Close
Enter your
text here

Industry Trends

eDiscovery Trends: Forecast for More Clouds
 

No, eDiscoveryDaily has not begun providing weather forecasts on our site.  Or stock forecasts.

But, imagine if you could invest in an industry that could nearly sextuple in nine years? (i.e., multiply six-fold).

Well, the cloud computing, or Software-as-a-Service (SaaS), industry may be just the industry for you.  According to a Forrester report from last month, the global cloud computing market will grow from 40.7 billion dollars in 2011 to more than 241 billion dollars by 2020.  That’s a 200 billion dollar increase in nine years.  That’s enough to put anybody “on cloud nine”!

The report titled Sizing The Cloud by Stefan Ried (Principal Analyst, Forrester) and Holger Kisker (Sr. Analyst, Forrester), outlines the different market dynamics for three core layers of cloud computing, as follows:

  • Public Cloud: From 25.5 billion dollars to 159.3 billion dollars by 2020;
  • Virtual Private Cloud: From 7.5 billion dollars to 66.4 billion dollars by 2020;
  • Private Cloud: From 7.8 billion dollars to 159.3 billion dollars by 2020.

Public cloud providers include everything from Facebook and Twitter to Amazon.com and Salesforce.com.  As the name implies, a private cloud is where companies implement their own cloud environment to support its own needs.  A virtual private cloud is simply a private cloud located within a public cloud.

Forrester is not the only analyst firm that expects big things for cloud computing.  The Gartner Group projected that the cloud computing industry will have revenue of 148.8 billion dollars by 2014, even higher than Forrester’s forecast of 118.7 billion dollars for the same year.  Clearly, the benefits of the cloud are causing many organizations to consider it as a viable option for storing and managing critical data.

What does that mean from an eDiscovery perspective?  That means a forecast for more clouds.  If your organization doesn’t have a plan in place for managing, identifying, preserving and collecting data from its cloud solutions, things could get stormy!

So, what do you think?  Is your organization storing more data in the cloud?  Does your organization have an effective plan in place for getting to the data when litigation strikes?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: Wednesday LTWC Sessions
 

As noted yesterday, LegalTech West Coast 2011 (LTWC) is happening this week and eDiscoveryDaily is here to report about the latest eDiscovery trends being discussed at the show.  There’s still time to check out the show if you’re in the Los Angeles area with a number of sessions (both paid and free) available and over 70 exhibitors providing information on their products and services, including (shameless plug warning!) my company, Trial Solutions, which is previewing a redesigned version 10 release of our linear review application, OnDemand®, prior to release this Saturday.

Perform a “find” on today’s LTNY conference schedule for “discovery” and you’ll get 27 hits.  More eDiscovery sessions happening!  Here are some of the sessions in the main conference tracks:

10:30 – 11:45 AM:

E-Discovery and the Cloud

Tom O'Connor, Director, Gulf Coast Legal Technology Center (and previous interviewee on this blog!) will discuss the following:

  • We've all heard of the cloud but are you sure you know what it means? A brief overview
  • New challenges created by the cloud
  • Impact of cloud storage on searchable documents: availability and costs
  • Reasonable discovery practices
  • The basic technical challenges for collecting, reviewing and producing relevant data from the cloud
  • Recent case law
  • Best practices for managing the cloud

Risk & Responsibility vs. Cost Control: Managing E-discovery's Great Balancing Act

Bill Speros, Attorney Consulting in Evidence Management, Speros & Associates LLC will discuss the following:

  • Framing the legal issues–identifying risks and responsibilities for companies and their counsel
  • Negotiations with opposing counsel
  • Custodian selection
  • Data selection
  • Culling options
  • Screen and produce
  • Automated review

2:00 – 3:15 PM:

Social Media and E-Discovery

Joshua A. Engel, Vice President and General Counsel, Lycurgus Group will discuss the following:

