Mobile Devices

Perin Discovery Streamlines Workflow Through ESI Analyst: CloudNine Podcasts

For legal teams, the race to production may seem never-ending. The journey begins with some data mapping to discern who owns the data and where it is located. Once the identification process is successful, legal teams are often stopped by the first roadblock. They need to find a vendor that can collect modern data types such as text messages, tweets, and videos. After the data is collected, another roadblock stands in the way. A second vendor is needed to carry out review and production. Stopping and restarting between each step is frustrating and time-consuming, yet few LSPs offer means for a continuous workflow.

Recognizing this issue, Peter Smith and Erin Perczak launched Perin Discovery to provide a one-stop shop for both digital forensics and eDiscovery. The co-founders joined Rick Clark for our 360 Innovate Podcast to explain how they leverage ESI Analyst to engage their clients in a smooth workflow. To learn how our platform has improved their data and case strategies, visit this link: https://cloudnine.com/webcasts/perin-discovery-podcast/?pg=ediscoverydaily/collection/perin-discovery-streamlines-workflow-through-esi-analyst-cloudnine-podcasts

Generate More Revenue For Your Law Firm with Modern eDiscovery

One of the biggest challenges for any business is discovering new revenue streams once your growth reaches its zenith. For most law firms, this creates a welcome opportunity to offer new and better solutions while bringing more revenue into the organization.

As technology evolves, so does the diversity of new data types.  By expanding your firm’s ability effectively and accurately collect and analyze emerging data types, you create new opportunities to meet the changing needs of your clients.

Hit the eDiscovery Bullseye: The Latest Trends in Data Types

Electronically stored information (ESI) evolves every time new software is created. Whether it’s an updated version of current data or an entirely new data type, ESI is constantly changing.

To operate successfully, your law firm needs the ability to effectively process these modern data types. Consider the following statistics from two popular messaging applications – Microsoft Teams and Slack:

  • Teams has 145 million daily active users
  • Teams is used by more than 500,000 organizations as their default messaging platform
  • Slack has 10 million daily active users
  • Slack is used by 43% of Fortune 100 businesses

The sheer volume of modern data users creates an unmatched treasure trove of data vital to your client’s litigation. Other popular communication platforms like Google Meet, Zoom, GoToMeeting, and WhatsApp also contribute to the unparalleled growth of modern data types.

However, only recently have legal professionals begun to see the benefits of reviewing these data types since their reliance on traditional data types was easy and typically, sufficient.

Everyone in the legal profession can benefit from the ability to collect and analyze messages and metadata from communication platforms.  However, law firms and forensics companies in particular now understand the true value of other modern data like computer activity, geolocation, and financial transactions because it’s critically important to the success of their investigations.

Read a case study to learn how CloudNine is helped reconstruct conversations across multiple file types.

Why Modern Data Doesn’t Work Well with Traditional eDiscovery Platforms

Traditional data is typically straightforward in the form of Word documents, spreadsheets, and emails converted into PDF. The biggest issue with collecting and analyzing modern metadata on a traditional eDiscovery platform is compatibility.

Modern data transmitted by web clients and web servers is usually found within JavaScript Object Notation (JSON) files. JSON files are the preferred format for almost every public web service available today, including Teams and Slack.

HTML is another popular file type used by websites and social media applications like Facebook and Twitter to create individual pages.

JSON and HTML cause problems with traditional eDiscovery because traditional platforms cannot extract the content and metadata and organize it into an easy-to-review format. The result is usually very difficult to read, let alone review for eDiscovery.

Another challenge is simply the cost. In Zubulake v USB Warburg, the courts found the defendants were required to provide all relevant data files related to the case at their own expense. If your client is a large corporation, this could mean a large volume of devices to be collected for eDiscovery, which will naturally raise costs.

Tip the Scales of Justice with a Modern eDiscovery Platform

As applications like Teams and Slack make modern data more common, it has become more acceptable to be used in litigation. In the past, attorneys would argue to have modern data dismissed, and more often than not, the judge would allow it. Today’s judges have a better understanding of the value of emerging data so they require it for eDiscovery.

