LAWTECH GURU BLOG by Jeff Beard

Presenting on Litigation Readiness Teams in D.C., May 15th-16th

Next week, I am leading the panel discussion on "Litigation Readiness: The Team is Growing and Evolving" at the International Litigation Support Leaders Conference being held in Washington D.C. on May 15th & 16th.

In today's complex litigation where ESI is now the norm, numerous organizations and teams all need to work effectively with each other, have clean lines of communication and expectations, and yet it's not always clear who's doing the driving. Please join me for an interactive and informative session sharing the challenges, best practices and take-aways for litigation professionals, corporate teams, and more.

The conference is organized by the great people at Litigation Support Today Magazine. They've assembled an impressive list of presenters that reads like a "Who's Who" in litigation support and eDiscovery professionals, and I'm looking forward to many interesting discussions.

Announcing My New E-Discovery Position

I'm very pleased to announce that I've joined Electronic Evidence Discovery, Inc. (EED) as Senior Consultant, reporting directly to the VP of Consulting Services. In my new role, I'll be advising law departments in their overall litigation readiness, legal hold, and e-mail and document retention strategies, processes, and solutions. In addition, I'll be consulting on active litigation matters to provide enhanced strategy and guidance.

On a personal note, I'm pleased to join a company who has been a trendsetter in directing eDiscovery technologies and methodologies for over 20 years, a rarity in this often volatile market. Great company, with fantastic people who really know their stuff. I'm particularly excited as my new responsibilities will draw on my deep experience with corporate legal departments, law firms, and enterprise business units and systems. In other words, I understand their specific challenges as I've been there too, as a practicing attorney, corporate legal IT manager, and large law firm and legal technology consultant. As a law firm executive director recently shared with me, "finding someone who can think like a lawyer and understand 'tech speak' is a rare animal."

I'm also a Six Sigma Green Belt with extensive experience with systems and processes that include e-mail and document retention, electronic invoicing, matter and document management, and enterprise content management. Thus I understand the challenges corporate teams face in managing their data, as well as in designing and implementing effective processes to improve defensibility and compliance. In addition, a number of companies are looking ahead to their "next steps" to proactively address these issues, which include evaluating whether and how to bring more preservation and collection efforts in-house, retooling or refining their data retention policies and practices, and further automating and systemizing their litigation hold processes.

I'll repeat the disclaimer that the posts and opinions expressed on this blog are solely my personal opinions and viewpoints. They do not represent or reflect (nor are they intended to represent or reflect) the positions, opinions, viewpoints, policies and/or statements of my employer or any other entity or person.

As always, if you'd like to discuss anything or just want to bounce ideas around, please feel free to contact me via the e-mail link at the top of my blog.

A PSA for Qualcomm Counsel

I really enjoyed watching this video, an interesting awareness test.

It's a public service announcement to watch out for cyclists. But its main message is equally applicable to managing and finding your own data. As the announcer says at the end, "It's easy to miss something you're not looking for." (And, sometimes, for things you are.)

It often takes a fresh and expert eye to spot what others have missed. Don't be afraid to seek them out, as it's often more cost-effective than missing what's in plain view.

Free "Shadow Explorer" Displays & Recovers Shadow Copies on Any Version of Vista

I've posted previously about Vista's Shadow Copy feature, and its security and e-discovery implications. Having explored it a bit more over the past several months, here are some things legal and IT professionals should know about it. Consider it a crash course in Vista Shadow Copies, and I'll share how to get a new utility program for accessing and restoring these hidden files.

Please keep in mind some of these items are based on information found online including unofficial sources, so it's best taken as my personal interpretation of that information (meaning that if I've unintentionally stated something incorrectly, don't hold it against me, and I would appreciate constructive feedback):

• Numerous postings online have stated that by default, all versions of Vista automatically create shadow copies of your documents and other user data files and folders as part of the "System Restore" feature.



• You can turn off "System Restore" to disable shadow copies, but it's a bit of throwing the baby out with the bath water. You see, "System Restore" allows you to roll back the clock on your system to an earlier (and hopefully more stable) state. This is incredibly useful whenever your Vista system experiences problems (such as after installing a problematic program, driver, or update, adverse registry changes, etc.). FYI, newer Apple operating systems offer a somewhat similar feature called "Time Machine".



• By default, Vista allocates 15% of the drive's size or 30% of available free space, whichever is smaller, for storing this data. In Vista, Microsoft removed the nice slider control available in Windows XP, so changing its space allocation requires some arcane text commands with administrator privileges. Thus most users will just leave it as-is. On larger hard drives, this creates a fairly large backup cache. For instance, on a new 200GB hard drive, up to 30GB would be dedicated to storing these hidden backups. When the allocated space fills up, Vista deletes the oldest backups as needed to make room for the new ones.



• However, only the Ultimate, Business, and Enterprise editions of Vista actually allow users to access and retrieve the hidden shadow copies via the "Previous Versions" feature in Windows Explorer.



• This means the Vista Home Basic and Premium versions create these hidden shadow copies but do not provide any way for their users to access or retrieve them. This results in potentially large amounts of wasted disk space and additional data retention concerns. Perhaps Microsoft intended this as a teaser to entice Home users to upgrade to Vista Ultimate, but they really should have disabled shadow copies on those editions or alternately provided the "Previous Versions" feature to access and restore them as needed.



• To help address these issues, Shadow Explorer is a free basic utility program (not affiliated with Microsoft) which allows these users of other Vista versions to access and restore these prior shadow copy backups. However, unlike "Previous Versions", it requires administrator privileges to run. (But see my caveat at the end of this post since it's a 0.1 release.)



• Even Vista Ultimate, Business, and Enterprise users and IT departments may find Shadow Explorer of use. I've discovered firsthand that Vista's "Previous Versions" feature is dependent on a number of system and service prerequisites, and the lack of any one of them will disable the ability to access and restore these Previous Versions. For instance, disabling a drive's administrative share, certain Windows services, or networking settings can all disable the "Previous Versions" listing in Vista Ultimate even though the backups are still present on the drive.



• Tip: If you have Norton Internet Security installed and have run its "Security Inspector", it may have reported and disabled several hidden administrative drive shares (such as C$) as security risks (which they are indeed). However, as mentioned above, these administrative shares are necessary for "Previous Versions" to function in Vista. So if you want to leave these shares disabled for better security, the Shadow Explorer utility program allows you to access and restore shadow backups even though Vista's own "Previous Versions" feature is disabled.

As you can easily surmise by now, Vista's Shadow Copy feature is a mixed bag. The above complexities and issues are partially caused by the fact that Microsoft elected to combine the Windows system file backup (System Restore) with the data file backup (Shadow Copies a/k/a Previous Versions). While an expedient choice, I would have greatly preferred having the additional option to turn off the users' data file Shadow Copies while allowing the System Restore to operate normally. Microsoft, are you listening?

