Close
Enter your
text here

Electronic Discovery

Here’s One Way to Comply with GDPR – Block All EU Users: Data Privacy Trends

Believe it or not, Europe’s General Data Protection Regulation (GDPR) is set to go into effect in one just one week(!), on May 25th.  Many organizations are scrambling to comply with the new regulation and a lot of them won’t have compliance sorted out in the next week.  As a result, some companies have realized it’s just too much of a hassle and decided to block all access to EU users.

According to Above the Law (Companies Respond To The GDPR By Blocking All EU Users, written by “Techdirt”), F-Secure’s Mikko Hypponen has tracked a bunch of examples of sites that give you some simple javascript to block EU visitors.  Hypponen highlighted one site (currently offline, but can be seen at the Internet Archive) called GDPR Shield that does that (assuming the requestor has Javascript turned on, and their location is determined accurately — both of which may be big assumptions). Hypponen also noted several other sites cutting off EU users, including: Ragnarok Online, Verve, Brent Ozar, Unroll.me, SMNC, Tunngle, Drawbridge and Steel Root.

Hypponen also noted the very different reactions to all of this from EU readers and US readers. EU folks seem to be generally supportive of the GDPR and think that companies shutting down service are either stupid & ignorant or evil and thus should shut down. On the US side, he noted people are smug about how this serves the EU right and will harm the EU.

I can understand the prospects of a penalty of €20 million or 4% of worldwide revenue (whichever is greater) can cause organizations to take drastic steps.  But, should those steps include blocking EU users altogether?  Seems like a great way to cut off a lot of potential revenue.  What’s better: to be penalized for not complying with GDPR or to give up potential business in a drastic attempt to avoid the penalty?

Back in February, Tom O’Connor and I discussed the aspects of GDPR and steps to comply in a webcast we conducted on the topic (and we didn’t advocate shutting out the EU users).  It’s not too late to check it out!  One week to go!

So, what do you think?  Are you ready for GDPR?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Former Employee Sanctioned for Lying Under Oath, Destruction of ESI: eDiscovery Case Law

In Heggen v. Maxim Healthcare Servs., Inc., No. 1:16-cv-00440-TLS-SLC (N.D. Ind. April 27, 2018), Indiana Magistrate Judge Susan Collins ruled that the plaintiff’s destruction of requested cellphone recordings, as well as lying under oath, were sanctionable under FRCP Rule 37.

Case Background

The plaintiff filed the case against her former employer – a provider of temporary medical staffing, home health care, and wellness services – with claims of sexual harassment and retaliation. The plaintiff stated under oath that she chose to leave these employers “voluntarily” because the two clients with whom she worked were going into a nursing home.

However, the defendant pointed out that records show that the plaintiff was terminated after she refused to discuss a complaint that the plaintiff stole $300 from a client under her care, as well as mismanagement of the client’s financial assets. A discovery request to the Indiana Department of Workforce Development revealed that the plaintiff had worked for Interim Health Care immediately prior to joining the defendant, even though she responded to the first request for production with a different former employer, and then stated a second employer during her deposition. Based on the records from Interim, the defendant claimed that the circumstances of the plaintiff’s departure from Interim were “strikingly similar” to the plaintiff’s time at the defendant, including that a patient’s medications went missing – the plaintiff then tested positive for the missing medications on a drug test, and the plaintiff failed to return to work after the complaint.

The clearest contention that the defendant brought is that the plaintiff destroyed key evidence in at least three different ways and this, along with the other actions by the plaintiff, the defendant contended was grounds for a dismissal sanction. The plaintiff testified at her deposition that she made about seven recordings of unidentified defendant employees and said these recordings supported her claims against the defendant, she also testified that the Equal Employment Opportunity Commission (“EEOC”) had the recordings, because she deleted the recordings from her cell phone since she “didn’t want them to have [her] phone lost and have them be out there.” She claimed she had emailed the recordings to the EEOC, but couldn’t find any copy of the emails transmitting the recordings. After sending the emails, she performed a factory reset of her phone (an older Apple model) that basically had “broke[n] down,” and that she was trying to get working again. The reset deleted all of the data stored on it, including the recordings.