  • New challenges created by social media
  • New challenges created by the cloud
  • Impact of cloud storage on searchable documents: availability and costs
  • Reasonable discovery practices
  • Privacy concerns
  • Best practices for social media

Top 5 Ethical Concerns for Lawyers in E-discovery

Brett Burney, Burney Consultants LLC will discuss the following:

  • Appropriately supervise clients' discovery efforts (including potential conflicts around self collection)
  • Avoid conflicts of interest – attorney's and vendor's
  • Appropriately supervise document reviewers
  • Avoid serving as discovery process 30(b)(6) witness
  • Accurately represent clients' data storage paradigm and retrieval/restoration/review expenses

3:45 – 5:00 PM:

Share Point and E-Discovery

Beau Mersereau, Director of Applications, Development and Support, Fish & Richardson, P.C. will discuss the following:

  • An overview of share point and what it means to the legal industry
  • Impact on corporate record keeping
  • More data = more searchable material = higher costs
  • New challenges posed by share point
  • Best practices

The 5 Most Important Things you Need to Consider when Bringing e-Discovery In-house

You have made the decision to in-source certain aspects of the e-Discovery process, or you're considering the potential benefits, but the next step is a challenge. In this session, we will address the five most important things to consider as you take on the responsibilities and risks of e-Discovery internally. We will look through the lenses of both legal and IT, and discuss how best to support the technology and business processes. We also evaluate sourcing models to address the risks. This is an ideal panel for corporate legal departments to attend along with their IT department leaders.

Panelists are: Karen LaFleur, Director of Information Technology and Practice Support, BuchalterNemer, A Professional Corporation; Brett Burney, Burney Consultants LLC; and Lisa K. Clements, Litigation Support Manager, DLA Piper LLP (US).

In addition to these, there are other eDiscovery-related sessions today.  For a complete description for all sessions today, click here.

So, what do you think?  Are you planning to attend LTWC this year?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: Welcome to LegalTech West Coast 2011!
 

Today is the start of LegalTech® West Coast 2011 (LTWC) and eDiscoveryDaily is here to report about the latest eDiscovery trends being discussed at the show.  Over the next two days, we will provide a description each day of some of the sessions related to eDiscovery to give you a sense of the topics being covered.  If you’re in the Los Angeles area, come check out the show – there are a number of sessions (both paid and free) available and over 70 exhibitors providing information on their products and services, including (shameless plug warning!) my company, Trial Solutions, which is previewing a redesigned version 10 release of our linear review application, OnDemand®, prior to release this Saturday.

Perform a “find” on today’s LTNY conference schedule for “discovery” and you’ll get 22 hits.  So, there is plenty to talk about!  Sessions in the main conference tracks include:

10:30 – 11:45 AM:

eDiscovery in Action: Reducing the Pain and Increasing the Results

Discusses practices to:

  • Increase defensibility, accountability and transparency across your organization
  • Improve efficiency and reduce the volume of growing, uncontrolled information
  • Reduce eDiscovery costs
  • Maximize the return on your technology investments and improve staff productivity
  • Adopt best practices and automate eDiscovery capabilities

Panelists are: Karen LaFleur, Director of Information Technology and Practice Support, BuchalterNemer, A Professional Corporation; Tom O'Connor, Director, Gulf Coast Legal Technology Center (and previous interviewee on this blog!); and Lisa K. Clements, Litigation Support Manager, DLA Piper LLP (US).

Records Policies, Technology and Processes that Optimize Corporate Compliance and Discovery

Topics discussed include:

  • Discover how to maximize efficiency by managing data in a manner that anticipates requests for ESI
  • Learn tips on how to create, implement and monitor sound and defensible legal hold protocol
  • Analyze how significant cost-savings may be achieved through defensible, repeatable execution of that protocol

Panelists are: Wayne Wong, Managing Consultant, Kroll Ontrack; David Yerich, UnitedHealth Group; Ron Best, Director of Legal Information Systems, Munger Tolles & Olson.  Moderator: Dave Schultz, Manager, Legal Technologies, Kroll Ontrack.

