LAWTECH GURU BLOG by Jeff Beard

Yet Another Redaction Infraction

As reported on Law.com, a plaintiff's firm against GE in a class action sex discrimination case improperly redacted filings appearing on PACER, allowing readers to copy and paste the sensitive redacted text into another program like Word. Sounds like the classic mistake of adding black boxes without stripping the underlying text. I'm surmising they filed PDFs which is usually the standard in e-filing.

Taking the plaintiff firm's spokesperson at their word (I'm assuming the leak wasn't intentional), it sounds like it was a mistake made from ignorance. The article reports that they were working to correct the problem by making emergency, corrected filings with the federal court clerks. At that point, it's probably best thing they could do to prevent further inadvertent disclosures. But how do you unring the bell?

Rather than restate the article (which I recommend reading as a cautionary tale), I'll add that law firms and corporate law departments still need to be vigilant in the proper way to redact electronic documents. Historically, Adobe Acrobat did not provide appropriate redacting tools (a point I've suggested to them over the years and to which they listened by adding redaction in Acrobat 8 Professional -- but take note, it's not in the Standard version). So firms running on older versions of Acrobat or other PDF tools without built-in or third-party redaction tools (such as Redax from Appligent), remain at risk. By the way, Acrobat 9 was just announced and will likely ship in the next month or so. The same caveat re: Standard-sans-redaction applies per Acrobat's Feature Comparison Table.

If you haven't already invested in these tools, your process may be similar to this:

- Justifying the need for the proper tools (um, just read the article above)
- Communication to the legal staff as to why they are required, using real world examples to demonstrate the impact and that it's not just a hypothetical
- Investment in the appropriate software tools
- Training and practice for the legal staff actually performing the redaction, and it's not a bad idea for supervising attorneys to at least understand the underlying principles (as the plaintiff's lead counsel said, "I didn't know that.")

If your organization is already using appropriate redaction tools (you are, right?), it's probably a good idea to have redaction "tune-ups" with your staff. Meaning, reviewing and/or creating documentation for the standardized and firm-approved process of redacting documents, holding periodic refresher and new user training (consider "on-demand" video training snippets for training or follow-up support so busy professionals can fit it into their schedule), and consider making it part of the organization's overall risk management initiatives so it's at least on the radar. While you're at it, you might want to take a look at how many people actually know how to properly secure or lock a PDF, particularly those posted to external sources such as web sites.

For other helpful resources, the NSA (yes, that NSA) published a guide several years ago describing how to redact documents after the federal government suffered several information breaches and embarrassments from improper redaction efforts. There are also several very informative blogs dedicated to using PDFs in the legal market, such as Acrobat for Legal Professionals and PDF for Lawyers, both of which have definitely addressed redaction issues.

While these tools have significant price tags, as the saying goes, "an ounce of prevention..." Taken into perspective, an organization is likely going to incurs costs far greater than software and training when dealing with just one of these mis-redaction incidents. Sounds like a pretty good ROI to me.

Litigation Support Leaders Honored in D.C.

I just returned from speaking in D.C. at the International Litigation Support Leaders Conference, organized by Litigation Support Today magazine. It was a well-organized event, especially as it was the first one offered by the magazine, attracting litigation support managers and professionals from across the country. It was a very focused conference with excellent speakers and engaged attendees, yet the highlight was easily dinner Thursday evening. Albert Buckwalter (LST's Editor) honored those litigation support leaders with the Betsy Ann Reynolds Awards for Excellence in Litigation Support in several categories. So often are litigation support professionals the unsung heroes in the legal profession, and it was nice to see some recognition for their efforts and leadership:

Beth Kellermann, Litigation E-discovery Manager for Apple, Inc., was recognized in the corporate legal department category. Florinda Baldridge, Director of Practice Support for Fulbright & Jaworski LLP, was recognized in the private law firm category. Also, Carl Kikuchi, Branch Chief for the Office of Litigation Support, U.S. Department of Justice, Civil Division was recognized in the government category. Congratulations to all.

But it was especially warming to see long-time friend and colleague Tom O'Connor receive top honors industry-wide for his selfless work in New Orleans, helping lawyers after the spotlight on Katrina had faded. Many may not know this, but Tom relocated to New Orleans and organized free CLE for attorneys by getting speakers and vendors alike to respond, and brought other resources and ideas.

During his speech he asked, "Who helps lawyers?" The answer is, of course, other lawyers. In his unassuming and down-to-earth manner, Tom told me afterward how even a relatively simple thing as providing free copies of software to struggling attorneys brought on tears of thanks. That's how much this assistance was needed. As Tom shared, while the the larger firms generally had more resources to rebuild, what were solos who practiced out of their home offices to do when they didn't even have a roof over their head? Some had to move away, but those who stayed needed all the help they could get to continue on. The public usually thinks of the negative aspects of the profession, and sometimes with good reason, but it's people like Tom who make me proud to be a member. Congratulations Tom, it was well deserved.

Norton SystemWorks "Deranges" Your Hard Drive?

Well, many of us in legal tech circles have suspected for years that Norton SystemWorks often caused more PC problems than it cured. Imagine my surprise to see it "confirmed" on a Symantec renewal web page while checking out the price to renew my Norton Internet Security suite subscription (of which I recommend the 2007 version and newer as it's been noticeably improved):

I think they were going for "defragments", but yet another reason to have a second, perhaps more technically inclined person double-check your sales content.

Just for fun, here's the definition for "derange" from Dictionary.com, which pretty much sums it up, especially #3 if you need to go through outsourced tech support these days:

Presenting on Litigation Readiness Teams in D.C., May 15th-16th

Next week, I am leading the panel discussion on "Litigation Readiness: The Team is Growing and Evolving" at the International Litigation Support Leaders Conference being held in Washington D.C. on May 15th & 16th.

In today's complex litigation where ESI is now the norm, numerous organizations and teams all need to work effectively with each other, have clean lines of communication and expectations, and yet it's not always clear who's doing the driving. Please join me for an interactive and informative session sharing the challenges, best practices and take-aways for litigation professionals, corporate teams, and more.

The conference is organized by the great people at Litigation Support Today Magazine. They've assembled an impressive list of presenters that reads like a "Who's Who" in litigation support and eDiscovery professionals, and I'm looking forward to many interesting discussions.

Announcing My New E-Discovery Position

I'm very pleased to announce that I've joined Electronic Evidence Discovery, Inc. (EED) as Senior Consultant, reporting directly to the VP of Consulting Services. In my new role, I'll be advising law departments in their overall litigation readiness, legal hold, and e-mail and document retention strategies, processes, and solutions. In addition, I'll be consulting on active litigation matters to provide enhanced strategy and guidance.

On a personal note, I'm pleased to join a company who has been a trendsetter in directing eDiscovery technologies and methodologies for over 20 years, a rarity in this often volatile market. Great company, with fantastic people who really know their stuff. I'm particularly excited as my new responsibilities will draw on my deep experience with corporate legal departments, law firms, and enterprise business units and systems. In other words, I understand their specific challenges as I've been there too, as a practicing attorney, corporate legal IT manager, and large law firm and legal technology consultant. As a law firm executive director recently shared with me, "finding someone who can think like a lawyer and understand 'tech speak' is a rare animal."

I'm also a Six Sigma Green Belt with extensive experience with systems and processes that include e-mail and document retention, electronic invoicing, matter and document management, and enterprise content management. Thus I understand the challenges corporate teams face in managing their data, as well as in designing and implementing effective processes to improve defensibility and compliance. In addition, a number of companies are looking ahead to their "next steps" to proactively address these issues, which include evaluating whether and how to bring more preservation and collection efforts in-house, retooling or refining their data retention policies and practices, and further automating and systemizing their litigation hold processes.

I'll repeat the disclaimer that the posts and opinions expressed on this blog are solely my personal opinions and viewpoints. They do not represent or reflect (nor are they intended to represent or reflect) the positions, opinions, viewpoints, policies and/or statements of my employer or any other entity or person.

As always, if you'd like to discuss anything or just want to bounce ideas around, please feel free to contact me via the e-mail link at the top of my blog.

A PSA for Qualcomm Counsel

I really enjoyed watching this video, an interesting awareness test.

It's a public service announcement to watch out for cyclists. But its main message is equally applicable to managing and finding your own data. As the announcer says at the end, "It's easy to miss something you're not looking for." (And, sometimes, for things you are.)

It often takes a fresh and expert eye to spot what others have missed. Don't be afraid to seek them out, as it's often more cost-effective than missing what's in plain view.

Free "Shadow Explorer" Displays & Recovers Shadow Copies on Any Version of Vista

I've posted previously about Vista's Shadow Copy feature, and its security and e-discovery implications. Having explored it a bit more over the past several months, here are some things legal and IT professionals should know about it. Consider it a crash course in Vista Shadow Copies, and I'll share how to get a new utility program for accessing and restoring these hidden files.

