Your SlideShare is downloading. ×
  • Like
08/19/2010 Meeting - Litigation Holds and Security Breaches
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

08/19/2010 Meeting - Litigation Holds and Security Breaches

  • 228 views
Published

 

Published in Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
228
On SlideShare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
1
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. The Virtual Trip Wire Litigation Holds & the Duty to Preserve Data in Security Breaches Tomas Castrejon, General Dynamics Josh Gilliland, Esq., D4 LLC Stephanie Sparks, Esq., Hoge Fenton Jones & Appel
  • 2. From the Bench “By now, it should be abundantly clear that the duty to preserve means what it says and that a failure to preserve records – paper or electronic – and to search in the right places for those records, will inevitably result in the spoliation of evidence.” The Pension Committee of the University of Montreal Pension Plan, et al. v. Banc of America Securities LLC, et al., Amended Order, Case No. 05-cv- 9016 (SDNY Jan. 15, 2010)
  • 3. Why this Matters • In complex commercial litigation today, virtually all discovery involves electronic discovery to some extent. • It also is well known that absent affirmative steps to preserve it, at least some electronically stored information (“ESI”) is likely to be lost during the course of litigation through routine business practices or otherwise. Vice Chancellor Parsons, Court of Chancery of Delaware, Beard Research, Inc. v. Kates, 2009 Del. Ch. LEXIS 94, 21-22 (Del. Ch. May 29, 2009).
  • 4. Agenda • Security Breach • Personal Identifiable Information • Case Example • Litigation Hold Definition • Preservation Letters Defined • Triggering Event: The Preservation Obligation • Duty to Preserve • Spoliation • Hypothetical • Litigation Hold Best Practices • Question & Answers
  • 5. © 2010 Hoge Fenton Jones & Appel Personal Information Generally • Individual’s first name or first initial and last name in combination with any one or more of the following: – Social security number – Driver’s license or identification number – Account number, credit or debit card number, in combination with any required security code, access code or password – Medical information – Health insurance information
  • 6. Data Breach •285 million records were compromised in 2008 •A typical lost or stolen laptop cost the business an average of $50,000, 90% of which was for data breach response • Range of loss per individual: $1,213 – $975,527 Source: Open Security Foundation, datalossdb.org
  • 7. Data Breach Source: Open Security Foundation, datalossdb.org
  • 8. Data Breach Source: Open Security Foundation, datalossdb.org
  • 9. Patchwork of Federal Laws • Gramm-Leach-Bliley Act (GLBA regulated by FTC) • Federal Credit Reporting Act (FCRA regulated by FTC) • Fair & Accurate Credit Transactions Act and Red Flags Rules (FACTA regulated by FTC) • Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH Act) (regulated by HHS) • The Children’s Online Privacy Protection Act • The Communications Decency Act • Foreign Intelligence Surveillance Act (FISA) • Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM) • Federal Identity Theft and Assumption Deterrence Act
  • 10. Patchwork of 46 State Data Security Breach Notification Laws • 45 States and the District of Columbia • 7 States added laws within last two years: Alaska, District of Columbia, Iowa, Missouri, South Carolina, Virginia, West Virginia • State Agency Notification Requirement: Massachusetts, New Hampshire, New Jersey, New York, Maryland
  • 11. California Was the First In California . . . • Financial Information Privacy Act (Fin. Code § 4052) GLBA Counterpart - Financial Institutions - Nonpublic personal information • Consumer Credit Reporting Agencies Act (Civ. Code §§ 1785.1 et seq.) FCRA Counterpart • Information Practices Act of 1977 (Civ. Code §§ 1798 et seq.) • Data Breach Notification Law (Civ. Code § 1798.82)
  • 12. Massachusetts Is the Most Stringent • Data Security Regulations, 201 Code Mass. Regs (CMR) 17.00, effective March 1, 2010 • Businesses must have: -Written information security program - Heightened security procedures, including encryption - Vendor contract provisions re compliance are mandatory *contracts signed prior to 3/1/10 = 2 yr grace period *contracts signed after 3/1/10 = no grace period - Must take “reasonable steps to select and retain third-party providers that are capable of maintaining appropriate security measures”
  • 13. State Data Security Breach Notification Laws Generally Notice Requirements: • Data custodian to (i) data owner • Data owner to (ii) affected resident and (iii) possibly State Attorney General • Timing: (i) “immediately following discovery of the breach” (ii) “most expedient time possible and without unreasonable delay”
  • 14. Litigation Holds
  • 15. Definition of a Litigation Hold • A litigation hold is a directive to your client and others to preserve ESI or other information pertaining to the litigation. Michael R. Arkfeld, Arkfeld’s Best Practices Guide for Litigation Readiness and Hold, §3.2(A), page 62 (2008-2009 Ed.), citing, Zubulake v. UBS Warburg LLC 220 F.R.D. 212, 218 (S.D.N.Y.2003).
