All posts tagged KrolLDiscovery

A Closer Look: Government Investigations

What’s the first thing you think about when you hear about a government investigation? Personal harm? Social impact? The 24-hour news cycle? Political impact? Penalties? “What can the data tell us?” is one of the first questions I’m always asking when I hear the government is knocking. During the Government Investigations and Civil Litigation Institute’s (GICLI) third annual meeting, I found every prevalent theme aligned with the types of data-driven concerns I have in mind.

GICLI 2017

The 2017 GICLI conference, which aims to provide in-depth education regarding the dramatic surge in regulatory enforcement activities and related civil litigation that burdens the corporate legal department, was held October 9-11 in Dove Mountain, Arizona.

Throughout my one-and-a-half days at GICLI, I enjoyed the privilege and intellectual rigor of attending nine out of 13 panels collectively available during plenary and breakout sessions. The agenda was loaded with highly relevant, informative and meaningful content presented by and for an exceptionally sophisticated, collaborative and down-to-earth group of more than 120 practitioners from leading law firms, corporations and government agencies. Reflecting on all the great information, I walked away wishing that I had access to this type of forum 15 years ago and certain that not only would I come back, but also encourage others to participate in the GICLI community, come to next year’s meeting, continue learning and exchange insights. With that inspiration in hand, I’m happy to share some of the highlights that left a lasting impression with me, along with the data-driven implications you should be considering.

First and foremost, who cares?

Every industry should care, but especially highly-regulated, publicly-held organizations. Further, international organizations, public or private, need to focus on potential regulatory risks and underlying data-driven concerns. Putting aside some of the most exceptional fines and disgorgements that cost international corporations billions of dollars, dozens of new FCPA investigations are opened each year and the average case lasts four years. The U.S. government and its counterparts worldwide have established agencies to oversee most aspects of our lives. Today, consumer protection authorities are increasingly concerned with products that collect, compile and rely on data. Dolls, watches, vehicles and thermostats are among the myriad of products that are connected to the internet and streaming or storing information somewhere. Of course, the more obvious and traditionally heavily-regulated arenas like finance, healthcare, automotive and energy sectors need to recognize that the FBI and SEC are leading authorities with increasing ability to conduct sophisticated data analysis on grand scales. Further, there is significant international cooperation among regulators and sophisticated surveillance, with agents embedded in other countries. Consider what your organization is doing: what else can you do to more proactively monitor, detect and prevent issues in-house?

Everyone likes a diagram

To navigate the complexities of a government investigation, a common operating framework is particularly helpful. Many organizations that face regulatory inquires never have before but are then likely to face them again and certainly need specialized, experienced support and representation. Hats off to Patrick Oot, David Greenwald and Ashish Prasad for releasing version 1.0 of the Government Investigations Reference Model (GIRM) during GICLI’s 2017 annual meeting. The model provides an exceptionally helpful diagram to align the many activities and stakeholders that come into play throughout the lifecycle of a matter, from the time it emerges to the time it’s resolved. This will undoubtedly be in broad circulation soon and go through healthy community feedback and iterative enhancement. Other models that have emerged over the years, such as the Electronic Discovery Reference Model (EDRM) and the Information Governance Model (IGRM) effectively prove the utility of a common frame of reference. This new model is complimentary and can nearly be used in parallel to the EDRM as a substantive legal framework. Considering the two models together is important to enable practitioners to consider how, where and when they can identify, contain, interrogate and disclose potentially relevant data for optimal representation through the course of any investigation. Further, many of the reactive elements of the GIRM will serve to inform the types of proactive measures emphasized at GICLI, which could be incorporated into the model, as well.

