HSNO Leads Sao Paulo Brazil Electronic Discovery Conference

Electronic Discovery Seminar - July 29, 2008

Seminário eletrônico da descoberta - julho 29, 2008

Matt Blake Chris Money

The Brazilian Electronic Discovery Forum is having its first forum July 29, 2008 at the OAB/SP in Sao Paulo Brazil. This event will cover the complexities of Discovering and Reviewing Electronically Stored Information (ESI) in Brazil with a United States perspective for companies and attorneys working with organizations regulated by, including but not limited to, United States Laws, the Securities Exchange Commission (SEC), United States Department of Justice (USDOJ), and the amended Federal Rules of Civil Procedure (FRCP) of December 2006.
The Forum attendees include Inside and Outside Counsel, Corporate IT, Risk Managers, Records Managers, Paralegals.

Location: OAB/SP – Brazilian Bar Association (São Paulo). Endereço : Praça da Sé, 385 ‐ Centro ‐ São Paulo ‐ CEP : 01001‐902

Organization: OAB/SP and IBRAC.

8:30 am to 9:30 am
Why should you Manage Information as an Asset?
Blending IT, RIM, and Legal to reduce risk and improve process
Pedro Zanotta (OAB) - Moderator and President of the OAB
Matthew Blake (HSNO Franklin Data)

9:30 am to 10:00 am
Scope, Identify, Preserve, Collect, Filter
Highlights of getting to the relevant data and export/management of review
Matthew Blake (HSNO Franklin Data) - Moderator
Andy Rickman (Skadden Arps)
Ryan Schnieber (HSNO Franklin Data)

Chris Money (HSNO Franklin Data)

10:00 am to 11:00 am
Document Review
Why? When? How?
Guilherme Ribas (OAB) - Moderator
Andy Rickman (Skadden Arps)
Ryan Schnieber (HSNO Franklin Data)
Chris Money (HSNO Franklin Data)

Caio Campello (Linklaters)

11:00 am to 11:15 am
Break

11:15 am to 12:30 pm
Authorities Panel Discussion
Marcelo Calliari (IBRAC) - Moderator
Ana Paula Martinez (SDE)
[judge/police chief]

Seminário eletrônico da descoberta - julho 29, 2008
O Forum eletrônico Brazilian da descoberta está tendo seu primeiro forum julho 29, 2008 no OAB/SP no Sao Paulo Brasil. Este evento cobrirá as complexidades de descobrir e de rever a informação eletronicamente armazenada (ESI) em Brasil com as leis de um perspective unido dos estados para as companhias e os advogados que trabalham com as organizações reguladas por, incluindo mas não limitadas a, de Estados Unidos, o Commission da troca de seguranças (segundo), o departamento de Estados Unidos de justiça (USDOJ), e as réguas federais emendadas do procedimento civil (FRCP) de dezembro 2006.
Os participantes do Forum incluem os conselhos internos e exteriores, incorporados ELE, gerentes de risco, gerentes dos registros, Paralegals.
Posição: OAB/SP - Associação Brazilian da barra (São Paulo). Endereço : Da Sé de Praça, 385 - Centro - São Paulo - CEP: 01001-902
Organização: OAB/SP e IBRAC.

Are You Litigation Ready?

By: Matthew Blake
Originally Published in: ABA Law Practice Management Section

Most American corporations are ill‐prepared to respond to electronic discovery requests and go to court. How can they establish a reliable foundation for litigation readiness? Here, an ED advisor proposes a three‐step strategy: Assess your technology, map your data and “strengthen your hold.”

The statistics may seem jolting. In a survey of more than 100 information technology managers in medium and large American corporations, only 6 percent said they “immediately and confidently” can field electronic discovery requests. Just 9 percent told pollsters they receive proper legal guidance and funding for electronic discovery procedures; 40 percent said they receive no guidance at all. Fewer than half feel they have IT professionals competent to testify in court regarding electronically stored information (ESI). More than half said their companies have no enterprise search tools. Three‐fourths lack effective e‐mail intelligence systems.

In sum, 70 percent of the companies participating in the Summer 2007 study simply aren’t ready to respond to litigation.

