SlideShare une entreprise Scribd logo

08/19/2010 Meeting - Litigation Holds and Security Breaches

A
acfesj
TechnologieBusiness
1  sur  76
Télécharger pour lire hors ligne
The Virtual Trip Wire Litigation Holds & the Duty to Preserve Data in Security Breaches Tomas Castrejon, General Dynamics Josh Gilliland, Esq., D4 LLC Stephanie Sparks, Esq., Hoge Fenton Jones & Appel
From the Bench “By now, it should be abundantly clear that the duty to preserve means what it says and that a failure to preserve records – paper or electronic – and to search in the right places for those records, will inevitably result in the spoliation of evidence.” The Pension Committee of the University of Montreal Pension Plan, et al. v. Banc of America Securities LLC, et al., Amended Order, Case No. 05-cv- 9016 (SDNY Jan. 15, 2010)
Why this Matters • In complex commercial litigation today, virtually all discovery involves electronic discovery to some extent. • It also is well known that absent affirmative steps to preserve it, at least some electronically stored information (“ESI”) is likely to be lost during the course of litigation through routine business practices or otherwise. Vice Chancellor Parsons, Court of Chancery of Delaware, Beard Research, Inc. v. Kates, 2009 Del. Ch. LEXIS 94, 21-22 (Del. Ch. May 29, 2009).
Agenda • Security Breach • Personal Identifiable Information • Case Example • Litigation Hold Definition • Preservation Letters Defined • Triggering Event: The Preservation Obligation • Duty to Preserve • Spoliation • Hypothetical • Litigation Hold Best Practices • Question & Answers
© 2010 Hoge Fenton Jones & Appel Personal Information Generally • Individual’s first name or first initial and last name in combination with any one or more of the following: – Social security number – Driver’s license or identification number – Account number, credit or debit card number, in combination with any required security code, access code or password – Medical information – Health insurance information
Data Breach •285 million records were compromised in 2008 •A typical lost or stolen laptop cost the business an average of $50,000, 90% of which was for data breach response • Range of loss per individual: $1,213 – $975,527 Source: Open Security Foundation, datalossdb.org
Data Breach Source: Open Security Foundation, datalossdb.org
Data Breach Source: Open Security Foundation, datalossdb.org
Patchwork of Federal Laws • Gramm-Leach-Bliley Act (GLBA regulated by FTC) • Federal Credit Reporting Act (FCRA regulated by FTC) • Fair & Accurate Credit Transactions Act and Red Flags Rules (FACTA regulated by FTC) • Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH Act) (regulated by HHS) • The Children’s Online Privacy Protection Act • The Communications Decency Act • Foreign Intelligence Surveillance Act (FISA) • Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM) • Federal Identity Theft and Assumption Deterrence Act
Patchwork of 46 State Data Security Breach Notification Laws • 45 States and the District of Columbia • 7 States added laws within last two years: Alaska, District of Columbia, Iowa, Missouri, South Carolina, Virginia, West Virginia • State Agency Notification Requirement: Massachusetts, New Hampshire, New Jersey, New York, Maryland
California Was the First In California . . . • Financial Information Privacy Act (Fin. Code § 4052) GLBA Counterpart - Financial Institutions - Nonpublic personal information • Consumer Credit Reporting Agencies Act (Civ. Code §§ 1785.1 et seq.) FCRA Counterpart • Information Practices Act of 1977 (Civ. Code §§ 1798 et seq.) • Data Breach Notification Law (Civ. Code § 1798.82)
Massachusetts Is the Most Stringent • Data Security Regulations, 201 Code Mass. Regs (CMR) 17.00, effective March 1, 2010 • Businesses must have: -Written information security program - Heightened security procedures, including encryption - Vendor contract provisions re compliance are mandatory *contracts signed prior to 3/1/10 = 2 yr grace period *contracts signed after 3/1/10 = no grace period - Must take “reasonable steps to select and retain third-party providers that are capable of maintaining appropriate security measures”
State Data Security Breach Notification Laws Generally Notice Requirements: • Data custodian to (i) data owner • Data owner to (ii) affected resident and (iii) possibly State Attorney General • Timing: (i) “immediately following discovery of the breach” (ii) “most expedient time possible and without unreasonable delay”
Litigation Holds
Definition of a Litigation Hold • A litigation hold is a directive to your client and others to preserve ESI or other information pertaining to the litigation. Michael R. Arkfeld, Arkfeld’s Best Practices Guide for Litigation Readiness and Hold, §3.2(A), page 62 (2008-2009 Ed.), citing, Zubulake v. UBS Warburg LLC 220 F.R.D. 212, 218 (S.D.N.Y.2003).
Preservation Letter Checklist • Basic investigative work should uncover appropriate points to include in a litigation hold letter. • Common sense should guide the actual points to include in a preservation letter. • Not a discovery request. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
Preservation Checklist • A party can disregard the request to preserve, but once the request has formally been made and evidence disappears, a preservation letter may place the discovering party in a superior position to seek sanctions or other relief. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
Preservation Letter Checklist • At a minimum, a letter should begin with a general statement that the discovering party expects the party to preserve digital evidence that in all probability will be relevant to the issues in a case, or may lead to the discovery of such evidence. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
Preservation Letter Checklist • The preservation letter should include a request that the other party suspend its regular document retention policy pending discovery. • The preservation letter should identify all of the possible locations where such evidence might conceivably reside. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
Preservation Letters • The letter should inform the opposing party that a mere file backup of the hard drive is not adequate preservation. • The party must be instructed to image hard drive in bit-stream copies, where all areas, used and unused, of the hard drive are copied. • If a file is deleted before a backup is made, the deleted file will not be copied unless it is a bit-stream copy. • The letter should also request that deleted files that are reasonably recoverable be immediately undeleted. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
A Very Bad Litigation Hold Letter • Hank has asked me to send this out to everyone. • All emails re Napster at this point are related to the litigation and should contain the “a/c” (attorney communications) symbol in the subject line and djohnson@fenwick.com should be ccd. We should not be sending e-mails on this subject anyway. Items from outsiders such as resumes do not require this. • Hank Barry UMG Recordings, Inc. v. Hummer Winblad Venture Partners (In re Napster, Inc. Copyright Litig.), 462 F. Supp. 2d 1060, 1064 (N.D. Cal. 2006).
A Very Bad Litigation Hold Letter, Part 2 1. we do not retain e-mails, it is your responsibility to delete your handled e-mails immediately 2. we do not us e-mail to chat about matters related to public companies or matters such as the above 3. we do not retain written copies of e-mails in our files UMG Recordings, Inc. v. Hummer Winblad Venture Partners (In re Napster, Inc. Copyright Litig.), 462 F. Supp. 2d 1060, 1064 (N.D. Cal. 2006). Please also be aware of our e-mail policy. As we have all been required to surrender Napster e-mails, this should reinforce compliance with our long standing policies.
