eDiscoveryDaily

Where Does One Find Bitcoin to Pay the Hacker When Your Computer is Locked? An ATM, Of Course!: Cybersecurity Trends

Needless to say, cybersecurity and its challenges have become even more of a hot topic than ever, with ransomware stories becoming more prevalent (here are two stories we’ve covered in just the last two weeks).  If you want to learn more about how to prevent ransomware attacks, read below.  Regardless, based on a recent article, the currency used to pay those hackers their ransom is easier to come by than ever.

In the Ride the Lightning blog (Yes, You Can Get Bitcoins from an ATM), Sharon Nelson notes that she discovered a Bitcoin ATM in her local Shell station, which came with a sheet of instructions (replicated on her company site here).  The sheet of instructions includes a list of other places where you can find Bitcoin ATMs in the D.C. Metro area including other gas stations, two laundromats and a falafel shop.  Sharon took a photo of the ATM, which is displayed in her blog via the link above.

For those who don’t know, Bitcoin is a cryptocurrency and a digital payment system that was released as open-source software in 2009.  According to Wikipedia, over 100,000 merchants and vendors accept bitcoin as payment as of February 2015.

There’s even a site where you can get started with Bitcoin, which says “Bitcoin isn’t owned by anyone. Think of it like email. Anyone can use it, but there isn’t a single company that is in charge of it. Bitcoin transactions are irreversible. This means that no one, including banks, or governments can block you from sending or receiving bitcoins with anyone else, anywhere in the world. With this freedom comes the great responsibility of not having any central authority to complain to if something goes wrong. Just like physical cash, don’t let strangers hold your bitcoins for you, and don’t send them to untrustworthy people on the internet.”

Like cyber-hackers who hold your data for ransom, perhaps?

There’s even an investment market for Bitcoin.  Ars Technica published an article yesterday that noted that the price of Bitcoin has doubled just in 2017 and that a Marketwatch analysis showed that an investment of $1,000 USD in Bitcoin in July 2010 would be worth more than $35 million today!  Wow!

Hopefully, you only have to find out about Bitcoin for investment purposes, not because some cyber-hacker forced you to do so.  Ransomware attacks, and what to do about them is one of the topics we’ll be discussing at our webcast on Wednesday, May 31.  For more info on where to register, click here.

So, what do you think?  Have you ever owned Bitcoin or been involved in a Bitcoin transaction?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Denies Defendant’s Motion to Overrule Plaintiff’s Objections to Discovery Requests

Court Denies Defendant’s Motion to Overrule Plaintiff’s Objections to Discovery Requests: eDiscovery Case Law

In Wal-Mart Stores, Inc. et. al. v. Texas Alcoholic Beverages Commission, et. al., No. 15-00134 (W.D. Texas, Apr. 10, 2017), Texas Magistrate Judge Andrew W. Austin (no relation) denied the defendant’s motion to overrule the plaintiff’s objections to the defendant’s discovery requests, due to the fact that the plaintiff stated it was withholding documents based on each of the objections.

Case Background

In this dispute over the restriction of public companies to sell liquor in Texas, Judge Austin, after conducting a hearing to discuss the parties’ discovery dispute, noted “There was quite a bit of confusion at the hearing about precisely what relief TPSA is requesting in this motion.”  Ultimately, it was determined that the defendant was requesting the Court to overrule objections made by the plaintiff to each of the requests for production, which it assumed would mean that the plaintiff would be under “compulsion” to produce responsive documents, and any disagreements about the actual production could be addressed at that time.

Judge Austin also noted that the “cause of the confusion is not one-sided”, in that much of the confusion stemmed from the plaintiff’s “overabundance of caution” in responding under the new discovery rules, which now require that when a party makes an objection, it also state whether it is withholding any documents subject to that objection. In every one of its responses to the defendant’s requests, the plaintiff leveled one or more objection, and in each instance it stated that it is withholding documents pursuant to that objection.  As a result, the defendant was concerned that there were identified, responsive documents sitting on plaintiff’s counsel’s desk that had not been produced, any of which could be a “bombshell.”

In an exchange with plaintiff’s counsel for clarification, Judge Austin determined that the plaintiff had indicated it was withholding documents pursuant to each objection even if the plaintiff determined that the request was too broad and of such marginal relevance to even merit a search to find responsive documents and that the plaintiff expected it was likely that there were some responsive documents in its many offices and on its computer networks and that some of these documents would likely be privileged attorney client communications or work product.