Diametrical challenges

There are inherent tensions between cooperation with authorities, credit for cooperation, disclosure of privileged information, company representation, impacts associated with downstream civil litigation and over retention of electronic data. The fallout from an investigation and the high likelihood of spin off litigation is costly and time consuming. The answers for many (if not most or all) of the questions that arise through the course of an investigation can be answered through the absence or presence of electronic evidence. Early and constant case assessment was a prevalent theme among panelists at the GICLI meeting. While there are many work streams running hot during the course of these projects, building fact patterns and disclosing findings based on actual, underlying data is sensible, especially when coupled with findings from witness interviews and sound strategy. Meanwhile, it can take time to put the relevant information together and additional findings tend to emerge later, thus enhancing the tensions. Even in these urgent circumstances, counsel needs to pause and carefully consider the best search, retrieval and analytics strategies to identify and triage factually relevant data, data sets that need to be compiled to prove the negative (i.e., when there’s no real infraction) and potentially privileged information. Of course, this further illustrates the logic in carefully examining potentially relevant data. Much can be accomplished through holistic, high-level and mid-level data analysis. Early data analysis often reveals key players, timelines and tranches of useful or irrelevant data.

As the tentacles of an investigation spawn and the scope of potential civil actions are defined, so too should the scope of legal holds and data preservation. Some of the basics and details of these often-mentioned issues go unattended at a surprising rate. It is also apparent from GICLI meeting attendees that an equal amount of consternation can be attributed to over-retention of data. Precise, content retention and disposition appears to remain elusive to many organizations, even with comprehensive policies in place. The large “data lakes” that spring up are especially challenging. Pools of legacy data that remain unmanaged on file servers or under the custody of outside counsel occasionally become the vehicle for cases to proceed simply because data was still available, despite expiration of retention and legal hold obligations.

Keeping up the momentum

These were just a few of the big themes and underlying issues that were covered in depth at GICLI 2017. I’m optimistic that future meetings will prove to be as informative. So, I look forward to the fourth annual GICLI meeting in Ft. Lauderdale, Florida on October 8-10, 2018 and hope to see many new and familiar faces.

One of my goals is to keep the conversations started at GICLI going over the next 12 months. If you have any ideas or questions about the prominent role of data in government investigations, please don’t hesitate to reach out.

How the Internet of Things has Changed Computer Forensics

More and more, Internet of Things (IoT) devices have been entering the market recently, with the most prominent product being Amazon’s Echo and its smaller counterpart, the Echo Dot, along with Google Home.

What do these devices do?

The Echo and Echo Dot are pretty straight-forward. Users can play music, set an alarm and manage calendars. The user can also activate “skills,” as extensions, in order to add more functions to the Alexa app.

In contrast to other IoT devices, the Amazon Echo does not save data on the device. Instead, it transfers all voice recordings to Amazon’s data center.

Although the recorded data is not saved on the device itself, users are still concerned as to what rights to privacy they have. Trigger words are used to prompt the attention of the device. For the Echo, it is, “Alexa” and for Google Home, it is, “O.K. Google.” Every word spoken after that trigger word is recorded and transferred to the provider’s data center. The recorded data is then stored by Amazon or Google and it is somewhat of a mystery as to what happens to the data from there.

Computer Forensics: Can recorded data solve crimes?

In some cases, the data is used for much more serious situations than one might think. Earlier this year, data from an Echo device was used in a murder investigation. An individual was found dead after a house party in Bentonville, Arkansas, and criminal charges were brought against the owner of the home. Investigators demanded the Echo recordings, and data from the Echo inside the home was used as evidence in the case.

This case demonstrates the impact that IoT devices will have on computer forensic investigations. Investigators are now able to utilize data stored on devices, the cloud and external data centers. When data becomes available to computer forensics specialists, the work becomes the same as any other ordinary case. After forensic investigators create a 1:1 image of the original storage media – a hard disk drive, an SSD, a removable FLASH card, a data tape or any other storage media – they begin to analyze the data. When this assessment is completed, investigators use specialized software tools to search through the data, looking for evidence that can be used in a trial.

Can I stop sharing my data?

While this is a beneficial tool for some criminal investigations, users have the power to turn this feature off. If a user does not want their recordings to be stored, there is a way to delete them. Inside the Alexa app on your smartphone, there is a possibility to delete your voice requests one by one. If you do want to bulk delete, you can do that by signing into your Amazon Account and check out your devices under this link https://www.amazon.com/mn/dcw/myx.html?tag=w050b-20.

