cloud computing: e-discovery...
TRANSCRIPT
Cloud Computing: E-Discovery Challenges Best Practices to Minimize Pitfalls in Identification, Preservation and Collection of ESI
Today’s faculty features:
1pm Eastern | 12pm Central | 11am Mountain | 10am Pacific
The audio portion of the conference may be accessed via the telephone or by using your computer's
speakers. Please refer to the instructions emailed to registrants for additional information. If you
have any questions, please contact Customer Service at 1-800-926-7926 ext. 10.
WEDNESDAY, OCTOBER 24, 2012
Presenting a live 90-minute webinar with interactive Q&A
Todd Nunn, Partner, K&L Gates, Seattle
Tanya Forsheit, Partner, Information Law Group, Manhatten Beach, Calif.
Sound Quality
If you are listening via your computer speakers, please note that the quality of
your sound will vary depending on the speed and quality of your internet
connection.
If the sound quality is not satisfactory and you are listening via your computer
speakers, you may listen via the phone: dial 1-866-869-6667 and enter your
PIN -when prompted. Otherwise, please send us a chat or e-mail
[email protected] immediately so we can address the problem.
If you dialed in and have any difficulties during the call, press *0 for assistance.
Viewing Quality
To maximize your screen, press the F11 key on your keyboard. To exit full screen,
press the F11 key again.
For CLE purposes, please let us know how many people are listening at your
location by completing each of the following steps:
• In the chat box, type (1) your company name and (2) the number of
attendees at your location
• Click the SEND button beside the box
FOR LIVE EVENT ONLY
If you have not printed the conference materials for this program, please
complete the following steps:
• Click on the + sign next to “Conference Materials” in the middle of the left-
hand column on your screen.
• Click on the tab labeled “Handouts” that appears, and there you will see a
PDF of the slides for today's program.
• Double click on the PDF and a separate page will open.
• Print the slides by clicking on the printer icon.
Cloud Computing and E-Discovery
Todd L. Nunn
e-Discovery Analysis and Technology Group, K&L Gates, Seattle
206.370.7616
6
Cloud Computing E-Discovery - Contents
Cloud Computing Introduction
Possession, Custody and Control
Litigation Holds/26(f) Conference/Collection
Use and Admissibility
Jurisdiction
Third-party Subpoenas
7
What is Cloud Computing?
“Cloud computing comes into focus only when you think
about what IT always needs: a way to increase capacity
or add capabilities on the fly without investing in new
infrastructure, training new personnel, or licensing new
software. Cloud computing encompasses any
subscription-based or pay-per-use service that, in real
time over the Internet, extends IT’s existing capabilities.”
Knorr, Galen, “What cloud computing really means”, Infoworld (4/7/2008)
8
What is Cloud Computing?
“The very definition of cloud computing remains
controversial. Consulting firm Accenture has crafted a
useful, concise definition: the dynamic provisioning of IT
capabilities (hardware, software, or services) from third
parties over a network.”
“Cloud computing is a computing model, not a
technology.”
Fogarty, “Cloud Computing Definitions and Solutions”, CIO.com
(9/10/2009).
