Saturday, November 17, 2012

Privacy: An Overview of the Electronic Communications Privacy Act


In light of the Petraeus investigation, this should be required reading for everyone:


https://www.fas.org/sgp/crs/misc/R41733.pdf




- Jason

Should Law Firms Outsource E-Discovery?

Interesting question for the Lit support managers out there.

http://www.law.com/jsp/lawtechnologynews/PubArticleLTN.jsp?id=1352664830539&Should_Law_Firms_Outsource_EDiscovery&slreturn=20121017121327


Should Law Firms Outsource E-Discovery?

The Legal Intelligencer
November 16, 2012
 
Concordance and Summation are two words familiar through the halls of nearly every large law firm in the country. They are two of the most commonly used early platforms for managing basic, electronic data coming in and out of law firms.
Even firms that have insourced the entire e-discovery process with more sophisticated technology still use these early systems for smaller matters. But the growing number of matters are far from small when it comes to the amount of electronic data in even the simplest of cases.
The question then becomes, should firms invest in newer, more comprehensive software and the infrastructure to run them internally or should they outsource larger e-discovery projects to vendors that have the staffing and latest technology?
While many business decisions in the legal industry get implemented across firms like falling dominoes with one firm following what a competitor before it did, such is far from the case in e-discovery.
Models are varied and most firms are still undecided. The Legal Intelligencer spoke with a few firms across the spectrum about how they've approached the delivery of e-discovery services.
LEAVE IT TO THE EXPERTS
Ralph Losey is a partner in the Orlando office of labor and employment boutique Jackson Lewis. He serves as the firm's national e-discovery counsel and chairman of its e-discovery practice group. For nine months he reviewed the firm's internal e-discovery service offerings and decided in June to outsource to Kroll Ontrack all nonlegal e-discovery work that the firm's litigation support department had been handling.
Kroll will now handle forensic investigations, collections, processing, hosting, and advanced software that includes predictive coding when needed. Jackson Lewis will handle the legal work, including advising clients on litigation readiness, interviewing witnesses, handling court conferences, issuing document requests to opposing parties, conducting computer-assisted review, filing motions, and handling trials.
If a matter is small enough, Jackson Lewis associates will do the document review, and if the matter is too large, Kroll's document review center will handle it, Losey said.
"The big mistake law firms make is that they don't understand the complexity of e-discovery," Losey said. "There's such confusion and muddiness. Law firms should do what they are supposed to do and the only thing they have a license to do, honestly. That is legal services."
Losey said most e-discovery work is legal advice, something vendors aren't allowed to provide.

