The Data Governance & Discovery Blog
Read about the latest strategies, trends and news.
Level-Setting Audit and Investigations Strategies Amid Ongoing Disruption – Part 2
In the current environment of remote work and hybrid work environments, our digital forensics and investigations teams have seen significant disruption is in the execution of remote global audits, regulatory inquiries and internal investigations. Through this work, we’ve seen that the more sophisticated an organization is in its journey toward digitalization, the more it is able to achieve savings in the time, costs and resources needed to conduct a remote investigation. I discussed this concept in detail in Part 1 of this series, which included an overview of how organizations can examine their digital sophistication.
2022 Forecast: A Roundup of Predictions Across Governance and Expanding Risk
In FTI Technology’s and Relativity’s The General Counsel Report 2022, 60% of general counsel indicated worry over mounting risks, and said that their risk landscape is expanding or becoming more difficult to navigate in areas spanning compliance, regulatory enforcement, data privacy, information security, emerging data sources and ongoing effects from the pandemic. Feelings of preparedness dropped from the previous year in every major category discussed.
Preparing for Increased Dawn Raid Activity in the U.K. and Europe
Authorities across the U.K. and Europe have indicated plans to step up oversight and enforcement across a range of regulations, particularly in the area of antitrust. This effort is already proving to include a surge in dawn raids—unannounced inspection by a regulator on suspicion of infringement—throughout 2022. In the months and year ahead, organisations will be under intensifying pressure to prepare for these inspections. This is prompting a renewed need for legal and compliance teams to review procedures and develop clearer understanding of their IT landscape so they can quickly respond to an inspector during an unannounced investigation.
Corporate Data Challenges in EMEA in 2021: Emerging Legal and Discovery Issues - Part 4 of 4
This post wraps up a four-part series in which I’ve explored the top data issues impacting corporations across EMEA now and in the year ahead. The previous blog posts have discussed a range of trends across investigations, data privacy, M&A and information governance. In this piece, I’ll share developments we’re seeing specifically in the legal arena, around the rise of class actions in EMEA, new needs in legal review and how advancements in technology are helping our clients meet new challenges.
Linked Content Presents Challenges in E-Discovery
Linked content—dynamic documents shared as links rather than attachments—are emerging among the latest areas of debate in how emerging data sources impact e-discovery. Not only are courts and discovery experts beginning to discuss whether hyperlinked content should be treated the same as attachments in production, but practitioners are also increasingly encountering the legal and technical challenges of collecting, analyzing and reviewing linked content in real world cases.
From the Inside Out: Understanding and Responding to Insider Threats
As part of the Harrison Clark Rickerbys recent Cyber Conference, we presented a roundtable discussion, “The threat from within – insider threats and commercial espionage,” alongside HCR Partner Robert Capper. Drawing upon our collective experience across cybersecurity, digital forensics, information governance and data privacy, we covered a breadth of considerations relating to insider threats, including why employees steal data, what’s causing the increase in internal threats, how to prevent insider breaches, tips for investigating such matters and data privacy implications to address.
Emerging Data Sources Insights Part 1: Why Permissions are Becoming More Important than Custodians
The corporate data footprint continues to expand exponentially in size, variety of sources and complexity, largely as a result of ongoing business adoption of cloud-based collaboration and productivity tools and a widespread shift to remote work. On average, most organisations’ IT systems now include 400 data sources, with the top 20% juggling 1,000 or more according to a recent survey from IDG Research. In the same survey, IT professionals stated their data volumes are growing by 63% monthly, with one in 10 indicating their footprint is growing at 100% or more each month.
Six Tips for Navigating Legal and Regulatory Risks in the App Age
Many corporations in Brazil are grappling with the implications of increased mobile phone app use for business communications and collaboration. Tools like WhatsApp are growing rapidly in enterprise user adoption and providing significant advantages for employee productivity and collaboration. Yet IT, legal and compliance leaders continue to worry over the impact these tools have on regulatory compliance, IT security, data protection and investigations.
Level-Setting Audit and Investigations Strategies Amid Ongoing Disruption – Part 1
The world is changing quickly. Corporations have spent the last two years chasing technological advancement within their organizations as well as the global business ecosystem. Projects stalled when business travel shut down and teams lost the ability to shift resources where they were needed most. Workflows that were typically handled in person were recreated in virtual settings. And even before the pandemic, the rate of digitalization was picking up speed, ultimately hurtling toward a tipping point when core operations were largely shifted to remote environments.
Keeping the Conversation Alive Part 2: Actionable Diversity
Jon Chan shares additional takeaways from the virtual event International Women's Day 2021 - Three Months On - Keeping the Conversation Alive, and our speakers’ views on driving change for better diversity, inclusion and belonging.
Discussing Data Minimization with Meru Data
Jake Frazier recently had the pleasure of discussing information governance with Priya Keshav, CEO at Meru Data, on the company’s #SimplifyforSuccess podcast. Their conversation focused on the issue of data minimization, and many of the challenges our teams see clients face when working to dispose of legacy data and implement new retention and deletion programs.
This blog series is covering the top data issues impacting risks for corporations across EMEA. Parts one and two examined the expanding data footprint—the digital information captured and consumed in the world—which is predicted to reach 175 zettabytes by 2025 (according to IDC), and the impact this is having on legal and compliance issues, as well as M&A activity. In this post, we’ll continue the discussion with a look at issues through the lens of data privacy and information governance (IG).
Evie Mackay Discusses the Importance of People and Strong Leadership in Document Review
As part of FTI Technology’s global expansion of our Managed Document Review practice , Evie Mackay was recently appointed as a Managing Director and practice lead in the U.K. With a keen eye on leadership excellence and growth, Evie will be working with segment leaders in key European markets to broaden the offering’s capabilities and worldwide footprint. In this Q&A, she discusses her background, views on using technology to streamline review and trends ahead.
U.K. Black History Month: Visionaries Paving the Way for Diversity in STEM
It’s Black History Month in the U.K., and in an effort to contribute to the conversation as it relates to our work in the legal, technology and consulting sectors, FTI Technology is taking time to recognise the Black visionaries and inventors who have impacted our field and society in general. This post features three individuals who have made a significant impact on science, technology, engineering and maths (STEM) in the U.K.
It’s been a year of milestones for the legal operations profession. More legal departments are prioritizing the legal operations role and function, adding head count in this area and supporting legal operations professionals with buy-in for their key initiatives. More, technology modernization within the legal department has sped up substantially over the last year, with legal operations often as a driving force behind the roll-out of new tools and processes.
Stealing From the Cookie Jar? Beware Evolving Data Privacy Rules.
For many businesses, cookies are the backbone of marketing. These text-only strings of information stored on visitors’ computers, smartphones and tablets allow businesses to track, identify and study online behaviour for the purposes of targeted advertising. This practice is allowable within the confines of the EU Cookie Law, existing privacy legislation that allows websites to store or retrieve information only with visitors’ consent. While cookie-enabled targeted advertising is a boon for marketing campaigns, recent developments in data privacy laws and discourse are beginning to beg the question: is cookie tracking a good thing? More specifically, is the use of cookies compliant in accordance with the GDPR, California Consumer Privacy Act (CCPA) and other emerging data privacy regulations?
Q&A: As Data Complexities Multiply, Ken Oliver Looks to Reshape Investigations Strategies
E-discovery expert and investigator Ken Oliver recently joined FTI Technology’s Digital Forensics and Investigations practice as a Managing Director. With more than 20 years of experience in enterprise technology, data acquisition and computer forensics, Ken is focused on helping clients face investigations challenges arising from technology advancements. In this Q&A, he talks about his background, his perspectives on how the field of digital forensics is changing and why he believes a global view is essential to solving tough problems.
Q&A: With Compliance Concerns Reaching a Highpoint, Al Park Leads with Technology
Al Park recently rejoined FTI Consulting following an 11-year run working in senior, global roles at Navigant and Control Risks. He was formerly a Managing Director within the firm and is now a Senior Managing Director with a focus on data risk and compliance solutions. In this Q&A, he talks about the compliance challenges he’s seeing among clients, how technology is positioned to help and why he decided to return to the firm after more than a decade.
How Data Protection Has Become a Business-Critical Priority in the Middle East
Organisations that store personal and sensitive data possess millions of data artifacts—each representing unique risk and value—within their enterprise systems. With cybersecurity incidents on the rise, the stakes around data protection have become higher than ever before, yet many organisations still do not realise the extent of disruption that can result when systems are breached.
Keeping the Conversation Alive Part 1: Realising the Value of Female Leadership
Leadership across FTI Consulting and our Technology segment are committed to empowering female professionals and supporting them through every stage of their career growth. As part of this, we continually facilitate conversations that elevate essential topics in leadership and diversity, inclusion and belonging.
