The document discusses several topics related to e-Discovery:
1) Document retention policies are important for companies to establish in order to efficiently manage electronic discovery requests if litigation occurs. These policies help reduce unnecessary data and ensure ethical data deletion practices.
2) Electronic discovery, or e-Discovery, refers to the discovery process for electronically stored information in civil lawsuits. It presents unique challenges compared to paper documents due to issues like metadata and data volume.
3) The federal rules of civil procedure have been amended to address e-Discovery procedures and obligations regarding items like initial disclosures, discovery scope, and electronically stored information. Legal holds are also discussed as an important part of the e-Discovery process.
INTRODUCTION TO COMPUTER FORENSICS
Introduction to Traditional Computer Crime, Traditional problems associated with Computer Crime. Introduction to Identity Theft & Identity Fraud. Types of CF techniques – Incident and incident response methodology – Forensic duplication and investigation. Preparation for IR: Creating response tool kit and IR team. – Forensics Technology and Systems – Understanding Computer Investigation – Data Acquisition.
INTRODUCTION TO COMPUTER FORENSICS
Introduction to Traditional Computer Crime, Traditional problems associated with Computer Crime. Introduction to Identity Theft & Identity Fraud. Types of CF techniques – Incident and incident response methodology – Forensic duplication and investigation. Preparation for IR: Creating response tool kit and IR team. – Forensics Technology and Systems – Understanding Computer Investigation – Data Acquisition.
Records Retention And Destruction PoliciesRichard Austin
This presentation reviews the legal reasons for companies to establish a records retention and destruction policy and identifies the major steps in establishing a policy. It also presents a high level overview of the new Ontario e-Discovery rules.
Computer forensics is a very important branch of computer science in relation to computer and Internet related crimes. Earlier, computers were only used to produce data but now it has expanded to all devices related to digital data. The goal of Computer forensics is to perform crime investigations by using evidence from digital data to find who was the responsible for that particular crime.
For better research and investigation, developers have created many computer forensics tools. Police departments and investigation agencies select the tools based on various factors including budget and available experts on the team.
Introduction to Cyber forensics: Information Security Investigations, Corporate Cyber Forensics, Scientific method in forensic analysis, investigating large scale Data breach cases.
Analyzing Malicious software.
This presentation was given at the International Forensic Science Academy in 2009. The information contained within the presentation was gained from training in which I had previously participated. Due to the information previously being openly presented, I do not belive I am operating without the permission of the original authors. If anyone disagrees or wants credit, please contact me and I will either remove the content or add you as a citation.
Digital Forensics is the use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of digital evidence derived from digital devices.
Current Forensic tools: evaluating computer forensic tool needs, computer forensics software tools, computer forensics hardware tools, validating and testing forensics software E-Mail Investigations: Exploring the role of e-mail in investigation, exploring the roles of the client and server in e-mail, investigating e-mail crimes and violations, understanding e-mail servers, using specialized e-mail forensic tools. Cell phone and mobile device forensics: Understanding mobile device forensics, understanding acquisition procedures for cell phones and mobile devices
Types of Computer Forensics Technology, Types of Military Computer Forensic Technology, Types of Law Enforcement, Computer Forensic Technology, Types of Business Computer Forensic Technology, Specialized Forensics Techniques, Hidden Data and How to Find It, Spyware and Adware, Encryption Methods and Vulnerabilities, Protecting Data from Being Compromised Internet Tracing Methods, Security and Wireless Technologies, Avoiding Pitfalls with Firewalls Biometric Security Systems
Learning Objectives:
1. Understand how this unique, emergent form of evidence can be used for criminal investigations and civil litigation e-discovery.
2. Discover the DoJ memo to law enforcement uncovered by FOIA stressing why and how to use social media in criminal cases.
3. See social media evidence recovered from smart phones, personal computers, and the cloud.
4. Learn the ethics of social media evidence collection including what you can and cannot do, if you want to keep your license that is.
A more in-depth analysis of cyber forensics; but explained eloquently for the beginner, by Chaitanya Dhareshwar - Cyber Crime Investigator, Technocrat and Entrepreneur.
Learn what cyber forensics is all about and how you can begin using the basic tools of forensics in your day to day life. Not only does it make the world a safer place, your data remains significantly more secure.
Every step you take towards cyber security in this lawless internet allows you to achieve greater knowledge unhindered.
Anti-Forensics: Real world identification, analysis and preventionSeccuris Inc.