Judge’s Ruling

With regard to the plaintiff’s statement that it was “withholding documents based on these objections”, Judge Austin noted that while it “may technically be accurate, it is not what the new rules were after in adding the requirement in Rule 34(b)(2)(C) that ‘an objection must state whether any responsive materials are being withheld on the basis of the objection.’”   Judge Austin indicated that “A more helpful response would have been something along the lines of ‘Based on these objections, Wal-Mart has not conducted a search for responsive documents, and while it is likely that some responsive documents may exist, Wal-Mart has not identified any such document, and is not withholding any identified document as a result of these objections.’”

Judge Austin also stated: “For most of the RFPs, Wal-Mart responded that it had already collected and produced documents in response to similar requests from the TABC, based on agreed upon search parameters, and would produce the same documents to TPSA. Further, Wal-Mart stated that it would conduct an additional limited search of additional document sources, but would otherwise not search further. TPSA failed to state in its briefs, or at the hearing, what it believed was deficient with this response. In fact, when asked at the hearing, TPSA was unable to point to a single additional document that would be responsive to its requests it believed had not already been produced. Despite this, TPSA continued to maintain that overruling Plaintiffs’ objections would solve this discovery dispute.”  Disagreeing, Judge Austin denied the defendant’s motion to compel.

So, what do you think?  Was the judge’s suggestion for handling objections in this case helpful?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

“Master” Your Knowledge of eDiscovery With This Conference in Chicago Today: eDiscovery Trends

For the second year in a row, I’m participating in The Master’s Conference 2017 Chicago event, which happens to be today.  If you’re in the Chicago area today, join me and other legal technology experts and professionals at The Master’s Conference event for a full day of educational sessions covering a wide range of topics!

The Master’s Conference brings together leading experts and professionals from law firms, corporations and the bench to develop strategies, practices and resources for managing the information life cycle.  This year’s Chicago event – “Deep Dish Data with Only Chopsticks to Manage It” – covers topics ranging from technology evaluations to forces changing eDiscovery to analytics and social media discovery.  Cybersecurity and data privacy are covered too.

The event will be held at Wyndham Grand Riverfront, 71 E Upper Wacker Dr, Chicago, IL 60601.  Registration begins at 8am, with sessions starting right after that, at 8:30am.

CloudNine will be sponsoring the session Data, Discovery, and Decisions: Extending Discovery From Collection To Creation at 1:45pm.  I will be moderating a panel that includes Matt Wolfe, Commercial Litigator with Shook, Hardy & Bacon, L.L.P., Ryan Tilot, Counsel with Seyfarth Shaw LLP and Mykhaylo Bulyk, Cyber Intelligence/Incident Response Manager for CDK Global.

Our panel discussion will discuss how big data is impacting today’s litigation landscape, the use of non-traditional tools and approaches, how more and more organizations are conducting “data discovery” pre-litigation and the impact of big data on cybersecurity.  It should be a very informative discussion with a very knowledgeable panel!  Hope you can join us!

Click here to register for the conference.  It’s a day well spent with sessions all day long, including the keynote at lunch.

This year, The Master’s Conference also has events scheduled for Denver, New York City, London(!), Washington DC and Orlando.  Click here for more information on remaining scheduled events for the year.

So, what do you think?  Are you in Chicago today?  If so, come join us!  And, as always, please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

The Tenth Annual eDiscovery Training Academy at Georgetown Law is Next Month: eDiscovery Best Practices

I’ve been remiss in not covering this before now, but the 10th Annual eDiscovery Training Academy will be coming up in a couple of weeks at the Georgetown University Law Center.  If you want a really in-depth training course with highly respected and knowledgeable instructors, this is as good a course as there is.

This year’s academy begins on Sunday, June 4, goes through Friday, June 9 and is designed to “fully immerse you in the subject of eDiscovery”. It features a highly personalized and interactive instructional approach designed to foster an intense connection among students, and one “where you will be essentially an apprentice: observing closely, questioning thoroughly, and intimately understanding the approach and knowledge of experts in the craft.”  Those experts are a renowned faculty including Craig D. Ball, Maura R. Grossman, Thomas O’Connor, and Mark S. Sidoti. Retired Magistrate Judge John M. Facciola will also provide additional guidance from a judicial and pragmatic point of view.