At KrolLDiscovery, computer forensics is in our DNA. Our analysts have years of experience investigating real cases and obtaining real results in both civil and criminal contexts, and our analysts are recognized experts in the field. If you have an IoT device, or any media type, that needs investigating, we are here to work with your team.

October 2017 Ediscovery Case Summaries

Court Issues Sanctions for Loss of Cell Phone Data by Non-Party, Holding that “Control” for FRCP 37(e) Applies to Non-Parties
Ronnie Van Zant, Inc. v. Pyle, 2017 U.S. Dist. LEXIS 138039 (S.D.N.Y. Aug. 28, 2017)

Court Declines to Impose Sanctions for Litigation Hold that Gave Employees Self-Preservation Discretion
N.M. Oncology & Hematology Consultants v. Presbyterian Healthcare Servs., 2017 U.S. Dist. LEXIS 130959 (D.N.M. Aug. 16, 2017)

Citing “Reasonably Calculated” in Discovery Request is “All Too Familiar, But Never Correct”
Pothen v. Stony Brook Univ., 2017 U.S. Dist. LEXIS 146026 (E.D.N.Y. Sept. 8, 2017)

Court Emphasizes Equal Use of the Rule 26(b)(1) Proportionality Factors
Oxbow Carbon & Minerals LLC v. Union Pac. R.R., 2017 U.S. Dist. LEXIS 146211 (D.D.C. Sept. 11, 2017)

For Productions “Reasonably Usable Form” (and Not “Form Ordinarily Maintained”) Is the Standard for FRCP 34
Ortega v. Mgmt. & Training Corp., 2017 U.S. Dist. LEXIS 3861 (D.N.M. Jan. 6, 2017)

Dutch Data Discovery

The Netherlands is one of the most economically developed countries in the world. Despite being a small country in comparison to others in the EU, the Netherlands is a significant player in the banking and energy sectors and is home to some of the largest corporations in the world. The Netherlands is our next stop, as KrolLDiscovery explores ediscovery in countries around the world.

How is ediscovery unique in the Netherlands?

The Netherlands has no formal requirement for disclosure of electronic documents in legal proceedings (and thus the word “ediscovery” is not regularly used in Dutch legal circles), though international law firms use ediscovery technology in cross-border litigation. For the most part, regulatory matters are the biggest driver for Dutch law firms and corporations when it comes to using ediscovery technology.

The Dutch economy is dominated by companies operating in sectors which are frequently the subject of regulatory investigations such as energy, banking and electronic good manufacturers. Domestically, the Netherlands Authority for Consumers and Markets (ACM) has become very active and has been carrying out an increasing number of dawn raids on businesses, particularly those in the energy, automotive and telecommunications sectors. As an international business center, Dutch subsidiaries of foreign companies or Dutch multinational firms are also vulnerable to scrutiny from international regulators such as the European Commission or foreign authorities such as the U.S. Department of Justice.

This period of increased regulatory activity has caused something of a paradigm shift within Dutch companies when it comes to compliance. In the past it was more common for a reactive approach to be taken whereby companies only used ediscovery technology when under investigation. Now we are finding that companies in the Netherlands are prioritizing internal compliance and dedicating more resources and budget towards implementing schedules of compliance audits.

What data protection and privacy laws affect legal proceedings in the Netherlands?

The Dutch Personal Data Protection Act (Wet bescherming persoonsgegevens [Wbp]) was updated in January 2016. The changes include the ability to impose substantially higher fines for a broader range of violations. The update also introduces various data breach obligations, including the obligation for companies to notify the data protection authorities and affected individuals of any data breach.

Aside from the Wbp, there are other national laws that may affect ediscovery such as the Dutch Telecommunication Act (Telecommunicatiewet, implementing Directive 2002/58/EC on the protection of privacy in the electronic communications sector). Dutch law firms, corporations and ediscovery providers need to be familiar with both these laws and ready themselves for the forthcoming General Data Protection Regulation which will replace the Wbp.