2:00 – 3:15 PM:

Exploring Enterprise Search Technology

Covers how to:

  • Understand the totality of electronic information: documents, websites, emails, tweets, audio and video
  • Automate complex information-centric processes by understanding the meaning of electronically stored information
  • Empower organizations to better address their legal, regulatory and business obligations through evolutionary search technology

Panelists are: Ali Shahidi, Director of Knowledge Management, Bingham McCutchen LLP; Scott A. Preston, Chief Information Officer, Fulbright & Jaworski L.L.P.

Social Media and Discovery: Tales, Trials and Technology

Panelists will:

  • Discuss the impact of social media and the cloud on discovery
  • Hear important questions and implications that must be fully understood before implementing use policies around social media and entrusting data to the cloud
  • Explore data collection, data security, and privacy with regard to social media and the cloud

Panelists are: Wayne Wong, Managing Consultant, Kroll Ontrack; Bianca Dickerson-Willams, CRM, Kroll Ontrack; Jeff Fowler, Counsel, O'Melveny & Myers.  Moderator: Dave Schultz, Manager, Legal Technologies, Kroll Ontrack.

3:45 – 5:00 PM:

Partnering for Success: Inside and Outside Counsel Working Together

Discussion regarding:

  • Linking together inside and outside counsel
  • Improve the early case assessment process Leverage review methods including conceptual search and meaning-based, computer-assisted tagging and coding to reduce cost of review
  • Streamline and simplify the process on a single platform to better comply with the FRCP and help inside and outside counsel avoid sanctions

Panelists are: Jeffrey W. McKenna, Esq., Former Senior Associate, Skadden, Arps, Slate, Meagher & Flom, LLP; Member of the International Association of Privacy Professionals (IAPP); Thérèse P. Miller, Of Counsel, Shook Hardy & Bacon LLP; Bill Speros, Attorney Consulting in Evidence Management, Speros & Associates LLC.

Next Decade of Document Review: Cheaper, Better, Smarter

Topics include:

  • Consider how document review practices have evolved in the past decade
  • Learn how to stop wasting valuable corporate dollars on chaotic document review by utilizing Intelligent Review Technology (IRT), which can reduce the burden and expense of analysis, review and production
  • Discuss cutting-edge cases that highlight the importance of using technology to conduct faster and cheaper discovery

Panelists are: Andrea Marshall, Consultant, Kroll Ontrack; Ron Best, Director of Legal Information Systems, Munger Tolles & Olson; Jeff Fowler, Counsel, O'Melveny & Myers.  Moderator: Dave Schultz, Manager, Legal Technologies, Kroll Ontrack.

In addition to these, there are other eDiscovery-related sessions today.  For a complete description for all sessions today, click here.

eDiscoveryDaily will also be “tweeting” periodically throughout LTWC (this time I mean it!), so feel free to check out our updates at twitter.com/TrialSolutions.

So, what do you think?  Are you planning to attend LTWC this year?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Best Practices: Usefulness of Facebook’s Self Collection Mechanism
 

We’ve written about Facebook a lot on this blog.  Shortly after this blog was launched, we provided information on Facebook’s subpoena policy.  We’ve also talked about the eDiscovery implications associated with the rollout of Facebook’s new email messaging system, dubbed “Facemail”.  And, just last week, we chronicled a case involving Facebook where they were ordered to produce documents instead of just merely providing access to them.  And, we haven’t even mentioned the latest revelations that Facebook may have secretly hired a PR firm to plant negative stories about Google (oops, we just did!).

But perhaps our most popular post regarding Facebook was regarding the self collection mechanism that they rolled out last October, which we found out about via our LegalTech interview with Craig Ball published back in March after our February interview (Craig also wrote an article about the feature in Law Technology News in February).