What the Petraeus Investigation Tells Us About Online Surveillance


This is an imporatant reminder about the "privacy" of online comunications


What the Petraeus Investigation Tell us about Online Communications


What the Petraeus Investigation Tells Us About Online Surveillance

EmailWith regards to the David Petraeusscandal, as you dig through the very human details of a powerful man's dalliance with an attractive woman, an important question should occur to anybody with more than aNational Enquirer-level interest in the matter: Wait ... The FBI did all of this digging over some bed-hopping? Yes. Yes, it did. And over at The Guardian, Glenn Greenwald wants to know why more people aren't concerned.
As is now widely reported, the FBI investigation began when Jill Kelley - a Tampa socialite friendly with Petraeus (and apparently very friendly with Gen. John Allen, the four-star U.S. commander of the war in Afghanistan) - received a half-dozen or so anonymous emails that she found vaguely threatening. She then informed a friend of hers who was an FBI agent, and a major FBI investigation was then launched that set out to determine the identity of the anonymous emailer.
That is the first disturbing fact: it appears that the FBI not only devoted substantial resources, but also engaged in highly invasive surveillance, for no reason other than to do a personal favor for a friend of one of its agents, to find out who was very mildly harassing her by email.
Think about that. If an FBI agent can go digging through private emails over a friend's complaint about nasty-grams, doesn't that suggest that such intrusive snooping is pretty much old hat to the feds?
Greenwald points out that the FBI's digging into Paula Broadwell's nasty-grams not only took them into her email account and revealed her relationship with David Petraeus; it then revealed Jill Kelley's correspondence with General John Allen, including a truly awe-inspiring data-dump of emails between the two. Continues Greenwald:
So not only did the FBI - again, all without any real evidence of a crime - trace the locations and identity of Broadwell and Petreaus, and read through Broadwell's emails (and possibly Petraeus'), but they also got their hands on and read through 20,000-30,000 pages of emails between Gen. Allen and Kelley.
This is a surveillance state run amok. It also highlights how any remnants of internet anonymity have been all but obliterated by the union between the state and technology companies.
Online email services are especially vulnerable, with companies like Google and Yahoo essentially rolling over for the feds. As the Associated Pressreported:
The downfall of CIA Director David Petraeus demonstrates how easy it is for federal law enforcement agents to examine emails and computer records if they believe a crime was committed. With subpoenas and warrants, the FBI and other investigating agencies routinely gain access to electronic inboxes and information about email accounts offered by Google, Yahoo and other Internet providers.
In fact, older emails — those six months old or older — don't require awarrant at all. Prosecutors can grab them on their own authority. Many companies will cough up detailed information without a formal warrant, anyway. "Google, which operates the widely used Gmail service, complied with more than 90 percent of the nearly 12,300 requests it received in 2011 from the U.S. government for data about its users, according to figures from the company."
Some email providers have been so eager to comply that they actually surrender more information than the FBI requests — and more than it is legally authorized to seek. One such high-profile incident occurred in 2006.
A technical glitch gave the F.B.I. access to the e-mail messages from an entire computer network — perhaps hundreds of accounts or more — instead of simply the lone e-mail address that was approved by a secret intelligence court as part of a national security investigation, according to an internal report of the 2006 episode.
F.B.I. officials blamed an “apparent miscommunication” with the unnamed Internet provider, which mistakenly turned over all the e-mail from a small e-mail domain for which it served as host. The records were ultimately destroyed, officials said.
So remember ... Your online privacy isn't so private.

Friday, November 16, 2012

4 Social Factors That Drive IT Buying Decisions

I thought this was extremely insightful and worth sharing.



4 Social Factors that Drive IT Buying Decisions


4 Social Factors That Drive IT Buying Decisions

Debra Donston-Miller | November 15, 2012
LinkedIn study finds that social networks are increasingly influential throughout the tech purchasing process.
Social media is assuming an increasingly important role in the IT buying process, according to a new study, "IT Purchasing Goes Social." The study, performed by Forrester Consulting and commissioned by LinkedIn, found that social networks have emerged as a source of growing influence across the purchasing process.
Four hundred IT professionals across a diverse range of industries throughout North America were surveyed. LinkedIn commissioned a follow-up study with ResearchNow to provide additional information on how IT professionals are engaging with LinkedIn, Facebook and Twitter.
"We wanted to understand how IT decision makers are sifting through the enormous amounts of information available to them when they're making their purchasing decisions," said Mike Weir, LinkedIn's head of category development for the technology industry, in an interview with The BrainYard.
The study found that 85% of IT decision makers have used at least one social network for business purposes, and that 73% have engaged with an IT vendor on a social network. In addition, 59% of respondents said they rely on social platforms for purchasing decisions, while 46% turn to online media publications.
[ Should LinkedIn be worried? Facebook Jobs App Takes On LinkedIn. ]
"The channels of influence continue to be very diverse -- live events, websites, tech media websites," said Weir, who has written a blog on the topic. "However, social media is starting to rise up the ranks."
There is also a more diverse mix of stakeholders involved in the technology decision-making process, said Weir. "Whether it's the CFO who's now working with the CIO to do a CRM implementation so that they can have full line of sight of all market programs, or the head of sales or head of operations similarly grabbing onto tech as a way to empower their teams to do their jobs better, tech is providing true business differentiation," he said.
So what is driving the increase in the use of social platforms, especially when most IT professionals have to operate from a very guarded position to avoid revealing sensitive information about their organizations and/or information that could be used to gain competitive advantage?
Weir said there are a variety of ways in which IT professionals are engaging on social: "More and more folks are joining groups," he said. "The ability to take any conversation -- whether you're receiving an email promotion from a technology company or whether you went to a live or virtual event -- we are seeing social become a validation point. We've seen continued expansion on our platform and more and more specialized groups that allow IT decision makers to be able to talk with their peers and also to be able to engage with experts, whether those people are consultants, representatives from technology companies themselves or they could be value-added resellers representing lots of different kinds of technologies. The ability to join a group and challenge ideas that were presented, to bring up new ideas that they have discovered -- groups is one of those major points of engagement that social media is providing "
Weir said there are four specific factors that are driving the use of social during the decision-making process:
  • Trust: IT professionals want to learn from both their peers and subject-matter experts. Professional social networks allow users to see the background and credentials of the person they are communicating with.
  • Efficiency: Social networks make it easier to reach a wide network of individuals.
  • Relevancy: Users can quickly find access to the information and people they need.
  • Access: Social networks enable users to reach out to people they never would have dreamed of communicating with directly.
LinkedIn will present the full research at the TechConnect:12 event on Nov. 29.
Is social part of your decision-making process? How so? Please let us know in the comments section below.
Follow Deb Donston-Miller on Twitter at @debdonston.

