Posted on September 3, 2010 by David Kaufer

"Are You Sure You Want to Delete That??"

ESI – electronically stored information – is at the heart and soul of eDiscovery.

A lengthy Lexology article by Alan S. Naar neatly sums up how eDiscovery has been transformed into a unique universe inhabited by many players with varying degrees of involvement. We not only have players, but we also have thorny issues and unplanned expenses. In fact, as Naar concludes:

E-discovery issues have created a new minefield in litigation involving thorny questions and unexpected costs. Every business has an obligation to be aware of these issues and should consult with counsel regarding new developments in the law.”

ESI Retention Policies

One issue, in particular, needs a closer look: a company’s ESI retention policy.

Naar advises that every company should have a document retention policy with cut-off dates for preserving documents – both electronic and hard copy. And when the dates come up, the documents should be deleted or removed from the system.

So far, so good. But here’s where things get thorny.

Naar says that if a company adheres to a “reasonable retention policy” and destroys information based on that policy before a litigation is filed, the company will not be penalized.

Don’t breathe easy just yet – there’s a but, and it’s a BIG one. The courts have ruled that when there’s a chance of a litigation, or an existing litigation would be compromised if documents are not made available, the company is obligated to suspend its regular policy and must comply with eDiscovery requests (a.k.a. “a litigation hold.”)

Your Word Against Theirs

So how does this play out? Something like this. Let’s invent….Joe.

Joe is a business owner, and per his document retention policy, he tells his IT department to destroy all ESI that has reached the due date. Two days later, Joe receives a legal notice advising him that he must surrender all e-mails and messages exchanged over the past two years ago by his marketing people.

Poor Joe.

Naturally, he’s going to respond by saying that such documents are no longer available, and he’s going to point to his retention policy, which tells him to destroy documents after a certain date. Guess what the other party’s going to say to this?

Joe, it’s clear that you destroyed the documents in spite of the fact that you knew there was a possibility of a lawsuit?”

And Joe’s irate reply: “I didn’t know I was going to be sued.”

And that’s the rub. Because it’s up to the courts to decide just how credible Joe is when he makes that statement. He’s going to have to really make it clear that he was following a “best practice” policy – and not exploiting that policy in order to mitigate any possible litigation exposure.

Get Expert Legal Help

If Joe could go into a time machine, he’d certainly slide back a couple of years and ask a legal expert for iron clad advice on how to handle his retention policy – and how not to handle it. He’d get things in writing. He’d undertake due diligence. In short: he’d pay attention to this issue because two years later it could have the potential to throttle his company.

As we said, Poor Joe. There’s no time machine for him…but there is for YOU. Get the expert advice you need on this issue, and the next time someone asks “are you sure you want to delete that?”, make sure that your answer is good from a legal perspective; not just an operations or management one.

(Donations for the Save the Joe fund can be made in c/o this blog.)

 

Tags: , , , , ,
Posted on September 1, 2010 by David Kaufer

Workplace Social Media Habits: Handling Security Risks

While one third of employers in the US are using social media to support their marketing efforts, they’re also worried about giving employees free rein to social media, no matter how harmless in nature the communications may be.

Chris Crum went over survey results conducted by CareerBuilder. The results were interesting and confirmed that companies actively use social media tools to reach not only customers but also potential employees.

But…are there potential security risks?

Responsibility + Tracking Software: Sufficient Protection?

We need to grapple with the nagging question posed by Crum: how much control can companies wield over employee use of social media?

One view is that companies should allow employees free access to social media - provided the word “responsibility” is hammered into each and every employee. After all, company data that is accidentally leaked publicly affects not only the company, but also employees, officers, suppliers, community watchers, and service providers.

Another view, of course, is the good ‘ol finger wagging: NO! Absolutely not, employees can’t log into their Facebook or Twitter (or whatever) accounts during office hours.

But, surprisingly, there’s a third view: co-opting employees and making them information gatherers (or spies).