Organizations interested in migrating to Vista will need to explore these issues in more detail before crafting their security and group policies. I expect some will elect to disable System Restore altogether and rely upon other system restoration methods to address user support issues as they arise. Others may move user folders onto a separate disk partition or drive and simply turn off "System Protection" for that location. Such options may improve Vista's performance if it's not churning away saving hidden backup copies, and it's usually a good idea to separate documents from program files for a number of valid reasons.

So it's all the more puzzling to try to understand why Microsoft chose to disable access for Vista home users, as they are the ones most likely wanting to use and restore Shadow Copies. I seriously doubt informed businesses would want multiple hidden document versions floating around on their corporate laptops and desktops, particularly in light of numerous regulatory and litigation concerns.

Shadow Explorer Tutorials can be found at:
http://www.howtogeek.com/howto/windows-vista/recover-files-with-shadow-copies-on-any-version-of-windows-vista/
http://www.shadowexplorer.com/documentation/manual.html

Please keep in mind that Shadow Explorer is a very basic version 0.1 release. While it worked fine for me during my brief testing, it may contain bugs and other issues consistent with a new release. With that said, it provides an easy way to access, view, and restore the various shadow copies in Windows Vista. I applaud the author for providing such a useful tool, and for considering these additional planned features as it's developed further.

Breaking through the ESI Inaccessibility Wall - Feature Guide

My latest article, "Breaking through the Inaccessibility Wall -- A New Angle", is published in the current February/April 2008 issue of Litigation Support Today magazine. You can download the PDF reprint here.

Corporate counsel struggling with records retention should be among the first to read this, as their regular business information can be used against them in unforeseen ways. Indeed, my alternate title for this practical guide is "Call the Help Desk, Your Accessibility is Showing". From discussions with various corporate and outside counsel, a common misconception under the new rules is that backup tapes are an inaccessible “safe harbor” media as long as one asserts they are only used for disaster recovery. Depending on the specific facts, this could prove to be a costly assumption as newer decisions consider the totality of the burden and cost under Rule 26(b).

As a result, I suggest a novel but very practical approach to challenge or confirm an opposing party's assertions using business intelligence methods and their own data. In accessibility matters, courts are increasingly demanding objective data on which to base their discovery rulings rather than relying upon subjective arguments and affidavits claiming excessive time and expense are required. It’s also contemplated in the Committee Notes regarding sampling and other techniques.

As an example, corporate help desk logs can be used to quantify the frequency and purposes for which backup media are being accessed. However, other seemingly mundane systems and data may be useful and relevant. This further illustrates why companies continue to need savvy e-discovery professionals to bridge the legal/IT gap and identify opportunities and weaknesses others have missed. I also provided an update on how the backup technology landscape is changing and what you should know about it when dealing with ESI accessibility issues.

2008 Corporate Legal Technology Trends @ InsideCounsel

From insourcing the e-discovery process to automated document review, the world of legal technology is rapidly changing. If you missed LegalTech New York or just want to keep up on the current trends, my latest InsideTech column at InsideCounsel will bring you up to speed.

Among other hot topics, LegalTech was brimming with discussion on the Qualcomm fallout, records retention, proactive approaches, and automated review. In addition, I covered key issues such as cost reduction, the effects of globalization, data privacy, and outsourcing/insourcing. With recessionary concerns on the rise, corporate law departments are being asked to do more with less, and these issues will continue to compound through 2008 and into 2009.

Download Gartner's E-Discovery Vendor Market Analysis

Thanks to Guidance Software, who received Gartner's highest rating as a "Strong Positive", you can download Gartner's research note, "MarketScope for E-Discovery and Litigation Support Vendors, 2007", dated Dec. 14, 2007.

Gartner included 29 e-discovery vendors in its analysis. Its weighted evaluation criteria was based on each vendor's Market Understanding, Innovation, Market Responsiveness and Track Record, Offering (Product) Strategy, Business Model, Customer Experience, and Marketing Strategy. Gartner then rated each vendor on a 5-scale range between "Strong Negative" and "Strong Positive".

Keep in mind that analysts' projections and predictions should be taken as just that — sometimes they're right on and sometimes they miss the mark. With that said, this makes for an interesting current summary of the vendors' relative strengths and weaknesses, as well as providing further insight into the ever-changing e-discovery market.

Perhaps the most telling predictions are found in the executive summary:

"STRATEGIC PLANNING ASSUMPTION(S)
By the end of 2008, there will be four viable categories of vendors in the e-discovery market: platform players, review and analysis platforms, collection, preservation and processing and full service outsourcers. By the end of 2008, there will be 25% fewer vendors claiming to have e-discovery functionality." (emphasis added) Time will tell whether this will be from continued market consolidation and shakeout, and/or from other factors.

The research helps confirm that enterprise transformations will not happen overnight: "Through at least YEO8, enterprises should acquire tools in this market tactically. Achieving full proactive control over unstructured data — which is the ultimate answer to e-discovery challenges — will take between five and 10 years for most enterprises." "Few software vendors offer credibly complete solutions for e-discovery. Enterprises can, however, select products tactically to begin their long-term e-discovery strategy."

I agree it will take years, and may not even occur completely for some. When you consider large global Fortune 500 companies having numerous different systems deployed throughout different geographical and functional groups, there is no immediate silver bullet. It will take time for companies to define and analyze their needs, gaps, and problem areas, and then select and implement these solutions, not to mention effectuating the necessary change management throughout their organizations.

Congratulations to Guidance Software, and I'm sure many will appreciate having access to this market research.

Qualcomm Sanctions Handed Down, Lessons Learned

Yesterday, the U.S District Court for the Southern District of California handed down the sanctions in the high-profile Qualcomm Incorporated vs. Broadcom Corporation case. In some aspects, this case is similar to the earlier Rambus memory case -- where one high-tech company participated in a standards-setting committee to gain an inappropriate business advantage over their competitors. In the Qualcomm case, Qualcomm could not win their patent infringement case against Broadcom if it was found that it had previously participated in the standards-setting body. Thus thousands of requested e-mails were not produced during discovery, and their existence was denied.

The 42-page order describes the circumstances and the court's reasoning. Both Qualcomm and its outside attorneys were sanctioned for what it called a "monumental discovery violation." Qualcomm either hid the existence of extremely damaging e-mails throughout, or at the very least stuck their heads in the sand by not searching key custodians' data. Either way, it's clear Qualcomm committed severe discovery violations. The court's problem was in determining the role played by their outside counsel, particularly as Qualcomm preserved its attorney-client privilege, which prevented outside counsel from fully defending their actions. Thus the court reasonably described four alternate scenarios regarding Qualcomm's outside counsel's knowledge and actions relative to the undisclosed e-mails that were substantially adverse to Qualcomm's case:

"The next question is what, if any, role did Qualcomm's retained lawyers play in withholding the documents? The Court envisions four scenarios. First, Qualcomm intentionally hid the documents from its retained lawyers and did so so effectively that the lawyers did not know or suspect that the suppressed documents existed. Second, the retained lawyers failed to discover the intentionally hidden documents or suspect their existence due to their complete ineptitude and disorganization. Third, Qualcomm shared the damaging documents with its retained lawyers (or at least some of them) and the knowledgeable lawyers worked with Qualcomm to hide the documents and all evidence of Qualcomm's early involvement in the JVT. Or, fourth, while Qualcomm did not tell the retained lawyers about the damaging documents and evidence, the lawyers suspected there was additional evidence or information but chose to ignore the evidence and warning signs and accept Qualcomm's incredible assertions regarding the adequacy of the document search and witness investigation."

