Tag Archives: ESI

Highlights from Reed Smith’s SharePoint eDiscovery Webinar

by John Patzakis

Reed Smith recently hosted an excellent webinar on SharePoint eDiscovery challenges, led by Patrick Burke with the firm’s eDiscovery team. The webinar featured a substantive and detailed discussion on the nuances, pitfalls and opportunities associated with eDiscovery of data from SharePoint sites. This topic is very timely as the majority of enterprises are deploying the Microsoft platform at an accelerated rate, with the solution reaching $1 billion in sales faster than any other Microsoft product in history. Burke noted that “SharePoint has exploded across corporate networks, and are filling rapidly with ESI,” but that “the bad news is that it’s not centralized. There is no single place to go to search through the ESI across an organization’s SharePoint sites to identify which SharePoint Site holds the ESI you’re looking for.”

As SharePoint enables enterprises to consolidate file shares, Intranet sites, internal message boards and wikis, project management, collaboration and more into a single platform, it provides significant operational efficiencies as well as eDiscovery challenges. The vast majority of current SharePoint deployments are versions 2007 or 2010, and neither have meaningful internal eDiscovery or even export features. This is one reason why SharePoint eDiscovery is fraught with over-collection, resulting in much higher costs and time delays that what is typically seen with other similar data stores such as email servers and file shares.

In addressing best practices for eDiscovery of SharePoint sites, Burke advised, among other key points, that the litigation hold process must not only involve individual custodians but the SharePoint administrator as well: “As it usually isn’t feasible to search all an organization’s SharePoint sites, the first step is to talk to the key custodians (through litigation hold questionnaire processes) and ask them which SharePoint sites they use (to identify) relevant ESI.” From there, “the cross-check involves talking with the SharePoint administrator, who can look up all the SharePoint sites to which the custodian’s belong.”

A full video recording of the webinar can be accessed here >

Appliance-based eDiscovery solutions or remote collections do not work as it may take weeks, if not months, to copy a multi-terabyte SharePoint site over a network connection and a large corporation may have several dozens of SharePoint silos from which to collect.  Manual collection efforts, which are geared toward mass “data dumps,” are also time consuming and are typically very costly due to the extensive processing and data massaging required to put the SharePoint data back into context.

Instead, what is needed is a solution such as X1 Rapid Discovery can quickly and remotely install and operate within the same local network domain to enable localized search, review and early case assessment in place. X1 Rapid Discovery’s full content indexing and preview of native SharePoint document libraries and lists, as well as its robust search, document filters, intuitive review interface uniquely enables targeted and contextual search, preservation and export of SharePoint evidence in its native format. In fact, we believe it is the only solution available that enables true in-place early case assessment and eDiscovery review of SharePoint sites, including iterative search, tagging and full fidelity preview in place, without the requirement to first export all of the data out of the platform.

To learn more, sign on to the recorded webinar or please contact us for a further briefing to learn how to save your organization or your clients tens of thousands of dollars on litigations costs associated with SharePoint.

Leave a comment

Filed under Best Practices, Case Law, eDiscovery & Compliance, Enterprise eDiscovery, Information Access, Preservation & Collection

The Benghazi ESI Scandal

Last week, the United States Senate Intelligence Committee issued a bipartisan report finding that the deadly assault on the American diplomatic compound in Benghazi, Libya, which killed US Ambassador Chris Stevens and 3 other Americans, could have been prevented.

Bengazi

The account spreads blame among the State Department, the military and U.S. intelligence for missing what now seem like obvious warning signs in the weeks before the September 11, 2012, attack, including multiple clues and outright threats that appeared on social media — key evidentiary source of Electronically Stored Information (ESI) as defined by the Federal Rules of Civil Procedure.

And therein lies what could be the real scandal of the Benghazi affair – The failure of the US Intelligence Committee to monitor and investigate available social media evidence leading up to the attack in that volatile and dangerous part of the world.  The Senate report notes that “[a]lthough the Intelligence Community (IC) relied heavily on open source press reports in the immediate aftermath of the attacks, the IC conducted little analysis of open source extremist-affiliated social media prior to and immediately after the attacks.” And that there were “reports from the IC indicating that more in-depth intelligence exploitation of social media in the Benghazi area, including web postings by Libyan nationals employed at the Temporary Mission Facility, could have flagged potential security threats to the Mission facility or important information about the employees prior to the September 11, 2012, attacks.”