With New Second Request Reforms, FTC Lays Heavier Hand on Competition Control
Last week, the Federal Trade Commission’s Bureau of Competition issued a blog post detailing its new plans to make the Second Request process “more streamlined and more rigorous.” The changes—five specific and sweeping reforms to existing Second Request practices as well as plans to revise the current Model Second Request—come in response as the Commission aims to handle a record-number of merger requests and an increase in potentially anti-competitive deals.
Q&A: Wajdi Kharrat Discusses Growing Demand for Risk Management Support in France
As part of the continuing growth of FTI Technology’s Information Governance, Privacy & Security (IGP&S) practice, Wajdi Kharrat recently joined the team as a Managing Director in Paris. With more than 15 years of experience in consulting clients on risk management and compliance, Wajdi has a clear view of the current challenges and priorities impacting corporate governance, risk and compliance, and expertise in developing solutions to meet these challenges. We spent time with him recently to hear more about his role and perspective on IG trends in France and throughout Europe.
Global Insights: Bridging the Privacy Generation Gap in Australia
Studies and surveys show that most young people care very much about privacy and how data about them is collected and used. In our experience of advising clients on how to build privacy into their products and services, we’ve seen firsthand that when businesses don’t invest in understanding their users (including younger demographics), trust (and revenue, by extension) can quickly dissolve.
EU Whistleblowing Protection Directive Looms as New Compliance Referee
It’s game time for corporate compliance professionals in Europe. In less than three months, the EU Whistleblowing Protection Directive will take effect and add a new set of requirements to the long list of compliance controls businesses in Europe must implement and maintain. With little time left to prepare and establish the frameworks needed to comply with the law, it’s important that businesses gain an understanding of what the directive entails and the new policies and processes that must be put in place before the impending deadline.
Q&A: Van Mejia Discusses the Nuances of Foreign Language Review
With the rise of globalization has also come the rise in cross-border discovery and investigations, and the demand for multilingual capabilities in document review. FTI Technology’s award-winning managed document review solutions include on-demand access to a highly skilled team of multi-language review attorneys. In this Q&A, Van Mejia, a Senior Director within the Managed Document Review practice and lead in FTI Technology’s New York City document review center, discusses the unique skillsets of foreign language reviewers and why FTI Technology stands out among other providers.
Andrea Williams recently joined FTI Technology as a Managing Director to lead the segment’s growth in Canada. An e-discovery expert by trade, Andrea has a robust plan for bringing new technology offerings to the region as well as expanding her team to include experts across numerous practice areas including managed review, investigations and Information Governance, Privacy & Security. We recently discussed her view of the emerging challenges, opportunities and technology outlook for Canadian law firms and corporate legal teams.
Cryptocurrency and the Rise of SPACs: A Match Made in Investor Heaven?
Investors are continuing to watch two of the market’s hottest trends today: special purpose acquisition companies (SPACs) and cryptocurrency. On the heels of Coinbase’s IPO in April, financial analysts have suggested a potential “watershed” for the crypto industry. At the same time, there have been more than 300 SPAC IPOs so far in 2021, far surpassing the 2020 record number of 248 for the entire year. Linking these two trends together makes for an interesting opportunity for investors to quickly buy into a hot, emerging market.
Experts from across FTI Consulting are engaged on a massive, ongoing data governance project for a large global telecommunications client. We recently discussed the matter with key members of the team, Jake Frazier, Steve McNew and Adam Ingber, to understand the key challenges of the matter and the primary regulatory issues the client has sought to address through improved governance.
Is Time Travel Possible? Digital Forensic Investigators Do It Every Day.
For digital forensics investigators, time travel is no far-fetched sci-fi fantasy, it’s part of the job. Every day, forensic technology specialists use data to go back in time and piece together facts and clues that tell the story behind a regulatory violation, legal dispute, or other high-stakes incident. This work requires technical and analytical skills across a wide range of tools and data sources, many of which are currently emerging, and evolving all the time. As corporate data footprints grow increasingly large and diverse, so do the places where investigators must look for evidence.
Experts from across FTI Consulting are engaged on a massive, ongoing data governance project for a large global telecommunications client. We recently discussed the matter with key members of the team, Jake Frazier, Steve McNew and Adam Ingber, to understand the key challenges of the matter and the primary regulatory issues the client has sought to address through improved governance.
How to Hit the Bullseye in Modern Data Governance
Often, the prospect of achieving data governance seems so far off, the challenges so immense, that organizations become stuck in assessments and planning, unable to move a program toward implementation.
Corporate Data Challenges in EMEA in 2021: The Intersection of Data and M&A (Part 2 of 4)
This second post in the series is focused on an area that our team, and my work, is heavily involved in: the data and privacy issues associated with M&A, and the regulatory clearance processes that are increasingly associated with getting the deal through.
Ransomware on the Rise: Preventing and Responding to a Cybersecurity Crisis
The threat of ransomware is becoming increasingly worrisome for Latin American corporations and governments. Organizations in Brazil are at an especially high risk, as the country represents the highest share (nearly 50%) of Latin American targets attacked using ransomware. While ransoms average around $170,000, they can reach into the tens of millions. The overall cost of such an attack—across regulatory fines, reputational damage, recovery efforts and legal proceedings—is usually far greater than the payment alone.
Q&A: Antonio Gesteira Aims to Support Proactive and Holistic GRC for Clients in Brazil
Since the start of the COVID-19 pandemic, the majority of corporations across the G20 have experienced an uptick in investigations, according to the 2021 FTI Consulting Resilience Barometer®. More than 70% faced scrutiny on financial practices, 69% on regulatory compliance and 70% on their products or services. In Brazil, corporations have struggled with fraud and corruption and the damages that can result following a significant violation. In parallel, the data privacy authority in Brazil is already launching investigations under its General Data Protection Law, Lei Geral de Proteção de Dados (LGPD), and in August, will assume its provisions to issue fines. Antonio Gesteira recently joined FTI Technology as a Senior Managing Director to expand the firm’s ability to respond to these developments and help clients in Brazil with their regulatory, e-discovery and data-related challenges. Antonio recently sat down for a Q&A to discuss the market and his new role.
Convincing Different Roles of TAR's Defensibility
More and more legal teams are using technology-assisted review (TAR) to expedite and lower the overall cost of their document review projects. Case law has illustrated the tool’s efficacy and its acceptance in the courts. Yet, some legal teams may still question its defensibility.
Corporate Data Challenges in EMEA in 2021 (Part 1 of 4)
A physicist at the University of Portsmouth recently published research claiming that digital information should be considered a fifth type of matter, alongside gas, liquid, solid and plasma. The study, spurred by scientists’ interest in the effects of the world’s growing digital infrastructure, predicts that bits of digital information will equal the atoms of matter on Earth within the next 150 years. In this four-part blog series, I’ll discuss the key data challenges and trends that our clients are facing with the growth of data, and the importance of investing in proactive programmes and data expertise to manage and reduce the subsequent risks.
Data-Driven Challenges in Merger Investigations
I recently joined a Global Competition Review panel of M&A experts to discuss the effects and legal implications of several data-related issues on the merger review process. The panelists from Latham & Watkins, O2 and the European Commission/DG Commission brought a broad range of insights across regulatory, in-house legal and outside counsel perspectives.
During the Pandemic Has Your Data Social-Distanced or Co-Mingled?
After more than a year of social distancing, most of us are ready for a safe return to normalcy in our personal and professional lives—and just in time, the world is beginning to open back up. Still, even after offices are fully reopened, most work environments will maintain flexible, hybrid models wherein many employees continue to work from home. As a result, organisations will need to pay continued attention to how they evolve, maintain and enforce their information governance and data privacy programmes.
Q&A: Amber Gosney Discusses Drivers for FTI Technology’s Growing Data Privacy Offerings
According to a survey by the IAPP, data privacy is becoming increasingly prioritised by global organisations, with nearly half of privacy professionals stating that they reached full or nearly full compliance with GDPR in 2020. This is a good sign of momentum, but also underscores the fact that many organisations are still struggling to operationalise data privacy requirements in Europe and beyond. This fact is one of many reasons behind the growing demand for data privacy expertise across FTI Technology’s global client base. We recently discussed these issues with Amber Gosney, a new Senior Director within the firm’s Information Governance, Privacy & Security team in EMEA.
It’s Not Over Yet: Addressing Persistent Legal and Regulatory Risks in Remote Work Environments
Earlier this year, we teamed up with Colin R. Jennings, a partner at Squire Patton Boggs, and other speakers on a panel for the Northeast Ohio Chapter of the ACC. Our talk covered the breadth of risks and mitigation strategies that have emerged—and are continuing to create headaches for—legal teams during the COVID-19 pandemic.
FTI In The News: Managing Director, Tim Anderson Discusses The Latest In Emerging Data
The data landscape continues to evolve and now more than ever, accelerate. Driven by the pandemic, people around the globe have been forced to adapt how they communicate, professionally and personally.