Finally, many Dutch lawyers have concerns about the impact of Brexit and how it might affect transferring data between the United Kingdom and the Netherlands. At the moment, the United Kingdom is one of the Netherlands’ biggest trading partners and so regulatory and litigation cases often involve both Dutch and British companies. Depending on what happens when the United Kingdom and European Union negotiate data protection agreements, Dutch firms may begin choosing ediscovery providers who can offer local data centers or mobile ediscovery solutions to avoid the risk of breaching laws that restrict cross-border data transfers.

What are some examples of best practices for conducting ediscovery in the Netherlands?

  • Consider using a forensics expert for data collection in the Netherlands rather than in-house IT teams.
  • Understand the changes in data protection legislation and be ready for the General Data Protection Regulation.
  • Employ predictive coding technology to manage big data, particularly for competition investigations.
  • Be proactive and prepared for potential dawn raids. The Dutch competition authority is branching out from banking and casting a wider net in its investigations.

How can KrolLDiscovery help?

KrolLDiscovery is your international ediscovery resource, no matter your location on the around world. Read more about predictive coding in Australia and Ireland, ediscovery cooperation in Canada, fighting fraud in France, data protection in the UK, Japan and China, ediscovery practices in Belgium and Germany, and anti-corruption laws in Brazil.

What’s the Deal with WhatsApp? Investigating and Discovering Mobile Device Data

Julian Sheppard and Michele C.S. Lange, KrolLDiscovery, Legaltech News

Editor’s note: this article appeared in Legaltech News.

Analyzing data from mobile devices is still uncharted territory for many in Legal and IT. Accordingly, today’s modern legal and technology professionals need to brush up on all things mobile. This includes understanding where applicable data resides in a mobile device and what common challenges are associated with accessing, preserving and extracting this data.

To make things complicated, mobile devices contain more than just email, text messages and photos — all fully discoverable in litigation and ripe for investigation. Legal teams cannot forget that inter-application (“app”) chat communications may also contain relevant information. Each of these apps store content on the mobile device and function in slightly different manners, creating myriad data preservation, collection and privacy issues.

One such app taking the mobile device world by storm is WhatsApp. This article explores what legal teams need to know about accessing, preserving and extracting mobile data from WhatsApp, in light of recent news and privacy concerns.

The History of WhatsApp

WhatsApp is a stand-alone, cross-platform messaging service for mobile phones. It is marketed as being an inexpensive alternative to carrier-billed text messaging. WhatsApp functions by utilizing a mobile phone’s Internet or Wi-Fi connection. Through this connection, the WhatsApp user can send and receive text, pictures, audio or video.

WhatsApp was created in 2009 and since then has made international headlines by becoming one of the most popular standalone messaging platforms. In June 2013, WhatsApp had 250 million users and its user base keeps growing. WhatsApp’s popularity attracted the social media giant Facebook, which acquired WhatsApp in February 2014, to play a bigger role in the rapidly growing messaging market. At the time that this deal was announced, WhatsApp had 450 million users worldwide.

In 2014, WhatsApp implemented end-to-end 256-bit encryption on Android mobile phones, making it possible for secure communications. When a message is sent through WhatsApp, the messages are automatically “locked” once the user sends the message to the receiver. The message will not be “unlocked” until the receiver opens the message. This type of encryption — where the communication from sender to receiver cannot be decrypted during transit, making interception by a “middle man” virtually impossible — makes it unique from other messaging apps.

WhatsApp stresses in a statement from 2014 that not even the best hacker or the WhatsApp company itself can access and read users’ messages. In 2016, WhatsApp expanded its end-to-end encryption to other types of mobile phones beyond Android. That same year, WhatsApp decided to make a bold change to its privacy policy by modifying its terms and conditions. Unless the user does not agree to the terms and conditions, users will immediately start sharing their data with Facebook and its affiliated companies, such as Instagram. Shared data will consist of users’ phone numbers and the last time they logged onto WhatsApp. The interplay between WhatsApp’s end-to-end encryption and these new privacy terms are leaving many users wondering if WhatsApp communications are truly secure and private.

