Synopsis Part 1: Data mapping helps you answer “How long do I have to keep my data, really?”
Synopsis Part 2: Mary Mack talks legal, technology and risk management through education
As Corporate Technology Counsel for Fios, she has more than 20 years
experience delivering enterprise-wide electronic discovery, managed
services and software projects with legal and IT departments in
publicly held companies. Mary is a hands-on strategic advisor to
counsel for some of the largest products liability class actions,
government investigations and intellectual property disputes. Clients
include the largest law firms, pharmaceutical companies and insurance
companies in the world.
A member of the Illinois Bar, ACCA and the ABA’s Section on Litigation,
Mary received her J.D. from Northwestern University School of Law
(1982) and a B.A. from LeMoyne College in Syracuse, NY. She holds
certifications in Computer Forensics and Computer Telephony. (more)
By Joshua Konkle writing for dcig.com
Joshua Konkle: How do you educate the IT people on important legal concepts?
Mary Mack: First of all, I have a BLOG, Sound Evidence, and welcome everyone to view it on soundevidence.discoveryresources.org. Fios publishes articles, works with industry partners like DCIG, provides training at multiple levels (legal and legal technology) and speaks at industry conferences. Most importantly, we get on the phone with clients and prospects to help them better understand their electronic discovery issues and questions.
In addition, we work with our clients to facilitate a close working relationship between IT and legal. For example, we have experienced several situations where IT made a buying decision but didn’t consider the legal requirements. IT had worked with all of the other business units to gather requirements. Because legal was not consulted, issues around legal holds, preservation and metadata were missed. Legal may be viewed as a reactive group, but to manage risk, IT must understand the legal requirements for retiring, migrating or deploying new systems to minimize impact on litigation.
For IT professionals who see no reason to treat evidence any differently than any other data, I practice a simple chain of custody exercise. I have them simply “move” files from one physical disk to another. Many people interpret data movement like they would move a chair; however, when you move Electronically Stored Information (ESI) from one physical device to another, it moves a representation of the original item. Critical things like data ownership, group security, created date and many other pieces of metadata (data about data) are changed when the data is “moved.” This minor issue can become a major legal risk when authenticating chain of custody in court.
Try explaining that key spreadsheet that shows you valued your subprime portfolio correctly is authentic, particularly since it lists last week as the “create” date. This simple exercise has encouraged many IT departments to adopt what we call an “empowered collection” protocol, using tools in a very specific way, coupled with great documentation, for ensuring chain of custody.
Joshua Konkle: How do you educate legal counsel on IT?
Mary Mack: One of the areas we educate clients on is in the application of technology for electronic discovery. New technology can be wonderful. It can also cause disaster. Companies will buy tools to reduce their review costs and exposure around discovery, particularly in the areas of early case assessment, collection, preservation and case management. The disaster comes from a lack of assessment and planning as to how these technologies will impact scale, chain of custody and legal workflow, specifically on active litigation. Fios generally recommends customer who are buying new technology to pilot these applications on low profile and low risk cases. Yet, we hear that many companies are buying these tools in an effort to save money and use them on the larger cases immediately.
System testing should be done on copies of previous case data. Do not test or evaluate on original evidence – forensically collected or otherwise. For example, several years ago we received a call from a potential client who had received about a terabyte of native evidence from an opposing counsel. We quoted them a price, $10,000 hypothetically, to image the evidence (back in the day when TB images were pretty rare). They thought the fee was too high. So they used an off-the-shelf search solution, DTSearch, to analyze the evidence. When we inquired about their forensic copy and how they were managing chain of custody and authenticity so they could introduce what they found into evidence, they simply replied “No, we didn’t make a copy, we are using the original.”
you would like to communicate with Mary directly, she can be reached at
info(at)fiosinc.com or by calling Fios at 1 877 700 3467.
www.dcig.com publishes interviews with legal professionals; click here for more eDiscovery interviews, grab the news feed and new for April 2008 we are offering updates via email, including a monthly electronic discovery newsletter starting in May.