All posts in Other

WannaCry Ransomware Hits Computers – What Now?

What many security experts have long warned became a reality last Friday: over 220,000 computers were infected by a new strain of ransomware. The infection affected several British hospitals, French car maker Renault and the German state-owned railroad operator Deutsche Bahn. Although a kill switch has stopped the spread of this version of ransomware, the fix is only temporary. The WannaCry ransomware virus, once activated, encrypts files, drives and entire networks. After the computer is infected, a message is displayed on the screen telling the user that the computer and its data are locked and can only be unlocked by paying a ransom in the form of the crypto currency Bitcoin.

The virus was able to spread so quickly because the blackmailers used a zero-day gap in the Windows operating system. This is a security vulnerability in all OS versions since Windows XP for which Microsoft released an important security bulletin and important patches in March with security update MS17-010, which can be found here: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx.

Due to the ransomware attack, Microsoft released new patches to fix the security gap, which can be found here: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/.

All users, whether companies or individuals, are advised to install the appropriate patch for their respective Windows system as soon as possible.

If infected by ransomware…

Even with the best precautions and policies in place, it is possible to fall victim to a ransomware attack. In the event that your data is held hostage by ransomware, here is some advice to keep in mind:

  1. Remain calm. Rash decisions could cause further data loss. If you discover a ransomware infection and suddenly cut power to a server, versus powering it down properly, you could lose additional data.
  2. Check your most recent set of backups. If they are in-tact and up-to-date, the data recovery becomes easier to restore to a different system.
  3. Never pay the ransom; attackers may not unlock your data. There are many cases of ransomware victims paying a ransom and not receiving their data in return. Rather than running this risk, companies should work with data recovery experts who may be able to regain access to the data by reverse engineering the malware.
  4. Contact a specialist for advice and to explore recovery options. Experts can examine your scenario to see if they have a solution already in place or if they may be able to develop one in time.

To date, engineers at KrolLDiscovery have identified over 225 variations of ransomware that infect user devices, with more variations created every day. The team of engineers at KrolLDiscovery work around the clock to identify and find a solution for each type of ransomware.

The Results are In: Sixth Annual Best of the National Law Journal Survey

“We are honored to be chosen as a leading ediscovery provider in so many service and technology categories by National Law Journal readers.” Chris Weiler, CEO of KrolLDiscovery.

For the last six years, the National Law Journal (NLJ) has conducted a survey asking its readers to rank top providers in the legal marketplace. From data, research and technology to finance, expert witness and outsourced services, this survey highlights the businesses and individuals seen as the best in the industry. In all, the legal community cast over 4,500 votes to select the 2017 Best of The National Law Journal winners.

Given the collective opinions of thousands and the esteem of this national survey, KrolLDiscovery is honored to receive 10 awards, including four top honors, in this year’s survey. Specifically, KrolLDiscovery took home the gold award in the following categories:

  • Managed Ediscovery & Litigation Support Service Provider
  • Managed Document Review Services
  • Predictive Coding Ediscovery Solution
  • Data Recovery Solution Provider

Additionally, the company received silver awards in four categories:

  • End-to-End Litigation Consulting Firm
  • Technology Assisted Review Ediscovery Solution
  • Data & Technology Management Ediscovery Provider
  • Online Review Platform

Third-place honors include:

  • End-to-End Ediscovery Provider
  • Case Management Software to Law Firms

It’s great to know that all of the hard work of LDiscovery and Kroll Ontrack – now together as KrolLDiscovery – was recognized by NLJ readers. Learn more about all of KrolLDiscovery’s innovative technology and best-in-class services to support litigation, investigation, compliance and recovery from data loss. And, thanks to everyone that voted!

DOJ Antitrust Division Issues New Model Second Request, with New Predictive Coding Instructions

On November 28, 2016, the Department of Justice (DOJ) Antitrust Division issued an updated Model Second Request, aimed at revising and streamlining the model to conform to “current division practice.” The updated Model will be used for all Second Requests issued on or after December 12, 2016. The new model contains significant changes to merging parties’ obligations during a Second Request, as well as a substantial formatting overhaul.

Regarding the use of ediscovery technology during a Second Request from the DOJ, the predictive coding instructions were meaningfully modified.