The report undoubtedly raised eyebrows—except among those of us who help corporate America deal with electronic discovery demands. Our only surprise is that so many IT managers acknowledged the problem. We’re often engaged by corporations whose administrators and staff don’t understand what litigation readiness is. They don’t see why they need to do more than they’re doing already. After all, aren’t they storing every bit of potentially meaningful data the company accumulates? Aren’t they maintaining a bevy of IT and legal professionals who can sort out the data if necessary?

To answer those assertions: “Yes and yes. But no, you’re not prepared for litigation.”

What does it mean to be litigation‐]ready? Amendments to the Federal Rules of Civil Procedure demand that corporations keep a grip on their stored information. Moreover, organizations must be able to produce specified portions of it on fairly short notice. To do that, they need effective tools and resources. Equally important, they must have close collaboration between legal and IT staff.

Step 1: Assess What You Have

When corporate clients ask us to help them strategize litigation technology preparedness, we start with assessment. What tools do they have? What do they lack? We begin by auditing their information technology environment.

Most organizations contact us at the point of litigation—something has triggered the event. It’s a funny thing: Corporate leaders care about preparedness, but they just aren’t willing to do anything until they’re pressured. A lot of folks who run IT and legal departments don’t know how to stay on their game. We see people who could have the budget and the resources to do it, but they’re overwhelmed by something else.

The most appropriate first step is to map out your company’s technology, break it into pieces and conduct a physical audit of the media you have. You’re going to have active and archive servers. You’re going to have disaster recovery and back‐up systems. You’re also going to have loose media—USB drives, DVDs, external hard drives, decommissioned systems. When you start to put it together, you may notice some raised eyebrows in your IT department. “Ohhh . . . we forgot about those.” And “Ohhh . . . we thought we had those archives up‐to‐date in the other data center.”

Once you draw a picture of what’s there through your first audit, then you’re able to create logs and such.

Step 2: Map Out Your Data

Create a data topology map. The new rules that came out in December 2006 clearly state that an organization has not only the duty to preserve its electronically stored information (ESI); it has to have a process to begin handling it early in the litigation, as per Rule 26(f). A lot of people approach Rule 26(f) “naked.” They send a couple of corporate representatives into a deposition or courtroom with limited knowledge of the IT environment, and they play cat‐]and‐]mouse, either telephonic or physical.

It’s a game of 10 Million Questions. “Do you have servers?” “Yes.” “Where are they?” If you go in with a data topology map—the result of an ongoing or completed technology audit—you’ll have a much better understanding of how to answer these questions. You won’t be evasive. You’re going to have a well‐informed, detailed “map” to guide you as you talk about your data.

Step 3: Strengthen Your “Hold” on the Data Giant

At this point, you’ve audited your environment. You’ve begun to build a data topology map so you know exactly where your information is. The next big concern for your organization is to carry out your duty to preserve. You have a duty to avoid loss or spoliation. An immediate need is to make sure you don’t delete or overwrite tapes or other storage media subject to hold.

A lot of processes are involved in preserving information. A fundamental—and often neglected—process is hold order management. When your typical litigation trigger happens, your inside counsel gets the notice. Counsel gathers the folks within the organization known as custodians who need to be involved. Who your custodians are depends on the nature of the suit. How broad is your duty to preserve? Who has the relevant information?

Counsel identifies custodians by department, title, country, state and city, among other distinctions, and sends out a hold order notice to those custodians: “Do not talk about the case. Do not discard information. Do not overwrite media that may contain relevant data.” Such instructions seem obvious, but put them in writing. Your custodians have to abide by the court rules. Too frequently, we find custodians on the list who delete information. It’s your responsibility to ensure this doesn’t happen.

Asynchronous to that, you need to establish a sound methodology, a defendable and repeatable process for hold order management. Unfortunately, most organizations don’t have a defined process that addresses how they notify the custodians, how often they notify the custodians, and so forth. The landmark Zubulake case resulted in strong opinions concerning hold order management, including the notification of custodians not to delete information.

The Great Incentive for Litigation Readiness: Cost Savings

So you have a lot to put together: a process that is repeatable and defendable, that demonstrates you followed your duty to preserve, that is not over or outside the customary IT management of your business. Daunting, but well worth the effort—literally. It can save you substantial litigation costs. They include the costs of attorney review, e‐discovery processing, restoring and selectively processing information across the corporate environment.