The court rejected the first three (partially due to Qualcomm preserving its attorney-client privilege and lack of direct evidence on the third), and found the fourth option to be most likely given these constraints:

"Thus, the Court finds it likely that some variation of option four occurred; that is, one or more of the retained lawyers chose not to look in the correct locations for the correct documents, to accept the unsubstantiated assurances of an important client that its search was sufficient, to ignore the warning signs that the document search and production were inadequate, not to press Qualcomm employees for the truth, and/or to encourage employees to provide the information (or lack of information) that Qualcomm needed to assert its non-participation argument and to succeed in this lawsuit. These choices enabled Qualcomm to withhold hundreds of thousands of pages of relevant discovery and to assert numerous false and misleading arguments to the court and jury. This conduct warrants the imposition of sanctions."

In all the lengthy discussion, however, here's the money quote for those engaged in electronic discovery efforts:

"This dilemma highlights another problem with Qualcomm's conduct in this case. The Federal Rules of Civil Procedure require parties to respond to discovery in good faith; the rules do not require or anticipate judicial involvement unless or until an actual dispute is discovered. As the Advisory Committee explained, "[i]f primary responsibility for conducting discovery is to continue to rest with the litigants, they must be obliged to act responsibly and avoid abuse." Fed. R. Civ. P. 26(g) Advisory Committee Notes (1983 Amendment). The Committee's concerns are heightened in this age of electronic discovery when attorneys may not physically touch and read every document within the client's custody and control. For the current "good faith" discovery system to function in the electronic age, attorneys and clients must work together to ensure that both understand how and where electronic documents, records and emails are maintained and to determine how best to locate, review, and produce responsive documents. Attorneys must take responsibility for ensuring that their clients conduct a comprehensive and appropriate document search. Producing 1.2 million pages of marginally relevant documents while hiding 46,000 critically important ones does not constitute good faith and does not satisfy either the client's or attorney's discovery obligations. Similarly, agreeing to produce certain categories of documents and then not producing all of the documents that fit within such a category is unacceptable. Qualcomm's conduct warrants sanctions." (emphasis added)

Thus legal professionals are again cautioned that it is not sufficient to blindly rely upon a client's collection and production, whether it be paper or electronic. I came across this issue a number of times when involved in business litigation. Due to the huge volume of electronic data, it's tempting for a number of reasons to rely upon the data set produced to the law firm. However, as the court correctly held, that's not sufficient in of itself, especially when surrounding circumstances give rise to these concerns. From reading the ruling and earlier reports, I think it's fair to say that both Qualcomm and its outside counsel engaged in excessive gamesmanship, gambled, and lost big time.

Thus it's important for outside counsel to have access to a client's ESI, to direct their efforts, and to even withdraw if the client refuses. That's easier said than done, especially when an important big client flexes its muscles. However, it's still very important to prevent your firm from knowingly or unknowingly being made part of a fraud upon the court. It's also incumbent on outside counsel to conduct reasonable searches of the information themselves. While this is often delegated to more junior staff, senior attorneys are still responsible to ensure it has occurred. While some senior attorneys may not be particularly tech-savvy, they understand the importance of identifying and producing relevant and responsive documents, they understand the role that e-mail plays in modern litigation as a form of correspondence, and should know that sooner or later, it's going to bite them and their client if not appropriately addressed early on. Besides, most litigators know that it's usually better to disclose bad news yourself than have it come from the other side.

What's so surprising in this case is that Qualcomm was in possession of those e-mails before it filed suit against Broadcom, and therefore should have known it had critical weaknesses in its case. While unfortunate for all involved, at least it serves as yet another example of what not to do in handling problem items in electronic discovery.

More coverage of the ruling is found on Law.com.

Are Legal Service & E-Discovery Providers Becoming a Commodity?

It's funny how personal events tend to lead me into various thoughts and discussions about the legal market. Yesterday I flipped on my digital cable box to see that effective with the new year, Comcast has taken over Insight's cable business in Illinois. Knowing that Comcast has had several years of turbulent press (e.g., regarding tracking customers' web history, firing customers who used "too much" of their broadband connection, and the latest controversy over interfering with customers' BitTorrent file transfers), I did a little Googling to reacquaint myself with the latest news and blog posts.

In doing so, I found this insightful post at the Manifest Destiny blog. The gist is that broadband ISP providers are afraid to admit to themselves that they're just selling a mere commodity -- shipping bits. And, that it's virtually impossible for them to be honest with their customers if they can't first be honest with themselves. Before I relate this to the legal market, let me quote the following to help put things into clearer perspective:

"It must be pretty awful to wake up one day and suddenly realize that you're in a commodity business. As a software developer I've at least had a taste of it - it was unsettling to realize that an army of developers in Bangalore could churn out code better than I could, dollar for dollar. I had fooled myself into believing that what I was selling was so extraordinary and great that people would be begging - begging! - for me to deign to craft some SQL and PHP on their behalf. Such a rarified gift! Such a technical artiste!

When you realize that you're selling a mere commodity your ability to profit (and extract rents) from your cleverness is severely limited. It won't help to roll out an ad campaign or make the product mint-scented. You can't differentiate your product from your competitors'. It's all pretty much the same. The users can't tell the difference. All you can do is sell as much of it as you can while spending as little money as possible."

Which got me to thinking, "Haven't we been experiencing this in the legal market?" Legal work is being outsourced to armies of contract reviewers both here and abroad. Some of these lawyers aren't employed directly by law firms, as e-discovery providers are quick to tout their expanding review centers and legal outsourcing companies are growing. There are more e-discovery service providers than hardly anyone can keep track of (although my friend George Socha provides great value in doing so with Tom Gelbmann). Like the constant M&As in the wired and wireless telcos, e-discovery vendors are continuously being merged, acquired, and/or creating strategic partnerships with their "coopetition".

Is "Distinguishing" Easier Spun Than Done?

At various conferences this past year, such as ILTA's and ACC's annual conferences, plus the IQPC 4th E-Discovery Conference, I've asked many e-discovery vendors -- especially the conversion and hosting providers -- what distinguishes their services from their competitors? Some were quick to mention their proprietary web-based hosting and review software, while others point to their lower-cost contract legal reviewers, high-tech review centers, high-volume capacity, and/or quick turnaround. A few also mentioned either their top Socha-Gelbman survey rankings and/or their blue chip client list. While certainly impressive factors, these last two didn't serve to distinguish what they actually do.