Thursday, November 15, 2012

Q&A With Predictive Coding Guru, Maura R. Grossman, Esq.

Q&A With Predictive Coding Guru, Maura R. Grossman, Esq.



Q&A With Predictive Coding Guru, Maura R. Grossman, Esq.

BY MATTHEW NELSON ON NOVEMBER 13TH, 2012  
 Google +10
Can you tell us a little about your practice and your interest in predictive coding?
After a prior career as a clinical psychologist, I joined Wachtell Lipton as a litigator in 1999, and in 2007, when I was promoted to counsel, my practice shifted exclusively to advising lawyers and clients on legal, technical, and strategic issues involving electronic discovery and information management, both domestically and abroad.
I became interested in technology-assisted review (“TAR”) in the 2007/2008 time frame, when I sought to address the fact that Wachtell Lipton had few associates to devote to document review, and contract attorney review was costly, time-consuming, and generally of poor quality.  At about the same time, I crossed paths with Jason R. Baron and got involved in the TREC Legal Track.
What are a few of the biggest predictive coding myths?
There are so many, it’s hard to limit myself to only a few!  Here are my nominations for the top ten, in no particular order:
Myth #1:  TAR is the same thing as clustering, concept search, “find similar,” or any number of other early case assessment tools.
Myth #2:  Seed or training sets must always be random.
Myth #3:  Seed or training sets must always be selected and reviewed by senior partners.
Myth #4:  Thousands of documents must be reviewed as a prerequisite to employing TAR, therefore, it is not suitable for smaller matters.
Myth #5:  TAR is more susceptible to reviewer error than the “traditional approach.”
Myth #6:  One should cull with keywords prior to employing TAR.
Myth #7:  TAR does not work for short documents, spreadsheets, foreign language documents, or OCR’d documents.
Myth #8:  Tar finds “easy” documents at the expense of “hot” documents.
Myth #9:  If one adds new custodians to the collection, one must always retrain the system.
Myth #10:  Small changes to the seed or training set can cause large changes in the outcome, for example, documents that were previously tagged as highly relevant can become non-relevant.
The bottom line is that your readers should challenge commonly held (and promoted) assumptions that lack empirical support.
Are all predictive coding tools the same?  If not, then what should legal departments look for when selecting a predictive coding tool?
Not at all, and neither are all manual reviews.  It is important to ask service providers the right questions to understand what you are getting.  For example, some TAR tools employ supervised or active machine learning, which require the construction of a “training set” of documents to teach the classifier to distinguish between responsive and non-responsive documents.  Supervised learning methods are generally more static, while active learning methods involve more interaction with the tool and more iteration.  Knowledge engineering approaches (a.k.a. “rule-based” methods) involve the construction of linguistic and other models that replicate the way that humans think about complex problems.  Both approaches can be effective when properly employed and validated.  At this time, only active machine learning and rule-based approaches have been shown to be effective for technology-assisted review.  Service providers should be prepared to tell their clients what is “under the hood.”
What is the number one mistake practitioners should avoid when using these tools?
Not employing proper validation protocols, which are essential to a defensible process.  There is widespread misunderstanding of statistics and what they can and cannot tell us.  For example, many service providers report that their tools achieve 99% accuracy.  Accuracy is the fraction of documents that are correctly coded by a search or review effort.  While accuracy is commonly advanced as evidence of an effective search or review effort, it can be misleading because it is heavily influenced by prevalence, or the number of responsive documents in the collection.  Consider, for example, a document collection containing one million documents, of which ten thousand (or 1%) are relevant.  A search or review effort that identified 100% of the documents as non-relevant, and therefore, found none of the relevant documents, would have 99% accuracy, belying the failure of that search or review effort to identify a single relevant document.
What do you see as the key issues that will confront practitioners who wish to use predictive coding in the near-term?
There are several issues that will be played out in the courts and in practice over the next few years.  They include:  (1) How does one know if the proposed TAR tool will work (or did work) as advertised?; (2) Must seed or training sets be disclosed, and why?; (3) Must documents coded as non-relevant be disclosed, and why?; (4) Should TAR be held to a higher standard of validation than manual review?; and (5) What cost and effort is justified for the purposes of validation?  How does one ensure that the cost of validation does not obliterate the savings achieved by using TAR?
What have you been up to lately?
In an effort to bring order to chaos by introducing a common framework and set of definitions for use by the bar, bench, and vendor community, Gordon V. Cormack and I recently prepared a glossary on technology-assisted review that is available for free download at:  http://cormack.uwaterloo.ca/targlossary.  We hope that your readers will send us their comments on our definitions and additional terms for inclusion in the next version of the glossary.
Maura R. Grossman, counsel at Wachtell, Lipton, Rosen & Katz, is a well-known e-discovery lawyer and recognized expert in technology-assisted review.  Her work was cited in the landmark 2012 case, Da Silva Moore v. Publicis Group (S.D.N.Y. 2012).

