As Middle Eastern countries ramp up their regulatory oversight and rigor over data protection, companies in the region are seeking guidance on how to evaluate their risk, implement data privacy frameworks and uphold compliance. FTI Consulting is filling this need through the expansion of its IG and data privacy practice in MENA. Senior Director Ben Crew recently joined FTI Consulting to head up the Information Governance, Privacy & Security (IGP&S) practice in the region. We recently chatted with Ben about his new role and the regulatory climate in MENA.
E-discovery, data privacy and information governance risks are increasingly intersecting in today’s organizations. In turn, the ways corporations manage their data, approach compliance and react to legal matters must evolve quickly. FTI Technology’s teams are focused on addressing these new challenges and opportunities. The recent addition of Managing Director Brandon Lee to the team is a prime example of FTI’s ability to provide solutions and expertise that bridge the most pressing legal, regulatory and data issues. We recently interviewed Brandon about his new role and his unique strategy for supporting in-house legal teams.
Organisations that operate globally are subject to the ever-changing and continually developing regulatory landscape, which is challenging to comply with without a robust privacy and information governance backbone. In this blog, Ines Rubio, looks at how using aids such as privacy management technology to stay on top of processing activities and legal requirements will facilitate compliance teams’ work and serve as the go-to resource for updates, queries, and research on regulatory changes.
Demand for e-discovery and digital forensics capabilities is growing rapidly in Ireland. FTI Consulting is stepping up to the market’s emerging needs with the expansion of experts in the region and solutions to address the increasing complexity of litigation, investigations and governance in today’s climate. We recently spoke with Conor Gavin, a Senior Director in the segment’s Dublin office, to discuss his focus for supporting clients in Ireland and what he sees as the key issues for the year ahead.
How content is created and shared on digital platforms is coming under increasing scrutiny with Regulators and the public calling for online platforms to take on more responsibility. Regulation has been on the horizon with France coming close to passing law to regulate online hate speech (subsequently struck down in court due to freedom of speech concerns) and the Online Harms Bill was proposed by the UK in 2019.
The ePrivacy regulation has had an uncertain path, and at times it seemed as though there would be no regulation introduced at all. One of the main stumbling blocks is the impact on online behavioural advertising and cookies walls on websites. However, in mid-February, the Council of the European Union’s Presidency announced a breakthrough: member states finally reached an agreement on the draft text. The next stage will be negotiations between the Commission, the Council, and the European Parliament.
Data is easy to forget. Especially with the increase in legacy-to-digital transformation, it’s easy to overlook unused systems or historical backups. All too often, the focus is on transitioning to new, digital technologies without decommissioning the legacy systems they replace.
Read any survey of the challenges small and mid-sized business leaders face, and you’ll see an array of worries over managing cash, retaining customers, competing and keeping up with technological change. Chances are that regulatory compliance and data privacy aren’t making those lists of issues keeping SMB owners up at night. In fact, the majority of SMBs (80% according to one survey) know very little about whether and how data protection laws affect their business. Nevertheless, many data protection regulations are indiscriminate when it comes to organization size, and with consumers paying increasing attention to data privacy, the issue has become very real in the SMB arena.
Anyone who’s been in the e-discovery industry for any length of time knows that change is the only constant. It’s a practice and industry born from the very notion of change, and has been evolving steadily since its early days two decades ago. What’s happened over the last year is that the rate of change is now quickly picking up momentum. Trends that were just emerging in 2019 took full shape and began disrupting the space in 2020. More advancements—in the demands of e-discovery and the innovations brought forth to meet those demands—are on the horizon.
Across FTI Technology, our teams have the opportunity to work on some of the most complex, high-stakes and innovative matters in the world. While 2020 was anything but typical, the work of helping clients problem-solve through technology was a familiar constant. In reflecting back on the lessons learned from the year and the related implications for the future of the legal industry, our global teams have gathered numerous predictions for what outside counsel and in-house legal teams can expect to face in the new year. A snapshot of these are shared below.
Ashley Brickles recently participated in a cartels workshop hosted by Concurrences, alongside speakers from Herbert Smith Freehills, the Court of Justice of the European Union (CJEU), General Electric and the European Commission department for competition (DG COMP). The panellists comprised a diverse set of backgrounds and perspectives, which provided for a lively and educational session that covered procedural changes in cartel investigations, privacy concerns that have arisen in competition proceedings and the extent of the Commission’s investigatory powers.
In the early days of the COVID-19 pandemic, when we were all grappling with the avalanche of concepts like ‘social distancing’ and ‘personal protective equipment’, the idea of contact tracing had many scratching their heads. In the age of automation, a manual process involving a team of people making calls and conducting interviews to find those exposed to the virus can seem almost counter-intuitive. Perhaps this is part of why, in 2020, we saw a dedicated push to find digital solutions to the challenges of COVID-19. This has included digital contact tracing solutions such as the Australian Government’s COVIDsafe app. However, the adoption of visitor registers that record which individuals have visited specific locations, and their contact details, have been far more helpful to contact tracers.