  • 16. Preservation Letter Checklist • Basic investigative work should uncover appropriate points to include in a litigation hold letter. • Common sense should guide the actual points to include in a preservation letter. • Not a discovery request. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
  • 17. Preservation Checklist • A party can disregard the request to preserve, but once the request has formally been made and evidence disappears, a preservation letter may place the discovering party in a superior position to seek sanctions or other relief. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
  • 18. Preservation Letter Checklist • At a minimum, a letter should begin with a general statement that the discovering party expects the party to preserve digital evidence that in all probability will be relevant to the issues in a case, or may lead to the discovery of such evidence. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
  • 19. Preservation Letter Checklist • The preservation letter should include a request that the other party suspend its regular document retention policy pending discovery. • The preservation letter should identify all of the possible locations where such evidence might conceivably reside. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
  • 20. Preservation Letters • The letter should inform the opposing party that a mere file backup of the hard drive is not adequate preservation. • The party must be instructed to image hard drive in bit-stream copies, where all areas, used and unused, of the hard drive are copied. • If a file is deleted before a backup is made, the deleted file will not be copied unless it is a bit-stream copy. • The letter should also request that deleted files that are reasonably recoverable be immediately undeleted. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
  • 21. A Very Bad Litigation Hold Letter • Hank has asked me to send this out to everyone. • All emails re Napster at this point are related to the litigation and should contain the “a/c” (attorney communications) symbol in the subject line and djohnson@fenwick.com should be ccd. We should not be sending e-mails on this subject anyway. Items from outsiders such as resumes do not require this. • Hank Barry UMG Recordings, Inc. v. Hummer Winblad Venture Partners (In re Napster, Inc. Copyright Litig.), 462 F. Supp. 2d 1060, 1064 (N.D. Cal. 2006).
  • 22. A Very Bad Litigation Hold Letter, Part 2 1. we do not retain e-mails, it is your responsibility to delete your handled e-mails immediately 2. we do not us e-mail to chat about matters related to public companies or matters such as the above 3. we do not retain written copies of e-mails in our files UMG Recordings, Inc. v. Hummer Winblad Venture Partners (In re Napster, Inc. Copyright Litig.), 462 F. Supp. 2d 1060, 1064 (N.D. Cal. 2006). Please also be aware of our e-mail policy. As we have all been required to surrender Napster e-mails, this should reinforce compliance with our long standing policies.
  • 23. A Very Bad Litigation Hold Letter, Part 3 4. our document retention policy is that we do not retain documents on any public or acquired company and retain limited information on private companies. all retained information is stored in central files, pls do not retain other docs in your own files unnecessarily 5. we do not retain files separate from our central files which are periodically checked for compliance to policies Please also review the above policies with any summer associates. UMG Recordings, Inc. v. Hummer Winblad Venture Partners (In re Napster, Inc. Copyright Litig.), 462 F. Supp. 2d 1060, 1064 (N.D. Cal. 2006).