A lot of corporate executives believe litigation readiness is no big deal. “We keep everything, and storage is cheap,” they say. That’s a false positive. True, you can add a terabyte to your storage system for several hundred dollars. But storage involves more than byte counts; it requires efficient processes and management, if your stored information is to be useful.

When a company is sued, the logical response is to preserve broadly. Cast the big net. Inside it, you have the universe—all the data which possibly could be relevant. Now it’s your task to reduce the information inside the net down to the smallest manageable set possible in order to defend your company.

The cost of electronic discovery can be as high as 20 percent of the total cost of litigation. Obviously, the Big Mac there is outside counsel. You want to get out of the realm of having to hire a hundred contract attorneys to review data for a month, only to find out they need to process more data. To remedy that, we advise a crawl‐walk‐run method. Identify various pieces one by one, credible ways by which you can narrow the process of outside counsel review.

Few corporations can attest, “We’re totally ready for litigation. Bring it on.” However, you do have the necessary components. Have you audited your IT environment? Have you created a dynamic topology map? Have you implemented a controlled hold order management preservation system that is repeatable and dependable? When you can answer yes to those questions, you’ve laid the groundwork for litigation readiness.

About the Author Matthew W. Blake is the practice leader and Senior Partner of Franklin Data, LLC, an HSNO Company, and provides electronic discovery technical and advisory services across the globe. He advises organizations, both domestic and international, on litigation readiness and response strategies related to antitrust, intellectual property and the Foregoing Corrupt Practices Act (FCPA). Blake has led discovery teams in 35+ countries including Asia, Germany, South America, Africa, Europe, Russia and the Middle East collecting laptop, desktop and server data on more than 1,000 custodians and 100 corporate entities.

Discovery Across Borders, Part One & Two: Practical and Legal Aspects of Multi-Jurisdictional Discovery and Data Collection

Skadden, Arps, Slate, Meagher & Flom LLP & HSNO Franklin Data

By Gary DiBianco, By Gary Rubin, By Matthew Blake,

You are a United States company but a global citizen. Your shares are traded on U.S. exchanges. You have sales forces in Europe, manufacturing in Asia, and your eyes on the Middle East. It used to be that only the largest companies had a broad international reach. Now, it seems corporations of all sizes, in order to be competitive, must carefully consider overseas operations. While technology has made transition into the new global economy easier, it also creates special risks.

Imagine the following: You wake up one morning to a flurry of activity in France, where regulators have raided your main sales office seeking documents and information regarding alleged kickbacks to a key customer. You are asked to turn over hard drives, backup tapes and access to your servers. A reporter from Le Monde picks up the story, and by the time the U.S. opens for business there is a story on WSJ.com. Your stock price falls throughout the day; by the end of the week a leading class action law firm has announced the filing of a securities fraud case. The Securities and Exchange Commission (SEC) asks for information about your global sales practices and accounting policies.

Suddenly, you are faced with a swirl of information demands and document preservation obligations. French regulators want to cart your computers away-but the SEC wants the information they contain. American plaintiffs' lawyers will want it as well, and there's no telling whether additional regulators or litigants will become involved.

In today's business, all information is electronic. Paper may have been heavy, hard to store, and time-consuming to review-but it was a tangible thing, easy to inventory, and it tended to be limited in volume, even in the largest cases. More importantly, identifying relevant documents for preservation or production was relatively easy: Either a document was in your possession or custody, or it wasn't, and if it wasn't, either you controlled the people who had it, or you didn't. Electronic communication has led to exponential increases in the amount of data that companies store, and the locations where the information is stored: desktops, laptops, servers, PDAs, BlackBerries™, smart phones, optical drives, thumb drives, iPods™ and more.

Unless you spend a great deal of time talking shop with your IT managers, you probably don't know how many e-mail or file servers your company uses. You probably don't know exactly where your electronic documents are stored, what happens to your e-mails after you delete them, or how frequently your company's servers are backed up to tape. Are you prepared for information discovery across borders? Do you understand how to preserve, collect and analyze data in a way that will meet the requirements of foreign as well as U.S. courts and regulatory bodies? Are you sure?

Laws, Cultures and Conflicts

If you operate internationally, you must be cognizant not only of a patchwork of laws and regulations-many of which could conflict-but also of cultural differences that affect your response to requests for electronic information.

The initial stage in any litigation or regulatory effort is to ensure preservation of relevant materials. But an international scope makes this far more complicated than just issuing a directive to employees to stop deleting e-mails or drafted documents. You need to know where information is located, how it is stored, when it is backed up, and whether backups are rotated or destroyed. Automatic deletion or rotation policies mean that if you do nothing, you may lose files that are subject to a regulatory or litigation request.

Data collection also is far more complicated in an international context than in a purely domestic one. Local laws may prohibit an employer from searching employee e-mail files. As a cultural matter, most Americans are accustomed to the idea that an employee's computer and e-mail account belong to the employer. Outside of the U.S., the cultural understanding is frequently just the opposite: An employee's computer and e-mail account are considered private, and it may be a criminal offense to invade that privacy. Collection of data outside the U.S. may be seen as coercion by an employer, and it may lead to labor union grievances or complaints.

Once the information is collected, getting it reviewed and produced to a U.S. regulator or litigant is also no simple matter. Data privacy and blocking statutes in Europe, Asia and South America may forbid the transfer of personal data outside of their borders to an "unprotected" jurisdiction like the United States-and personal data include names, e-mail addresses and office phone numbers. Indeed, special procedures may be required before individuals outside a company-including the company's outside counsel-may review the data. And local laws may dictate that only data specifically responsive to a request may be exported, requiring counsel to review materials locally rather than shipping them to the U.S. to one centralized location, as is normally done in U.S. litigation.

Do not expect, however, any sympathy from U.S. regulators or plaintiffs' lawyers. U.S. regulators are skeptical of data protection laws and may take the view that international companies hide behind them to avoid cooperating with the regulators' investigations. U.S. courts may not be more understanding. The Supreme Court has held that U.S. discovery rules presumptively apply in civil litigation involving an international company, even if producing data in response to a discovery request would be unlawful in the international company's host jurisdiction.

These are some of the issues that will arise when an international company has to manage a conflict. How should you resolve these issues and to whom should you turn to get the process started? We'll discuss assembling your team and the basic strategies they should employ in Part Two.

In Part One, we identified some of the issues that arise in multi-jurisdictional discovery and data collection. In Part Two, we offer some practical observations on resolving these issues.

Know Thyself

As we discussed in Part One, now that companies communicate primarily in e-mail and computers have entirely replaced typewriters, the traditional notion of "possession, custody, or control" over a document no longer is meaningful. Instead, in identifying relevant documents, you must focus on:

• The custodians: Whose e-mail account might contain relevant e-mails? Whose document queue might contain relevant documents?



• The file types: Are accounting spreadsheets likely to be relevant? E-mails? Word processing documents? Enterprise data?



• File locations: Are the documents stored on a company server or on an employee's hard drive? On a peripheral device? With a third-party Web host or voice mail host vendor?

One of your crisis management team's first jobs will be to answer these questions. When dealing with U.S. regulators or prosecutors, or with plaintiffs' lawyers, almost any mistake can be corrected-except failing to identify and preserve relevant documents. In assembling your crisis management team, you should look for lawyers who have experience managing cross-border data preservation and collection efforts. They can help you identify a specialized forensic technology services vendor to image your servers and relevant hard drives, scan your paper documents, and copy data residing on peripheral devices. They should have the technical expertise to communicate with your IT managers and understand your company's IT infrastructure. Working with your attorneys, they can help ensure relevant data is preserved. Traditional communications between your attorneys and businesspeople still will be an integral part of understanding where data are located and preserving and collecting the information, but direct communications among your IT managers and outside forensic technology specialists is necessary as well.

Obtain Local Assistance

In addition to understanding and overcoming the technical issues specific to your company's IT infrastructure, your attorneys and forensic technology vendors also must address the cross-border legal and cultural conflicts we discussed in Part One. Usually, this means your crisis management team should partner with a local vendor who understands any local legal requirements and has the technical ability to help you meet them. Alternatively, in selecting your forensic technology vendor, you should consider whether it has an established presence in the foreign country involved in the crisis.

To return to the hypothetical we introduced in Part One, if you need to collect e-mail from your France-based sales and marketing staff in order to respond to the SEC inquiry, you will need to ensure you do not violate France's data protection law in doing so. This may mean engaging a local law firm to analyze any intra-company agreements between your U.S.-based parent and the French subsidiary to learn what foreign data transfers may already be permitted. In addition, you may need to engage an EU-based forensic technology vendor to host any French e-mails you collect in a location inside the European Union until you determine they can be transferred to the SEC in the United States. Alternatively, some U.S.-based forensic technology vendors are "safe harbor" companies. This means the U.S. Department of Commerce has certified that they meet EU data protection requirements and would be able receive transfers of data without violating French law. This would allow you to maintain and analyze any data in the United States before turning it over to the SEC.

In addition to substantive legal concerns, logistical barriers can bring your team to a grinding halt if not carefully planned. For example, on-the-ground collection generally requires specialized equipment. Without planning, you may face time-consuming logistical difficulties, including travel delays and customs requirements. A forensic technology vendor's toolkit is always filled with yards of computer wire, plugs and adaptors of every sort, hard drives, CD-ROMS and flash memory devices. Getting through customs and airport security with these items in your suitcase is not always easy; it's better if a local vendor can obtain them in-country.

Local partners also will help break down language barriers because they obviously will have an easier time communicating with your local IT staff. Given the complexity of modern server environments, you should not risk anything being lost in translation.

Assume Nothing; Document Everything

For better or for worse, U.S.-style litigation and internal investigations are largely alien to non-U.S. organizations. Accordingly, when planning to harvest documents and electronic data from your foreign offices, you cannot assume your foreign managers will know what to expect. When your attorneys and forensic technology vendors plan their document collection site visits, they will need to provide a detailed work plan to the heads of any foreign offices they will be visiting. The work plan should assume the foreign managers have never before participated in a forensic collection. If your team requires a conference room, the work plan should specify it. If the conference room should have chairs, power outlets and Internet connections, the work plan should specify how many and what type. If your crisis management team will need to meet with any foreign managers, the work plan should specify it and propose dates and times. The crisis management team's local partner can assist in providing any equipment your foreign office does not have onsite-but only if your crisis management's work plan specifies its needs in detail.

Once the data collection process is underway, your crisis management team must preserve and document the chain of custody. Usually, this task will fall to your forensic technology vendors, who should have experience in this area and should be prepared to testify, if necessary, about the methods they used to harvest and transport the data. Documenting the chain of custody generally should not fall to your attorneys, because conflicts could arise if they are called upon to testify as fact witnesses regarding how the information was collected.

In addition to documenting the chain of custody, your crisis management team should document who they collected data from, who they interviewed, and any issues that arose during the site visit. Civil disputes and internal investigations by government regulators can take years to be resolved. Documenting exactly what the crisis management team did will protect your company in the event of any discovery-related dispute.

For everyone involved in cross-border discovery, the objective is simple: to collect information in a manner that complies with all applicable laws and regulations while serving the client effectively. But though the objective is simple, achieving it is not. There is no substitute for technical and local expertise, and you should be prepared to engage both in order to effectively manage any crisis with cross-border implications.

Authors include Gary DiBianco, partner and Gary Rubin, associate at Skadden, Arps, Slate, Meagher & Flom LLP and Affiliates; and Matthew Blake, partner and practice leader at HSNO Franklin Data.

In re Intel Corp. Microprocessor Antitrust Litigation, Case No. MDL 05-1717 (D. Del. June 4, 2008)

The following Bricker & Eckler report on the Intel Microchip litigation is interesting, not on the privilege question but on the legal hold issues. Based solely on the article, it appears Intel chose not to turn off its 35-day auto-delete technology, but to impose legal holds through custodians. After gaps appeared, things got complex. Interesting decision -- turn off the auto-delete system-wide for the length of the case (years) or try to do this through custodians. Morton's Fork (cf Hobson's Choice), I think. See below:

District Court approves, without objection, Special Master’s conclusion: in providing summary reports of data loss investigation to AMD, Intel waived attorney-client privilege and non-core work product protection

View original document Send to colleague Print

Bricker & Eckler LLP
Alan J. Ross
USAJuly 7 2008
In re Intel Corp. Microprocessor Antitrust Litigation, Case No. MDL 05-1717 (D. Del. June 4, 2008)
Judge Joseph J. Farnan, Jr. of the District Court of Delaware adopted the Special Master’s Report and Recommendation, first discussed here, without objection from Intel. From this dance floor, the decision not to object looks to be primarily an economic one. On the surface, Intel appears to be no more interested in “embarking on a world tour of costly … preservation depositions,” than is AMD. On the other hand, Intel may very well have opted for the governing facts to be those reported by its lawyers in their interview notes of the 1,000 plus custodians.
In a nutshell, this decision is about Intel failure to implement a legal hold, which would have involved turning off the automatic delete function on its world-wide email system, which was currently set for thirty-five days, after the first of what became these cases was filed. Instead, it implemented an elaborate, six-continent-wide program to preserve and sequester potentially relevant data, which the parties agreed would, if stacked – presumably as hard copy, stretch some 137 miles high.

