forever on the web, so take a step back and plan out your strategy and tactics.  Post responsibly!

» Jobst Elster, head of legal market strategy, Envision Agency, Atlanta. Email: elster@EnvisionAgency.com. Website: www.EnvisionAgency.com.

1. LOOK AT ME!  The biggest mistake vendors make with social media is prescribing to the LOOK AT ME! “strategy.” Social media success is not measured by who sends the most tweets or publishes the most posts, but the value of the content. A good way to measure the quality of your content is by the numbers of new followers you gain. If you are distributing content that is valuable, people will follow you to receive it.

2. Hijacking an event hashtag. Used the right way, industry event hashtags (e.g., #LTNY for LegalTech New York) helps build your audience, but often people hijack those hashtags. Don’t have every person who works for your company retweet a message sent from your main company account. You can tell when you look at the feed of the hashtag and the same message appears 10 times in a row.  Be respectful.

3. Hoping it will go away. Facebook has more than a billion users and Twitter logs 241 million monthly active users. According to a DOMO infographic, every minute of every day 27,778 new posts are published on Tumblr; Foursquare users check-in 2,083 times; and YouTube users upload 48 hours of new video. The bottom-line—you simply cannot ignore social media. While you won’t become an expert overnight, social media tools now make it easier than ever to get started. Start small. Pick two, e.g., Twitter and LinkedIn, and spend 30 minutes a week building your online presence.

» Melanie Brenneman, senior account manager and social media strategist, Edge Legal Marketing, Minneapolis. Email: mbrenneman@edgelegalmarketing.com. Website: www.edgelegalmarketing.com.

1. Lose sight of the big picture: Aside from posting politically incorrect tweets or following someone who tells the world what she or he is doing every minute of every day, the number one mistake is thinking that social media is a silver bullet. You aren’t going to share one post and have 20 Am Law partners clamoring for your software. Activities around social media must align with your marketing plan and goals. If your company is focused on, for example, growing its presence on the East Coast or targeting law firm CIOs in order to win 10 new clients in Q3, then your social media efforts should have a special focus on supporting that goal.

2. Spray and pray: From LinkedIn to Instagram to Confide, the number of social media channels grows every day.  It’s very tempting to take on as many of these channels that you can—after all, don’t you want to build an online presence and recognition for your company? But stop. Take the time to carefully evaluate each social media channel, its advantages, its benefits and—most importantly—if your prospects and clients are using it.

3. Concentrate on the numbers: “Hi, I’m X. I have 3,000 Twitter followers.” My (internal) response: “Who cares? How does that define you as an individual?” We want to measure progress and one of the most common defaults is to define success on the social media front based on the number of followers.  A recent study showed that about 40 percent of Twitter accounts are owned and populated by bots. Know who your followers are, connect with them authentically and see them as more than just numbers.

» Valerie Chan, principal, Plat4orm Public Relations, Seattle. E-mail: valerie@plat4orm.com. Website: www.plat4ormpr.com.
Social media can help drive web traffic and raise visibility on search engines, and generate new leads; however, most posts on sites, like Twitter and LinkedIn, are replaced by new entries every 10-15 seconds. And most people just don’t have time to stay connected 100% of the time. In order to use social media effectively, organizations should avoid these three major mistakes:

1. Skipping the employees in the process. All employees are important—especially when it comes to evangelizing your company. Make every employee a social media evangelist; re-tweeting, sharing and linking to corporate posts will promulgate the network.

2. Assuming people will follow. Many people just don’t have time. Make it easy for your prospects to follow you by including your social media links on all outbound marketing items—on the website, in press releases, in advertising, on white papers and on collateral.
3. Forget to protect the brand. With all things electronic, the brand is the most important company asset—and it needs to be properly protected. Social media sites, especially Facebook, expose personal aspects of employees’ and friends’ lives that could harm an organization’s reputation. Establish strict policies for commenting, linking, following and tagging as part of the HR policies and procedures.

 » Edward Colandra, associate, Legal Vertical Strategies and legal technology sales and marketing consultant, InnerVision, New York. Email: ecolandra@lvstrategies.com. Website: www.LVStrategies.com.

