TERIS partner Nuix, and EDRM, the leading standards organization for the eDiscovery and information governance market, announced yesterday that they republished the EDRM Enron PST Data Set after cleansing it of private, health and personal financial information. Nuix and EDRM have also published the methodology Nuix's staff used to identify and remove more than 10,000 high-risk items at nuix.com/enron.
The EDRM Enron data set is an industry-standard collection of email data that the legal profession has used for many years for electronic discovery training and testing. It was sourced from the Federal Energy Regulatory Commission's investigation into collapsed energy firm Enron. In early 2012, the EDRM Enron PST Data Set and the EDRM Enron Data Set v2 became an Amazon Web Services Public Data Set, making them a valuable public resource for researchers across a variety of disciplines.
"Recently, we have been working closely with Nuix to cleanse the data set of private information about the company's former employees and make the cleansed data set readily available to the community," said George Socha and Tom Gelbmann, co-founders of EDRM. "These efforts help to protect the privacy of hundreds of individuals and we encourage anyone who finds private data that we did not remove to notify us."
Using a series of investigative workflows on the EDRM Enron PST Data Set, Nuix consultants Matthew Westwood-Hill and Ady Cassidy identified more than 10,000 items including:
60 items containing credit card numbers, including departmental contact lists that each contained hundreds of individual credit cards
572 containing Social Security or other national identity numbers—thousands of individuals' identity numbers in total
292 containing individuals' dates of birth
532 containing information of a highly personal nature such as medical or legal matters.
Many items contained multiple instances and types of information. This included departmental contact list spreadsheets with dates of birth, credit card numbers, Social Security numbers, home addresses and other private details of dozens of staff members.
The investigative team also clearly demonstrated that these items did not stay within the Enron firewall. For example, some staff emailed "convenience copies" of documents containing private data to their personal addresses.
"Nuix and our partners have conducted sweeps for private and credit card data for dozens of corporate customers and we are yet to encounter a data set that did not include some inappropriately stored personal, financial or health information," said Eddie Sheehy, CEO of Nuix. "The increasing burden of privacy and data breach regulations, combined with the strict requirements of credit card companies, make this an unacceptable business risk.
"Using the methodology we are publishing alongside the cleansed EDRM Enron data, organizations can identify private and financial data, find out if it has been emailed outside the firewall and take immediate steps to remediate the risks involved."
Nuix is currently applying the same methodology to the EDRM Enron Data Set v2, which it will also republish at nuix.com/enron.
Nuix will host a Twitter chat to discuss the release of the cleansed EDRM Enron PST Data Set on Thursday, May 23rd 2pm – 3pm ET. Nuix experts will describe the process of identifying unsecured financial, health and personally identifiable information in corporate data. Follow the hashtag #NuixChat and send in your questions beforehand to @nuix.
Download the latest TERIS white paper:
By Alexander Lubarsky, Esq.
Just when we thought that we were beginning to grow familiar with the 2009 Electronic Discovery Act, the State of California had to go and promulgate some new rules pertaining to ESI to keep us E-Disco dancers moving to that changing beat.
On January 1, several new changes went into effect for the California Code of Civil Procedure. The approved amendments address the production and discovery of ESI (electronically stored information) and protections for privileged communications. Understanding these important changes is critical to ensuring best practices for in-house counsel, and effective collaboration with outside counsel. Furthermore, having a firm grasp of the new rules always makes one appear more prepared and persuasive before the judge at a status conference or when arguing a motion - and similarly allows the ESI-rule-enlightened counsel to present himself or herself as a more fearsome adversary at the California EDA required Rule 3.724 meet and confer/status conference.
In California, it has long been the standard practice to maintain a log of all privileged documents. Although many California courts have requested production of this privilege log, the new additions to the Code of Civil Procedure now require that these logs be maintained and produced by law. Additionally, if an objection to the claim of privilege is filed, the withholding party must supply sufficient proof that the claims are merited.
The question of what constitutes “sufficient factual information” remains unanswered by California case law. However, a privilege log may be able to fulfill this requirement, according to the recent amendment.