Despite the change in policy, WhatsApp remains very popular. It is particularly popular in Europe, where unlimited texting mobile plans are less common. Further, WhatsApp is seeking to shift from personal to professional use. Initially designed for personal communications, WhatsApp is trying to acquire a new user base, by having companies adopt the platform, especially if the company has BYOD (bring your own device) or COPE (corporate-owned personally-enabled) policies. Particularly, in some Eastern European countries, WhatsApp has become especially popular for secure business communications because users know it is difficult to access.

WhatsApp Data in Mobile Discovery and Investigations

Drilling into a phone’s memory to attain information, such as WhatsApp communications, requires an advanced level of expertise. This is especially true given the intricacy of the phone and the growing ecosystem of device types. Further, mobile device extraction attempts, including attempts to recover data from WhatsApp, typically require phone passwords, PINs (Personal Identification Numbers) or swipe patterns to gain access to the device. Yet, even with this information, and depending on the mobile device itself, if the message data from WhatsApp is encrypted, it may not be possible to extract the data. Thus, even though mobile phone forensics is a fairly new discipline, an investigator needs a firm grasp on both the diversity of devices available on the market and the security measures used specifically on phones if any data is to be forensically retrieved.

While WhatsApp data may be retrievable from a user’s laptop or a cloud account, these possibilities are rare. As such, it is important to understand how the data may be extracted from the mobile device itself. In any forensic investigation of a mobile device, there are factors that influence what and how much data is retrievable. These factors include: the type of mobile device; the operating system version; the version of the specific app being used; and the type of encryption.

When it comes to retrieving WhatsApp communications on mobile devices, all these factors are intertwined. For instance, extracting WhatsApp data is not the same across all devices, as there are a variety of operating systems and versions of WhatsApp. To further complicate matters, WhatsApp’s messaging options store content in different locations on different mobile devices and each device functions in a different manner.

This lack of standardization is confounding for forensic investigators and case teams involved in the matter. As such, documenting the time and date of the extraction, as well as the operating system and app versions, is critical. Finally, investigators will need the key associated with the local database, which is often inaccessible without special software, in order to decrypt WhatsApp data.

The Debate of the Backdoor and WhatsApp

Currently, there is a major debate among legal and technology professionals about whether or not WhatsApp should have a “backdoor,” likely weakening WhatsApp’s encryption. When a message is transmitted, a backdoor could be used to circumvent the need for a specific encryption key and convert the message into plain text for it to be read by a third party. Discussed below are the viewpoints of both sides discussing whether there should be a backdoor within WhatsApp.

Some security and intelligence agencies prefer WhatsApp to be modified by implementing a backdoor. They argue that this would benefit not only them, but also the public. They claim that by monitoring WhatsApp messages through the backdoor they can detect criminal and terrorist activity.

One major concern of these agencies is the fear that terrorist organizations will use WhatsApp to communicate with each other, because of the security with end-to-end encryption. As a result of WhatApp’s encryption, there has been a recent trend of terrorist organizations using WhatsApp to communicate. In March 2017, a terrorist used WhatsApp moments before carrying out on attack in Westminster, London. This recent attack, and other uses of WhatsApp, has continued to worry these agencies.

Agencies advocate that a backdoor within WhatsApp can have many benefits toward making the public feel more secure. If agencies had access to the messages within WhatsApp, it would give them an advantage to combat criminal activity and terrorist attacks. For example, British Intelligence claimed if they had the ability to read messages communicated by the terrorist back in March 2017, the attack might have been less severe. Thus, if agencies are allowed to monitor messages through WhatsApp, it may help prevent WhatsApp from becoming a safe harbor for terrorist communication.

Weakening End-to-End Encryption

Some security and intelligence agencies believe that modifying WhatsApp by creating a backdoor would be a mistake. Specifically, organizations and individuals will not know in advance whom the government will spy on when they have access to all users’ decrypted WhatsApp messages. This could impact how organizations and individuals communicate with each other.

It has been argued that implementing a backdoor will not help, but only weaken WhatsApp’s end-to-end encryption. There are other ways that agencies may be able to gain intelligence without the expense of sacrificing security, such as bugging rooms, infiltrating surveillance software, etc. Although having a backdoor is easier, it will sacrifice the security of the end-to-end encryption in WhatsApp and could become a slippery slope to backdoors in other apps.