She felt that emailing the recordings to EEOC was a form of preservation and “thought it was okay to get rid of them[.]” Copies of three of the recordings were found, and the plaintiff submitted transcripts of these recordings with her response brief, and she also provided a copy of the recordings and transcripts to the defendant. However, there was no explanation for the other missing recordings.

The defendant had sought the recordings from the plaintiff for months through traditional discovery and because it did not have the recordings when it deposed the plaintiff, it felt that resulted in prejudice against them. They also argued that there was a significant difference between original recordings and copies of recordings. What the plaintiff submitted appeared to be at least two different layers of recorded conversations: “an ongoing face-to-face interaction between individuals who are supposedly simultaneously listening to and participating in a different interaction by telephone, all recorded on top of each other.”  Also, because they were copies, there was no way to delve into the original metadata of the recordings. Further, while the original recordings were made on an iPhone, the files produced were in 3GP format, a format generally used by Android phones, raising even more questions.

Judge’s Ruling

Judge Collins ruled that the defendant’s failure under oath to disclose Interim as a prior employer and for her destruction of the original cell phone recordings was sanctionable. But noted that a sanction for discovery abuse must be “a proportionate response to the circumstances.”

Judge Collins stated, “The draconian sanction of dismissal is not presently warranted here. Rather, the present circumstances warrant the imposition of lesser sanctions in the form of a monetary penalty—that is, ordering Heggen to pay the reasonable expenses, including attorney’s fees, that Maxim incurred in filing the motion to compel [See FRCP Rule 37]. The Court has no reason, at least at this juncture, to conclude that the imposition of this monetary penalty would be fruitless. The Court will also consider a spoliation instruction upon a pretrial motion by counsel should this case go to trial. The motion for sanctions is otherwise denied. Heggen is duly warned that any additional discovery transgressions may result in further sanctions against her, up to and including dismissal of this case.”

So, what do you think?  Was the ruling correct or was a sanction of dismissal warranted in this case?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery for the Rest of Us: eDiscovery Best Practices

Editor’s Note: Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems.  He has also been a great addition to our webinar program, participating with me on several recent webinars.  Tom has also written several terrific informational overview series for CloudNine, including eDiscovery and the GDPR: Ready or Not, Here it Comes (which we covered as a webcast), Understanding eDiscovery in Criminal Cases (which we also covered as a webcast), ALSP – Not Just Your Daddy’s LPO and Why Is TAR Like a Bag of M&M’s?. Now, Tom has written another terrific overview regarding eDiscovery for the smaller cases titled eDiscovery for the Rest of Us that we’re happy to share on the eDiscovery Daily blog (and will cover later this month in a webcast).  Enjoy! – Doug

Tom’s overview is split into four parts, so we’ll cover each part separately.  Here’s the first part.

Introduction

With the high number of eDiscovery vendors and the huge amount of ED conferences, webinars and seminars, you might ask why we would talk about eDiscovery for “the rest of us”.  eDiscovery was initially seen as the exclusive domain of large firms with large cases in Federal court.  But the fact is that firms of all sizes now must know how to handle electronic discovery efficiently and cost-effectively. Why?

First, most attorneys in private practice are employed by law firms with fewer than 20 lawyers and, in fact, half of all U.S lawyers in private practice are solo practitioners.  Smaller firms mean smaller cases. With the increase in digital activity by people in all areas of their lives, we are now seeing e-discovery become an issue in domestic disputes, employment cases and even criminal matters. All case types handled by small firms.

And the initial Federal Rules of Civil Procedure governing ESI have now been emulated in over 2/3 of the states with even an agreed-upon e-discovery exchange protocol between the offices of the U.S. Attorney and the Federal Defenders for criminal cases finding its way into state matters. Coast-to-coast, from California to Florida and from states as populous as New Jersey to mostly rural states such as Louisiana and Alabama, e-discovery is now a local issue.

Indeed, when Bruce Olson and I first gave a presentation called eDiscovery for Small Cases at the ABA TechShow in March of 2010, we didn’t expect much of a turnout.  But the room was packed and we both realized we had struck a nerve.