Modern eDiscovery platforms can collect a variety of modern data and accurately prepare it for review. Data types under this umbrella include:

  • Communication from messaging applications
  • File sharing applications
  • Metadata from video conferences
  • Mobile messaging including text, SMS, and MMS
  • Computer activity including the movement and alteration of files
  • GeoLocation
  • Social media posts
  • Financial transactions

In addition, by leveraging a modern data review platform, you can collect communication across multiple applications and devices. Based on the metadata, you can create pristine communication threads that flow from one platform to another, giving you a more complete picture and the context to understand how people were behaving and why. That simply isn’t possible in a traditional eDiscovery platform.

Stay up to date on how CloudNine is revolutionizing eDiscovery by signing up for our regular eDiscovery updates and best practices.

How Law Firms Use Modern eDiscovery to Offer Better Solutions

When you have the ability to review modern data, you can manage your case more effectively and efficiently by consolidating the workflows of multiple processes using a single SaaS platform.

  • Early Case Assessment. With CloudNine’s people and platforms, you are enabled to collect, cull, process and organize large amounts of modern data, to provide the needed insight to your case investigations to predict costs more accurately.
  • Unified Review Workflows. A simplified and consolidated workflow allows you to process, sort, review, tag, and produce traditional and modern data quickly and accurately.
  • Higher Level of Data Organization. By leveraging the metadata and conversation content, you can analyze and review all data types easier and more efficiently. This “Data NOT Documents” approach allows you to quickly narrow in on key conversations faster than traditional document review.
  • Context to Understand the Whole Story. Following digital conversations across multiple platforms along with computer activity, geolocation, social media and financial transactions, you create a more complete narrative to add the context needed to understand the whole story.

With these benefits, you can now demonstrate maximum efficiency and offer unparalleled service to your clients.

Your clients are looking to you to provide the best legal advice and management of their data, regardless of data types, modern or traditional.

By offering a solution giving them equal access to both traditional and modern data types with CloudNine eDiscovery solutions. Request a free demo and let us show you how CloudNine can help you generate more revenue while better preparing your clients for litigation.

Inaugural Symposium on E-Crime: Cutting Edge Topics in Digital Forensics

Financial scams, identity theft, and ransomware attacks are just few ways in which criminals leverage technology for e-crimes. Through their criminal activity, offenders unwittingly create digital trails that are discoverable by forensic experts. On February 28, 2022 9:00 AM – 5:00 PM EST, the Henry C. Lee Institute of Forensic Science will host a Zoom webinar to delve deeper into the complexities of e-crime and criminal investigations. The symposium will feature Rick Clark, Senior Director of CloudNine, as one of its keynote speakers. Rick Clark will be speaking on a panel with the CEO of Paraben Software, Amber Schroader, and journalist, Christa Miller, about overlooked forms of digital evidence. The panel will discuss how data from varying sources can be used in an investigation or discovery workflow.

Register for the symposium here and enter promo code:  “HCLIPROFF” for 60% discount.

Discussion Points

  • Cell phone forensics
  • Email investigations
  • Multiple data sources
  • Deep fake investigations

Keynote Speakers

Rick Clark – Senior Director of CloudNine

Dr. Henry C. Lee – Founder/Director of Henry C. Lee Institute

Robert Fried, MS – VP/Head of Forensics at Sandline Discovery

Christa Miller – Managing Editor at ForensicFocus.com

Shahaf Rozanski – Vice President of Cellebrite

Dr. Matt Turek – Program Manager at DARPA

Arman Gungor – CEO of Metaspike

Amber Schroader – CEO of Paraben Corporation

Emerge From Data Chaos With eDiscovery Built For Today’s Data

Did you know in 2020 alone, the average person created 1.7 MB of data every second? (source).  Now consider this in the context of your latest eDiscovery case:  from cell phone forensics to computer user activity, the amount of digital documents to review is massive.  For example, here’s a glimpse of the daily counts of electronically stored information (ESI) including traditional and modern data types:

  • 4 billion emails (source)
  • 7 billion text messages (source)
  • 100 billion WhatsApp messages (source)
  • 4 billion Snapchat photo messages (source)

And, this doesn’t even include other traditional data types like documents or spreadsheets. Nor does it count modern data types like computer user activity, geolocation tracking, corporate chat applications, financial transactions, or social media posts.  While eDiscovery review platforms are designed to process traditional data types, you need a better, more efficient way to analyze the sheer volume of digital discovery types.