Very few, if any, truly offer the full soup-to-nuts range of services all by themselves (i.e., without partnering). This isn't a criticism, mind you, as it's extremely difficult to build and excel in all aspects of the EDRM model by yourself, especially in the deadline-driven high-volume and high-stakes cases. Instead, several have distinguished themselves with niche software mousetraps for litigation holds and e-mail analysis. Others have begun building litigation-readiness consulting teams to get their feet in the door. I have to say I sincerely appreciated all their candor and hospitality, and overall found it to be a very congenial group of dedicated professionals trying their best to help their clients.

But for the most part, when I speak with lawyers and e-discovery consultants (some of which are both), many feel it's difficult to see any significant differentiation from a client's perspective, at least until they've had a chance to work together on projects. It's far easier for me to speak with friends and colleagues at law firms and in-house legal departments to hear who they've had good luck with (and those who have not been so good), than in trying to determine this from the e-discovery and law firm providers themselves. In short, even their best sales and business development executives have some difficulty with this, and it's understandable.

Now don't get me wrong -- legal and e-discovery providers offer valuable and necessary services, especially in light of the wide and blindingly bright spotlight cast by the increased focus on ESI. Rather, I'm simply left wondering how many firms and providers have truly recognized the market has already shifted into a more pronounced stage of commoditization. Everyone talks about providing "value-added services" while sustaining growth and profitability. The savvier ones focus on the client value not as the lower per-unit cost (thus recognizing the commoditization and competition issues), but on the overall cost savings achieved in successfully and timely resolving the matter -- all while avoiding the costs and negative publicity of discovery sanctions.

Larger law firms have been building up their litigation support and related IT professionals, and changing focus to make them a profitable line of business rather than a cost center. Yet some are still challenged to find this magic path while being extremely cautious (and rightfully so!) in taking on the liabilities and risks associated with the more forensic aspects. In addition, corporate counsel routinely say the top large law firms generally all provide high-quality services. In my opinion, this just adds to clients' perception of commoditization and their increasing desire to receive them at reduced or fixed cost -- assuming most everything else is being perceived as nearly the same.

Where Does This Leave Us From the Client's Viewpoint?

Answer: A rapidly-changing, crowded, and confusing set of choices. All of which makes it challenging for any single provider to, well, single itself out or make a large enough splash. Of course, a top-ranked spot still helps as lawyers tend to go with whomever most others are using -- as long as their professional network confirms good results. Offering a unique niche product or service is good too, and even better when properly aligned with one's other offerings and resources. Making it onto a client's preferred provider list is still incredibly important. Getting there and staying there without cannibalizing future revenues is the challenge. To borrow Bill Engvall's tagline, "Here's your sign" of legal commoditization.

Most recently, we've seen the entré of automated document search providers. In attempting to prove their solution is significantly more accurate and perhaps less costly than manual review, they are beginning to distinguish themselves from commodity-level contract reviewers. Indeed some of us are keeping an interested eye on these developments. While still nascent, there is potential here if they can deliver on their assertions and convince legal decision-makers that it's worth a try. Only time will tell if this is sustainable or just another tech fad that didn't catch on with more conservative lawyers. And if it does prove sustainable, how long before it too becomes commoditized? Or will there be a legal market "Google" to emerge as the distinguished leader?

As recessionary concerns grow, it will be even more incumbent on corporate counsel to continue to reign in legal costs while generating positive results for their corporate client. Some types of litigation matters increase in bad economic climates. Which means, of course, that the next few years could bode well for those service providers who can distinguish themselves with their potential client base and return consistently good results at an acceptable price. I'd even say the latter is the best way to distinguish yourself in the long run. As we all know from recent cases and the press, bad news travels fast.

As these services become even more commoditized, however, there will likely be even more shakeout and consolidation among providers. Now is a good time for those looking to fill in their gaps. Corporate clients generally prefer more depth in their outside providers. Not to mention their purchasing departments likely have been minimizing the number of outside suppliers to gain better pricing advantage and to simplify (i.e., reduce) their vendor administration overhead. They will likely provide some pushback to legal departments seeking new providers. In some cases, this will extend the RFP process unless or until corporate legal puts their foot down and tells them they need someone "Now!" So while there will be growth, particularly among e-discovery providers, expect it to be rather dynamic in terms of the overall player makeup. Like Comcast above, I expect the larger players will enjoy a larger land-grab. We'll also see a number of middle and smaller players assimilated or perhaps relegated to the less complex, more localized matters, where low cost and local access for clients is very attractive. We've seen this time and time again in the scanning and coding industry.

However, there's no magic crystal ball, and only time will tell how the legal market responds. There will be some legal decision-makers who have already recognized the importance of addressing these issues early, and many who will be economically cautious, only paying as needed. Sometimes that saves money, and sometimes saving money gets very expensive on the clean-up side. That's where having a good discovery advisor-partner is worth its weight.

We'll continue to see further consolidations and partnerships among e-discovery and other technology providers. We'll see more outsourcing, even if it's only internal to that provider (think coding banks in India and China, for example), to increase their global reach and financial efficiencies. And like my cable TV, we'll be launching our browsers or RSS readers only to find that ABC provider is now part of XYZ. Stay tuned...

Addressing Laptop Data Vulnerabilities

Law.com has an excellent article discussing several workable approaches for securing data on corporate laptops. A quick look at one list of data breaches illustrates how sensitive data continues to be compromised by unsecured storage on laptops.

It's a particularly savvy article because its first piece of advice is not to overreact and go overboard -- "Draconian laptop-use policies may, ironically, increase an enterprise's vulnerability." Consider that employees often respond by finding other ways of circumventing security to make their jobs easier, which usually means making the data more accessible (i.e., less secure). For instance, blocking file saves to the laptop's hard drive or limiting e-mail inbox sizes can result in employees saving the data to unsecured thumb drives or forwarding sensitive e-mail to personal e-mail accounts. Where there's a will, there's a way. EMC was quoted as opting for a more blended approach, depending on the sensitivity of the data.

Another interesting suggestion was full hard drive encryption, rather than just encrypting the documents folder. This is often a highly debated solution. In my experience, some IT professionals will quickly suggest that doing so will entail a performance hit on the user and cause additional support problems. I'd say that noticeable performance hits are more likely with older, slower laptops. If this presents serious problems, consider phasing in encryption or issuing new laptops to those accessing more sensitive data.

Also keep in mind that when you are working on a laptop, it is likely creating a number of temporary file copies on the hard drive, sometimes in places outside the document folders. Full drive encryption therefore provides more complete protection for these additional copies of sensitive data. Naturally, such a solution would need to be thoroughly tested to determine the real-world impact on users and the IT support organization. Another issue to consider is segregation of the master keys -- do you allow one person or group to have them, or do you segregate them between two entities within the organization to avoid unilateral and potentially undesirable actions? I liked the allusion to the missile silo two-operator requirement.

