[LINK] Shred of evidence against the law

[Bernard Robertson-Dunn]

Shred of evidence against the law
Karen Dearne
October 16, 2007
Australian IT
http://www.australianit.news.com.au/story/0,24897,22590015-24169,00.html

TOUGH new rules on the production of electronic records in court actions 
aim to put a stop to e-document "shredding", says Joe Fantuzzi, chief 
executive of rising content compliance provider Workshare.

"People in organisations who feel they can shred electronically stored 
documents that may be subject to litigation are driving laws like the US 
Federal Rules of Civil Procedure in e-discovery," he says.

"It's not much different from the paper shredding that brought down 
Enron and Arthur Andersen six years ago."

Under the federal rules, if there is a "reasonable anticipation" that 
information will be required (not just in current actions, but 
prospective ones as well) organisations are required to preserve the 
material for potential discovery.

"This means that you cannot take files out of the archives and tidy them 
up a bit," Fantuzzi says.

"Many people are tempted to do that: let's just clean up a few words in 
this document, alter a few words in that email, using a kind of 
electronic whiteout.

"This is just not allowed in the US now, and with the introduction of 
new legislation in Britain and Victoria we're starting to see countries 
take control of electronic paper shredding."

Adrian Briscoe, general manager of electronic data recovery veteran 
Kroll Ontrack, says "litigation readiness" is the buzz phrase for 2007, 
with lawyers packing out recent forums in Melbourne and Sydney.

E-discovery has moved far beyond the idea of finding a single "smoking 
gun" document, to producing whole sets of incriminating evidence for 
presentation to a court.

"Ten years ago, computer forensics was very much a grey art, and people 
saw it as the next big thing," Briscoe says.

"That has really been superseded. Now it's all about processing loads of 
documents in order to build a haystack of golden documents for the 
para-legals to search, rather than a finding a single golden document."

The sheer volume of data is a big issue, as any one company will hold 
hundreds of backup tapes in storage, Briscoe says.

"Right now, companies are coming to us saying they have a cardboard box 
full of tapes, and they really need to know what's on them because their 
legal counsel are asking what people could ask them to hand over.

"Businesses will have to get to the point where they can understand what 
they need to keep and how to store it. The storage medium has to be 
accessible, and accessible quickly."

Many people are building litigation databases so that documents can be 
opened in the native file format, exposing the metadata, the hidden 
information associated with every e-document that is not visible during 
normal viewing or printing, he says.

Metadata, usually generated automatically, includes details about the 
document's creation, the history of edits or changes, and technical 
information.

It can also include details added by users, such as comment fields.

Courts prefer documents to be provided in their native format, both to 
ensure the material has not been tampered with and to expose information 
contained within individual cells of an Excel spreadsheet, for example.

"The only true means of seeing what's in the original document is to 
open it up in the original application," Briscoe says.

Hidden data also has a flipside: authors of PDF and Microsoft Word 
documents may unwittingly send more information than intended.

Fantuzzi says the embarrassment is usually minimal - at worst you could 
lose a customer.

It's common to reuse documents - as a template for a sales pitch, for 
example.

"You might find hidden data goes out to a new customer that tells them 
something about a previous customer, including your pricing for a 
product or service," Fantuzzi says.

"This is the time to ensure your documents are clean.

"It's important to make sure you don't store information that you don't 
have to store, so risk information is not in your vaults when you come 
under litigation.

"Privacy, data protection and intellectual property laws also have to be 
considered in content risk management. Many laws tell you not to retain 
information beyond a specified period. So you should keep data as long 
as required and, if it's no longer needed, you should destroy it. That's 
best practice."

Research by Workshare suggests less than 20 per cent of companies know 
what information they have stored, and what regulations apply to that 
information.

"That means 80 per cent don't have a means of identifying what they 
have," Fantuzzi says.

Happily, there are plenty of product vendors and service providers ready 
to help out.

Forrester Research estimates spending on e-discovery technology will 
rise to nearly $US5 billion by 2011 "as enterprises realise they have no 
choice" but to comply.

Short-term growth for "reactive solutions" will develop into broader 
retention management strategies that will drive market growth, says 
Barry Murphy of Forrester.

"The biggest direct spend is the processing of data, on average about 
$US1800 per GB," Murphy says.

"Therefore, tools that minimise the amount of data to be processed 
present potentially huge savings."

The largest cost involves the legal professionals who view the data, so 
visual analytic methods will increase their efficiency in determining 
whether data is relevant.

Maintaining the chain of custody and avoiding "spoliation" is also 
essential, so data monitoring and lockdown tools will be in demand.

Murphy says the present solutions landscape is "filled with startup 
vendors of questionable viability, software giants with questionable 
domain experience, and no apples-to-apples comparison mechanism".

Oracle is one traditional player that is putting together a 
comprehensive product, announcing just last week that it had acquired 
LogicalApps, a leading provider of automated governance, risk and 
compliance systems.

It also released an updated version of its Universal Records Management 
system with new features for mitigating cost and risk around legal 
discovery.

In September it bought Bridgestream, an enterprise role management 
software developer for its compliance capabilities.

Oracle Asia-Pacific content go-to-market initiatives director Rob Whiter 
says there has been a major shift in perspective away from first or 
second-generation records management products "which assumed you would 
be able to put all of your records into them".

"The current generation accepts the fact that records will exist and 
continue to be maintained within a multitude of systems across the 
enterprise," Whiter says.

Problems involving mobile devices and other media not immediately under 
corporate control have given rise, "fairly suddenly", to technology for 
intellectual rights management.

"Whereas once you emailed something from your organisation it left your 
security behind, but now we have tools that give you some kind of 
control as it travels through the ether and over who should see the 
information," Whiter says.

"We've also invested a lot of effort in our e-discovery toolset. Rather 
than trying to get people to put documents and records into a 
repository, we now have a policy engine that allows us to apply holds on 
information in other systems."

Whiter says that although e-discovery is complex because it touches so 
many aspects in an organisation, the new products will help to solve 
some of the present problems of security, data retention, identity 
management and record-keeping.

"We've all been aware of the laxness with which we manage our electronic 
data for a long time, and we've all been very aware that those days 
would have to come to a close," he says.

"Through the draft overhaul of the Privacy Act and other proposed data 
laws, small and large businesses alike are being told their information 
is potentially public record, and they must manage it in a decisive and 
policy-driven way, or they will find themselves exposed.

"The moment the impetus becomes compelling this will move very quickly. 
The industry is responding to the speed with which this will now move."

-- 

Regards
brd

Bernard Robertson-Dunn
Sydney Australia
brd at iimetro.com.au