As far-fetched as it may seem, there are some who claim that employers encourage employees to spend time on Twitter, Facebook and LinkedIn to see if they might obtain information that will thwart the competition, or in some way be valuable to the company. And given just how much information is floating around out there in cyberspace, it’s not that strange an idea. Ethical? That’s a different topic we’ll leave for another blog.

Introducing Socialite

Still, regardless of whether employes want to turn employees loose on the social media landscape, keep them completely outside the perimeter, or send them on friendly little re-con missions into neutral or even enemy territory, they still need a software solution to make sure the policy du jour is being followed. And for that, there’s Socialite.

Mentioned by Crum in his article, Socialite, is a really neat (to use the technical term) software application introduced by FaceTime Communications. Its purpose? A compliance solution for social networks. This means that companies can install the software and keep track of what employees are streaming into social media when they’re using corporate networks.

Socialite has specific benefits. Among them:

  • Blocks sensitive data from leaking out

  • Gives IT managers the capability to monitor Facebook and its hundreds of applications and which employees are using these applications

  • Allows management to pre-approve outgoing content

  • Enables IT personnel to capture all data for archiving into eDiscovery

There is no doubt that given the continued growth of social media and vexing issues it poses for companies, Socialite will see additional competition in the very near future.

Social Media Checklist

And on a final note, to protect corporate interests and to maintain efficient security controls over social media, companies are reminded to:

  • Review their IT policies – particularly those that cover employees’ use of the company email for personal reasons,

  • Convince managers not to “friend” subordinates

  • Evaluate any possible loopholes in the company’s social media policy

  • Implement elaborate security controls for confidential information

  • Use common sense!

Tags: , , , ,
Posted on August 31, 2010 by David Kaufer

When Disaster Strikes - eDiscovery

Let’s take a second look at the BP oil leak. In an earlier blog, we discussed the legal consequences of this disaster -- particularly as it relates to eDiscovery issues. It would be a futile exercise to try to point a finger on who and what caused the oil spill – it will take engineering ingenuity to determine if structure and manufacture can take the blame. Or was it a human decision that triggered the crisis?

We’ll let time and qualified experts decide that.

But what about the legal disaster that follows a physical disaster? What we’re referring to, more precisely, is an eDiscovery disaster. Fred Blum and Nader Mehdizadeh in LTN Law Technology News (August 6, 2010 edition of The Recorder) recommended six ways to avoid it:

  • Preserve ESI – that includes not altering ESI data

  • Confer with the opponent – establish parameters for the retrieval and collection of data

  • Collect data intelligently – this involves tackling the issue of hiring a vendor to organise the company’s data for litigation purposes

  • Hire a vendor you can trust – (read: choose a vendor with specific expertise and who can communicate that expertise in layman’s terms)

  • Use hosted databases – it does eliminate some major headaches, in exchange for a monthly fee

  • Go to court, if all fails (hardly an avoidance strategy, but I guess they wanted to imply that it’s the last resort)

It can be instructive to focus on recommendation # 2: confer with the opponent. In this era when litigation has become nightmarishly expensive even for lawyers (it’s not fun bankrupting a client – it makes getting paid a little difficult), “humanizing” the entire eDiscovery process can go a long way towards averting disaster.   

Tags: , ,
Posted on August 29, 2010 by David Kaufer

Signs of economic recovery showing in divorce rate: Online filings increase noticeably at CompleteCase.com in 2010

Seattle, WA – August 30, 2010 - There are strong indications that Americans are feeling better about economic prospects and are showing it by filing for more divorces online in 2010 than in 2009. This is according to data from leading online divorce website CompleteCase.com. In addition, only 17 percent of those filing for divorce in 2010 say that the economy had an impact on their decision to divorce, down significantly from 32 percent in 2009.

There is a clear correlation between attitudes surrounding the economy and the US divorce rate,” said Randolph Finney, CEO of CompleteCase.com. “People seem more willing to live in unhappy situations when the economic climate is poor. This was especially compounded by the housing crisis as many couples were unable to sell their homes.”

