John Benson dot com

Shmoocon was a tremendous experience. I had a great time, met some new people and ate some sushi. I’ve posted a handout to serve as a supplement to the talk itself. Those that attended (or view it online later on) will notice that the slides themselves aren’t worth much on their own so I’ve pulled this together which hits most of the high points.

###

When I got to Dulles last Monday I received word from Evil that I’ve been selected to speak once again at LayerOne in Pasadena. For those who haven’t attended before, I highly recommend it. The venue is very nice and Pasadena always has excellent weather. I missed the GSM talk at Shmoo because I was finishing up my slides, but look forward to hearing David Hulton’s talk as well as David Bryan’s which I’ve already heard good things about.

###

I’ve been neck deep at work from the firm and a design project that I’m completing for a dear friend of mine, Chris Benjamin, who is running for Missouri State Senate. He’s a great guy who shares many of my beliefs and know he’s going to be a tremendous senator.

###

The comments should appear automatically now. I had Wordpress set to keep them all in a moderation queue, but wasn’t receiving any notification that I needed to clear some out.

While the website doesn’t reflect it yet, I received word that I’ll be presenting at Shmoocon 2008.  I’ll be talking about how the e-discovery process works, how organizations can reduce the cost of litigation, and how truly frightening the security surrounding e-discovery is.If you’re going to be there and would like to get together for a beverage…drop me a line. ###On a theoretically related note, the video and audio for my talks at DEFCON 15 should be available in their RSS feed soon. 

One of the things I’ve learned over the past few weeks of intense e-discovery research is that there are lots of vendors peddling lots of “enterprise level solutions” for organizations who are concerned with e-discovery.  These vendors target firms and companies alike and are definitely taking advantage of the uncertainty about what future litigations will be like.   
I don’t want to come down too hard on these vendors considering my level of experience at this point, but it has been quite a shock to the system to hear some of the prices for products which they provide.  E-discovery is currently a very expensive process…one which is driving up costs of litigation which will cause many ill prepared organizations to simply write checks instead of fighting an issue out in court.  
This article from BusinessWire is pretty over the top and I fear that it will be used to scare organizations into buying into products that they may not need. 
The headline practically jumps off the page and drives home that e-discovery is changing the legal landscape in a major way.  1 in 5 businesses has settled because they feared the e-discovery process?  That number seemed very high and raised some significant questions in my mind. What is the driving force here?  Difficulty in conducting the collection?  Costs of conducting the collection?  Loser cases to begin with?  Attorneys that were more comfortable telling the client that it’s better to settle than even conduct the litigaiton in this rapidly changing environment? These are all questions which I’m sure to be asking myself for months and years to come.  But I digress.. The real FUD kicks in with the following paragraph: 

Based on the results, nearly half (47 percent) of respondents do not agree that their legal team can effectively review relevant email in the 99-day window before the meet and confer session. To address this, 51 percent say they have implemented, or are planning to implement technology that allows them to easily search and review email. Similarly, more than one-third of businesses (36.7 percent) are already enforcing a formal retention policy for email, while another 40 percent are currently in the planning stage to enforce a formal policy. Think for a second about what this is saying.   

The Federal Rules set the meet and confer meeting early in the process so that the background issues of how evidence will be produced can be addressed before the litigation gets heated.   At the point of the meet and confer the attorneys merely need to have a grasp on what kind of data exists and how it is best utilized to get to the root issue of the suit.  There is no reason for a full review to be completed by then.    This may be hard for some to believe, but clients and attorneys can speak to each other regarding the issues without having to read a single email.  Through collaboration attorneys and clients can identify one or two individuals who hold relevant email and the relevant dates without unleashing GREP on an entire machine.  The point where relevance gives way to responsiveness and the data dump begins on the adversary comes after the meet and confer.  After reading the methodology of the survey I remained skeptical, especially after reading that this was a vendor press release.  Some quick checking revealed that in the middle of the survey period, the vendor was openly soliciting people to fill out their survey in the hopes of receiving a cash prize for their time.  I’m no statistician, but this carrot and stick method of conducting a survey along with my suspicion that many of their potential customers were encouraged to fill out one of these surveys leaves me completely dismissing many of the statistics presented. E-discovery preparedness is as low as it will ever be, but the driving forces behind developing plans of attack need to come from those with the best interests of the company in mind…not vendors producing data to use on sales calls.