Removable storage continues to be a major concern, such as flash thumb drives and external hard drives. And let's not forget iPods, which are either the former or latter type of devices. On one hand, these drives are very useful tools for mobile users. When unsecured (e.g., unencrypted), they can represent a larger security threat due to their tiny physical size and increasing storage capacities. For example, an 8GB thumb drive goes for less than $100 and can store a staggering amount of information. The article mentions products that control which devices can be plugged into which computers, and the best ones allow exceptions to be set when needed. If thumb drives will be used and supported, I'd suggest issuing employees with the following: only those models which support high-end encryption, such as AES, and make its entire capacity encrypted before it's issued to the employee. While a savvy user will likely know how to reformat the thumb drive to make it unprotected, the default encryption status is in your favor for the majority of users.

Many new laptops have built-in fingerprint readers, which can make security a bit more convenient. But as the article states, users often forget a key step: Register more than one finger with the device, so if you cut or burn your primary finger, you can use another one to gain access via the reader. Also, without the back-end drive encryption, keep in mind that a fingerprint reader only locks the front door. There are other ways to get to the unencrypted data on the hard drive, such as removing it from the laptop and accessing it from another PC.

Lastly, the article mentions lojack services for laptops, which hopefully reduce their recovery time. However, once the horse is out of the barn, it's too late to employ any of the above security measures. An unprotected hard drive containing sensitive data can be copied very quickly to a number of storage devices. The data contained on missing laptops is often much more valuable and/or costly to an organization than the cost of the physical laptop itself. An ounce of prevention...

Add Brett Burney's New E-Discovery Blog to Your List

In addition to my preceding post, be sure to add "ediscoveryinfo" to your list of useful e-discovery blogs. Prolific author and e-discovery consultant Brett Burney launched it several months ago, and he's populated it with excellent posts on e-discovery issues and vendor offerings. For example, he's already posted on vendor convergence via acquisitions, e-mail and storage issues, and various industry trends.

On a personal note, Brett and I discussed his plans for his forthcoming e-discovery blog at ILTA's annual conference back in August, and it's good to see him blogging about key issues and adding his savvy perspective.

Ambrogi on Keeping Up With EDD Blogs and Tools

Bob Ambrogi just published his latest list of useful e-discovery blogs and vendor sites on Law.com, which runs his Law Technology News column, "Web Watch". When Bob makes reference to legal blogs or web sites, it's very often worth the time perusing them. Bob has done great job pulling the list together along with providing succinct descriptions for each site, and it's worth noting that LawTech Guru is included.

Overall, it's a great resource if you're looking for an excellent collection of EDD blogs and other sites to keep you informed of e-discovery issues and developments.

Key Issues Covered at the 4th E-Discovery Conference

I just got back from presenting at the IQPC 4th E-Discovery Conference in Jersey City on the Hudson, a stone's throw from Manhattan. It was a very focused conference on e-discovery issues, strategies, and updates, with the majority of attendees from corporations. In speaking with attendees and service providers there, it's quite apparent that companies are in various stages of litigation readiness with respect to ESI and the new rules. Many are struggling with the massive amount of data sitting in numerous silos, and how to best train their employees in better practices (appropriate e-mail content, retention practices, etc.).

Several presentations provided a number of informative case updates and brought them to life. Perhaps one of the most telling was the effect of the Rambus "shred days" on their patent litigation strategy. Let's face it, some document retention programs may not be so much about retention as they are about destruction. Of course, who wants to admit in a deposition they have a document destruction program. Just ask Rambus. Instead, companies have a document "retention" program. Myself, I prefer to call it ILM (Information Lifecycle Management), which takes into account its dual nature -- keeping the documents you need, and retiring the documents you don't (both paper and electronic), all according to pre-defined schedules and categorization so it's performed appropriately.

Also discussed was the potentially negative effect of labeling e-mails and documents with "attorney work product". While the work product label can provide significant protection, it's a dual-edged sword and needs to be used carefully. By it's very nature, its use infers the attorney was anticipating litigation at the time s/he applied it to the e-mail or document. As such, it would also likely trigger the responsibility to begin preservation efforts across the enterprise to avoid spoliation claims, sanctions, and other adverse results later. When companies routinely apply "attorney work product" to protect communications, they may have inadvertently knocked over the first domino in a much larger preservation and discovery imbroglio.

The value of protecting those communications via "work product" could be negated by the larger costs of preservation noncompliance. This is not a new problem, as this ISBA article suggests from 2004: "The legal counsel of a corporation should consider the dangers associated with writing work product on communications and other documents by weighing the actual benefit received in the form of potential protection from discovery, with the potential danger of triggering an unanticipated date by which evidence may have to be preserved." The new rules and subsequent cases have helped in raising our collective consciousness on the issue. When in doubt, it was suggested at the recent IQPC conference to use "attorney client privilege" instead.

It's clear to me that most companies still need significant assistance in navigating the discovery minefield. There aren't any silver bullet solutions, and there are significant judgment calls to be made. Thus I believe the best approach involves a combination of knowing what you have (for better or worse, but don't ignore it -- what you don't know can hurt you), providing consistent processes, procedures, and systems that make it easier for employees to manage their growing data, and educating/training them on how to do so appropriately.

As we discussed on my panel regarding training issues, however, there is an inherent conflict for most employees: Many want and/or need to retain e-mails and other data for their own benefit. Reasons range from simple work-related needs (e.g. referring to past e-mails, documents, etc. for informational and project-related reasons) to keeping them as the basis for justifying their actions or decisions should they be called into question later. Until companies provide a better way to reconcile these conflicting needs and goals, and more intuitive methods to manage e-mail and unstructured data such as file shares, they will continue to experience these issues.

There were many other sessions on e-discovery issues, including preservation and collection, foreign language challenges, cost management, document review, and more. Although it will take time for companies to more fully address these issues, it's a good sign to see some corporate law departments actively interested in how to get there.

[Update 10/13/07: Ari Kaplan just published his favorable impression of the conference on Law.com. He too liked the intimacy of a smaller, focused conference. He also has some interesting comments on the presentation regarding sourcing trends, and another on automated review. Given that attorney review is likely the most expensive part of e-discovery, automated review is generating a fair amount of buzz.]

[Please Note: This posting shall not be construed as legal advice by the author. It is merely an educational tool suggesting possible points-to-ponder and in no way constitutes legal advice or the author's legal position on these issues.]

EDD -- ILM Needed to Take Out the Trash

This Law.Com article by Stanley M. Gibson, "Hit 'Delete' to Prevent EDD Disaster", tells the tale of how a company was ordered to produce millions of electronic documents and e-mails spanning over half a decade to the losing tune of a $570 million judgment. That's in addition to the costs incurred for legal fees and allocated costs of collection, restoration, conversion, review, and production of the data.

Unfortunately, hitting "Delete" is not sufficient. If nothing else, the result just became a compelling benchmark of why implementing ILM (Information Lifecycle Management) can indeed be cost justified. If a company may have to pay millions (or perhaps billions in the total tally), why not invest that money -- proactively -- into a solution that reduces financial risk and produces tangible operating benefits to its users in terms of structured data management and collaboration ease? As real-life EDD examples such as this continue to occur, an effective ILM implementation with proper policies, training, and management reinforcement could very well be the gift that keeps on giving.