  • 24. Triggering Event for the Duty to Preserve – “Reasonably Anticipated” – Pending, imminent, reasonably foreseeable. – A complaint has been filed – Discovery requests have been served Michael Arkfeld, Best Practices Guide for Litigation Readiness and Hold, §3.2(B) Preservation Obligation
  • 25. Document Destruction Policies No spoliation where documents destroyed as part of a routine housecleaning operation with no notice to enact a litigation hold. Cook Assocs. v. PCS Sales (USA), Inc., 271 F. Supp. 2d 1343, 1357 (D. Utah 2003)
  • 26. Duty to Preserve Includes the Following: • Relevant in the action; • Reasonably calculated to lead to the discovery of admissible evidence; • Reasonably likely to be requested during discovery, and/or • Subject of a pending discovery request. Zubulake v. UBS Warburg LLC, 220 F.R.D. 212, 216 (S.D.N.Y.2003); Wm. T. Thompson Co. v. General Nutrition Corp., 593 F. Supp. 1443, 1555 (C.D.Cal.1984)
  • 27. What the Duty to Preserve Doesn’t Include
  • 28. Relevant Documents to Preserve • [A]ny documents or tangible things (as defined by [Fed. R. Civ. P. 34(a))] made by individuals "likely to have discoverable information that the disclosing party may use to support its claims or defenses." Goodman v. Praxair Servs., 2009 U.S. Dist. LEXIS 58263 (D. Md. July 7, 2009)
  • 29. Relevant Documents to Preserve, 2 • Documents prepared for those individuals, to the extent those documents can be readily identified (e.g., from the "to" field in e- mails). • Information that is relevant to the claims or defenses of any party, or which is "relevant to the subject matter involved in the action." Thus, the duty to preserve extends to those employees likely to have relevant information--the "key players" in the case. Goodman v. Praxair Servs., 2009 U.S. Dist. LEXIS 58263 (D. Md. July 7, 2009)
  • 30. Spoliation
  • 31. Sanction Flavors • Sanctions can be imposed for negligent, gross negligent, willful and bad faith conduct. • Bad Faith - “[w]here a party destroys evidence in bad faith, that bad faith alone is sufficient circumstantial evidence from which a reasonable fact finder could conclude that the missing evidence was unfavorable to that party,” and thus the jury may be instructed that the lost evidence was adverse to the spoliating party. • Negligence or gross negligence: a judge may impose an adverse inference instruction or “less severe sanctions-such as fines and cost-shifting,” even without a showing that particular materials were lost. Pension Committee, at *18.
  • 32. Demonstrating Spoliation Moving Party Must Show: 1) That its adversary had control of the evidence and a duty to preserve it at the time it was lost or destroyed; 2) That the adversary had a "culpable state of mind" when the evidence was lost or destroyed; and 3) That the lost or destroyed evidence was "relevant" to the moving party's claims such that a reasonable trier of fact could find that it would support a claim. Arista Records LLC v. Usenet.com, Inc., 2009 U.S. Dist. LEXIS 5185 (S.D.N.Y. Jan. 26, 2009)
  • 33. Possible Sanctions • Adverse evidence jury instruction; • Excluding greater or lesser parts of the destroying party's evidence; • Dismissing a party's claims in whole or in part: or • Granting default judgment against a party in whole or in part. Toth v. Parish, 2009 U.S. Dist. LEXIS 16116, 7-8 (W.D. La. Mar. 2, 2009)
  • 34. Determining Sanctions • Factors in determining the appropriate sanctions for wrongful destruction of evidence include: • "1) the degree of fault of the party who altered or destroyed the evidence; • 2) the degree of prejudice suffered by the opposing party; and • 3) whether there is a lesser sanction that will avoid substantial unfairness to the opposing party and if the fault is serious, will serve to defer such conduct by others in the future." Toth v. Parish, 2009 U.S. Dist. LEXIS 16116 (W.D. La. Mar. 2, 2009)
  • 35. Speculation is Not Spoliation • Defendants asserted that Plaintiff's "concern" amounted to nothing more than mere speculation. • Plaintiff did not produced any evidence that suggested Defendants have not complied or do not intend to comply with their duty to preserve evidence. • Preservation order was not warranted. Gregg v. Local 305 IBEW, 2008 U.S. Dist. LEXIS 99075 (N.D. Ind. Dec. 8, 2008)
  • 36. Willful Conduct • Defendant was put on notice of a lawsuit because of unlicensed software usage. • Instead of enacting a litigation hold, the Defendant ordered the “software deleted immediately.” KCH Servs. v. Vanaire, Inc., 2009 U.S. Dist. LEXIS 62993 (W.D. Ky. July 21, 2009).