First, the new model appears to signal an increased acceptance of use of predictive coding during a second request. Specifically, the searching and predictive coding instruction begins with the following new language, “Before using software or technology…” seemingly indicating that the Antitrust Division recognizes that it is not a matter of “if” parties are leveraging technology but “when” and “how” that technology will be used.

Second, the new model requires merging parties and their counsel to be more astute than ever before when it comes to ediscovery technology. For example, if search terms are used, merging parties must now submit a list of stop words and operators for the platform being used. Also, if predictive coding technology is used to identify or eliminate documents, merging parties must provide more than just a description of the methods being used. Under this new model, the Antitrust Division also is requiring information about the use of subject matter experts to review seed sets and training documents, effectiveness metrics (such as recall, precision and confidence-intervals) and validation protocols, including sampling protocols used to categorize non-responsive documents.

The new predictive coding and searching instruction is provided in full below:

November 2016 Version – DOJ Model Second Request

  1. Before using software or technology (including search terms, predictive coding, de-duplication, or similar technologies) to identify or eliminate documents, data, or information potentially responsive to this Request, the Company must submit a written description of the method(s) used to conduct any part of its search. In addition, for any process that relies on search terms to identify or eliminate documents, the Company must submit: (a) a list of proposed terms; (b) a tally of all the terms that appear in the collection and the frequency of each term; (c) a list of stop words and operators for the platform being used; and (d) a glossary of industry and company terminology. For any process that instead relies on predictive coding to identify or eliminate documents, you must include (a) confirmation that subject-matter experts will be reviewing the seed set and training rounds; (b) recall, precision, and confidence-level statistics (or an equivalent); and (c) a validation process that allows for Department review of statistically-significant samples of documents categorized as non-responsive documents by the algorithm.

As these new instructions reinforce, Second Requests are synonymous with sheer complexity. At Kroll Ontrack, we have leading technology backed by human experts who know how to successfully navigate a Second Request. Kroll Ontrack is uniquely equipped to help manage your document productions to the FTC, DOJ and other global competition bureaus.

New Resources Available for Interpreting the FRCP

Ediscovery resources

The first couple of months after the Federal Rules of Civil Procedure (FRCP) amendments were enacted in December 2015 changed the ediscovery atmosphere. During that time, it was unknown to practitioners whether the changes to Rules 26(b)(1) and 37(e) would create any reaction by the courts, much less if they would substantially influence the course of discovery. The early opinions became a sounding board as both courts and parties struggled with the challenges of interpreting the new amendments and the impact they would have on their cases.

In just a few short months, the 2015 amendments will be one year old and many courts now have established expectations based on the new rules.  Practitioners can no longer afford to ignore the changes. In order to help practitioners avoid making their case a lightning rod, Kroll Ontrack has compiled a number of useful resources published this summer to help you navigate the current framework.

Summer 2016: New Ediscovery Resources

  • Published in mid-August 2016, Gibson, Dunn & Crutcher’s report, 2016 Mid-Year E-Discovery Update, highlights the current trends of courts in regards to 26(b)(1) and 37(e).
  • Kroll Ontrack’s e-Book, 6 Months of Case Law Under the New FRCP, which is mentioned in the Gibson, Dunn & Crutcher report, gives a six month overview of cases which have had the most impact due to the new amendments.
  • Nationally renowned ediscovery expert, Tom Allman, has released a new treatise entitled, Applying the 2015 Civil Rules Amendments. The article provides useful background information on the formation of the new amendments, as well as an analysis of how the rules are being utilized by the courts.
  • The recent Sedona Conference publication, TAR Case Law Primer, offers a comprehensive overview of the jurisprudence surrounding the use of TAR. The primer also includes a discussion of the use of TAR in an international context.

Don’t miss out on these great new resources!

Relativity Certifications—Helping You Learn the Lingo

For Relativity gurus, making sense of kCura’s certification system is likely no sweat. However, for ediscovery outsiders or legal/IT professionals new to Relativity, all of the classes, tests and designations are a bit overwhelming. While kCura’s certification system is not overly complicated, it takes some time to learn the lingo. To speed up your learning curve, take five minutes to familiarize yourself with the Relativity certification structure.

Why Get a Relativity Certification?