A Very Bad Litigation Hold Letter, Part 3 4. our document retention policy is that we do not retain documents on any public or acquired company and retain limited information on private companies. all retained information is stored in central files, pls do not retain other docs in your own files unnecessarily 5. we do not retain files separate from our central files which are periodically checked for compliance to policies Please also review the above policies with any summer associates. UMG Recordings, Inc. v. Hummer Winblad Venture Partners (In re Napster, Inc. Copyright Litig.), 462 F. Supp. 2d 1060, 1064 (N.D. Cal. 2006).
Triggering Event for the Duty to Preserve – “Reasonably Anticipated” – Pending, imminent, reasonably foreseeable. – A complaint has been filed – Discovery requests have been served Michael Arkfeld, Best Practices Guide for Litigation Readiness and Hold, §3.2(B) Preservation Obligation
Document Destruction Policies No spoliation where documents destroyed as part of a routine housecleaning operation with no notice to enact a litigation hold. Cook Assocs. v. PCS Sales (USA), Inc., 271 F. Supp. 2d 1343, 1357 (D. Utah 2003)
Duty to Preserve Includes the Following: • Relevant in the action; • Reasonably calculated to lead to the discovery of admissible evidence; • Reasonably likely to be requested during discovery, and/or • Subject of a pending discovery request. Zubulake v. UBS Warburg LLC, 220 F.R.D. 212, 216 (S.D.N.Y.2003); Wm. T. Thompson Co. v. General Nutrition Corp., 593 F. Supp. 1443, 1555 (C.D.Cal.1984)
What the Duty to Preserve Doesn’t Include
Relevant Documents to Preserve • [A]ny documents or tangible things (as defined by [Fed. R. Civ. P. 34(a))] made by individuals "likely to have discoverable information that the disclosing party may use to support its claims or defenses." Goodman v. Praxair Servs., 2009 U.S. Dist. LEXIS 58263 (D. Md. July 7, 2009)
Relevant Documents to Preserve, 2 • Documents prepared for those individuals, to the extent those documents can be readily identified (e.g., from the "to" field in e- mails). • Information that is relevant to the claims or defenses of any party, or which is "relevant to the subject matter involved in the action." Thus, the duty to preserve extends to those employees likely to have relevant information--the "key players" in the case. Goodman v. Praxair Servs., 2009 U.S. Dist. LEXIS 58263 (D. Md. July 7, 2009)
Spoliation
Sanction Flavors • Sanctions can be imposed for negligent, gross negligent, willful and bad faith conduct. • Bad Faith - “[w]here a party destroys evidence in bad faith, that bad faith alone is sufficient circumstantial evidence from which a reasonable fact finder could conclude that the missing evidence was unfavorable to that party,” and thus the jury may be instructed that the lost evidence was adverse to the spoliating party. • Negligence or gross negligence: a judge may impose an adverse inference instruction or “less severe sanctions-such as fines and cost-shifting,” even without a showing that particular materials were lost. Pension Committee, at *18.
Demonstrating Spoliation Moving Party Must Show: 1) That its adversary had control of the evidence and a duty to preserve it at the time it was lost or destroyed; 2) That the adversary had a "culpable state of mind" when the evidence was lost or destroyed; and 3) That the lost or destroyed evidence was "relevant" to the moving party's claims such that a reasonable trier of fact could find that it would support a claim. Arista Records LLC v. Usenet.com, Inc., 2009 U.S. Dist. LEXIS 5185 (S.D.N.Y. Jan. 26, 2009)
Possible Sanctions • Adverse evidence jury instruction; • Excluding greater or lesser parts of the destroying party's evidence; • Dismissing a party's claims in whole or in part: or • Granting default judgment against a party in whole or in part. Toth v. Parish, 2009 U.S. Dist. LEXIS 16116, 7-8 (W.D. La. Mar. 2, 2009)
Determining Sanctions • Factors in determining the appropriate sanctions for wrongful destruction of evidence include: • "1) the degree of fault of the party who altered or destroyed the evidence; • 2) the degree of prejudice suffered by the opposing party; and • 3) whether there is a lesser sanction that will avoid substantial unfairness to the opposing party and if the fault is serious, will serve to defer such conduct by others in the future." Toth v. Parish, 2009 U.S. Dist. LEXIS 16116 (W.D. La. Mar. 2, 2009)
Speculation is Not Spoliation • Defendants asserted that Plaintiff's "concern" amounted to nothing more than mere speculation. • Plaintiff did not produced any evidence that suggested Defendants have not complied or do not intend to comply with their duty to preserve evidence. • Preservation order was not warranted. Gregg v. Local 305 IBEW, 2008 U.S. Dist. LEXIS 99075 (N.D. Ind. Dec. 8, 2008)
Willful Conduct • Defendant was put on notice of a lawsuit because of unlicensed software usage. • Instead of enacting a litigation hold, the Defendant ordered the “software deleted immediately.” KCH Servs. v. Vanaire, Inc., 2009 U.S. Dist. LEXIS 62993 (W.D. Ky. July 21, 2009).
Willful Conduct, 2 • The Defendant’s actions deprived the Plaintiff any opportunity to inspect relevant evidence once the lawsuit began. • The Court ordered the spoliation sanction of an adverse inference instruction, instead of a default judgment, for the Defendant’s obstructionism. KCH Servs. v. Vanaire, Inc., 2009 U.S. Dist. LEXIS 62993 (W.D. Ky. July 21, 2009).
A Picture is worth a 1,000 words… • Defendants attempted to purchase $4.2 million painting. • Divorce and lawsuit for breach of contract. • Excel file with unknown origin. • Friend of Defendant’s kid reinstalled computer operating system. Green v. McClendon, 2009 U.S. Dist. LEXIS 71860 (S.D.N.Y. Aug. 13, 2009).
…but sanctions are priceless. • Lawyer and Defendant both failed in their duty to preserve. • Plaintiff entitled to additional discovery and costs. Green v. McClendon, 2009 U.S. Dist. LEXIS 71860 (S.D.N.Y. Aug. 13, 2009).
California e-Discovery & Litigation Hold Failures • Defendant failed to produce email messages & PST’s. • Defendants did not enact a litigation hold. • During the middle of trial, it was learned that the manufacturer still had not complied with discovery orders and directives. Doppes v. Bentley Motors, Inc., 174 Cal. App. 4th 967, 969 (Cal. App. 4th Dist. 2009)
Sanctions Case remanded: (1) Strike Defendants’ answer and enter a default and default judgment against them on the fraud cause of action; (2) Made an express finding in the judgment that Defendants intentionally violated the Song- Beverly Consumer Warranty Act; (3) Entered an order granting the post-trial motion for attorney fees in the total amount of $ 402,187; (4) Reconsider the post-judgment motion for attorney fees in accordance with this opinion; and (5) Ordered further proceedings not inconsistent with the opinion, including a default prove-up on the fraud cause of action, imposition of civil penalties under Civil Code section 1794, and consideration of other relief sought in the complaint. Doppes v. Bentley Motors, Inc., 174 Cal. App. 4th 967, 1003 (Cal. App. 4th Dist. 2009)
Resetting the Gold Standard • Pension Committee • 89 page opinion • Securities Litigation • Judge Scheindlin
Gross Negligence The failure to issue a written litigation hold when litigation is reasonably anticipated is gross negligence. The Pension Committee of the University of Montreal Pension Plan, et al. v. Banc of America Securities LLC, et al., Amended Order, Case No. 05-cv-9016 (SDNY Jan. 15, 2010)
What Happened? • Plaintiffs’ counsel's emails and memoranda “did not meet the standard of a litigation hold” because plaintiff's counsel failed to direct employees to preserve all relevant records and failed to create a mechanism for collecting records. • Memo required employees to determine what was relevant and to respond without supervision by counsel. • Memo did not instruct employees to suspend the destruction of potentially relevant records. • Plaintiffs did not issue a formal written litigation hold until 2007 – nearly four years after the triggering event. The Pension Committee of the University of Montreal Pension Plan, et al. v. Banc of America Securities LLC, et al., Amended Order, Case No. 05-cv-9016 (SDNY Jan. 15, 2010)