Finney said that CompleteCase.com's position as the leading destination for online divorce filings provides it with a unique perspective when it comes to measuring the economy.

Increases in Online Divorce Filings
From 2006 to 2008, divorce filings dropped by about a tenth of a percent per year, with a slight increase in 2009,” he said. “Online divorce filings mirrored that trend to a lesser degree, but so far in 2010, we're seeing a noticeable increase in filings. This seems to indicate that perhaps those who were waiting before due to economic uncertainty are more willing to end their partnerships.” Finney further noted that online filings are almost certainly increasing more rapidly than the overall divorce rate.

CompleteCase.com recently completed a survey of its users measuring the impact of the economy on the divorce decision-making process. According to the survey, in 2009, 32% of users indicated that the economy had impacted their decision to divorce and this year the number dropped to 17%. This shows that fewer couples have allowed the economic environment to influence their decision to file a divorce online. And as an interesting aside, despite recent publicity given to the topic, only 9% of the divorcing couples in the survey indicated that their decision had been impacted by social media, such as Facebook or MySpace.

About CompleteCase

More than a quarter million people have resolved their divorce cases through CompleteCase.com™ throughout the United States and Canada. The company's vision is to allow those filing for divorces to do so in an accurate, inexpensive and efficient manner. The innovative site is the first of its kind and enables those considering divorce to prepare their own forms on-line without expensive attorney's fees and without confusing and untidy divorce kits or books. CompleteCase.com is designed to walk users through the divorce process, providing a complete set of completed divorce documents after users simply answer a series of simple questions. The system produces quality, state-specific divorce documents complete with directions on how to file a divorce in accordance with individual state laws. This provides users with a discreet and inexpensive way to obtain a divorce..

# # #

Tags: , , ,
Posted on August 27, 2010 by David Kaufer

6 Security Steps To Take With Laptops, Smartphones, and Flash Drives

 Laptops, smartphones, and flash drives save lawyers from packing heavy briefcases stuffed with paperwork. However, this convenience comes with a price -- the security risks are substantial. According to William Quick, a sole practitioner in Clayton, MO who teaches and lectures on technology topics, “Identity theft is a mushrooming problem that Congress and the states have been trying to deal with any way they can.”

6 Security Steps

In Dolan Media Newswires, Quick lists steps to take to keep your devices secure:

  1. Be careful not to lose the device in the first place. Pay close attention to where your equipment is.

  2. Have a written plan that details your firm’s action if a data breach should happen.

  3. Only keep what you need. Decide what information has to be saved and then back up your data to a secure location on a regular basis.

  4. Lock your computer when you are away.

  5. Encrypt all devices – most statues don’t require you to inform your clients of encrypted data breach.

  6. Invest in back-up-plan software. Some software allows you to protect your data security after the fact.

But...But…IT’S GONE

If you lose your equipment and someone obtains this information, you need to alert potentially affected parties of the loss – and that’s a lot easier said than done. It may also land you in some hot legal water (at several hundred bucks an hour, there really is no other water temperature in the legal world), because 46 states have data breach laws. So there could be some liability issues that come up.

The bottom line? Convenience is optional; solid security protection is not. Do what you need to do – as inconvenient as it may be – to avoid the pain, regret and possible litigation that comes with losing data. Your briefcase may be heavier...but your peace of mind will be much, much lighter.

 

Tags: , , , ,
Posted on August 24, 2010 by David Kaufer

IT and Legal: Why Can't We Be Friends?

In the eDiscovery sandbox playground, Legal Teams and IT are simply not playing well with each other – and that’s creating a big, expensive, risky and scary mess. And unless either side wants a “time out”or to be sent to bed without any Dora (though this is perhaps not a punishment), it’s essential that they learn to coexist and even collaborate when organizing for, and responding to, eDiscovery requests and tasks.