If you work for a corporation, law firm or service provider utilizing Relativity for ediscovery, there is no better way to learn new Relativity features and provide more value to your organization than to get certified. The Relativity certification programs are for individuals looking to validate their knowledge and expertise in the software.

What Relativity Certifications Are Available?

kCura offers eight certifications for Relativity:

  • Relativity Certified Administrator (RCA) – The keystone certification, targeted at case administrators working day-to-day in Relativity.
  • Relativity Analytics Specialist – For individuals working extensively with Relativity Analytics.
  • Relativity Infrastructure Specialist – For individuals responsible for setting up, running and troubleshooting a Relativity environment.
  • Relativity Certified User – For individuals conducting document review within Relativity.
  • Relativity Assisted Review Specialist – For individuals with expertise in predictive coding within Relativity.
  • Relativity Processing Specialist – For individuals operating the processing engine in Relativity.
  • Relativity Project Management Specialist – For individuals troubleshooting case workflows using Relativity.
  • Relativity Certified Sales Professional (RCSP) – For individuals demonstrating Relativity in a sales setting.
  • Expert – For RCAs who hold two or three specialist certifications concurrently.
  • Master – For RCAs who hold four or more specialist certifications concurrently.

How Does the Certification Process Work?

Don’t expect these certifications to come easy. It is generally known that kCura’s exams are not a stroll through the park. Expect to invest plenty of time studying to prepare yourself. Further, in order to sit for one of the exams, candidates have to possess specific experience as a prerequisite. After you pass, you have to keep your certification up to date by earning Relativity Continuing Education (RCE) credits.

Hear What Some RCAs Have to Say

At Kroll Ontrack, many of our team members are ramping up their Relativity expertise. In fact, currently 53 colleagues hold the RCA designation, with several also certified in one or more specialist areas. Of those certified, nine in Kroll Ontrack’s crew have reached the Relativity Expert designation and one hard-working individual at Kroll Ontrack is certified as a Relativity Master.

If you are intrigued to pursue such a certification, set aside time to read the wealth of information available on kCura’s website. As anyone working in ediscovery knows, given the amount of change in the law and technology, continued professional development goes a long way to a prosperous career in ediscovery.

Soaking up the Ediscovery Sun: Ing3nious NorCal 2016

Ediscovery Ethics

This past week, I had the opportunity to attend the Ing3nious NorCal Retreat on Ediscovery and Information Governance in the beautiful Pacific coast town of Half Moon Bay, California. This event signified the fifth anniversary since Ing3nious launched its initial retreat. As typical for Ing3nious conferences, the retreat featured many knowledgeable speakers and informative presentations.

Ediscovery Ethics: Calm, Cool and Competent

At the retreat, I had the chance to present the session on ediscovery ethics, along with attorney Brendan Kenny of Blackwell Burke. The focus of our presentation was on The State Bar of California Formal Opinion No. 2015-193 on Ediscovery Ethics and its applicability to the Model Rules of Professional Conduct. We discussed the importance of the nine skills highlighted in the California opinion:

  • Initially assess ediscovery needs and issues
  • Implement/cause to implement appropriate ESI preservation procedures
  • Analyze and understand a client’s ESI systems and storage
  • Advise the client on available options for collection and preservation of ESI
  • Identify custodians of potentially relevant ESI
  • Engage in competent and meaningful meet and confer with opposing counsel concerning an ediscovery plan
  • Perform data searches
  • Collect responsive ESI in a manner that preserves the integrity of that ESI
  • Produce responsive non-privileged ESI in a recognized and appropriate manner

Brendan live-streamed the presentation via Periscope and it is available for you to watch as a recording here. The slides from the presentation are also available for you on SlideShare.

Destination 2020, Social Media and Ediscovery Trends

One session that I found particularly interesting was “Destination 2020: The Changes, Opportunities and Challenges of the Next Four Years” presented by Chris Surdak. Chris has been at the forefront of the application of information technology and gave us a glimpse of his new book: Jerk, Twelve Steps to Rule the World. In his presentation, Chris discussed the formula for causing jerk in any industry and what existing companies must do to respond to these jerks while there is still time.