Reliance on forensic investigation of information systems has become a daily requirement for law enforcement and security practitioners around the world.
Effective evidence collection and analysis is the foundation of any investigation; identification of suspects, motives and methods demand the acquisition of the largest amount information that evidence can provide us. Anti-Forensics – Real world identification, analysis and prevention will discuss how criminals, attackers, non-enlightened investigators all have the ability to impact the amount useful information we have at our disposal. Michael will show the audience real world scenarios detailing how Anti-forensics tools are used to
hide and destroy incriminating evidence, outlining common anti-forensic techniques. This will be followed by discussion of hands-on identification and prevention
practices used to raise awareness around current academic research and identify potential solutions for practitioners and law enforcement organizations.
Records Retention And Destruction PoliciesRichard Austin
This presentation reviews the legal reasons for companies to establish a records retention and destruction policy and identifies the major steps in establishing a policy. It also presents a high level overview of the new Ontario e-Discovery rules.
Computer forensics is a very important branch of computer science in relation to computer and Internet related crimes. Earlier, computers were only used to produce data but now it has expanded to all devices related to digital data. The goal of Computer forensics is to perform crime investigations by using evidence from digital data to find who was the responsible for that particular crime.
For better research and investigation, developers have created many computer forensics tools. Police departments and investigation agencies select the tools based on various factors including budget and available experts on the team.
Introduction to Cyber forensics: Information Security Investigations, Corporate Cyber Forensics, Scientific method in forensic analysis, investigating large scale Data breach cases.
Analyzing Malicious software.
This presentation was given at the International Forensic Science Academy in 2009. The information contained within the presentation was gained from training in which I had previously participated. Due to the information previously being openly presented, I do not belive I am operating without the permission of the original authors. If anyone disagrees or wants credit, please contact me and I will either remove the content or add you as a citation.
Digital Forensics is the use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of digital evidence derived from digital devices.
Current Forensic tools: evaluating computer forensic tool needs, computer forensics software tools, computer forensics hardware tools, validating and testing forensics software E-Mail Investigations: Exploring the role of e-mail in investigation, exploring the roles of the client and server in e-mail, investigating e-mail crimes and violations, understanding e-mail servers, using specialized e-mail forensic tools. Cell phone and mobile device forensics: Understanding mobile device forensics, understanding acquisition procedures for cell phones and mobile devices
Types of Computer Forensics Technology, Types of Military Computer Forensic Technology, Types of Law Enforcement, Computer Forensic Technology, Types of Business Computer Forensic Technology, Specialized Forensics Techniques, Hidden Data and How to Find It, Spyware and Adware, Encryption Methods and Vulnerabilities, Protecting Data from Being Compromised Internet Tracing Methods, Security and Wireless Technologies, Avoiding Pitfalls with Firewalls Biometric Security Systems
Learning Objectives:
1. Understand how this unique, emergent form of evidence can be used for criminal investigations and civil litigation e-discovery.
2. Discover the DoJ memo to law enforcement uncovered by FOIA stressing why and how to use social media in criminal cases.
3. See social media evidence recovered from smart phones, personal computers, and the cloud.
4. Learn the ethics of social media evidence collection including what you can and cannot do, if you want to keep your license that is.
A more in-depth analysis of cyber forensics; but explained eloquently for the beginner, by Chaitanya Dhareshwar - Cyber Crime Investigator, Technocrat and Entrepreneur.
Learn what cyber forensics is all about and how you can begin using the basic tools of forensics in your day to day life. Not only does it make the world a safer place, your data remains significantly more secure.
Every step you take towards cyber security in this lawless internet allows you to achieve greater knowledge unhindered.
Anti-Forensics: Real world identification, analysis and preventionSeccuris Inc.
Reliance on forensic investigation of information systems has become a daily requirement for law enforcement and security practitioners around the world.
Effective evidence collection and analysis is the foundation of any investigation; identification of suspects, motives and methods demand the acquisition of the largest amount information that evidence can provide us. Anti-Forensics – Real world identification, analysis and prevention will discuss how criminals, attackers, non-enlightened investigators all have the ability to impact the amount useful information we have at our disposal. Michael will show the audience real world scenarios detailing how Anti-forensics tools are used to
hide and destroy incriminating evidence, outlining common anti-forensic techniques. This will be followed by discussion of hands-on identification and prevention
practices used to raise awareness around current academic research and identify potential solutions for practitioners and law enforcement organizations.