Why?  Bruce and I called it the Small Case Dilemma.  We’ll explore that issue and others in this paper, as follows:

  1. eDiscovery: The Early Years
  2. The EDna Challenge, 2009
  3. The Ernie Challenge
  4. The EDna Challenge, 2016
  5. What’s Next?
  6. Conclusion

We’ll publish Part 2 – eDiscovery: The Early Years and The EDna Challenge, 2009 – on Thursday.

So, what do you think?  Do smaller litigation cases get shortchanged when it comes to eDiscovery technology?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Could We Be Close to a Second State to Approve a Technology CLE Requirement?: eDiscovery Trends

In 2016, Florida became the first state to mandate technology training for lawyers, when it adopted a rule requiring lawyers to complete three hours of CLE every three years “in approved technology programs.”  We covered it here.  That requirement went into effect on January 1, 2017 and CloudNine has certainly been providing several CLE courses that are technology approved in Florida.  We’ve been wondering when a second state was going to follow suit and we may be close to an answer.

According to Robert Ambrogi and his Law Sites blog (A Second State Moves Closer to Mandating Technology Training for Lawyers), the North Carolina State Bar Council has approved a proposed amendment to lawyers’ annual CLE requirements that would mandate that one hour of the required 12 hours of CLE training annually be devoted to technology training.

The council adopted the proposed amendment on April 20. The proposed amendment now goes to the North Carolina Supreme Court for approval.

The proposed amendment would also add a definition of technology training, as follows:

“Technology training” shall mean a program, or a segment of a program, devoted to education on information technology (IT) or cybersecurity (see N.C. Gen. Stat. §143B-1320(a)(11), or successor statutory provision, for a definition of “information technology”), including education on an information technology product, device, platform, application, or other tool, process, or methodology. To be eligible for CLE accreditation as a technology training program, the program must satisfy the accreditation standards in Rule .1519 of this subchapter: specifically, the primary objective of the program must be to increase the participant’s professional competence and proficiency as a lawyer. Such programs include, but are not limited to, education on the following: a) an IT tool, process, or methodology designed to perform tasks that are specific or uniquely suited to the practice of law; b) using a generic IT tool process or methodology to increase the efficiency of performing tasks necessary to the practice of law; c) the investigation, collection, and introduction of social media evidence; d) e-discovery; e) electronic filing of legal documents; f) digital forensics for legal investigation or litigation; and g) practice management software. See Rule .1602 of this subchapter for additional information on accreditation of technology training programs.

However, as Kevin O’Keefe notes in his Real Lawyers blog (via a tweet by Richard Granat), the same North Carolina has just passed regulation restricting the distribution of self-help legal software over the Internet.  Go figure.

Regardless, I will be very interested to see what happens in the state that I’m now spending a lot of my time (because of our recent acquisition, of course).

So, what do you think?  Will we see more states require technology CLE?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

A Fresh Comparison of TAR and Keyword Search: eDiscovery Best Practices

Bill Dimm of Hot Neuron (the company that provides the product Clustify that provides document clustering and predictive coding technologies, among others) is one of the smartest men I know about technology assisted review (TAR).  So, I’m always interested to hear what he has to say about TAR, how it can be used and how effective it is when compared to other methods (such as keyword searching).  His latest blog post on the Clustify site talk about an interesting exercise that did exactly that: compared TAR to keyword search in a real classroom scenario.

In TAR vs. Keyword Search Challenge on the Clustify blog, Bill challenged the audience during the NorCal eDiscovery & IG Retreat to create keyword searches that would work better than technology-assisted review (predictive coding) for two topics.  Half of the room was tasked with finding articles about biology (science-oriented articles, excluding medical treatment) and the other half searched for articles about current law (excluding proposed laws or politics).  Bill then ran one of the searches against TAR in Clustify live during the presentation (the others he couldn’t do during the session due to time constraints, but did afterward and covered those on his blog, providing the specific searches to which he compared TAR).

To evaluate the results, Bill measured the recall from the top 3,000 and top 6,000 hits on the search query (3% and 6% of the population respectively) and also included the recall achieved by looking at all docs that matched the search query, just to see what recall the search queries could achieve if you didn’t worry about pulling in a ton of non-relevant docs.  For the TAR results he used TAR 3.0 (which is like Continuous Active Learning, but applied to cluster centers only) trained with (a whopping) two seed documents (one relevant from a keyword search and one random non-relevant document) followed by 20 iterations of 10 top-scoring cluster centers, for a total of 202 training documents.  To compare to the top 3,000 search query matches, the 202 training documents plus 2,798 top-scoring documents were used for TAR, so the total document review (including training) would be the same for TAR and the search query.