ESI: Production and Discovery
Modern business practices call for new legislative changes; the old guidelines relating to physical documentation are insufficient to address the many issues that arise when handling electronically stored information. To this end, several provisions of California’s Code of Civil Procedure were amended specifically to address the production and discovery of ESI.
ESI now falls under the scope of items that must be produced upon subpoena. Previously, only physical items were bound by these laws. This marks a dramatic shift for future litigation; subpoenas may now request access to databases and computers in order to retrieve relevant ESI.
The new amendments also provide guidelines for objections if the source material were not reasonably accessible, or if responding to such a subpoena would cause undue cost burdens. In this case, the court may order evidence production and allocate the expenses to the requesting party.
Also, while the court has always been allowed the order of sanctions for parties who fail to comply with these discovery requests, the new amendments specify that sanctions cannot be issued for failure to produce ESI if the data in question has been altered, overwritten, damaged or lost due to routine maintenance when operating in good faith.
A court generally has the discretion to issue sanctions for the failure to comply with discovery requests. Under the new amendments, however, a court may not issue sanctions for the failure to produce electronically stored information that has been lost, damaged, altered or overwritten as the result of routine, good faith operation of an electronic information system.
Although it’s taken six years for them to catch up, California’s updated Civil Procedures now more closely mirror the Federal Rules of Civil Procedure. A new appreciation for the central role of ESI both in daily operations and during litigation is establishing new precedents for future legal proceedings.
TERIS has the tools and experience needed to create Privilege Logs, utilizing customized review tools to automate the process that meet the requirements of California’s State and Federal rules.
In March 2013, an analyst and data company called 451 Research released a report on eDiscovery practices. This report surveyed 2,320 respondents who represented a combination of large, small, and midsized organizations. The report covered such areas as enterprise IT, asking tough questions about how these businesses approach the access, management, and retention of their data.
The 451 Research report states that less than half of the study respondents believed that information management was important for their enterprise. In general, larger organizations felt more strongly about managing their data properly compared to smaller companies. Only 32% of respondents who were in senior management felt a need for clear information management strategies, while over half of the respondents who were IT staff felt that setting up these strategies were important. With senior management, rather than IT staff, making the financial decisions about internal developments, the numbers indicated that future investment in information governance among those particular organizations was unlikely.
A survey conducted by AIIM (Association for Information and Image Management) specifically on information governance, reports that 31% of their respondents reported having problems with audits, regulating bodies, and courts due to issues with poor data storage and organization. Rather than taking a look at making existing processes more efficient, over a quarter of those surveyed reported that they just bought additional storage in response to increased data management needs. In addition, one-third of the surveyed enterprises said that 90% of their current IT expenditures are not adding value to their business.
The AIIM survey respondents also stated that most of their employees are likely to have multiple copies of files and emails across their devices (mobile, laptop, and desktop), and yet 12% of respondents still lack any official archiving policy for company emails. Companies, who do have these types of policies already in place, are often still conducting eDiscovery searches manually in the event of litigation. Many businesses have yet to implement official information governance policies, while those who do have them are not enforcing them, and/or are not training their staff to follow the new guidelines.
The 451 Research report respondents added that social media and the greater variety of types of data companies use today are making eDiscovery considerations much more complicated than previously. AIIM reports that 42% of their respondents are actually seeing increases in terms of physical paperwork, rather than moving toward paperless operations. Additionally, those surveyed are reluctant to move away from paper records and aren’t quite ready to trust the security of their record storage to cloud services providers.
To read more about Information Governance, download our most recent white paper: Information Governance: Managing Risks & Rewards.
Implementing an effective information governance strategy is one of the ways an enterprise can help protect itself against potential litigation. And yet, according to some recent surveys, many organizations remain either ignorant or unwilling to adopt a wide-reaching internal information governance strategy.