Now, another article has been written about the usefulness of Facebook’s self collection mechanism (called “Download Your Information”) in the blog E-Discovery Law Alert, entitled How Useful is Facebook's "Download Your Information" Feature in E-Discovery?, written by Patrick V. DiDomenico.

The author of this article conducted a test by downloading his information via the utility, deleting some information from his Facebook profile – “an email message, some wall posts, comments, photos, and even a friend (not a close friend)” – hopefully, he added the friend back.  Then, he downloaded his information again, every day for four days, with no change for the first three days.  On the fourth day, most of the deleted information disappeared from the download, except the email message (which disappeared when he ran the utility one more time).

The conclusion was that the mechanism “does not appear to ‘look back’ and recover deleted information in the user’s account”.  Thoughts:

  • With no change in the download in the first three days, the author notes that “Facebook did not take a fresh snapshot of my account every day – it just re-downloaded the same file three days in a row”.  He doesn’t mention whether he added any content during this time.  It would be interesting to see if that would force a change.
  • I don’t believe that there is any specific documentation from Facebook as to how it handles additions and deletions and how often the snapshot is updated.  If not, it might behoove them to create some, it might save them some subpoena requests.
  • The author notes that “it is inadvisable for lawyers to rely solely on the Download Your Information feature for discovery of an adversary’s Facebook information” as it “gives no assurance that a litigant’s attempt to delete evidence will be revealed”.  On the other hand, it may be still an appropriate mechanism to use for your own discovery to preserve your own information.  Facebook may also store deleted information on backup tapes, so a subpoena could catch your opponent red-handed if you can justify the discovery of those tapes.  Food for thought.

So, what do you think?  Have you had any Facebook discovery requests in your eDiscovery projects?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Best Practices: What Are the Skeletons in Your ESI Closet?
 

At eDiscoveryDaily, we try not to re-post articles or blog posts from other sources.  We may reference them, but we usually try to add some commentary or analysis to provide a unique spin on the topic.  However, I read a post Thursday on one of the better legal blogs out there – Ride the Lightning from Sharon Nelson – that was a guest post by Jim McGann, VP of Information Discovery at Index Engines that I thought was well done and good information for our readers.  Jim has been interviewed by eDiscoveryDaily here and here and always has terrific insight on ESI issues.  You can click here to read the post directly on Ride the Lightning or simply read below.

Law firms and corporations alike tend to keep data storage devices well beyond what their compliance requirements or business needs actually dictate.  These so-called “skeletons in the closet” pose a major problem when the entity gets sued or subpoenaed. All that dusty data is suddenly potentially discoverable. Legal counsel can be proactive and initiate responsible handling of this legacy data by defining a new, defensible information governance process.

  1. Understand all data sources. The first choice when faced with an ESI collection is to look at current online network data. However, many other sources of email and files exist on corporate networks, sources that may be more defensible and even cost effective to collect from, including offsite storage typically residing on backup tapes. Tape as a collection source has been overlooked because it was historically difficult and expensive to collect from legacy backup tapes.
  2. Get proactive with legal requirements. Defining what ESI data should be kept and placed on litigation hold and what can be purged are the first steps in a proactive strategy. These legal requirements will allow clients to put a policy in place to save specific content, certain custodians and intellectual property so that it is identifiable and ready for on demand discovery.
  3. Understand technology limitations. Only use tools that index all the content, and don’t change any of the metadata. Some older search solutions compromise the indexing process, and this may come to haunt you in the end.
  4. Become a policy expert. As new technology comes on the market, it tends to improve and strengthen the discovery process. Taking the time to understand technology trends allows you to stay one step ahead of the game and create a current defensible collection process and apply policy to it.

So, what do you think?  Do you have “skeletons” in your ESI closet?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Best Practices: Checking for Malware is the First Step to eDiscovery Processing
 

A little over a month ago, I noted that we hadn’t missed a (business) day yet in publishing a post for the blog.  That streak almost came to an end last week.