Canadian regulators kept busy in 2020. Within the Competition Bureau, under the helm of new director Matthew Boswell, numerous new initiatives and guidelines were introduced to ramp up the nation’s competition oversight. In parallel, data privacy authorities shared new provisions for cross-border transfers impacting personal and sensitive data and legislators introduced a sweeping new privacy bill to refresh the Personal Information Protection and Electronic Documents Act (PIPEDA).
Chief legal officers are facing unprecedented change. The challenges of 2020 have redefined an already changing role for the general counsel, and a second annual study of leading chief legal officers indicates they are rising to the occasion, becoming busines drivers in the own right and serving as crucial guardians against myriad emerging risks.
At the recent PrivSec Global event, Sonia Cheng, Senior Managing Director and EMEA Head of Information Governance & Privacy at FTI Consulting, led a panel with Ahmed Baladi, Privacy & Cybersecurity partner at Gibson, Dunn & Crutcher and Linda NiChualladh, Head of Privacy (Legal) at Citi. The session covered the underlying risks and considerations associated with data in M&A transactions and the skills needed to brave a complex M&A data landscape.
As part of the growing Technology team in Dublin, Inés Rubio is looking forward to helping clients across EMEA tackle their e-discovery challenges through information governance (IG). With a background in international criminal law and legal technology, Inés brings a combination of technical, legal and strategic problem-solving expertise to the team. We recently interviewed her about her new role at FTI and her plans for supporting the practice’s growth in Ireland.
Now in its sixth year, the report takes a deep dive into the leadership structures, core functions, staff and budgets, and tasks and priorities of privacy programs around the globe. It provides key metrics on ongoing compliance with core pieces of privacy legislation and the effects of recent legal rulings and guidance from data protection authorities on processing operations.
The effects of COVID-19 have led many companies worldwide to take drastic measures. This includes applications for temporal layoffs or furloughs, with the additional uncertainty of definitive layoffs for vast numbers of employees. In this article, Javier Garcia-Chappell and Grainne Bryan discuss the necessary measures to protect and secure their data, as well as those devices and/or corporate media that may store them.
Over the last several months, our teams here at FTI Technology have been fielding an increasing influx of questions about emerging data types. We’re often asked, “have you ever heard of, collected from, produced…” about an ever-growing list of emerging data types. This reason for this is that the massive proliferation of apps and cloud services in use at corporations today is beginning to creep into scope in e-discovery matters.
Across the globe, the pharma industry is investing billions of dollars into fighting COVID-19. Some of the leading companies have halted other research projects to allocate upwards of $1 billion to R&D for coronavirus treatments and vaccines (according to Forbes). In addition to government and market pressure to respond to the pandemic, pharma companies are up against increasing regulatory scrutiny. A notable—but often overlooked—risk on the regulatory front is the issue of data integrity, which is mandated by numerous global authorities. We recently discussed the issue of data integrity with Managing Director Ankush Lamba based in our Mumbai office, to get a better picture of the risks and how this issue has been exacerbated by the pandemic.
Across FTI’s global teams, many of our experts have been working in e-discovery since before e-discovery even had a name. Nina Mohadjer, a Senior Director in our Dusseldorf office, is one such expert. She recently shared some of her reflections on the evolution of document review and the role technology is playing in changing the practice of law.
Today, some degree of data privacy and data protection obligations —regulatory, security standards, consumer trust issues, etc.—touch nearly every organization around the globe. Fulfilling those obligations while maintaining operational resilience and productivity generally requires the involvement of multiple stakeholders as well as a broad range of company leaders. While typically led by an organizations legal and compliance department, operationalizing data privacy technology, implementing the required safeguards and governance workflows requires both the support and leadership of IT.
Even sophisticated companies that dedicate ample resources to information governance often end up with gaps when it comes to third-party risk management. Now, as employees and third parties adopt new, unvetted applications to do their jobs from home, these gaps have become even greater. Organizations are under tremendous pressure right now—but making time to holistically assess and manage third parties will pay long-term dividends in reducing risk, while employees work remotely, and when they eventually return to the workplace.
FTI Consulting is working toward becoming a more diverse, equitable and inclusive workplace, and ensuring our teams represent the many races, genders, lifestyles, ethnicities and cultures of the regions and communities where we live and work. The events of this year have shined a glaring light on the fact that there is much more work to be done. To help facilitate change, we’re engaging our teams in open conversations about tough topics. As part of that effort, we recently interviewed Aisha Brackett, a computer forensics consultant in the Technology segment’s London office, to learn more about her experiences as a Mixed Race woman with Black Heritage working in technology consulting.
Along with countless significant decisions, November 3 brought the passage of a long-awaited update to California data privacy law. This week, the California Privacy Rights Act of 2020 (CPRA) passed with a majority vote as expected, adding to and modifying the requirements and enforcement of the California Consumer Privacy Act (CCPA).
Information governance (IG) is becoming more difficult. Data volumes are exploding, regulations are emerging and changing and large workforces are widely dispersed across at-home offices. Just as an organization gets a handle on the data from one new system, five more are onboarded. For many legal, compliance and privacy professionals, IG progress may feel like two steps forward, one step back.