Production Gaps • Defendants found gaps in document production from 13 plaintiffs • Requested declarations describing the preservation efforts • Found that “almost all of the declarations were false and misleading and/or executed by a declarant without personal knowledge of its contents.” Pension Committee, Amended Order, at *32-33
The Hammer Falls: Gross Negligence • Six plaintiffs found grossly negligent – Failure to issue a written litigation hold prior to 2007; – Deleting ESI after the trigger event; – Failing to request documents from key players; – Delegating search efforts without any supervision from management; – Destroying backup tapes relating to key players where other ESI was not readily available; and/or – Submitting misleading or inaccurate declarations. Pension Committee, Amended Order, at *42-43
“Merely” Negligent • 7 found merely negligent – “failure to institute a written litigation hold” was “not yet generally required” in early 2004 in Federal court in Florida. Pension Committee, Amended Order, at *64.
Lessons Learned
Lesson Learned: Self-Collection • Counsel must give direction and supervision to custodians on preservation. – One custodian said he had “no experience conducting searches, received no instruction on how to do so, had no supervision during the collection, and no contact with Counsel during the search.” • Employee must not search their own files since they become the sole decision maker as to the relevance of the search terms used. Pension Committee, Amended Order, at *62, 66.
Lessons Learned: Finding Gross Negligence “[T]he following failures support a finding of gross negligence, when the duty to preserve has attached: [1] to issue a written litigation hold; [2] to identify all of the key players and to ensure that their electronic and paper records are preserved; [3] to cease the deletion of email or to preserve the records of former employees that are in a party's possession, custody, or control; and [4] to preserve backup tapes when they are the sole source of relevant information or when they relate to key players, if the relevant information maintained by those players is not obtainable from readily accessible sources.” The Pension Committee of the University of Montreal Pension Plan, et al. v. Banc of America Securities LLC, et al., Amended Order, Case No. 05-cv-9016 (SDNY Jan. 15, 2010)
Rimkus: Litigation Holds…Texas Style! • Intellectual property case. • Group of employees left and filed suit against their former employer to release them from their non-compete agreements. • In countersuit, Rimkus Consulting claimed the former employees violated their non-competes and additionally made off with “trade secrets and proprietary information.” Rimkus Consulting Group, Inc. v. Cammarata, 2010 U.S. Dist. No. 07-cv-00405 (SDTX Feb. 19, 2010)
Rimkus Result • Concluded willful destruction of evidence, although a significant amount of the incriminating evidence was recovered by the plaintiff. • Court was unwilling to issue an adverse inference instruction. • Would allow the jury to determine the implications of the defendants’ misconduct based on the facts. Rimkus Consulting Group, Inc. v. Cammarata, 2010 U.S. Dist. No. 07-cv-00405 (SDTX Feb. 19, 2010)
Culpability Insight “Permissive” adverse inference sanction that instructed the jury to decide if the defendants intentionally deleted emails… and whether to infer that the lost information would have been unfavorable to the defendants.
Data Breach Adventures
Digital Forensics • Core: data collection, preservation, documentation and court room presentation – Defensible processes – Use methods that yield most accurate results (Gates Rubber Co. v. Bando American, Inc., 798 F.Supp. 1499, 1511 (D.Colo.1992). • Differences between forensic collection versus backup • Be proactive: have plan before you need the data
Places to hide
Forensic View of Empty Recycle Bin The files in the Recycle Bin were wiped…
Wiping Sample
Deleted Files (Free Space)
Hidden Data in MS Word
Analyzing hidden data sample from Letter Template.doc Document Name: hidden data sample from Letter Template.doc Path: C:Documents and SettingstcastrejonMy DocumentsMetaData Deck Document Format: Word Document Built-in document properties: Built-in Properties Containing Metadata: 2 Title: Deloitte Letter.dot Comments: Word Template v2004.1 08/22/2004 Document Statistics: Document Statistics Containing Metadata: 6 Creation Date: 7/18/2006 11:16:00 PM Last Save Time: 7/18/2006 11:29:00 PM Time Last Printed: 5/1/2002 4:04:00 PM Last Saved By: John Doe Revision Number: 5 Total Edit Time (Minutes): 13 Minutes Custom document properties: No Custom Document Properties Last 10 authors: NOT PROCESSED Document Metadata Sample
Outlook Metadata
EXIF Metadata
Disk;;USB_DISK_2.0;077515B0166B&0;USB DISK 2.0 USB Device;06/03/09 07:54:59AM;04/04/09 09:29:41PM;7&1e544ac1&0 Disk;;USB_DISK_2.0;077516B01804&0;USB DISK 2.0 USB Device;04/04/09 09:29:41PM;04/04/09 09:29:41PM;7&11a53745&0 Disk;;USB_DISK_20X;074712910134&0;USB DISK 20X USB Device;06/17/09 04:40:12PM;04/04/09 09:29:41PM;7&1c48d21e&0 Disk;Apple;iPod;000A2700146E70D2&0;Apple iPod USB Device;04/04/09 09:29:41PM;04/04/09 09:29:41PM;7&d9cbdb&0 Disk;I-Stick2;IntelligentStick;FCA4B93FF2BFE451&0;I-Stick2 IntelligentStick USB Device;04/04/09 09:29:41PM;04/04/09 09:29:41PM;7&699ed73&0 DosDevicesE:;;0;??STORAGE#RemovableMedia#7&1c48d21e&0&RM#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b};074712910134&0 USB Devices
Link File Name Created Written Accessed Volume Label Media Type Serial # Path 14aren.lnk 02/11/09 03:03:05PM 02/11/09 03:03:06PM 03/05/10 12:00:00AM NEW VOLUME Removable 14 F7 C2 E4 E:file_Rename14aren Customer_lists.pdf.lnk 03/05/10 06:51:58PM 04/15/09 06:16:26PM 03/05/10 12:00:00AM NEW VOLUME Removable 14 F7 C2 E4 E:secret_documents Customer_lists.pdf secret_documents.lnk 03/05/10 06:51:57PM 03/05/10 06:51:58PM 03/05/10 12:00:00AM NEW VOLUME Removable 14 F7 C2 E4 E:secret_documents Company_research_new _design.doc.lnk 03/05/10 06:51:57PM 06/02/05 09:39:22PM 03/05/10 12:00:00AM NEW VOLUME Removable 14 F7 C2 E4 E:secret_documents Company_research_n ew_design.doc Links Recently Accessed via Removable Media
Encryption & PW Protection
Live Memory •Encryption keys and  passwords •Email fragments •Document fragments •Malware
Legal Considerations • Acceptable use policy • Subpoena • 4th Amendment • Cross border data transfer and privacy considerations – EU Safe Harbor – Local laws and regulations
Complex world of laws and regulations present challenges  for records and information management Australia Federal Privacy Amendment Bill State Privacy Bills in Victoria, New South Wales and Queensland, new email spam and privacy regulations Numerous State Laws Breach Notification 41 States from CA to NY European Union EU Data Protection Directive and Member States Data Protection Laws, Safe Harbor South Africa Electronic Communications and Transactions Act US SOX, HIPAA, COPPA, FRCP, 21 CFR 11, ISO 15489, ANSI/AIIM TR48‐ 2004, PCI Data  Security Hong Kong Personal Data Privacy Ordinance Canada Federal/Provincial PIPEDA, FOIPPA, PIPA Chile Law for the Protection of Private Life South Korea Act on Promotion of Information and Communications Network Utilization and Data Protection India Law pending currently under discussion New Zealand Privacy Act Argentina Personal Data Protection Law, Confidentiality of Information Law Philippines Data Privacy Law proposed by ITECC Taiwan Computer- Processed Personal Data Protection Law Japan Personal Information Protection Act Regulatory Considerations
Trends • Data will continue to expand to mobile side of your enterprise • Cloud computing
Cloud Computing • Evidence Collection in the Cloud • Security in the Cloud • E-Discovery in the Cloud
Thank You Tomas Castrejon General Dynamics Advanced Information Systems Network Defense and Digital Forensics 408.220.3113 Tomas.Castrejon@gd-ais.com Josh Gilliland, Esq. D4 LLC 650-576-3298 jgilliland@d4discovery.com www.bowtielaw.com Twitter @bowtielaw Stephanie Sparks, Esq. Hoge Fenton Jones & Appel 408.947.2431 sos@hogefenton.com www.hogefenton.com

Recommandé

2017 eDiscovery Case Law Update
2017 eDiscovery Case Law Update2017 eDiscovery Case Law Update
2017 eDiscovery Case Law Update
Logikcull.com
 
Electronic Discovery - GODWIN PC - What you Need to Know
Electronic Discovery - GODWIN PC - What you Need to KnowElectronic Discovery - GODWIN PC - What you Need to Know
Electronic Discovery - GODWIN PC - What you Need to Know
Ed Sothcott
 
Protecting Data in the Age of Cybercrime and Data Breach
Protecting Data in the Age of Cybercrime and Data BreachProtecting Data in the Age of Cybercrime and Data Breach
Protecting Data in the Age of Cybercrime and Data Breach
Logikcull.com
 
DEFCON17 - Your Mind: Legal Status, Rights and Securing Yourself
DEFCON17 - Your Mind: Legal Status, Rights and Securing YourselfDEFCON17 - Your Mind: Legal Status, Rights and Securing Yourself
DEFCON17 - Your Mind: Legal Status, Rights and Securing Yourself
James Arlen
 
Laws Governing E Data And Seizure
Laws Governing E Data And SeizureLaws Governing E Data And Seizure
Laws Governing E Data And Seizure
rlhicksjr
 
Just Intellectuals Newsletter (March 2017 ed)
Just Intellectuals Newsletter (March 2017 ed)Just Intellectuals Newsletter (March 2017 ed)
Just Intellectuals Newsletter (March 2017 ed)
Kristy Downing
 
Total Evidence White Paper
Total Evidence White PaperTotal Evidence White Paper
Total Evidence White Paper
Kevin Featherly
 
BlackHat USA 2009 - Your Mind: Legal Status, Rights and Protecting Yourself
BlackHat USA 2009 - Your Mind: Legal Status, Rights and Protecting YourselfBlackHat USA 2009 - Your Mind: Legal Status, Rights and Protecting Yourself
BlackHat USA 2009 - Your Mind: Legal Status, Rights and Protecting Yourself
James Arlen
 

Recommandé

2017 eDiscovery Case Law Update
2017 eDiscovery Case Law Update2017 eDiscovery Case Law Update
2017 eDiscovery Case Law Update
Logikcull.com
 
Electronic Discovery - GODWIN PC - What you Need to Know
Electronic Discovery - GODWIN PC - What you Need to KnowElectronic Discovery - GODWIN PC - What you Need to Know
Electronic Discovery - GODWIN PC - What you Need to Know
Ed Sothcott
 
Protecting Data in the Age of Cybercrime and Data Breach
Protecting Data in the Age of Cybercrime and Data BreachProtecting Data in the Age of Cybercrime and Data Breach
Protecting Data in the Age of Cybercrime and Data Breach
Logikcull.com
 
DEFCON17 - Your Mind: Legal Status, Rights and Securing Yourself
DEFCON17 - Your Mind: Legal Status, Rights and Securing YourselfDEFCON17 - Your Mind: Legal Status, Rights and Securing Yourself
DEFCON17 - Your Mind: Legal Status, Rights and Securing Yourself
James Arlen
 
Laws Governing E Data And Seizure
Laws Governing E Data And SeizureLaws Governing E Data And Seizure
Laws Governing E Data And Seizure
rlhicksjr
 
Just Intellectuals Newsletter (March 2017 ed)
Just Intellectuals Newsletter (March 2017 ed)Just Intellectuals Newsletter (March 2017 ed)
Just Intellectuals Newsletter (March 2017 ed)
Kristy Downing
 
Total Evidence White Paper
Total Evidence White PaperTotal Evidence White Paper
Total Evidence White Paper
Kevin Featherly
 
BlackHat USA 2009 - Your Mind: Legal Status, Rights and Protecting Yourself
BlackHat USA 2009 - Your Mind: Legal Status, Rights and Protecting YourselfBlackHat USA 2009 - Your Mind: Legal Status, Rights and Protecting Yourself
BlackHat USA 2009 - Your Mind: Legal Status, Rights and Protecting Yourself
James Arlen
 
กพ.56
กพ.56กพ.56
กพ.56
ณิชชนาฎฐ์ ภานุพัฒน์นิธิ?
 
Choose Refreshing Slides, 7/28/13
Choose Refreshing Slides, 7/28/13Choose Refreshing Slides, 7/28/13
Choose Refreshing Slides, 7/28/13
CLADSM
 
penjelasan tentang bid’ah – maulana asri yusoff
penjelasan tentang bid’ah – maulana asri yusoff penjelasan tentang bid’ah – maulana asri yusoff
penjelasan tentang bid’ah – maulana asri yusoff
R&R Darulkautsar
 
AVIATION PICTURES (Pics)-108
AVIATION PICTURES (Pics)-108AVIATION PICTURES (Pics)-108
AVIATION PICTURES (Pics)-108
nrvalluri
 
Care Labs membre fondateur de France eHealth-Tech
Care Labs membre fondateur de France eHealth-TechCare Labs membre fondateur de France eHealth-Tech
Care Labs membre fondateur de France eHealth-Tech
Chèque Santé
 
Carta organisasi pbb
Carta organisasi pbbCarta organisasi pbb
Carta organisasi pbb
jebat2858
 
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job? Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Stanford GSB Corporate Governance Research Initiative
 
E Discovery General E Discovery Presentation
E Discovery General E Discovery PresentationE Discovery General E Discovery Presentation
E Discovery General E Discovery Presentation
jvanacour
 
Transitory Electronic Communication: Recordless Messaging in the Context of a...
Transitory Electronic Communication: Recordless Messaging in the Context of a...Transitory Electronic Communication: Recordless Messaging in the Context of a...
Transitory Electronic Communication: Recordless Messaging in the Context of a...
jonneiditz
 
Who's Afraid of eDiscovery?
Who's Afraid of eDiscovery?Who's Afraid of eDiscovery?
Who's Afraid of eDiscovery?
CallPM
 
Translating Geek To Attorneys It Security
Translating Geek To Attorneys It SecurityTranslating Geek To Attorneys It Security
Translating Geek To Attorneys It Security
CTIN
 
EDiscovery Presentation
EDiscovery PresentationEDiscovery Presentation
EDiscovery Presentation
scubastog
 
Leadership Through the Firestorm - Legal Counsel's Role in Guiding Through Cy...
Leadership Through the Firestorm - Legal Counsel's Role in Guiding Through Cy...Leadership Through the Firestorm - Legal Counsel's Role in Guiding Through Cy...
Leadership Through the Firestorm - Legal Counsel's Role in Guiding Through Cy...
Shawn Tuma
 
Daniel day
Daniel dayDaniel day
Daniel day
Rob Robinson
 
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data LossLeadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
Shawn Tuma
 
The value of records management
The value of records managementThe value of records management
The value of records management
Philo Janus
 
Managing Electronically Stored Information
Managing Electronically Stored InformationManaging Electronically Stored Information
Managing Electronically Stored Information
SethRandle
 
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Shawn Tuma
 
LegalTech Cross Border Disputes
LegalTech Cross Border DisputesLegalTech Cross Border Disputes
LegalTech Cross Border Disputes
J. David Morris
 
Ensuring Your E-Discovery Procedures Comply With The New Rules
Ensuring Your E-Discovery Procedures Comply With The New RulesEnsuring Your E-Discovery Procedures Comply With The New Rules
Ensuring Your E-Discovery Procedures Comply With The New Rules
rlhicksjr
 
LexisNexis CaseMap National Webinar
LexisNexis CaseMap National WebinarLexisNexis CaseMap National Webinar
LexisNexis CaseMap National Webinar
Daniel Gold, Esq.
 
What Every Attorney Needs to Know
What Every Attorney Needs to KnowWhat Every Attorney Needs to Know
What Every Attorney Needs to Know
BoyarMiller
 

Contenu connexe

En vedette

Choose Refreshing Slides, 7/28/13
Choose Refreshing Slides, 7/28/13Choose Refreshing Slides, 7/28/13
Choose Refreshing Slides, 7/28/13
CLADSM
 
Carta organisasi pbb
Carta organisasi pbbCarta organisasi pbb
Carta organisasi pbb
jebat2858
 
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job? Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Stanford GSB Corporate Governance Research Initiative
 

En vedette (7)

กพ.56
กพ.56กพ.56
กพ.56
 
Choose Refreshing Slides, 7/28/13
Choose Refreshing Slides, 7/28/13Choose Refreshing Slides, 7/28/13
Choose Refreshing Slides, 7/28/13
 
penjelasan tentang bid’ah – maulana asri yusoff
penjelasan tentang bid’ah – maulana asri yusoff penjelasan tentang bid’ah – maulana asri yusoff
penjelasan tentang bid’ah – maulana asri yusoff
 
AVIATION PICTURES (Pics)-108
AVIATION PICTURES (Pics)-108AVIATION PICTURES (Pics)-108
AVIATION PICTURES (Pics)-108
 
Care Labs membre fondateur de France eHealth-Tech
Care Labs membre fondateur de France eHealth-TechCare Labs membre fondateur de France eHealth-Tech
Care Labs membre fondateur de France eHealth-Tech
 
Carta organisasi pbb
Carta organisasi pbbCarta organisasi pbb
Carta organisasi pbb
 
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job? Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
 

Similaire à 08/19/2010 Meeting - Litigation Holds and Security Breaches

Translating Geek To Attorneys It Security
Translating Geek To Attorneys It SecurityTranslating Geek To Attorneys It Security
Translating Geek To Attorneys It Security
CTIN
 
EDiscovery Presentation
EDiscovery PresentationEDiscovery Presentation
EDiscovery Presentation
scubastog
 
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Shawn Tuma
 
Ensuring Your E-Discovery Procedures Comply With The New Rules
Ensuring Your E-Discovery Procedures Comply With The New RulesEnsuring Your E-Discovery Procedures Comply With The New Rules
Ensuring Your E-Discovery Procedures Comply With The New Rules
rlhicksjr
 
Responding to Grand Jury: Subpoenas & Search Warrants
Responding to Grand Jury: Subpoenas & Search WarrantsResponding to Grand Jury: Subpoenas & Search Warrants
Responding to Grand Jury: Subpoenas & Search Warrants
Nexsen Pruet
 
Best Practices: Complex Discovery in Corporations and Law Firms | Ryan Baker ...
Best Practices: Complex Discovery in Corporations and Law Firms | Ryan Baker ...Best Practices: Complex Discovery in Corporations and Law Firms | Ryan Baker ...
Best Practices: Complex Discovery in Corporations and Law Firms | Ryan Baker ...
Rob Robinson
 

Similaire à 08/19/2010 Meeting - Litigation Holds and Security Breaches (20)

E Discovery General E Discovery Presentation
E Discovery General E Discovery PresentationE Discovery General E Discovery Presentation
E Discovery General E Discovery Presentation
 
Transitory Electronic Communication: Recordless Messaging in the Context of a...
Transitory Electronic Communication: Recordless Messaging in the Context of a...Transitory Electronic Communication: Recordless Messaging in the Context of a...
Transitory Electronic Communication: Recordless Messaging in the Context of a...
 
Who's Afraid of eDiscovery?
Who's Afraid of eDiscovery?Who's Afraid of eDiscovery?
Who's Afraid of eDiscovery?
 
Translating Geek To Attorneys It Security
Translating Geek To Attorneys It SecurityTranslating Geek To Attorneys It Security
Translating Geek To Attorneys It Security
 
EDiscovery Presentation
EDiscovery PresentationEDiscovery Presentation
EDiscovery Presentation
 
Leadership Through the Firestorm - Legal Counsel's Role in Guiding Through Cy...
Leadership Through the Firestorm - Legal Counsel's Role in Guiding Through Cy...Leadership Through the Firestorm - Legal Counsel's Role in Guiding Through Cy...
Leadership Through the Firestorm - Legal Counsel's Role in Guiding Through Cy...
 
Daniel day
Daniel dayDaniel day
Daniel day
 
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data LossLeadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
Leadership: Legal Counsel's Role in Guiding Through Cybersecurity and Data Loss
 
The value of records management
The value of records managementThe value of records management
The value of records management
 
Managing Electronically Stored Information
Managing Electronically Stored InformationManaging Electronically Stored Information
Managing Electronically Stored Information
 
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
Cybersecurity Legal and Compliance Issues Business & IT Leaders Must Know -- ...
 
LegalTech Cross Border Disputes
LegalTech Cross Border DisputesLegalTech Cross Border Disputes
LegalTech Cross Border Disputes
 
Ensuring Your E-Discovery Procedures Comply With The New Rules
Ensuring Your E-Discovery Procedures Comply With The New RulesEnsuring Your E-Discovery Procedures Comply With The New Rules
Ensuring Your E-Discovery Procedures Comply With The New Rules
 
LexisNexis CaseMap National Webinar
LexisNexis CaseMap National WebinarLexisNexis CaseMap National Webinar
LexisNexis CaseMap National Webinar
 
What Every Attorney Needs to Know
What Every Attorney Needs to KnowWhat Every Attorney Needs to Know
What Every Attorney Needs to Know
 
Responding to Grand Jury: Subpoenas & Search Warrants
Responding to Grand Jury: Subpoenas & Search WarrantsResponding to Grand Jury: Subpoenas & Search Warrants
Responding to Grand Jury: Subpoenas & Search Warrants
 
Best Practices: Complex Discovery in Corporations and Law Firms | Ryan Baker ...
Best Practices: Complex Discovery in Corporations and Law Firms | Ryan Baker ...Best Practices: Complex Discovery in Corporations and Law Firms | Ryan Baker ...
Best Practices: Complex Discovery in Corporations and Law Firms | Ryan Baker ...
 
Patent Reform 2015 - Andrew Baluch presentation to Rutgers University
Patent Reform 2015 - Andrew Baluch presentation to Rutgers UniversityPatent Reform 2015 - Andrew Baluch presentation to Rutgers University
Patent Reform 2015 - Andrew Baluch presentation to Rutgers University
 
BoyarMiller – What Every Attorney Needs to Know Regarding Document Retention,...
BoyarMiller – What Every Attorney Needs to Know Regarding Document Retention,...BoyarMiller – What Every Attorney Needs to Know Regarding Document Retention,...
BoyarMiller – What Every Attorney Needs to Know Regarding Document Retention,...
 
Where’s the shredder?
Where’s the shredder?Where’s the shredder?
Where’s the shredder?
 

Dernier

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 

Dernier (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

08/19/2010 Meeting - Litigation Holds and Security Breaches

  • 1. The Virtual Trip Wire Litigation Holds & the Duty to Preserve Data in Security Breaches Tomas Castrejon, General Dynamics Josh Gilliland, Esq., D4 LLC Stephanie Sparks, Esq., Hoge Fenton Jones & Appel
  • 2. From the Bench “By now, it should be abundantly clear that the duty to preserve means what it says and that a failure to preserve records – paper or electronic – and to search in the right places for those records, will inevitably result in the spoliation of evidence.” The Pension Committee of the University of Montreal Pension Plan, et al. v. Banc of America Securities LLC, et al., Amended Order, Case No. 05-cv- 9016 (SDNY Jan. 15, 2010)
  • 3. Why this Matters • In complex commercial litigation today, virtually all discovery involves electronic discovery to some extent. • It also is well known that absent affirmative steps to preserve it, at least some electronically stored information (“ESI”) is likely to be lost during the course of litigation through routine business practices or otherwise. Vice Chancellor Parsons, Court of Chancery of Delaware, Beard Research, Inc. v. Kates, 2009 Del. Ch. LEXIS 94, 21-22 (Del. Ch. May 29, 2009).
  • 4. Agenda • Security Breach • Personal Identifiable Information • Case Example • Litigation Hold Definition • Preservation Letters Defined • Triggering Event: The Preservation Obligation • Duty to Preserve • Spoliation • Hypothetical • Litigation Hold Best Practices • Question & Answers
  • 5. © 2010 Hoge Fenton Jones & Appel Personal Information Generally • Individual’s first name or first initial and last name in combination with any one or more of the following: – Social security number – Driver’s license or identification number – Account number, credit or debit card number, in combination with any required security code, access code or password – Medical information – Health insurance information
  • 6. Data Breach •285 million records were compromised in 2008 •A typical lost or stolen laptop cost the business an average of $50,000, 90% of which was for data breach response • Range of loss per individual: $1,213 – $975,527 Source: Open Security Foundation, datalossdb.org
  • 7. Data Breach Source: Open Security Foundation, datalossdb.org
  • 8. Data Breach Source: Open Security Foundation, datalossdb.org
  • 9. Patchwork of Federal Laws • Gramm-Leach-Bliley Act (GLBA regulated by FTC) • Federal Credit Reporting Act (FCRA regulated by FTC) • Fair & Accurate Credit Transactions Act and Red Flags Rules (FACTA regulated by FTC) • Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH Act) (regulated by HHS) • The Children’s Online Privacy Protection Act • The Communications Decency Act • Foreign Intelligence Surveillance Act (FISA) • Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM) • Federal Identity Theft and Assumption Deterrence Act
  • 10. Patchwork of 46 State Data Security Breach Notification Laws • 45 States and the District of Columbia • 7 States added laws within last two years: Alaska, District of Columbia, Iowa, Missouri, South Carolina, Virginia, West Virginia • State Agency Notification Requirement: Massachusetts, New Hampshire, New Jersey, New York, Maryland
  • 11. California Was the First In California . . . • Financial Information Privacy Act (Fin. Code § 4052) GLBA Counterpart - Financial Institutions - Nonpublic personal information • Consumer Credit Reporting Agencies Act (Civ. Code §§ 1785.1 et seq.) FCRA Counterpart • Information Practices Act of 1977 (Civ. Code §§ 1798 et seq.) • Data Breach Notification Law (Civ. Code § 1798.82)
  • 12. Massachusetts Is the Most Stringent • Data Security Regulations, 201 Code Mass. Regs (CMR) 17.00, effective March 1, 2010 • Businesses must have: -Written information security program - Heightened security procedures, including encryption - Vendor contract provisions re compliance are mandatory *contracts signed prior to 3/1/10 = 2 yr grace period *contracts signed after 3/1/10 = no grace period - Must take “reasonable steps to select and retain third-party providers that are capable of maintaining appropriate security measures”
  • 13. State Data Security Breach Notification Laws Generally Notice Requirements: • Data custodian to (i) data owner • Data owner to (ii) affected resident and (iii) possibly State Attorney General • Timing: (i) “immediately following discovery of the breach” (ii) “most expedient time possible and without unreasonable delay”
  • 15. Definition of a Litigation Hold • A litigation hold is a directive to your client and others to preserve ESI or other information pertaining to the litigation. Michael R. Arkfeld, Arkfeld’s Best Practices Guide for Litigation Readiness and Hold, §3.2(A), page 62 (2008-2009 Ed.), citing, Zubulake v. UBS Warburg LLC 220 F.R.D. 212, 218 (S.D.N.Y.2003).
  • 16. Preservation Letter Checklist • Basic investigative work should uncover appropriate points to include in a litigation hold letter. • Common sense should guide the actual points to include in a preservation letter. • Not a discovery request. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
  • 17. Preservation Checklist • A party can disregard the request to preserve, but once the request has formally been made and evidence disappears, a preservation letter may place the discovering party in a superior position to seek sanctions or other relief. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
  • 18. Preservation Letter Checklist • At a minimum, a letter should begin with a general statement that the discovering party expects the party to preserve digital evidence that in all probability will be relevant to the issues in a case, or may lead to the discovery of such evidence. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
  • 19. Preservation Letter Checklist • The preservation letter should include a request that the other party suspend its regular document retention policy pending discovery. • The preservation letter should identify all of the possible locations where such evidence might conceivably reside. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
  • 20. Preservation Letters • The letter should inform the opposing party that a mere file backup of the hard drive is not adequate preservation. • The party must be instructed to image hard drive in bit-stream copies, where all areas, used and unused, of the hard drive are copied. • If a file is deleted before a backup is made, the deleted file will not be copied unless it is a bit-stream copy. • The letter should also request that deleted files that are reasonably recoverable be immediately undeleted. Stone v. Lockheed Martin Corp., 2009 U.S. Dist. LEXIS 12105 (D. Colo. Feb. 2, 2009)
  • 21. A Very Bad Litigation Hold Letter • Hank has asked me to send this out to everyone. • All emails re Napster at this point are related to the litigation and should contain the “a/c” (attorney communications) symbol in the subject line and djohnson@fenwick.com should be ccd. We should not be sending e-mails on this subject anyway. Items from outsiders such as resumes do not require this. • Hank Barry UMG Recordings, Inc. v. Hummer Winblad Venture Partners (In re Napster, Inc. Copyright Litig.), 462 F. Supp. 2d 1060, 1064 (N.D. Cal. 2006).
  • 22. A Very Bad Litigation Hold Letter, Part 2 1. we do not retain e-mails, it is your responsibility to delete your handled e-mails immediately 2. we do not us e-mail to chat about matters related to public companies or matters such as the above 3. we do not retain written copies of e-mails in our files UMG Recordings, Inc. v. Hummer Winblad Venture Partners (In re Napster, Inc. Copyright Litig.), 462 F. Supp. 2d 1060, 1064 (N.D. Cal. 2006). Please also be aware of our e-mail policy. As we have all been required to surrender Napster e-mails, this should reinforce compliance with our long standing policies.
  • 23. A Very Bad Litigation Hold Letter, Part 3 4. our document retention policy is that we do not retain documents on any public or acquired company and retain limited information on private companies. all retained information is stored in central files, pls do not retain other docs in your own files unnecessarily 5. we do not retain files separate from our central files which are periodically checked for compliance to policies Please also review the above policies with any summer associates. UMG Recordings, Inc. v. Hummer Winblad Venture Partners (In re Napster, Inc. Copyright Litig.), 462 F. Supp. 2d 1060, 1064 (N.D. Cal. 2006).
  • 24. Triggering Event for the Duty to Preserve – “Reasonably Anticipated” – Pending, imminent, reasonably foreseeable. – A complaint has been filed – Discovery requests have been served Michael Arkfeld, Best Practices Guide for Litigation Readiness and Hold, §3.2(B) Preservation Obligation
  • 25. Document Destruction Policies No spoliation where documents destroyed as part of a routine housecleaning operation with no notice to enact a litigation hold. Cook Assocs. v. PCS Sales (USA), Inc., 271 F. Supp. 2d 1343, 1357 (D. Utah 2003)
  • 26. Duty to Preserve Includes the Following: • Relevant in the action; • Reasonably calculated to lead to the discovery of admissible evidence; • Reasonably likely to be requested during discovery, and/or • Subject of a pending discovery request. Zubulake v. UBS Warburg LLC, 220 F.R.D. 212, 216 (S.D.N.Y.2003); Wm. T. Thompson Co. v. General Nutrition Corp., 593 F. Supp. 1443, 1555 (C.D.Cal.1984)
  • 27. What the Duty to Preserve Doesn’t Include
  • 28. Relevant Documents to Preserve • [A]ny documents or tangible things (as defined by [Fed. R. Civ. P. 34(a))] made by individuals "likely to have discoverable information that the disclosing party may use to support its claims or defenses." Goodman v. Praxair Servs., 2009 U.S. Dist. LEXIS 58263 (D. Md. July 7, 2009)
  • 29. Relevant Documents to Preserve, 2 • Documents prepared for those individuals, to the extent those documents can be readily identified (e.g., from the "to" field in e- mails). • Information that is relevant to the claims or defenses of any party, or which is "relevant to the subject matter involved in the action." Thus, the duty to preserve extends to those employees likely to have relevant information--the "key players" in the case. Goodman v. Praxair Servs., 2009 U.S. Dist. LEXIS 58263 (D. Md. July 7, 2009)
  • 31. Sanction Flavors • Sanctions can be imposed for negligent, gross negligent, willful and bad faith conduct. • Bad Faith - “[w]here a party destroys evidence in bad faith, that bad faith alone is sufficient circumstantial evidence from which a reasonable fact finder could conclude that the missing evidence was unfavorable to that party,” and thus the jury may be instructed that the lost evidence was adverse to the spoliating party. • Negligence or gross negligence: a judge may impose an adverse inference instruction or “less severe sanctions-such as fines and cost-shifting,” even without a showing that particular materials were lost. Pension Committee, at *18.
  • 32. Demonstrating Spoliation Moving Party Must Show: 1) That its adversary had control of the evidence and a duty to preserve it at the time it was lost or destroyed; 2) That the adversary had a "culpable state of mind" when the evidence was lost or destroyed; and 3) That the lost or destroyed evidence was "relevant" to the moving party's claims such that a reasonable trier of fact could find that it would support a claim. Arista Records LLC v. Usenet.com, Inc., 2009 U.S. Dist. LEXIS 5185 (S.D.N.Y. Jan. 26, 2009)
  • 33. Possible Sanctions • Adverse evidence jury instruction; • Excluding greater or lesser parts of the destroying party's evidence; • Dismissing a party's claims in whole or in part: or • Granting default judgment against a party in whole or in part. Toth v. Parish, 2009 U.S. Dist. LEXIS 16116, 7-8 (W.D. La. Mar. 2, 2009)
  • 34. Determining Sanctions • Factors in determining the appropriate sanctions for wrongful destruction of evidence include: • "1) the degree of fault of the party who altered or destroyed the evidence; • 2) the degree of prejudice suffered by the opposing party; and • 3) whether there is a lesser sanction that will avoid substantial unfairness to the opposing party and if the fault is serious, will serve to defer such conduct by others in the future." Toth v. Parish, 2009 U.S. Dist. LEXIS 16116 (W.D. La. Mar. 2, 2009)
  • 35. Speculation is Not Spoliation • Defendants asserted that Plaintiff's "concern" amounted to nothing more than mere speculation. • Plaintiff did not produced any evidence that suggested Defendants have not complied or do not intend to comply with their duty to preserve evidence. • Preservation order was not warranted. Gregg v. Local 305 IBEW, 2008 U.S. Dist. LEXIS 99075 (N.D. Ind. Dec. 8, 2008)
  • 36. Willful Conduct • Defendant was put on notice of a lawsuit because of unlicensed software usage. • Instead of enacting a litigation hold, the Defendant ordered the “software deleted immediately.” KCH Servs. v. Vanaire, Inc., 2009 U.S. Dist. LEXIS 62993 (W.D. Ky. July 21, 2009).
  • 37. Willful Conduct, 2 • The Defendant’s actions deprived the Plaintiff any opportunity to inspect relevant evidence once the lawsuit began. • The Court ordered the spoliation sanction of an adverse inference instruction, instead of a default judgment, for the Defendant’s obstructionism. KCH Servs. v. Vanaire, Inc., 2009 U.S. Dist. LEXIS 62993 (W.D. Ky. July 21, 2009).
  • 38. A Picture is worth a 1,000 words… • Defendants attempted to purchase $4.2 million painting. • Divorce and lawsuit for breach of contract. • Excel file with unknown origin. • Friend of Defendant’s kid reinstalled computer operating system. Green v. McClendon, 2009 U.S. Dist. LEXIS 71860 (S.D.N.Y. Aug. 13, 2009).
  • 39. …but sanctions are priceless. • Lawyer and Defendant both failed in their duty to preserve. • Plaintiff entitled to additional discovery and costs. Green v. McClendon, 2009 U.S. Dist. LEXIS 71860 (S.D.N.Y. Aug. 13, 2009).
  • 40. California e-Discovery & Litigation Hold Failures • Defendant failed to produce email messages & PST’s. • Defendants did not enact a litigation hold. • During the middle of trial, it was learned that the manufacturer still had not complied with discovery orders and directives. Doppes v. Bentley Motors, Inc., 174 Cal. App. 4th 967, 969 (Cal. App. 4th Dist. 2009)
  • 41. Sanctions Case remanded: (1) Strike Defendants’ answer and enter a default and default judgment against them on the fraud cause of action; (2) Made an express finding in the judgment that Defendants intentionally violated the Song- Beverly Consumer Warranty Act; (3) Entered an order granting the post-trial motion for attorney fees in the total amount of $ 402,187; (4) Reconsider the post-judgment motion for attorney fees in accordance with this opinion; and (5) Ordered further proceedings not inconsistent with the opinion, including a default prove-up on the fraud cause of action, imposition of civil penalties under Civil Code section 1794, and consideration of other relief sought in the complaint. Doppes v. Bentley Motors, Inc., 174 Cal. App. 4th 967, 1003 (Cal. App. 4th Dist. 2009)
  • 42. Resetting the Gold Standard • Pension Committee • 89 page opinion • Securities Litigation • Judge Scheindlin
  • 43. Gross Negligence The failure to issue a written litigation hold when litigation is reasonably anticipated is gross negligence. The Pension Committee of the University of Montreal Pension Plan, et al. v. Banc of America Securities LLC, et al., Amended Order, Case No. 05-cv-9016 (SDNY Jan. 15, 2010)
  • 44. What Happened? • Plaintiffs’ counsel's emails and memoranda “did not meet the standard of a litigation hold” because plaintiff's counsel failed to direct employees to preserve all relevant records and failed to create a mechanism for collecting records. • Memo required employees to determine what was relevant and to respond without supervision by counsel. • Memo did not instruct employees to suspend the destruction of potentially relevant records. • Plaintiffs did not issue a formal written litigation hold until 2007 – nearly four years after the triggering event. The Pension Committee of the University of Montreal Pension Plan, et al. v. Banc of America Securities LLC, et al., Amended Order, Case No. 05-cv-9016 (SDNY Jan. 15, 2010)