As I often do in the early mornings before getting ready for work, I spent some time searching for articles to read and identifying potential blog topics and found a link on a site related to “New Federal Rules”.  Curious, I clicked on it and…up popped a pop-up window from our virus checking software (AVG Anti-Virus, or so I thought) that the site had found a file containing a “trojan horse” program.

The odd thing about the pop-up window is that there was no “Fix” button to fix the trojan horse.  There were only choices to “Ignore” the virus or “Move it to the Vault”.  So, I chose the best available option to move it to the vault.

Then, all hell broke loose.

I received error messages that my hard drive had corrupted, that my RAM was maxed – you name it.

Turns out the trojan horse has provided a “rogue” pop-up window, designed to look like AVG Anti-Virus, to dupe me into activating the program by clicking on a button.  If you studied the Trojan War in school, you know that’s why they call it a “trojan horse” – it fools you into letting it into your system.

While its common to refer to all types of malware as “viruses”, a computer virus is only one type of malware.  Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, scareware, crimeware, most rootkits, and other malicious and unwanted software or program.  A report from Symantec published in 2008 suggested that "the release rate of malicious code and other unwanted programs may be exceeding that of legitimate software applications”.

I’ve worked with a lot of clients who don’t understand why it can take time to get ESI processed and loaded into their review platform.  Depending on the types of files, several steps can be required to get the files ready to review, including “unarchiving” of container files, OCR (of image only files) and, of course, indexing of the files for searchability (among other possible steps).  But, the first step is to scan the files for viruses and other malware that may be infecting the files.  If malware is found in any files, the files have to be identified.  Then, those files will either be isolated and logged as exceptions or the virus software will attempt to remove the malware.  While it may seem logical that the malware should always be removed, doing so is technically altering the file, so counsel need to agree that malware removal is acceptable.  Either way, the malware needs to be addressed so that it doesn’t affect the entire collection.

As for me, as soon as the infection was evident, I turned my laptop off and turned it over to our support department at Trial Solutions.  By the end of the day, I had it back, good as new!  Thanks, Tony Cullather!

So, what do you think?  How do you handle malware in your collections?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Best Practices: 4 Steps to Effective eDiscovery With Software Analytics
 

I read an interesting article from Texas Lawyer via Law.com entitled “4 Steps to Effective E-Discovery With Software Analytics” that has some interesting takes on project management principles related to eDiscovery and I’ve interjected some of my thoughts into the analysis below.  A copy of the full article is located here.  The steps are as follows:

1. With the vendor, negotiate clear terms that serve the project's key objectives.  The article notes the important of tying each collection and review milestone (e.g., collecting and imaging data; filtering data by file type; removing duplicates; processing data for review in a specific review platform; processing data to allow for optical character recognition (OCR) searching; and converting data into a tag image file format (TIFF) for final production to opposing counsel) to contract terms with the vendor. 

The specific milestones will vary – for example, conversion to TIFF may not be necessary if the parties agree to a native production – so it’s important to know the size and complexity of the project, and choose only an experienced eDiscovery vendor who can handle the variations.

2. Collect and process data.  Forensically sound data collection and culling of obviously unresponsive files (such as system files) to drastically decrease the overall review costs are key services that a vendor provides in this area.  As we’ve noted many times on this blog, effective culling can save considerable review costs – each gigabyte (GB) culled can save $16-$18K in attorney review costs.

The article notes that a hidden cost is the OCR process of translating extracted text into a searchable form and that it’s an optimal negotiation point with the vendor.  This may have been true when most collections were paper based, but as most collections today are electronic based, the percentage of documents requiring OCR is considerably less than it used to be.  However, it is important to be prepared that there are some native files which will be “image only”, such as TIFFs and scanned PDFs – those will require OCR to be effectively searched.

3. Select a data and document review platform.  Factors such as ease of use, robustness, and reliability of analytic tools, support staff accessibility to fix software bugs quickly, monthly user and hosting fees, and software training and support fees should be considered when selecting a document review platform.

