Informative Articles About Digital Forensics Litigation Support
Emergence of E-Discovery In Civil Litigation
The law, as a means of administering dispute resolution and criminal accountability, must be able to adapt to revolutions of industry or technology. We are currently in the beginning years of a technological revolution that will only grow and continue to change the way humans live their lives. Computer and internet use have changed the way that people and business think and act. In today’s judicial system, a case (either civil or criminal) is often decided by the evidence produced and discovered prior to trial. As computers have become the integral components of any successful business operation, the records on those computers have become more difficult to discover. Not only because of the difficulty of gaining access to an adversary’s computer records, but also because many seasoned attorneys do not even know what to look for when they do gain access. Adding to the confusion is a lack of guiding procedural and case law. New methods of discovery have hampered older, traditional attorneys who carry with them the knowledge and experience from the days of paper and pen. The old rules are obsolete, and in today’s world if you can not keep up with the technology and developments in the law then you will be left as ineffectual as the paper and pen you hold in your hand. In response to the increased demands for structure in E-discovery, the ABA has proposed new…
Read MoreChallenges in Recovering Deleted Email
Both computer forensics experts and data recovery technicians seek to recover deleted data. Data recovery is primarily interested in bringing back files, while computer forensics tends to dig deeper, looking not just for deleted documents, but also for metadata (data about data – such as file attributes, descriptions, dates, and other information) and meaningful snippets of unrecoverable files. One area of particular interest is email. When most documents are written to a computer’s hard disk, each newly created document has its own directory entry (what the user sees as a listing in a folder). If a file has been deleted, but has not been overwritten by another document, the recovery process is a relatively trivial part of e-discovery or of data recovery. But when the data of interest is from deleted email, the discovery process is likely to differ significantly from that of data recovery. Individual emails are stored differently than individual files. Different types of email programs store data differently on the user’s hard disk and require different schemes for finding useful information. As a result, the deletion of emails and recovering of deleted emails differs not only from that for other types of documents, but also between different types of email programs. There are three main types of email in common usage – Microsoft Outlook (often paired with a Microsoft Exchange Server), text-based email client programs, and web-based email, or webmail.…
Read MoreThe Sedona Conference® Publishes The Sedona Principles Second Edition Addressing Electronic Discovery
The Sedona Conference has published a second edition of its iconic The Sedona Principles: Best Practices Recommendations & Principles for Addressing Electronic Document Production (June 2007), which is available via download at www.thesedonaconference.org. The Sedona Conference is a nonprofit group, created in 1997, to tackle complex legal (primarily litigation) issues. The latest update is a product of Sedona Conference’s Working Group One, an informal, “minithink tank” established in 2002 to provide a forum for jurists, lawyers, experts, and academics to address emerging problems and “best practices” in e-discovery. From an initial membership of about 20, WG1’s roster has grown to several hundred members, including consultant Craig Ball (author of LTN’s Ball in Your Court column); Ariana Tadler, a partner at Milberg Weiss; and Jonathan Redgrave, of Redgrave Daley Ragan & Wagner, among others. I am a founding member of WG1 and served as one of the editors of the update. The original 2004 version of The Sedona Principles established 14 e-discovery “principles.” The revision reflects the ramifications of the 2006 EDD amendments to the Federal Rules of Civil Procedure, and attempts to address the rule changes without compromising the perspective of the original document’s authors. Here are highlights: PRESERVATION STANDARDS The Sedona Principles continue to provide de facto national standards for preservation obligations. Sedona Principle 5 provides that “reasonable and good faith efforts” are required to accomplish preservation, but it is “unreasonable to…
Read MoreAre You Ready for E-Discovery?
