Category Archives: Implementation

1st Things 1st: The Litigation Hold Letter (A Blast from the Past)

J0309498 All – as part of my ‘repairs’, I’ve looked at some of the blog logs (say that 3x fast) and since this item was posted over six years ago, it’s still ranked as #1 on the site!  So, it seemed like this was the perfect opportunity to republish it.  The letter itself is slightly updated, but the post is reproduced verbatim:

Wow…this is my 100th post!  Who knew I could pontificate this long?

In analyzing the new California Electronic Discovery Act (I’m going to start calling it “CEDA” for short), I might as well start at the beginning.

The first thing that will occur if litigation arises?  There’ll be a bunch of litigation hold letters going around.  I say a bunch because it could manifest several ways; outside counsel to your adversary, outside counsel to inside counsel, inside counsel to the enterprise, the CIO/CTO to the IT department, the CEO to the CIO/CTO…you get the idea.  In some cases, as illustrated above, the letter may not even be coming from an attorney.

What might the letter look like?  Here’s an example of a litigation hold letter theoretically issued from outside counsel to an adversary (in PDF format).  The names were changed to protect the innocent (and the guilty, for that matter).

This is only a sample to give you an idea of what a letter of this kind might look like.  The purpose is to illustrate items you may or may not have thought about.  Like snowflakes, no two letters will ever be exactly the same.  Only a professional with personal knowledge of your specific requirements should ever create and/or issue a litigation hold letter.

Enough disclaimers?  Ok then…chew on this for a Monday.

Test-Driving Windows 10: What You Need to Know Before You Upgrade

[…and what to do if you’ve already upgraded]

Windows-10-wallpaper
Windows 10 was released in late July to a lot of fanfare.  Even as a ‘tech-guy’, my rule of thumb is to never install an upgrade to a Windows operating system until Service Pack 1 is released.  But, as is true with many other users, Windows 8.1 (and Windows 8.0 before it) was a big disappointment to me and I figured anything would be better than standing pat.  So, under the dual-philosophies of, “Tech, Heal Thy PC” and “Document it for my readers”, I installed Windows 10 as soon as it became available.

Good thing I know how to fix my technology.  On the plus side, you get to learn from my pain.

LOOKING UNDER THE HOOD

Do I regret doing it?  No.  Was it a successful upgrade?  Yes and no.  First of all, there are a lot of tweaks that must be dealt with, but other than being time-consuming, they weren’t particularly difficult.

What was difficult was that Bluetooth support disappeared.  What do I mean by disappeared?  I mean that, not only did it not work, the entire module was missing as if that feature didn’t exist on my PC.  It can be blamed on both Microsoft and Toshiba, my PC manufacturer.  As I found out later, Toshiba didn’t release Windows 10 compatible drivers until about a week after the upgrade was available (which strengthens my advice never to rush to upgrade).

But that was a week later.  I had a problem to address now.  I dug out my old usb mouse (my current mouse is Bluetooth) and got to work figuring it out.  When it comes to troubleshooting these types of problems, patience is a virtue.  There’s always an answer, but it may take time to find it.  In this case, the answer was simple: my driver didn’t work and I had to find one that did work.  The fix, on the other hand took time.  I visited both the Toshiba and Intel sites for support, but being unable to find drivers that specifically identified as being compatible with Windows 10 (or my PC model), I simply started with the next version up from my driver and continued a pattern of install/reboot/remove/reboot, install/reboot/remove/reboot until finally, Bluetooth miraculously reappeared!

Of course, I had to try a lot of drivers – and had a lot of other work to do – so that process took two days.  Not that bad; but the real reason I needed to repair it was that I connect to my smartphone via Bluetooth for other purposes.

Remember, I was willing to take the risk, so I’m fine with the results.  Are you?

LOCKING YOUR DOORS

As you’re already aware, some very talented people all over the Internet have written articles about functionality and features, but I want to focus on what attorneys need to know, and the most important item is that Windows 10 poses serious risks to your privacy – and the confidentiality of your client information.

You’ll want to start with the privacy settings (which can be located – predictably – under Settings > Privacy) but be warned, depending on your configuration, there will be approximately thirteen separate modules of privacy that you must review, and you’ll have to spend some time in each one (see below):

Windows 10 Privacy

In short, you’re going to find yourself turning a lot of features off.  For most users, this will be sufficient.

For those who wish to go a step further, there are other settings referred to as Telemetry, which Windows 10 has embedded in the software.  It automatically sends your information to them – and it doesn’t provide a means to turn itself off.  I know what you’re thinking.  “I’m staying with my current version!”  That’s not going to work, because just recently, Microsoft began backporting its telemetry software to both Windows 7 and 8.