Technical Considerations Amid the Explosion of Crypto Acquisitions and Public Listings
In addition to IPO and M&A moves, digital asset research firm The Block reported that 2021 will see the most private funding in cryptocurrency to date.
Discovery in the Cloud: An Investigator’s Close Look at Unexpected Risks and Challenges
After significant growth in 2020, cloud storage providers are continuing to experience increasing adoption within enterprises, and in turn spurring a rise in new legal and compliance challenges. The cloud storage market is forecasted to grow by more than 20% in the next five years across a range of established and emerging solution providers. With this growth, organizations are scrambling to make sense of how their reliance on providers like Microsoft, Google, Amazon and Dropbox affects their governance and discovery processes.
IP in Open Waters Part 2: Bringing Data Back to Safety
In the wake of COVID-19 and the changes it has instigated, you may not be able to bring all your IP back to the safety of the rockpool – but it’s not too late to deploy the life rafts and patrols, and be prepared.
Hakan Özbek recently joined FTI Consulting’s Technology segment as a Managing Director in Germany, bringing 20 years of experience in digital forensics, e-discovery, internal investigations and compliance audits. As demand for expertise in data-related challenges and expertise continues to grow in Germany, Hakan is supporting clients with their complex cross-border matters on issues including compliance violations, antitrust, IP litigation, data leakage and financial crime. We recently spoke with him about how his background maps to the challenges FTI Technology’s clients are facing today and how recent regulatory developments are making investigations and e-discovery work more complicated and intense.
IP in Open Waters Part 1: Understanding the Depth of Data Risk in Australia and Beyond
The COVID-19 pandemic caused massive disruption to the working practices of corporate Australia, commencing with a sudden and substantial increase in remote working in March 2020 as lockdowns were implemented. With this shift, enterprise IT was asked to rapidly enable and support millions of users in leaving the highly controlled “rockpool” of corporate systems for the “open water” of cloud-based collaboration tools and personal devices. Within a few short weeks, the safeguards that many organisations had carefully built over years to maintain their critical IP in singular, securely stored instances were broken down. Sensitive data was suddenly spilling out into the depths—multi-instance, synchronised and available on the personal mobile phones and laptops of staff working at home.
What Companies Need to Know About the ADGM Data Protection Regulation
In February this year, the Abu Dhabi Global Markets (ADGM) passed the Data Protection Regulation (DPR2021), which bears a striking resemblance to the EU GDPR, and the U.K. GDPR specifically. The former legislation, dating back to 2015, was based on the Organization for Economic Co-Operation and Development (OECD) guidance, which was significantly different from GDPR’s standards. What this means is that for companies operating in the ADGM, major regulatory changes are afoot.
Beyond the Pandemic: EMEA Data and Discovery Roundtable
One year on from COVID, the risks resulting from long-term work from home environments and economic troubles have been widely discussed—and felt—in every major region worldwide. Data and discovery risks have been especially impacted. We gathered a roundtable of our experts from France, Germany, Ireland, and Spain to discuss these issues in detail.
Advancing financial inclusion is an essential and worthy priority for financial and technology organisations. Still, these advancements will only make a meaningful impact if a strong foundation of compliance, anti-corruption and data protection are in place to protect consumers and the overall ecosystem.
#LegalOpsGoals: A Modern Legal Department by 2022
The rate of digital transformation with most organizations today is accelerating rapidly. Teams are experiencing an increasing demand to deploy technologies and demonstrate ROI for new systems. In FTI Consulting’s 2021 Resilience Barometer survey, 37% of respondents said they feel extreme pressure to integrate technology over the next 12 months and 44% said they feel significant pressure to do so.
With All Eyes on International Data Transfers, Five Tips to Stay Compliant
In Europe, regulatory scrutiny over data flows from EU member countries to the U.S., U.K. and other non-member jurisdictions is picking up steam. The Schrems II ruling is serving as a primary driver, arming EU data protection authorities (DPAs) with a new platform for enforcing GDPR.
Leading By Example Part 2: Karen Briggs Shares Her Philosophy on Key Workplace Issues
Karen Briggs is one of the leading women at FTI Consulting. She leads the Forensic & Litigation Consulting and Technology segments in EMEA and is driving significant growth for the firm across the region. In part one of this series, Karen talked about the current business climate and risk factors impacting clients in EMEA today. In this post, she discusses her leadership style and her passion for uplifting women in male-dominated industries and roles.
Leading By Example Part 1: Karen Briggs Discusses FTI Consulting’s Presence in EMEA
Shortly after joining FTI Consulting to lead the Forensic & Litigation Consulting segment in EMEA last year, Karen Briggs had her role expanded to oversee the Technology segment in EMEA. In this dual role of heading two of the firm's significant segments in the region, Karen has focused on the synergies between practices to improve client outcomes. During a recent video chat, we asked about her view of the EMEA Technology practice and how she leads her teams through today’s most pressing challenges. This post is part one of a two part series detailing our Q&A.
FTI Technology’s Growth in EMEA Continues with Addition of Nick Athanasi in Dubai
We recently announced Nick Athanasi as a Senior Managing Director in the Technology segment in Dubai, where he will lead teams in the Middle East, Africa, and India. As one of the founding team members of our UK Technology segment in 2006, Nick is returning to the firm from his role as partner and Middle East leader for the Forensic Technology practice at a Big 4 consulting firm. We recently talked to Nick about coming back to FTI Technology and the issues on his radar in the regions he serves.
Q&A: Ben Crew Addresses Growing Demand for Privacy and IG Solutions in Middle East
As Middle Eastern countries ramp up their regulatory oversight and rigor over data protection, companies in the region are seeking guidance on how to evaluate their risk, implement data privacy frameworks and uphold compliance. FTI Consulting is filling this need through the expansion of its IG and data privacy practice in MENA. Senior Director Ben Crew recently joined FTI Consulting to head up the Information Governance, Privacy & Security (IGP&S) practice in the region. We recently chatted with Ben about his new role and the regulatory climate in MENA.
E-discovery, data privacy and information governance risks are increasingly intersecting in today’s organizations. In turn, the ways corporations manage their data, approach compliance and react to legal matters must evolve quickly. FTI Technology’s teams are focused on addressing these new challenges and opportunities. The recent addition of Managing Director Brandon Lee to the team is a prime example of FTI’s ability to provide solutions and expertise that bridge the most pressing legal, regulatory and data issues. We recently interviewed Brandon about his new role and his unique strategy for supporting in-house legal teams.
Streamlining Privacy Compliance Among Global Regulatory Changes
Organisations that operate globally are subject to the ever-changing and continually developing regulatory landscape, which is challenging to comply with without a robust privacy and information governance backbone. In this blog, Ines Rubio, looks at how using aids such as privacy management technology to stay on top of processing activities and legal requirements will facilitate compliance teams’ work and serve as the go-to resource for updates, queries, and research on regulatory changes.
Q&A: Conor Gavin Discusses E-Discovery Trends and Segment Growth in Ireland
Demand for e-discovery and digital forensics capabilities is growing rapidly in Ireland. FTI Consulting is stepping up to the market’s emerging needs with the expansion of experts in the region and solutions to address the increasing complexity of litigation, investigations and governance in today’s climate. We recently spoke with Conor Gavin, a Senior Director in the segment’s Dublin office, to discuss his focus for supporting clients in Ireland and what he sees as the key issues for the year ahead.
How content is created and shared on digital platforms is coming under increasing scrutiny with Regulators and the public calling for online platforms to take on more responsibility. Regulation has been on the horizon with France coming close to passing law to regulate online hate speech (subsequently struck down in court due to freedom of speech concerns) and the Online Harms Bill was proposed by the UK in 2019.
The ePrivacy regulation has had an uncertain path, and at times it seemed as though there would be no regulation introduced at all. One of the main stumbling blocks is the impact on online behavioural advertising and cookies walls on websites. However, in mid-February, the Council of the European Union’s Presidency announced a breakthrough: member states finally reached an agreement on the draft text. The next stage will be negotiations between the Commission, the Council, and the European Parliament.
Data is easy to forget. Especially with the increase in legacy-to-digital transformation, it’s easy to overlook unused systems or historical backups. All too often, the focus is on transitioning to new, digital technologies without decommissioning the legacy systems they replace.
Privacy Compliance for Small and Mid-Sized Businesses; It’s Not One Size Fits All
Read any survey of the challenges small and mid-sized business leaders face, and you’ll see an array of worries over managing cash, retaining customers, competing and keeping up with technological change. Chances are that regulatory compliance and data privacy aren’t making those lists of issues keeping SMB owners up at night. In fact, the majority of SMBs (80% according to one survey) know very little about whether and how data protection laws affect their business. Nevertheless, many data protection regulations are indiscriminate when it comes to organization size, and with consumers paying increasing attention to data privacy, the issue has become very real in the SMB arena.