If you’re like most of us in IT, you probably have a relatively small number of individuals in your firm that you’re used to working with fairly closely. For example, if you’re a development manager, you probably work closely on a daily basis with the business folks to understand their requirements for the systems you develop. If you’re a network architect, you might work closely with software architects in order to optimize the network to support the applications that people use daily. However, no matter where you are in IT and no matter what firm you work for, chances are that one area of the firm you don’t work closely with is inside counsel — in other words, legal. Now, that’s not to say that there’s never any interaction between these two areas. For example, in the case of human resource investigations or employee terminations, both areas might be brought in to perform a certain role. However, if you’re an IT person and you have a speed dial, chances are that nobody from the legal team is on it. Get ready, though, because new rules for data discovery could be about to change all that. What Is E-Discovery? E-discovery is, simply, discovery of digital evidence. As electronic artifacts — documents, e-mail , instant messages and others — make up the vast majority of correspondence and record-keeping in most firms, it would make sense…
Read MoreReduce E-Discovery Costs: Organize Data Before Litigation Starts
Annually, the lack of policies and procedures assuring easy discovery of all pertinent electronic records is costing companies tens of thousands of dollars in this litigious society. In today’s world, the details of business transactions and negotiations are recorded electronically through e-mails and text messages. Companies of old had clerical staff and warehouses dedicated to document storage and cross indexing. Today, individual hard drives and network servers perform the function of storage, but lack the ability to properly cross index correspondence. Companies should consider encouraging, or even requiring, employees to organize their e-mails and other electronic data in folders corresponding with the transactions in which they relate. Organizing e-mails and other data can make it much easier for counsel to retrieve, filter and evaluate data related to transactions at issue reducing costs. To understand how this works in practice, consider the following scenario: Company A has five employees involved in a transaction that becomes litigious. None of the employees organize their e-mails or electronic data in a way that makes it easy to separate out the data related to the transaction at issue. The lawyers for Company A thus have to pull all of the data off hard and shared drives, and then apply search terms to find the data in question. It would not be unusual for this data to be in the range of 5-10 gigabytes of information. Law firms typically…
Read MoreeDiscovery, IT and What to Do About It
The new Federal Rules of Electronic Discovery will be a burden to IT but you can mitigate the fallout, writes CIO Update guest columnist Michael Sears of Mathon Systems.Have you heard the new Lawyer joke: What do you call a lawyer who likes the new federal rules of eDiscovery? Plaintiff’s counsel. Okay, not very funny. But it makes a point. The new federal rules are changes only lawyers who sue companies tend to like. Other lawyers, like the ones who work in your General Counsel’s office are not that happy about them. And maybe those who work in the CIO’s shop feel the same way. On December 1, 2006, after several years of review by the legal industry, and agreement with the U.S. Supreme Court and the U.S. Congress, new Rules of Electronic Discovery became the model rules that federal courts follow. If history is any guide, state courts will also soon adopt most, if not all, of these provisions. These rules take into consideration the major technical innovations effecting digital files and documents over the past few years. They change the game for storage and records retention, as well ongoing litigation support within your company. It’s critical that you are aware of the impact of these new rules, and understand both the positive and negative consequences of them. Most major corporations today hold more than 3TBs of user data and messages. Trends…
Read Moreimportance of E-Discovery
An interesting story this morning on a importance of E-Discovery by clearwellsystems, Here is the blurb: In my experience, e-discovery does not make the radar screen of most corporate General Counsels (GCs). Typically, it is one many issues left to others (e.g., Chief of Litigation, Director of Litigation Support) within the GC’s group. That may change after the recent verdict in the case of Broadcom vs. Qualcomm. See below for the story, as told by Corporate Counsel in their October issue, with additional commentary from me [added in brackets]: Collateral Damage After a string of punishing legal defeats, Qualcomm Incorporated has switched general counsel. On August 13 the company announced that Carol Lam would replace Louis Lupin as its legal chief [Sounds like he got fired]. The move came a week after a federal judge issued a scorching order accusing Qualcomm and its outside lawyers of “gross litigation misconduct.” [Sounds like a pretty good reason why he got fired] Emily Kilpatrick, Qualcomm’s director of corporate communications, says Lupin is leaving for personal reasons [Isn’t that what they always say?]. “He has been an outstanding leader and contributor to Qualcomm’s success over the past 12 years,” according to Kilpatrick. “However, he has decided to step down as general counsel and take a personal leave.” [a decision most likely made at the request of his boss] Lam, who was hired in February to supervise Qualcomm’s…