October is Black History Month in the U.K. In honour of this important month, and as part of FTI Technology’s commitment to improving diversity, equity and inclusion in our firm, we are elevating the voices of our Black colleagues across the organisation. By engaging our people in candid conversations about racial bias, social injustice and workplace inequality, we hope to raise awareness of these issues and collectively contribute to important worldwide change.
The E-Discovery Consulting & Services practice within FTI Consulting’s Technology segment recently completed e-discovery for a Federal Trade Commission quick look as part of the second request for a merger between two healthcare industry companies. Using Brainspace’s Technology Assisted Review (TAR) model, the team developed novel workflows to enable efficient e-discovery in the face of a number of unique circumstances. We recently chatted with the team involved on the case, which was led by Senior Managing Director Wendy King and included Managing Director Jon Murdock and Senior Director Myron Williams, to understand how the matter was different from other second request inquiries. They discussed the challenges involved and shared details around the new workflows FTI developed as part of the engagement.
FTI Technology Senior Managing Director Rena Verma recently attended the 17th annual Pharmaceutical Compliance Congress. We asked Rena to share the insights she gathered from fellow risk and compliance experts, and her observations on the key issues facing the pharmaceutical industry.
So far, 2020 has been…. an “experience." The challenges our industry had braced for, the opportunities we planned to seize, have been suddenly upended in ways we never would have anticipated. At the end of last year, our team shared a few predictions for what was to come in 2020. They weren’t wrong, but the landscape in which they are coming to fruition has changed significantly from what we envisioned. Now, looking at the wake COVID-19 has left behind to date, it’s a good time to revisit those predictions and revise them to match the way the world, the legal industry and e-discovery have changed this year.
In January, the Securities and Exchange Commission (SEC) released its most substantial cybersecurity guidance to date. The report, “Cybersecurity and Resiliency Observations,” was the result of examination findings and research from the last five years, much of which was led by the commission’s Office of Compliance Inspections and Examinations (OCIE). This is the first comprehensive guidance we’ve seen from the SEC’s cyber unit since it was established several years ago. In many ways, it reads as an examination pamphlet—outlining the essential information security practices and programs a financial services institution will need to have in place to stand up against a government raid, inquiry or investigation.
The interconnectedness of people, organizations and nations around the world has never been more apparent than it is today. The ongoing and rapid increase in globalization has driven change and growth in countless industries, transformation in business processes, diversification in economies, and yes, even widespread pandemics. It has also led to a spike in cross-border legal and e-discovery matters—a trend that is continuing on an upswing. Navigating international e-discovery in the best of circumstances is a challenge for even the most sophisticated attorneys. It is more so now, as legal teams struggle to adapt their work in the midst of this global health crisis.
The last two months have given businesses many new issues to consider and practices to re-examine. Alongside introducing unexpected risks, the sudden shift to working from home has disrupted corporate culture, and more specifically, culture as it relates to compliance and privacy practices.
Collaboration and new forms of communication are steadily gaining on traditional channels. Worldwide revenue for this market reached more than US$38 million last year, and is growing more than 15 percent year-over-year in EMEA. In an e-discovery context, this increasing adoption of collaboration applications and tools—including Microsoft Teams and OneNote, Slack, Telegram, Zoom, etc.—is a prelude to stark change.
At FTI, we have adapted our e-discovery offerings to adhere to pandemic-related stay-at-home orders and distancing policies. In this guide, we share the steps we have taken to maintain continuity with the hope you can apply them to your own organization and teams.
Managing Director Geoff Budge has been working with FTI clients in South Africa for more than three years. Now, he is building a team of experts and solutions for the newly-established Technology practice in South Africa. His team will focus on expanding in the region and delivering the Technology segment’s client-centric, flexible model across e-discovery, information governance, risk, data privacy, security and legal operations solutions. We talked to Geoff about this move, and his thoughts on the biggest issues corporations in South Africa are facing during the current pandemic.
The recent appointment of Renato Fazzone as Senior Managing Director and Germany Head of Technology established our permanent presence in the German market for our Technology practice. Backed by more than 15 years working in e-discovery and litigation support, as well as advising clients on corporate fraud and antitrust matters, Renato is eager to expand our offerings and expertise to clients in the region. We recently sat down with him to discuss his vision, the top issues impacting German corporations today, and how the COVID-19 pandemic is impacting FTI’s offerings.
Life endures even in the most difficult situations—and it adapts and evolves to meet new challenges. Now, as we watch, and fight back against the spread of COVID-19 worldwide, we are arriving at the very edge of an evolution, a new future, a new workspace model that tackles today’s limitations. With COVID-19 leading to lockdowns, organizations are facing their unique challenges as they try to cope with both the safety of their people and the continuity of business. This article will explore some of these changes related to IT and software assets, along with their potential consequences.
We are living in unprecedented times. Every industry, every profession, every nation has now felt the impacts of the global COVID-19 pandemic. Even though many of us have more time on our hands due to mandated or self-imposed isolation, there still aren’t enough hours in the day to keep up on all of the news. Our Blockchain Advisory and Cryptocurrency Disputes, Investigations and Litigation (CDI&L) team has been watching the news closely as it relates to cryptocurrency and blockchain opportunities and deployments. While not all encompassing, the round-up below highlights some of the most interesting industry news we’re seeing to date.