eDiscovery update

e-discovery lessons learned...


E-discovery: Lessons learned from Scentsy, Inc. v. B.R. Chase LLC

Insufficient document retention and litigation hold policies spell trouble for plaintiffs

In some of our recent articles, we have noted the fundamental importance of having data and document retention policies in place and consistently applying those policies. Doing so reduces the overall volume of data or electronic documents that need to be preserved, collected, processed, analyzed and reviewed for potential production when litigation arises. A recent case out of the U.S. District Court for the District of Idaho—Scentsy, Inc. v. B.R. Chase LLC—gives in-house counsel some guidelines for whether their company’s data or document retention policies are acceptable, and if not, what the courts might order.
In Scentsy, a defendant accused the plaintiff of spoliating and failing to produce key documents because of an insufficient litigation hold. Instead of issuing a written litigation hold to any of its custodians, the plaintiff’s general counsel spoke to the custodians that had information regarding the subject of the lawsuit. The plaintiff issued this oral litigation hold around the time it filed the complaint in May 2011. The defendant argued that the plaintiff had first anticipated the litigation in May 2010. Meanwhile, the plaintiff admitted that it anticipated the litigation no later than March 2011, roughly two months prior to the oral litigation hold.
The plaintiff’s document retention policy was curious in that it provided for the routine deletion of emails but not other documents that are more than six months old.
Other facts complicated the plaintiff’s odd document retention policy and the oral litigation hold. Specifically, the hard drive used by the plaintiff’s lead designer for the products at issue in the case crashed in early 2010. The plaintiff sent the drive to a forensic computer specialist in an attempt to recover any data on it, but those efforts were unsuccessful. As a result, the plaintiff contended that even if it contemplated the litigation in May 2010, any relevant documents not produced were destroyed either under its general retention policy or when its lead designer’s computer hard drive failed.
The court was not troubled by the failure of the lead designer’s hard drive in early 2010. It reasoned that even if the plaintiff anticipated the litigation in May 2010, as asserted by the defendant, the hard drive had crashed before that. The defendant provided no evidence to the contrary.
The court was, however, troubled by the plaintiff’s document retention policy and the oral litigation hold issued by its general counsel:
“The Court has serious concerns with [plaintiff’s] retention policy and litigation hold process. Generally not deleting documents, and orally requesting certain employees to preserve relevant documents concurrently with filing a lawsuit, is completely inadequate.”
The court even described this conduct as “very risky” and bordering on “recklessness.”