Adapt, Rebound, Learn: Legal Industry Predictions Following the Strangest Year on the Books
Across FTI Technology, our teams have the opportunity to work on some of the most complex, high-stakes and innovative matters in the world. While 2020 was anything but typical, the work of helping clients problem-solve through technology was a familiar constant. In reflecting back on the lessons learned from the year and the related implications for the future of the legal industry, our global teams have gathered numerous predictions for what outside counsel and in-house legal teams can expect to face in the new year. A snapshot of these are shared below.
E-Discovery in 2021 is a Brave New World
Anyone who’s been in the e-discovery industry for any length of time knows that change is the only constant. It’s a practice and industry born from the very notion of change, and has been evolving steadily since its early days two decades ago. What’s happened over the last year is that the rate of change is now quickly picking up momentum. Trends that were just emerging in 2019 took full shape and began disrupting the space in 2020. More advancements—in the demands of e-discovery and the innovations brought forth to meet those demands—are on the horizon.
How Cartel Investigations are Evolving Alongside Data and Technology Advancements
Ashley Brickles recently participated in a cartels workshop hosted by Concurrences, alongside speakers from Herbert Smith Freehills, the Court of Justice of the European Union (CJEU), General Electric and the European Commission department for competition (DG COMP). The panellists comprised a diverse set of backgrounds and perspectives, which provided for a lively and educational session that covered procedural changes in cartel investigations, privacy concerns that have arisen in competition proceedings and the extent of the Commission’s investigatory powers.
Privacy in a Pandemic – the Conundrum of COVID-19 Check-in Solutions
In the early days of the COVID-19 pandemic, when we were all grappling with the avalanche of concepts like ‘social distancing’ and ‘personal protective equipment’, the idea of contact tracing had many scratching their heads. In the age of automation, a manual process involving a team of people making calls and conducting interviews to find those exposed to the virus can seem almost counter-intuitive. Perhaps this is part of why, in 2020, we saw a dedicated push to find digital solutions to the challenges of COVID-19. This has included digital contact tracing solutions such as the Australian Government’s COVIDsafe app. However, the adoption of visitor registers that record which individuals have visited specific locations, and their contact details, have been far more helpful to contact tracers.
Canadian regulators kept busy in 2020. Within the Competition Bureau, under the helm of new director Matthew Boswell, numerous new initiatives and guidelines were introduced to ramp up the nation’s competition oversight. In parallel, data privacy authorities shared new provisions for cross-border transfers impacting personal and sensitive data and legislators introduced a sweeping new privacy bill to refresh the Personal Information Protection and Electronic Documents Act (PIPEDA).
In a Year of Chaos, General Counsel Step Into Infinitely Expanding Roles
Chief legal officers are facing unprecedented change. The challenges of 2020 have redefined an already changing role for the general counsel, and a second annual study of leading chief legal officers indicates they are rising to the occasion, becoming busines drivers in the own right and serving as crucial guardians against myriad emerging risks.
Data Risks and Challenges in M&A Transactions
At the recent PrivSec Global event, Sonia Cheng, Senior Managing Director and EMEA Head of Information Governance & Privacy at FTI Consulting, led a panel with Ahmed Baladi, Privacy & Cybersecurity partner at Gibson, Dunn & Crutcher and Linda NiChualladh, Head of Privacy (Legal) at Citi. The session covered the underlying risks and considerations associated with data in M&A transactions and the skills needed to brave a complex M&A data landscape.
Q&A: Inés Rubio Joins FTI Technology to Support Growth in Ireland
As part of the growing Technology team in Dublin, Inés Rubio is looking forward to helping clients across EMEA tackle their e-discovery challenges through information governance (IG). With a background in international criminal law and legal technology, Inés brings a combination of technical, legal and strategic problem-solving expertise to the team. We recently interviewed her about her new role at FTI and her plans for supporting the practice’s growth in Ireland.
Now in its sixth year, the report takes a deep dive into the leadership structures, core functions, staff and budgets, and tasks and priorities of privacy programs around the globe. It provides key metrics on ongoing compliance with core pieces of privacy legislation and the effects of recent legal rulings and guidance from data protection authorities on processing operations.
Business Security in Times of Furloughs and Home Working
The effects of COVID-19 have led many companies worldwide to take drastic measures. This includes applications for temporal layoffs or furloughs, with the additional uncertainty of definitive layoffs for vast numbers of employees. In this article, Javier Garcia-Chappell and Grainne Bryan discuss the necessary measures to protect and secure their data, as well as those devices and/or corporate media that may store them.
Never Have I Ever: The Newest Game in E-Discovery
Over the last several months, our teams here at FTI Technology have been fielding an increasing influx of questions about emerging data types. We’re often asked, “have you ever heard of, collected from, produced…” about an ever-growing list of emerging data types. This reason for this is that the massive proliferation of apps and cloud services in use at corporations today is beginning to creep into scope in e-discovery matters.
Q&A: Amid COVID-19, Data Integrity May Be the Weakest Link in Pharma Compliance
Across the globe, the pharma industry is investing billions of dollars into fighting COVID-19. Some of the leading companies have halted other research projects to allocate upwards of $1 billion to R&D for coronavirus treatments and vaccines (according to Forbes). In addition to government and market pressure to respond to the pandemic, pharma companies are up against increasing regulatory scrutiny. A notable—but often overlooked—risk on the regulatory front is the issue of data integrity, which is mandated by numerous global authorities. We recently discussed the issue of data integrity with Managing Director Ankush Lamba based in our Mumbai office, to get a better picture of the risks and how this issue has been exacerbated by the pandemic.
Q&A: Nina Mohadjer Discusses Her E-Discovery Journey and the Opportunities in Embracing Technology
Across FTI’s global teams, many of our experts have been working in e-discovery since before e-discovery even had a name. Nina Mohadjer, a Senior Director in our Dusseldorf office, is one such expert. She recently shared some of her reflections on the evolution of document review and the role technology is playing in changing the practice of law.
The Intersection of Privacy and IT: Key Questions Answered
Today, some degree of data privacy and data protection obligations —regulatory, security standards, consumer trust issues, etc.—touch nearly every organization around the globe. Fulfilling those obligations while maintaining operational resilience and productivity generally requires the involvement of multiple stakeholders as well as a broad range of company leaders. While typically led by an organizations legal and compliance department, operationalizing data privacy technology, implementing the required safeguards and governance workflows requires both the support and leadership of IT.
Third-Party Risk Spreads Like a Virus Among Work From Home Employees
Even sophisticated companies that dedicate ample resources to information governance often end up with gaps when it comes to third-party risk management. Now, as employees and third parties adopt new, unvetted applications to do their jobs from home, these gaps have become even greater. Organizations are under tremendous pressure right now—but making time to holistically assess and manage third parties will pay long-term dividends in reducing risk, while employees work remotely, and when they eventually return to the workplace.
Q&A: Aisha Brackett Discusses Diversity, Taking Risks and Finding Your Voice for Change
FTI Consulting is working toward becoming a more diverse, equitable and inclusive workplace, and ensuring our teams represent the many races, genders, lifestyles, ethnicities and cultures of the regions and communities where we live and work. The events of this year have shined a glaring light on the fact that there is much more work to be done. To help facilitate change, we’re engaging our teams in open conversations about tough topics. As part of that effort, we recently interviewed Aisha Brackett, a computer forensics consultant in the Technology segment’s London office, to learn more about her experiences as a Mixed Race woman with Black Heritage working in technology consulting.
It’s Official. The California Privacy Rights Act of 2020 is Coming.
Along with countless significant decisions, November 3 brought the passage of a long-awaited update to California data privacy law. This week, the California Privacy Rights Act of 2020 (CPRA) passed with a majority vote as expected, adding to and modifying the requirements and enforcement of the California Consumer Privacy Act (CCPA).
A Peek Behind the Curtain of Information Governance Practices Across Startups and the Fortune 500
Information governance (IG) is becoming more difficult. Data volumes are exploding, regulations are emerging and changing and large workforces are widely dispersed across at-home offices. Just as an organization gets a handle on the data from one new system, five more are onboarded. For many legal, compliance and privacy professionals, IG progress may feel like two steps forward, one step back.
October is Black History Month in the U.K. In honour of this important month, and as part of FTI Technology’s commitment to improving diversity, equity and inclusion in our firm, we are elevating the voices of our Black colleagues across the organisation. By engaging our people in candid conversations about racial bias, social injustice and workplace inequality, we hope to raise awareness of these issues and collectively contribute to important worldwide change.
Roundtable Discussion: How a High-Stakes FTC Quick Look Inspired E-Discovery Workflow Innovation
The E-Discovery Consulting & Services practice within FTI Consulting’s Technology segment recently completed e-discovery for a Federal Trade Commission quick look as part of the second request for a merger between two healthcare industry companies. Using Brainspace’s Technology Assisted Review (TAR) model, the team developed novel workflows to enable efficient e-discovery in the face of a number of unique circumstances. We recently chatted with the team involved on the case, which was led by Senior Managing Director Wendy King and included Managing Director Jon Murdock and Senior Director Myron Williams, to understand how the matter was different from other second request inquiries. They discussed the challenges involved and shared details around the new workflows FTI developed as part of the engagement.
How Life Sciences Organizations are Re-Examining their Compliance Operations and Technology
FTI Technology Senior Managing Director Rena Verma recently attended the 17th annual Pharmaceutical Compliance Congress. We asked Rena to share the insights she gathered from fellow risk and compliance experts, and her observations on the key issues facing the pharmaceutical industry.
E-Discovery Predictions Revisited
So far, 2020 has been…. an “experience." The challenges our industry had braced for, the opportunities we planned to seize, have been suddenly upended in ways we never would have anticipated. At the end of last year, our team shared a few predictions for what was to come in 2020. They weren’t wrong, but the landscape in which they are coming to fruition has changed significantly from what we envisioned. Now, looking at the wake COVID-19 has left behind to date, it’s a good time to revisit those predictions and revise them to match the way the world, the legal industry and e-discovery have changed this year.
SEC Cyber Report Focuses on Information Governance Best Practices
In January, the Securities and Exchange Commission (SEC) released its most substantial cybersecurity guidance to date. The report, “Cybersecurity and Resiliency Observations,” was the result of examination findings and research from the last five years, much of which was led by the commission’s Office of Compliance Inspections and Examinations (OCIE). This is the first comprehensive guidance we’ve seen from the SEC’s cyber unit since it was established several years ago. In many ways, it reads as an examination pamphlet—outlining the essential information security practices and programs a financial services institution will need to have in place to stand up against a government raid, inquiry or investigation.
Why Global Reach and Local Expertise Matter in Cross-Border E-discovery
The interconnectedness of people, organizations and nations around the world has never been more apparent than it is today. The ongoing and rapid increase in globalization has driven change and growth in countless industries, transformation in business processes, diversification in economies, and yes, even widespread pandemics. It has also led to a spike in cross-border legal and e-discovery matters—a trend that is continuing on an upswing. Navigating international e-discovery in the best of circumstances is a challenge for even the most sophisticated attorneys. It is more so now, as legal teams struggle to adapt their work in the midst of this global health crisis.
When Employees Work from Home, Compliance Culture Requires Extra Care
The last two months have given businesses many new issues to consider and practices to re-examine. Alongside introducing unexpected risks, the sudden shift to working from home has disrupted corporate culture, and more specifically, culture as it relates to compliance and privacy practices.
In the Midst of Significant Change, E-Discovery Providers Need Agility and Foresight
Collaboration and new forms of communication are steadily gaining on traditional channels. Worldwide revenue for this market reached more than US$38 million last year, and is growing more than 15 percent year-over-year in EMEA. In an e-discovery context, this increasing adoption of collaboration applications and tools—including Microsoft Teams and OneNote, Slack, Telegram, Zoom, etc.—is a prelude to stark change.
Maintaining Continuity as We Adapt to The New Normal
At FTI, we have adapted our e-discovery offerings to adhere to pandemic-related stay-at-home orders and distancing policies. In this guide, we share the steps we have taken to maintain continuity with the hope you can apply them to your own organization and teams.
Q&A: Geoff Budge Leads Technology Practice in South Africa, Offers Business Guidance for COVID-19
Managing Director Geoff Budge has been working with FTI clients in South Africa for more than three years. Now, he is building a team of experts and solutions for the newly-established Technology practice in South Africa. His team will focus on expanding in the region and delivering the Technology segment’s client-centric, flexible model across e-discovery, information governance, risk, data privacy, security and legal operations solutions. We talked to Geoff about this move, and his thoughts on the biggest issues corporations in South Africa are facing during the current pandemic.
Q&A: Renato Fazzone Discusses Expanding Footprint and Client Service in Germany
The recent appointment of Renato Fazzone as Senior Managing Director and Germany Head of Technology established our permanent presence in the German market for our Technology practice. Backed by more than 15 years working in e-discovery and litigation support, as well as advising clients on corporate fraud and antitrust matters, Renato is eager to expand our offerings and expertise to clients in the region. We recently sat down with him to discuss his vision, the top issues impacting German corporations today, and how the COVID-19 pandemic is impacting FTI’s offerings.
Managing Your Software Assets in the New World of COVID-19
Life endures even in the most difficult situations—and it adapts and evolves to meet new challenges. Now, as we watch, and fight back against the spread of COVID-19 worldwide, we are arriving at the very edge of an evolution, a new future, a new workspace model that tackles today’s limitations. With COVID-19 leading to lockdowns, organizations are facing their unique challenges as they try to cope with both the safety of their people and the continuity of business. This article will explore some of these changes related to IT and software assets, along with their potential consequences.
News Roundup: Blockchain and Cryptocurrency Activity and COVID-19 Pandemic
We are living in unprecedented times. Every industry, every profession, every nation has now felt the impacts of the global COVID-19 pandemic. Even though many of us have more time on our hands due to mandated or self-imposed isolation, there still aren’t enough hours in the day to keep up on all of the news. Our Blockchain Advisory and Cryptocurrency Disputes, Investigations and Litigation (CDI&L) team has been watching the news closely as it relates to cryptocurrency and blockchain opportunities and deployments. While not all encompassing, the round-up below highlights some of the most interesting industry news we’re seeing to date.
COVID-19: The Call for Personal Data Hygiene
Coronavirus is everywhere, figuratively and literally. It has overtaken our news, social feeds, and nearly every message and exchange. We’re getting a glaring reminder of the importance of strong personal hygiene (wash your hands!). But what about information hygiene? Beyond the devastating impacts on health infrastructure, human life and the economy, this crisis is also exposing new risks to personal data.
Q&A: Legal Industry Expert Brings Technology Segment to Ireland
Grainne Bryan recently joined our Dublin office as a Managing Director to help establish and lead the Technology practice in Ireland. Joining from a corporate law firm, Grainne brings two decades of experience in the legal industry. Her background includes developing and implementing individual solutions to complex projects and standardising workflows and processes for projects involving all aspects of document identification, collection, production and review. Grainne sat down with us to discuss her new role and how the technology landscape is evolving not only in Ireland but globally.
Like with all other disruptive technologies, in blockchain and cryptocurrency, the leapfrog game of new challenges, new advancements and new laws, will continue as the space matures.
Q&A: Successful E-Discovery Starts with Comprehensive Case Management
In e-discovery, counsel and review teams are juggling a lot of moving parts. Between collecting data across numerous locations and data types, assessing key facts, establishing workflows and determining which analytics to apply, e-discovery teams have little time to worry about the logistics of project management. At FTI, Emily Seabury and Elizabeth Noble are among the team of case managers behind the scenes, making sure everything runs smoothly from start to finish. They and FTI’s broader client teams aspire to always be anticipating the next steps to reach a client’s goal, so that the client need never to ask for an update or flag something that needs to be done. We sat down with Emily and Elizabeth to discuss our case management system, and why it is so crucial to ensuring successful outcomes for client matters.
Q&A: David Meadows Joins FTI, Eyes Innovation in E-Discovery and Investigations
Newly appointed as a Senior Managing Director, David Meadows is bringing his e-discovery and computer forensics expertise to FTI Technology’s E-Discovery Consulting & Services and Digital Forensics & Investigations practices. Based out of the Chicago office, David will help clients leverage advanced analytics to reduce cost and risk around their data challenges. He sat down with us to discuss his new role and his thoughts on innovation.
2020 + CCPA = $55 Billion Spend for Businesses
The California Consumer Privacy Act (CCPA) has arrived, and businesses are bracing for the financial impacts. Every company’s risk and compliance posture is different, and each company’s data footprint is unique, so the cost of compliance will range from company to company. Generally, estimates from the California Department of Justice project that compliance will cost up to $50,000 for small businesses and $2 million for companies with more than 500 employees. This totals a forecasted $55 billion in initial expenses to operationalize the new requirements.
Federal Cryptocurrency Regulation Introduced for 2020
As 2019 came to a close, and pundits looked back on the tumult of regulatory changes that shaped the last decade, lawmakers slipped in a few final bills. One, introduced in late December by U.S. Congressman Paul Gosar from Arizona, has the potential to make waves in the financial world. The Crypto-Currency Act of 2020 was drafted to add clarity to the cryptocurrency industry and provide a clear framework for crypto regulations in the U.S.
The Most Interesting Cryptocurrency Stories to Close out 2019
Cryptocurrency news heated up at the end of 2019. The second half of the year also brought a wave of new litigations around cryptocurrency misuse, fraud and theft. I expect we’ll see even more of this in 2020, along with a surge of interesting news. Industry watchers can expect a range of cases, from the state level, all the way up to far-reaching cross-border matters, as criminals find new ways to leverage crypto markets to further their malicious interests.
2020 Forecast: Expect Landmark Changes in E-Discovery, Data Privacy and Investigations
Across our practice areas, we asked our experts to share their predictions for what will shape legal, compliance and information governance in the coming year. Below is a roundup—across new laws, emerging technology and key industries—of what they expect will make the biggest impact to businesses worldwide.
Cryptocurrency Trends to Watch
Today, there are more than 2,200 types of cryptocurrency in the global markets. An estimated 34.6 million digital wallets are in use. Between new client matters and a gripping news cycle relating to cryptocurrency regulations, scams and investigations, our team has identified several key trends impacting the industry.
Europe’s highest court, The European Court of Justice ("ECJ") in Luxembourg, ruled on two cases last week involving GDPR’s right to be forgotten as it applies to information available on the internet. In the first ruling, the court held that the privacy rule cannot be applied outside the European Union. In the second, the court said the right to freedom of information must be balanced against the right to privacy and specifically the right to have links related to certain categories of personal data automatically deleted.
Hacking, Extortion and Stolen Coins: Unraveling a Major Cryptocurrency Breach
When one of the world’s largest cryptocurrency exchanges was breached in May of this year, few in the industry were surprised. Cryptocurrency exchanges have long been appealing targets of malicious actors looking to steal currency and personal information. But this recent breach, which will potentially impact tens of thousands of cryptocurrency investors around the world, is particularly unique. The series of events that has unfolded in its aftermath serves as a stark reminder that the criminals looking to profit from this industry are both sophisticated and highly motivated.
Questions Arise Amid IRS Crackdown on Cryptocurrency Investors
In July, more than 10,000 cryptocurrency investors received warning from the IRS that they may owe taxes on improperly reported income. Weeks later, another round of letters were sent to some, outlining the amount of taxes owed for cryptocurrency gains and demands for payment. These letters are likely the tip of the iceberg in a long-anticipated IRS crackdown on crypto income—the latest in a series of government activity in this arena.
In Two Decades, E-discovery Has Changed and Stayed the Same
E-discovery is a continually changing practice. For approximately two decades now, it has played a tremendous role in shaping the legal world. As e-discovery’s influence and prevalence has grown over the years, the technologies, economics, processes and expertise around it have in many ways become unrecognizable to what they were in the early 2000s. Still, much about the field has also remained the same.
Tips and Tricks for Streamlining Complex Cases
E-discovery matters are more complex than ever before. While the legal industry now has access to powerful tools that can significantly reduce the time invested in manual processes, lawyers are at the same time facing exploding data volumes and an ever-growing spread of data sources and evidence types.
Client Service in Case Management: Q&A with Elizabeth Noble
Senior Director Elizabeth Noble is an unsung hero. As a case manager for some of our largest and most complex e-discovery matters, she is a strategic driver for the backend work that ensures a case goes smoothly. We sat down with her for a discussion about her role, and the importance of case management in saving time and money in e-discovery.
Cryptocurrency Regulation Round Up
The regulation of digital currency markets in the U.S. and abroad remains foggy. Today, the Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission (CFTC) have been vague regarding how tokens and crypto-based assets map to traditional securities. Clear guidance has not emerged. However, even in the absence of guidance, regulators are bringing forth enforcement actions against companies believed to have engaged in improper cryptocurrency operations.
The digital universe will explode to 40 trillion GB of data by 2020. The total Internet of Things market is forecasted to hit $520 billion in the next two years, and will account for at least 10 percent of the total digital universe. We’re talking 4 trillion GB of IoT data in the foreseeable future. All this data, and the ways in which it is collected, stored and secured is intersecting with the blending of corporate and personal worlds, raising important questions about data privilege, compliance and the future of digital forensics.
SEC Weighs in on Crypto Project, Offers Limited Guidance
In early April, the Securities and Exchange Commission issued its first "no-action" letter regarding business use of blockchain-based digital assets. The letter was in response to a proposal from an air charter provider looking to launch a blockchain-based token platform to facilitate sales for air charter services. While the SEC’s response does offer some guidance, it outlines very restrictive conditions for the proposed program and is not particularly actionable for the broader business community.
Cryptocurrency Pyramid Scheme Investigations Continue Worldwide
In March, news broke of fraud and money laundering charges brought against the leaders of the global, multi-billion-dollar OneCoin cryptocurrency pyramid scheme. The story has continued to develop in months since, with arrests made and new information revealed about the extent of the damages that have followed in its wake.
TMT Boards Threaten 2020 Growth if they Ignore Data Privacy Today
This year will see real progress in 5G network implementation, an expansion of the connected device marketplace, further adoption of applied AI and the advancement of ad-tech capabilities. These constituent parts will more noticeably converge and begin to firm up the long-term vision of global commerce, in which online platforms will have greater reach into the real world and the consumer’s data will fuel unprecedented insights and outcomes. In parallel with this push into the future, global Technology, Media and Telecom (TMT) corporations will continue to struggle with data privacy regulatory risk.
Cryptocurrency Market Activity Signals Trends to Watch
On April 2, Bitcoin mysteriously spiked to $5,000, reaching nearly five-month highs in just a 60-minute period. Some experts think this jump may be the beginning of a renewed surge in cryptocurrency value.
Digital Asset Protection Gains Momentum: Considerations for Insurers
Insurance claims involving cryptocurrencies are on the rise. Today, the industry is not fully prepared for how to deal with them. These claims seem like familiar claims on the surface, but have incredible uniqueness due to the involvement of cryptocurrencies.
As the trend continues, Texas has joined other states in the data privacy ring by introducing two privacy and data protection bills. Both bills are aimed at protecting personal information and holding companies accountable for data security.
Ad Techs and Transparency Issues take Center Stage for GDPR Enforcement Activity
In many ways, 2018 was a year of waiting. Waiting first for the General Data Protection Regulation (GDPR) to go into effect on May 25th. Then waiting again to see how regulators sought to investigate privacy complaints and enforce the new law. Now within the first two months of 2019, we’ve seen the beginnings of the anticipated uptick in European enforcement activity. And it is not a surprise to see the ad-tech space drawing most of that regulator attention.
In the last half of 2018, GDPR enforcement activity among data protection authorities across Europe saw a steady uptick and the trend will continue in 2019. Organizations in a broad range of industries received public reprimands, enforcement notices and fines. Violations ranged from data breaches, to lack of security practices and failure to obtain consumer consent to collect data.
Five Lessons Learned from Early GDPR Fines
Earlier this month, data protection authorities in Portugal doled out a €400,000 fine to a hospital for failure to apply appropriate access controls over digital patient data. This is one of the first penalties we’ve seen issued under GDPR since its enactment earlier this year. There are several interesting elements of this particular case, one of which is the fact that fines were imposed even though no data breach event occurred.
GDPR Compliance - The Unintended Consequences for Organisations
GDPR has made data protection a reality not only for heavily regulated industries but for all organisations. Once seen purely as a legislative burden, GDPR compliance is now providing organisations with a range of benefits.
Paris Calls for Cybersecurity Peace
This week, the President of France issued the Paris Call for Trust and Security in Cyberspace. The document is a cybersecurity pact seeking consortium of technology companies, governments and NGOs to improve the stability and safety of the internet. With its unveiling, the declaration touted support from some of the tech industry’s largest players and a handful of countries in Europe.
Are Data Subject Access Requests a Trick or a Treat?
It’s that time of year… no, not when bands of trick-or-treaters are traipsing up your walk, but when the ghoulish specters called data subject access requests (DSARs) are going to start flooding in.
Recommended Reading: $17 Million Settlement in US Privacy Suit
A California-based consumer electronics company has agreed to a $17 million settlement in a lawsuit that claimed the company installed data-tracking software on its internet-connected smart TVs without notifying customers, and then profited from the sale of the personally identifiable information to advertisers.
Recommended Reading: Examining Safeguards for Consumer Data Privacy
For those interested in the growing momentum around broader US data privacy protections, I wanted to flag a recent Senate hearing on “Examining Safeguards for Consumer Data Privacy.” On Wednesday, September 26, 2018 the Senate Committee on Commerce, Science, and Transportation met to examine consumer protection and privacy policies of top technology and communications firms.
Recommended Reading: Data Breach and Potential Class Action in UK
After a recent data breach, a law firm is threatening the company with a potential class action lawsuit, citing Article 82 of the U.K. Data Protection Act. Specifically, the law firm is citing the "right to compensation and liability" — which states, "Any person who has suffered material or non-material damage as a result of an infringement of this regulation shall have the right to receive compensation from the controller or processor for the damage suffered."
Latest iOS Update Makes Evidence Deletion Easier
In May, Apple released iOS 11.4, and with it, new features for storage and synchronization of Messages to iCloud. Our team has written before about the e-discovery and digital forensic investigations challenges that can arise when Apple updates operating system functionalities. The changes in 11.4 yet are another example of how this continually moving target can impact organizations that are required to preserve, collect and review data from Apple devices for legal, regulatory and investigative matters.