All is not lost, however.  There are tools available that will mitigate the problem. Personally, I recommend the aptly-named, “Windows Tracking Disable Tool”, which does exactly what it says.  This is a third-party program so as always, practice due diligence and be sure you understand what you’re doing as you’ll be installing it at your own risk.

TUNE-UPS

There’s a lot of debate about installing various patches provided by Microsoft.  I fall squarely in the camp of installing them.  Over the past month, there have been several patches to Windows 10 and I can honestly say that just over a month out, it’s working much better than on day one.  And that brings us full circle around the track to where we began:  Service Pack 1.

Did I say service pack?  That’s the old nomenclature.  It’s not called a Service Release anymore – it’s called Threshold 2.  The best estimates say it’ll likely be available sometime in October.  That’s a fairly rapid turnaround for a service release, compared to the old days.

For those who ‘do as I say; not as I do’, I guess you’ll be idling at the red light a few weeks longer.

Guest Post – Peter N. Brewer: LegalTech – Day Two

Peter Brewer Caricature

I think this is the first time I've ever done this on the blog, but immediately following LegalTech, I had to leave for a trip.  However, Peter Brewer, my trusty colleague from the Law Practice Management & Technology Section, was kind enough to write up a guest-post about his experience this year.

<<< I leave it to you to determine which image to my left is the real Peter Brewer:

"The ALM LegalTech West Coast event, historically always venued in the Los Angeles area, was held instead this year in San Francisco at the Hyatt Regency on July 13 and 14. As in the past, the event consisted of keynote sessions, seminars, and importantly, a large vendor exhibit area. The first day had five seminar tracks running consisting of; corporate legal operations, information governance, advanced IT, the cloud and mobile technology, and E discovery. The second day the tracks were four in number and consisted of; information governance, E discovery, information technology, and corporate counsel perspectives. 

I attended only the second day, which kicked off with an interesting discussion of the Ellen Pao versus Kleiner Perkins Caufield Byers case. On the panel were two reporters who covered the trial, and the defense attorney, Lynne C. Hermle, from Orrick Herrington and Sutcliffe. The plaintiff’s attorney, Alan B. Exelrod, of Rudy, Exelrod, Zieff & Lowe, had been scheduled to be on the panel but had to withdraw due to a scheduling conflict. This keynote proved to be a lively hour of informal discussion in which Lynne Hermle gave substantial credit to the jury for their thorough and diligent evaluation of the evidence. 

The keynote was followed by seminar sessions throughout the day, with ample breaks to visit the vendor exhibit hall.  I attended one of the seminar sessions on E discovery, “Every day E discovery: Bringing It In-House or Outsourcing It.” The panelists were knowledgeable; they consisted of an independent consultant, a claims manager, a partner from the major law firm, and a representative of Lexis-Nexis. The discussion was lively, but for my tastes it was a broad overview with much discussion of the concepts but very little grass-roots, take-home practical advice. I came away feeling that the discussion had been thoughtful, but with no better sense of, “where do I start,” or “what are my first steps when I get back to the office.” 

I also attended a session on cyber security. Again, the panelists were well qualified and knowledgeable. The discussion included such things as the availability of data breach insurance, engaging outside consultants to do cyber security audits of your business, and a general, high-level discussion of the topic of data security in the office. Toward the end of the session the moderator opened the discussion up to questions from the audience. I commented to the panel that, while I found the discussion interesting, I would like to have some specific action items that I could take back to my five-attorney law firm and implement, step-by-step. 

The advice that was given in response was to start with written policies and procedures. As in any endeavor, if you don’t know where you’re going, any road will take you there. A cautionary bit of advice that went with the suggestion of developing written policies and procedures was that then you are duty bound to follow them. Failing to observe your own procedures can increase rather than decrease your liability.

It was also suggested that I consider hiring a security consultant to do a risk assessment of my office. Apparently for a firm the size of mine (<10 total staff) this endeavor can run approximately $5,000 – $10,000. While this seems like a sizable chunk of discretionary spending, the cost of a data breach and one’s exposure to liability for it would no doubt be a multiple of many times that amount. 

Contrasting the 2015 event with LegalTech events in years past, one significant difference stood out to me.  In past years there were seminar sessions on a broader variety of topics. There have been sessions on such things as what financial reports a law firm owner should regularly produce and review, sessions on tech gadgets, useful mobile devices, helpful apps, practice management software, and so forth. This year by far the greatest emphasis was on data. Even the vendor exhibit hall, although it did have exhibitors of a variety of useful products, seemed to be heavy on the e discovery and data security vendors. While this information is no doubt useful to some, I found it not very applicable to my small firm’s real estate law practice, where we do not get cases involving discovery of tens of thousands, or more, documents. Circling back to the keynote discussion that kicked off that day, attorney Lynne Hermle said that in the Ellen Pao vs. Kleiner Perkins case Ellen Pao had produced something approaching a million documents. May I be blessed to reach the end of my career without ever having to tackle such a daunting task. 

All in all, the LegalTech event is an enjoyable break from the office, especially for those of us interested in tech.  Are you one of us?  Check your wrist.  If there’s an Apple watch on it, you are inescapably a techie.  It was nice to have this event in Northern California for a change, and the Hyatt Regency was a lovely and accommodating venue.  I hope to see the event back in San Francisco again next year."

Peter Brewer

************************************************

About the Author:   Peter N. Brewer has been a lawyer for over 35 years, and is also licensed by the California Bureau of Real Estate as a real estate broker.  Peter started his own firm in 1995.  The firm has grown to five attorneys, practicing real estate and lending law.  The firm serves the legal needs of homeowners, purchasers and sellers, real estate and mortgage brokers, agents, brokerages, title companies, investors, other real estate professionals and their clients. Peter and his firm also represent clients in debt collection, creditor representation in bankruptcy, breach of contract matters, and other litigation and transactional work.

Peter obtained his Juris Doctor degree from the University of Santa Clara Law School in 1979 and is also licensed to practice law in all State and Federal Courts in Idaho and certain Federal Courts in Michigan and Iowa (and probably in other states he no longer recalls).  He loves dogs, hates kids, and is generally considered to have an insufferable disposition.

Law Offices of Peter N. Brewer

2501 Park Blvd, 2nd Flr.

Palo Alto, CA 94306

(650) 327-2900 x 12

www.BrewerFirm.com

BayAreaRealEstateLawyers.com                 

Real Estate Law – From the Ground Up®

My Analysis of Calbar Formal Opinion 2015-193: eDiscovery & ESI? “Don’t Be Stupid”

The last three words from this short Beverly Hills Cop video clip sum up my analysis of the opinion:

I wrote public comments to COPRAC (The State Bar of California Committee on Professional Responsibility and Conduct) re their interim versions of the opinion and, in a rare step, I’m posting a verbatim excerpt because my assessment of this opinion remains unchanged.  One modification – I bolded a quote, because the Committee adopted my definition verbatim in their opinion (page three, footnote six):

“I’m seeing a very common thread in COPRAC’s reasoning that afflicts those who understand technology at a more surface-level; the tendency to think of it in physical, rather than ethereal terms.  In other words, the Committee has focused on the word evidence, instead of the word electronic.  Take water, for example.  Whether it exists in a lake, a bathtub, or a glass, it’s still water.  It’s the same with evidence.  Whether it exists as writing on a tombstone, a paper document, or in electronic form (e.g. sitting on a flash drive), it’s still evidence.  It’s the medium that should distinguish it for your purposes.  That’s the contrast missing here.

Whereas the Committee has done a better job of defining parameters such as clawbacks and laying out accurate mistakes by our hapless attorney, once again, it descends into conduct that isn’t eDiscovery-based; but competence-based.  This opinion relies too much on unrelated reasoning, such as “assumes”, “relying on that assumption” and “under the impression”.  That’s not an eDiscovery problem; that’s a general competence problem.  It’s also not what the audience needs.  If they’re attorneys licensed in California, they’ve presumably passed both a Professional Responsibility course and the MPRE exam and know – or should know – their duty of competence.  It’s not as if an attorney retains a med-mal case, then immediately “assumes” or is “under the impression” that s/he’s a doctor and can read an x-ray.  But I could intertwine those facts with this opinion and make it about medical experts.  What attorneys specifically need to know is how their actions, or lack thereof, in the procurement, assessment and handling of electronic evidence morph into a violation.  This is a highly specialized area unto itself.  See my previous example.  The x-ray is electronic evidence.  Proper acquisition is one matter; analysis, forensic or otherwise, is quite another.  That doesn’t just include the adversary’s evidence.  It also includes the Client’s evidence.  In this scenario, one is seeking to exculpate the Client through all available means – not just via the adversary.

Contradictions also exist in Footnote Six on page three that states, “This opinion does not directly address ethical obligations relating to litigation holds.”.  I respectfully submit that the opinion goes on to do exactly that.  Perhaps this is due to the criteria set forth in Footnote Six being inaccurate as defined.  In a legal setting, Attorney is charged to know what the Client does not, and this may involve issuing litigation hold instructions to their own Client; not just third parties or adversaries.  If attorney was interacting with the CIO or CTO (The “Information”/”Technology” chiefs, perhaps s/he could reasonably reply on their assessments.  But here, attorney is interacting with the CEO who likely has no intimate knowledge of what goes on in the IT department.  It should read, “A litigation hold is a directive issued to, by or on behalf of a Client.”  Otherwise, how does the competent Attorney protect a Client who, in good-faith, endeavors to do the right thing or protect themselves when a Client, in bad-faith, engages in intentional spoliation?  One of those scenarios exists on page two, when the eDiscovery expert, “tells Attorney potentially responsive ESI has been routinely deleted from the Client’s computers as part of Client’s normal document retention policy”.

Understanding these nuances and acting on them is the very definition of competence as applied to an eDiscovery attorney – or an attorney who engages the services of a third-party eDiscovery vendor.  In this arena, eDiscovery is like a game of falling dominos; once competence tips over, the rest (acts/omissions, failing to supervise, and confidentiality) will logically follow.  As they say, timing is everything.”

Conclusion:  The opinion does a good job of explaining fundamentals of the eDiscovery process, but in my opinion, doesn’t go nearly far enough.

Int-Elect Required to Defeat Cyberattacks on Voting

MP900402417Sometimes, it's not easy thinking about disaster-planning all of the time.  Not incorporating enough caution means you get it wrong and somebody will be angry with you.  Incorporate too much caution and everyone thinks you're paranoid (insert usual joke here about you all watching me…).

So, how alarmed should we be to hear about the first documented case of a cyberattack on a U.S. election?  If you're in disaster-planning, you would have been concerned about it years ago, prior to election functions like registration migrating to the 'Net and voting machines using touchscreens and tabulating via software.  And to think; recently 'they' were suggesting voting by email

I can't think of anything more critical than preserving the integrity of the electoral process, but here's some food for thought to all of the factions currently bickering over Voter-ID laws:

While you're bickering over how to guard the front-door, perhaps you should send someone 'round back

ReInventLaw Silicon Valley: GoldenState & the Three Bears

RILSC 2013
What the hell was that???

I’m speaking of the all-day ‘experiment’ (that’s what I’m calling it), ReInventLaw Silicon Valley 2013 conference this past Friday.  Is that a criticism?  Not at all.  This was the kickoff event of a collaborative effort; law students, professors, technologists, investors, inventors, attorneys and everything in-between, all convening in one place (The Computer History Museum in Mountain View, California, to be exact) to talk about the future direction of law practice.  Approximately 40 speakers in all.  You read that right; 40 speakers in a single day (enough to make an LPMT Chairman cry).

And what did we see?  Good talks, bad talks, decent talks, shameless sales pitches, moderately-shameful sales pitches.  Terrible speakers with outstanding messages, outstanding speakers with terrible messages & mediocre speakers with mediocre messages.  Speakers who went on too long, speakers who didn’t go on long enough and speakers who were juuuust right (yes, this was the LPMT-equivalent of the Three Bears…).

And of course, live streaming Tweets hosted on a PC with an IP-address conflict (DHCP, my friends; old school!).  There were funny tweets about there only being five ties in the room (I happened to be one of them).  My response was to create the hash tag, #thesmartesttiesintheroom.

In other words, I had a great time!  It’s very easy to criticize something like this, I suppose, but the organizers were able to land many hard-to-attain speakers while simultaneously coaxing approximately 350 people (by my rough count of how many actually showed up vs. the 500 tickets that were distributed) to convene in one location for a healthy exchange of ideas.

I gotta go…my porridge is getting cold…

Yahoo! and the Robot (not Remote) Employee

MP900427654

Wouldn't the world be a perfect place if we simply followed every talking head who pontificates on a subject (yours truly excluded…)?  Of course, the goal doesn't usually involve the content of the story, but to create a bait headline that'll compel a reader to click-through (the shortest way to accomplish this: make them angry).  And what a perfect subject to select for this purpose; Yahoo! CEO Marissa Mayer rescinds remote privileges!

* * * * * * * * * * * *

Then, the experts swoop in to tell us what she's really doing:

  1. Implementing a stealth layoff by pissing-off employees, who will then quit on their own,
  2. Discriminating against working moms (what about dads?),
  3. Taking us back to draconian times!