If you say the word “discovery” to a litigator, the reaction may not be kind. Discovery—the exchange of relevant information, usually in the form of documents or oral depositions, takes up the majority of a litigator’s time and costs clients the most money. This episode begins with a summary of the rules governing discovery. In particular, we discuss the new federal rules governing the preservation and discovery of electronic data and information, and the new concept of “proportionality” in discovery. We also discuss the practicalities of discovery: budgeting, tactics, and common opportunities and pitfalls. This hour demystifies a mystifying process, and to provide listeners with what they need to know to not get tripped up in litigation. At the very least, you will understand why the acronym “ESI” causes our panel to wince.
Part of the webinar series: NEWBIE LITIGATOR SCHOOL- 101 PART I 2022
See more at https://www.financialpoise.com/webinars/
Surviving Technology 2009 & The ParalegalAubrey Owens
Talking technology with Paralegal Studies Students at J. Sargent Reynolds Community College on February 25, 2009. Using Software as a Solution for information mangament through trial presentation.
Discovery Practice (Series: Newbie Litigator School - Fall Edition)Financial Poise
If you say the word “discovery” to a litigator, the reaction may not be kind. Discovery-the exchange of relevant information- usually in the form of documents or oral depositions, takes up the majority of a litigator’s time and costs clients the most money.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/discovery-practice-2020/
I presented comprehensive e-discovery webinar with Eric Mandel, national e-discovery counsel and leader of the information law practice group at Zelle Hofmann Voelbel & Mason LLP.
Here are a selection of the slides that I created for the presentation
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Building RAG with self-deployed Milvus vector database and Snowpark Container...Zilliz
This talk will give hands-on advice on building RAG applications with an open-source Milvus database deployed as a docker container. We will also introduce the integration of Milvus with Snowpark Container Services.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
2. Document Retention Policy
• Document retention means many things to many people depending on
their business.
• Sarbanes-Oxley’s (Sarbanes-Oxley's Document Retention Rules and Best Practices)
• HIPPA
• Can be mandated based on industry by either federal, or state
jurisdictions, sometimes both.
• Basically if you are not mandated to retain your documents, draft and
adhere to your own document retention policy. This will make any
electronic discovery process much more efficient.
• Adhering to your own document retention policy ensures your ethical
practices regarding data deletion if involved in litigation.
• An effective data retention policy should:
• Reduce “data artifacts”
• Reduce the amount of production and review: if involved in electronic discovery
• Properly store and delete company relevant data based on requirements set by the
organization or mandating authority.
• Address all relative data and storage options utilized by the company, pc hard disks,
servers, mobile devices, tapes, archives, off-site storage
3. Electronic Discovery
• Electronic discovery (or e-discovery) refers to discovery in civil litigation
which deals with information in electronic format also referred to as
Electronically Stored Information (ESI). Electronic information is different
from paper information because of its intangible form, volume, transience
and persistence. Also, electronic information is usually accompanied by
metadata, which is not present in paper documents. However, paper
documents can be scanned into electronic format and then manually
coded with metadata. The preservation of metadata from electronic
documents creates special challenges to prevent spoliation.
• Electronic discovery was the subject of amendments to the Federal Rules
of Civil Procedure, effective December 1, 2006.[1] shows the changes, the
complete Rules, where in particular rules 16 and 26 are of interest to
electronic discovery.
* source http://en.wikipedia.org/wiki/Electronic_discovery
4. Federal Rules of Civil Procedure
Related to e-Discovery
Rule 16. Pretrial Conferences; Scheduling; Management
(a) Purposes of a Pretrial Conference.
(3) discouraging wasteful pretrial activities;
(b) Scheduling
(3) Contents of the Order.
(A) Required Contents. The scheduling order must limit the time to join other parties, amend the
pleadings, complete discovery, and file motions.
(B) Permitted Contents. The scheduling order may:
(i) modify the timing of disclosures under Rules 26(a) and 26(e)(1);
(ii) modify the extent of discovery;
(iii) provide for disclosure or discovery of electronically stored information;
(c) Attendance and Matters for Consideration at a Pretrial Conference.
(2) Matters for Consideration
(F) controlling and scheduling discovery, including orders affecting disclosures and discovery under Rule
26 and Rules 29 through 37;
* Source : http://www2.law.cornell.edu/rules/frcp/Rule16.htm
5. Federal Rules of Civil Procedure
Related to e-Discovery
Rule 26. Duty to Disclose; General Provisions Governing Discovery
(a) Required Disclosures
(1) Initial Disclosures
(A)In General. Except as exempted by Rule 26(a)(1)(B) or as otherwise stipulated or ordered by the court,
a party must, without awaiting a discovery request, provide to the other parties:
(ii) a copy — or a description by category and location — of all documents, electronically stored information, and
tangible things that the disclosing party has in its possession, custody, or control and may use to support its claims or
defenses, unless the use would be solely for impeachment;
(b) Discovery Scope and Limits.