The result: TAR beat keyword search across the board for both tasks.  The top 3,000 documents returned by TAR achieved higher recall than the top 6,000 documents for any keyword search.  Based on this exercise, TAR achieved better results (higher recall) with half as much document review compared to any of the keyword searches.  The top 6,000 documents returned by TAR achieved higher recall than all of the documents matching any individual keyword search, even when the keyword search returned 27,000 documents.

Bill acknowledges that the audience had limited time to construct queries, they weren’t familiar with the data set, and they couldn’t do sampling to tune their queries, so the keyword searching wasn’t optimal.  Then again, for many of the attorneys I’ve worked with, that sounds pretty normal.  :o)

One reader commented about email headers and footers cluttering up results and Bill pointed out that “Clustify has the ability to ignore email header data (even if embedded in the middle of the email due to replies) and footers” – which I’ve seen and is actually pretty cool.  Irrespective of the specifics of the technology, Bill’s example is a terrific fresh example of how TAR can outperform keyword search – as Bill notes in his response to the commenter “humans could probably do better if they could test their queries, but they would probably still lose”.  Very interesting.  You’ll want to check out the details of his test via the link here.

So, what do you think?  Do you think this is a valid comparison of TAR and keyword searching?  Why or why not?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Former Football Players Sanctioned for Failure to Produce: eDiscovery Case Law

In Michael E. Davis, et al. v. Electronic Arts, Inc., No. 10-cv-03328-RS, (N.D. Cal., April 3, 2018), California Magistrate Judge Donna M. Ryu ruled that the plaintiff’s failure to fully comply with the discovery requests by the defendant were sanctionable under FRCP Rule 37, which states, “Such sanctions may include ordering a party to pay the reasonable expenses, including attorneys’ fees, caused by its failure to comply with the order or rule.”

Case Background

Three former NFL players claimed that Electronic Arts (EA) used their likenesses in the Madden NFL videogame series without authorization. In July 2017, EA moved to compel plaintiffs to provide further responses to discovery, and the court ordered the parties to meet and confer regarding the disputes set forth in the letters and to file joint letters regarding any remaining disputes. After a hearing, the Court granted in part EA’s motions to compel further responses to requests for the production of documents (“RFPs”), interrogatories, and requests for admission (“RFA”), setting a deadline for response on September 28, 2017.

A day after the deadline, the plaintiffs responded by saying they had, “engaged in a reasonable and diligent search” but found no responsive documents to certain requests. The plaintiffs also said the requested privilege log was rendered unusable due to a computer error even though both the plaintiffs and the plaintiffs’ attorney had stated in an earlier hearing that they had regular communications via email regarding the case.

EA requested sanctions of $45,000 against the plaintiffs under Rule 37. However, the billing records EA provided to the court did not segregate the fees by task or category, which makes it difficult to evaluate the reasonableness of the time expended, or to calculate precise sums that should be allowed or disallowed. But even with the problems with EA’s billing records, it was clear that EA incurred substantial attorneys’ fees in attempting to obtain plaintiffs’ compliance and seeking court intervention.

Judge’s Ruling

Given the inconsistencies between counsel and plaintiffs’ statements about communications regarding this litigation, Judge Ryu expressed concern about the adequacy of the plaintiffs’ search for responsive documents and ordered them to “search thoroughly all . . . email, going all the way back, for communications between [Plaintiffs] and other people who are not lawyers about this case.”

Judge Ryu also ruled that the plaintiffs’ response to the defendant’s discovery request was deficient and found monetary sanctions appropriate in this case, in addition to the evidentiary sanctions, as their conduct forced EA and the court to continue to expend significant resources to address plaintiffs’ failure to meet its discovery obligations and provide basic discovery.

