Enfuse 2017: Handling Data Breaches and EnCase Joins the Relativity Community

The Enfuse Conference, Guidance Software’s annual digital investigations event held last week in Las Vegas, featured the usual mix of legal, law enforcement, and computer forensics professionals.

However, the conference, known formerly as the Computer and Enterprise Investigations Conference, had a slightly different look this year. For instance, the hashtag #eDiscovery was the number one hashtag used on social media throughout the conference. (#DigitalForensics was second most popular, and #DataBreach was fourth.)

Why the importance of #eDiscovery?

This year’s conference was the first Enfuse since last fall’s Relativity Fest announcement that Guidance’s EnCase software was becoming an integrated part of the Relativity platform.

Guidance has had an e-discovery presence for years, and in 2012, the company made a major move by acquiring the cloud e-discovery vendor CaseCentral and rebranding it EnCase eDiscovery Review. However, Guidance now sees the company’s e-discovery future as part of the Relativity community and is sunsetting their e-discovery offering to integrate with Relativity.

For Relativity, the integration brings the 36 million EnCase endpoints to the Relativity community, and the enthusiasm was evident at Enfuse.

In this Enfuse recap, we’ll take you through some of the sessions with our Twitter Moments, a compilation of tweets from the conference.

Litigation Lifecycle

In the session Where Did It Come From? Where Did It Go?, kCura senior solutions specialist Jacob Cross and kCura solutions architect Nik Balepur described the litigation lifecycle.

In an observation about the rapidly changing nature of e-discovery, Cross noted that most of what he did as part of his job 10 years ago doesn’t even exist today, and Balepur said his career illustrates the importance of processing.

“I processed data as a ‘SQL jockey,’ and in my mind, processing can make or break the case,” Balepur said.

The e-discovery “data dump,” where one party attempts to make discovery more difficult by dumping vast volumes of irrelevant data on opposing counsel, is both the bane of the e-discovery practitioner and a violation of the Federal Rules of Civil Procedure.

However, as technology has made it easier to engage in the discovery data dump, technology can also help solve the problem with advanced analytics, with both Cross and Balepur noting analytics can help lawyers and paralegals find evidence quickly despite the data dump.

“Analytics finds the needle in the haystack,” Balepur said.

See the Twitter recap of Where Did It Come From? Where Did It Go?

e-Discovery Evidence

kCura chief security officer William “Security Bill” Lederer and Seyfarth Shaw LLP associate Matthew Christoff presented Dos and Don’ts of Forensic and e-Discovery Evidence Handling, which included a discussion of best practices for forensics and discovery managers.

The discussion ranged from Lederer providing security tips, such as turning off laptops when traveling, to Christoff reminding the audience of chain of custody and evidence authentication issues.

“One of the biggest concerns is IT or HR wanting to get a first look at information—now it’s tampered data,” said Christoff.

Lederer noted the importance of tailoring forensics to the specific needs of specific matters. For instance, he noted legal tech teams should consider whether a forensic or non-forensic collection is appropriate for a particular matter.

“Forensic collections can take time, and they can be overkill,” Lederer said.

Christoff commented on the need for remediation of evidence after a legal hold ends, adding that—without proper remediation—the same data can be subject to legal hold after legal hold.

See the Twitter recap of Dos and Don’ts of Forensic and e-Discovery Evidence Handling.

2017 e-Discovery Case Law

Ballard Spahr LLP partner and firm Privacy and Data Security Group co-leader Ed McAndrew, a former US Department of Justice cybercrime coordinator, joined me to present From Amazon Echo to Google: 2017 Data Discovery Case Law Update.

In the session, we examined some of the noteworthy cases in e-discovery and data security, including State v. Bates—a homicide case involving prosecutors’ request for data from an Amazon Echo—and State v. Dabate, an alleged murder case where prosecutors are arguing that Fitbit data prove a husband killed his wife.

McAndrew noted that devices such as the Echo and Fitbit, known commonly to be part of the Internet of Things, make excellent witnesses—without human biases and with nearly infallible memories.

However, we also discussed the reliability of the data and whether an expert testifying about such data would be subject to the US Supreme Court’s standard articulated by the court in its 1993 decision, Daubert v. Merrill Dow Pharm., Inc.

US Magistrate Judge James Francis IV and I will be discussing these cases and more in a Bloomberg BNA-Relativity webinar on June 22, and you can register here: Mid-Year Briefing: 2017 Data Discovery Case Law.

See the Twitter recap From Amazon Echo to Google: 2017 Data Discovery Case Law Update.

Verizon’s Data Breach Report

Now in its tenth annual edition, the Verizon Data Breach Investigations Report (DBIR) is a compendium of information from 65 organizations around the world on 42,068 incidents and 1,935 data breaches in 84 nations.

Presented at Enfuse by Verizon senior consultant Suzanne Widup, the session highlighted some of the trends in data security, including information on social media and retail attacks.

For instance, Widup noted that 90 percent of social media data breaches originate from phishing, and two-thirds come from organized crime.

See the Twitter recap of Verizon 2017 DBIR Report.

e-Discovery in M&A

kCura director Doug Kaminski joined a panel discussing, among other things, the use of e-discovery in M&A transactions. Joining Kaminski were Dan Meyers of TransPerfect, James Sherer of BakerHostetler, and Brett Tarr of Caesars Entertainment.

The speakers noted ways e-discovery and data privacy issues affect M&A that most might not consider.

For instance, Sherer cited In re True Beginnings, LLC, where the Texas attorney general objected to the sale of an online dating company on data privacy grounds.

Meyers noted that in Radio Shack’s bankruptcy proceedings, the company’s second-most valuable asset was its customers’ contact information.

Kaminski opined on the importance of information governance before, during, and after M&A, adding that many companies are “data museums.”

As for e-discovery after the fact in M&A, Sherer noted that, when you buy a company, you buy its email, noting you can put it in Relativity, discover additional facts, and—in many cases—adjust the purchase price after the fact.

Relativity and EnCase

The Relativity-EnCase integration was big news in both the session EnCase + RelativityOne with kCura director of product management Brian Vile and Guidance senior director Anthony Di Bello, as well as the opening keynote with Guidance CEO Patrick Dennis and kCura CEO Andrew Sieja.

See the Twitter recaps of the opening keynote and EnCase + Relativity.

Women in Data Security

In both the second day’s keynote and the conference’s final session, women took center stage, with former White House CIO Theresa Payton of Fortalice Solutions giving the keynote, and attorney Kathy Delaney Winger providing the final session on data breaches, Cyber Security & Breaches: Business Lawyer’s Perspective.

Payton, who is also featured in the CBS television show, Hunted, helped the audience visualize some of the data security risks people take.

For instance, Payton noted that most people wouldn’t use a toothbrush they picked up off the floor of the busy lobby at Caesars Palace, but she said they’re more cavalier about their digital hygiene, adding that they use public WiFi. Like the toothbrush, you don’t know where it’s been.

Saying she was “sick and tired of seeing the bad guys win,” Payton noted the average number of days it took to detect a data breach was 211, down from over 400 days, but she added, “It doesn’t feel like winning.”

See the Twitter recap from Payton’s keynote.

Finally, attorney Kathy Delaney Winger brought a much-welcome friendly folksiness to the discussions of data breach regulation, providing background on the Federal Trade Commission (FTC)’s handling of data breaches.

Perhaps nothing brings home the appeal of Winger’s presentation more than her analysis of the FTC’s “commercially reasonable” standard on data security. Noting that it was better for businesses that the FTC used the “commercially reasonable” standard than a stricter “reasonable” standard, Winger added, “’Reasonable’ is one of those ‘weasel words.’ What it means varies, depending on the circumstances.”

See the Twitter recap of Cyber Security & Breaches: Business Lawyer's Perspective.

David Horrigan is Relativity’s e-discovery counsel and legal content director. An attorney, law school guest lecturer, e-discovery industry analyst, and award-winning journalist, David has served as counsel at the Entertainment Software Association, reporter and assistant editor at The National Law Journal, and analyst and counsel at 451 Research.