You get the idea…and you know what?  Every one of these claims might be true!  But, perhaps she is:

  1. Putting her arms around a human resources issue that's grown out of control,
  2. Fostering improved inter-company relations,
  3. Trying to better-assess a situation she can't see.

Mix & match as you like.  Does that mean I support the decision?  It's not about that.  I, like you, can easily cite detriments as well:

  1. More hours/dollars wasted on fuel, time and wear & tear sitting in traffic (I've been wondering whether the increase in traffic would actually be noticeable to outsiders),
  2. Less quality/leisure time with family, friends or hobbies,
  3. More pressure on significant other/spouse/parent to 'pick up the slack' of the Yahoo! employee (i.e. What I'm getting at is, suppose this particular employee is also a caregiver to an elderly parent; it ain't only about children, is it?)
  4. More pressure on single, unattached employee for similar reasons (there are only so many hours in the day for grocery shopping, errands and of course, appointments).
  5. Don't even get me started on morale…at least in the short term.
  6. Higher costs for Yahoo! as well; supporting all of these additional bodies on-site will have a marked effect on resources, such as electricity, maintenance, space allocation, furniture & supplies, etc.

I hate to quote Facebook, but:  It's complicated.

This is why it's extremely difficult to be a manager; too many cooks and Monday-morning quarterbacks.  My favorite is the propensity to quote studies about the benefits/detriments of working remotely.  You know what?  It's irrelevant except as it pertains to Yahoo!! (So, when I want to add a 'bang' to a sentence ending in the word "Yahoo!", is that how I do it?).

Of course, there is a place for statistics and studies as a general guide.  But what matters most is, how do these statistics and studies relate to the specific situation at Yahoo!?  There are a lot of factors involved, and I don't see too many of these articles wading very far into the weeds.

Last point; substitute any other name for Yahoo!  Same rules apply.

P.S.  I've included articles from people who do know the subject well – a lot better than I do, anyway (e.g. Richard Branson) but I think his particular comments answer his own concerns:

"To successfully work with other people, you have to trust each other. A
big part of this is trusting people to get their work done wherever they
are, without supervision
." [Italics added].

Two questions:

  1. Is it possible that Yahoo! harbors irrational mistrust of their employees?
  2. Is it possible that some employees have abused Yahoo!'s trust?

It could be one, both or neither.  I wonder how this will play out in the months leading up to implementation?  I wonder what things will look like six months after implementation?

Calbar Looking at Limited Law Licenses: It’s all about Standards

MP900341927An article in the February 2013 issue of the California Bar Journal states that the Calbar Board of Trustees is examining the possibility of creating a class of "limited-practice licensed" individuals.  Among the reasons provided as the catalyst (e.g. lower cost to consumers, path to eventual Bar passage), ostensibly, the Board also believes this would circumvent instances of unauthorized practice of law (UPL).  UPL (Rule 1-300) falls outside of the Bar's jurisdiction and is normally addressed as a misdemeanor charge via a criminal complaint.

A form of certification already exists within the Bar (or at least, it used to), called "Certified Law Clerk".  I know it well because I was one when I worked at the L.A. County D.A.'s Office during law school.  From memory, some of the criteria to be certified included being a 3L and having already passed the Evidence course, among other things.  Certification allowed me to perform more duties than a standard law clerk.  Obviously, I see some benefit to the idea.

However, I also see detriment, and the first one that comes to mind is expectations.  What level of expertise will a client of this class of legal professional believe they are – or should be – receiving?  Who will guard the line between limited-practice and unlimited practice to ensure that the provider doesn't cross it?  Who is at fault if the provider doesn't meet the standards the client believes they should meet?

Is a new tort called "Limited-Malpractice" going to spring out of this plan?  Will it ultimately 'dilute the brand' of what being a lawyer means?

Considering that I'm Chair of the Law Practice Management and Technology Section Executive Committee, if this new class is ultimately created, my Excom will likely be front and center during the implementation process.

Either way, I'll say this; the Board has their work cut out for them!

v-Discovery Insights: Robert Brownstone of Fenwick & West LLP Discusses his Top 3 Concerns in Data Security

Robert Brownstone has been my friend and colleague for many years.  In fact, he was Chairman of @CalBarLPMT two years prior to me.  We recently appeared on a panel together called, "Under Fire: Defending and Challenging a Motion against Technology-Assisted Review – A mock Meet and Confer (26f) hearing".  He played the role of the Plaintiff's attorney and I the Defendant's.  Robert was a late addition to my panel and I was delighted to present with him again!