“A sanction of $25,000 is justified in these circumstances and acknowledges that this amount represents a significant discount from the actual attorneys’ fees incurred by EA as a result of plaintiffs’ counsel’s actions. The court finds that $25,000, coupled with the evidentiary consequences set forth above, are an appropriate sanction here.”

So, what do you think?  Was the ruling correct or were sanctions unwarranted in this case?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery for the Rest of Us: eDiscovery Webcasts

Does it seem like eDiscovery technology today is only for the “mega-firms” and “mega-cases”? What about for the “rest of us”? Are there solutions for the small firms and cases too? What does the average lawyer need to know about eDiscovery today and how to select a solution that’s right for them?  We will discuss these and other questions in a webcast at the end of the month.

On Wednesday, May 30 at noon CST (1:00pm EST, 10:00am PST), CloudNine will conduct the webcast eDiscovery for the Rest of Us. In this one-hour webcast that’s CLE-approved in selected states, we will discuss what lawyers need to know about eDiscovery, the various sources of data to consider, and the types of technology solutions to consider to make an informed decision and get started using technology to simplify the discovery process. Topics include:

  • How Automation is Affecting All Industries, including eDiscovery
  • Drivers for eDiscovery Automation Today
  • Challenges from Various Sources of ESI Data
  • Ethical Duties and Rules for Managing Discovery
  • Getting Data Through the Process Efficiently
  • Small Case Examples: Ernie and EDna
  • Key Components of an eDiscovery Solution
  • Types of Tools to Consider
  • Recommendations for Getting Started

As always, I’ll be presenting the webcast, along with Tom O’Connor, who is currently writing an article on the topic that we plan to publish on the blog in the next couple of weeks.  To register for it, click here.  Even if you can’t make it, go ahead and register to get a link to the slides and to the recording of the webcast (if you want to check it out later).  If you want to know what eDiscovery solution options there within an affordable budget, this is the webcast for you!  It’s not a “Festivus for the rest of us”, it’s eDiscovery for the rest of us!

So, what do you think?  Do you feel like you can’t afford eDiscovery technology?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Former Autonomy CFO Convicted of Fraud: eDiscovery Trends

Remember the fiasco that was the Hewlett-Packard (HP) acquisition of Autonomy (and our coverage of it back then)?  Back in 2012, HP took a multi billion charge resulting from its acquisition of Autonomy back in 2011, one of the largest acquisitions in the eDiscovery industry at the time (and still).  HP called on US and British authorities to investigate what it called “serious accounting improprieties, disclosure failures and outright misrepresentations at Autonomy” before the acquisition.  Those allegations have now led to a conviction.

Legal IT Insider (Former Autonomy CFO & Darktrace director Sushovan Hussain convicted of fraud – hat tip Rob Robinson’s Complex Discovery blog) covered the conviction of Autonomy’s former chief financial officer and ex-Darktrace director Sushovan Hussain, who was found guilty of fraud by a San Francisco court last week.

A 12-member federal jury convicted Hussain of 16 counts of wire and securities fraud. The verdict precedes a $5.1 billion civil suit brought by HP in the UK against Hussain and Autonomy’s founder and former CEO Mike Lynch, scheduled to begin next year. Lynch is counter-suing for $160 million, claiming lost investment opportunities due to reputational damage. He has strongly rejected HP’s claims that management misled HP over the company’s value.

Hewlett-Packard split into two companies in 2015 – Hewlett Packard Enterprise (HPE) and HP Inc.—with HPE eventually selling off parts of Autonomy. The latter company issued a statement on Monday, April 30th saying: “HPE is pleased with the verdict. As we have consistently maintained, Mr Hussain engaged in outright fraud and deliberately misled the market about non-existent sales through a series of calculated sham transactions.”

“Autonomy manipulated their revenue, and quarterly results, making an accurate valuation impossible. That Mr Hussain attempted to depict the fraud as nothing more than a misunderstanding of international accounting rules was, and still remains, patently ridiculous – and the jury has now held him accountable for his role in defrauding HP.”

Naturally, Hussain’s lawyer, John Keker, said he was disappointed with the verdict and intends to appeal.  Between that and the suit against Lynch scheduled for trial next year, this story will still be alive and well for some time to come.