1. Not having a strategy that ties social media into your overall marketing plan. Spending time on LinkedIn, Twitter, Facebook, etc, without setting expectations for measurable results can be a waste of time. There is little value to simply measure re-tweets, followers or likes. Rather, determine the expected tangible results in awareness, demand generation, and/or sales that your plan expects, and decide how your social media activities will produce the desired results.
2. Commercials: LinkedIn can be great place to develop a well deserved reputation. But when done wrong, answers to questions are merely a poorly concealed commercial for your product or service. Instead, engage in conversation. Respond with suggestions. While it’s OK to reference your own product, a potential client will likely respond to a sincere willingness to be helped through a question or crisis. An epic failure sounds like “Hey, call me. We have a one-of-a-kind, best-of-breed service that will cure all your ills. When do you want to see a demo?
3. Missed connections:  Each of us develops a personal brand via social media. But failing to make an obvious connection between you (the individual) and your company is a mistake. People follow you because they expect a personal opinion from an expert. That expertise should logically be connected to the values your companybrings to the market, and thereby enhance the value of both.
Compiled by Monica Bay, editor-in-chief of Law Technology News. Twitter: @lawtechnews @LTNMonicaBay. If you have a question for the marketers, email mbay@alm.com.
 

Read more: http://www.lawtechnologynews.com/id=1202654134892/How-Social-Media-Can-Destroy-Your-Company#ixzz32vsR4Fmz

 
 
 

Jason Atchley : Data Security : 12 Tips to Cope With a Data Breach  

 

jason atchley

12 Tips to Cope With a Data Breach

Georgetown Law cybersecurity panelists suggest strategies to minimize impact of data breaches.

Mark Gerlach, Law Technology News

May 23, 2014    |0 Comments

stock artClipart.com

When customers should be notified of a data breach, how to react if a breach occurs and best practices for preserving data were the topics of a panel at Georgetown Law Center’s Cybersecurity Law Institute on Thursday.
“Potential Legal Exposure/Aftermath of a Breach: A Simulation” discussed potential data breach scenarios and how they can best be handled. The moderator of the panel was Kimberly Peretti, a partner at Alston & Bird. Panelists included: Thomas Hibarger, managing director of Stroz Friedberg in Washington, D.C.; Pablo Martinez, managing director of global investigations and cybercrime at Citibank; Joseph Moan, associate general counsel handling employment law and data privacy at Coca-Cola Co.; and Greg Schaffer, CEO of the cybersecurity firm First72 Cyber.
Before a data breach is announced to the public, it is best to make sure that the number of affected users is accurate, said Schaffer, otherwise that number might have to be revised, which can be embarrassing. “It’s not the event that gets you killed,” said Schaffer. “It’s the cover-up that gets you killed.”
Law enforcement might ask that notification be delayed to help aid the investigation of catching the cyber “bad guy” behind the attack, said Martinez, as the incident could potentially be linked to another crime. In the event of a breach, contaminated servers should be taken offline and information necessary to the case should be preserved, said Martinez.
In some instances, law enforcement agencies that have good working relationships with outside counsel will use the firm as a point of contact—for example, if the firm asks to receive the subpoena instead of its client. In that scenario, law enforcement must receive the information they are requesting in a timely manner, and a forensic report must be conducted by a third party, Martinez said.
When a data breach hits, companies are well-advised to overact, rather than underreact, observed Hibarger.
The panelists each shared three data security tips:   
Hibarger: 1) Take a proactive step by creating an incident response plan; 2) have a good information governance policy in place; and 3) make sure that your antianxiety medication is up-to-date, joked Hibarger.
Moan: 1) Have the right data security personnel in place; 2) if a breach occurs, tap the highest-level executives at your organization for a more strategic view of the issues at hand; and 3) get to know government regulators ahead of time.
Martinez: 1) Properly train employees; 2) have a playbook; and 3) make sure that there is an internal communication plan in place before a crisis happens.
Schaffer: 1) Know your data security plan and procedures (so it does not have to be pulled off the shelf in the event of a breach); 2) know your assets (e.g., where your data is and where it flows through an enterprise); and 3) know your vendors (how your data is moving around in the vendor’s system) and acquisitions.
Mark Gerlach is a staff reporter for Law Technology News.
 
 
Law firms mentioned: Alston & Bird

Read more: http://www.lawtechnologynews.com/id=1400767741333/12-Tips-to-Cope-With-a-Data-Breach-#ixzz32dn4GXt7

 
 
 

Jason Atchley : Data Security : Protect Your Data Like Fort Knox Guards Gold  

 

jason atchley

Protect Your Data Like Fort Knox Guards Gold

Nuala O’Connor, CEO of the Center for Democracy and Technology, lists cybersecurity threats.