  • 37. Willful Conduct, 2 • The Defendant’s actions deprived the Plaintiff any opportunity to inspect relevant evidence once the lawsuit began. • The Court ordered the spoliation sanction of an adverse inference instruction, instead of a default judgment, for the Defendant’s obstructionism. KCH Servs. v. Vanaire, Inc., 2009 U.S. Dist. LEXIS 62993 (W.D. Ky. July 21, 2009).
  • 38. A Picture is worth a 1,000 words… • Defendants attempted to purchase $4.2 million painting. • Divorce and lawsuit for breach of contract. • Excel file with unknown origin. • Friend of Defendant’s kid reinstalled computer operating system. Green v. McClendon, 2009 U.S. Dist. LEXIS 71860 (S.D.N.Y. Aug. 13, 2009).
  • 39. …but sanctions are priceless. • Lawyer and Defendant both failed in their duty to preserve. • Plaintiff entitled to additional discovery and costs. Green v. McClendon, 2009 U.S. Dist. LEXIS 71860 (S.D.N.Y. Aug. 13, 2009).
  • 40. California e-Discovery & Litigation Hold Failures • Defendant failed to produce email messages & PST’s. • Defendants did not enact a litigation hold. • During the middle of trial, it was learned that the manufacturer still had not complied with discovery orders and directives. Doppes v. Bentley Motors, Inc., 174 Cal. App. 4th 967, 969 (Cal. App. 4th Dist. 2009)
  • 41. Sanctions Case remanded: (1) Strike Defendants’ answer and enter a default and default judgment against them on the fraud cause of action; (2) Made an express finding in the judgment that Defendants intentionally violated the Song- Beverly Consumer Warranty Act; (3) Entered an order granting the post-trial motion for attorney fees in the total amount of $ 402,187; (4) Reconsider the post-judgment motion for attorney fees in accordance with this opinion; and (5) Ordered further proceedings not inconsistent with the opinion, including a default prove-up on the fraud cause of action, imposition of civil penalties under Civil Code section 1794, and consideration of other relief sought in the complaint. Doppes v. Bentley Motors, Inc., 174 Cal. App. 4th 967, 1003 (Cal. App. 4th Dist. 2009)
  • 42. Resetting the Gold Standard • Pension Committee • 89 page opinion • Securities Litigation • Judge Scheindlin
  • 43. Gross Negligence The failure to issue a written litigation hold when litigation is reasonably anticipated is gross negligence. The Pension Committee of the University of Montreal Pension Plan, et al. v. Banc of America Securities LLC, et al., Amended Order, Case No. 05-cv-9016 (SDNY Jan. 15, 2010)
  • 44. What Happened? • Plaintiffs’ counsel's emails and memoranda “did not meet the standard of a litigation hold” because plaintiff's counsel failed to direct employees to preserve all relevant records and failed to create a mechanism for collecting records. • Memo required employees to determine what was relevant and to respond without supervision by counsel. • Memo did not instruct employees to suspend the destruction of potentially relevant records. • Plaintiffs did not issue a formal written litigation hold until 2007 – nearly four years after the triggering event. The Pension Committee of the University of Montreal Pension Plan, et al. v. Banc of America Securities LLC, et al., Amended Order, Case No. 05-cv-9016 (SDNY Jan. 15, 2010)
  • 45. Production Gaps • Defendants found gaps in document production from 13 plaintiffs • Requested declarations describing the preservation efforts • Found that “almost all of the declarations were false and misleading and/or executed by a declarant without personal knowledge of its contents.” Pension Committee, Amended Order, at *32-33
  • 46. The Hammer Falls: Gross Negligence • Six plaintiffs found grossly negligent – Failure to issue a written litigation hold prior to 2007; – Deleting ESI after the trigger event; – Failing to request documents from key players; – Delegating search efforts without any supervision from management; – Destroying backup tapes relating to key players where other ESI was not readily available; and/or – Submitting misleading or inaccurate declarations. Pension Committee, Amended Order, at *42-43
  • 47. “Merely” Negligent • 7 found merely negligent – “failure to institute a written litigation hold” was “not yet generally required” in early 2004 in Federal court in Florida. Pension Committee, Amended Order, at *64.