Other sessions I enjoyed include, “Through the Looking Glass: On the Other Side of the FRCP Amendments,” “It’s a Social World After All,” and “Top Trends in Discovery for 2016.” Specifically, I had the pleasure of listening to my Kroll Ontrack colleague, computer forensics expert Steve Komos, discuss social media in the “It’s a Social World After All” panel discussion.

To learn more about Ing3nious or the retreat, visit the website here. Additionally, keep an eye out for the Ing3nious East Coast 2016 retreat that is set for late September at which Kroll Ontrack will be a participant.

Antitrust Video Series: Part 2

Antitrust videos

Stars & Stripes, Fireworks and United States Antitrust Law

The Fourth of July provides an opportunity for Americans to focus on matters close to home and it is no different with antitrust law. Even though there are enticing global antitrust issues – which we discussed in Part One of this video series, antitrust law in the United States remains intriguing as new questions and inclinations emerge.

In Part Two of our antitrust video series, Kroll Ontrack shares the remaining videos created at the 2016 Annual Spring Meeting of the ABA Section of Antitrust Law, made in collaboration with The Capitol Forum. These videos, each focusing on an analysis of antitrust issues facing the United States, are conveniently organized by relevant themes: from basketball cartels to a shortage of FTC commissioners, U.S. antitrust law remains an ever evolving challenge.

Merger Remedies are Scrutinized More than Ever

One of the most contentious issues currently facing antitrust law is merger remedies. In order to ensure that merger remedies are capable of meeting their intended purpose, agencies are scrutinizing divestiture packages like never before, presenting additional issues for practitioners.

Elaine Ewing

Elaine Ewing

 

Watch: Merger Remedies featuring Elaine Ewing, a partner at Cleary Gottlieb Steen & Hamilton, as she discusses merger remedies and recent trends of regulatory agencies.

 

 

 

Mike Cowie

Mike Cowie

 

Watch: Merger Reviews featuring Mike Cowie, a partner at Dechert LLP, as he discusses the increasing time of merger reviews and the growing divestiture challenges.

 

 

 

Antitrust Law Continues to Rapidly Evolve

Antitrust law is developing at a brisk pace, and understanding its developing facets is crucial to a merger’s success. From understanding old theories to mastering new ones, practitioners need to be aware of the legal issues dominating the field.

Joe Farrell

Joe Farrell

 

Watch: Vertical Restraints featuring Joe Farrell, a Professor at University of California Berkeley, as he discusses vertical restraint and its utilization to protect monopolies.

 

 

 

Melissa Maxman

Melissa Maxman

 

Watch: Theory of Harm featuring Melissa Maxman a partner at Cohen & Gresser LLP, as she discusses antitrust theory of harm in the O’Bannon v. NCAA case.

 

 

 

Barry Nigro

Barry Nigro

 

Watch: Cross Ownership in Concentrated Markets featuring Barry Nigro, a partner at Fried Frank, as he discusses the concerns raised by cross-ownership in concentrated markets.

 

 

 

Lisl Dunlop

Lisl Dunlop

 

Watch: Inconsistent State Approaches featuring Lisl Dunlop, a partner at Manatt, Phelps & Phillips, as she discusses the varying conclusions reached by the states on healthcare antitrust issues and current trends.

Inaccurate Assumptions Plague Antitrust Cases

Jonathan Baker

Jonathan Baker

Inaccurate assumptions abound in antitrust law, either on the part of the practitioner or the agencies. In both cases, making inaccurate assumptions has costs.

Watch: Erroneous Assumptions featuring Professor Jonathan Baker of the American University Washington College of Law, as he discusses the impact of making erroneous assumptions when using “error cost” analysis in monopolization cases.

Short-staffing at the FTC

Carla Hine

Carla Hine

In an unusual situation that is unlikely to be remedied in the foreseeable future, the Federal Trade Commission has only three commissioners. This has created concerns among practitioners about its impact on antitrust cases.

Watch: FTC Formation featuring Carla Hine, a partner at McDermott Will & Emery, as she discusses the unusual situation of the FTC having only three commissioners and the impact that this has on merger review.

Survey Says… New Trends from Corporate In-house Counsel

corporate In-house counsel

Recently, Kroll and Kroll Ontrack surveyed over 170 corporate in-house counsel to share their perspectives on modern legal challenges facing organizations. We asked about some of the most pressing issues – from big data and compliance to fraud and cyber security – to uncover some striking corporate counsel trends.