Read MoreThe ethics of computer-based electronic evidence recovery
Technology is present in every aspect of modern life. Information Technology is constantly growing & every new development gets a larger role in our lives. Criminals are exploiting the same technological advances which are driving forward the evolution of society. Computers can be used in the commission of crime, they can contain evidence of crime and can even be targets of crime. Understanding the role and nature of electronic evidence that might be found, how to process a crime scene containing potential electronic evidence and how an agency might respond to such situations is crucial. It cannot be over emphasized that the rules of evidence apply equally to computer-based electronic evidence as much as they do to material obtained from other sources. It is always the responsibility of the case officer to ensure compliance with legislation and, in particular, to be sure that the procedures adopted in the seizure of any property are performed in accordance with statute and current case law. Electronic evidence is valuable evidence and it should be treated in the same manner as traditional forensic evidence with respect and care. The recovery of evidence from electronic devices like computers, tapes, CD/DVD, flash drives, is now firmly part of investigative activity in both public and private sector domains. The methods of recovering electronic evidence, whilst maintaining evidential continuity and integrity may seem complex and costly, but experience has shown that,…
Read MoreCollecting Personal Data for E-Discovery
A huge component of e-discovery relates to electronic files that are created and stored every day by employees – e-mails, word documents, spreadsheets, presentations and more. Oftentimes, it is inadvertent spoliation or omission of such files in discovery that results in undesired sanctions and even default judgments. Thus, developing sound methodologies for identifying, preserving, and collecting files from personal data repositories is a key component of being litigation ready.Know what data exists and where The first consideration in improving an organization’s litigation readiness is to identify where and how personal data is being created and stored. What applications are used to create messages and/or documents throughout the organization? Are application programs centrally managed to limit the types or versions being used? Once electronic information is created, where are files being stored? Are they on desktop and laptop computer hard drives, mapped network share drives, portable flash drives or other removable media? Are document management systems, such as SharePoint sites or other collaboration repositories utilized? Are portable computing devices being used, such as PDAs, Blackberries or smart phones? Do employees use computers at home for business? For these systems, it’s important to ask the following questions: Are personal files backed up for disaster recovery? Where are backup files stored? Are entire hard drives backed up or only those files stored in “My Documents”? Are the back-up processes automated and scheduled or do they rely…
Read MoreAntiforensics Practices Can Complicate E-Discovery Investigations
With the rise of e-discovery, attorneys have necessarily become acquainted with the inner workings of computer systems. File system metadata is often crucial to proving critical points at trial, and computer forensics has shown itself to be an essential tool for discovering lost files and revealing hidden metadata. But as the lawyers and investigators grow more sophisticated in their search for information, so do the people wishing to hide their misdeeds and confuse those on their trail. “Antiforensics” – an approach to computer hacking meant to make detection difficult and proof of detection next to impossible – stands to make life miserable for attorneys and computer forensics experts in the coming years. In practice, antiforensics can involve sophisticated software and methods, but can also include the use of simple hacks and workarounds that can hide files and even change file system metadata. Much of the antiforensics software out there is readily available and intuitive to operate, making it more and more likely that e-discovery investigations will overlook crucial evidence as a result of antiforensic techniques. The simplification of antiforensic software tools makes up a large part of the reason for the recent upswing in the use of antiforensic practices. For instance, there are user-friendly tools that can change the timestamp of a file to make it look like the file was created in the future, accessed twenty years ago and never modified. This…
Read MoreContact us
(Free initial consultation – no spam)
Contact form (1)
"*" indicates required fields