More on Vista Shadow Copies & the Dreaded Index.dat Files

As I posted previously, by default Windows Vista enables shadows copies in Vista Ultimate, Business, and Enterprise editions. Shadow copies aid in recovering prior versions of files and are part of Vista's system restore points protection (which was also included in XP). So, basically, it appears the only way for a user to turn off shadow copies is to disable the system restore point protection. The problem is that the system restore point feature is incredibly helpful in troubleshooting and curing a system's ills by rolling back Vista's system files to a previous point in time. This is especially useful after installing a problematic program, driver, or update. In effect, turning off shadow copies is throwing the baby out with the bath water. Nice going Microsoft. If there's a way for enterprises to set a Windows policy to disable shadow copies but keep system restore points active, that would be a good solution. However, I haven't come across that yet.

Now on to Index.dat files. Windows has used these for many years as a way to store data histories, such as your complete URL browsing history. Since these Index.dat files were always kept open by Windows, it took special utilities such as the Index.dat Suite to view their contents, and even better, delete them at bootup before Windows fully loaded. It seems Microsoft has been aware of the problem and has changed the way that Windows and IE work to better clear out the contents of these tell-all files. This blog post from the Windows Core Networking MSDN blog has a greatly detailed discussion of how the WinInet's Index.dat files work under Vista, as well as this one about clearing tracks with IE7.

With e-discovery hot on everyone's plate with the new federal rules, these are additional reasons to have qualified and experienced professionals on your forensic team.

On the Ball with Vista

Thanks to Dennis Kennedy commenting on my last post, I came across the link to Craig Ball's Vista overview. As usual, Craig does a great job of walking the uninitiated through Vista's enhancements and their impact on EDD. Of course, Craig left me feeling like I just took a trip though Willie Wonka's Chocolate Factory with a rockin' Stones soundtrack. (Did you really want to know what the Vista Oompa Loompas are doing with your data?)

I also mention it since it supplements my comment about considering encryption pros and cons. He introduces the new BitLocker encryption in Vista's Enterprise and Ultimate editions and the challenges it presents.

Vista Shadow Copies -- Helpful to Users, Even More to EDD Recovery?

Microsoft has billed Vista as their most secure operating system to date. However, there's a little-known feature that could cause some data security concerns. Amidst the flurry over EDD and the new rules, Microsoft included a feature to certain versions of Windows Vista that may aid in recovering prior versions of files.

From Microsoft's Vista site:

Have you ever accidentally saved over a file you were working on? Accidental file deletion or modification is a common cause of data loss. Windows Vista includes a useful innovation to help you protect your data: Shadow Copy. Available in the Ultimate, Business, and Enterprise editions of Windows Vista, this feature automatically creates point-in-time copies of files as you work, so you can quickly and easily retrieve versions of a document you may have accidentally deleted. Shadow copy is automatically turned on in Windows Vista and creates copies on a scheduled basis of files that have changed [...] It works on single files as well as whole folders.

Very helpful indeed. There have been a number of occasions over the years when I've accidentally replaced a file when I should have saved it as new one with a different file name. We've all been there.

However, now consider the difficulty in trying to rid a system of shadow copies for legitimate security and confidentiality concerns. A laptop user may need to work on a confidential file while traveling. Since laptops are easily stolen, accidentally left behind, etc., it may be desirable to wipe the file later to maintain security and confidentiality. Consider some of the recent news stories covering thefts of laptops containing considerable amounts of personal data. It's a good bet that most file wiping utilities can't handle wiping the Vista shadow copies, at least not yet anyway.

Note that Shadow Copy is enabled by default in Vista Ultimate, Business, and Enterprise editions. So if data security and confidentiality is paramount to file recovery, organizations should consider disabling this feature in their Vista rollouts. On-the-fly encryption is another consideration, recognizing it has pros and cons as well.

[P.S. Seeing as I'm posting this on April 1st, I thought I'd emphasize this information was gathered directly from Microsoft's site. Also, Ars Technica has a post on this from as far back as last summer. Now if you're looking for an April Fools gag, Google got their hands dirty this year with Google's TiSP Beta. More on the gag at USA Today.]

iPod Used as an Identity Theft Cache -- Only the Beginning

The San Francisco Chronicle reported yet another use for iPods: storing lots of stolen identity-related information. iPod users have known for quite some time that they can be used as portable storage for computer files, just like a thumb drive. Perhaps more troubling than a criminal using it that way is that the San Francisco police sounded surprised and considered this novel -- and that was the fraud division. They got their man through a sting operation, though, and I'm glad to hear it given the details of the identity thefts and other crimes perpetrated.

But it underscores the need for law enforcement and security professionals to consider new uses for everyday tech tools and gadgets, especially when theft of data with iPods is nothing new. As the Tech Law Prof Blog correctly pointed out on this issue, at least four years ago we learned that one could walk up to demo Macs in stores, plug in an iPod, and copy entire software programs for use on other Macs. I remember reading about this on Wired.com ("Have iPod, Will Secretly Bootleg") at the time. So why is this considered something "new"?

With all due respect to our police departments (I mean that sincerely), it sounds like they would benefit from a "Tech Culture 101"-type class. Give them some freebies to go play with -- iPods, thumb drives, camera phones, Treos, BlackBerries, Bluetooth devices, digital cameras, flash cards, etc. Show them how they work, how they capture, store, and transfer information, and perhaps most importantly, how easy it is to hide information on them "in plain sight". I hate to say this, but "you gotta think like a teen".

For example, it would not surprise me to hear one day very soon that someone was caught smuggling confidential information on one of the tiny flash cards inserted into innocuous-looking devices like a cell phone or a PSP (Play Station Portable). In fact, the PSP is quite a useful computer in its own right, well beyond playing games. Heck, you can already remotely control your home with it, not to mention all of these cool uses. Sony is also empowering it with the LocationFree console to stream all kinds of digital media to your PSP at any hotspot.

There's also a new project for porting Linux over to the PSP. As any hacker knows, once you've got Linux running on a capable device with Wi-Fi (yup, it's a Wi-Fi Finder too). . . well, it doesn't take much imagination, does it? Now that makes toting stolen info on your iPod très passé.

Mighell on Metadata and User Error

Tom Mighell has a great reference post on Inter Alia that links to several informative metadata articles, including discussions of ineffective PDF redactions. Be sure to check out the comments following the Washington Post article, as it features an interesting post by none other than the metadata diva, Donna Payne.

New E-Discovery Blog

I was all set to write up a nice blog post about Preston Gate's new Electronic Discovery Law blog, but saw that my good friend, Dennis Kennedy, had already done so in this great post.

To that, all I can say is "Ditto" and his post is worth a read along with visiting Preston Gate's new blog. Per the site, it's "a blog on legal issues, news, and best practices relating to the discovery of electronically stored information published by the Document Analysis Technology Group at Preston Gates & Ellis LLP." They're off to a good start, with good EDD categories and content already in place in advance of their official launch on Monday.