The program includes hands-on practice with tools and data at your computer, organized into exercises designed to help you become more comfortable and adept with both the fundamentals and intricacies of ESI.  And, you will learn about and discuss legal issues and concepts, including technology-assisted review, quality assurance, sampling, “legal hold” analysis, the use of Federal Rule of Evidence 502 to minimize the risks of inadvertent disclosure, attorney-client privilege, work product and limitations on waiver, and analyses of cost allocation, proportionality, and “not reasonably accessible” issues.

If you’re in big need of CLE credit hours, you get 26 credit hours (31.2, if your state uses a 50 minute credit hour), which includes 1.2 hours of ethics credit.  Georgetown Law is an accredited CLE provider in most MCLE states.

Click here for pricing information and to register.  There are discounts for Georgetown Law Alumni and Government employees, so, if you’re in one of those groups, you’re eligible for considerable savings.  If you’re interested in attending, time is of the essence – the Academy is limited to 60 participants, so register as soon as possible to reserve your place.

So, what do you think?  Have you been looking for comprehensive eDiscovery training for you or your staff? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Is Pricing Transparency Finally Happening in eDiscovery?: eDiscovery Trends

An age old issue in eDiscovery has been understanding and comparing pricing between various vendors and service providers.  It’s the old “apples vs. oranges” comparison when considering pricing.  A new article, which references a terrific benchmark test, may show that pricing transparency by at least two eDiscovery providers may be finally helping put eDiscovery pricing on common ground.

Rob Robinson’s article on his Complex Discovery blog (An eDiscovery Challenge: Pricing Consistency and Transparency) discusses how eDiscovery continues to challenge law firms and legal departments with a lack of consistency and transparency in pricing. Rob notes that this “lack of consistency and transparency appears to have many reasons with most originating from that fact that eDiscovery solutions (software and/or services) tend to be complex and require and understanding of need, volume, and duration before the configuration of a specific quote to assign a price to the value to be provided. However, with the advent of fourth generation eDiscovery solutions, it appears that some vendors are now comfortable enough with their understanding of the economics and capabilities of their solutions to publicly present pricing to current and potential customers.”

Rob shows how two eDiscovery providers (one of them happens to be CloudNine) have begun “publicly sharing the pricing of their technology solutions, providing an example of how consistent and transparent pricing can be highlighted leading eDiscovery vendors.”  He also references Craig Ball’s updated EDna Challenge from last year (which we covered here) that provides a hypothetical scenario where an eDiscovery solution needs to be provided for less than $5,000 under the following parameters:

  • Three Person Legal Team
  • Process, Search, Review, and Produce
  • 10 Custodians
  • 10-12 GB Total of Data
  • Up to 90 Day Review
  • Up to 21 Months Archiving

Under that framework, both solutions provide a cost estimate to address the hypothetical scenario.  Rob notes that “both offerings meet the technology and business challenges posed by the EDna Challenge”, but “the real value of this comparison is to present how the consistency and transparency of publicly published pricing allows for these types of comparisons without the need for specific challenges and with legal professionals being able to make initial comparisons without special or one-off quotes.”

Last year, for a presentation that I did for the State Bar of Texas, I wrote a white paper titled How SaaS Automation Has Revolutionized eDiscovery for Solo and Small Firms and the comparison of Craig’s 2009 EDna challenge (and the lack of full-featured solutions that could meet that challenge within the ascribed budget) to his 2016 EDna challenge (where several SaaS automation solutions could do so, albeit on a larger budget) was discussed in that white paper.  If anyone would like a copy, feel free to email me at daustin@ediscovery.co.  Hopefully, the trend toward pricing transparency continues and, thanks to Craig, we have a framework for truly comparing apples to apples.

So, what do you think?  Is comparing pricing from multiple eDiscovery vendors a challenge in your organization? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Reporting From the EDRM-Duke Law 2017 Spring Workshop: eDiscovery Best Practices

This blog post is a little longer than most as there is a lot to cover here…

This week, EDRM held its first Spring Workshop since it was acquired by Duke Law last August, which means this was the first workshop held at the Duke campus in Durham, North Carolina and it was unique in several ways.  Here are a few of highlights from the workshop.