Or, in grown-up terms, everyone needs to know:

  • what to ask and who to ask when it comes to everything eDiscovery (requests, responses, and more)

  • what systems are in the IT landscape, what systems are in the legal landscape, and where they overlap

Sound like fun? No, of course not. But it doesn’t have to be dreadful either; not with a Data Map.

Data Map: Bringing IT and Legal Together in Harmony

A Data Map is the bridge between IT and legal. This little communication-enabler can deliver knowledge that resolves major headaches next time an eDiscovery “challenge” arises (and it will…oh yes…it will). A Data Map answer important questions like:

  • Where is your company's electronically-stored information housed?

  • Is the data replicated? Where and in what form(s)?

  • Does your company cross-reference its application data with a list of active legal holds?

  • What about custodians who leave the company?

The Assignments

Now, relying on a Data Map is a good start – but there’s more to do. So here’s some homework for both legal and IT. (Yes, this will be on the exam.)

Legal:

1. Ask questions. Don't be afraid to ask IT why something won't work or how something could be done better -- it can only strengthen your position.

2. Be specific. In the IT world, everything needs to be specified, so try to frame your needs accordingly.

3. Communicate the big picture. Discussing the reason for a request could avoid a disaster (always a good goal), and open the door for the IT team to contribute information that makes your case.

IT:

1. Be flexible. A cool head is key. IT folks are legendary for figuring out what the problem is, and…less legendary at finding solutions. Be the solution; not the headache.

2. Don't speak "geek." Use familiar terms to help them understand what’s going on. Don’t add confusion by using jargon.

3. Answer questions and be helpful. A willingness to answer questions will build trust and facilitate realistic expectations. It’ll also increase your communication skills so you can be promoted to KING OR QUEEN OF THE IT-ITES, which is probably something you might enjoy (you get a parking spot, a bigger monitor, and a picture on your wall of somebody rowing or climbing something).

Staying Together

Alas, once you’ve created IT and legal bliss and everyone is holding hands, your next challenge is to keep things humming in the right direction. The best way to make this happen for the legal team is to publish an automated custodian “watch list” to the IT team. And from a bigger picture (corporate) perspective, investing in systems that enhance collaboration in both camps will pay for itself – and you’ll achieve workplace peace at the same time. Who knows? They might even start to like each other.

(Hey, anything’s possible!)

 

Tags: , , , , ,
Posted on August 19, 2010 by David Kaufer

Canadian Courts Inject Common Sense into Discovery Process

You’re Entering a Dimension of Imagination…

If a Rod Steiger worshipper out there wants to create a topical, 2010 version of the Twilight Zone, he or needs to look no further than the twisted scenario where companies are being forced to spend upwards of half a million dollars responding to discovery demands for a case that isn’t worth half a million dollars.

Actually, that may not be bizarre enough for the Twilight Zone. But it’s happening all over, and now the courts in Ontario, Canada have taken a stand by introducing the “proportionality principle.”

This new entrant to Ontario’s Rules of Civil Procedure authorizes the court to limit discovery where costs would be disproportionate to what’s at stake in the litigation. It also requires parties to agree on a “discovery plan” that sets out the scope, and takes into account relevance, costs, and important complexity of issues.

Can’t Afford to Fail

This solution is particularly welcome news for small companies, who often waste hundreds of thousands of dollars trying -- and failing -- to provide the required discovery, since they simply don’t know what’s needed, when it’s needed, why it’s needed, and how to get it. And by the time they realize they don’t know what to do, they’ve already spent more than they can afford. And that’s just the beginning of the nightmare.

The courts aren’t impressed with companies who fail to respond to discovery orders, and have signaled a willingness to impose these gruesome consequences:

  • increased litigation costs

  • negative inferences by a judge

  • default judgment

  • civil contempt proceedings

  • vicarious liability for senior management

  • criminal liability for organizations and individuals

(It's safe to come up from beneath your desk now, we’re moving on.)

