After a joint venture between two large multinational organisations deteriorated into breach-of-contract claims and litigation, FTI Technology’s client was ordered to conduct a widespread and all-encompassing discovery, preservation and remediation exercise for all instances of the former partner’s intellectual property (IP). The matter covered information from more than 10 locations in multiple countries and more than 1,000 data sources.
Following a dissolved joint venture, a global IT company faced legal obligations to identify and remove thirdparty intellectual property from its systems. The IP, which included source code, was co-mingled with the company’s own data and spread across thousands of sources in multiple jurisdictions. Further, the strict measures imposed by the court required forensic preservation of all affected systems.
FTI Technology led a complex and large-scale preservation and remediation effort, ultimately leading the company to comply with their legal obligations and avoid further penalties.
During scoping discussions, the client’s IT team directed FTI Technology to a priority list of folders and systems that were self-identified as containing potentially relevant information. In examining those sources, FTI Technology realised that adequate fulfilment of the court injunction would require a much broader analysis across the entire IT estate.
At the outset of the matter, FTI Technology’s digital forensics experts worked hand in hand with counsel and the company’s stakeholders to conduct a thorough exercise of exclusion to understand the entire IT estate, determine which additional systems and sources possibly contained or related to potentially responsive clusters of data, and establish parameters for the exercise, all of which supported defensible narrowing of the scope. With the matter properly scoped and the detailed data map as a guide, FTI Technology:
- Executed screening protocol for the identification of IP, including search criteria and technical procedures, to accurately and defensibly uncover files and significantly reduce false positives. The team also performed source code and technical file review as well as a discrete review for other file types to further understand their contents and relevance.
- Designed custom workflows to surgically remove target IP from complex cloud platforms that replicated onto employee devices.
- Successfully remediated enterprise backup systems including virtualised environments and physical tapes.
- Devised workarounds to address challenges in accessing encrypted information so that the client could avoid re-collection of more than 100 devices, a task which would have been unfeasible within the court deadlines.
- Minimised disruption to the business by performing nearly all activities through remote execution, including the preservation of hundreds of devices and 60 terabytes of server data.
- Forensically preserved several hundred legacy laptops, which required the manual efforts of digital forensics specialists worldwide, before the devices were securely erased.
- Worked closely with counsel to draft a comprehensive methodology report detailing the defensible steps taken to comply with the legal requirements.
A global team of experts across FTI Technology overcame significant scoping and access challenges to conduct an extensive, defensible IP remediation across a multitude of dispersed physical and virtual data sources. In addition to solving unprecedented issues, the team supported the client in securing deadline extensions due to the scale, complexity and technical limitations inherent in the data. FTI Technology delivered the following results:
- Remediated terabytes of sensitive IP from employee devices, cloud systems and email accounts while maintaining legal hold and preservation obligations.
- Designed innovative and defensible approaches to remediate cloud-based platforms and their complex data replication and retention schemes.
- Reduced costs by adopting pragmatic approaches to IP identification and remediation and minimising costly data processing and review procedures.
- Supported avoidance of further penalties due to rigorous execution within the challenging time frames stipulated by the court.
- Generated point-in-time preservation copies of files targeted for removal from the client’s systems and maintained those copies in custody, separate from the client’s IT estate and access, per a court order.