The article notes that a hidden cost is selecting a platform with which the firm’s litigation support staff has no experience as follow-up consultation with the vendor could be costly.  This can be true, though a good vendor training program and an intuitive interface can minimize or even eliminate this component.

The article also notes that to take advantage of the vendor’s more modern technology “[a] viable option is to use a vendor's review platform that fits the needs of the current data set and then transfer the data to the in-house system”.  I’m not sure why the need exists to transfer the data back – there are a number of vendors that provide a cost-effective solution appropriate for the duration of the case.

4. Designate clear areas of responsibility.  By doing so, you minimize or eliminate inefficiencies in the project and the article mentions the RACI matrix to determine who is responsible (individuals responsible for performing each task, such as review or litigation support), accountable (the attorney in charge of discovery), consulted (the lead attorney on the case), and informed (the client).

Managing these areas of responsibility effectively is probably the biggest key to project success and the article does a nice job of providing a handy reference model (the RACI matrix) for defining responsibility within the project.

So, what do you think?  Do you have any specific thoughts about this article?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: Apple Responds to the iPhone/iPad Location Controversy
 

Yesterday, we talked about the latest litigation for Apple, which was sued for alleged privacy invasion and computer fraud by two customers in a federal complaint in Tampa, Florida who claim the company is secretly recording and storing the location and movement of iPhone and iPad users.  Yesterday, Apple issued a press release response to questions regarding this controversy, published here on Business Wire.

Highlights:

  • Apple reiterated that they are “not tracking the location of your iPhone. Apple has never done so and has no plans to ever do so.”
  • Instead, according to Apple, the iPhone is “maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone, to help your iPhone rapidly and accurately calculate its location when requested.”
  • Apple says that the “database is too big to store on an iPhone, so [they] download an appropriate subset (cache) onto each iPhone. This cache is protected but not encrypted, and is backed up in iTunes whenever you back up your iPhone.”
  • Geo-tagged Wi-Fi hotspot and cell tower data is sent to Apple in an anonymous and encrypted form” and “ Apple cannot identify the source of this data.”
  • The reason the iPhone stores up to a year’s worth of location data is “a bug we uncovered and plan to fix shortly”.  “We don’t think the iPhone needs to store more than seven days of this data.”
  • The iPhone sometimes shouldn’t continue updating its Wi-Fi and cell tower data when Location Services is turned off.  “This is a bug, which we plan to fix shortly”.
  • Apple also noted that they will release a free iOS software update “sometime in the next few weeks” that: “reduces the size” of the database cached on the iPhone, “ceases backing up the cache”, and “deletes this cache entirely when Location Services is turned off”.

We’ll see how this press release impacts the litigation and various regulatory investigations.

So, what do you think?  Have you been involved in a case where GPS location data was relevant?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: It’s 10 PM, Does Apple Know Where You Are?
 

Over 30 years ago, local TV stations across the country ran this ad, asking the question “It’s 10 PM, do you know where you children are?”

Today, they could ask the question of many iPhone and iPad users, “It’s 10 PM, does Apple know where you are?”

According to Bloomberg on Monday, “Apple Inc. (AAPL) was sued for alleged privacy invasion and computer fraud by two customers who claim the company is secretly recording and storing the location and movement of iPhone and iPad users, according to a federal complaint filed…in Tampa, Florida.”

Vikram Ajjampur, an iPhone user in Florida, and William Devito, a New York iPad customer, sued April 22 in federal court in Tampa, Florida, seeking a judge’s order barring the alleged data collection and requesting refunds for their phones.

The lawsuit references a report from two computer programmers who indicated that “those of us who own either an iPhone or iPad may have been subjected to privacy invasion since the introduction of iOS 4.0” (operating system).  The report claims that Apple’s iOS4 operating system is logging latitude-longitude coordinates along with the time a spot is visited, is collecting about a year’s worth of location data, and logs location data to a file called "consolidated.db", which is unencrypted and unprotected.