Mark Gerlach, Law Technology News

May 22, 2014    |0 Comments

security concept - Lock on digital screen with world mapsecurity concept – Lock on digital screen with world mapMathias Rosenthal

Can digital data truly be secure?This question was the main focus Wednesday during the second annual Cybersecurity Law Institute held at Georgetown University Law Center in Washington, D.C. The two-day conference (May 21 and 22) kicked off with a keynote address from Nuala O’Connor, CEO of the nonprofit Center for Democracy and Technology.
“What is the curtilage of the self online?” asked O’Connor, speaking broadly of the data footprint left by everyday Internet users. “Where is the space that is mine, that is private, that I control?” Data is no longer a property right, she said, noting that the concept of owning your own territory online that no one can access is a “thing of the past.” If the line drawn in the sand pertaining to protecting personal data from the eyes of companies and the government is blurred, individuals will never express themselves freely online, she said.
Honing in on businesses, O’Connor polled both in-house and outside counsel in the audience to see how many attendees at the nearly packed Hart Auditorium knew their organization’s chief information officer, chief risk officer and chief privacy officer. “Who is responsible for the system?” O’Connor inquired.
Citing the Target Corp. data breach of last year, she observed that customer trust was seriously wounded by the incident. But there are lessons to be learned from the mishap.
For companies such as Amazon.com Inc., where O’Connor previously worked as vice president of compliance and consumer trust, and as associate general counsel for data and privacy protection, consumer data is like “gold at Fort Knox,” she said. Data is one of Amazon’s primary assets; compromising that data would deal a serious blow to the company’s reputation and the trust of its customers. “When trust erodes, it is very hard to get back,” said O’Connor.
Factors such as angry ex-employees, rogue inside employees, accidental disclosures, poor security measures and various other factors can potentially jeopardize the precise commodity of data for companies, she noted.
The conference was sponsored by the American Bar Association Cybersecurity Task Force, AFCEA International, the Council on Cybersecurity and Inside Cybersecurity.
Mark Gerlach is a staff reporter for Law Technology News,
 

Read more: http://www.lawtechnologynews.com/id=1400756544884/Protect-Your-Data-Like-Fort-Knox-Guards-Gold-#ixzz32XtDd9T4

 
 
 

Jason Atchley : eDiscovery : Roundtable Tackles Discovery Issues in Singapore and US

 

 
jason atchley

Roundtable Tackles Discovery Issues in Singapore and the US

The Singapore judiciary has kept an eye on proportionality and costs of discovery.