Please keep in mind some of these items are based on information found online including unofficial sources, so it's best taken as my personal interpretation of that information (meaning that if I've unintentionally stated something incorrectly, don't hold it against me, and I would appreciate constructive feedback):

• Numerous postings online have stated that by default, all versions of Vista automatically create shadow copies of your documents and other user data files and folders as part of the "System Restore" feature.



• You can turn off "System Restore" to disable shadow copies, but it's a bit of throwing the baby out with the bath water. You see, "System Restore" allows you to roll back the clock on your system to an earlier (and hopefully more stable) state. This is incredibly useful whenever your Vista system experiences problems (such as after installing a problematic program, driver, or update, adverse registry changes, etc.). FYI, newer Apple operating systems offer a somewhat similar feature called "Time Machine".



• By default, Vista allocates 15% of the drive's size or 30% of available free space, whichever is smaller, for storing this data. In Vista, Microsoft removed the nice slider control available in Windows XP, so changing its space allocation requires some arcane text commands with administrator privileges. Thus most users will just leave it as-is. On larger hard drives, this creates a fairly large backup cache. For instance, on a new 200GB hard drive, up to 30GB would be dedicated to storing these hidden backups. When the allocated space fills up, Vista deletes the oldest backups as needed to make room for the new ones.



• However, only the Ultimate, Business, and Enterprise editions of Vista actually allow users to access and retrieve the hidden shadow copies via the "Previous Versions" feature in Windows Explorer.



• This means the Vista Home Basic and Premium versions create these hidden shadow copies but do not provide any way for their users to access or retrieve them. This results in potentially large amounts of wasted disk space and additional data retention concerns. Perhaps Microsoft intended this as a teaser to entice Home users to upgrade to Vista Ultimate, but they really should have disabled shadow copies on those editions or alternately provided the "Previous Versions" feature to access and restore them as needed.



• To help address these issues, Shadow Explorer is a free basic utility program (not affiliated with Microsoft) which allows these users of other Vista versions to access and restore these prior shadow copy backups. However, unlike "Previous Versions", it requires administrator privileges to run. (But see my caveat at the end of this post since it's a 0.1 release.)



• Even Vista Ultimate, Business, and Enterprise users and IT departments may find Shadow Explorer of use. I've discovered firsthand that Vista's "Previous Versions" feature is dependent on a number of system and service prerequisites, and the lack of any one of them will disable the ability to access and restore these Previous Versions. For instance, disabling a drive's administrative share, certain Windows services, or networking settings can all disable the "Previous Versions" listing in Vista Ultimate even though the backups are still present on the drive.



• Tip: If you have Norton Internet Security installed and have run its "Security Inspector", it may have reported and disabled several hidden administrative drive shares (such as C$) as security risks (which they are indeed). However, as mentioned above, these administrative shares are necessary for "Previous Versions" to function in Vista. So if you want to leave these shares disabled for better security, the Shadow Explorer utility program allows you to access and restore shadow backups even though Vista's own "Previous Versions" feature is disabled.

Organizations interested in migrating to Vista will need to explore these issues in more detail before crafting their security and group policies. I expect some will elect to disable System Restore altogether and rely upon other system restoration methods to address user support issues as they arise. Others may move user folders onto a separate disk partition or drive and simply turn off "System Protection" for that location. Such options may improve Vista's performance if it's not churning away saving hidden backup copies, and it's usually a good idea to separate documents from program files for a number of valid reasons.

So it's all the more puzzling to try to understand why Microsoft chose to disable access for Vista home users, as they are the ones most likely wanting to use and restore Shadow Copies. I seriously doubt informed businesses would want multiple hidden document versions floating around on their corporate laptops and desktops, particularly in light of numerous regulatory and litigation concerns.

Shadow Explorer Tutorials can be found at:
http://www.howtogeek.com/howto/windows-vista/recover-files-with-shadow-copies-on-any-version-of-windows-vista/
http://www.shadowexplorer.com/documentation/manual.html

Please keep in mind that Shadow Explorer is a very basic version 0.1 release. While it worked fine for me during my brief testing, it may contain bugs and other issues consistent with a new release. With that said, it provides an easy way to access, view, and restore the various shadow copies in Windows Vista. I applaud the author for providing such a useful tool, and for considering these additional planned features as it's developed further.