Coronavirus is everywhere, figuratively and literally. It has overtaken our news, social feeds, and nearly every message and exchange. We’re getting a glaring reminder of the importance of strong personal hygiene (wash your hands!). But what about information hygiene? Beyond the devastating impacts on health infrastructure, human life and the economy, this crisis is also exposing new risks to personal data.
Grainne Bryan recently joined our Dublin office as a Managing Director to help establish and lead the Technology practice in Ireland. Joining from a corporate law firm, Grainne brings two decades of experience in the legal industry. Her background includes developing and implementing individual solutions to complex projects and standardising workflows and processes for projects involving all aspects of document identification, collection, production and review. Grainne sat down with us to discuss her new role and how the technology landscape is evolving not only in Ireland but globally.
Like with all other disruptive technologies, in blockchain and cryptocurrency, the leapfrog game of new challenges, new advancements and new laws, will continue as the space matures.
In e-discovery, counsel and review teams are juggling a lot of moving parts. Between collecting data across numerous locations and data types, assessing key facts, establishing workflows and determining which analytics to apply, e-discovery teams have little time to worry about the logistics of project management. At FTI, Emily Seabury and Elizabeth Noble are among the team of case managers behind the scenes, making sure everything runs smoothly from start to finish. They and FTI’s broader client teams aspire to always be anticipating the next steps to reach a client’s goal, so that the client need never to ask for an update or flag something that needs to be done. We sat down with Emily and Elizabeth to discuss our case management system, and why it is so crucial to ensuring successful outcomes for client matters.
Newly appointed as a Senior Managing Director, David Meadows is bringing his e-discovery and computer forensics expertise to FTI Technology’s E-Discovery Consulting & Services and Digital Forensics & Investigations practices. Based out of the Chicago office, David will help clients leverage advanced analytics to reduce cost and risk around their data challenges. He sat down with us to discuss his new role and his thoughts on innovation.
The California Consumer Privacy Act (CCPA) has arrived, and businesses are bracing for the financial impacts. Every company’s risk and compliance posture is different, and each company’s data footprint is unique, so the cost of compliance will range from company to company. Generally, estimates from the California Department of Justice project that compliance will cost up to $50,000 for small businesses and $2 million for companies with more than 500 employees. This totals a forecasted $55 billion in initial expenses to operationalize the new requirements.
As 2019 came to a close, and pundits looked back on the tumult of regulatory changes that shaped the last decade, lawmakers slipped in a few final bills. One, introduced in late December by U.S. Congressman Paul Gosar from Arizona, has the potential to make waves in the financial world. The Crypto-Currency Act of 2020 was drafted to add clarity to the cryptocurrency industry and provide a clear framework for crypto regulations in the U.S.
Cryptocurrency news heated up at the end of 2019. The second half of the year also brought a wave of new litigations around cryptocurrency misuse, fraud and theft. I expect we’ll see even more of this in 2020, along with a surge of interesting news. Industry watchers can expect a range of cases, from the state level, all the way up to far-reaching cross-border matters, as criminals find new ways to leverage crypto markets to further their malicious interests.
Across our practice areas, we asked our experts to share their predictions for what will shape legal, compliance and information governance in the coming year. Below is a roundup—across new laws, emerging technology and key industries—of what they expect will make the biggest impact to businesses worldwide.
Today, there are more than 2,200 types of cryptocurrency in the global markets. An estimated 34.6 million digital wallets are in use. Between new client matters and a gripping news cycle relating to cryptocurrency regulations, scams and investigations, our team has identified several key trends impacting the industry.
Europe’s highest court, The European Court of Justice ("ECJ") in Luxembourg, ruled on two cases last week involving GDPR’s right to be forgotten as it applies to information available on the internet. In the first ruling, the court held that the privacy rule cannot be applied outside the European Union. In the second, the court said the right to freedom of information must be balanced against the right to privacy and specifically the right to have links related to certain categories of personal data automatically deleted.
When one of the world’s largest cryptocurrency exchanges was breached in May of this year, few in the industry were surprised. Cryptocurrency exchanges have long been appealing targets of malicious actors looking to steal currency and personal information. But this recent breach, which will potentially impact tens of thousands of cryptocurrency investors around the world, is particularly unique. The series of events that has unfolded in its aftermath serves as a stark reminder that the criminals looking to profit from this industry are both sophisticated and highly motivated.
In July, more than 10,000 cryptocurrency investors received warning from the IRS that they may owe taxes on improperly reported income. Weeks later, another round of letters were sent to some, outlining the amount of taxes owed for cryptocurrency gains and demands for payment. These letters are likely the tip of the iceberg in a long-anticipated IRS crackdown on crypto income—the latest in a series of government activity in this arena.
E-discovery is a continually changing practice. For approximately two decades now, it has played a tremendous role in shaping the legal world. As e-discovery’s influence and prevalence has grown over the years, the technologies, economics, processes and expertise around it have in many ways become unrecognizable to what they were in the early 2000s. Still, much about the field has also remained the same.
E-discovery matters are more complex than ever before. While the legal industry now has access to powerful tools that can significantly reduce the time invested in manual processes, lawyers are at the same time facing exploding data volumes and an ever-growing spread of data sources and evidence types.