Patrick Oot, Law Technology News

May 21, 2014    |0 Comments

This spring, about 25 practitioners participated in an informal roundtable at the new Supreme Court of Singapore for an informal benchmarking discussion. It was organized by the non-profit organization, Electronic Discovery Institute, and made possible with the assistance of the court’s Senior Assistant Registrar and CIO Zee Kin Yeong. Yeong previously served as a partner in Rajah & Tann (IT and intellectual property) and started his career as a deputy public prosecutor and state counsel with the Attorney-General’s Chambers, where he prosecuted inter alia computer and white collar crimes.  In his current position, Yeong’s position mirrors that of a federal magistrate judge in the U.S.  
Others participating at the April 10th gathering were assistant registrars included Lee Siew Hui Jacqueline; James Elisha Lee Han Leong; Miyapan Ramu;  and Jean Chan Lay Koon. The two-hour session also drew lawyers from accounting firms; plaintiff, defense, and corporate counsel. U.S. participants included UBS’ Wayne Matus, managing director, and Jamie Brown, global discovery counsel.
Yeong kicked off the event with a historical perspective on e-discovery in Singapore. In 2009, the Singapore Supreme Court launched its first Practice Directive to deal with the growing volume of electronic evidence in litigation, he said. “We always focused on a set of directions that would guide the profession on how to handle electronic requests … to provide a framework and put in place standards for the profession. To ensure that the profession has the skills and the tools to handle electronic documents in an efficient and cost effective manner.”
In 2012, the court responded to concerns that the 2009 Practice Directive was too technical and returned for a revision, 2012 Practice Directive, the current version. Not by coincidence, it focuses on points similar to those that have emerged in the U.S. federal courts: from metadata to proportionality of costs. The Practice Directive includes a checklist of issues for good faith collaboration that is similar to the Cooperation Proclamation lead by The Sedona Conference. The 2012 edition also moved the directive to a mandatory opt-in framework, explained Yeong. “What is the meaning of an opt-in framework? Whether a case has 1 million or 5 thousand documents, [litigants] must consider using it.”
Yeong identified discovery trends in the Singapore Court System. The court has recently seen the PD as a frequently-used tool in litigation against large entities—as a method of getting discovery materials and forensic images in an employment matter. Litigants also have used the PD to obtain documents from large technology companies that relate to intellectual property disputes. He also identified a trend of young enterprising lawyers using the PD to limit the scope of request—a focus on proportionality. 
Unlike the mandatory “Brady” and “Giglio” disclosures required in the U.S., there is no corollary criminal PD for exchange of discovery in Singapore, he said. The 2011 amendments to Singapore Criminal Procedure account for limited discovery, but nothing like those in the U.S., said Yeong. Even so, the deputy public prosecutor is considering new developments now, he noted. 
Matus clarified that unlike Singapore, the U.S. is made up of an amalgam of state and local jurisdictions—it’s not just the federal courts that we see in headline-making opinions. He responded to Yeong’s observations with five significant U.S. trends.
1. Discovery data volumes and costs are massive compared to those in Singapore, observed Matus. A matter might have 40 terabytes of data and hundreds of people reviewing information, he said. With hundreds of cases, costs can be many millions of dollars. “The proliferation of data is changing things.”
2. In Singapore, the use of search terms is becoming more common, but the use of search terms in the U.S. is changing, he said. “Search terms are dying.” Litigants are replacing search terms with advanced search and analytics as a result of search term inefficiency. “Search terms might find five documents that are not relevant for every one document that is.”
3. There is an increased mandate for cooperation in the U.S. “Judges don’t have time. There is a need for early judicial involvement to force parties to cooperate,” said Matus. The trend of lawyers receiving sanctions is very real, he said—a concept that troubled may of the participants  E-discovery is becoming a case within a case, he said, and the argument is not about the merits of a case, but whether a document existed or not.
Law firms mentioned: Shook, Hardy & Bacon

Read more: http://www.lawtechnologynews.com/id=1202656265218/Roundtable-Tackles-Discovery-Issues-in-Singapore-and-the-US#ixzz32SKW0KO6

 
 
 

Jason Atchley : eDiscovery : Articulate Subpoena Costs to Call Off the Dogs in eDiscovery

 

jason atchley

Articulate Subpoena Costs to Call Off the Dogs in E-Discovery

ABA panel tackles e-discovery cost issues in third-party subpoena requests.

Law Technology News

May 20, 2014    |0 Comments

Farrah Pepper, executive counsel, e-discovery, General Electric Co. Farrah Pepper, executive counsel, e-discovery, General Electric Co.

The Federal Rules of Civil Procedure’s Rule 45—which outlines the subpoena process and how it relates to third party e-discovery—was the topic of a Friday panel discussion at the American Bar Association’s 8th Annual National Institute on E-Discovery, held at Proskauer Rose‘s 11 Times Square office in New York.
William McManus, a shareholder at Ryley Carlock & Applewhite, moderated the 45-minute discussion, “Is My Dog in the Fight? Cost Considerations for Third-Party E-Discovery.” A key theme was that the undue burden (read: costs) associated with third-party discovery requests must be clearly articulated to the court if you want to get the order quashed, or convince the judge that cost shifting is needed, the panelists asserted.
Litigants must emphasize third-party discovery costs to the bench, said panelist Farrah Pepper, executive counsel for discovery at General Electric Co. “We read loud and clear in the case law that if you have unspecified harm and damages, that is not going to get you very far.” When handling third-party e-discovery subpoena requests, GE calculates a cost analysis—which includes mapping out a data discovery lifecycle and hosting, among additional expenses, she said.
Other panelists included Anthony Lowe, associated general counsel at the Federal Home Loan Mortgage Corp. (aka Freddie Mac) and Martha Mazzone, vice president and associate general counsel at Fidelity Investments.
Lowe said he cites several cost elements during a motion, such as how many databases and devices will have to be tapped to pull the information; if extra code needs to be written, a document page count, collection and processing costs; and even network speed.  
Companies such as Fidelity Investments have a subpoena response unit, said Mazzone. Fidelity’s response process involves sending out a “fairly generic” objection letter within two weeks and scoping the opposing party to gauge the case’s complexity, she said.
A party can refuse to produce documents based on unreasonable burden, cost or lack of accessibility, said Mazzone. However, the burden has to be clearly illustrated.
Judge James Peck of the U.S. Bankruptcy Court for the Southern District of New York spoke from the audience: “The greater the specificity—and that it is experienced-based as opposed to a number out of thin air—the easier it will be for the court to take it seriously,” he said, regarding third-party subpoena costs.
Amendments to Rule 45 involving non-party discovery took effect late last year, influencing where subpoenas can be served, among other changes.
Attendees received flash drives containing additional e-discovery information and PowerPoint slides. Among the (unattributed) PPT points made:
Law firms mentioned: Proskauer Rose