I agree with Dennis that I'm glad they've included an RSS feed. So few large law firms have gotten "it" that blog and web sites by themselves are only half of the equation. The other half, and perhaps the only one that really matters to many diehard blog readers, is to be able to receive the content via RSS (or Atom) so they don't have to visit hundreds of different web sites to keep themselves informed. Other firms, webmasters, and bloggers take note: If I don't have a blog in my RSS reader, then I rarely visit it -- and that's usually only when another blogger or online article has posted a link to it within a useful context.

Electronic Discovery is growing in importance so rapidly there is still a big need to find good online resources and track developments. Dennis' post also provides links to several other good EDD blogs and sites, a number of which I've also mentioned previously.

I also agree with Dennis with the professional manner in which I was contacted to check out their blog. I wasn't asked to provide a link or a post. There was none of the "I already posted a link to your blog, so please post a link to ours" ploys. Instead, I received a simple, elegant, e-mail stating they had come across my blog with a nice compliment, informing me of their blog and some highlights, and asking me to check it out when I had a chance. Even if it was a form e-mail, Bravo for thought put into it, and welcome to the Blogosphere.

More on In-House EDD

Continuing the discussion between Dennis Kennedy, Ron Friedmann, Bruce MacEwen, and myself on law firm in-house EDD:

Dennis is "a bit more optimistic about law firms going into the electronic discovery services business". Along those lines, I think that the right combination of legal, lit support, and IT staff could do well with examining, searching, organizing, and producing electronic evidence that has been collected by a qualified EDD source. Indeed, many firms have been doing this to some degree already. There is a particular line of evolution that has the potential to serve firms quite well if they're willing to commit to it and recognize the value of their Lit Support Manager and IT Department collaboration.

Before I get to that, however, Dennis could very well be right in that an extremely small number of law firms with the properly trained and certified EDD people on staff and the right hardware and software savvy just might pull it off -- but by far this is the exception to the rule, as it's going to require an unconventional progressive-thinking and tech savvy culture (not too common in law firms, I'm sad to say). And they will still need to consider and address all the issues we've collectively mentioned, and more. Is there first-mover advantage? Possibly. However, I think there's a more "balanced" approach worth considering.

For this, I'm going to refer to several sources that Mike Arkfeld mentioned on his Electronic Discovery and Evidence blog a little over a month ago:

75% of Top Law Firms Not Qualified to Handle EDD Matters

E-Discovery Execs Name Top EDD Law Firms; 75% of AmLaw 200 Not Qualified to Handle Complex EDD Matters. "However, when asked, "What percentage of AmLaw 200 firms has the requisite knowledge and experience to professionally handle a complex EDD matter?" there was broad consensus that the answer was not more than 25%."

I actually read Mike's post well after I expressed similar thoughts. I'll reiterate from my prior posts that I believe that counsel and staff need to challenge themselves to be more educated on technical matters relating to computer systems, data, and EDD issues, and they need to be closely engaged with the EDD process. Of course, this is not going to happen overnight. But in doing so, they can guide the process, offer counsel, and make sure that the expensive EDD resources are being focused in the appropriate areas.

Mike also has another key post on this topic that is definitely worth mentioning:

Role of IT in Law Firms re EDD, which links to this article: Conference Preview: Use your EDD by Andrew Haslam. Andrew explores many of the issues we've discussed, and the example of a firm who crashed their entire computer system by hosting EDD is a good caution.

Having worked closely with various Lit Support and Project Managers, I think he's on the right track in the following quote, because I've seen it happening already:

"How will all of this affect IT departments? I believe that the role of the litigation support manager will evolve from one focused on the processes of scanning, coding and hosting systems, into a higher level of strategic adviser and project management. In parallel, the IT function could start to move from being a cost centre to a business contributor."

Now this is where I suspect more firms will be successful overall in extending their EDD savvy, rather than trying to become the full-blown in-house EDD provider. It allows a more gradual, less-costly ramp up. It also provides a greater opportunity to improve the quality of advice and service to their clients -- with less overall risk to both relating to EDD collection and custodianship. Another advantage is that it gives the firm time to evaluate their options and directions as they evolve with EDD. For more firms, this is probably the most doable proposition I've seen to date, because it enables firms to progress while keeping closer to doing what they know best -- their core competencies.

In-House EDD: A Controversial Topic at Best

Ron Friedmann (Strategic Legal Technology), along with Bruce MacEwen (Adam Smith, Esq.), think that bringing Electronic Evidence Discovery processing in-house in law firms (as suggested by this recent Law Technology News article) is a bad idea.

I agree with Ron and Bruce's comments, which I've summarized below:

Bruce's post explains several reasons why law firms should not bring EDD in-house:

1) EDD is not a law firm's core competency (the "stick to your own knitting" Management 101 theme)
2) Evidentiary issues
3) Malpractice issues
4) Highly variable demand and capacity utilization
5) Technology and processes in a constant state of flux
6) Disequilibrium in the state of the EDD industry and its profit margins

To this, Ron adds his note of caution:

"It is much easier to explain and justify a third-party disbursement than a law firm’s own time or line item charges (e.g, copying). Clients realize that the EDD space is rapidly changing and can reasonably expect a law firm to seek competitive bids. This does not mean that the lowest price wins; rather, it helps assure a reasonable price for the right services."

To these I'll add a few thoughts of my own:

1) Anything that puts a law firm member on the witness stand during the course of client representation is probably not a good thing. In the case of EDD, I believe it increases one's malpractice risk and the risk of losing cases and clients -- unreasonably so.

2) Consider the conflicts of interest inherent in offering certain ancillary services. This isn't new ground. It's been done before, and here's the best example of its impact: Recall the great "consulting" expansion of the Big Six (now Big Four) accounting firms? These firms discovered that their consulting arm created a number of conflicts.

Section 201 of Sarbanes-Oxley now expressly prohibits a large number of these ancillary services from being offered in conjunction with audit services. Even before SOX, some firms began to spin off their consulting divisions. Maintaining objectivity, especially when it comes to rendering expert services and opinions, is more valuable than most professionals realize.

3) While I know a number of very tech-savvy attorneys, I believe most law firms, and their lawyers in particular, lack the required competence in technical and forensic matters. This probably sounds harsh, and perhaps even a bit jaded, but it's my perception of current state of the legal market. There are always exceptions, and lawyers are generally becoming more tech savvy -- but overall, very few have the requisite tech knowledge in this highly specialized area.

I'll extend this point: Many law firm IT and litigation support departments, in general, are probably not properly trained in the necessary forensic techniques and issues, nor on all of the various client computer systems from which they would need to extract and collect data. Again, I'm talking about the technical proficiency issues here, not the legal ones. While a firm could go out and hire EDD professionals, consider then who will be responsible for managing them and the results. It just doesn't seem to me to be anywhere near the average law firm's core competence. This stuff is tricky, and if you don't know what you're doing, you can end up in a world of hurt in a hurry. Which brings me to my next point...