Download our newest white paper and learn important tips and developments in this area, including:
- How to reduce risks
- eDiscovery responsibilities
- Social media guidelines
- Key court case studies
- Future implications
Although it’s tempting to brush this responsibility ‘under the rug,' failing to assess your information governance needs appropriately can lead to liabilities, sanctions, and significant and costly penalties.
Click below to download your free copy today!
The Rules of Court, Black Letter law and 2013 Case Law pertaining to the electronic discovery landscape have evolved and changed at a lightning pace.
TERIS' latest CLE approved (general and ethics) seminar New & Newer Rules: Pertaining to eDiscovery in California is coming up next Thursday, May 16th, 2013 in Palo Alto, CA. This seminar will explain and analyze both the recent mandatory procedures as well as best practices so that the attorney or paralegal charged with navigating the electronic discovery process will remain compliant. TERIS' own Alexander H. Lubarsky, LL.M., Esq., will be speaking at the event.
Date: Thursday, May 16, 2013
Location: 2455 Faber Place, Suite 200, Palo Alto, California
Complimentary Wine & Cheese
Register online here!
By doing your research upfront, you can deal with e-discovery without breaking your budget. There are a number of ways that you can cut costs and avoid significant financial set back. Below are nine tips that can help you save money - while still meeting all of your e-discovery needs and responsibilities.
- Streamline your e-discovery operations.
- Pare your procedures down to what is absolutely necessary. Sometimes with e-discovery, services or products might appear necessary initially, but prove to be superfluous upon more closely looking into the process.
- Become familiar with your options
- To find the most effective ways of handling ESI and electronic discovery procedures, you should familiarize yourself with the technology and processes available. You can acquire this familiarity by browsing through Internet articles on the subject, following blogs, and perusing the websites of service and product providers.
- Consult experts
- In the long run, it might prove better to seek the advice and expertise of a professional rather than taking the risk by handling e-discovery matters yourself. You could find that you've overlooked a particular electronic discovery need or that you've purchased a piece of software or equipment that doesn't properly meet your needs.
- Understand the process and how it relates to your needs.
- This is another aspect of electronic discovery that often takes a lot of research. Knowing the e-discovery process and applying it to your unique situation will help you make more informed decisions when purchasing services and/or solutions.
- Divide and conquer
- Leverage the combined knowledge of your firm by holding a meeting to deal with the electronic discovery issues at hand. Assign stakeholders research duties into particular solutions and products, become knowledgable and share the knowledge among the team.
- Keep up with the news and note electronic discovery changes
- Electronic discovery and ESI are still somewhat new and developing procedures, and rulings and regulations regarding electronic discovery are still changing on a regular basis. If you want to minimize your electronic discovery costs, it is imperative that you are aware of any new development in electronic discovery so you can discontinue a function if you no longer are responsible for it.
- Listen to your IT staff
- The team who best understands electronic discovery and the demands it places on your firm might just be your IT staff. They will be familiar with searching for data in your firm's computers and they will be able to critique a package of e-discovery software on its merits and flaws.
- Determine the best production format for your situation
- When you are in position to dictate the production format, consider which is best. You may be most familiar with one to two types of formats – but there are other options that can result in efficiencies and savings.. Weigh the pros against the cons and go with the option that gives you an advantage.
Although electronic discovery can place a burden on a firm, there are many ways to reduce costs and simplify the process. Being vigilant and putting sufficient time and effort into researching the possibilities can help you find affordable and practical electronic discovery solutions. The tips explained above are just some basic ways to save time and money in electronic discovery – but there are obviously many others.
Make no mistake, today’s e-discovery environment is complex and rapidly evolving. Without the right vendor, performing e-discovery services can be a costly and risky venture. But partnering with a trusted, sophisticated litigation support provider that specializes in e-discovery services can turn a risky venture into a smooth process.
Change Is the only Constant: Don’t Be Left Behind.