  • 48. Lessons Learned
  • 49. Lesson Learned: Self-Collection • Counsel must give direction and supervision to custodians on preservation. – One custodian said he had “no experience conducting searches, received no instruction on how to do so, had no supervision during the collection, and no contact with Counsel during the search.” • Employee must not search their own files since they become the sole decision maker as to the relevance of the search terms used. Pension Committee, Amended Order, at *62, 66.
  • 50. Lessons Learned: Finding Gross Negligence “[T]he following failures support a finding of gross negligence, when the duty to preserve has attached: [1] to issue a written litigation hold; [2] to identify all of the key players and to ensure that their electronic and paper records are preserved; [3] to cease the deletion of email or to preserve the records of former employees that are in a party's possession, custody, or control; and [4] to preserve backup tapes when they are the sole source of relevant information or when they relate to key players, if the relevant information maintained by those players is not obtainable from readily accessible sources.” The Pension Committee of the University of Montreal Pension Plan, et al. v. Banc of America Securities LLC, et al., Amended Order, Case No. 05-cv-9016 (SDNY Jan. 15, 2010)
  • 51. Rimkus: Litigation Holds…Texas Style! • Intellectual property case. • Group of employees left and filed suit against their former employer to release them from their non-compete agreements. • In countersuit, Rimkus Consulting claimed the former employees violated their non-competes and additionally made off with “trade secrets and proprietary information.” Rimkus Consulting Group, Inc. v. Cammarata, 2010 U.S. Dist. No. 07-cv-00405 (SDTX Feb. 19, 2010)
  • 52. Rimkus Result • Concluded willful destruction of evidence, although a significant amount of the incriminating evidence was recovered by the plaintiff. • Court was unwilling to issue an adverse inference instruction. • Would allow the jury to determine the implications of the defendants’ misconduct based on the facts. Rimkus Consulting Group, Inc. v. Cammarata, 2010 U.S. Dist. No. 07-cv-00405 (SDTX Feb. 19, 2010)
  • 53. Culpability Insight “Permissive” adverse inference sanction that instructed the jury to decide if the defendants intentionally deleted emails… and whether to infer that the lost information would have been unfavorable to the defendants.
  • 54. Data Breach Adventures
  • 55. Digital Forensics • Core: data collection, preservation, documentation and court room presentation – Defensible processes – Use methods that yield most accurate results (Gates Rubber Co. v. Bando American, Inc., 798 F.Supp. 1499, 1511 (D.Colo.1992). • Differences between forensic collection versus backup • Be proactive: have plan before you need the data
  • 56. Places to hide
  • 57. Forensic View of Empty Recycle Bin The files in the Recycle Bin were wiped…
  • 58. Wiping Sample
  • 59. Deleted Files (Free Space)
  • 60. Hidden Data in MS Word
  • 61. Analyzing hidden data sample from Letter Template.doc Document Name: hidden data sample from Letter Template.doc Path: C:Documents and SettingstcastrejonMy DocumentsMetaData Deck Document Format: Word Document Built-in document properties: Built-in Properties Containing Metadata: 2 Title: Deloitte Letter.dot Comments: Word Template v2004.1 08/22/2004 Document Statistics: Document Statistics Containing Metadata: 6 Creation Date: 7/18/2006 11:16:00 PM Last Save Time: 7/18/2006 11:29:00 PM Time Last Printed: 5/1/2002 4:04:00 PM Last Saved By: John Doe Revision Number: 5 Total Edit Time (Minutes): 13 Minutes Custom document properties: No Custom Document Properties Last 10 authors: NOT PROCESSED Document Metadata Sample