Read more: http://www.lawtechnologynews.com/id=1202656104302/Articulate-Subpoena-Costs-to-Call-Off-the-Dogs-in-E-Discovery-#ixzz32Lrld9iP

 
 
 

Jason Atchley : eDiscovery : When eDiscovery Goes Wrong

 

jason atchley

When E-Discovery Goes Wrong

A panel of experts discuss e-discovery horror stories, vetting vendors and expectations for service providers in terms of competency and ethics.

Mark Gerlach, Law Technology News

May 19, 2014    |0 Comments

Laptop 3d and files (done in 3d)Vladislav Kochelaevs – Fotolia

In e-discovery, human and machine glitches, malfunctions and errors are inevitable. However, not efficiently dealing with problems as they arise could lead to a tarnished reputation, loss of business for vendors, and in some instances even ethical violations and sanctions, according to a panel on e-discovery ethics held last Friday at Proskauer Rose’s 11 Times Square office in New York.
The panel, “Ethical Forks in the Yellow Brick Road: Lions, Tigers, Bears and the Search for E-Discovery Wizards,” was part of the ABA’s “8th Annual National Institute on E-Discovery” and moderated by John Barkett, partner at Shook, Hardy & Bacon. “We’ve all had [e-discovery] cases that have gone south on us,” said panelist Cecil A. Lynn, director of e-discovery and technology at eBay Inc.
During the presentation panelists put various ABA rules under a microscope to see how they apply to e-discovery, including rules 1.1 (competence), 1.6 (confidentiality) and 5.1 and 5.3 (supervising lawyers and non-lawyers, respectively).
Other topics broached during the discussion were certifications, reading the fine print in vendor contracts and best practices for surviving a technological meltdown.
When putting sensitive client litigation information on a cloud provider it’s important to verify vendor certificates (e.g., SSAE 16 and ISO 27001), according to panelist Mathew Gillis, VP and managing director of litigation tools and professional services at LexisNexis. An outside auditor, according to Gillis, should conduct penetration tests regularly. Having these credentials is a good indicator that a vendor will meet “ethical obligations” and that their processes are “up to snuff according to an objective standard,” Gillis said.  
To help avoid a catastrophe, service level agreements need to be examined with a fine-tooth comb before data is transferred, according to Gillis. In some instances clients are charged large sums of money to retain data after litigation, he said. Contracts should specifically explain how data is to be handled, archived, returned or destroyed at the end of a case, Gillis said.
Audience member Megan Jones of Hausfeld commented that many boilerplate vendor contracts have clauses in six-point font that require clients to buy back their own data.

DEVILS IN DETAILS

“In a vendor contract, the devil is in the details,” said Jones.  
Due diligence is crucial at the contract stage, said eBay’s Lynn. Lynn said he’s eager to get on a call with outside counsel and a potential vendor to discuss contract details to avoid an overlooked stipulation (e.g., data can be destroyed at the end of a case if the bill isn’t paid).
The most important vendor attribute, Lynn said, is having a backup plan in case of a data disaster (e.g., a system shutdown due to outdated tech). If a contingency plan does not exist, Lynn said he’ll take his business elsewhere. It’s also impetrative to know where data is being hosted down to the street address, as well as where redundancy is located, Lynn said. 
A secondary data center should be located at a considerable distance from its primary in case of a natural disaster, according to LexisNexis’ Gillis.

Read more: http://www.lawtechnologynews.com/id=1202655955850/When-E-Discovery-Goes-Wrong#ixzz32FzDRmNZ

 
 
 

Jason Atchley : eDiscovey : Plaintiff’s Failure to Communicate with Defendants Causes Complications in Discovery

 

jason atchley

Plaintiff’s Failure to Communicate with Defendants Causes Complications in Discovery – eDiscovery Case Law

May 19, 2014
By Doug Austin
By Doug Austin
 
In Procaps S.A. v. Patheon Inc., 12-24356-CIV-GOODMAN, 2014 U.S. Dist. (S.D. Fla. Mar. 18, 2014), the defendants filed a Motion to Compel over search terms for Electronically Stored Information (ESI), after the lead counsel for the plaintiffs repeatedly demonstrated uncooperative behavior by not responding to emails sent by defendants’ counsel, or responding with brief and unclear messages.
This discovery dispute arose after Florida District Judge Jonathan Goodman granted the defendants’ motion for a forensic analysis of the plaintiffs’ electronic media. Several reasons were given for granting the motion, among them the fact that the plaintiffs’ personnel had been permitted to self-search for ESI without context – the employees had neither seen the defendants’ discovery requests, nor been given a list of search terms. Judge Goodman ordered that both parties agree to a preliminary list of search terms.
Following this order, counsel for the plaintiffs produced a list of eight search terms, in English, along with an advisory that the plaintiffs could “confer with our clients as to appropriate Spanish translation.” This was problematic because the plaintiffs’ business is headquartered in Columbia, and while some of its employees speak both English and Spanish, others speak only Spanish.
The defendants responded that the counsel’s proposal with the absence of Spanish search terms and a suggestion to translate the terms post-agreement was “patently unreasonable,” and further stressed that “perhaps most troubling is that it doesn’t appear these terms were discussed with [plaintiffs’] employees in order to determine what words and phrases they use.”
Counsel for the defendants attempted to reach the plaintiffs’ lead counsel with regards to this matter, first through a phone call, and then through an email follow-up that summarized the call, stating in part: “this confirms…[plaintiff] does not agree that it has an obligation to come up with search terms with input from [plaintiffs’] custodians about the words and abbreviations they use, and that [plaintiff] will not suggest any search terms other than the eight search terms it proposed.” The counsel for the plaintiff replied with a single-line email: “I do not believe your characterization of our position is accurate.” A response from the defendants’ counsel asking for clarification on which of the two points in the original email counsel believed to be inaccurate went unanswered.
Several further emails were sent, to which the plaintiffs’ counsel either did not respond, or responded with brief messages that did not address all the points questioned by defendants’ counsel. Due to the lack of communication regarding whether the plaintiffs’ counsel would confer with their clients regarding search terms, the defendants filed a Motion to Compel.
Judge Goodman held a multi-hour hearing with the parties, during which the plaintiffs’ counsel alleged that the defendants’ counsel had a history of “incorrectly summarize(ing) telephone conversations,” and further that the defendants were “seeking to engage in an ‘e-mail war,’ that email is being used ‘as a tool to gain an advantage’ and that [defendants’ emails] were an ‘ambush attempt’ and that he was not going to ‘get trapped into this kind of tactic’.” Additionally, counsel asserted that they had already been in communication with the plaintiffs’ ESI custodians, detailing in an affidavit that attorneys for the plaintiffs had spoken to a total of 24 custodians currently employed by the plaintiffs, as well as two former custodians, regarding search terms and ESI that was reasonably likely to contain relevant information.
Upon review of the affidavit and testimony, it was found that the plaintiffs’ counsel had first communicated with ESI custodians regarding search terms only on the day after the defendants had filed the Motion to Compel, and that the discussion outlined in the affidavit had taken place during the week after the motion had been filed. Therefore, the search terms had not in fact been discussed with the plaintiffs’ ESI custodians at the time of the email exchanges, contrary to what counsel had indicated.
Despite having ultimately arranged for the appropriate persons to provide search term input, Judge Goodman awarded attorney’s fees to the defendants in the amount of $3,750, with $1,000 of the fees to be paid personally by the lead counsel for the plaintiff due to his non-communication. It was stressed that this award was for fee-shifting purposes, and not intended as a sanction.
So, what do you think? Should apparent refusal to communicate provide grounds for sanctioning during the discovery process? Please share any comments you might have or if you’d like to know more about a particular topic.
Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine DiscoveryeDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.
 
%d bloggers like this: