Forensic Update

Reflections on information management within the legal and regulatory arena

Archive for the ‘ECM’ Category

2013 in review

Posted by Johnny Lee on January 1, 2014

The WordPress.com stats team prepared a 2013 annual report for this blog.

Click here to see the complete report.

———-

Please see the disclaimer associated with content published on (and associated with) this site.

 

Advertisements

Posted in Announcement, Computer Forensics, Data Governance, ECM, eDiscovery, Fraud, Information Security, Investigations, Litigation Hold, Privacy, Records Retention, Social Networking | Comments Off on 2013 in review

Through the Google Glass Darkly…

Posted by Johnny Lee on December 10, 2013

BowtieLaw

It’s always a challenge to summarize the year for a subject matter as volatile and complicated as Electronic Discovery.  One could spend a few hours looking through the lens of a Google search engine, and days digesting the results, or you could simply peruse the superb summary penned by Joshua Gilliland, the blogger for Bow Tie Law, one of the two attorney bloggers for The Legal Geeks, and a Litigation World columnist.

It’s this last forum where we find the year-in-review that neatly summarizes the four most prominent “lessons learned” from the 2013 eDiscovery trenches.  I commend this to all in this space, as it captures the major themes and provides the most cogent excerpts from the key court opinions that shaped this very interesting year for our industry.

Gilliland readily focuses on the four lessons that “rise above all others: (1) the duty to preserve remains a hot button issue, (2) litigators still fight over the form of production, (3) proportionality is alive and well, and (4) taxation of costs is a sleeping giant we need to confront.”  Please do take the time to review this update…you won’t regret it.

———-

Please see the disclaimer associated with content published on (and associated with) this site.

Posted in Computer Forensics, Data Governance, ECM, eDiscovery, Fraud, Investigations, Litigation Hold, Privacy, Records Retention | Tagged: , , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Through the Google Glass Darkly…

Panel Discussion on Data Preservation @ 2013 IT-LEX Conference…

Posted by Johnny Lee on October 2, 2013

IT-LEX Logo“Technology is outpacing the law. IT-Lex is a technology law 501(c)(3) not-for-profit organization dedicated to narrowing this gap with entertaining educational experiences.  We are pleased to offer our first annual conference, Innovate.”  The Innovate Conference is an active learning experience with a focus on user participation, and ForensicUpdate editor Johnny Lee will participate in a panel discussion on Friday, October 18th on the topic of data preservation and evidence collection.  Please click here for more details.

———-

Please see the disclaimer associated with content published on (and associated with) this site.

Posted in Computer Forensics, Data Governance, ECM, eDiscovery, Investigations, Litigation Hold, Privacy, Records Retention | Tagged: , , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Panel Discussion on Data Preservation @ 2013 IT-LEX Conference…

Great GRC audience for joint ISACA & IIA Conference…

Posted by Johnny Lee on August 29, 2013

ISACA-IAA-GRC-2013Thanks to one and all that attended my presentation on eDiscovery and Data Governance.  What a lively and interactive group…very appreciative of the good folks at ISACA and IIA for collaborating on an excellent conference.

———-
Please see the disclaimer associated with content published on (and associated with) this site.

Posted in Data Governance, ECM, eDiscovery, Investigations, Litigation Hold, Privacy, Records Retention | Comments Off on Great GRC audience for joint ISACA & IIA Conference…

Regulator Fines Financial Services Company $9 Million for Email Spoliation…

Posted by Johnny Lee on May 28, 2013

FINRAThe Financial Industry Regulatory Authority (“FINRA”) announced last week that it had levied fines against LPL Financial LLC (“LPL”) to the tune of $7.5 million for thirty five “separate, significant email system failures, which prevented LPL from accessing hundreds of millions of emails and reviewing tens of millions of other emails.”  FINRA also determined that LPL had made “material misstatements” during FINRA’s inquiry into the email failures, resulting in the establishment of a $1.5 million fund “to compensate brokerage customer claimants potentially affected by its failure to produce email.”

While this is technically not a spoliation sanction, which can only be issued by a court, it is nonetheless what those in the eDiscovery arena recognize as punishment for the failure to preserve relevant evidence.  FINRA’s Chief of Enforcement said that LPL simply failed to “expand its compliance and technology infrastructure” as LPL grew.  This resulted in LPL failing “in its responsibility to provide complete responses to regulatory and other requests for emails.”

To be clear, FINRA felt that these failures were both systemic and severe.  To illustrate just a few of the thirty five enumerated failures, see just a few examples below.

  • LPL failed to supervise 28 million “doing business as” (DBA) emails sent/received by thousands of representatives who were operating as independent contractors over a four-year period.
  • LPL failed to maintain access to hundreds of millions of emails during a transition to a less expensive email archive (with 80 million of those emails becoming corrupted in the process).
  • For seven years, LPL failed to preserve and review 3.5 million Bloomberg messages, as required by regulation.
  • LPL failed to preserve emails sent to customers via third-party email-based advertising platforms.

The Chief of Enforcement sums this up in a rather pithy statement: “This case sends a strong message to firms to make sure your business does not outgrow your compliance systems.”  Indeed…message received.

For more on FINRA’s consent announcement, please click here. To read the actual consent agreement, please click here.

Please see the disclaimer associated with content published on (and associated with) this site.

Posted in Computer Forensics, Data Governance, ECM, eDiscovery, Investigations, Litigation Hold, Records Retention, Social Networking | Tagged: , , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Regulator Fines Financial Services Company $9 Million for Email Spoliation…

Excellent panel discussion on the Challenges of Managing Cross-Border Governance…

Posted by Johnny Lee on October 26, 2012

I recently had the pleasure of moderating a panel discussion on the Challenges of Managing Cross-Border Governance.  The event was sponsored by Thomson Reuters, as part of their ongoing series covering topics within the arena of Governance, Risk & Compliance.

Joining me on the panel were a trio of all-star attorneys from the Atlanta area: Scott Burton, Partner at Sutherland; Jason Poulos, Of Counsel at Wheeler Weinberg; and Dewitt Rogers, Partner at Troutman Sanders.  Each of these veteran attorneys shared their perspectives, ranging from the challenges of conducting investigations and litigation across multiple borders to the complexities and impacts of these issues as they relate to Corporate Governance and international Mergers and Acquisitions.

I thoroughly enjoyed myself, and I appreciate the opportunity to take part in such an informed discussion.  I hope that those who attended took as much away from the experience as I did.

 

Please see the disclaimer associated with content published on (and associated with) this site.

 

Posted in Announcement, Computer Forensics, Data Governance, ECM, eDiscovery, Investigations, Privacy, Records Retention | Tagged: , , , , , , , , , , , , , , , , , , , | Comments Off on Excellent panel discussion on the Challenges of Managing Cross-Border Governance…

Upcoming AIIM Webinar on Information Governance…

Posted by Johnny Lee on September 2, 2012

ForensicUpdate editor will lead a presentation in late September on “Information Governance in our Social World.”  The webinar will be hosted by Autonomy and produced by AIIM.

The description for the webinar is as follows: “Information Governance is concerned with defining accountability for an organization’s information assets. If governance is implemented properly – that is, if there is GOOD governance – the organization’s information management should be compliant with any relevant legislation or regulations.

In addition to good governance, organizations need to be consistent with their departmental policies – the kinds of policies that are often sporadically enforced and/or are contradictory from one department to the next (i.e., HR or accounting retention or security policies that differ from IT’s practices).

Join this webinar to learn the latest on how Information Governance will address all the multi repository and social media interfaces that impact your organization’s policies — including those that attempt to govern behavior within your organization as well as those that affect your customers and other partners and providers. Learn tips on how to improve your information governance programs for better compliance, better processes, and better information management.”

Please see the disclaimer associated with content published on (and associated with) this site.

 

Posted in Data Governance, ECM, eDiscovery, Information Security, Litigation Hold, Records Retention, Social Networking | Tagged: , , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Upcoming AIIM Webinar on Information Governance…

ForensicUpdate Editor to join panel on “Information Security, Access Control and Forensics”…

Posted by Johnny Lee on August 8, 2012

The Metro Atlanta Chapter of the Information Systems Security Association (ISSA)® will host a panel discussion on information security and related topics in late August 2012.  The meeting will be held on August 30, 2012 from 6:30 PM – 9:00 PM at One Concourse Pkwy NE, 5th floor, Atlanta, GA 30328.  Panelists include Andre Maxwell (Principal at Information Security Xperts, Inc.), Kevin Morgan (Global IT Audit Manager at InterContinental Hotels Group), and Johnny Lee (Forensic Investigator and ForensicUpdate editor).

 

Please join us for a lively discussion of trends, technologies, and lessons learned from practitioners wrestling with these issues on a daily basis.  Audience participation is both welcome and encouraged.  We hope to see you there!  Click here for details.

“The ISSA is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.  The primary goal of the ISSA is to promote management practices that will ensure the confidentiality, integrity, and availability of information resources. The ISSA facilitates interaction and education to create a more successful environment for global information systems security and for the professionals involved. Members include practitioners at all levels of the security field in a broad range of industries such as communications, education, healthcare, manufacturing, financial, and government.”

Please see the disclaimer associated with content published on this site.

Posted in Computer Forensics, Data Governance, ECM, eDiscovery, Information Security, Litigation Hold, Records Retention | Tagged: , , , , , , , , , , , , , , , , , , , , , , , | Comments Off on ForensicUpdate Editor to join panel on “Information Security, Access Control and Forensics”…

The Poisoned Well: Dreaded Pre-Trial “adverse inference” Jury Instruction in Apple v. Samsung

Posted by Johnny Lee on July 26, 2012

U.S. Magistrate Judge Paul S. Grewal granted plaintiff’s motion to issue a critical jury instruction related to the trial between tech giants Apple and Samsung…before the trial is even underway.  This ruling allows the jury to draw whatever inferences it wishes about the “lost evidence,” with Judge Grewal stating that the lost evidence was not only favorable to the plaintiff (Apple) but that the jury “…may choose to find it determinative, somewhat determinative, or not at all determinative in reaching your verdict.”

This ruling puts the defense team (Samsung) even more on the defensive in a suit meant to settle a host of substantial Intellectual Property and device design disputes.  Judge Grewal grounded his jury instruction upon the evidence submitted that the defendant had failed to avoid the auto-deletion of key email evidence.

Judge Grewal summarized the defendant’s lapse as a failure to recognize when its evidence-preservation duties arose (in Judge Grewal’s words, “especially during the critical seven months after a reasonable party in the same circumstances would have reasonably foreseen this suit”).  Simply put, the defendant “fell short of what it needed to do.”

This will be a much-watched case, and having the well “poisoned” so early in the case may have a profound effect upon the outcome.  Undoubtedly, this case will  be discussed a great deal in the eDiscovery literature as yet another object lesson on the importance of evidence preservation, including the related corollaries of records retention, data governance, and litigation holds.

Posted in Data Governance, ECM, eDiscovery, Litigation Hold, Records Retention | Tagged: , , , , , , , , , , , , , , , , , , , , , , , | Comments Off on The Poisoned Well: Dreaded Pre-Trial “adverse inference” Jury Instruction in Apple v. Samsung

Must Transactional Attorneys Preserve Evidence?

Posted by Johnny Lee on June 5, 2012

Shred-DocumentIt is almost axiomatic in American jurisprudence that the duty to preserve arises for a party when that party “knows or reasonably should know” that litigation is foreseeable.  That said, a recent matter out of the federal courts in New York has raised a very interesting question about evidence preservation duties, as well as when and how they extend to certain parties — including their counsel.

Corporate and litigation counsel alike recognize their (somewhat nebulous) triggering event as the “reasonable anticipation” of a dispute arising, and they respond by issuing data preservation instructions to custodians to ensure that all potentially relevant information is retained for possible review and use in such a matter.  However, federal magistrate judge Joan Azrack has indicated that counsel for a party that destroys evidence might be sanctioned for failing to preserve — independent of a litigation hold — certain documents (including emails) that relate to “the lawyer’s negotiation and documentation of a loan agreement.”

What’s novel in this matter is not that this duty arises for counsel, but when and why.  The case (FDIC v. Malik) involves a suit brought by the FDIC, in its role as the receiver for a mortgage company, against the mortgage company’s attorneys (et alia) relating to a series of loan transactions.

It is important to note that this case is still in process, so its implications (both for litigation- and for records-management) will be watched closely.  Of particular note here is the implication that document retention regulations (in this case, arising out of the attorney’s professional responsibility rules) can establish evidence-preservation obligations where the affected party is “a member of the general class of persons that the regulatory agency sought to protect in promulgating the rule.”  If we were to extrapolate this to organizations across the legal spectrum, this could represent a precedent of staggering influence to corporate America and the way it manages information.

 

Posted in Data Governance, ECM, eDiscovery, Litigation Hold, Records Retention | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Must Transactional Attorneys Preserve Evidence?

 
%d bloggers like this: