Forensic matters pose a variety of challenges. Sometimes potentially important data has been deleted; sometimes the cost of labour is restrictive, and all too often, the deadline by which processing and analysis must be completed is extremely tight. There are a myriad of solutions for these issues, but what do you do when the device itself is the thing that’s making the case so difficult?
In Our Experts' Opinions: The Altep Blog
Just when we thought we’d hammered out a practical and scalable approach, an Elf named Sugar Toes raised a thorny problem: namely, the fakers. You know the ones: those kids who act nice, especially when adults are watching, but who actually are not nice at all while interacting with others on social media. It seems that Sugar Toes had done a spot check of the Nice List, cross-referencing the children’s Twitter and Facebook accounts, and what he’d uncovered was concerning. The Nice List was full of cyber bullies, haters, and internet trolls (not to be confused with Christmas trolls, who steal candy). There were even instances in which children had posted bathroom selfies.
It’s that time of year again - the time when girls and boys all over the world start to behave a little better in hopes of getting on the list. They go to bed on time, eat their vegetables without being told to, finish all their homework, and even treat their siblings nicely for a change. Not so long ago, these efforts would have done the trick, but this year, Santa is introducing a game changer, and naughty boys and girls had best be prepared.
With offices throughout the United States and Europe, Altep staffs experts in a wide variety of fields, including litigation and law enforcement, information security, compliance, and ediscovery/edisclosure.
Each location brings its own unique experiences and specialties to the table; we talked to Eamonn Markham, Alteps' Regional Account Executive in San Francisco, to understand what makes the San Francisco office special.
2015 was a watershed year for malware development. Not only did we see more unique malware than in any other year, we also witnessed a very clear shift in malware behavior: namely, a trend toward polymorphism.
By Hunter McMahon and Sara Skeens
Surviving eDiscovery can be just like conquering an obstacle course race (OCR). It takes the right gear, experience, training, and attitude. As obstacle course enthusiasts and eDiscovery strategists alike will tell you, you don’t get to choose the course or the obstacles—they are given to you “as is.” Therefore, preparation and agility are key characteristics of a true OCRer.
Ever since the March 2, 2015 Rio Tinto opinion and order, there has been a lot of buzz in eDiscovery around the phrase “Continuous Active Learning” (CAL). Judge Peck briefly mentioned CAL while summarizing the available case law around seed-set sharing and transparency. For the sake of clarity, the term seed-set in this post refers to the initial group of training documents used to kick off a Technology Assisted Review (TAR) project. We refer to the review sets that follow as training sets. The point of Judge Peck’s mention of CAL, as I understood it, was to alert readers to the possibility that seed-set selection and disclosure disputes may become much less necessary as TAR tools and protocols continue to evolve.
I recently started getting back into training mode. I dusted off my road bike, my swim cap, and my running shoes to attempt a personal record on a triathlon I had done a few years ago. I mapped out a plan, prepared my training tools and started to push forward. My training included many techniques to help with the efficiency of my workouts and accommodate my busy schedule. My plan was clearly defined, running smoothly, and I was getting stronger and faster each day.
If you are reading this blog, you have probably heard the story many times by now. Document review is the most expensive part of eDiscovery. Like many, I find myself asking the same question again and again. How can we do it better? One obvious answer is by defensibly reviewing less. The not so obvious part of that answer is the available methods for doing so.
Earlier this month I ran in the Spartan Super race in Asheville, NC (Black Mountain). After more than 2,000 feet in elevation gain and a rapid descent, spanning over 10 miles, overcoming 26 obstacles, pushing through 155 burpees…I was DONE! It was by far the hardest competition I’ve completed.
There are many kinds of data that hackers find profitable, and any number of different targets, from retailers to universities, where that data can be found. However, one group of victims is by far the most popular among data thieves, not because they are necessarily the easiest to breach, but because the data they hold is more valuable.
What has more value to you: your medical records or your financial data? At first glance, it would seem that an x-ray wouldn’t be worth as much as a debit card number – after all, one is just an image of the skeleton, but the other can be used to purchase practically anything, in person or online. However, the truth is that medical records often contain a great wealth of Personal Identifiable Information (PII) and Protected Health Information (PHI), including your first and last name, date of birth, physical address and - most importantly - your Social Security Number.
You’ve Been Breached. Pay the sum of 950,50 Bitcoins, or else...
Has it happened to you yet? Take notice of the not-so-subtle “yet”. I’ve been fortunate to work with some of the best and brightest InfoSec people, as well as my own data forensics group, on incident response engagements (IR). It’s dizzying and quite chaotic until the teams are plugged in and making hurried sense of complex events. Who got in? How many times? What was the point of ingress? Bad firewall rules? Weak VPN passwords? Third-party software vulnerability?
Dynamo Holdings Limited Partnership v. Commissioner
In an order dated July 13, 2016, the U.S. Tax Court once again strongly supported the use of Predictive Coding. The case had already featured some notable opinions and orders on the topic. This recent order is a fun read for analytics nerds and newcomers alike, as the Court did a great job of laying out the associated facts and addressing the typical arguments for and against use of the technology. Here are a few items that caught my attention as I read it.
This article assumes that Technology Assisted Review is being deployed in a production review setting where the user seeks to identify potentially relevant documents from among a larger corpus, and to subject those documents to full manual review. The use of TAR as an investigative or fact finding tool is a more financially flexible proposition, and the efficiency of that approach should be evaluated via separate standards.
There has been some debate in the past few years about the proper role of the Subject Matter Expert (SME) in technology assisted review (TAR) – a discussion which has understandably resulted in plenty of disagreement. There was a time when most blog posts and white papers swore that SME training was the only path to success, but that position looks to have softened some.
I say this to colleagues all of the time: “People will trade privacy for convenience every step of the way.” My contemporaries nod reassuringly, perhaps in an attempt to hush my banter, though maybe they actually represent a large contingency of informed people who agree.
By Joshua Tolles and Sara Skeens
Solving Challenges in the Presentation Phase
In our last post, we discussed the value of looking at analytics in e-Discovery with a creative mindset, and a few steps that you can take to expand your problem solving horizons. As we noted there, analytics is most commonly thought of as a tool to be applied during the review phase of the EDRM to control data sizes; however, we'd like to change that. At Altep, we frequently use analytics to solve many more problems than just those found in the production review arena. With a firm grasp on the technology, plenty of curiosity, and a healthy passion for "building a better mouse trap," we have found quite a few areas where analytics can help turn the eDiscovery rat race into a more methodical and scalable process.