Senior Director Elizabeth Noble is an unsung hero. As a case manager for some of our largest and most complex e-discovery matters, she is a strategic driver for the backend work that ensures a case goes smoothly. We sat down with her for a discussion about her role, and the importance of case management in saving time and money in e-discovery.
The regulation of digital currency markets in the U.S. and abroad remains foggy. Today, the Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission (CFTC) have been vague regarding how tokens and crypto-based assets map to traditional securities. Clear guidance has not emerged. However, even in the absence of guidance, regulators are bringing forth enforcement actions against companies believed to have engaged in improper cryptocurrency operations.
The digital universe will explode to 40 trillion GB of data by 2020. The total Internet of Things market is forecasted to hit $520 billion in the next two years, and will account for at least 10 percent of the total digital universe. We’re talking 4 trillion GB of IoT data in the foreseeable future. All this data, and the ways in which it is collected, stored and secured is intersecting with the blending of corporate and personal worlds, raising important questions about data privilege, compliance and the future of digital forensics.
In early April, the Securities and Exchange Commission issued its first "no-action" letter regarding business use of blockchain-based digital assets. The letter was in response to a proposal from an air charter provider looking to launch a blockchain-based token platform to facilitate sales for air charter services. While the SEC’s response does offer some guidance, it outlines very restrictive conditions for the proposed program and is not particularly actionable for the broader business community.
In March, news broke of fraud and money laundering charges brought against the leaders of the global, multi-billion-dollar OneCoin cryptocurrency pyramid scheme. The story has continued to develop in months since, with arrests made and new information revealed about the extent of the damages that have followed in its wake.
This year will see real progress in 5G network implementation, an expansion of the connected device marketplace, further adoption of applied AI and the advancement of ad-tech capabilities. These constituent parts will more noticeably converge and begin to firm up the long-term vision of global commerce, in which online platforms will have greater reach into the real world and the consumer’s data will fuel unprecedented insights and outcomes. In parallel with this push into the future, global Technology, Media and Telecom (TMT) corporations will continue to struggle with data privacy regulatory risk.
On April 2, Bitcoin mysteriously spiked to $5,000, reaching nearly five-month highs in just a 60-minute period. Some experts think this jump may be the beginning of a renewed surge in cryptocurrency value.
Insurance claims involving cryptocurrencies are on the rise. Today, the industry is not fully prepared for how to deal with them. These claims seem like familiar claims on the surface, but have incredible uniqueness due to the involvement of cryptocurrencies.
As the trend continues, Texas has joined other states in the data privacy ring by introducing two privacy and data protection bills. Both bills are aimed at protecting personal information and holding companies accountable for data security.
In many ways, 2018 was a year of waiting. Waiting first for the General Data Protection Regulation (GDPR) to go into effect on May 25th. Then waiting again to see how regulators sought to investigate privacy complaints and enforce the new law. Now within the first two months of 2019, we’ve seen the beginnings of the anticipated uptick in European enforcement activity. And it is not a surprise to see the ad-tech space drawing most of that regulator attention.
In the last half of 2018, GDPR enforcement activity among data protection authorities across Europe saw a steady uptick and the trend will continue in 2019. Organizations in a broad range of industries received public reprimands, enforcement notices and fines. Violations ranged from data breaches, to lack of security practices and failure to obtain consumer consent to collect data.
Earlier this month, data protection authorities in Portugal doled out a €400,000 fine to a hospital for failure to apply appropriate access controls over digital patient data. This is one of the first penalties we’ve seen issued under GDPR since its enactment earlier this year. There are several interesting elements of this particular case, one of which is the fact that fines were imposed even though no data breach event occurred.
GDPR has made data protection a reality not only for heavily regulated industries but for all organisations. Once seen purely as a legislative burden, GDPR compliance is now providing organisations with a range of benefits.
This week, the President of France issued the Paris Call for Trust and Security in Cyberspace. The document is a cybersecurity pact seeking consortium of technology companies, governments and NGOs to improve the stability and safety of the internet. With its unveiling, the declaration touted support from some of the tech industry’s largest players and a handful of countries in Europe.
It’s that time of year… no, not when bands of trick-or-treaters are traipsing up your walk, but when the ghoulish specters called data subject access requests (DSARs) are going to start flooding in.
A California-based consumer electronics company has agreed to a $17 million settlement in a lawsuit that claimed the company installed data-tracking software on its internet-connected smart TVs without notifying customers, and then profited from the sale of the personally identifiable information to advertisers.
For those interested in the growing momentum around broader US data privacy protections, I wanted to flag a recent Senate hearing on “Examining Safeguards for Consumer Data Privacy.” On Wednesday, September 26, 2018 the Senate Committee on Commerce, Science, and Transportation met to examine consumer protection and privacy policies of top technology and communications firms.
After a recent data breach, a law firm is threatening the company with a potential class action lawsuit, citing Article 82 of the U.K. Data Protection Act. Specifically, the law firm is citing the "right to compensation and liability" — which states, "Any person who has suffered material or non-material damage as a result of an infringement of this regulation shall have the right to receive compensation from the controller or processor for the damage suffered."
