Many of the features that make public cloud-computing services attractive run up against government’s traditional security models and controls, according to the National Institute of Standards and Technology’s recently-released Special Publication 800-144 (.pdf), which tallies the threats, risks and access concerns agencies should consider before entering into such contracts.

The publication stops short of recommending service arrangements, service agreements, service providers or deployment models, however. Departments and agencies should use NIST’s guide to analyze their specific requirements against public cloud services, write report authors.

Sign up for our FREE newsletter for more news like this sent to your inbox!

The publication emphasizes that in the end, the organization is responsible for security and privacy in the cloud, not the service provider. As such, SP 800-144 stresses a risk-based approach in analyzing how and what functions to move to the public cloud–organizations should extend to the cloud the same governance practices employed when deciding to outsource any other IT service.

via NIST issues security, privacy guidance for public cloud – FierceGovernmentIT.

Google, Facebook and other big tech companies are jointly designing a system for combating email scams known as phishing.

Such scams try to trick people into giving away passwords and other personal information by sending emails that look as if they come from a legitimate bank, retailer or other business. When Bank of America customers see emails that appear to come from the bank, they might click on a link that takes them to a fake site mimicking the real Bank of America’s. There, they might enter personal details, which scam artists can capture and use for fraud.

To combat that, 15 major technology and financial companies have formed an organization to design a system for authenticating emails from legitimate senders and weeding out fakes. The new system is called DMARC — short for Domain-based Message Authentication, Reporting and Conformance.

via Big name tech companies team up to combat email phishing scams – The China Post.

Evans v. Mobile Cnty. Health Dept., No. CA 10-0600-WS-C, 2012 WL 206141 (S.D. Ala. Jan. 24, 2012)

In this case, the defendant sought to compel the production of additional information and sanctions for plaintiff’s destruction of her computer.  Following its analysis of the facts, including plaintiff’s admission that the computer used during the time of her alleged harassment had been burned and replaced, the court granted defendant’s motions and compelled production of additional ESI as well as plaintiff’s new computer and imposed sanctions, including an adverse inference instruction.

Plaintiff sued the Mobile County Health Department alleging reverse discrimination.  In the course of discovery, the defendant requested production of all documents, including ESI, related to the allegations contained in the complaint.  Thereafter, the court entered a scheduling order which included specific instruction for plaintiff to preserve relevant information.  Initially, plaintiff made no production, but eventually produced a small number of documents at her deposition and admitted to the existence of others, including emails.  Despite the fact that plaintiff would ultimately claim that h

via Plaintiff Sanctioned for Burning Personal Computer : Electronic Discovery Law.

The sheer volume of potentially relevant electronically stored information (ESI) in companies and government organizations challenges any organization to understand the costs of e-discovery and prepare for each step of litigation. Even with data already in litigation hold and through a first pass filter there can be a tremendous volume to sift through, leaving many uncertainties.

The question then becomes this: How do you extract the information you need in order to understand the potential costs of a full review without undertaking a full review — and still be prepared for a Rule 26 meet and confer?

iReview Analytics™ is our early case assessment (ECA) tool that gives you the insight you need to be prepared. iReview Analytics utilizes CAAT, a powerful example of a new class of technologies known as “Text Analytics”, to transform large volumes of unstructured data, such as documents, emails, and publications, into relevant, actionable information. Text Analytics automate most of the human activity traditionally associated with ECA to understand, organize, prioritize and retrieve information from large sources of unstructured data.

iReview Analytics was developed in partnership with Content Analyst Analytical Technology (CAAT), a leading developer of advanced analytics for searching and analyzing unstructured text. iReview Analytics includes the CAAT engine – a unique, patented software system that provides advanced Conceptual Search functions based on Latent Semantic Indexing. This search technology enables iReview Analytics to acquire all its search intelligence from the actual documents being indexed. Unlike other solutions, iReview Analytics does not require external dictionaries or thesauri. It works across foreign languages, even searching – and finding – relevant documents in different languages –without prior translation.

iReview Analytics returns to you an analysis of your data that identifies key concepts, categorizes those concepts and then provides you the ability to sample the documents based on the most relevant categories. This early case assessment gives you the information you need to understand costs and prepare for Rule 26 meet and confer at a fraction of the cost of a full review.

iReview Analytics™ Capabilities:

Concept Search – Using advanced mathematic formulas to allow users to find similar, related, and relevant documents based purely on the concepts those documents are discussing – without using keywords, and without retrieving “matching, yet irrelevant” content.

Categorization – Allows users to define categories by means of examples. Based on the exemplars, iReview Analytics and CAAT technology automatically categorizes incoming documents.

Instant Context (Contextual Explanation) – Helps users understand unfamiliar terminology. The user clicks on an unfamiliar term and iReview Analytics with CAAT highlights similar terms found in related text.

Language Analytics – Within any single language, iReview Analytics with CAAT can be applied to any topic, vocabulary or language that can be represented in the Unicode encoding system. In a cross-lingual mode, users can submit queries in English while searching documents in other languages.

Summarization – Automatically identifies sentences in a document that best represent key concepts, and uses those sentences to give users a quick summary of the entire document.

Dynamic Clustering – Allows a user to point iReview Analytics with CAAT to a set of documents and then allow iReview Analytics with CAAT to dynamically group conceptually-similar documents together in a tree-type hierarchy and finally, to apply a descriptive title to each cluster of documents.

Near Duplicate Document Detection – Uses iReview Analytics with CAAT Dynamic Clustering to identify and group documents that are duplicates and/or near-duplicate documents, as well as identifying the extent of duplication.

Modern organizations have access to abundant sources of data that contain jewels of useful knowledge.  Emails, web pages, memos, call center transcripts, survey responses, claims notes, legal cases, patent descriptions, research articles, and incident reports – all hold valuable pieces of knowledge that are hard to discover because they are hidden within large volumes of raw data or structured datasets not typically indexed for key term searching.  Overwhelmed by the glut and variety of data, law firms and corporations are seeking new methods to analyze large volumes of structured and unstructured data to not only discover key knowledge, but to create case or review strategy as well.

Automated Knowledge Discovery & E-Discovery Text Analytics

Automated Knowledge Discovery (“AKD”) is our service that derives knowledge from text and structured data, including XML files, databases, spreadsheets, web sites, documents, and emails using Natural Language Processing, Machine Learning, Interactive Visualization and Report Generation.  AKD enables you to gain valuable insight into large diverse data sets by leveraging intelligent data mining and analysis tools to undertake a range of knowledge discovery tasks, including:

Distinct Text Identification 

Key Term Linking

Text Clustering

Keyword Extraction

Link Analysis

Complex Searching

Our Automated Knowledge Discovery Services provide valuable insight to any collection of discovery data, far beyond key term browsing typically associated with litigation support systems, many of which simply do not have the ability to process structured data such as SQL databases or “as found” versions of email stores.  Additional benefits of AKD Services include:

Related articles

• “Bringing E‐Discovery Workshops To You,” an in-house CLE series for Singapore (e-discovery.asia)
• Data Mapping Services for Electronic Discovery & Information Governance (legaltechtoday.com)
• Introducing Automated Knowledge Discovery from Global EDD Group (legaltechtoday.com)
• Advanced E-Discovery Text Analytics from Global EDD Group (legaltechtoday.com)

Today’s 24/7/365 global economy often does not allow for server downtime to undertake typical forensic collections, nor do many court mandated deadlines allow enough time to collect data at geographically dispersed locations.

Our data collection teams are able to remotely capture live data – including  RAID disks, physical drives, logical volumes, and physical memory (32 & 64 bit Windows) – in a forensically sound manner via IP network connection.  We can connect to a target device, whether it is a server located downstairs in the corporate data center or a PC in a remote office halfway around the world, as long as there is connectivity within the corporate network.

Target environments supported include:

Windows: 2000, XP, 2003, Vista, 2008, & 7, 32 and 64bit, Physical memory only supported on 32bit and 64bit Windows

Apple OSX: OSX 10.3,10.4,10.5,10.6 Universal Binary, *FK only supports Intel Apple OSX

Linux: most Linux distributions build on Glibc 2.3.5 and higher, Android on ARM, and Embedded Linux

Solaris: Solaris 8, 9, & 10 on SPARC and OpenSolaris on Intel

IBM AIX: AIX 5.1,5.2,5.3,6.1 on the Power processor

HPUX: HP_UX11iv2,11iv3 on the Itanium processor

FreeBSD: AIX 7 on the Intel/i386 processor

SCO: SCO OpenServer 6 and Unixware 7 on the Intel/i386 processor

Related articles

• Global EDD Group: Your Local E-Discovery Resource, Worldwide (e-discovery.asia)

Image via CrunchBase

Everyone seems to have a smart phone. These devices store a wide variety of information, some not even apparent to the owner. Our data collection teams are equipped to retrieve data from cell phones and other mobile devices in a forensically sound manner that preserves the evidence, ensuring that it is admissible in court proceedings.

The extent to which we can recover data is heavily based on the cell phone or device model. However, we can extract some useful data from about 95% of all cellular phones on the market today, including smartphones and PDA devices (Palm OS, Microsoft, Blackberry, Symbian, iPhone, and Google Android).

Here are some of the types of information we can gather:

• Phonebook contacts
• Phone details: IMEI / ESN and Phone number
• ICCID and IMSI
• SIM location information: TMSI, MCC, MNC, LAC
• Text messages including deleted SMS off SIM / USIM
• Call logs ( Missed / Dialed / Received including deleted call histories off SIM / USIM )
• Pictures
• Videos
• Audio files
• Ringtones
• Geo tagging pictures and mapping through Google Earth
• Password Extraction
• Bypass SIM Locked phones (carrier lock) when original SIM is not available.
• Unicode Extraction for Multiple Languages

Guided Self Collect™ is a service that enables the collection of electronic data from geographically dispersed locations.  After detailed consultation with the legal team and information technology staff, Global EDD Group issues specially prepared compact discs and external hard drives to be used for the collection of each custodian’s data under the guidance and supervision of Global EDD Group forensic technicians via remote communication channels.

Related articles

• Global EDD Group Introduces iReview Analytics™ for Electronic Discovery (legaltechtoday.com)
• Mobile Technology Units that provide full range of self-contained E-Discovery services | Global EDD Group (legaltechtoday.com)
• Expand Your E-Discovery Data Collection Services Via Partnership (legaltechtoday.com)
• Introducing Automated Knowledge Discovery from Global EDD Group (legaltechtoday.com)

Bull v. United Parcel Service, Inc., — F.3d —, 2012 WL 10932 (3d Cir. Jan. 4, 2012)

In this case, the appellate court concluded that “producing copies in instances where the originals have been requested may constitute spoliation if it would prevent discovering critical information,” but found that in the present case, the District Court abused its discretion in finding that spoliation had occurred and in imposing a sanction of dismissal with prejudice.

The plaintiff in this case failed to produce two original notes from her doctor (but did produce copies during discovery).  During trial, when plaintiff’s counsel attempted to introduce a copy of one of the notes, defendant objected on the basis of best evidence.  In the sidebar that followed and in subsequent questioning of the plaintiff by the court, it became clear that there was some confusion between plaintiff and counsel as to the existence of the originals.  Ultimately, plaintiff indicated that the original note “should be” at her home and the there was no reason she did not search for it previously.  This contradicted her attorney’s representation that the plaintiff had been asked for the originals and reported that she could not find them.  Accordingly, the District Court declared a mistrial and invited the defendant to file a motion for sanctions.  Plaintiff produced the original doctor’s notes to the court five days later.  Thereafter, upon consideration of defendant’s motion for sanctions, the District Court invoked its inherent authority and ordered the case dismissed with prejudice.  Plaintiff appealed.

via Failure to Produce Originals Could be Spoliation in Third Circuit : Electronic Discovery Law.

A brief overview of recent changes to the Google Privacy Policy