Skip Records Management and Start Governing Your Information

Are Your Information Governance  Policies Still Based On This?

2014 © Cary J. Calderone

Since 2007, in spite of my best efforts, I have watched as organizations lost control of their electronic data and struggled to implement classification systems and other good information governance protocols. And yet, it might not be entirely their fault.  I routinely see advertisements from "expert" consulting groups that offer a “solution” for records and information management based on the ancient approach of retention policies and schedules. This is like having a modern steel and glass building and hiring a carpenter with wood and nails to help you expand. The usual advice starts with “the foundation” that includes a records plan or policy and then attempts to expand it to cover electronically stored information (ESI).   Why?  Is it because existing records programs have been performing so well?  I doubt it.  Ask employees at most organizations about the adequacy of their current records policy and you will receive the same response, “what records policy?”   So, if it really was not working for paper, why would consultants suggest that you just update it to handle ESI? Classification and retention programs that achieved barely adequate to horrendous results historically with paper, are not going to work with your expanding email, instant messaging, social media, and new media applications.    How about an approach that will work? 

Review of Data Crush-Sometimes You Can Judge A Book By Its Title

By Cary J. Calderone, Esq.

My quick summary of the book:  Either crush, or be crushed.  The amount of data is growing faster than ever.  Data Crush by Chris Surdak explains why this is happening and provides a roadmap for keeping your business on the right side of the tidal wave of data.   A key observation Surdak shares is that:

The Internet used to be a tool for telling your customers about your business. Now its real value lies in what it tells you about them.

 In other words, you either take advantage of new technology and new data, or, your competitors will, and you may be out of business.  

Cloud Connect 2013-Look Out, Here We Grow

by Cary J. Calderone, © 2013

Cloud Connect Keynote

It is hard for me to believe that it was only two short years ago that the "Cloud" was new.   For those of us who follow technology it was not really new but rather, "newly marketed."   What was new was Big Data technologies, Open Stack, and mobile, all of which combined to make Cloud Computing a very robust business model.   And now, what is hot about the Cloud is not so much new and innovative technologies but rather, massive growth and consolidation.  This industry is maturing.  Here are some interesting observations made by speakers at the 2013 Cloud Connect Show in Santa Clara: 

Geek vs. Geek-What Do You Mean Backup?

© 2013 By Cary J. Calderone, Esquire

Geek vs. Geek

This is the first in a new series of blog posts that will illuminate the communication gap between Legal Geeks and Technology Geeks.  For these "Geek vs. Geek" posts, the basic assumptions will always be the same:  1) Both types of geeks, T-Geeks and L-Geeks, are pretty darn smart. 2)  Both know quite a bit about their own unique tasks, tools, and responsibilities.  3)  Both can be a bit defensive, if not downright surly, when they sense a challenge to their authority coming from a competing "Geekdom."  Now that we have the ground rules, the sample hypothetical for this post is about the company Backup or Disaster Recovery Policy.  Do you have one?  Do you think it is being followed?  Maybe.  Maybe not.

Data Privacy Rules And The Nazis

© By Cary J. Calderone, Esquire

This is from the DREDLaw.com archive.  Originally published on 12/25/2011

Still available on Amazon!

It is the Christmas season.  Those of us involved in DRED Law wish you and yours the happiest of holiday seasons.  Along with many of the more important traditions that occur, this time of year brings television repeats of classic movies like The Sound of Music.  For the past few years, I could not help but think of e-discovery and data privacy while watching parts of this movie.  Now, I am not obsessed with e-discovery and data law. I promise you.  However, a few scenes from the movie explain in most vivid detail just why the EU has a very different attitude and set of rules towards email and other information that may reveal a user's personal identification.  So, this post is for all of you who are not aware, or, are uncertain as to why the EU Data Protection Act is far more strict and penal in attempting to protect personal privacy at work.  Their default is, if it identifies a person by name, it is personal and protected by law.  In the U.S., if it is about business or on the company servers, it's not protected.  Let's see if these bits of dialogue from the movie validate my point and perhaps give you an idea of who, is to blame.  Take, for example: 

Forecast 2013-Is It E-Discovery Or Business Intelligence

© 2012 Cary J. Calderone, Esq

One thing I find baffling about data management is how applications are categorized.  I am not referring to classifications like private versus public cloud, or CRM versus Social.  But rather, the distinction between Business Intelligence and E-Discovery, and Record and Information Management.  BI has been popular and is viewed as a vitamin that can help boost sales and profits.  On the other end of the technology spectrum, we have RIM and E-Discovery.  When it comes to these unloved step-children of the corporate world, companies usually have to be dragged towards making the investment.  These are all pro-active and reactive tools for gleaning knowledge from your data.  But while RIM and E-Discovery are avoided, BI is relatively popular.  And, here is my argument:  Both types of applications are not really that different.  Let me explain.

ARMA Tri-Chapter Conference-RIM On A Shoestring

I had the pleasure of stopping by the ARMA Tri-Chapter Conference-RIM On A Shoestring, to see if there might be something blog-worthy.  Last year, I spoke on a panel.  In fair turnabout, I was in the audience for the talk given by R. Scott Murchison of Kaizen InfoSource LLC.  Scott has called on me to speak numerous times in the past, and after watching him present, I understand exactly why.  We both are hands-on experienced professionals who like to share practical tips we have learned from doing work for clients.  This is a direct contradiction to those on the other end of the spectrum, who call themselves, "thought leaders."  If you were looking for high lofty thoughts (think SNL Deep Thoughts), that may not apply at all to your real world Data Rules and Electronic Discovery challenges, then this talk was not for you.  If however, you appreciate real examples of issues and solutions, then you would have been paying attention and taking notes.  I thought it was definitely worthy of a blog post.

Cloud Connect 2012-Five Things You Need To Do Now

by Cary J. Calderone, Esq.

One of the advantages I have being based here in San Francisco is I can report on technology innovations as they happen in Silicon Valley,  long before lawyers get information at legal shows and can consider how these technologies may affect work at their firms.  The Cloud Industry Summit was the original focus for what has grown into the Cloud Connect show.  Attending last year I felt I had advanced knowledge of what was going on with the Cloud and this year is no different.  Kamesh Pemmaraju of Sand Hill spoke of major announcements about new Cloud services that will keep your data for you, behind your firewall.  In other words, there is another major security road block that has been cleared for many companies wishing to take advantage of Cloud services.   One of the most important best-practice takeaways came from Jim Stikeleather, Chief Innovations Officer, Dell, inc., who kicked off the Industry Summit.  He talked about the evolution of the Cloud and gave 5 Things To Do Now!

Data Privacy Rules in the EU, Asia, and USA and How John Cleese Might Summarize

Copyright © 2012 Cary J. Calderone, Esquire

I had the pleasure of attending a terrific breakout session run by Amor Esteban (bio) and William Kellermann (bio).  My words would not do their presentation on Cross-Border Discovery and Data Privacy  justice.  So please forgive me for borrowing the words of John Cleese from The Meaning of Life to summarize:

Before we begin your lesson, would those of you playing in the match this afternoon move your clothes down onto the lower peg, immediately after lunch. before you write your letter home, if you're not getting your hair cut, unless you've got a younger brother going out this weekend as the guest of another boy, in which case collect his note before lunch put it in your letter after you get your haircut and make sure he moves your clothes down to the lower peg for you. (Age restricted Python video clip on Youtube)

Yes it's perfectly simple!

Coming to a Law School Near You- eDiscovery Class 101

Professor Rick Marcus

Copyright © 2011 Cary J. Calderone

A few weeks ago, I had the pleasure of attending a Hastings College of the Law alum event where Diane Gibson, a prominent San Francisco litigator with Squire Sanders et al., and UC Hastings Professor Rick Marcus, presented, E-Discovery and Preservation.  There was some good DRED news.  For an alumnae event, this was very well attended.  There were over 100 people who showed up because they were interested in learning about E-Discovery.  The bad news was that when Professor Marcus, a principal drafter of the 2006 E-Discovery amendments to the Federal rules, polled the audience to find out who had heard of FRE 502 (critical for protecting privileged material from accidental disclosure) only myself and three others raised their hands.  Scary!  During the lecture and the Q&A afterword, we heard about many of the interesting E-Discovery and preservation issues, and what the Advisory Committee is considering for future amendments, but for me, the most important item was that Professor Marcus will, for the first time, be teaching Hasting's E-Discovery class in the spring of 2012.