Lastly, some analysts claim that security and intelligence agencies may have trouble monitoring WhatsApp through the backdoor. Malicious conduct may be hard to detect because of WhatsApp’s large user base and the chance of detecting criminal and terrorist activity is minimal. Further, once the public becomes suspicious that backdoors are in place, they are more likely to abandon WhatsApp for a different messaging app that does not have backdoors in place. Thus, by security and intelligence agencies diverting their attention to monitoring WhatsApp, they could lose the public’s confidence in the safety net that end-to-end encryption provides.

WhatsApp’s controversial end-to-end encryption has affected the ways legal and technology professionals access, preserve and extract this data from mobile devices. Although end-to-end encryption is complex, with help from a seasoned forensics investigator, valuable information on WhatsApp may be just a click, swipe or post beneath your fingertips.

Julian Sheppard (julian.sheppard@krolldiscovery.com) is the Director of Computer Forensics for the EMEA region of KrolLDiscovery, based in London, United Kingdom. Michele C.S. Lange, Esq. (michele.lange@krolldiscovery.com) is the Director of Thought Leadership for KrolLDiscovery, based in Minneapolis, Minn. The authors acknowledge the assistance of Christine Barry, KrolLDiscovery law clerk, for her assistance in researching and writing this article.

Inspiration & Innovation from ING3NIOUS: 3 Takeaways from NorCal 2017

Last week, I enjoyed the privilege of speaking on a panel with distinguished colleagues at the ING3NIOUS 2017 NorCal Information Governance Retreat in Carmel Valley, Calif. Our panel was appointed to discuss TAR and what we, as an industry, have learned about using it in legal matters. This session was one among a series of insightful discussions about the needs, direction, impact and practicality of technology in information governance, data security and electronic discovery. Overall, this retreat inspired, challenged and informed everyone in attendance. The scale and setting is more intimate than some other events, which resulted in a healthy exchange of ideas and challenges from experts and innovators in technology and law. Amongst the many great stories and lessons learned, I walked away from the retreat with three major observations.

#1 There’s more work to do with Technology Assisted Review.

As mentioned in my prior blog post, predictive coding and Technology Assisted Review are commonly accepted at this point. Nevertheless, stakeholders continue to evaluate, and have a healthy debate about, the conflicts and merits of related topics such as the appropriate level of disclosure and incorporation of traditional keyword search. Meanwhile, most of the technology itself has had only one major revolution in its 10 years of use. Namely, the ascent from Simple Active Learning (i.e., the first generation of predictive coding) to Continuous Active Learning. Of course, I am honored to be part of a respected and select field of leaders and innovators in predictive coding solutions to deliver these types of enhancements and much more. After synthesizing the discussion from a few of the panels at the NorCal Retreat, it is apparent that while the sufficiency of productions resulting from predictive coding endeavors remain largely unchallenged, there are a number of opportunities for on-going development and enhancement of predictive analytics, which will require a critical focus on both operability and underlying technology to maintain defensibility and enable counsel to focus on the most important content.

#2 Business processes conflict with situational nuances.

Corporate data has tremendous value to be protected and yet to be derived. In fact, there might even be an opportunity cost to not measuring and assigning an intrinsic value to the data itself. For example, consider valuation of data protected from or subject to a breach. Imagine the insurability of data itself under a commonly accepted valuation model. Meanwhile, a practical path to this idea seems as elusive as substantial application of retention policies to electronically stored information. In fact, trends and sentiments continue to suggest that information retrieval and classification are superseding data destruction priorities as search and analytics technology becomes more precise and computing capacity continues to expand. Many reasonably contend that there is risk in letting old data pile up and rightfully cite the fact that 85 percent of corporate data could be redundant, obsolete or trivial. Others contend volume should not dictate value because losing one good item amongst 20 records matters to some. All of these points demonstrate the natural and on-going tension between the demands of disputes and investigations amidst corporate governance in the information age. While information governance professionals, corporate electronic discovery managers, in-house legal operations and technology companies increasingly strive to manage legal matters and electronic discovery in a manner similar to other business processes, outside counsel cautiously, and almost unilaterally, operate around the variables and nuances of different cases and situations, strongly advocating for approaches that are tuned to the situation.