To provide a comprehensive view of all data types, CloudNine has introduced a modern data review experience to enable the analysis of existing and emerging data types, from a single eDiscovery solution platform.

Synergize eDiscovery of Today’s Data with CloudNine

Current eDiscovery review platforms were developed to support traditional data types like emails, Word documents, spreadsheets, and PowerPoint as evidence in litigation. The problem is they rarely provide the context needed to tell the whole story because they miss potentially relevant data found on mobile devices and corporate chat applications like Microsoft Teams or Slack. 

Without this nuanced data, you don’t have the ability to show behaviors, actions, or communication across different platforms, making it more challenging to prove your case as it’s very difficult to show context if you’re working exclusively with traditional file types.

Using Cellebrite UFED, a digital tool for extracting data from mobile devices, we can quickly collect cell phone data and inject it directly into the document review platform.

In addition, CloudNine’s modern data review platform can create timelines to organize relevant data in a linear outline to tell a story from beginning to end. Combining this with the ability to track digital conversations across multiple platforms, you’ll have better insight into:

  • How subjects were behaving
  • What they were doing
  • Where they were going
  • Who and when they were communicating with

CloudNine’s modern data solution expands your ability to understand the whole story in ways your competition can’t. The ability to collect and review this type of data allows you to better understand the facts surrounding your litigation, applying context so you’re able to tell the whole story.

Our solution for today’s data is suitable for both large and small data sets. It’s robust enough to handle the largest cases with extremely large data sets while remaining nimble to give attorneys the ability to view data quickly and easily on much smaller cases.

Regardless of the case or file types your team is reviewing, your eDiscovery team can get to the truth much faster.

Take the Rediscovery Out of Your eDiscovery: CloudNine’s ESI Analyst is the Perfect Complement to Enhance CloudNine Review

While CloudNine Review brings a fast, secure and easy-to-use platform to load and export data quickly and efficiently, the addition of a modern data solution adds a new layer of context and complexity to your litigation.

Now, when you receive your data, you can upload all the data sources into our modern data platform, perform eDiscovery and then import your modern and traditional data directly to CloudNine Review for a simplified and streamlined review.

Most legal firms and LSPs are forced to shoehorn modern data into traditional legal document review platforms. This can lead to confusion about the importance of what role specific text messages play in the story.

However, by letting you review every type of data more accurately, you get a more efficient solution that addresses both traditional and modern data, providing more insight and clarity into the factors behind the litigation.

A perfect example of this is the ability to analyze financial data and computer user activity. While collecting and reviewing financial data means you can track transactions and payments easier, tracking computer activity through registry files or event logs lets you see actions taking place on a digital level.

For example, if an employee copies a confidential document onto a thumb drive and walks out the door with it, you’ll be able to see that action in the data records.

As an organization, we are committed to evolving in the same way eDiscovery evolves. Stay up-to-date on the latest CloudNine updates by signing up to receive our latest eDiscovery news delivered to your inbox.

Don’t Fall Prey To Ingestion Congestion: The Ease of Integration and Deployment with CloudNine

Simple Deployment:  While the technical aspects of integrating CloudNine’s modern eDiscovery review platform is incredibly easy, the important thing to know is how simple it is to deploy the solution for your staff. Training for your administrators to operate the platform can be completed in an hour while training your review team for a specific case takes as little as 15-30 minutes.

Searching and Batching: By creating a series of searches based on specific keywords or phrases, you can pull data batches to assign to your team so they can review and add custom tags for relevant data. This is a valuable tool for anyone using this modern data eDiscovery solution, whether you have the resources to employ a litigation-support team or if you’re a smaller office with only one or two attorneys.

Superior Support:  If there’s any questions or problems, support is just a phone call away. If you don’t know how to use a particular feature or tool, we can schedule a quick online training session and walk you through the process. Plus, there are over a hundred resource articles in our library to help you learn how to better use CloudNine’s solution.

By offering solutions that empower you to collect, review and analyze both traditional and modern data types, you can streamline your eDiscovery process and capture information that tells the whole story through different platforms.