The e-discovery market is constantly changing. Every year, there is a new a class of e-discovery technology focused on addressing some section of the EDRM. These technologies can become outdated quickly. Case in point, judges have accepted technology-assisted review of data only recently. See Da Silva Moore v. Publicis Groupe, Civ. No. 11-1279 (ALC)(AJP), 2012 WL 607412 (S.D.N.Y. Feb. 24, 2012); Global Aerospace, Inc. v. Landow Aviation, L.P., Case No. CL 61040 (Vir. Cir. Ct. April 23, 2012); In re Actos (Pioglitazone) Prods. Liab. Litig., 2012 WL 3899669 (W.D.La. July 30, 2012). But it is anticipated to become the norm quickly in 2013.
Invest in an expensive limited solution in-house, you may end up with quickly outdated and unsupported technologies. Partner with an e-discovery vendor who uses cutting-edge e-discovery technology and knows the ins and outs of e-discovery services, save your capital investment and the time and effort otherwise spent in constantly trying to optimize it.
In-Sourcing May Be Inefficient and Expensive.
In-sourcing expenses add up quickly. Starting an in-house e-discovery department includes the time and expense of finding, training and attempting to keep qualified employees; purchasing or leasing equipment and consistently updating your chosen e-discovery tool -- not to mention spending a considerable amount to license it. You also will need to improve your equipment to keep pace with the latest e-discovery technology requirements. All this for a service you may not even use on a consistent basis.
With outsourcing, you only pay for e-discovery services when you need them. Moreover, vendors offer alternative fee arrangements that may help keep down litigation costs.
It should be noted that a majority of law firms and corporations, at the very least, outsource data hosting. With its concomitant installation, maintenance and security issues; firms do not have the bandwidth nor the resources to deal with the hassles of data hosting.
Outsourcing Leverages E-Discovery Expertise . . .
E-discovery services are technical and require expertise and know how. At a trusted vendor, highly-skilled e-discovery specialists perform e-discovery work every day and have seen and solved the gamut of e-discovery issues. Last year, most e-discovery sanction cases resulted from corporations committing errors resulting from their inability to deal with voluminous data. A sophisticated vendor is an expert in dealing with large volumes and has established workflow and protocols in place to avoid such costly errors.
Centralized discovery management also provides the benefit of reducing the errors and costs typically associated with transmitting data.
. . . And Robust Security.
At this year’s LegalTech conference, an expert in law firm data security noted that “law firms are the soft underbelly” to their clients’ data. He explained that cyber-criminals do not even dispatch their best to hack into law firm data. Evan Koblentz, “LegalTech Day One: Relativity 8, Statistical Sampling, Law Firm Security,” Law Technology News, January 30, 2013, http://www.law.com/jsp/lawtechnologynews/PubArticleLTN.jsp?id=1202586212889&thepage=3. Firms may minimize the risk of compromising their clients’ sensitive data by partnering with a vendor who employs a rigorous data security protocol that has been audited and certified by a recognized independent third party.
Such a trusted vendor, with its expertise, efficiency and security, may ease navigation of a constantly changing data world.
Richard Saldivar, President Arizona/Texas, recently announced that Marquis R. McElvine joined the Phoenix office as Senior Litigation Technology Engineer.
According to Mr. Saldivar, "TERIS’ core belief is to hire employees with exceptional industry experience so clients will experience individualized best-in-class customized solutions that allow them to pay for only what they need. We strive to be an integral part of our client’s firm and to act as their right arm. Our newest hire, Marquis holds advanced experience in managing and working with eDiscovery matters. His knowledge and expertise related to search technology, document preservation, technology vendor relationships, legal consulting, record management, governmental and regulatory agencies, and historic media analysis is noteworthy."
Marquis is proficient at using Nuix for processing and searching before loading results into Relativity and is a proven expert in computer literature, SQL, C++, Nuix, EnCase, FTK, Attenex, Viewpoint, Clearwell, eCapture/IPRO, iCONECT, Summation, and Concordance. He held positions of increasing responsibility at companies including eLitigation Solutions where he managed a team which provided application training, support, and demonstrations for internal and external clients; Forensics Consulting Solutions, where he served as the Operations Manager; Renew Data, forensic/data hosting; and RLS Legal Solutions of which Mr. Saldivar was the President for ten years.