“We take issue specifically with the notion that Apple is now basically tracking people everywhere they go,” Aaron Mayer, an attorney for the plaintiffs, said. “If you are a federal marshal, you have to have a warrant to do this kind of thing, and Apple is doing it without one.”

In addition to the Florida lawsuit, the Illinois Attorney General has asked to meet with Apple executives to discuss these reports and French, German, Italian and South Korean regulators are also investigating the alleged location collection feature as a result of the programmers’ report.

So far, Apple has not commented – officially.  However, MacRumors reports that Steve Jobs has responded to one emailer who requested “Maybe you could shed some light on this for me before I switch to a Droid. They don't track me.”  To which Jobs allegedly responded, “Oh yes they do. We don't track anyone. The info circulating around is false.  Sent from my iPhone.”

True or False?  We’ll hopefully see.  It seems that every week there is a new type of data that can be relevant to the eDiscovery process, doesn’t it?

So, what do you think?  Have you been involved in a case where GPS location data was relevant?   Please share any comments you might have or if you’d like to know more about a particular topic.

What eDiscovery Professionals Can Learn from the Internet Gambling Crack Down
 

Many of you may have heard about the FBI cracking down on the three largest online gambling sites in the past few days, as the owners of those sites in the United States have been indicted and charged with bank fraud, money laundering and illegal gambling offenses and the sites have been essentially shut down in the US.  Restraining orders have been issued against more than 75 bank accounts in 14 countries used by the poker companies PokerStars, Full Tilt Poker and Absolute Poker.  Many US customers of these sites are now scrambling to try to get their funds out of the sites and finding it difficult to do so.

So what?  This is an eDiscovery blog, right?  What does an Internet gambling crack down have to do with eDiscovery?

PokerStars, Full Tilt Poker, Absolute Poker and other gambling sites are cloud-based, Software-as-a-Service (SaaS) applications.  Just like Amazon, Facebook, Twitter, eBay, YouTube and SalesForce.com, these sites provide an application via the web that enables its clients to receive a service.  In the case of Amazon, it’s the ability to purchase any number of products.  For Facebook, it’s the ability to share information with friends and family.  For these gambling sites, it’s the ability to play poker for money with anyone else in the world who has the same gambling itch that you do and a broadband connection.

The problem is: in the US, it’s illegal.  The Unlawful Internet Gambling Enforcement Act of 2006 prohibits gambling businesses from knowingly accepting payments related to a bet or wager that involves the use of the Internet and that is unlawful under any federal or state law.  So, these sites are hosted in other countries to attempt to skirt the law.

What many US customers of these sites are finding out is the same thing that eDiscovery professionals discover when they need to retrieve cloud-based data in response to a discovery request: it’s imperative to know where your data is stored.  It’s likely that many customers of these gambling sites knew that their funds were kept off-shore, while others may not have known this was the case.  Regardless, they’re now scrambling to get their data (i.e., funds) back — if they can.

Many organizations are “in the same boat” when it comes to their SaaS providers – it may be unclear where that data is being stored and it may be difficult to retrieve if it’s stored in a foreign country with a different set of laws.  It’s important to establish (in writing if possible) with the provider up front where the data will be stored and agree on procedures such as records management/destruction schedules so that you know where your data is stored and can get access to it when you need it.  Don’t gamble with your data.

So, what do you think?  Do you have organizational data in a SaaS-based solution?  Do you have a plan for getting that data when you need it?  Please share any comments you might have or if you’d like to know more about a particular topic.

Full disclosure: I work for Trial Solutions, which provides SaaS-based eDiscovery review applications FirstPass® (for first pass review) and OnDemand® (for linear review and production).  Our clients’ data is hosted in a secured Tier 4 Data Center in Houston, Texas, where Trial Solutions is headquartered.