So, what do you think?  Will we see an eDiscovery deal like that again?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

“Master” Your Knowledge of eDiscovery With This Conference in Chicago in Two Weeks: eDiscovery Trends

If you’re in the Chicago area or plan to be there on May 22, join legal technology experts and professionals at The Masters Conference 2018 Chicago event for a full day of educational sessions covering a wide range of topics!

The Masters Conference brings together leading experts and professionals from law firms, corporations and the bench to develop strategies, practices and resources for managing the information life cycle.  This year’s Chicago event covers topics ranging from legal technology innovation to cybersecurity to strategy and advocacy in eDiscovery to Blockchain to the General Data Protection Regulation (GDPR), which will only be 3 days away at that point!  There are even TED talks and a General Counsel roundtable!

The event will be held at the Microsoft Technology Center, Aon Center, 200 E Randolph St, Chicago, IL 60601.  Registration begins at 8am, with sessions starting shortly after that, at 8:45am.

CloudNine will be sponsoring the session On Premise or Off Premise? A Look At Security Approaches to eDiscovery at 8:45am.  My colleague Clint Lehew, VP of Channel Programs at CloudNine will be moderating with Matthew Gasaway, Director and Senior Counsel at AbbVie, Kendell Howard of United Airlines, Jeff Dreiling, Founder at Complete Legal and Kristi Smith, Attorney at Bryan Cave, as panelists.

Their panel discussion will discuss on-premise and off-premise eDiscovery solutions and considerations for each.  It should be a very informative discussion with a very knowledgeable panel.  Please join them!

Click here to register for the conference.  The Masters Conference has several other events coming up the remainder of the year, including Denver, San Francisco, New York, London, Washington DC and, of course, Orlando.  Click here for more information on remaining scheduled events for the year.

So, what do you think?  Are you going to be in Chicago on May 22?  If so, come check out a great event!  And, as always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

More Than Two Thirds of Data Breaches Take Months to Discover: Cybersecurity Trends

One of my favorite annual cybersecurity publications to read is the Verizon Data Breach Investigations Report (DBIR), which analyzes the reported cybersecurity and data breach incidents for the year.  As always, this year’s report has some interesting findings.

But first, this week’s eDiscovery Tech Tip of the Week is about Selecting Views.  Workflows associated with reviewing documents in discovery can be varied, depending on the task to be accomplished during review, the type of information needed to conduct the review effectively and the individual’s preferred style in conducting the review.  It’s important to find a an eDiscovery review platform that gives you options for review that fit your workflows.

To see an example of how Selecting Views is conducted using our CloudNine platform, click here (requires BrightTalk account, which is free).

Anyway, every year, the Verizon DBIR report starts off with a notable quote.  This year, the report writers chose to get downright Shakespearean with the quote “I would give all my fame for a pot of ale, and safety” from Henry V.  Sounds like a pretty good trade to me!

Anyway, here are some interesting statistics from the 68 page PDF report:

  • They are reporting on over 53,000 incidents and 2,216 confirmed data breaches;
  • 73% of reported breaches were perpetrated by outsiders, 28% by internal actors;
  • 50% of breaches were carried out by organized criminal groups;
  • 12% of breaches involved actors identified as nation-state or state-affiliated;
  • Who was affected? 24% of breaches affected healthcare organizations, 15% of breaches involved accommodation and food services, 14% were breaches of public sector entities and a whopping 58% of victims are categorized as small businesses.  So, it’s not just the “big guys” who are the targets.
  • How do they get you? 48% of breaches featured hacking, 30% included malware, 17% of breaches had errors as causal events, 17% were social attacks, 12% involved privilege misuse and 11% of breaches involved physical actions.
  • Also, 49% of non-point of sale malware was installed via malicious email, 76% of breaches were financially motivated and, the most remarkable stat, 68% of breaches took months or longer to discover.

As always, the report chock full of graphics and statistics which makes it easier to read than the size of the report indicates and covers everything from social attacks to ransomware to denial of service to incident classification patterns and coverage of data breaches and other incidents in several industries.

You can download a copy of the report here.  Once again, you can register and download the report or just choose to download the report.  This is our fourth year covering the report (previous reports covered here, here and here).  Enjoy!

So, what do you think?  Have you ever experienced any data breaches, either personally or professionally?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.