The Special Masters have recommended that Technology Concepts & Design, Inc. (”TCDI”) be retained to build, maintain and operate a database, to store the Core Discovery that the parties have begun to produce, and will continue to produce, pursuant to my order dated November 27, 2007 (”Core Discovery Order”). I approve the recommendation.

The Core Discovery will create a substantial amount of information: insurance data from scores of contractors and subcontractors, and basic details concerning each plaintiff’s claim. Because of the volume of information that will be produced, and the intense time pressures governing production, it is imperative that a means be developed to process and organize the information on a consistent, reliable, and accessible basis. From this information, it should be possible to align plaintiffs readily with the particular defendants against whom they may have a basis to seek recovery, categorize plaintiffs according to their types and severity of injuries, eliminate various defendants from various cases, identify the sequence in which cases should be tried, group those cases with others that appear to be similarly situated, organize and understand the insurance that might relate to particular claims and, perhaps, not to others, and, not least, create paradigms that could lead to settlements.

[...]

There is no substitute for an independently created and managed database. Without a common core of reliable information, the approximately 10,000 cases that are before me will become increasingly difficult to manage. Disputes will proliferate, and progress will be slowed. Depositions and other discovery will become necessary, as each side tries to prove facts that their separate databases treat in different ways. The cases will take years longer to progress towards trial or resolution. Expenses to each side will rise in uncontainable ways, making present complaints insignificant. Meanwhile, individual plaintiffs will incur illnesses and some may die, blaming their heroism in the aftermath of 9/11 as the cause, and criticizing government and the courts for indifference and neglect with respect to their claims.

In re World Trade Ctr. Disaster Site Litig., 2008 WL 793578 (S.D.N.Y. Mar. 24, 200

Contending that avoiding inadvertent disclosure of privileged documents will become the top EDD risk of 2008, DataKos opines:

There is much uncertainty, even among many lawyers, as to when the attorney-client privilege should be invoked or asserted. Let’s face it, business people, and lawyers too, insist on using email for everything. Hence, operationally, there are numerous challenges we all face in protecting confidential information from leaking through email forwarded to third parties.

Citing the adoption of new FRE 502, and the privilege waiver concerns dogging generals counsel, DataKos urges IT & RIM professionals to become acquainted with the issues.

DataKos blog has posted some helpful tips on how to prepare for implentation of a global records and information management system:

There is no one-size-fits-all template for a professional services RFP, and certainly not with regards to implementing a global records and information management program. If you decide to use a template from your friends in procurement or one you find online, certain attributes should be included in an RFP when undertaking a project of importance.

The post discusses hiring a consultant for a gaps analysis, and offers some excellent project management tips.

Although the main theme of the story is about the challenges of data management, it begins with the statement that many don’t trust the technology behind EDD and document management:

But Robert Eisenberg, vice president of e-discovery consulting at Capital Legal Solutions of Falls Church, Virginia, raised concerns about technologies such as software that manages document retention and litigation workflow. “I don’t want to sound like a Luddite, but I actually think there’s a danger on relying on tools that are supposed to be doing things that you’re not monitoring,” he said.
Many companies are looking for the Holy Grail of technology that takes care of e-discovery issues without much human intervention, but often what’s needed when a company is facing a lawsuit and needs to track down information is face-to-face contact, Eisenberg said. “The convergence we need is a convergence of grey matter, the way people think of an existing technology, rather than looking for that Holy Grail,” he said. “There’s a danger in even looking for it.”

There are a couple of points I’d like to make here. First, I agree that automating the process as much as possible is an important goal, but I don’t consider it the holy grail. That title, in my humble opinion, is reserved for actually processing files (all file types, thank you) correctly. I’ve seen applications that can’t reach embedded files, I’ve seen some that can’t handle contained files (files within zip files, for example); I’ve seen databases dismissed without being searched; etc…etc…etc…

Get the processing down while you’re traveling the yellow brick road to automation.

There are those progressives who think that the Mr. Eisenbergs of the world need to get with the program:

[Orca Tech co-founder Herbert] Roitblat also made a pitch for tools that search and group documents when corporations are required by courts to save information. “The days of going through page by page by page … those days are gone,” he said. “Nobody can afford it.”

It is true that so-called linear review is often unmanageable in many cases, but I am, nevertheless, sympathetic to those attorneys who want their eyes on every document…after all, they are dealing with the very evidence from which they will build their case in court.

[HT: Information Governance Engagement Area]

Wired has an interesting article on research into the development of a low-cost, low-power storage technology by researchers at Arizona State University that “could put terabyte-sized thumbdrives in consumers’ pockets within a few years.” From the article:

Thanks to a new technique for manipulating charged copper particles at the molecular scale, researchers at Arizona State University say their memory is, bit-for-bit, one-tenth the cost of — and 1,000 times as energy-efficient as — flash memory, the predominant memory technology in iPhones and other mobile devices.

“A thumb drive using our memory could store a terabyte of information,” says Michael Kozicki, director of ASU’s Center for Applied Nanoionics, which developed the technology. “All the current limitations in portable electronic storage could go away. You could record video of every event in your life and store it.”

As Legal, business, and IT staff craft policies and procedures designed to manage everything occurring on data enterprises, and everything removed from them, technology continues to make the job more difficult by developing better (and more portable) storage devices, and more collaborative applications. A terabyte in your pocket…wow.