  • 62. Outlook Metadata
  • 63. EXIF Metadata
  • 64. Disk;;USB_DISK_2.0;077515B0166B&0;USB DISK 2.0 USB Device;06/03/09 07:54:59AM;04/04/09 09:29:41PM;7&1e544ac1&0 Disk;;USB_DISK_2.0;077516B01804&0;USB DISK 2.0 USB Device;04/04/09 09:29:41PM;04/04/09 09:29:41PM;7&11a53745&0 Disk;;USB_DISK_20X;074712910134&0;USB DISK 20X USB Device;06/17/09 04:40:12PM;04/04/09 09:29:41PM;7&1c48d21e&0 Disk;Apple;iPod;000A2700146E70D2&0;Apple iPod USB Device;04/04/09 09:29:41PM;04/04/09 09:29:41PM;7&d9cbdb&0 Disk;I-Stick2;IntelligentStick;FCA4B93FF2BFE451&0;I-Stick2 IntelligentStick USB Device;04/04/09 09:29:41PM;04/04/09 09:29:41PM;7&699ed73&0 DosDevicesE:;;0;??STORAGE#RemovableMedia#7&1c48d21e&0&RM#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b};074712910134&0 USB Devices
  • 65. Link File Name Created Written Accessed Volume Label Media Type Serial # Path 14aren.lnk 02/11/09 03:03:05PM 02/11/09 03:03:06PM 03/05/10 12:00:00AM NEW VOLUME Removable 14 F7 C2 E4 E:file_Rename14aren Customer_lists.pdf.lnk 03/05/10 06:51:58PM 04/15/09 06:16:26PM 03/05/10 12:00:00AM NEW VOLUME Removable 14 F7 C2 E4 E:secret_documents Customer_lists.pdf secret_documents.lnk 03/05/10 06:51:57PM 03/05/10 06:51:58PM 03/05/10 12:00:00AM NEW VOLUME Removable 14 F7 C2 E4 E:secret_documents Company_research_new _design.doc.lnk 03/05/10 06:51:57PM 06/02/05 09:39:22PM 03/05/10 12:00:00AM NEW VOLUME Removable 14 F7 C2 E4 E:secret_documents Company_research_n ew_design.doc Links Recently Accessed via Removable Media
  • 66. Encryption & PW Protection
  • 67. Live Memory •Encryption keys and  passwords •Email fragments •Document fragments •Malware
  • 68. Legal Considerations • Acceptable use policy • Subpoena • 4th Amendment • Cross border data transfer and privacy considerations – EU Safe Harbor – Local laws and regulations
  • 69. Complex world of laws and regulations present challenges  for records and information management Australia Federal Privacy Amendment Bill State Privacy Bills in Victoria, New South Wales and Queensland, new email spam and privacy regulations Numerous State Laws Breach Notification 41 States from CA to NY European Union EU Data Protection Directive and Member States Data Protection Laws, Safe Harbor South Africa Electronic Communications and Transactions Act US SOX, HIPAA, COPPA, FRCP, 21 CFR 11, ISO 15489, ANSI/AIIM TR48‐ 2004, PCI Data  Security Hong Kong Personal Data Privacy Ordinance Canada Federal/Provincial PIPEDA, FOIPPA, PIPA Chile Law for the Protection of Private Life South Korea Act on Promotion of Information and Communications Network Utilization and Data Protection India Law pending currently under discussion New Zealand Privacy Act Argentina Personal Data Protection Law, Confidentiality of Information Law Philippines Data Privacy Law proposed by ITECC Taiwan Computer- Processed Personal Data Protection Law Japan Personal Information Protection Act Regulatory Considerations
  • 70. Trends • Data will continue to expand to mobile side of your enterprise • Cloud computing
  • 71. Cloud Computing • Evidence Collection in the Cloud • Security in the Cloud • E-Discovery in the Cloud
  • 72. Thank You Tomas Castrejon General Dynamics Advanced Information Systems Network Defense and Digital Forensics 408.220.3113 Tomas.Castrejon@gd-ais.com Josh Gilliland, Esq. D4 LLC 650-576-3298 jgilliland@d4discovery.com www.bowtielaw.com Twitter @bowtielaw Stephanie Sparks, Esq. Hoge Fenton Jones & Appel 408.947.2431 sos@hogefenton.com www.hogefenton.com