To complement your existing eDiscovery solution and combine both traditional and modern data types into a more complete narrative, contact CloudNine to find out how we can seamlessly fold our self-service, SaaS application designed for all data types into your eDiscovery process.

How COVID-19 Has Reinforced the Need for Comprehensive BYOD Policies

Even before the pandemic started, working from home was on the rise. The trend allowed employees to be both productive and comfortable. Like any change, the transition to remote work was met with some skepticism. Many worried that limited in-person interaction would negatively impact work relations and company culture. Another concern was that employees wouldn’t get their work done at home. Though the research is mixed, several studies suggest that working from home greatly improves productivity. Amid the controversy, remote work skyrocketed as quarantine guidelines were set in the United States. This shift boosted the popularity of BYOD policies in the workplace. BYOD is shorthand for “bring your own device,” a practice in which businesses allow employees to conduct work activities on personal devices.

From both the employer and employee perspectives, BYOD policies come with a list of pros and cons. Employees typically enjoy the change, grateful that they don’t have to carry two phones everywhere. BYOD allows them to conveniently handle business and personal affairs from the same device. Through this system, an employee can work from anywhere at any time. From the employer’s standpoint, BYOD practices can be a money saver. Companies that supply and maintain work phones are expected to foot the bill. BYOD, however, eliminates those business expenditures.[1] In terms of ediscovery, BYOD poses significant privacy and security concerns. Now more than ever, companies should reevaluate their BYOD policies, ensuring that sensitive data is well-protected.

Questions to Consider

Before drafting or revising BYOD policies, there are several questions that a company should ask itself. Below is a list of sample questions to get the ball rolling:

BYOD Recommendations

  • Ask new employees about the BYOD policies at their former jobs. If the employee previously used their personal device for business matters, their device could still contain competitor data. Detecting and eliminating competitor data early on reduces the risk of lawsuits. [2]
  • Pay particular attention to securing data from your legal department. Legal departments, specifically, are a popular target for hackers because they manage large amounts of sensitive information.
  • Consider setting time limits on employee access to highly sensitive material.
  • Consider an employee’s position in the company before allowing them to operate through a personal device. If their position requires consistent interaction with confidential information, it’s safer to supply them with a work phone. [3]
  • Outline any software and applications that employees should not use.
  • Establish protocols for litigation holds and employee departure. [1]
References

[1] Russell Beets, “BYOD (Bring Your Own Device) Policies and Best Practices,” LitSmart E-Discovery, November 17, 2017.
[2] Will Kelly, “BYOD and the danger of litigation” TechRepublic, November 3, 2015.
[3] Frank Ready, “When Should Companies Refresh BYOD Policies? With COVID-19, It’s Now” Legaltech News, July 16, 2020.

Don’t Get Spooked by Communication Applications!

Since Halloween is approaching, it’s time to reflect on a scary part of the discovery process: handling communication applications. As a newer form of digital evidence, communication apps can be a legal team’s worst nightmare. Ephemeral messaging apps like Wickr and Signal make conversations disappear like ghosts in the night. Slack and Microsoft Teams have sunk their teeth into the communications of most corporations. Social media apps have entranced us with a spell, prompting our fingers to type a new DM or tweet every other hour. It’s easy to view these applications as monsters in the discovery process. They have revolutionized the world of e-discovery, expanding it to more than just emails and electronic files.  Whether you love them or hate them, communication apps aren’t going anywhere. In fact, their popularity is only rising. Approximately 2.5 billion people use at least one messaging app on their mobile devices. This number is expected to reach 3 billion by the end of next year. [1] Here’s another chilling statistic: in 2020, 41 million application messages were sent every minute. The volume of communication app data is frighteningly large, but its relevance is undeniable. Regardless of case type, (criminal, personal injury, defamation, etc.) litigants should consider its production. Within each channel and group chat lies a plethora of information that could make or break a case. Still afraid? Here’s a list of challenges and solutions for managing communication applications.

Understanding the missing context:

Messages sent on communication applications are often short and sent with little context. Bits and pieces of conversations might be spread out across multiple platforms and group chats. When handling a case, legal teams should identify all relevant communication platforms to connect the missing dots. Litigants should also consider deriving context from atypical sources such as emojis, liked messages, images, and GIFS. [2] These humorous icons and features can reflect the sender’s tone, a difficult thing to gather over text. Remember, images and emojis aren’t supported in all native file types, so it’s important to find an eDiscovery provider that will reconstruct the conversations. [3]

Managing large volumes of data:

Producing and reviewing voluminous data is stressful, time-consuming, and expensive. By creating comprehensive retention policies, businesses can proactively determine which data types and channels should be preserved. Within the policies, companies should outline the procedures for labeling, storing, and deleting records. [4] The deletion of unneeded data lowers the risk of massive data accumulation.

Remembering each application’s retention policies:

Applications like Slack and Microsoft Teams will retain all messages unless configured otherwise. Similarly, Facebook, Instagram, and Messenger store data until the account has been deleted. [5] If the account owner deletes or unsends a message, the data will still show on the recipient’s phone. Some of these platforms contain “Recently Deleted” features that make recovery much easier. The policies for collaboration and social media applications are rather straightforward. Ephemeral messaging apps are a bit different; however, the auto-deletion features can be adjusted to the user’s discretion. Auto-deletion settings should be turned off during or in anticipation of litigation.

 

[1] Damjan Jugovic Spajic, “Text, Don’t Call: Messaging Apps Statistics for 2020,” Komando Tech, December 11, 2019.

[2] Erin Tomine, “Chat Messages and eDiscovery: How to Ease the Burden and Get the Full Picture,” Conduent, July 7, 2021.

[3] Matthew Verga, “Discovery from Slack: It’s Complicated,” Xact Data Discovery, June 19, 2020.

[4] Law Offices of Salar Atrizadeh, “Electronic Discovery and Data Retention Policies,” Internet Lawyer Blog, May 18, 2020.

[5] “Data Policy,” Instagram Help Center, 2021.

The Risks and Benefits of Ephemeral Messages

What are Ephemeral Messages?

In the corporate world, Gmail, Microsoft Teams, and Slack are the most common forms of communication. Though these platforms are traditional and efficient, they create privacy and storage challenges. Ephemeral messages counteract these issues by disappearing shortly after the recipient has read the message. [1]

Platforms with disappearing messages:

  • Snapchat
  • Signal
  • Wickr
  • Cover Me
  • Confide
  • Telegram
  • Hash
  • WhatsApp
  • DingTalk

Court Cases Involving Ephemeral Messaging

  • Waymo, LLC v. Uber Technologies, Inc.: In this trade secrets case, Uber’s usage of Wickr and Telegram became a discovery headache. The judge granted both parties the opportunity to argue for or against the relevance of the messages. Thus, the case’s focus shifted from trade secrets to unrecoverable conversations. [2]
  • WeRide Corp v. Huang: After the defendant was accused of intellectual property theft, they took several measures to destroy communication evidence. One of those measures included communicating through DingTalk after the preliminary injunction. Since the messages were destroyed and post-injunction, terminating sanctions were issued. [3]
  • Herzig v. Arkansas Foundation for Medical Care, Inc.: In this age discrimination case, the plaintiffs started using Signal after receiving preservation orders. The judge noted that the plaintiffs manually configured the deletion settings; thus, the case was dismissed for intentional spoliation. [4]

Weighing the Risks and Benefits

Through automated deletion, ephemeral messaging apps eliminate issues concerning data volume. Smaller amounts of data provide greater security from data leaks and reductions in storage costs. Despite these benefits, ephemeral messages are a risky form of communication because they increase the likelihood of spoliation. [5] Spoliation sanctions can range from monetary payments to case dismissal. [6]

Best Practices for Preservation

  • Automated deletion settings should be shut off as soon as a complaint is filed.
  • Create comprehensive policies on managing ephemeral messages. These policies should outline legitimate reasons for the app’s usage, retention information, and destruction guidelines.
  • Train employees on ephemeral messaging etiquette in the workplace.
  • Monitor and document company usage of ephemeral messaging apps. [7]

[1] Dennis Kiker, “Now you see it, now you don’t: Ephemeral messaging may lead to sanctions,” DLA Piper, June 8, 2020, https://www.dlapiper.com/en/us/insights/publications/2020/06/now-you-see-it-now-you-dont-ephemeral-messaging-may-lead-to-sanctions/

[2] Robert M. Wilkins, “Client Litigation Risks When Using Ephemeral Messaging Apps,” Jones Foster, March 5, 2020, https://jonesfoster.com/our-perspective/pbcba-messaging-app-article

[3] Philip Favro, “INSIGHT: California Case Offers Warnings on Ephemeral Messaging,” Bloomberg Law, June 1, 2020, https://news.bloomberglaw.com/esg/insight-california-case-offers-warnings-on-ephemeral-messaging

[4] Scott Sakiyama, “This Message Will Self-Destruct in 5 Seconds,” Corporate Compliance Insights, March 26, 2020, https://www.corporatecomplianceinsights.com/self-destruct-ephemeral-messaging/

[5] Rebecca Cronin, “A Lawyer’s Guide to Ephemeral Messaging,” JD Supra, May 18, 2021, https://www.jdsupra.com/legalnews/a-lawyer-s-guide-to-ephemeral-messaging-4360652/

[6] Michael W. Mitchell and Edward Roche, “Lessons Learned: Destroying Relevant Evidence Can Be Catastrophic in Litigation,” Smith Anderson, https://www.smithlaw.com/resources-publications-1673

[7] Thomas J. Kelly, “The Rise of Ephemeral Messaging Apps in the Business Word,” National Law Review, April 23, 2019, https://www.natlawreview.com/article/rise-ephemeral-messaging-apps-business-world

Problems and Solutions for Slack Discovery

The Discoverability of Slack

As people turned to remote work in 2020, collaboration apps became a prevalent form of communication. Slack was so popular that some considered it to be the “new email.” Though some legal teams refute its discoverability, the FRCP intentionally established a broad definition of ESI to accommodate new data types. From corporate files to humorous GIFS and standard channel messages, Slack is a medium for large quantities of information. Thus, the application fits the requirements for discoverable digital evidence.[1] Accessing and producing that information, however, can present several challenges.

Production Problems

  1. Hundreds of Slack messages are sent every day.

Medium and large-scale corporations with active Slack users easily send over 100,000 Slack messages per month. Additionally, Slack generates a new file per day for each channel. Examinations of big data are slow and expensive. By proactively identifying specific channels to preserve, litigants can reduce production costs and time.[2]

  1. Slack is only one of many hosts for decentralized communications.

Nowadays, a single conversation can span multiple platforms. For example, if an employee asks their boss a question through email, they may hold a Zoom meeting to discuss it. After the Zoom meeting, they might use Slack to address any follow-up questions. Since the conversation was spread out, the snippet captured on Slack will lack the full context.

  1. Deciphering Slack exports can be difficult.

Slack messages are exported through JSON files, a format that’s a bit hard to understand. Additionally, the files don’t visually display media such as emojis and GIFS. In response to this problem, legal teams may opt to use screenshots as an alternative production method. However, the application only allows users to view and sort through the most recent 10,000 messages.[3]

Tips to Keep in Mind

  • Educate your employees or legal team about Slack’s retention policies.
  • If possible, consider upgrading to Slack’s premium version so that there is no message history limit.
  • Find an eDiscovery solution that will export Slack data in a thorough and understandable format.
  • Avoid preserving unneeded data by identifying which channels are more important than others.[4]

 

[1] Peter Callaghan, “Is Slack Content Discoverable? Yes It (Definitely) Is,” Pagefreezer, https://blog.pagefreezer.com/slack-content-is-discoverable

[2] Matthew Verga, “Discovery from Slack: It’s Complicated,” Xact Data Discovery, June 19, 2020, https://xactdatadiscovery.com/articles/discovery-from-slack-its-complicated/

[3] James Murphy, “The Shark in the Wave: Revealing the Lurking Danger of Slack Data,” Corporate Compliance Insights, June 17, 2019, https://www.corporatecomplianceinsights.com/the-shark-in-the-wave-revealing-the-lurking-danger-of-slack-data/

[4] James Murphy, “The Shark in the Wave: Revealing the Lurking Danger of Slack Data.”