In May, Apple released iOS 11.4, and with it, new features for storage and synchronization of Messages to iCloud. Our team has written before about the e-discovery and digital forensic investigations challenges that can arise when Apple updates operating system functionalities. The changes in 11.4 yet are another example of how this continually moving target can impact organizations that are required to preserve, collect and review data from Apple devices for legal, regulatory and investigative matters.
Next year, firms around the globe will be impacted by some of the world’s toughest new regulations and privacy requirements. Adapting to this new landscape was a key topic at The Lawyer's Managing Risk and Litigation conference.
For years, mobile devices have introduced a slew of new challenges into e-discovery and digital forensics investigations, from data encryption and proliferating hardware to rapidly changing third-party applications. Debates continue between law enforcement agencies and technology companies about mobile device encryption and whether criminal investigators should be given back-door access to suspects’ phones. Just last week the U.S. Deputy Attorney General spoke out against Apple on this very issue, saying law enforcement should have access to investigate the communications of the shooter in the recent tragic Texas shooting.
We recently appointed a new Managing Director to lead the Technology team in Asia. Sandeep Jadav is joining the tech team from Ernst & Young, and brings more than 17 years of experience in leading teams in forensic technology. We sat down with him to discuss his new role, how the field has evolved over the course of his career and his thoughts on emerging trends and challenges impacting corporations doing business in Asia.
Late last week, we learned that Equifax was breached via a simple web application weakness, and over 143 million consumers’ records were compromised. The bad (worse) news is that this story is not unique, and this is by no means the final chapter.
With organizations increasingly challenged to support the modern workplace environment – mobile phones, remote employees, cloud collaboration sites, social media, IM platforms and chatrooms – while keeping this data secure and easily retrievable for legal or regulatory needs, we at FTI conducted the latest iteration of AFC to uncover how legal teams are handling the challenges.
While information governance is often thought about in the context of data security and IT efficiency, there is an equally important factor that deeply resonates with a corporation’s board and C-suite: reputational risk.
The legal industry is hungry for guidance on how to deal with the explosion in cloud-based applications and new data types that are creating headaches for organizations of all sizes. While the threat of big data has cast a shadow over IT and legal departments for several years, the real challenge is proving to be the variety of data, and it is quickly defeating traditional collection and review tools and strategies.
Paul Hunter shares some comments on what lawyers in Australia need to keep in mind as predictive coding gains adoption in the region.
Phil Smith, a director in FTI Technology’s Melbourne, Australia office, is an expert advisor to clients looking to implement predictive coding. He shared some insights on how the technology is evolving in Australia and FTI’s efforts to help clients update strategies and streamline e-discovery reviews using technology that is still nascent in the region.
Target’s multistate settlement ($18.5MM) for their 2013 data breach is the strongest evidence yet that Data Governance and Security is impacting organizations in every vertical and geography.
Jim Scarazzo explains how risk, IT, legal and compliance intersect across the many stages of investigation.
Sean Kelly highlights steps IG teams can take to build enforcement into their policies from the outset.
O365 migration should be viewed as a critical business initiative that requires the involvement of the legal department as one of the primary decision makers every step of the way during a migration.
Policy enforcement is a challenging task for most organizations – more so for those in regulated industries that have a highly complex legal and compliance profile.
With increasing adoption of Microsoft 365 (O365), analysts have indicated the migration process has arisen as an acute pain point from an information governance and e-discovery perspective.
In a recent FTI Advice from Counsel study, 76 percent of respondents said that while they do have information governance programs in place, initiatives ranged across 30 different areas of focus. These included data security, budget transparency, efficient records retention, data analytics, compliance, risk prevention and optimizing data for litigation needs, and underscore the difficulty many legal teams have in focusing their IG efforts.
Despite increasing adoption of new technologies in the legal space, the vast majority of legal teams are still not implementing analytical tools in a way that can truly make a difference to alleviating their overall e-discovery burdens and growing expenses.
FTI Technology Managing Director Colleen Casey Voshell recently teamed up with colleague T. Sean Kelly to share some insights on dealing with mobile device data collection and e-discovery. Voshell and Kelly agree on the importance of counsel understanding policy issues, data privacy concerns and software limitations that come into play when dealing with mobile data.
One of the most meaningful elements of information governance is how it can drive the differentiation of data types and enable stronger security protocols around a corporation’s most sensitive data.
FTI Technology’s digital forensics expert David Freskos shared some insights on current issues with location-based services, and what corporations need to consider in today’s landscape.
In a recent merger, a Canadian corporation was tasked with responding to the Competition Bureau’s request for supplementary information, known as a Supplementary Information Request (SIR), similar to Second Requests in the U.S. Working closely with the client and FTI’s team of experts, Tim Klinger, Managing Director at FTI Technology and the lead for the company’s practice in Canada, helped the client implement FTI’s Ringtail e-discovery software to review approximately 420 GB of data that was potentially relevant to the government’s request.
In a recent article in New Jersey Law Journal, FTI Managing Director Colleen Casey Voshell wrote about how analytics tools can boost information governance initiatives for healthcare companies and other corporations in highly regulated industries. Because healthcare organizations must juggle the tasks of maintaining compliance with regulations, dealing with a high volume of litigation and securing sensitive data that contains customer and/or patient information, information governance and overall data management are becoming exceedingly difficult to navigate.