At the same time, flash technology continues to improve, although we may be near its physical limit, and solid state disks are being touted as a possible alternative.

SearchSecurity.com has posted a great article on Filtering Log Data:

Where there are logs, there is usually an overwhelming amount of log data. This makes it hard for an organization to spot security problems. How do you find the one packet among millions that indicates someone is sending proprietary information out of the enterprise?

Let’s illustrate how it is possible to drill down and find that single suspect packet through a series of screenshots. As an example interface, we’ll use NetIQ’s Security Manager v 6.0 to demonstrate the filtering process, but other vendors in this market offer similar interfaces and capabilities. Regardless of the product your organization uses, this tip will provide a blueprint for how to drill down and obtain the log information you need.

You might already have a glimmer as to why the subject is on-topic here, but in case you feel the need to question my judgment:

[Reporting capabilities of these applications] are useful when you know ahead of time what to look for, such as providing evidence for an electronic discovery request or other external reasons.

The article comes complete with screen shots and is very well written. I highly recommend it.

In order for [the] duty [to preserve the computer] to exist, the computer and its contents must have been discoverable under Rule 26 and [possessors of the computer] Becker and SourceOne must have had reasonable notice that the computer or its contents could be the subject of future discovery requests. In this case, both conditions are met.

Under the liberal standard of discovery relevance, material is discoverable if it is admissible or “reasonably calculated to lead to admissible evidence.” Fed. R. Civ. P. 26(b)(1). In this case, the allegations that support APC’s claims center on Becker’s conduct in communicating with various suppliers and customers within the vacuum filter and bag industry as well as his alleged misappropriation of proprietary information that was stored in computerized form. Becker stated in his affidavit that he used the computer for both business and personal reasons. Given the nature of the allegations and Becker’s use of the computer for business purposes, the contents of the computer were clearly discoverable.

Furthermore, Becker and SourceOne had reasonable notice that the computer could become the subject of discovery requests at the time that Becker threw the computer away. APC’s complaint was filed on March 15, 2007, and counsel for Defendants made his initial appearance on March 19, 2007. Becker admits to throwing the computer away sometime after March 21, 2007. As discussed above, notice of a complaint can put a litigant on notice that evidence is likely to be requested, triggering the duty to preserve. Cohn, 1995 WL 519968 at *5. In this case, Becker had notice based on the nature of APC’s allegations that the computer could become part of the discovery process. Because the computer’s contents were discoverable and Becker had reasonable notice that the computer could become the subject of a discovery request, Becker had a duty to preserve the computer as evidence prior to the date on which he discarded it. Therefore, this Court may impose sanctions pursuant to its inherent power.

APC Filtration, Inc. v. Becker, 2007 U.S. Dist. LEXIS 76221 (N.D. Ill. Oct. 12, 2007)

Kroll Ontrack has issued a press release saying that the company has developed a new, “enterprise-wide erasing” product.

Helping companies protect against security breaches and comply with laws and regulations regarding data retention and privacy, Ontrack Eraser deletes all traces of information stored on targeted media, making recovery impossible.

If it does all the press release claims, it will be a highly useful tool.

Doesn’t sound like a good idea to me, nevertheless, it seems to be a recommended approach suggested by an article on data governance by DM Review.

Like all governance efforts, IT and the business must work in tandem to identify responsibilities as they pertain to content vulnerabilities. Just as executive management and legal personnel need IT’s help in realistically understanding retention technology capabilities, IT will require clear guidance on what system controls to implement per corporate document retention policy. Companies must have the collective will to discuss and prioritize email governance issues and be proactive in addressing retention policies before a legal action or unauthorized dissemination of classified information puts the enterprise at a competitive disadvantage. Most importantly, employees company-wide must be familiar and comfortable with general email and document retention policies if such directives are to achieve uniform success across the enterprise.

On the face of it, I don’t disagree with the passage above, however, I do feel that by depending upon individual employees for compliance is a recipe for disaster. Any document management system must be able to take the responsibility of compliance-based retention (whether it be for regulatory or legal reasons) out of the hands of individuals, and into a process-based system that is strictly followed (whether by automation or policy). Such a system is easier to defend and produces better results.

I’ve previously posted on the different directions in which the legal world and the world of technology are heading. The legal field is all about managing, centralization, and structuring the increasingly unstructured world of corporate communications. Technology, on the other hand is going the other way; it’s all about collaboration, “hyperconnectivity,” and access. Corporations are often torn, trying to make it easier for workers to access needed information while protecting proprietary information while navigating the gauntlet of privacy, regulatory, and legal obligations. GigaOm has a nice article concerning our transistion from the information age into what it is calling “the connected age.”

Today’s version of the web, whatever you want to call it, is notable because people and hardware and information and software and conversation are all mixed together into a hyperconnected network. Maybe instead of getting tangled up in discussions of what’s web 1.0 vs. web 2.0 vs. web 3.0, we might look instead at another shift: how the web enables us to move from one era into another, from the Information Age to the Connected Age. You can see this shift both in the practices of individual workers and in the strategies of technology companies.

The new model is reported to shift emphasis from the “knowledge” worker to the “web” worker, and compares Microsoft (Information age) to Google (connected age) to illustrate.