© Critical Informatics Inc., All Right Reserved 2016

Threat Intelligence Blog

The   Been   There,   Bled   There    Blog   that   covers,   well,   just   about   anything   that   we   feel   you   can gain   critical   insight   from.      We   wear   our   battle   scars   with   pride   and   are   grizzled   enough   to occasionally yell, “Get off of my Lawn!” As they say, “You Can’t Make This Stuff Up!”
(206) 687-9100
I   am   a   member   of   the   American   Bar   Association’s   Science   &   Technology   Section,   Electronic   Discovery   and   Digital Evidence   (EDDE)   Committee   and   recently   had   the   privilege   of   spending   a   couple   of   days   with   the   leading   experts   in the   country   on   electronically   stored   information,   legal   forensics   and   e-discovery.      The   two-day   meeting   was   packed with excellent and timely new information whose highlights I have summarized below:          1)   Federal   Rules   of   Civil   Procedure   (FRCP)   expected   to   be   approved   within   the   next   week   or   so.      Proposed   changes: (NOTE: these are still “proposed” and could change)                               a.   Rule   26(b)(1)–   the   issue   of   proportionality   now   at   the   top   of   the   list   of   considerations   that   a   court   should   use when deciding on the relevancy and importance of evidence to a case.                                                         i.    If    preservation    or    production    of    electronic    evidence    will    place    a    burden    on    one    of    the    parties disproportionate to either:                     1.  The issues of the case, or                     2. That party’s responsibility and capability to preserve or produce the evidence,                                           ii.   The   court   is   asked   to   make   decisions   on   whether   to   compel   production,   and   who   should   pay   for   the production, based on the weight of the burden.                            b.   New   language   to   clarify   that   this   decision   should   no   longer   be   based   entirely   on   the   financial   burden   but should   consider   all   issues   that   are   affected   by   the   request   and   might   impact   the   parties   involved   (e.g.   reputation,   time & personnel resources, etc.)                            c.   Rule   37(e)   clarified      that   some   of   the   more   onerous   sanctions   for   spoliation   should   only   be   considered   if   there can   be   shown   that   the   party   acted   with   the   intent   to   deprive   another   party   of   the   information's   use   in   litigation.      It   also states no sanctions, unless it can be shown that the spoliation of loss of evidence has created prejudice.                            d.   Rule   34(b)(2)(B)   -   Objecting   to   producing   electronic   evidence   due   to   an   assertion   of   burden   will   require showing   real   reasons   with   actual   evidence   of   the   burden.   You   will   need   to   state   specifically   why   you’re   objecting   to and what you are withholding as a result of your objection.             2)   The   Internet   of   Things   and   the   complexities   involved   in   the   acquisition,   preservation   and   production   of   evidence from these devices.         a. Most of them are not designed to log events         b. The majority of current products are not secured in any way          c. All connected to the Internet                         d.   All   with   the   capability,   if   compromised   or   accessed   by   the   wrong   people,   to   disrupt   our   lives,   steal   sensitive information, or even cause physical damage                                           i.   The   flaming   toaster:   imagine   an   Internet   connected   toaster   that   a   bad   guy   intentionally   changes   the   settings to toast infinitely, the toast catches fire and the house burns down.                                            ii.   The   smart   refrigerator:   Food   packaging   that   contain   computer   chips   so   the   fridge   can   tell   you   what   is   about to   spoil   and   even   make   a   grocery   order   for   you   over   the   Internet.      That   means   your   refrigerator   (or   whoever   can connect to it) has the ability to charge your credit card.  ’Nuff said.             3)   Computer   forensics   data   can   easily   be   lost   or   compromised   if   the   acquisition   is   delayed   with   many   organizations storing data in the cloud and/or using virtual machines.             4)   The   use   of   social   media   to   screen   jurors   during   voir   dire   (jury   selection).      The   ABA   formal   opinion   466   basically states   that   counsel   has   a   duty   to   examine   a   potential   jurist’s   “Internet   presence”.      It   was   opined   that   not   doing   this extensive   research   could   result   in   malpractice   lawsuits   and   is   basically   another   part   of   an   attorney’s   ethical   obligation to understand and use technology responsibly.    We   are   in   a   rapidly   shifting   landscape   when   it   comes   to   the   world   of   electronic   data.      All   of   us   have   an   obligation   to understand   and   manage   it   and   take   responsibility   for   the   data   we   create,   collect,   store   or   manage.   Those   who practice   law   or   participate   in   any   way   with   litigation   have   an   even   greater   ethical   responsibility   to   do   our   best   to   stay up to speed in all of these areas and to provide adequate, timely and relevant expertise and assistance to our clients. David Matthews is the Director of Managed Services for MK Hamilton and Associates.
COMING SOON TO A COURTROOM NEAR YOU   5/12/2015 By David Matthews CISSP CISM DRFS CSFA IR & Forensics Practice Lead
Threat Intelligence Blog CRITICAL INFORMATICS INC.
(206) 687-9100
© Critical Informatics Inc. 2016 All Rights Reserved

News

Critical Informatics IT Security

Daily News Blast

Sign   up   for   a   truly   essential   Daily   Briefing   on   all the      Industry,      National      and      International Cybersecurity   and   Information   Security   events you need to know and be able to act on today!

Search the Blast Archive

Search by Date, Range, or Keyword September 2015 August 2015 June 2015 May 2015 April 2015 March 2015 February 2015 December 2014 October 2014 September 2014 August 2014 July 2014 May 2014 April 2014 February 2014 December 2013 November 2013 August 2013 July 2013 June 2013

Threat

Intelligence Blog

The   Been   There,   Bled   There    Blog   that   covers, well,   just   about   anything   that   we   feel   you   can gain   critical   insight   from.      We   wear   our   battle scars    with    pride    and    are    grizzled    enough    to occasionally yell, “Get off of my Lawn!” As they say, “You Can’t Make This Stuff Up!”
(206) 687-9100