What eDiscovery Professionals Can Learn from the Internet Gambling Crack Down
Many of you may have heard about the FBI cracking down on the three largest online gambling sites in the past few days, as the owners of those sites in the United States have been indicted and charged with bank fraud, money laundering and illegal gambling offenses and the sites have been essentially shut down in the US. Restraining orders have been issued against more than 75 bank accounts in 14 countries used by the poker companies PokerStars, Full Tilt Poker and Absolute Poker. Many US customers of these sites are now scrambling to try to get their funds out of the sites and finding it difficult to do so.
So what? This is an eDiscovery blog, right? What does an Internet gambling crack down have to do with eDiscovery?
PokerStars, Full Tilt Poker, Absolute Poker and other gambling sites are cloud-based, Software-as-a-Service (SaaS) applications. Just like Amazon, Facebook, Twitter, eBay, YouTube and SalesForce.com, these sites provide an application via the web that enables its clients to receive a service. In the case of Amazon, it’s the ability to purchase any number of products. For Facebook, it’s the ability to share information with friends and family. For these gambling sites, it’s the ability to play poker for money with anyone else in the world who has the same gambling itch that you do and a broadband connection.
The problem is: in the US, it’s illegal. The Unlawful Internet Gambling Enforcement Act of 2006 prohibits gambling businesses from knowingly accepting payments related to a bet or wager that involves the use of the Internet and that is unlawful under any federal or state law. So, these sites are hosted in other countries to attempt to skirt the law.
What many US customers of these sites are finding out is the same thing that eDiscovery professionals discover when they need to retrieve cloud-based data in response to a discovery request: it’s imperative to know where your data is stored. It’s likely that many customers of these gambling sites knew that their funds were kept off-shore, while others may not have known this was the case. Regardless, they’re now scrambling to get their data (i.e., funds) back — if they can.
Many organizations are “in the same boat” when it comes to their SaaS providers – it may be unclear where that data is being stored and it may be difficult to retrieve if it’s stored in a foreign country with a different set of laws. It’s important to establish (in writing if possible) with the provider up front where the data will be stored and agree on procedures such as records management/destruction schedules so that you know where your data is stored and can get access to it when you need it. Don’t gamble with your data.
So, what do you think? Do you have organizational data in a SaaS-based solution? Do you have a plan for getting that data when you need it? Please share any comments you might have or if you’d like to know more about a particular topic.
Full disclosure: I work for Trial Solutions, which provides SaaS-based eDiscovery review applications FirstPass® (for first pass review) and OnDemand® (for linear review and production). Our clients’ data is hosted in a secured Tier 4 Data Center in Houston, Texas, where Trial Solutions is headquartered.