Location

As I mentioned, the Workshop was held on the Duke campus in Duke Law School (conveniently and, by design, the school year has just ended).  The venue was excellent and the Duke campus is beautiful, with the law school about a mile from the hotel where many of the participants stayed.  Here’s a couple of examples.

Even the parking garages are architecturally impressive!

Attendees

There were about 50 participants at the workshop, and most of them (at least by my observation) were either law firm or service provider participants.  While there were a few familiar faces (I’ve been attending EDRM meetings since the second year in 2006), most of the people that I met and spoke with were first time attendees to an EDRM workshop.  I’m not sure if the reason for that was the change in locale, the primary project below being worked on (below), or both.  Regardless, it appears that a number of new people are interested in participating in EDRM, which is a clear indication that the importance of EDRM has remain unchanged after the acquisition by Duke.

Project Activities

The majority of attendees were participating in one primary project identified by EDRM as its top goal for the year: developing a user guide for Technology Assisted Review (TAR), with one team working on Cross Border Discovery.  After some initial introduction activities at the start of the workshop by John Rabiej (Director of Duke Law School Center for Judicial Studies), George Socha (founder of EDRM) and Jim Waldron (the new EDRM director) , the teams split into breakout groups to work in their specific teams on Tuesday, with follow-up breakout sessions completed yesterday.

Technology Assisted Review

The TAR effort was broken into three teams, working on various aspects of TAR, as follows:

Team 1: Led by Mike Quartararo of Stroock & Stroock & Lavan LLP, this team was formed to define TAR (and the types of TAR) and discuss use cases for TAR.

Team 2: Led by Adam Strayer of BDO Consulting, this team was formed to discuss factors to consider when deciding whether to use TAR, as well as factors to consider when selecting a TAR tool and service provider.  I am participating on this team.

Team 3: Led by Gareth Evans of Gibson Dunn, this team was formed to discuss “transparency” and “cooperation” considerations regarding TAR, as well as designing and implementing a sound TAR protocol and workflow.

In much the same way that Max McGee said “Coach, you’re going too fast” when Vince Lombardi started a training camp by telling his Green Bay Packer team that “This is a football”, Team 1 spent a lot of their time on Tuesday debating the definition of TAR and/or the appropriate scope of the user guide.  Since teams 2 and 3 were impacted by that discussion as well, the entire group re-convened yesterday morning to discuss the issue further.  The basic discussion came down to two issues:

  1. Whether the definition of TAR (and scope of the document) should be limited to supervised machine learning technology (commonly today called predictive coding) or should include unsupervised machine learning technologies (such as clustering and email threading), and
  2. Whether we should even call the process Technology Assisted Review, or use more specific terms (supervised/unsupervised machine learning), while referencing the more commonly used terms of TAR and predictive coding for continuity and familiarity.

As you can imagine, it was a spirited discussion with attendees having different viewpoints on the topic.  :o)  Aspects of the decisions are still being finalized, so I won’t jump the gun here (sorry, you’ll have to wait for the publication!).

The TAR team is TARgeting (no pun intended) an initial version of the guide for The Duke Conference on Technology Assisted Review (TAR) Best Practices in September 7th and 8th in Arlington, Virginia.

Cross-Border Discovery

A small team, led by Deena Coffman of BDO Consulting, began work on a cross border discovery project, with an initial primary focus on the General Data Protection Regulation (GDPR) regulation that enters into application on May 25, 2018.  Initial discussions focused on identifying manageable first steps that could serve as a building block and the group drafted initial language to formalize a proposed initial scope to be submitted soon to EDRM members with the process to be iterative to eventually (hopefully) lead to a Code of Conduct.  Deena also indicated that the group will also reach out to EDRM members for real life lessons and lessons learned in cross-border discovery.

Networking

Of course, one of the best benefits of attending an EDRM workshop is the opportunity to network with colleagues that also work in eDiscovery and share ideas, and this workshop was no exception.  At breakfasts, lunches, dinner, happy hour and within sessions, all of us were able to discuss a variety of topics (most work related, some not) with various attendees and learn how they address eDiscovery challenges in their organizations.  Speaking personally, this was the most enjoyable EDRM workshop I’ve attended in some time and I enjoyed seeing a lot of new faces at this year’s workshop getting involved in thought leadership in our industry.  That’s what EDRM is all about.

If you’re interested becoming a member of EDRM and participating in any EDRM project, click here for more information, including fee information and a link to a registration form.