#3 We all hope and need to unify and streamline.

Despite the complications mentioned above, everyone’s strong conviction is that a more effective and consistent set of solutions can be realized. The give-and-take between customized solutions, new technology, preferred providers and pre-defined solutions means there is still a lot of opportunity along with the challenges. Each organization is aiming to adopt and provide unified processes and innovative technology with practical capabilities across the spectrum of information management, data security, case administration, project management and electronic discovery. For every firm or corporation that selects a solution, there are still others with strong preferences and compelling features and value propositions. There is a lot of room, and perhaps even an acute need, to coalesce around a more concise, stable and sustainable portfolio of technology-enabled solutions. This need will continue to ignite outstanding conferences and working groups like Ing3nious (and Sedona, ILTA, EDI, ERDM, ACEDS, IGI, WiE, etc.), where legal and technology professionals can propel the conversations and initiatives associated with these opportunities in our industry.

September 2017 Ediscovery Case Summaries

Court Orders an Aggressive Production Timeline, Citing Efficiencies of TAR
Rabin v. Pricewaterhousecoopers LLP, 2017 U.S. Dist. LEXIS 125404 (N.D. Cal. Aug. 08, 2017)

Court Puts the Brakes on Auto Manufacturer’s Proposed Discovery Protocol Involving an Onerously Restrictive Onsite Inspection
Pertile v. GM, 2017 U.S. Dist. LEXIS 141088 (D. Colo. Aug. 31, 2017)

Court Rules that Asking for Everything is Overly Broad and Unacceptable
Mirmina v. Genpact LLC, 2017 U.S. Dist. LEXIS 90422 (D. Conn. June 13, 2017)

Mere Speculation is Not Enough to Compel an Additional Search for ESI
Mirmina v. Genpact, 2017 WL 3189027 (D. Conn. July 27, 2017)

Privilege Waived as a Result of Reckless Production and Inadequate Clawback Agreement
Irth Sols. v. Windstream Commc’ns, 2017 WL 3276021 (S.D. Ohio Aug. 2, 2017)

Manage Unstructured Data with Unified Archiving: A Case Study

As data volumes grow in today’s digital workplace, so do costs and risks associated with storing large amounts of data for litigation, investigations, regulatory requests, compliance and other requirements. To address these costs and risks, organizations need one technology system to seamlessly address information management, bringing together data from disparate systems while eliminating duplicate data sets. The compliance and ediscovery challenges of one organization are documented in a recent case study, developed by ZL Technologies and KrolLDiscovery.

An Archiving Case Study

A large, international bank, based in Switzerland, operated two instances of a compliance technology solution. These compliance tools were incompatible and incapable of merging, thereby creating an unnecessarily complex compliance process. Also, the bank sought a platform that would facilitate searching for documents across the enterprise to aid in collecting and producing documents in legal discovery matters.

The bank understood that while compliance and ediscovery are often treated as separate functions, the two are closely interrelated and use much of the same data. This relationship led the bank to look for a solution that could offer a single repository for both systems in order to streamline compliance and ediscovery processes. The bank turned to KrolLDiscovery and its partner ZL Technologies to assist in implementing such a solution. Combining KrolLDiscovery’s experts in data management with ZL Technologies’ dynamic information governance platform, enables enterprises to better understand what data they have and where it resides.

The ZL solution was initially deployed in the bank’s Americas region, specifically in the United States and Canada. Once proven successful in these locales, the bank decided to launch the solution in other international locations, deploying it in its Bahamas, Europe and Asia offices. Beyond standardizing on a unified, global compliance and ediscovery technology platform, the bank also established its governance and data management principles as well as compliance and ediscovery workflows, critical goals for the global enterprise.

ZL and KrolLDiscovery: A 10+ Year Partnership

With the ZL Unified Archive platform, KrolLDiscovery helps to eliminate common business problems that go along with the unrelenting growth of data. Recently, KrolLDiscovery and ZL celebrated more than 10 years of partnership helping organizations manage unstructured data for ediscovery, compliance, records management and knowledge management.