“Richard Saldivar has a reputation for honesty, determination and authenticity. I witnessed first hand how he grew RLS Legal Solutions to become an industry leader and how he develops excellence in employees to provide remarkable value and service to clients. I am privileged to learn, grow and be a part of the TERIS Phoenix team,” states Marquis.
Marquis achieved a Bachelor of Science in Computer Engineering with a Minor in Mathematics from Johnson C. Smith University in Charlotte, North Carolina.
TERIS has seven regional locations throughout the United States. Founded in 1996, TERIS provides eDiscovery, Information Governance, Relativity and Computer Forensics solutions to corporate legal teams and law firms across the U.S. and internationally. TERIS’ staff of almost 300 was named one of the top 20 eDiscovery service providers in 2008 by industry researcher Socha-Gelbmann.
The complexities of eDiscovery make constantly following recent eDiscovery news and developments a necessity for most legal professionals. eDiscovery is a part of all forms of litigation and continues to grow and evolve at an astounding rate.
Fortunately, there are a number of blogs that track eDiscovery developments and we've compiled a list of 20 (in no particular order) we think are worth bookmarking to stay updated on recent news.
1. Electronic Discovery Law- Published by K&L GATES and chock full of great information; this blog/Web site is made available by the contributing lawyers or law firm publisher solely for educational purposes to provide general information about general legal principles and not to provide specific legal advice applicable to any particular circumstance.
2. Bow Tie Law’s Blog- Created by Joshua Gilliland, Esq., blogger for Bow Tie Law, one of the two attorney bloggers for The Legal Geeks, Litigation World columnist and founder of Majority Opinion LLC. Bow Tie Law Blog is dedicated to untying the knotty issues in eDiscovery, including the application of the Federal Rules of Civil Procedure & Federal Rules of Evidence to technology, Web 2.0, text messages, instant messages, and applying traditional legal principles to 21st Century realities. Bow Tie Law Blog postings have been prepared for informational and educational purposes only.
3. Opportunity Knocks- The Cowen Group publishes this blog. The Cowen Group hosts over 50 executive peer micro-events nationally. These thought leadership workshops are designed to bring together Legalists, Technologists, Consultants and Executives in a roundtable environment to accelerate their advancement in this rapidly evolving space. This blog is published in the spirit of education, enlightenment, and networking.
4. e-Discovery Team- This blog by Ralph Losey takes a multidisciplinary look at eDiscovery, addressing the issue from a law, IT, and science perspective all at once.
5. Ride the Lightning- For information on information technology, information security, and digital forensics, check out this blog written by Sharon D. Nelson. The posts on Ride the Lightning cover news events all over the world related to privacy issues, cyberattack, legal aspects of information security and electronic evidence, etc.
6. Sound Evidence Blog- For a simplified, direct presentation of eDiscovery issues, try the Sound Evidence Blog written by Mary Mack.
7. Ball in your court- Musings on E-Discovery & Computer Forensics. Published by Craig D. Ball, P.C.. Craig Ball's column, "Ball in Your Court," has won Gold or Silver Medal recognition as Best Regular Column or Best Contributed Column from the Trade Association Business Publications International and/or from the American Society of Business Publication Editors every year since 2006!
8. EDD Blog Online- The EDD Blog addresses issues such as cloud computing, technology assisted review, digital forensics, social media, and big data. EDD Blog Online is written in part by the president of Electronic Evidence Labs.
9. Litigation Support Industry- Follow this blog to stay up-to-date on a variety of e-discovery subjects that are not only related to technology, practices, and news items. Litigation Support Industry also posts information on investment opportunities, new alliances, product releases, and acquisitions/mergers related to the business of e-discovery.
10. Strategic Legal Technology- This blog is authored by lawyer and consultant Ron Friedmann. Strategic Legal Technology covers not just eDiscovery and litigation support, but also other topics in technology such as knowledge management.
11. EDD Update- This blog is an endeavor that combines the efforts of Law.com Legal Technology and Law Technology News. Consult EDD Update for breaking stories regarding verdicts and rulings relevant to e-discovery issues.