4) For a reality check, read "Prosecutors Leave an E-Trail" from October 2004 issue of Law Technology News as a good example of in-house EDD processing gone seriously wrong -- in this case, for the U.S. Attorney's Office. While they were fortunate in securing a conviction, it illustrates many of the points above. For a simplistic-yet-drastically more catastrophic result, read "Fax Error Costs EC €100m Court Case". While these are probably the more extreme examples of what can go wrong with technology, the sad fact remains that they occurred.

5) As Ron stated, clients pay for outside experts in litigation all the time. Why would they believe a law firm would have a higher or even equal level of experience and objectivity with lower overall costs when compared to an established outside expert/consultant? Also consider that if a lawyer or a client becomes dissatisfied with an expert's services, they can fire the expert and obtain another while maintaining the valued continuity of the lawyer's core services. When the lawyer or law firm becomes the expert, guess who gets fired? Donald Trump would have a field day with his slogan. The lawyer/firm gets thrown out with the bath water.

6) EDD service providers and consultancies have sprung up out of the woodwork, and I expect the EDD market to grow in revenue dramatically as more "core" information in cases is digital. However, like Bruce mentioned, I too expect a lot of shakeout in this market segment. Remember the ASP (Application Service Provider) craze near the end of the dot.com boom? Where are they now? A lot of consolidation and bankruptcies occurred in the interim -- and it all took place in less than five years (I'd say between 1999-2003). There are still ASPs in various markets, including legal, but it was a very turbulent ride that many did not survive.

This isn't to say that all ancillary services are a bad idea, nor should this be taken one way or the other regarding MDP (multidisciplinary practice) in general. These are all controversial issues at best. I'd suggest that one needs to look beyond the perceived gravy train to consider all ramifications, and especially those for the clients. However, I believe most law firms (and their clients) considering this specific service option would be better served in the long run by letting this one go.

However, as a seemingly-paradoxical corollary, lawyers (not just the litigators) as well as their clients need to challenge themselves to become as tech savvy as possible in this electronic era. Only more electronic information is being created, not less. There's much value to be had in the ability to know which questions to ask, how and where to find information, perceive patterns and issues, identify appropriate courses of action, and counsel clients on the associated risks and cost-benefit analyses. Now those are the lawyers and legal staff I want to know.

[As with all my posts, I should clarify that the above statements are made completely in my individual capacity as my own thoughts, and that none of this constitutes legal advice of any kind. You're free to draw your own conclusions. I'm simply applying good old fashioned common sense coupled with my experience in legal technology issues.]

Metadata Resource Sites

Trying to get a leg up on metadata before it sneaks up on you? Here are several excellent sites worth visiting:

• Metadatarisk.org (sponsored by Workshare, makers of DeltaView)
• DiscoveryResources.org (sponsored by Fios)
• Electronic Discovery and Evidence (Mike Arkfeld's successful blog in support of his book by the same name)

If you're aware of other good metadata-related sites, by all means, please leave a comment with the full URL.

After Threats, Caller ID Spoofing Entrepreneur Selling Business

Three days, that's all it took. The Net has been rife with criticism over this new startup endeavor, which I posted late last week. From the NY Times (free registration required):

"It may be known as caller ID spoofing, but it is evidently no laughing matter.

Three days after the start-up company Star38 began offering a service that fools caller ID systems, the founder, Jason Jepson, has decided to sell the business. Mr. Jepson said he had received harassing e-mail and phone messages and even a death threat taped to his front door - all he said from people opposed to his publicizing a commercial version of technology that until now has been mainly used by software programmers and the computer hackers' underground."

Here's the real irony: According to the article, Mr. Jepson's own privacy was severely compromised:

"While network security consultants and some other technology professionals are known to have a cottage industry involving the use of caller ID spoofing, Mr. Jepson said the nature of the threats he had received made him conclude they had come from so-called phishers - people who use caller ID spoofing and online techniques to trick people into handing over confidential information.

The people who threatened him, he said, had already tapped his phone calls and had obtained details about how much money he last deposited into his checking account. 'Some people,' he said, 'are pretty fired up about this.' "

Yet another example of asking the wrong question. Instead of asking, "Can we?" perhaps he should have asked, "Should we?" While I think many of us would probably not condone the more extreme actions taken against him, it sounds like he got a little taste of what it feels like to be harassed by unknown callers. For some strange reason, I just don't think he's going to get much sympathy.

The problem, however, remains. The genie is still out of the bottle, and his business is now up for sale. I feel it's one thing if a caller chooses to block their caller ID. The recipient still has the choice whether or not to pick up the call, knowing that it may be unwanted (after all, what did we do before Caller ID?). However, intentionally forging a caller's identity plunges Caller ID into a level of uncertainty and deceptiveness that crosses the line in my book.

Controversial New Caller ID Spoofing Service

Here we go again. When Caller ID was first introduced, it raised numerous privacy issues. Now, just as we're finally comfortable with it, along comes new technology to disturb the status quo. According to the New York Times (free registration required), a new company called Star38 (or *38) is offering a new service which enables debt collectors, law enforcement officials, and private investigators to spoof, or fake, their Caller ID information when they call you.

The service is cheap and easy to use, and the callers can set the Caller ID telephone number and name to whatever they want. The NY Times article discusses the legal concerns involved, including the Fair Debt Collection Practices Act. Engadget, one of my favorite tech blogs, recently had an interview with Star38's CEO and included photos of the service in action. Star38's sparse information is found here.

The following from the Times article is an eye opener:

"The developers of Star38, who say they required only 65 lines of computer code and $3,000 to create their service, insist that they will take steps to ensure that it is not used maliciously. They plan to spend up to 10 days checking the business licenses of all applicants and will ask subscribers to agree not to use Star38 to commit fraud, and to accept legal liability if they violate state or federal laws."

It will be interesting to see how effective asking subscribers not to commit fraud will be. It doesn't give me any warm fuzzies. It certainly wasn't good enough for the RIAA in the 321 Studios lawsuit, wherein the controversial DVD X Copy software asked its users whether the DVD being copied was borrowed or rented. Granted, that was primarily a DMCA suit, but you get my point.

Initially, the service will only be offered to the above types of customers following some type of background check, but not the general public. On this point, per the Times article:

"The company also plans to cooperate with police forces, if asked, to provide records of what numbers customers dialed to and from, and what numbers they chose to show the recipients of their calls.

"Law enforcement will have complete access to search our database," said Jason Jepson, the chief executive of Star38, of Newport Beach, Calif. "We don't want the insinuation that they can sign up, use it temporarily and then run off."

Mr. Jepson, 30 - who says he got the idea for his service after speaking to his aunt, a bounty hunter, about the best ways to get in touch with people - said Star38 had no immediate plans to sell its service to ordinary consumers because of the potential for misuse. "There are too many things that can go wrong," Mr. Jepson said.

But industry experts say that the caller ID spoofing, as it is known, is simple enough to develop that it is only a matter of time before other service providers make it available to anyone."

In the immortal words of George Carlin: That's what scares me.