  • 45. Production Gaps • Defendants found gaps in document production from 13 plaintiffs • Requested declarations describing the preservation efforts • Found that “almost all of the declarations were false and misleading and/or executed by a declarant without personal knowledge of its contents.” Pension Committee, Amended Order, at *32-33
  • 46. The Hammer Falls: Gross Negligence • Six plaintiffs found grossly negligent – Failure to issue a written litigation hold prior to 2007; – Deleting ESI after the trigger event; – Failing to request documents from key players; – Delegating search efforts without any supervision from management; – Destroying backup tapes relating to key players where other ESI was not readily available; and/or – Submitting misleading or inaccurate declarations. Pension Committee, Amended Order, at *42-43
  • 47. “Merely” Negligent • 7 found merely negligent – “failure to institute a written litigation hold” was “not yet generally required” in early 2004 in Federal court in Florida. Pension Committee, Amended Order, at *64.
  • 49. Lesson Learned: Self-Collection • Counsel must give direction and supervision to custodians on preservation. – One custodian said he had “no experience conducting searches, received no instruction on how to do so, had no supervision during the collection, and no contact with Counsel during the search.” • Employee must not search their own files since they become the sole decision maker as to the relevance of the search terms used. Pension Committee, Amended Order, at *62, 66.
  • 50. Lessons Learned: Finding Gross Negligence “[T]he following failures support a finding of gross negligence, when the duty to preserve has attached: [1] to issue a written litigation hold; [2] to identify all of the key players and to ensure that their electronic and paper records are preserved; [3] to cease the deletion of email or to preserve the records of former employees that are in a party's possession, custody, or control; and [4] to preserve backup tapes when they are the sole source of relevant information or when they relate to key players, if the relevant information maintained by those players is not obtainable from readily accessible sources.” The Pension Committee of the University of Montreal Pension Plan, et al. v. Banc of America Securities LLC, et al., Amended Order, Case No. 05-cv-9016 (SDNY Jan. 15, 2010)
  • 51. Rimkus: Litigation Holds…Texas Style! • Intellectual property case. • Group of employees left and filed suit against their former employer to release them from their non-compete agreements. • In countersuit, Rimkus Consulting claimed the former employees violated their non-competes and additionally made off with “trade secrets and proprietary information.” Rimkus Consulting Group, Inc. v. Cammarata, 2010 U.S. Dist. No. 07-cv-00405 (SDTX Feb. 19, 2010)
  • 52. Rimkus Result • Concluded willful destruction of evidence, although a significant amount of the incriminating evidence was recovered by the plaintiff. • Court was unwilling to issue an adverse inference instruction. • Would allow the jury to determine the implications of the defendants’ misconduct based on the facts. Rimkus Consulting Group, Inc. v. Cammarata, 2010 U.S. Dist. No. 07-cv-00405 (SDTX Feb. 19, 2010)
  • 53. Culpability Insight “Permissive” adverse inference sanction that instructed the jury to decide if the defendants intentionally deleted emails… and whether to infer that the lost information would have been unfavorable to the defendants.
  • 55. Digital Forensics • Core: data collection, preservation, documentation and court room presentation – Defensible processes – Use methods that yield most accurate results (Gates Rubber Co. v. Bando American, Inc., 798 F.Supp. 1499, 1511 (D.Colo.1992). • Differences between forensic collection versus backup • Be proactive: have plan before you need the data
  • 57.
  • 58.
  • 59.
  • 60.
  • 61. Forensic View of Empty Recycle Bin The files in the Recycle Bin were wiped…
  • 64. Hidden Data in MS Word
  • 65. Analyzing hidden data sample from Letter Template.doc Document Name: hidden data sample from Letter Template.doc Path: C:Documents and SettingstcastrejonMy DocumentsMetaData Deck Document Format: Word Document Built-in document properties: Built-in Properties Containing Metadata: 2 Title: Deloitte Letter.dot Comments: Word Template v2004.1 08/22/2004 Document Statistics: Document Statistics Containing Metadata: 6 Creation Date: 7/18/2006 11:16:00 PM Last Save Time: 7/18/2006 11:29:00 PM Time Last Printed: 5/1/2002 4:04:00 PM Last Saved By: John Doe Revision Number: 5 Total Edit Time (Minutes): 13 Minutes Custom document properties: No Custom Document Properties Last 10 authors: NOT PROCESSED Document Metadata Sample
  • 68. Disk;;USB_DISK_2.0;077515B0166B&0;USB DISK 2.0 USB Device;06/03/09 07:54:59AM;04/04/09 09:29:41PM;7&1e544ac1&0 Disk;;USB_DISK_2.0;077516B01804&0;USB DISK 2.0 USB Device;04/04/09 09:29:41PM;04/04/09 09:29:41PM;7&11a53745&0 Disk;;USB_DISK_20X;074712910134&0;USB DISK 20X USB Device;06/17/09 04:40:12PM;04/04/09 09:29:41PM;7&1c48d21e&0 Disk;Apple;iPod;000A2700146E70D2&0;Apple iPod USB Device;04/04/09 09:29:41PM;04/04/09 09:29:41PM;7&d9cbdb&0 Disk;I-Stick2;IntelligentStick;FCA4B93FF2BFE451&0;I-Stick2 IntelligentStick USB Device;04/04/09 09:29:41PM;04/04/09 09:29:41PM;7&699ed73&0 DosDevicesE:;;0;??STORAGE#RemovableMedia#7&1c48d21e&0&RM#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b};074712910134&0 USB Devices
  • 69. Link File Name Created Written Accessed Volume Label Media Type Serial # Path 14aren.lnk 02/11/09 03:03:05PM 02/11/09 03:03:06PM 03/05/10 12:00:00AM NEW VOLUME Removable 14 F7 C2 E4 E:file_Rename14aren Customer_lists.pdf.lnk 03/05/10 06:51:58PM 04/15/09 06:16:26PM 03/05/10 12:00:00AM NEW VOLUME Removable 14 F7 C2 E4 E:secret_documents Customer_lists.pdf secret_documents.lnk 03/05/10 06:51:57PM 03/05/10 06:51:58PM 03/05/10 12:00:00AM NEW VOLUME Removable 14 F7 C2 E4 E:secret_documents Company_research_new _design.doc.lnk 03/05/10 06:51:57PM 06/02/05 09:39:22PM 03/05/10 12:00:00AM NEW VOLUME Removable 14 F7 C2 E4 E:secret_documents Company_research_n ew_design.doc Links Recently Accessed via Removable Media
  • 70. Encryption & PW Protection
  • 72. Legal Considerations • Acceptable use policy • Subpoena • 4th Amendment • Cross border data transfer and privacy considerations – EU Safe Harbor – Local laws and regulations
  • 73. Complex world of laws and regulations present challenges  for records and information management Australia Federal Privacy Amendment Bill State Privacy Bills in Victoria, New South Wales and Queensland, new email spam and privacy regulations Numerous State Laws Breach Notification 41 States from CA to NY European Union EU Data Protection Directive and Member States Data Protection Laws, Safe Harbor South Africa Electronic Communications and Transactions Act US SOX, HIPAA, COPPA, FRCP, 21 CFR 11, ISO 15489, ANSI/AIIM TR48‐ 2004, PCI Data  Security Hong Kong Personal Data Privacy Ordinance Canada Federal/Provincial PIPEDA, FOIPPA, PIPA Chile Law for the Protection of Private Life South Korea Act on Promotion of Information and Communications Network Utilization and Data Protection India Law pending currently under discussion New Zealand Privacy Act Argentina Personal Data Protection Law, Confidentiality of Information Law Philippines Data Privacy Law proposed by ITECC Taiwan Computer- Processed Personal Data Protection Law Japan Personal Information Protection Act Regulatory Considerations
  • 74. Trends • Data will continue to expand to mobile side of your enterprise • Cloud computing
  • 75. Cloud Computing • Evidence Collection in the Cloud • Security in the Cloud • E-Discovery in the Cloud
  • 76. Thank You Tomas Castrejon General Dynamics Advanced Information Systems Network Defense and Digital Forensics 408.220.3113 Tomas.Castrejon@gd-ais.com Josh Gilliland, Esq. D4 LLC 650-576-3298 jgilliland@d4discovery.com www.bowtielaw.com Twitter @bowtielaw Stephanie Sparks, Esq. Hoge Fenton Jones & Appel 408.947.2431 sos@hogefenton.com www.hogefenton.com