Whether unexpected or the result of an internal investigation, an enforcement action by the Securities and Exchange Commission (SEC) or Department of Justice (DOJ) can burden even a prepared organization and result in serious financial consequences. With the number of Foreign Corrupt Practices Act (FCPA) enforcement actions proliferating across industry types and organization sizes, and fines growing larger each year, it is increasingly important to execute investigations with speed and efficiency.
We’re pleased to announce that FTI Consulting is a top provider in 13 categories in the first-ever Best of Corporate Counsel survey. Corporate counsel voted in a range of categories across hundreds of software and services providers in the legal industry.
QA with Craig Earnshaw, Senior Managing Director, FTI Technology
Given the global nature of e-discovery today, the need to review documents in multiple languages is a challenge facing an increasing number of corporate legal teams. Even the most sophisticated legal departments, with fine-tuned e-discovery processes, still struggle with the review phase when non- English language documents are involved.
In October, the High Court of the European Union made a ruling that nullified the existing Data Safe Harbor agreement between the EU and the U.S., which since 2000, outlined rules allowing the transfer of protected data from Europe across our borders. The safe harbor agreement provided a way for U.S. companies to migrate personal data originating in the EU, to the U.S. for e-discovery and regulatory purposes, in a way that was consistent with the EU Data Protection Directive.
As a computer forensics investigator, FTI Consulting’s Bryan Lee examines evidence of corporate employees stealing data, embezzling company funds, committing fraud, and performing a wide range of other nefarious activities. In many of the cases Bryan has investigated, the employee attempts to cover their tracks using various methods such as deleting their internet history. Recently, there has been an upward trend in users altering their computer prior to performing their intended actions.
By now you have probably heard about the February 16th ruling in the case Pyrrho Investments and MWB Business Exchange v. MWB Property and others by Master Matthews of English High Court. In the ruling, Master Matthews outlines many of today’s e-discovery (or ‘e-disclosure’) challenges for litigants – the growing mountain of data for any-sized litigant, and the shortcomings of keyword searches.
We’re excited to discuss some of the biggest trends impacting the legal industry at Legaltech New York (LTNY) 2016. Learn more about our day one panels featuring noted industry thought leaders from the bench, corporations and law firms.
FTI had a busy year in 2015 on many fronts – from the launch of Information Governance and Compliance Services and Ringtail 8.5 to important work on landmark cases, thought leadership at industry events and awards recognitions. Our teams have worked diligently to improve every year in providing clients with meaningful product innovation, the most seasoned experts and overall best legal software and services in the industry.
Show themes reflect e-discovery’s evolution from a niche concern to an area intrinsically connected with the biggest problems facing law, business and government today.
On September 17 Judge Buch of the U.S. Tax Court made an important ruling in favor of predictive coding in the Dynamo Holdings Limited Partnership, Dynamo GP, Inc., tax matters partner, et al v. Commissioner of Internal Revenue case. This is the Tax Court’s first ever opinion regarding how to conduct e-discovery, and FTI’s own Jim Scarazzo served as an expert witness in court and was cited several times in the ruling. Here is a short Q&A with Jim about the case and his involvement.
Economic globalization is driving an increasing amount of activity in Asia, taking U.S.-based multi-national corporations to the Far East and into highly charged legal and compliance environments. This, intersecting with regulatory activity stemming from the Foreign Corrupt Practices Act (FCPA) and UK Bribery Act is driving increased e-discovery in Asia.
David Grant, a senior managing director at FTI Technology, recently contributed a two-part article to InsideCounsel on the issue of big email, and how corporate legal departments can address the many challenges that result from an e-discovery standpoint. In the article, David offers counsel an alternative to the standard comprehensive review process that is undertaken at the outset of most e-discovery matters.
The first two posts in this series highlighted some fascinating findings from our annual Advice from Counsel study, providing recommendations for the top corporate e-discovery ‘plays’ according to legal departments at Fortune 1000 corporations. Some of the top practices touched on included preservation and collection, when to utilize service providers, tackling the uncertain waters of predictive coding and leveraging data re-use. In addition to the five overarching ‘plays’, the survey respondents also weighed in on other pressing matters that are impacting e-discovery today, and will continue to do so in the near future.
In an earlier post we introduced some interesting findings from our annual Advice from Counsel study and highlighted some in-sourcing and outsourcing trends that corporations are exhibiting as part of their overall corporate e-discovery playbook. While the previous post discussed “plays” around collection and preservation, as well as guidelines for choosing service providers this post will focus on the smart plays around predictive coding and data re-use.
Is there an ideal corporate model for e-discovery? One that can evolve as new challenges emerge, but still provide budget certainty and process efficiency? These are among the questions we explored with Fortune 1000 inside counsel for our annual Advice from Counsel study conducted in partnership with legal technology expert Ari Kaplan. The results are now in and they show, attorneys across the board moving toward a corporate ‘playbook’ that will guide e-discovery in the coming years.
In early June, we invited in-house e-discovery professionals from D.C., Virginia and Maryland to the latest Advice from Counsel summit. It was an informative gathering with lively roundtable discussions amongst peers on interesting e-discovery topics such as: judges ordering the use of predictive coding, indexing data by concepts, the practicality of co-operation and disclosure of predictive coding to opposing counsel, whether it’s possible to conduct privilege reviews using predictive coding and even securing executive buy-in for “spring cleaning” data remediation projects.
FTI will soon announce the full results of our annual Advice from Counsel (AFC) study in partnership with legal technology expert Ari Kaplan. This will be the fifth year we have studied key challenges, habits and trends at Fortune 1000 corporate legal departments, and delved into discussions with these organization’s counsel and e-discovery experts to bring forth practical advice and insights to the industry.
Part 1 of this post introduced some strategies for combining predictive coding with analytics technologies that were discussed on one of FTI’s LegalTech panels in February. Senior managing director Kathryn McCarthy moderated the discussion with Honorable Judge Andrew J. Peck, Jason Lichter from Pepper Hamilton and Eric Leiber of Toyota Motor Sales. In addition to covering case law around predictive coding, they offered three key use cases for when these technologies can best be applied together. In the earlier post, we summarized their recommendations for second requests. Here we discuss internal investigations and depositions.
Predictive coding is overhyped to the extent that while few legal teams consistently use it, the topic itself is practically passé. Yet in conversation corporate counsel and law firm attorneys express the need to cut through the hype and understand how to use and defend predictive coding.
Just one more week to Legal Tech New York and the panels are putting the finishing touches on presentation materials. Our 10:30 am session on Wednesday the 5th covers predictive coding from a different angle than most conference sessions. First, we’re fortunate to have distinguished legal professionals representing the bench, corporate in-house teams, as well as law firm counsel. Secondly, the focus will be on practical advice for using predictive coding for three common use cases – Second Requests, in-house investigations and litigation. And last but not least, the panel will discuss some of the unanswered questions as it relates to predictive coding. This includes the debate on whether or not to disclose the use of predictive coding, the role of keywords, and also knowing when predictive coding may not be well-suited for your case.
If you’ve ever been asked “what are the rules?” when it comes to collecting, processing or reviewing data overseas, or if you’ve ever asked that question, this is the LegalTech session for you. Our expert panel with diverse profiles – law firm, corporation, analyst firm – have all been asked at one time or another to quickly sum up the data privacy rules. How is China different than Brazil? What if employees sign consent forms upon hiring? How does the Snowden/NSA leaks change the game?
You’ve heard the theoretical discussions on e-discovery – now learn the actionable steps to manage it in a faster, defensible, cost-effective and strategic manner. These practical, interactive sessions will focus on how inside counsel and law firms can utilize new technology and processes to take control of e-discovery.
The National Law Journal just published an article co-authored by Richard Kershaw of FTI Technology and Mike Vella of Jones Day, on the important topic of e-discovery in China. Both of these professionals have extensive experience managing matters from this region, and the article is a must-read for any legal team with offices in China. State-secrecy laws, the intersection of “BYOD” (bring your own device) and investigations, and other common scenarios are discussed.
It’s easy to think that the world’s move towards more visual representations of data is relatively new. Think of the increased number of infographics in newspapers, GIFs on the web or even icons on your desktop. But in fact, did you know that the first infographic was invented in 1786? And that even Abe Lincoln appreciated how infographics were able to convey complex information in a simple manner?
FTI Technology experts speak at numerous events in any given year, and the audience is often comprised of counsel with e-discovery responsibilities. This Compliance Week West event in Menlo Park, California, was a nice opportunity for us to present to a different audience – compliance and risk officers – on a very important issue impacting both e-discovery and compliance professionals: data-intensive investigations.
What’s the cure for a BYOD headache? Our consultants are asked this almost daily. And of course, while there isn’t an easy answer to this question, the risks BYOD pose are very real (i.e. IP theft, etc.). As a follow-up to his ARMA 2013 panel on collection best practices, Technology’s Veeral Gosalia outlined some of the complications and best practices with BYOD and e-discovery in a Tech Target article this week.
These two terms – “predictive coding” and “information governance” – generate a lot of industry buzz but our most recent Advice from Counsel survey results indicate adoption is lagging. So this ARMA 2013 conference session was designed to provide ARMA attendees with practical knowledge of predictive coding and examples of how leading-edge companies are using it for more than just e-discovery.
As ARMA evolves into an organization focused on helping companies address information governance challenges, we were proud to participate in the ARMA 2013 conference with two stellar panels.
If you’re involved in FCPA investigations, or any type of cross-border discovery matter, take a minute to download survey results of 114 FCPA professionals. In it, respondents share their thoughts on key trends and best practices for matters ranging from FCPA, the U.K. Bribery Act, and whistleblower investigations.
How much do you spend on e-discovery each year? Or on each matter? If you don’t yet have a process in place to calculate e-discovery costs and measure ROI of your e-discovery program, you’re not alone.
It’s always nice to receive industry recognition, especially for products and services that provide tangible benefits for clients. This year, KMWorld named the software as a service (SaaS) version of Ringtail as a trend-setting product.