(2) Limitations on Frequency and Extent
(B) Specific Limitations on Electronically Stored Information. A party need not provide discovery of
electronically stored information from sources that the party identifies as not reasonably accessible
because of undue burden or cost. On motion to compel discovery or for a protective order, the party from
whom discovery is sought must show that the information is not reasonably accessible because of undue
burden or cost. If that showing is made, the court may nonetheless order discovery from such sources if
the requesting party shows good cause, considering the limitations of Rule 26(b)(2)(C). The court may
specify conditions for the discovery.
(C) When Required. On motion or on its own, the court must limit the frequency or extent of discovery
otherwise allowed by these rules or by local rule if it determines that:
(i) the discovery sought is unreasonably cumulative or duplicative, or can be obtained from some other source that is
more convenient, less burdensome, or less expensive;
(ii) the party seeking discovery has had ample opportunity to obtain the information by discovery in the action; or
(iii) the burden or expense of the proposed discovery outweighs its likely benefit, considering the needs of the case,
the amount in controversy, the parties' resources, the importance of the issues at stake in the action, and the
importance of the discovery in resolving the issues.
6. Federal Rules of Civil Procedure
Related to eDiscovery
Rule 26. Duty to Disclose; General Provisions Governing Discovery
(b) Discovery Scope and Limits
(3) Trial Preparation: Materials.
(A) Documents and Tangible Things.
(B) Protection Against Disclosure.
(C) Previous Statement.
(5) Claiming Privilege or Protecting Trial- Preparation Materials.
(B)Information Produced.
(c) Protective Orders
(1) In General
(2) Ordering Discovery
(d) Timing and Sequence of Discovery
(1) Timing
(2) Sequence
(e) Supplementation of Disclosures and Responses.
(1) In General
(2) Expert Witness.
(f) Conference of the Parties; Planning for Discovery
(3) Discovery Plan.
*source: http://www2.law.cornell.edu/rules/frcp/Rule26.htm
7. Electronically Stored Information (ESI)
• Electronically stored information, for the purpose of the Federal Rules of Civil
Procedure (FRCP) is information created, manipulated, communicated, stored, and
best utilized in digital form, requiring the use of computer hardware and software.
The term has become a legally defined phrase as the U.S. government determined
for the purposes of the FRCP rules of 2006 that promulgating procedures for
maintenance and discovery for electronically stored information was necessary. [1]
• Types of ESI
(1)Native Files (Office documents ect…)
(2)Logical Data (RAM)
[1]source: http://en.wikipedia.org/wiki/Electronically_stored_information_(Federal_Rules_of_Civil_Procedure)
[2] Electronically Stored Information: The December 2006 Amendments to the Federal Rules of Civil Procedure http://www.law.northwestern.edu/journals/njtip/v4/n2/3/
8. e-Discovery as Experienced
The process as experienced:
• Requesting attorney/party issues legal hold (usually broad), or requests financial impact
information for the legal hold they are about to request.
• Responding attorney/party rebuts request as too broad or implements legal hold on electronic
information to the specified requirements of the request.
• Parties conference and discovery requirements are mandated.
• Responding party performs discovery on the data specified in the time frame required.
• Information/documents produced from the discovery are given to counsel to review for privileged
information.
• Non-privileged information is given to requesting party in the specified required formats.
Note: IT Department staff may be depositioned by requesting party counsel to assist them in developing
their discovery requirements.
• Typically this is a “data hunt” by the complainant counsel to discover what types of data are
available, any data retention policies that exist, and in what formats the data is in.
• This may even get into “known” information such as if the IT personnel is aware of any data
destruction that has occurred since a legal hold has been requested. Or, if the IT personnel has
assisted any specific employees in question with data deletion.
9. Legal Hold
• With changes to the Federal Rules, the landmark Zubulake and Morgan Stanley
cases, and the Supreme Court analyzing how document retention policies are
enforced, corporate practices around the retention/ destruction of electronically
stored information (ESI) have never been more important.