From this space, introducing a legal hold onto such a complex system in such a complex case – alleging a violation of Section 2 of the Sherman Act – where relevancy is extraordinarily broad, appears virtually impossible. At the very least, it would have involved expanding Intel’s email storage capability, essentially world-wide, from thirty-five days to apparently the length of this case, which will be measured in years. The Special Master never mentioned this difficulty in his detailed discussion of Intel’s failure and the “safe harbor” provision of amended Rule 37(f).
Human failures led to some problems in data preservation. Who ever would have foreseen that? Intel then commissioned an investigation. After Intel informing AMD and the other plaintiffs, AMD’s demanded and got a stipulated Order requiring Intel to provide a summary of what the investigation uncovered, by custodian. Thereafter, the plaintiffs sought production of the individual interview notes from each custodian. Intel objected on the basis of the attorney client privilege and work product protection. The Special Master concluded that the summaries waived the attorney-client privilege and non-core work product protection, which seems to have resulted in the production of the “facts” portion of the interview notes.
There is an element of fairness that leaps out at you in the decision. It does seem mighty unfair to make poor AMD take a 1000 plus depositions to be able to argue spoliation. On the other hand, there may be a very few that really need to be deposed, and that seems unlikely to change with the production of the notes. The fact that Intel chose not to object suggests a degree of confidence about what is in the notes, a sort of, we know what the issues are, let’s get to them.
Unfortunately, the rest of us are left with a decision that just simply appears wrong. In my initial discussion of the decision, I essentially argued that the Special Master misinterpreted Westinghouse Electric Corp. v. Republic of the Philippines, 951 F. 2d 1414, 1426 n.12 (3d Cir. 1991) and In re Kidder Peabody Sec. Litig., 168 F. R. D. 459, 468 (S.D.N.Y. 1996), concluding that the disclosure of “facts” was sufficient to waive the privilege. I won’t repeat that argument. Let me just leave you with four quotes from the Special Master’s Report and Recommendation:
In the context of the discovery phase of Intel's preservation issues, Intel, by and through its attorneys, agreed to this form of discovery. Intel agreed to produce, "detailed written description[s] of the preservation issues affecting [every] Intel Custodian, including the nature, scope and duration of any preservation issue(s)." (D.I. 301 at ¶ 9). Intel could have left AMD and the Class Plaintiffs to their own devices, forcing them down the path of protracted world¬wide preservation depositions. It did not. Rather it trumpeted its willingness to have AMD, the Class Plaintiffs and the Court informed as to fact work-product gathered and provided "a detailed written description of the information provided by each custodian [to Weil] during the interviews."

Special Master R & R at 27 (emphasis added).
AMD proposed that Intel provide to the Special Master and the parties "a complete accounting of its preservation problems, a custodian-by-custodian tally of issues, identification of data that appears to have been lost, and an inventory of back-up tapes that exist and can be successfully restored."

The parties ultimately stipulated to a disclosure order….
Special Master R & R at 8 (emphasis added).
it appears to the Special Master that the disclosure of the privileged information to AMD, the Class Plaintiffs and to the Court were not "disclosures necessary to encourage clients to seek informed legal advice," but rather were for the purpose of supporting Intel's litigation position.
Special Master R & R at 19 (emphasis added).
Moreover, the Special Master believes it is important to note that to the extent the primary focus of the interviews reflect the mental impressions of Intel counsel, it cannot be said that the focus was chosen by Intel counsel alone. Rather, the focus was developed collaboratively with all of the parties with the ultimate imprimatur of the Court.
Special Master R & R at 28-29 (emphasis added).

Read the Special Master’s Report & Recommendation

Read the court’s adoption of the Special Master’s R & R