The Obscenity list was one of the first automatic classification lists my team built into our Summation databases back in the bad old Enron days. We were one of the first defendants forced to search and review native raw email from the Exchange journal. Energy traders had filthy mouths and it was an easy way to spot heightened emotions. We also learned to route [...]
Microsoft and Google are busy re-inventing how knowledge workers collaborate. Many of us have stumbled onto complex sets of interdependent Excel workbooks being shared by accounting, sales and other teams. With good chain-of-custody procedures, I have reconfigured environments so that counsel or experts could manually review these ‘semi-structured’ file sets to extract potentially relevant snapshots. The breadth of sources simultaneously touched by Teams and [...]
Apple plans to start scanning all U.S. iPhones for images of child sexual abuse using a tool called “neuralMatch” or “NeuralHash” against a database of known images. Womble Dickinson’s JDSupra article covers many of the high-level privacy concerns and explores Apple’s plans for a service that will scan encrypted messages for sexually explicit content to provide parental notice. Using a generated hash to check [...]
Just a quick update as MSFT continues to consolidate storage architectures and change defaults. Per Roadmap 84580 this change will be rolled out next month. I rarely see legal holds issued for meetings that occurred within the last 2 months, so conservative or regulated companies should extend the default retention period for TMRs to match your current base retention period. I am sure that [...]
The recent raft of spoliation sanctions like Iacovacci v. Brevet Holdings, LLC seem to share fundamental misunderstandings around where key decision communications resided and how to preserve them. Broadly worded legal hold notices do indeed usually cover text and chat messages. Rarely do they convey practical instructions on preservation. In my opinion, these informal communication channels were once viewed as ‘non-records’ and avoided by [...]
Have your held Teams recordings or transcripts vanished after 21 days? There is an explanation, though I feel like I am stuck in an M365 eDiscovery issue rut. Really, I would like to be writing about more positive topics. This one popped up outside my usual eDiscovery testing while working with a new tech startup that heavily leverages recordings/transcripts for customer research, feature stories [...]
M365 Teams collections are already challenging corporate eDiscovery and provider teams with hidden SharePoint and OneDrive sites. Today’s Major Change Update Notification (MC261534 - reproduced at end for non-admins) covers the June-July roll out of Roadmap ID 81945 that dramatically expands custodian’s ability to associate existing/other Teams sites and automatically create private channel sites. More importantly, non-admin custodians are losing the ability to manually [...]
Last year I found and published eDiscovery/Content search errors related to Microsoft 365’s ongoing changes to tenant search infrastructure and the new version of Advanced eDiscovery (AED). I have recently encountered similar AED search issues after another way of upgrades was rolled out to new clients. Given the monstrous global scale of corporate M365 adoption, it is entirely possible that this is the same [...]
Typical Response Tasks · Preservation · Forensics · Log analysis · Malware reverse engineering · Surveillance · Remediation · Endpoint detection & response · Exfiltration – eDiscovery · Physical security · Regulatory compliance · Consumer notification · Legal response · Law enforcement liaison The latest Microsoft Exchange breach moved downstream to 60,000+ SMB victims from the Solar Wind’s hack that targeted Microsoft and government [...]
I fell down the eDiscovery patent rabbit hole while researching Exterro’s recent press release on the patent granted on their Gateway Coordinator. You should never take press releases, white papers, blogs, etc. at face value. Go to the source when possible. In my USPTO search for the announced patent, I stumbled across 7 more Exterro patents covering workflow management, custodian monitoring and predictive search. [...]