So, what do you think?  Are you a member of EDRM?  Are you interested in becoming a member?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Denies Defendant’s Motion to Overrule Plaintiff’s Objections to Discovery Requests

Court Says Rule 37(e) Doesn’t Apply When Recording Was Intentionally Deleted: eDiscovery Case Law

In Hsueh v. N.Y. State Dep’t of Fin. Services, No. 15 Civ. 3401 (PAC) (S.D.N.Y. Mar. 31, 2017), New York District Judge Paul A. Crotty relied upon inherent authority to impose sanctions and determined “that an adverse inference is the appropriate remedy” for the plaintiff’s deletion of a recorded conversation with an HR representative, agreeing with the defendants that “Rule 37(e) applies only to situations where ‘a party failed to take reasonable steps to preserve’ ESI; not to situations where, as here, a party intentionally deleted the recording.”

Case Background

In this case arising from claims of sexual harassment at work, the plaintiff, at an April 2016 deposition, initially stated that she did not think she had recorded any conversations with an HR representative (Allison Clavery) from the company about her allegations, but eventually explained that she thought she had recorded one meeting with Clavery in either December of 2015 or January of 2016, and that she deleted the recording in “[e]ither the course of 2016 or 2015” because “the voice recording itself. . . was not very clear, so [she] did not feel it was worth keeping.”  As a result, in June and early July 2016, the defendants filed a motion for spoliation sanctions.

On July 11, 2016 — the day the plaintiff’s opposition to the spoliation sanctions motion was due — plaintiff’s counsel submitted a letter to the Court advising that “I received an e-mail from my client at 10:16 p.m. last evening, which contained an audio recording attachment of a meeting between my client and Allison Clavery.”  Plaintiff’s counsel noted that “the e-mail indicated that the recording had been recovered with the help of Plaintiff’s husband” and that plaintiff’s counsel stated that he was “awaiting any further instructions with regard to Defendant DFS’s motion.”  As a result, discovery was reopened and the plaintiff and her husband were deposed.  Despite recovery of the recording, the defendants continued to pursue spoliation sanctions, as they had only received materials relating to the plaintiff’s mental health history “over the past few weeks, despite requesting them back in December 2015.”

The defendants stated that it was unclear as to whether Rule 37(e) applied here, arguing that the audio recording might not be ESI and also arguing that Rule 37(e) applies only to situations where “a party failed to take reasonable steps to preserve” ESI; not to situations where, as here, a party intentionally deleted the recording.  The plaintiff, on the other hand, argued that, since the recording was restored, no sanctions were warranted.

Judge’s Ruling

With regard to the defendant’s argument that the recording is not ESI, Judge Crotty stated “The Court disagrees. The recording was made using a digital recorder, and was saved in a digital format.”

However, with regard to the defendant’s argument that Rule 37(e) doesn’t apply when the party intentionally deletes the recording, Judge Crotty said “This makes sense. The Committee Notes to the 2015 Amendment to Rule 37 explain that Rule 37(e) is meant to address ‘the serious problems resulting from the continued exponential growth in the volume of’ ESI as well as ‘excessive effort and money’ that litigants have had to expend to avoid potential sanctions for failure to preserve ESI…These considerations are not applicable here. It was not because Hsueh had improper systems in place to prevent the loss of the recording that the recording no longer existed on her computer; it was because she took specific action to delete it. The Court therefore concludes that Rule 37(e) does not apply.”

As a result, Judge Crotty, determining that “the Court may rely on its inherent power to control litigation in imposing spoliation sanctions”, ruled “that an adverse inference is the appropriate remedy” for the plaintiff’s deletion of the recording and granted the defendants’ motion for spoliation sanctions.

So, what do you think?  Should Rule 37(e) have applied here?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Ransomware Makes You Wanna Cry: Cybersecurity Trends

This must be our month for ransomware stories.  Unless you have been living under a rock for the past several days, you’ve undoubtedly heard about the WannaCry virus that has been attacking Microsoft© Windows machines without up to date security protections.  If you have been living under a rock, allow me to provide some information here.  :o)

According to the BBC (Cyber-attack: Is my computer at risk?, written by Zoe Kleinman), as of Sunday, there are “believed to be more than 200,000 victims in 150 countries.”  That figure is “likely to grow as people switch on their computers on Monday if their IT has not been updated and their security systems patched over the weekend.”