Regulatory Compliance as a Competitive Advantage
Next year, firms around the globe will be impacted by some of the world’s toughest new regulations and privacy requirements. Adapting to this new landscape was a key topic at The Lawyer's Managing Risk and Litigation conference.
iOS 11 Has a New Passcode Workaround. Here’s What Counsel Needs to Know.
For years, mobile devices have introduced a slew of new challenges into e-discovery and digital forensics investigations, from data encryption and proliferating hardware to rapidly changing third-party applications. Debates continue between law enforcement agencies and technology companies about mobile device encryption and whether criminal investigators should be given back-door access to suspects’ phones. Just last week the U.S. Deputy Attorney General spoke out against Apple on this very issue, saying law enforcement should have access to investigate the communications of the shooter in the recent tragic Texas shooting.
Q&A with Sandeep Jadav, FTI Technology’s new Managing Director for Asia
We recently appointed a new Managing Director to lead the Technology team in Asia. Sandeep Jadav is joining the tech team from Ernst & Young, and brings more than 17 years of experience in leading teams in forensic technology. We sat down with him to discuss his new role, how the field has evolved over the course of his career and his thoughts on emerging trends and challenges impacting corporations doing business in Asia.
Equifax Breach a Category 4 or 5 Attack, but By No Means Unique
Late last week, we learned that Equifax was breached via a simple web application weakness, and over 143 million consumers’ records were compromised. The bad (worse) news is that this story is not unique, and this is by no means the final chapter.
Advice From Counsel Featured in Security Technology Executive Magazine
With organizations increasingly challenged to support the modern workplace environment – mobile phones, remote employees, cloud collaboration sites, social media, IM platforms and chatrooms – while keeping this data secure and easily retrievable for legal or regulatory needs, we at FTI conducted the latest iteration of AFC to uncover how legal teams are handling the challenges.
How Counsel Can Leverage the Power of IG
While information governance is often thought about in the context of data security and IT efficiency, there is an equally important factor that deeply resonates with a corporation’s board and C-suite: reputational risk.
The legal industry is hungry for guidance on how to deal with the explosion in cloud-based applications and new data types that are creating headaches for organizations of all sizes. While the threat of big data has cast a shadow over IT and legal departments for several years, the real challenge is proving to be the variety of data, and it is quickly defeating traditional collection and review tools and strategies.
Part 2: The Evolution of Predictive Coding in Australia
Paul Hunter shares some comments on what lawyers in Australia need to keep in mind as predictive coding gains adoption in the region.
The Evolution of Predictive Coding in Australia
Phil Smith, a director in FTI Technology’s Melbourne, Australia office, is an expert advisor to clients looking to implement predictive coding. He shared some insights on how the technology is evolving in Australia and FTI’s efforts to help clients update strategies and streamline e-discovery reviews using technology that is still nascent in the region.
We Now Have an Instruction Manual for Data Security Programs
Target’s multistate settlement ($18.5MM) for their 2013 data breach is the strongest evidence yet that Data Governance and Security is impacting organizations in every vertical and geography.
Evaluating Network Permissions in Investigations
Jim Scarazzo explains how risk, IT, legal and compliance intersect across the many stages of investigation.
FTI Discusses Information Governance Enforcement in InformationWeek
Sean Kelly highlights steps IG teams can take to build enforcement into their policies from the outset.
A Lawyer’s Role in Microsoft 365 Migration
O365 migration should be viewed as a critical business initiative that requires the involvement of the legal department as one of the primary decision makers every step of the way during a migration.
IG Engagement, Enablement and Change to Ensure Policies Aren’t Collecting Dust
Policy enforcement is a challenging task for most organizations – more so for those in regulated industries that have a highly complex legal and compliance profile.
Microsoft 365 Migration Considerations Discussed in Computer Business Review
With increasing adoption of Microsoft 365 (O365), analysts have indicated the migration process has arisen as an acute pain point from an information governance and e-discovery perspective.
ILTA Peer-to-Peer: Skills You Need To Summit the Mountain of Data Challenges
In a recent FTI Advice from Counsel study, 76 percent of respondents said that while they do have information governance programs in place, initiatives ranged across 30 different areas of focus. These included data security, budget transparency, efficient records retention, data analytics, compliance, risk prevention and optimizing data for litigation needs, and underscore the difficulty many legal teams have in focusing their IG efforts.
Understanding How Analytics and Linear Review Can Coexist
Despite increasing adoption of new technologies in the legal space, the vast majority of legal teams are still not implementing analytical tools in a way that can truly make a difference to alleviating their overall e-discovery burdens and growing expenses.
Best Practices for Mobile Device Collections
FTI Technology Managing Director Colleen Casey Voshell recently teamed up with colleague T. Sean Kelly to share some insights on dealing with mobile device data collection and e-discovery. Voshell and Kelly agree on the importance of counsel understanding policy issues, data privacy concerns and software limitations that come into play when dealing with mobile data.
FTI Shares Information Governance Philosophy in Cybersecurity Law & Strategy
One of the most meaningful elements of information governance is how it can drive the differentiation of data types and enable stronger security protocols around a corporation’s most sensitive data.
What Corporations Need to Know About Location Spoofing
FTI Technology’s digital forensics expert David Freskos shared some insights on current issues with location-based services, and what corporations need to consider in today’s landscape.
Lessons Learned in Canadian Competition Law
In a recent merger, a Canadian corporation was tasked with responding to the Competition Bureau’s request for supplementary information, known as a Supplementary Information Request (SIR), similar to Second Requests in the U.S. Working closely with the client and FTI’s team of experts, Tim Klinger, Managing Director at FTI Technology and the lead for the company’s practice in Canada, helped the client implement FTI’s Ringtail e-discovery software to review approximately 420 GB of data that was potentially relevant to the government’s request.
A Prescription that Works: Analytics for Healthcare Companies
In a recent article in New Jersey Law Journal, FTI Managing Director Colleen Casey Voshell wrote about how analytics tools can boost information governance initiatives for healthcare companies and other corporations in highly regulated industries. Because healthcare organizations must juggle the tasks of maintaining compliance with regulations, dealing with a high volume of litigation and securing sensitive data that contains customer and/or patient information, information governance and overall data management are becoming exceedingly difficult to navigate.
Whether unexpected or the result of an internal investigation, an enforcement action by the Securities and Exchange Commission (SEC) or Department of Justice (DOJ) can burden even a prepared organization and result in serious financial consequences. With the number of Foreign Corrupt Practices Act (FCPA) enforcement actions proliferating across industry types and organization sizes, and fines growing larger each year, it is increasingly important to execute investigations with speed and efficiency.
We’re pleased to announce that FTI Consulting is a top provider in 13 categories in the first-ever Best of Corporate Counsel survey. Corporate counsel voted in a range of categories across hundreds of software and services providers in the legal industry.
Sedona Working Group 6, Data Privacy Best Practices & Brexit
QA with Craig Earnshaw, Senior Managing Director, FTI Technology
Sophie Ross Discusses FTI’s Approach to Unlocking Foreign Language E-discovery
Given the global nature of e-discovery today, the need to review documents in multiple languages is a challenge facing an increasing number of corporate legal teams. Even the most sophisticated legal departments, with fine-tuned e-discovery processes, still struggle with the review phase when non- English language documents are involved.
Multi-National E-discovery During Privacy Shield Limbo
In October, the High Court of the European Union made a ruling that nullified the existing Data Safe Harbor agreement between the EU and the U.S., which since 2000, outlined rules allowing the transfer of protected data from Europe across our borders. The safe harbor agreement provided a way for U.S. companies to migrate personal data originating in the EU, to the U.S. for e-discovery and regulatory purposes, in a way that was consistent with the EU Data Protection Directive.
Understanding the Impact of Anti-Forensics Techniques
As a computer forensics investigator, FTI Consulting’s Bryan Lee examines evidence of corporate employees stealing data, embezzling company funds, committing fraud, and performing a wide range of other nefarious activities. In many of the cases Bryan has investigated, the employee attempts to cover their tracks using various methods such as deleting their internet history. Recently, there has been an upward trend in users altering their computer prior to performing their intended actions.
Monumental Ruling on Predictive Coding in the UK
By now you have probably heard about the February 16th ruling in the case Pyrrho Investments and MWB Business Exchange v. MWB Property and others by Master Matthews of English High Court. In the ruling, Master Matthews outlines many of today’s e-discovery (or ‘e-disclosure’) challenges for litigants – the growing mountain of data for any-sized litigant, and the shortcomings of keyword searches.
Legaltech New York (LTNY) 2016
We’re excited to discuss some of the biggest trends impacting the legal industry at Legaltech New York (LTNY) 2016. Learn more about our day one panels featuring noted industry thought leaders from the bench, corporations and law firms.
2015 Winds Down Following Record Awards Season
FTI had a busy year in 2015 on many fronts – from the launch of Information Governance and Compliance Services and Ringtail 8.5 to important work on landmark cases, thought leadership at industry events and awards recognitions. Our teams have worked diligently to improve every year in providing clients with meaningful product innovation, the most seasoned experts and overall best legal software and services in the industry.
Show themes reflect e-discovery’s evolution from a niche concern to an area intrinsically connected with the biggest problems facing law, business and government today.
Dynamo Q&A with Expert Witness Jim Scarazzo
On September 17 Judge Buch of the U.S. Tax Court made an important ruling in favor of predictive coding in the Dynamo Holdings Limited Partnership, Dynamo GP, Inc., tax matters partner, et al v. Commissioner of Internal Revenue case. This is the Tax Court’s first ever opinion regarding how to conduct e-discovery, and FTI’s own Jim Scarazzo served as an expert witness in court and was cited several times in the ruling. Here is a short Q&A with Jim about the case and his involvement.
Study Uncovers E-discovery Trends In Asia
Economic globalization is driving an increasing amount of activity in Asia, taking U.S.-based multi-national corporations to the Far East and into highly charged legal and compliance environments. This, intersecting with regulatory activity stemming from the Foreign Corrupt Practices Act (FCPA) and UK Bribery Act is driving increased e-discovery in Asia.
Dealing with Big Email in E-discovery
David Grant, a senior managing director at FTI Technology, recently contributed a two-part article to InsideCounsel on the issue of big email, and how corporate legal departments can address the many challenges that result from an e-discovery standpoint. In the article, David offers counsel an alternative to the standard comprehensive review process that is undertaken at the outset of most e-discovery matters.
Advice from Counsel | Part 3: The Emerging E-discovery Playbook
The first two posts in this series highlighted some fascinating findings from our annual Advice from Counsel study, providing recommendations for the top corporate e-discovery ‘plays’ according to legal departments at Fortune 1000 corporations. Some of the top practices touched on included preservation and collection, when to utilize service providers, tackling the uncertain waters of predictive coding and leveraging data re-use. In addition to the five overarching ‘plays’, the survey respondents also weighed in on other pressing matters that are impacting e-discovery today, and will continue to do so in the near future.
Advice from Counsel | Part 2: The Emerging E-discovery Playbook
In an earlier post we introduced some interesting findings from our annual Advice from Counsel study and highlighted some in-sourcing and outsourcing trends that corporations are exhibiting as part of their overall corporate e-discovery playbook. While the previous post discussed “plays” around collection and preservation, as well as guidelines for choosing service providers this post will focus on the smart plays around predictive coding and data re-use.
Advice from Counsel | Part 1: The Emerging E-discovery Playbook
Is there an ideal corporate model for e-discovery? One that can evolve as new challenges emerge, but still provide budget certainty and process efficiency? These are among the questions we explored with Fortune 1000 inside counsel for our annual Advice from Counsel study conducted in partnership with legal technology expert Ari Kaplan. The results are now in and they show, attorneys across the board moving toward a corporate ‘playbook’ that will guide e-discovery in the coming years.
Advice from Counsel | Information Governance, Baseball, Plain White T’s
In early June, we invited in-house e-discovery professionals from D.C., Virginia and Maryland to the latest Advice from Counsel summit. It was an informative gathering with lively roundtable discussions amongst peers on interesting e-discovery topics such as: judges ordering the use of predictive coding, indexing data by concepts, the practicality of co-operation and disclosure of predictive coding to opposing counsel, whether it’s possible to conduct privilege reviews using predictive coding and even securing executive buy-in for “spring cleaning” data remediation projects.
Advice from Counsel | LegalTech Insights
FTI will soon announce the full results of our annual Advice from Counsel (AFC) study in partnership with legal technology expert Ari Kaplan. This will be the fifth year we have studied key challenges, habits and trends at Fortune 1000 corporate legal departments, and delved into discussions with these organization’s counsel and e-discovery experts to bring forth practical advice and insights to the industry.
Part 2: Beyond the hype – Common Use Cases for Predictive Coding
Part 1 of this post introduced some strategies for combining predictive coding with analytics technologies that were discussed on one of FTI’s LegalTech panels in February. Senior managing director Kathryn McCarthy moderated the discussion with Honorable Judge Andrew J. Peck, Jason Lichter from Pepper Hamilton and Eric Leiber of Toyota Motor Sales. In addition to covering case law around predictive coding, they offered three key use cases for when these technologies can best be applied together. In the earlier post, we summarized their recommendations for second requests. Here we discuss internal investigations and depositions.
Part 1: Beyond the Hype – Common Use Cases for Predictive Coding
Predictive coding is overhyped to the extent that while few legal teams consistently use it, the topic itself is practically passé. Yet in conversation corporate counsel and law firm attorneys express the need to cut through the hype and understand how to use and defend predictive coding.
Predictive Coding: Unanswered Questions?
Just one more week to Legal Tech New York and the panels are putting the finishing touches on presentation materials. Our 10:30 am session on Wednesday the 5th covers predictive coding from a different angle than most conference sessions. First, we’re fortunate to have distinguished legal professionals representing the bench, corporate in-house teams, as well as law firm counsel. Secondly, the focus will be on practical advice for using predictive coding for three common use cases – Second Requests, in-house investigations and litigation. And last but not least, the panel will discuss some of the unanswered questions as it relates to predictive coding. This includes the debate on whether or not to disclose the use of predictive coding, the role of keywords, and also knowing when predictive coding may not be well-suited for your case.
If you’ve ever been asked “what are the rules?” when it comes to collecting, processing or reviewing data overseas, or if you’ve ever asked that question, this is the LegalTech session for you. Our expert panel with diverse profiles – law firm, corporation, analyst firm – have all been asked at one time or another to quickly sum up the data privacy rules. How is China different than Brazil? What if employees sign consent forms upon hiring? How does the Snowden/NSA leaks change the game?
LegalTech New York Panelists Announced
You’ve heard the theoretical discussions on e-discovery – now learn the actionable steps to manage it in a faster, defensible, cost-effective and strategic manner. These practical, interactive sessions will focus on how inside counsel and law firms can utilize new technology and processes to take control of e-discovery.
The National Law Journal just published an article co-authored by Richard Kershaw of FTI Technology and Mike Vella of Jones Day, on the important topic of e-discovery in China. Both of these professionals have extensive experience managing matters from this region, and the article is a must-read for any legal team with offices in China. State-secrecy laws, the intersection of “BYOD” (bring your own device) and investigations, and other common scenarios are discussed.
Abe Lincoln Used Visualizations, Too
It’s easy to think that the world’s move towards more visual representations of data is relatively new. Think of the increased number of infographics in newspapers, GIFs on the web or even icons on your desktop. But in fact, did you know that the first infographic was invented in 1786? And that even Abe Lincoln appreciated how infographics were able to convey complex information in a simple manner?
Compliance Week West: Data-Intensive Investigations in an Age of Evolving Compliance Standards
FTI Technology experts speak at numerous events in any given year, and the audience is often comprised of counsel with e-discovery responsibilities. This Compliance Week West event in Menlo Park, California, was a nice opportunity for us to present to a different audience – compliance and risk officers – on a very important issue impacting both e-discovery and compliance professionals: data-intensive investigations.
What’s the cure for a BYOD headache? Our consultants are asked this almost daily. And of course, while there isn’t an easy answer to this question, the risks BYOD pose are very real (i.e. IP theft, etc.). As a follow-up to his ARMA 2013 panel on collection best practices, Technology’s Veeral Gosalia outlined some of the complications and best practices with BYOD and e-discovery in a Tech Target article this week.
Can Predictive Coding Provide Greater Information Governance? – ARMA 2013
These two terms – “predictive coding” and “information governance” – generate a lot of industry buzz but our most recent Advice from Counsel survey results indicate adoption is lagging. So this ARMA 2013 conference session was designed to provide ARMA attendees with practical knowledge of predictive coding and examples of how leading-edge companies are using it for more than just e-discovery.
How is Case Law Impacting Record Managers and Self-Collection? – ARMA 2013
As ARMA evolves into an organization focused on helping companies address information governance challenges, we were proud to participate in the ARMA 2013 conference with two stellar panels.
FCPA Investigations and Data Privacy
If you’re involved in FCPA investigations, or any type of cross-border discovery matter, take a minute to download survey results of 114 FCPA professionals. In it, respondents share their thoughts on key trends and best practices for matters ranging from FCPA, the U.K. Bribery Act, and whistleblower investigations.
Assessing Your Budget Transparency
How much do you spend on e-discovery each year? Or on each matter? If you don’t yet have a process in place to calculate e-discovery costs and measure ROI of your e-discovery program, you’re not alone.
KMWorld Names Ringtail as a "Trend Setting Product"
It’s always nice to receive industry recognition, especially for products and services that provide tangible benefits for clients. This year, KMWorld named the software as a service (SaaS) version of Ringtail as a trend-setting product.