Electronically Stored Information
The Complete Guide to Management, Understanding, Acquisition, Storage, Search, and Retrieval
Published July 17th 2012 by Auerbach Publications – 400 pages
Published July 17th 2012 by Auerbach Publications – 400 pages
Although we live in a world where we are surrounded in an ever-deepening fog of data, few understand how the data are created, where data are stored, or how to retrieve or destroy data. Accessible to readers at all levels of technical understanding, Electronically Stored Information: The Complete Guide to Management, Understanding, Acquisition, Storage, Search, and Retrieval covers all aspects of electronic data and how it should be managed.
Using easy-to-understand language, the book explains: exactly what electronic information is, the different ways it can be stored, why we need to manage it from a legal and organizational perspective, who is likely to control it, and how it can and should be acquired to meet legal and managerial goals. Its reader-friendly format means you can read it cover to cover or use it as a reference where you can go straight to the information you need.
Complete with links and references to additional information, technical software solutions, helpful forms, and time-saving guides, it provides you with the tools to manage the increasingly complex world of electronic information that permeates every part of our world.
Matthews has approached eDiscovery from a fresh, new perspective—one that is understandable to the layperson as well as technologist. … A must read for anyone in the information technology and legal professions … . The flow of the book from the first chapter to the last is clear, simple, and thorough … should be required reading for anyone in a computer science, information technology, or law-related program, and is now part of the Digital Forensics and the Law course I instruct. If you want to get up to speed on eDiscovery and actually understand what you read, you’ll buy this book.
—Steve Hailey, President/CEO, CyberSecurity Institute, Digital Forensic Examiner and Educator
What Is Electronic Information, and Why Should You Care?
Electronically Stored Information (ESI) and the Federal Rules of Civil Procedure
Changes to the Federal Rules of Civil Procedure
Rule 16 (b)(5) and (6)—Pretrial Conferences; Scheduling Management
Rule 26— General Provisions Governing Discovery; Duty of Disclosure
Rule 37 Safe Harbor
Rule 34 (b) Producing Documents—Procedures
Rule 33 (d) Interrogatories to Parties
Rule 45 Subpoena
Federal Rules of Evidence
Case Law Examples
Bass v. Miss Porter’s School (D. Conn.10/27/09)—Defining Relevancy
Crispin v. Christian Audigier, Inc. (C.D. Cal. 2010)—Private Information
Romano v. Steelcase (N.Y. Sup. Ct. 2010)—Another Social Media Privacy Case
KCH Servs., Inc. v. Vanaire, Inc. (W. D. Ky. 7/22/09)—Trigger to Reasonably Expect Litigation
Olson v. Sax (E. D. Wis. 6/25/10)—Safe Harbor Rule
Spieker v. Quest Cherokee, LLC (D. Kan. 7/21/09)—It Is the Practice
Valeo Electric Sys., Inc. v. Cleveland Die and Mfg. Co. (E.D. Mich.6/17/09)—Production of Evidence as Requested in Meet and Confer
Takeda Pharm. Co., Ltd. v. Teva Pharm. USA, Inc. (D. Del. 6/21/10)—Not Reasonably Accessible?
O’Neill v. the City of Shoreline (Wash. 9/27/10)—Metadata Are Data and Home Computers Are Evidence
Williams v. District of Columbia (D.D.C. 8/17/11)—When "Claw-Back" Rules Can Fail You
Pacific Coast Steel, Inc. v. Leany (D. Nev.9/30/11)—Losing Privilege
Kipperman v. Onex Corp. (N.D. GA. 5/27/10)—A Textbook Case
Pippins v. KPMG LLP (S.D.N.Y. 10/7/11)—How Much Data Do You Really Have to Keep
Chen v. Dougherty (W.D. WA. 7/7/09)—Attorney Gets a Slap for Incompetence
United Central Bank v. Kanan Fashions, Inc. (N.D. Ill. 9/21/11)—Spoliation Sanctions That Hurt the Party but Not Their Attorney
Pension Comm. of Univ. of Montreal Pension Plan v. Bank of Am. Secs., LLC (S.D.N.Y 1/15/10)
Holmes v. Petrovich Development Company, LLC (CA Court of Appeals, October, 2011)—Employee’s E-mail Sent from Work Not Privileged
Lester v. Allied Concrete Company (Circuit Court VA, September, 2011)—Original Award Reduced Due to Withholding of Facebook Evidence
The Rulings of Judge Scheindlin—Zubulake, Pension, and National Day Labor
Other Federal Rules That Affect Electronic Data
The Problems with ESI as Discoverable Evidence
Why and How This Affects the Practice of Law
How This Affects Business Organizations
Effects on Government Entities
What This Might Mean to You as an Individual
Translating Geek: Information Technology versus Everyone ElseIntroduction
The Role of Information Technology
The Information Technologist’s Perspective
Information Technology as an Ally
Where is Electronically Stored Information? It’s Everywhere!Introduction
File and Print Servers
Instant Messaging Services
Physical Access Records
Internet or Online Data
Desktop Computer Facts
Metadata and Other Nonapparent Data
Who’s in Charge Here? Allies, Owners, and StakeholdersIntroduction
The (Long) List of Stakeholders
Information Technology Professionals
Department Heads, Vice Presidents, and Executives
Physical and Information Security Personnel
Ownership of Data
Data Control Considerations
Required Skill Sets and Tools
The Hunt: Recovery and AcquisitionIntroduction
Where Oh Where Has My Data Gone?
Applications as a Vital User Interface
Hidden or Restricted Access Data
Deleted or Corrupted Data
Proprietary Data or Data Stored on Obsolete Media
Privileged, Sensitive, and Inaccessible Data Management
Proving Ownership and Integrity
Marking Time—How Time Is Recorded and Ensuring Integrity
Legal and Forensically Sound Acquisition
Keeping Your Treasures: Preservation and ManagementIntroduction
Securing the Data
Access Control and Management
Organization and File Management Techniques
Management of Data over Time
Response to Litigation or Audits
Safe Storage Issues and Considerations
Spoliation—The Loss of Relevant Data
Automated Technical Solutions
Sharing Is Good: Dissemination and Reporting
Format Issues—Original or Usable?
Mediums for Transfer
Creating Readable Reports
Tips for Depositions and Expert Witness
Appendix A: Links and References for More Information
Appendix B: Forms and Guides
David Matthews is Deputy Chief Information Security Officer (CISO) for the City of Seattle. He worked in the information technology (IT) field since 1992. He began working for the City of Seattle as the technology manager for the legislative department (city council) in 1998. In early 2005 he was selected to be the first Deputy CISO for the city. In his work for the city he developed and created an incident response plan that is compliant with the National Incident Management System (NIMS)/Incident Command System (ICS); updated and extensively rewrote the city’s information security policy; and created and taught training courses on information security and forensics. He most recently created an IT primer for the city’s law department as part of his collaboration with them on e-discovery issues.
He is a participant and leader in regional information security organizations. He is the public-sector co-chair of the U.S. Computer Emergency Readiness Team (US-CERT)/Department of Homeland Security (DHS) sponsored North West Alliance for Cyber Security (NWACS). With NWACS he has worked with the Pacific Northwest Economic Region (PNWER) nonprofit to sponsor information security training for Supervisory Control and Data Acquisition (SCADA) operators and managers; a risk management seminar; a regional cyber response exercise; four Blue Cascades disaster scenario exercises; and is the creator and editor of a portal website with local information security and forensics activities, a library of best practice documents, and links to information security and forensics websites.
Matthews is also an active participant in many local, national, and international information security, forensics, and e-discovery organizations. He is the chair of the local Critical Infrastructure Protection subcommittee of the Regional Homeland Security team, and also is a member of the American Bar Association’s Science and Technology and Electronic Discovery committees. He published an article on active defense in the Information Systems Security Association (ISSA) journal and has presented at many emergency management and information security conferences. His most recent presentation on e-discovery called "New Issues In Electronic Evidence" has been presented to records managers and information technology and security audiences in corporations such as REI and Starbucks, was presented as a peer-to-peer session at RSA, and was given as a continuing legal education course for the U.S. Attorney’s office in Seattle and the City of Seattle’s law department.
He holds the titles of Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Digital Recovery Forensics Specialist (DRFS), and CyberSecurity Forensic Analyst (CSFA).
Matthews is a native of the Seattle area whose interests spread much further than IT or even information security. He is an avid reader, writer, hiker, biker, gardener, and a black belt in Shitoryu karate. He and his wife live with their three children north of Seattle.