12. Electronic Discovery Blog- In this blog, attorney-writers address issues of e-discovery and forensic issues pertaining to e-discovery processes and ideas.
13. The e-Disclosure Information Project- The e-Disclosure Information Project is run by Chris Dale, a former commercial litigation partner turned e-Disclosure consultant. The Project aims to bring together lawyers, suppliers, courts and corporations with an interest in electronic disclosure, and to disseminate information about the court rules, the problems and the software and services available to handle them.
14. e-discovery 2.0- Published by Clearwell Systems, this blog has a lot of great information and resources that aren’t aimed at selling you something. Well done and valuable posts make this site one worth visiting often.
15. Electronic Discovery and Evidence- This blog by Michael Arkfeld, author and educator, in the legal field reports recent updates in e-discovery law.
16. E-Discovery Beat- Subscribe to E-Discovery Beat for resources provided for attorneys and litigation support professionals. E-Discovery Beat aims to "tame the chaos" involved in eDiscovery procedures.
17. Information Management- This blog covering the broader topic of information management in general occasionally addresses issues of e-discovery and their effects on organizations' liabilities regarding the availability of data.
18. eDiscovery Journal- Peruse through the postings on E-Discovery journal for practical advice and impartial information. On this blog, you can research eDiscovery technologies, services, or experts to find a solution to any many possible eDiscovery quandaries.
19. Legal Project Management- Read this blog for suggestions and commentary on conducting a wide range of legal procedures. Legal Project Management occasionally addresses the issue of eDiscovery.
20. E-Discovery Law Alert- Written by lawyers from a law firm practicing in several mid-Atlantic states, E-Discovery Law Alert analyzes recent events related to e-discovery and delves into the intricacies of information management law in a corporate context.
That's our list - what do you think? Are there any blogs we missed?
TERIS Senior Forensic Consultant Tim Weaver, attended the Saratoga High School Career Day on April 1st. Tim presented to two groups of 25 students. Throughout the day, the students heard presentations from a variety of guest speakers covering various careers. Tim provided a discussion on the career "Computer Forensic Scientist/Crime Lab.”
Tim talked about his experience at Career Day and advice he has for young people thinking about a career in legal technology.
1) What were the 3 best questions students asked?
How does someone get started in this job field? What is a typical workday like for a Private Industry Forensic Consultant? Does someone have to start by working for the government to do this type of work?
2) What did YOU learn from the presentations?
I was reminded of the difficulty I had trying to decide what I wanted to do when I was in High School. I learned that this is still a difficult situation for graduating high school students. It was encouraging to see that counselors are helping students by putting this type of event together to help give students more information from people working in various fields.
3) How/why were you invited to speak to this group?
I was asked to participate by the Quality Manager at the local FBI Regional Computer Forensic Lab. She has done this presentation in past years, but was unavailable this year. I used to be the Operations Manager at that lab and they thought I had interesting career experience and that I would be a good resource for the students. I received an invitation from Carolyn Doles, Parent Coordinator for the Saratoga High School College & Career Center.
4) Based on this experience, do you want to do more presentations?
Yes. I used to work as a Newark (CA) Police Officer. I was a Crime Prevention Officer for several years. I routinely made public presentations for Neighborhood Watch, Personal Safety and Fraud Business Crime Prevention. I enjoy doing public presentations.
5) What advice do you have for young people thinking about a career in legal tech?
This is an exciting career field. There is challenging work and there are a growing number of job opportunities.
Tim has more than 20 years experience as a computer forensic examiner and investigator, with primary expertise in collecting and analyzing digital evidence in a forensically appropriate manner and explaining the significance of forensic findings. Prior to joining TERIS, Weaver was operations manager and deputy lab director at the Silicon Valley Computer Forensic Laboratory for six years. He also served as district attorney senior investigator in Santa Clara County for eight years and as a police officer and detective at Newark PD for 20 years.
If you are interested in learning more about careers at TERIS, you can visit our website.