The WannaCry virus infects machines running Windows operating systems and is distributed by a recently leaked attack tool developed by the National Security Agency. Those who don’t update their Windows operating systems or are careless when opening and reading emails could be at risk.  However, the virus is “self-replicating”, so it can spread from vulnerable machine to vulnerable machine, even if you weren’t the one who opened the questionable email.

According to ARS Technica (WCry is so mean Microsoft issues patch for 3 unsupported Windows versions, written by Dan Goodin), the virus is so pervasive that “Microsoft is taking the highly unusual step of issuing patches that immunize Windows XP, 8, and Server 2003, operating systems the company stopped supporting as many as three years ago.  Microsoft also rolled out a signature that allows its Windows Defender antivirus engine to provide ‘defense-in-depth’ protection.”

People who are running unpatched machines should take action immediately. The best measure is to patch the vulnerability using this link for supported versions or this one for XP, 8, and Server 2003. Those who can’t patch should ensure their computers are locked down by, among other things, blocking outside access to ports 138, 139, and 445. They should also disable version 1 of the Server Message Block protocol.

According to ARS Technica, “Friday’s attack could have been much worse, had the perpetrators not slipped up by failing to register an Internet domain that was hardcoded into their exploit as a sort of “kill switch” they could activate if they wanted to shut down the worm. That made it possible for a quick-acting researcher to register the domain and stop much of the attack just as it was gaining momentum.  A new attack could come at any time.”

Ransomware attacks, and what to do about them is one of the topics we’ll be discussing at our webcast on Wednesday, May 31.  For more info on where to register, click here.

So, what do you think?  Are you protected?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

It’s Not the Size That Matters, It’s What You Do With It: eDiscovery Best Practices

Get your minds out of the gutter – I’m talking about the size of your data collection (silly!).  :o)

We certainly have talked a lot about the impact of Big Data and the Internet of Things on this blog as new challenges presented to today’s attorneys, and they are, but challenges have always existed for attorneys in managing data and documents in litigation.  An article from last week reminds us that, regardless of how much data we’re dealing with or where it comes from, discovery is still about strategy.

In Above the Law (Stop Equating eDiscovery With Data — It’s Not That Simple), Kelly Twigger (the author) reminds us of how it was if we go back 10 years (hopefully more like 15, but that’s beside the point).  Remembering (reminiscing?), she notes that we “asked for paper from our clients and the other side, and we got bankers’ boxes of stuff. Then we sat down and went through each page one by one and then we went through them again. And again. We used yellow stickies with handwritten notes, then we graduated to the multi colored Post-it tabs and hoped we could remember what color stood for what.”

Even when we started using technology, it was Summation where we “paid people to manually code multiple fields of documents (that we reviewed by hand) so that we had a database that told us about the documents in it.”  While it had limited functionality, it was still an improvement.

Kelly notes that while the technology has improved a whole lot, most attorneys “are still conducting discovery as if we still have paper” and she notes “that’s a big part of why discovery of ESI costs so much and you don’t want to do it.”  Like a doctor responding to a patient who says “doc, my arm really hurts when I bend it over my head”, Kelly says “Stop doing that.”  Instead, she says, “start with the endgame in mind — what do you want, where can you get it from, and how valuable is it, versus how much does it cost to get?”

A couple of years ago, I decided to have a little fun and I inverted the EDRM model backwards and wrote a post about how, when planning for your eDiscovery project, it’s often best to work backwards and start with the goals to be accomplished for the end phases and use that to guide your work at the beginning of the process.  For the ESI that you plan to present, it’s important to identify that ESI early (and determine whether it’s in your possession or you need to request it from another party), and you’ll need to determine what ESI you need to preserve and collect to meet your production obligations.  The volume of data that you expect may drive review decisions such as how many reviewers you may need or whether you should consider using Technology Assisted Review to conduct your ESI review.  So, by starting “backwards” and determining your end goals, you can plan for your activities through the life cycle of the case.  Preparation reduces perspiration.

Kelly reminds us what many attorneys should already know, that the “volumes of ESI and the sources you have to search are only going to increase drastically, and your litigation budgets are not.”  Planning, strategy and learning the technology are keys keeping those budgets in line.

So, what do you think?  What do you do at the beginning of a case to ensure success at the end?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.