Breaking through the ESI Inaccessibility Wall - Feature Guide

My latest article, "Breaking through the Inaccessibility Wall -- A New Angle", is published in the current February/April 2008 issue of Litigation Support Today magazine. You can download the PDF reprint here.

Corporate counsel struggling with records retention should be among the first to read this, as their regular business information can be used against them in unforeseen ways. Indeed, my alternate title for this practical guide is "Call the Help Desk, Your Accessibility is Showing". From discussions with various corporate and outside counsel, a common misconception under the new rules is that backup tapes are an inaccessible “safe harbor” media as long as one asserts they are only used for disaster recovery. Depending on the specific facts, this could prove to be a costly assumption as newer decisions consider the totality of the burden and cost under Rule 26(b).

As a result, I suggest a novel but very practical approach to challenge or confirm an opposing party's assertions using business intelligence methods and their own data. In accessibility matters, courts are increasingly demanding objective data on which to base their discovery rulings rather than relying upon subjective arguments and affidavits claiming excessive time and expense are required. It’s also contemplated in the Committee Notes regarding sampling and other techniques.

As an example, corporate help desk logs can be used to quantify the frequency and purposes for which backup media are being accessed. However, other seemingly mundane systems and data may be useful and relevant. This further illustrates why companies continue to need savvy e-discovery professionals to bridge the legal/IT gap and identify opportunities and weaknesses others have missed. I also provided an update on how the backup technology landscape is changing and what you should know about it when dealing with ESI accessibility issues.

2008 Corporate Legal Technology Trends @ InsideCounsel

From insourcing the e-discovery process to automated document review, the world of legal technology is rapidly changing. If you missed LegalTech New York or just want to keep up on the current trends, my latest InsideTech column at InsideCounsel will bring you up to speed.

Among other hot topics, LegalTech was brimming with discussion on the Qualcomm fallout, records retention, proactive approaches, and automated review. In addition, I covered key issues such as cost reduction, the effects of globalization, data privacy, and outsourcing/insourcing. With recessionary concerns on the rise, corporate law departments are being asked to do more with less, and these issues will continue to compound through 2008 and into 2009.

Word 2007 -- A Tale of Two Experts @ LegalTech NY

It was the best of times: While making my way through the vendor hall jungle at LegalTech NY, I had the pleasure of catching up with Donna Payne (Payne Group) and Sherry Kappel (Microsystems). I always find time to seek out these document technology savants, and this week's discussions were as helpful as ever.

My personal opinion is that Office 2007 is the clear winner from Microsoft this past year (definitively overshadowing Vista), and the massive improvements are well worth the office suite upgrade and third-party integration efforts. Sherry insightfully observed that with Word 2007's linked styles right out of the box, firms are likely going to need to pay even more attention, not less, on training and reinforcing solid style usage with their user base. As Sherry mentioned in a recent ILTA publication, if you're not automating your document practice, then how are you going to maintain your margins when your corporate clients demand a substantial rate cut? Also, she noted that the new XML format, while adding some needed document file stability, also adds a bit more complexity due to the XML intricacies.

Donna Payne and I had some techno.fun comparing and contrasting Word's built-in Document Inspector capabilities to a dedicated metadata scrubber such as Payne's Metadata Assistant. On one hand, it would seem that Word's built-in Document Inspector gets the job done. Both Donna and I have used it and found it to be effective, especially in a pinch where you're working on a simple document and just need a quick scrub before sending it off to someone. When you want to remove just about everything, it pretty much does the trick. But in comparing notes, we quickly agreed it has several fundamental weaknesses:

1) No Workflow: In other words, when using Word's Document Inspector, you have to remember to manually scrub and save the Word document before you start the e-mail process. Third-party scrubbers add the necessary workflow which allows you to scrub the file as part of the e-mail attachment process.

2) No Selective Scrubbing Within Each Category: For each of Word 2007's five scrubbing categories, it only offers you an "all or nothing" approach for the items in that particular category. There is no middle ground. So if you want to scrub only some of the document property fields, but keep a few like "Author" and "Title", you'll need to first remove all of that category's metadata, and then manually retype in the few you want to retain. And that's a bad thing, because you can lose useful or necessary metadata in the process if you're not careful.

So while we've seen very substantial improvements in Word 2007, firms and companies will still need to assess their overall practice workflow and specific scrubbing needs, and it will likely take third-party add-ins to more fully address them.