A Taste of Ediscovery in Brazil

Olá!

Brazil is the next stop on our 2017 ediscovery world tour. As the only Portuguese-speaking country in South America, Brazil has the largest population, area and economy on the continent. An increase in industrial production, consumer and business productivity, and a stable currency have set the stage for flourishing business opportunities in Brazil, accompanied by heightened volumes of litigation and investigations…ripe for the use of ediscovery technology.

Brazil’s Unique Ediscovery Conditions

Brazil is a civil law jurisdiction, where there is no procedure or requirement to use discovery-like mechanisms in legal proceedings. Additionally, the process of collecting, filtering and reviewing data is unfamiliar to Brazil’s business culture, impaired by the fact that much corporate data is in a hard copy or non-searchable digital format. Given that a considerable volume of data is not in a format that makes ediscovery processing easy and streamlined, many Brazilian corporations view ediscovery processes and expenses as difficult to justify.

This does not mean, however, that ediscovery is absent in Brazil. Collecting and processing data in Brazil is driven mainly by practical necessity due to national and international regulatory investigations, international arbitration issues, mergers and acquisitions of Brazilian companies, and out-of-country litigation extending into Brazil. In all of these legal and regulatory scenarios, Brazilian companies are benefiting from ediscovery technology. Furthermore, in 2014 Brazil passed an anti-corruption law called the “Clean Compliance Act,” compelling some corporations and their counsel to take advantage of ediscovery technology in corporate compliance efforts.

What About Data Protection and Privacy in Brazil?

Currently, Brazil does not have an extensive set of data protection or privacy laws. However, Brazilian statutory law protects narrow classifications of data. For example, the Brazilian Federal Constitution and certain regulations, such as medical rules and consumer codes, contain privacy protections. Furthermore, Brazilian law does not expressly restrict cross-border data transfer, but transferring data out of Brazil is not the norm. Also, there have been recent changes impacting the need for increased security and protection of personal data, such as the Brazilian Internet Law. Lastly, keeping up with changes in Europe and Asia, it is highly expected that Brazil will enact its first over-arching data protection law in the near future.

Around the World with KrolLDiscovery

KrolLDiscovery is your international ediscovery resource, with current information about predictive coding in Australia and Ireland, ediscovery cooperation in Canada, fighting fraud in France, data protection in the UK, Japan and China, and ediscovery practices in Belgium.

Hurricane Harvey: Helpful Tips for Handling Your Data

For what promises to be a long and catastrophic hurricane season, the wrath has just begun with Hurricane Harvey on parts of the United States.  The 2017 hurricane season is set to last until November 30 and is said to be an above-normal season for the Atlantic. According to Live Science, the region has a 70 percent chance of experiencing between 11 and 17 storms this season and between five and nine of these storms may elevate to hurricane status.

As the hurricane season lets loose, there are important steps to keep in mind to increase your odds of a successful data recovery from a wet device. Many flood victims when returning to their homes gather the items important to their lives. Eventually, they might begin to wonder if the important data stored on their electronic devices can be recovered and what they can do to help. Whether you have sacred family photos or important personal documents, understanding how to minimize the damage to your data can be helpful at this time.

We recommend that flood victims fearing loss of their vital information consider the following before assuming that the damage is permanent:

  • Never assume that data is unrecoverable, no matter what it has been through
  • Never attempt to plug in or turn on water-damaged devices
  • Do not shake, disassemble or attempt to clean any hard drive or server that has been damaged; improper handling can make recovery operations more difficult which can lead to valuable information being lost
  • Never attempt to dry water-damaged media by opening it or exposing it to heat, such as from a hairdryer
  • Do not attempt to operate visibly-damaged devices
  • Do not attempt to freeze-dry media
  • Do not use common software utility programs on broken or water-damaged devices
  • For mission-critical situations, contact a data recovery professional before any attempts are made to reconfigure, reinstall or reformat

Data loss is stressful, but dealing with a disaster on top of it is far worse. If you are affected by a hurricane, or other natural disaster, we hope you find these tips helpful in easing the process of your recovery.

 
css.php