Survival Instincts

On the positive side, one hopes that the “proportionality principle” injects some much-needed common sense into the discovery process – particularly with the massive emergence and complexity of eDiscovery issues.

And just as beneficially, perhaps the threat of utter court-induced obliteration is helping some companies lurch into a state of (gasp) proactive readiness. For example, Bell Canada has started asking their external counsel to take images of their hard drive, sift through it, and a year later produce a list of relevant documents…just in case.

Tags: , ,
Posted on August 19, 2010 by David Kaufer

Courts Signal Requirement for Effective eDiscovery Solution

Last month, MessagingArchitect.com highlighted a Lexology report that has ramifications for everyone involved in the eDiscovery space – including lawyers, corporations, consultants, project managers, and more.

The report, citing a January 2010 New York Federal Court ruling, made it clear that a party’s legal obligation to preserve digitial documents goes beyond the question of intentional destruction, and now includes “gross negligence” as well.

In other words: if a party fails to protect digital documents by “forgetting” to perform back-ups or “accidentally” deleting emails, then it can (and in the New York case, was) be sanctioned by the courts for gross negligence.

And what makes this ruling even more consequential, is that the courts need not be of the opinion that an offending party acted in bad faith. They can simply determine that the party should have been done based on common standards and expectations. They can also order sanctions for “ordinary negligence” when a party fails to provide the courts with relevant digital evidence in a complete and timely manner.

This ruling, and the trend that it will doubtlessly spark, points to a bold bottom-line conclusion: corporations must have an efficient, reliable and appropriate legal discovery solution in place NOW; long before any court request is made.

Because ignorance, incompetence or just general “confusion” about eDiscovery requests are no longer an acceptable response to the courts -- if it ever was.

 

Tags: , , , ,
Posted on August 16, 2010 by David Kaufer

Up-up in the sky! It's a Bird...it's a Plane...No...it's eDiscovery!

 If you listen to some futurists (and they like it when you listen to them), the future of IT is in the clouds. Cloud computing, that is. And if they’re correct (and the like it even more when they’re correct), it means that eDiscovery is headed to the sky as well.

What is Cloud Computing?

Cloud computing is one of those catch-all terms (like “information technology” or “web 2.0”) that refers to a whole bunch of things, and defining it in precise terms is frustrating and fruitless, since a year from now that definition will change. Suffice it to say, cloud computing refers to an application being delivered over the Internet, so that clients and end users (that would be us folks) don’t have to download and install any software. We simply surf over, log in, and voila, we access the application. Google’s “gmail” and Microsoft’s “hotmail” are two examples of email in the cloud computing space.

How Does eDiscovery Fit in the Cloud Computing Space?

EnterpriseStorageForum.com offers a couple of solid working definitions for us, plus some tips on what corporations should be aware of. First, the definitions:

  • Cloud-based un-Hosted eDiscovery. This is when corporations access software over the Internet for eDiscovery-related tasks like storing, analyzing and reviewing data. It’s typically a cheaper and simpler solution, since there’s no software to install locally (other than a small launch application that takes users into the online program). Plus, the vendor provides technical support, which is thrilling news for corporate IT help staff. However, this approach can be a bandwidth hog, and corporations may have to upgrade their infrastructure so that interaction with the online program is smooth and fast.

  • Cloud-Based Hosted eDiscovery: This is when a corporation retains a host to store data (e.g. client information), and then accesses it to perform required eDiscovery tasks. One of the challenges here is ensuring that transmission of the information from the corporation to the host is encrypted and secure. And as with un-hosted cloud computing, bandwidth can also be an issue, and corporations may have to upgrade their infrastructure to avoid traffic jams and slowdowns.

Additional Challenges

As noted above, two things that can undermine eDiscovery in the cloud computing space are bandwidth and security. Other issues that can make or break this solution include data protection, chain of custody, and security for at-rest data. All of these issues need to be addressed and mapped out before a corporation launches their eDiscovery platform into the clouds.

