Law and Computer Security E-Discovery Bahareh Rahmani CS - University of Tulsa.

Slides:

Advertisements

Similar presentations

Williams v. Sprint/United Management Co.

Advertisements

The Evolving Law of E-Discovery Joseph J. Ortego, Esq. Nixon Peabody LLP New York, NY Jericho, NY.

United States District Court for the Southern District of New York, 2004 District Justice Scheindlin Zubulake v. UBS Warburg LLC Zubulake V.

Qualcomm Incorporated, v. Broadcom Corporation.  U.S. Federal Court Rules of Civil Procedure – amended rules December 1, 2006 to include electronically.

Considerations for Records and Information Management Programs in Light of the Pension Committee and Rimkus Consulting 2010 Decisions.

Litigation Holds: Don’t Live in Fear of Spoliation Jason CISO – University of Connecticut October 30, 2014 Information Security Office.

BUS VIDEO RECORDINGS COLLECTION – PROCESSING - REDACTION - SHARING WHAT IS RIGHT FOR YOUR DISTRICT?

E-Discovery New Rules of Civil Procedure Presented by Lucy Isaki January 23, 2007.

INFORMATION WITHOUT BORDERS CONFERENCE February 7, 2013 e-DISCOVERY AND INFORMATION MANAGEMENT.

Cache La Poudre Feeds, LLC v. Land O’Lakes, Inc.  Motion Hearing before a Magistrate Judge in Federal Court  District of Colorado  Decided in 2007.

Q UINCY COLLEGE Paralegal Studies Program Paralegal Studies Program Litigation and Procedure Discovery: Overview and Interrogatories Litigation and Procedure.

A PROACTIVE APPROACH TO E-DISCOVERY March 4, 2009 Presented to the Corporate Counsel Section of the Tarrant County Bar Association Carl C. Butzer Jackson.

5 Vital Components of Every Custodian Interview David Meadows, PMP, Managing Director – Discovery Consulting, Kroll Ontrack Dave Canfield, EJD, Managing.

E-Discovery for System Administrators Russell M. Shumway.

W W W. D I N S L A W. C O M E-Discovery and Document Retention Patrick W. Michael, Esq. Dinsmore & Shohl LLP 101 South Fifth Street Louisville, KY

1 ELECTRONIC DATA & DISCRIMINATION INVESTIGATIONS Peter J. Constantine U.S. Department of Labor Office of the Solicitor.

EDiscovery and Records Management. Records Management- Historical Perspective- Paper Historically- Paper was the “Corporate Memory” – a physical entity.

1 Structuring your Information Management to Ensure Litigation Readiness Julian Ackert, Principal Washington DC John Forsyth, HBOS Edinburgh Andrew Haslam,

Developing a Records & Information Retention & Disposition Program:

Educause 2009 Data Administration Constituent Group November 5th, /5/20091Educause DASIG Constituent Group.

Electronic Communication “ Litigation Holds” Steven Raskovich University Counsel California State University PSSOA Conference – March 23, 2006.

1 E-Discovery Changes to Federal Rules of Civil Procedure Concerning Discovery of Electronically Stored Information (ESI) Effective Date: 12/01/2006 October,

Electronic Discovery (eDiscovery) Chad Meyer & John Vyhlidal ConAgra Foods.

Grant S. Cowan Information Management & eDiscovery Practice Group.

Avoiding the Iceberg Sean Regan October 2008.

* 07/16/96 The production of ESI continues to present challenges in the discovery process even though specific rules have been drafted, commented on, redrafted.

1 EDMS 101 Speaker: Monica Crocker, DHS EDMS Coordinator Overview of current project(s) Objective of this section: This session outlines EDMS fundamentals.

HIPAA PRIVACY AND SECURITY AWARENESS.

E-Discovery PA230: Unit 9.

Copyright© 2010 WeComply, Inc. All rights reserved. 9/19/2015 Record Management.

Visual Evidence / E-Discovery LLC Visual Evidence / E-Discovery LLC 60th Annual Meeting of the Ohio Regional Association of Law Libraries E-Discovery &

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

Discovery III Expert Witness Disclosure And Discovery Motions & Sanctions.

E-Discovery in Health Care Litigation By Tracy Vigness Kolb.

Unit 9: E-Discovery. What is E-Discovery The term e-discovery refers to electronic discovery (also called e-discovery or ediscovery) refers to any process.

Unit 9: E-Discovery. What is E-Discovery The term e-discovery refers to electronic discovery (also called e-discovery or ediscovery) refers to any process.

Ecords Management Records Management Paul Smallcombe Records & Information Compliance Manager.

EDiscovery, Records Management and Records Retention.

Rewriting the Law in the Digital Age

Computer Forensics Principles and Practices

2009 CHANGES IN CALIFORNIA DISCOVERY RULES The California Electronic Discovery Act Batya Swenson E-discovery Task Force

Meet and Confer Rule 26(f) of the Federal Rules of Civil Procedure states that “parties must confer as soon as practicable - and in any event at least.