• The “legal hold” operates at the intersection of litigation and corporate retention
practices, and it has emerged as an almost-obligatory component of a company's
response to notice or reasonable anticipation of litigation. The basis of this
obligation is the common law duty against spoilation; that is, the duty to avoid the
loss of, destruction of, or failure to preserve information that may be relevant to
pending or potential proceedings.
• In a pre-digital age, this duty was fairly straightforward: Don’t burn or shred the
documents in your desk drawers or file cabinets. But modern businesses generate
massive amounts of digital information, which is created and stored in an ever-
expanding number of devices and locations, and which can be destroyed without
any affirmative action. As a result, effective legal hold practices involve significantly
more than merely issuing an internal letter and sitting back until the official
discover process begins.
* source : http://www.lexisnexis.com/applieddiscovery/lawlibrary/whitePapers/ADI_WP_LegalHolds.pdf
10. The Sedona Conference®
Best Practices Recommendations & Principles for
Addressing Electronic Document Production
1. Electronically stored information is potentially discoverable under Fed. R. Civ. P. 34 or its state
equivalents. Organizations must properly preserve electronically stored information that can
reasonably be anticipated to be relevant to litigation.
2. When balancing the cost, burden, and need for electronically stored information, courts and
parties should apply the proportionality standard embodied in Fed. R. Civ. P. 26(b)(2)(C) and its
state equivalents, which require consideration of the technological feasibility and realistic costs of
preserving, retrieving, reviewing, and producing electronically stored information, as well as the
nature of the litigation and the amount in controversy
3. Parties should confer early in discovery regarding the preservation and production of
electronically stored information when these matters are at issue in the litigation and seek to
agree on the scope of each party’s rights and responsibilities
4. Discovery requests for electronically stored information should be as clear as possible, while
responses and objections to discovery should disclose the scope and limits of the production
5. The obligation to preserve electronically stored information requires reasonable and good faith
efforts to retain information that may be relevant to pending or threatened litigation. However, it
is unreasonable to expect parties to take every conceivable step to preserve all potentially
relevant electronically stored information
6. Responding parties are best situated to evaluate the procedures, methodologies, and
technologies appropriate for preserving and producing their own electronically stored
information
7. The requesting party has the burden on a motion to compel to show that the responding party’s
steps to preserve and produce relevant electronically stored information were inadequate
11. The Sedona Conference®
Best Practices Recommendations & Principles for
Addressing Electronic Document Production
8. The primary source of electronically stored information for production should be active data and information.
Resort to disaster recovery backup tapes and other sources of electronically stored information that are not
reasonably accessible requires the requesting party to demonstrate need and relevance that outweigh the costs
and burdens of retrieving and processing the electronically stored information from such sources, including the
disruption of business and information management activities
9. Absent a showing of special need and relevance, a responding party should not be required to preserve, review,
or produce deleted, shadowed, fragmented, or residual electronically stored information
10. A responding party should follow reasonable procedures to protect privileges and objections in connection with
the production of electronically stored information
11. A responding party may satisfy its good faith obligation to preserve and produce relevant electronically stored
information by using electronic tools and processes, such as data sampling, searching, or the use of selection
criteria, to identify data reasonably likely to contain relevant information
12. Absent party agreement or court order specifying the form or forms of production, production should be made
in the form or forms in which the information is ordinarily maintained or in a reasonably usable form, taking into
account the need to produce reasonably accessible metadata that will enable the receiving party to have the
same ability to access, search, and display the information as the producing party where appropriate or
necessary in light of the nature of the information and the needs of the case
13. Absent a specific objection, party agreement or court order, the reasonable costs of retrieving and reviewing
electronically stored information should be borne by the responding party, unless the information sought is not
reasonably available to the responding party in the ordinary course of business. If the information sought is not
reasonably available to the responding party in the ordinary course of business, then, absent special
circumstances, the costs of retrieving and reviewing such electronic information may be shared by or shifted to
the requesting party
14. Sanctions, including spoliation findings, should be considered by the court only if it finds that there was a clear
duty to preserve, a culpable failure to preserve and produce relevant electronically stored information, and a
reasonable probability that the loss of the evidence has materially prejudiced the adverse party
12. Discussion Points
• Legal professionals don’t fully understand information
technology and the extent of their requests. How does
this impact IT/IS?
• Using cost-shifting as an effective tool to reducing e-
Discovery requests.
• Why would my company need a data retention policy?
• Is data governance important to managing litigious
corporate data?
• Ethical, practical, and efficient data retention
• Does it exist?
• Who’s managing it?