One of the missed clues identified by the Senate report, which includes 14 independent references to social media evidence, involved a prior May 22, 2012, attack on the Benghazi-based International Committee of the Red Cross (ICRC) building by militants with Rocket Propelled Grenades (RPGs). On May 28, 2012, a previously unknown organization, The Omar Abdurrahman Group, took to social media to claim responsibility for the ICRC attack and issued a direct threat against the United States. It is believed by many intelligence experts, and implied in the Senate report, that the Omar Abdurrahman group was responsible for the September 11, 2012, attacks on the American diplomatic compound.

The Senate report includes a key recommendation that the Intelligence Community “must place a greater emphasis on collecting intelligence and open-source information, including extremist-affiliated social media, to improve its ability to provide tactical warnings…” And separately, the Senate Intelligence Committee recommends that the “IC should expand its capabilities to conduct analysis of open source information including extremist-affiliated social media particularly in areas where it is hard to develop human intelligence or there has been recent political upheaval. Analysis of extremist-affiliated social media should be more clearly integrated into analytic products, when appropriate.”

Ironically, all these pieces of evidence and clues could have been very effectively gathered with specially designed investigation software that runs $945 a seat.

And speaking of written reports issued last week by prominent organizations that address the compelling trend of social media evidence, Gibson Dunn released their 2013 Year-End Electronic Discovery and Information Law Update. In a section dedicated to social media, the Gibson Dunn Update notes that “the number of cases involving social media evidence continues to skyrocket,” and that “Commentators and courts alike have noted that the use of social media evidence has become commonplace across all types of litigation.” The Update covers several cases, many of which have been addressed on this blog, involving key legal issues related to social media. It’s a good read, and is not unlike the Senate Intelligence Committee’s Benghazi report, in that both underscore the critical importance of social media evidence, for both reactive and proactive investigations of many stripes.

1 Comment

Filed under Social Media Investigations, Uncategorized

Facebook Spoliation Costs Lawyer $522,000; Ends His Legal Career

PenaltyIn what many are calling the largest eDiscovery sanction penalty ever leveled directly against an attorney, a Virginia state judge ordered lawyer Matthew Murray to pay $522,000 for instructing his client to remove photos from his Facebook profile, and for his client to pay an additional $180,000 for obeying the instructions. A copy of the final order in Lester v. Allied Concrete Company is available here.

If Murray had initiated a proper legal hold concerning his client’s social media evidence instead of directing blatant spoliation, he would be a lot wealthier and likely kept his job. Instead, he apparently quit his position as managing partner of the largest personal injury firm in Virginia and, according to local press reports, he no longer practices law.

The court’s findings reflect that Murray told his client to remove several photos from his Facebook account on fears that they would prejudice his wrongful death case brought after his spouse’s fatal automobile accident. One of the photos depicts the allegedly distraught widower holding a beer and wearing a t-shirt emblazoned with “I [heart] hot moms.” Murray instructed his client through his assistant to “clean up” his Facebook account. “We do not want blow ups of other pics at trial,” the assistant’s email to Lester said, “so please, please clean up your Facebook and MySpace!”

This case reflects a trend we see based on anecdotal data points where a minority of legal and eDiscovery practitioners have not quite placed social media evidence on the same par as other electronic evidence. For instance, I believe it is highly unlikely that Murray would have instructed his client to delete all his emails or wipe his hard drive, but for some reason he differentiated social media evidence.

The attorneys we speak with are telling us that social media evidence is relevant to nearly every case they handle and the savvy ones are using social media evidence to win their cases. And as we recently noted, since 2010 social media evidence played a key role in 675 different cases with published decisions reflecting such involvement and in presumably tens of thousands more cases not involving published decisions. Those numbers will only increase as social media networks grow even more popular.

However, I was struck by one recent conversation where an eDiscovery consultant had not yet included social media data source in their standard investigation checklist. To be fair, there has not been best practices technology available to enable scalable, mainstream social media eDiscovery until recently, which impacts standard processes.

But just as the Virginia state court judge saw no difference between Facebook postings and other “traditional” electronically stored information, neither should anyone in the legal and investigative fields, especially since the software needed to get the job done is now available.

UPDATE: Here is copy of the previous court ruling determining sanctions were in order. The final order set the amount.

12 Comments

Filed under Best Practices, Case Law