Second, we saw that Clearwell posted an explanation for its appearance in a published Order from U.S. Magistrate Judge Elizabeth Laporte in Datel Holdings Ltd. v. Microsoft Corp. Coming fast on the heels of the negative reference to Clearwell in the government’s brief asking for a stay of Judge Scheindlin’s Order in National Day Laborer Organizing Network v. U.S. Immigration and Customs Enforcement Agency, a case in which the Declaration of the Director of the Freedom of Information Office at ICE went into great detail about the problems the government had run into with Clearwell, it undoubtedly was important for Clearwell to clarify what had happened in the Datel case. In this instance, Microsoft unwittingly produced portions of an email thread that Microsoft’s lawyers had listed on their privilege log. Microsoft’s counsel argued that the disclosure of the material was inadvertent, and was due to, as Judge Laporte put it in the Order, a “glitch” in Clearwell. As it turns out, Clearwell explained that the problem was really Microsoft’s, in that the software Microsoft used to decrypt previously encrypted content had truncated certain documents before they were loaded into Clearwell.
What do these two items have in common with each other? They highlight the critical importance of forensics technology – which can handle all types of data and all types of cases – in an in-house electronic discovery system. Certain vendors who, unfortunately, are forced to rely on the computer’s operating system to search and collect data have tried to argue that “forensics is overkill,” but nothing could be further from the truth. An in-house electronic discovery system based on forensics can find hidden data (which can be critical in trade secrets, IP, or fraud cases, or in internal investigations), and can handle encrypted data, so that you are not forced to decrypt in a third-party tool before entering the data into your e-discovery application. Why deploy a partial solution?
Certainly, given the data volumes and number of devices, forensics technology that can be targeted at potentially relevant data is critically important. But there should be no confusion – “forensics” does not mean that “full-disk” images must be taken. Rather, it means that the technology does not rely on the computer’s operating system to identify, collect, and preserve potentially relevant data, so that all cases can be addressed by the system without disrupting custodians; it means that all metadata is protected throughout the process, so that you don’t find yourself in the situation of the government in NDLON; and it means that hidden, embedded or encrypted data can be addressed within the system, so that you do not have to rely on other tools to “massage” the data before using your electronic discovery system. On that last point, EnCase® eDiscovery has built in integration with Microsoft’s RMS encryption tool – the encryption at issue in the Datel case – as well as built-in integration with other common encryption tools such as PGP, SafeBoot, Credant, Utimaco, Guardian Edge, etc. All kinds of cases, all kinds of data – that’s the strength of a forensics backbone in an in-house electronic discovery system.
Patrick Zeller is vice president of e-discovery and deputy general counsel at Guidance Software.
No comments :
Post a Comment