"ISSA: Emails Prove Holder Knew" and Other DRED Headlines

Sometimes a headline can be a DRED story in and of itself.  Today, while browsing the internet, I saw a headline that said "Issa: Emails Prove Holder Told About Fast And Furious."   I could not help noticing how frequently we see those two words, emails and prove, together in a headline?   By Googling "emails prove" it came up with 45,900 results.  The list included story headlines with names like, Eric Holder, President Obama, Sarah Palin, Mark Zuckerberg and British Petroleum-and that was just on the first page of results.  Do you still think it is acceptable to treat your email as non-records, non-information, and, nonchalantly?

What's that up in the Cloud Part 2? Do you have a Policy?

by Cary J. Calderone, Esquire

In the first article on the subject I presented an overview of some of the risks with moving your company data and/or applications to the Cloud (link to Part 1). This article is about moving to the Cloud whether you want to or not. Let me explain. Do you think you are in control of your companies' data? Maybe, or maybe not! Companies like Dropbox, Mozy and many others are offering free cloud storage to users. And, we are talking about free gigabytes of storage. Enough to hold far too much of your important, privileged and/or proprietary company information. These new product offerings are simple to use, and extremely easy to setup in a matter of a minute or two. This means that if you do not have a policy on storing your work product off site, like on USB flash drives or tapes, then you had better at least get one for Cloud storage. USB ports can be disabled. Stopping user access to all the Cloud storage sites would be very challenging. This means all a user has to do is download a small application, setup a folder on their desktop computer, and from that point forward, anything they place in that folder gets copied to the cloud. As a warning to all my potential clients, you do not want your first knowledge of this new technology coming after you have been served with a Request for Production in a lawsuit.
Now, personally I think this is the greatest thing since sliced bread, or, at least the greatest thing since free personal email accounts. I have setup test accounts with both Mozy and Dropbox. Having the latest copy of my draft blog post available on my netbook, my laptop, or my desktop machine, is a great time saver and backup mechanism. In the past, and even though I seldom need to share my information with another person, I have wasted countless hours and email storage space moving my data from one of my computers to another of my computers via USB or email. I no longer have to do this. Additionally, if I am ever away from one of my computers, I have the option of getting to my data by using any computer that has internet access. In conclusion, two quick words of advise: 1) If your company policies do not cover Cloud storage, they should. 2) If you are a lawyer making a discovery request or taking a deposition, you should know how to ask about this stuff.

Industry Blurb: Smart Move by Symantec

by Cary J. Calderone, Esquire

Symantec has made a very interesting move in creating a new Discovery Counsel position to work with the Enterprise Vault team. Annie Goranson, an attorney from their legal department, has been promoted to this position. She will work with the Systems Engineers and Enterprise Vault clients to help with system design and implementation. This is a bold strategic move in an effort to address....
the legal issues around email archiving that typical Systems Engineers and consultants can not or may not handle. Her real-world e-discovery experience should help Symantec keep their people operating within the rules that prohibit non-lawyers from practicing law while providing clearer advice to the customers who want to use E-Vault to be better prepared. I would not be surprised to see other companies in the electronic information management space follow suit and utilize more knowledgeable legal personnel to avoid potential problems in this area. While we lawyers do deserve some of the criticism directed at us, sidestepping legal traps and distinguishing critical legal facts and issues is not usually handled best by sales people and systems engineers without extensive legal backgrounds. Score one for the lawyers!

Welcome to my blog.

Company electronic data management has changed dramatically. As companies adopted technology to move from paper documents to electronic data stored on company servers, the main concerns were safekeeping their data and growing and managing their electronic "knowledge. " Now, they must actively monitor their electronic data so they will be able to comply with government regulations and the Federal Rules of Civil Procedure. Information techies used to worry about guaranteed uptime and having plenty of space to store years and years worth of emails and memos. Now, legal is making them delete the excesses as soon as practical, and lawful, so in the event they have to, they can cost-effectively search and retrieve relevant material. This blog is going to examine how the IT, legal, and other departments can work together in this new world of electronic information management.