Sound easy? It can be…but often isn’t. As EnterpriseStorageForum.com goes on to note, communication between legal and IT has not always been effective (to put it mildly). It’s less of a war for supremacy as it is a: “I don’t know what you do and you don’t know what I do, so what do we really need to talk to each other about besides the weather…and who really has time to talk about the weather?”

However, that has to change. Both IT and legal (or legal and IT, if you wish) need to realize that communication on the cloud computing front is mandatory, because this is an issue that clearly embraces both functions. Both camps have provide input and direction on the solution, and in the same spirit, both camps have to build systems that resolve problems (which will occur) and exploit opportunities (which will also occur) in a smooth, efficient and peaceful way.

Smooth, efficient and peaceful. Ah. Just like a cloud.

 

Tags: , , ,
Posted on August 12, 2010 by David Kaufer

TERIS Phoenix Offers Free CLE Courses on eDiscovery and Forensics to Arizona Law Firms and In-House Counsel


Attorneys looking to fulfill Arizona’s mandatory continuing legal education (CLE) requirements now have the option to schedule free CLE courses in the comfort of their own firms or corporations.

TERIS Phoenix, a full-service litigation support provider, is offering free CLE courses on eDiscovery and forensics issues to Arizona-based law firms and in-house counsel. TERIS has successfully presented courses at 10 firms in 2010, including several large national firms in the Phoenix area.

“I invited TERIS to Polsinelli Shughart after attending one of their presentations at the MCBA and found them to be timely and well-presented without becoming a sales pitch,” said Andrew Turk, partner at Polsinelli Shughart. “I have even provided some of the materials to clients and wished they could all see the program. We have invited TERIS back for another program and would encourage colleagues to contact TERIS based on the extensive knowledge they’ve demonstrated.”

TERIS Phoenix CLE course options include: 

  • An Introduction to eDiscovery
  • Forensic Collection & The Pitfalls of In-House IT Collection
  • Got Sanctions? The 2009 eDiscovery Year in Review

Two additional course topics in development will focus on:

  • Methods to Cull Data and Lower eDiscovery Costs
  • Document Retention Policies

Each presentation lasts approximately one hour, plus time for Q & A. All options are ethics credit eligible and TERIS provides each participant with a certificate of attendance and written presentation materials.

The State Bar of Arizona does not approve or accredit CLE activities for the Mandatory Continuing Legal Education requirement. TERIS CLE courses may qualify for up to one hour toward the annual CLE requirement for the State Bar of Arizona, including one hour of professional responsibility.

“The CLE presenters from TERIS are very well-prepared, informative and knowledgeable leaders in the field,” said David Funkhouser, an attorney at Quarles & Brady, LLP. “The topics presented in our CLE were extremely timely and relevant to our entire practice group. Since then, I have been extremely mindful of issues regarding electronically stored information, and the pitfalls associated therewith. I would whole-heartedly recommend TERIS CLEs to my colleagues and peers.”

To schedule a free CLE with TERIS Phoenix in the comfort of your law firm or company, call Brandon Colburn at 602.241.9333 or e-mail bcolburn(at)teris(dot)com.

ABOUT TERIS

Founded in 1996, TERIS provides legal support and sophisticated eDiscovery solutions to corporate legal teams and law firms across the U.S. and internationally. TERIS’ national staff of more than 275 was named one of the top 20 eDiscovery service providers by industry researcher Socha-Gelbmann in 2008. The company operates a free job board for the legal profession at www.discoverlegaljobs.com and has offices in Seattle, San Francisco, Silicon Valley, San Diego, Phoenix, Austin, Dallas, Houston and Chicago. To learn more about TERIS, visitwww.TERIS.com or follow the company on Twitter at www.Twitter.com/DiscoverTERIS.

Media Contact:

David Kaufer 

206 262 7302 Office 

425-275-8814 Mobile 

david(dot)kaufer(at)zenwerks(dot)com

# # #

 

Tags: , , ,