Against: The Liberal Definition and use of Litigation Holds Team 9.

S-1 © RGP & UW-CISA 2010 Business & Technology Environment Summer 2010 Robert G Parker.

The Challenge of Rule 26(f) Magistrate Judge Craig B. Shaffer July 15, 2011.

Rambus v. Infineon Technologies AG 22 F.R.D. 280 (E.D. Va. 2004)

Cache La Poudre Feeds, LLC v. Land O’Lakes, Inc. 224 F.R.D. 614 (D. Colo. 2007) By: Sara Alsaleh Case starts on page 136 of the book!

EDiscovery Preservation, Spoliation, Litigation Holds, Adverse Inferences. September 15, 2008.

CORPORATE RECORDS RETENTION POLICY TRAINING By: Diana C. Toman, Corporate Counsel & Assistant Secretary.

Mandatory online training. intro why we are doing this why you should care what we hope you get out of this.

Defensible Records Retention and Preservation Linda Starek-McKinley Director, Records and Information Management Edward Jones

Digital Government Summit

Records Management for Paper and ESI Document Retention Policies addressing creation, management and disposition Minimize the risk and exposure Information.

Electronic Discovery refers to the discovery of electronic documents and data…including , web pages, word processing files, computer databases, and.

Coleman (Parent) Holdings, Inc. v. Morgan Stanley & Co., Inc. Not Reported in So.2d, 2005 WL (Fla.Cir.Ct.) Ediscovery, Fall 2010 Francis Eiden.

Legal Holds Department of State Division of Records Management Kevin Callaghan, Director.

E-Discovery And why it matters to a SSA. What is E-Discovery? E-Discovery is the process during litigation of discovering information relevant to litigation.

U.S. District Court Southern District of New York 229 F.R.D. 422 (S.D.N.Y. 2004)

EDiscovery Also known as “ESI” Discovery of “Electronically Stored Information” Same discovery, new form of storage.

Title of Presentation Technology and the Attorney-Client Relationship: Risks and Opportunities Jay Glunt, Ogletree DeakinsJohn Unice, Covestro LLC Jennifer.

Unit 9: E-Discovery. Hey, this is our last time together ahhhhhhhhhhhhhhhhh shucks! Don’t split before you make an appearance in Unit 10

Introduction to Legal Technology Dennis J. Kehm, Jr.

Heartland Surgical Specialty Hospital, LLC v. Midwest Division, Inc 2007 WL (D. Kan. Apr. 9, 2007)

CITY OF PHOENIX RECORDS MANAGEMENT AND E-PRIVACY Margie Pleggenkuhle City Clerk Department March 18, 2004.

Unit 9: E-Discovery. Topic for Seminar Assignments due this week E-Discovery Wrap-up.

Morgan Stanley Team 2. Background Coleman (Parent) Holdings, Inc. v. Morgan Stanley & Co., 2005 LEXIS 94 (Fla. Cir. Ct. March 23, 2005.) The jury returned.

Leveraging the Data Map – A Case Study November 15, 2016

Litigation Holds: Don’t Live in Fear of Spoliation

Electronic Discovery Sabrina Jones 4/14/2011.

Presentation transcript:

Law and Computer Security E-Discovery Bahareh Rahmani CS - University of Tulsa

Definition Data ClassificationFirst Ground EDRMIT DepartmentPenalties

Electronic discovery refers to any process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a civil or criminal legal case. E-Discovery can be: carried out offline on a particular computer done in a network Court-ordered or government sanctioned hacking for the purpose of obtaining critical evidence E-discovery is an evolving field that goes far beyond mere technology. It gives rise to multiple legal, constitutional, political, security and personal privacy issues, many of which have yet to be resolved.

Electronic discovery When a company is sued, the parties in the lawsuit ask for documents and other evidence from each other so they can fully explore the facts of the case prior to a trial. E-discovery is the process of exchanging documents and other information in electronic form. Lawyers define this as electronically stored information (ESI). It involves: 1- identifying, 2- locating, 3- retrieving, 4- handing over the requested information. Because the lion's share of corporate information is now stored electronically, e-discovery can be a complicated, time-consuming and expensive process.

Why digital data? 1.electronically searched with ease, whereas paper documents must be scrutinized manually. 2.difficult or impossible to completely destroy, particularly if it gets into a network. 3.the data appears on multiple hard drives and because digital files, even if deleted, can be undeleted. 4.the only reliable way to destroy a computer file is to physically destroy every hard drive where the file has been stored.

Data Classification A tool for categorization of data to enable/help organization to effectively answer following questions: 1- What data types are available? 2- Where are certain data located? 3- What access levels are implemented? 4- What protection level is implemented and does it adhere to compliance regulations?