These were just some of the questions asked:

  • What are the most pressing legal issues facing your corporation?
  • Does your company have a data breach or incident response plan in place?
  • Does your corporation have an information governance program in place?
  • How frequently do you discuss data security issues with your organization’s head of technology?

The key findings in this 2016 Corporate Risk Survey indicate that organizations are making noteworthy strides as the result of new risks facing the enterprise. Nevertheless, the survey also reveals that organizations have additional room to evolve if they seek to combat these modern risks in an efficient, cost-effective manner. Some of the in-house counsel findings include:

  • Only 41% report that their company’s Incident Response plan is regularly updated and tested.
  • 20% indicate that they never discuss data security issues with their organization’s head of technology.
  • 73% believe that they do not have an effective Information Governance (IG) program in place to deal with skyrocketing data volumes.

Explore the Global Expansion of Ediscovery

Ediscovery is in the midst of global change. Even for countries with legal frameworks that don’t require parties to disclose electronic documents, global ediscovery is emerging as a critical component of business and corporate governance.

Kroll Ontrack experts created a new, interactive map to help you explore global ediscovery insights. Organized by nation and theme, “Ediscovery Goes Global: 2016 Trends” explores the influence of data privacy laws and regulations, cyber security concerns, advancements in computer forensics and the evolution of technology assisted review around the world.

  • Have you ever wondered what the largest emerging market in ediscovery is?
  • How, why and when does ediscovery activity increase in the Netherlands?
  • Where is the use of predictive coding expanding?
  • Ever wondered how China deals with data protection and privacy in ediscovery?
  • Coming out of significant recessions, will Spain & Italy’s use of ediscovery technologies and techniques expand?
  • How do computer forensic tools influence ediscovery in France?
  • Which APAC countries are seeing the most ediscovery growth?

Click here to explore the map and learn more about trends in the hottest emerging ediscovery markets.

Top Considerations When Building BYOD Policies

ediscovery

Vikas_PallIn a recent article, my Kroll Ontrack colleague Vikas Pall wrote about the growing concerns over bring your own device (BYOD) policies. Today’s employees integrate their personal and professional lives, and the use of personal devices for day-to-day employment duties has become ubiquitous. The days of doubling up on devices—one personal, one professional—are over, with BYOD policies emerging as the most enticing option for employees and companies.

 

While there are many advantages to BYOD, taking on the ambiguities and complications that can come with having employees bring their own devices to work can be a risky move if an organization fails to put a well-planned policy in place. In his article in ILTA’s Peer to Peer magazine, Vikas outlines the top things to consider when building a BYOD policy.

#1: Assess

Crafting a well thought out BYOD policy is the key to fully utilizing its benefits, but a perfectly planned policy does not appear overnight. A policy must be effective, relatively simple and easy to follow for end users and the IT department. Communication across departments is the best way to make sure all bases are covered.

#2: Plan

Once the broad framework is in place, it is time to finalize the details of the policy. From Android to Apple phones to tablets and wearables, defining exactly what is meant by “bring your own device” is critical. Companies should be device-specific, or limit the devices, and establish a clear service policy for the list of approved BYOD devices. In the midst of planning the functional aspects of a policy, it is equally important to address employee exit strategies. BYOD policies should reference the company’s separated employee process and vice versa.

#3: Implement

To prevent data breaches or corporate hacks, specify what kinds of corporate data may be accessed on which devices and implement mobile device, data and app security measures in your BYOD policy to protect company data and confidentiality. BYOD policies should also touch on preservation and discovery in litigation. Companies can get ahead of failed preservation efforts by adding BYOD data to their ESI data maps and issuing legal hold notices to address what content must be preserved.

#4: Iterate

Companies should regularly audit the effectiveness of their BYOD policy. Look at what new technologies are available and whether they should be supported. Review the current policy points to see if anything wasn’t adopted or could be improved. BYOD polices will continue to evolve with technology and the workforce.

Be sure to read the full article, From Blurred to Secured: Four Steps to a Better BYOD Policy, for a more in-depth analysis of best practices for bring your own device policies.

 
css.php