Data Classification's steps 1- Define what information you want to protect (specifically, not general data classification) 2- Discover where it’s located (various tools/techniques, preferably automated, like DLP, rather than manual) 3- Secure the data where it’s stored, and/or eliminate data where it shouldn’t be (access controls, encryption) 4- Monitor data usage (various tools, including DLP, DAM, logs, SIEM) 5- Protect the data from exfiltration (DLP, USB control, security, web gateways, etc.)

Data types data of all types can serve as evidence: This can include: 1- text, images, calendar files, databases, spreadsheets, audio files, animation, Web sites and computer programs. 2- malware such as viruses, trojans and spyware can be secured and investigated. 3- can be an especially valuable source of evidence in civil or criminal litigation, because people are often less careful in these exchanges than in hard copy correspondence such as written memos and postal letters.

Computer(CYBER) forensics a specialized form of e-discovery in which: 1.an investigation is carried out on the contents of the hard drive of a specific computer. 2.physically isolating the computer, investigators make a digital copy of the hard drive. 3.the original computer is locked in a secure facility to maintain its pristine condition. 4.All investigation is done on the digital copy.

First ground of e-discovery 2003: securities giant UBS Warburg was sued by one of its salespersons in what seemed to be a fairly commonplace employment discrimination suit. The way the company handled its electronic information once the suit was filed landed it in deep trouble, however. 2004: a court found that UBS Warburg failed to save s that might have been used as evidence against it and ordered the company to pay the employee $29.3 million. The landmark case, Zubulake v UBS Warburg, broke new ground for electronic data that must be produced during a lawsuit, a requirement known as electronic discovery, or e-discovery. Since then, the law and practice surrounding the legal obligations for handling e-discovery have continued to evolve.

State farm policy State Farm wanted control over and consistency within its e-discovery process. By keeping 25 years' worth of documents in production systems fronted by a master management system, the company greatly reduced the cost of responding to lawsuits. insurer of homes and automobiles keeps anything that might matter: s, 100% of the attachments of its claims officers, paper and electronic documents dating back 25 years, even the latest iterations of its human resources Web pages. The voluminous cache, meticulously imaged and coded, is stored centrally in an active system that is searched regularly as litigation arises.

Electronic Discovery Reference Model (EDRM) 1- Developed in 2005 by George Socha Jr., founder of St. Paul, Minn.-based Socha Consulting LLC, and Tom Gelbmann, managing director of Gelbmann & Associates in Roseville, Minnesota. 2- A framework that outlines standards for the recovery and discovery and of digital data. 3- Designed to serve as guidance for gathering and assimilating electronic data during the legal process, including criminal evidence discovery. 4- A conceptual standard for the e-discovery process.

EDRM steps 1. Information management: Implement data governance processes that alleviate risk and expenses in the event of an electronic discovery request. 2. Identification: Locate sources of information to determine exactly what the data is, and how it needs to be managed. 3. Preservation: Ensure potentially e-discovery-relevant ESI is properly stored using measures such as retention and deletion schedules. 4. Collection: Gather information for e-discovery use. 5. Processing: Reduce the volume the relevant ESI and convert it for review and analysis. 6. Review: Determine the data's e-discovery relevance. 7. Analysis: Evaluate the ESI for content and context, including key patterns and topics. 8. Production: Deliver the ESI to relevant parties. 9. Presentation: Display data findings at depositions, hearings, trials, etc.

IT department 1- Where, when, why and how the company stores and destroys data as well as how to retrieve it. 2- The IT team's role has to begin with information management, well before there's any hint of litigation. 3- Successful e-discovery that minimizes costs relies on an organization's information management strategy, namely its data retention/destruction policy and data management system. Experts advise that: 1- IT professionals familiarize themselves with the basics of e-discovery law and legal terms. 2- An organization's IT and legal departments collaborate on important policies and procedures for e-discovery, such as which formats data should be archived in or how long to store metadata.

Penalties The UBS Warburg case set a precedent for identifying, preserving and producing s and implementing litigation holds. Other high-profile cases have subsequently resulted in heavy sanctions for spoliation.  PricewaterhouseCoopers was penalized with a $345 million judgment for not preserving materials under a litigation hold.  Morgan Stanley was ordered to pay $1.45 billion following a ruling of e-discovery violations, although the ruling was later overturned. Monetary damages aren't the only penalties for noncompliance. Failure to comply can also result in a company's own employees being barred from testifying or other evidence being excluded. Noncompliance can also lead to an "adverse influence" jury instruction that can cost a company the case.

Penalties Judges have held also companies in contempt for not fully complying with e-discovery rules. 1- A judge in Louisiana recently called Dell Inc.'s e-discovery conduct "unconscionable" after learning that the company's search efforts in an ongoing case did not include words such as camera. 2- Arthur Andersen was handed a criminal conviction for obstructing justice for shredding records just before being handed a subpoena from the U.S. Securities and Exchange Commission. Even though it was later reversed, the impact of this charge played a large part in forcing the company to shut down and ushered in the conditions for the Sarbanes-Oxley Act.