9
Types of Cloud Computing Services - NIST
Cloud Software as a Service (SaaS)
Use provider’s applications over a network
Cloud Platform as a Service (PaaS)
Deploy customer-created applications to a cloud
Cloud Infrastructure as a Service (IaaS)
Rent processing, storage, network capacity, and
other fundamental computing resources
10
The NIST Cloud Definition Framework
10
Community
Cloud Private
Cloud Public Cloud
Hybrid Clouds
Deployment
Models
Service
Models
Essential
Characteristics
Common
Characteristics
Software as a
Service (SaaS)
Platform as a
Service (PaaS)
Infrastructure as a
Service (IaaS)
Resource Pooling
Broad Network Access Rapid Elasticity
Measured Service
On Demand Self-Service
Low Cost Software
Virtualization Service Orientation
Advanced Security
Homogeneity
Massive Scale Resilient Computing
Geographic Distribution
11
Advantages of Cloud Computing
Lower Costs
Reduce owned infrastructure
Reduce personnel
Increase Computing Capabilities
Large scale storage/massive processing
Flexibility – rapid deployment
Specialized tools/applications/services
Solves Problems
Technology on demand
12
Disadvantages of Cloud Computing - Control
Bottom line – Third party has data
Loss of physical control
Security – Access restriction/control
Auditability – visibility
Forensic access
Still responsible legally for data handling
Still legally in control
Discovery obligations
Regulatory compliance
13
Disadvantages of Cloud Computing – Cloudiness
Who has data
Cloud service provider
Data center provider
More parties – backup provider – consultants
Financial viability - Robust systems
Where is data
Multiple providers
Different states/countries
How is it being handled
Co-mingling with other customer’s data
Backup policy/retention
Permissions/Export/Transfer
14
Cautionary Tale: Liquid Motors, Inc. v. Lynd,
No.3:09-cv-0611-N (N.D. Tex. April 3, 2009)
FBI executed search warrant, raided Liquid Motors (LM) building, seized all equipment
LM was not suspected of any wrongdoing
Seizure and removal of equipment prevented LM from conducting business – LM clients who relied on the hosting service also suffered interruption
LM applied for temporary restraining order and return of equipment
Court found probable cause for FBI’s retention of equipment, denied application, ordered storage array returned within three days (after being copied), ordered “other servers” and second storage array copied and returned to LM “as soon as possible”
15
Questions to ask Cloud Provider – as a start
Will my data be in the same database as other customers?
Will you commit to segregating our company data
How do you deal with differences in retention periods between customers?
When you perform backups, will my data be co-mingled with the data from other companies on the same tape?
What is your retention period for your backup tapes?
When backup tapes reach the end of the retention period, how many months is it before you re-use them?
Where will my data reside?
Will you commit to a set location
Can you provide me information of data center provider
16
Possession,
Custody, Control
17
Possession, Custody and Control
Under Rule 34, Control does not require that the party
have legal ownership or actual physical possession of
the documents at issue.
Documents are considered to be under a party’s control
when that party has the right, authority, or practical
ability to obtain the documents from a non-party to the
action.
A contract about document handling is sufficient to
establish party control over documents in the
possession of a third party.
18
Possession, Custody and Control
With material in cloud, no physical custody, but legal control
Legal control in form of agreement/contract for cloud services
Irony is that you could have legal control (or entitlement), but might not have “practical ability” to get documents
Contract should spell out precisely how get and who pays
Must understand how data is stored to avoid surprises since you are legally in “control”
19
Preservation
20
Zubulake: Preservation Standard
• “Once a party reasonably anticipates litigation, it must
suspend its routine document retention/destruction
policy and put in place a ‘litigation hold’ to ensure the
preservation of relevant documents.” Zubulake v. UBS
Warburg, LLC, 229 F.R.D. 422, 431 (S.D.N.Y. 2004).
• “The obligation to preserve evidence arises when the
party has notice that the evidence is relevant to
litigation or when a party should have known that the
evidence may be relevant to future litigation.” Zubulake
v. UBS Warburg LLC, 220 F.R.D. 212 (S.D.N.Y. 2003)
21
Legal Holds
Start with Document Retention Policy
Understand Policy v. Practice
Coordinate with Records Manager or IT
Whom do you tell?
“Key” Custodians
Data Stewards: Including Cloud Providers
Evolving Process
Revisit at Critical Stages
22
Legal Holds
How do you tell them?
In Writing
Depends on Culture
What do you tell them?
Describe the Case
Document Categories
Instructions for Technical Handling
Consequences/Contact Information
Follow up
Follow up Notices
Interviews
23
Cyntegra, Inc. v. Idexx Labs., Inc., 2007 WL
5193736 (C.D. Cal. Sept. 21, 2007)
Data stored on third-party’s server was deleted
when Plaintiff failed to make payments
Defendant moved for spoliation sanctions
Among other things, Plaintiff alleged it did not have
control of the documents for purpose of
preservation
24
Cyntegra, Inc. v. Idexx Labs., Inc., Cont.
“Similarly, Plaintiff had sufficient control and legal right over the deleted files to constitute fault. Plaintiff contracted to store business documents on NetNation’s computer servers. At least until March 7, 2006, when payment was discontinued, Plaintiff could direct the flow of information to and from NetNation’s servers. Because Plaintiff could have anticipated the possibility of litigation by this time, it had an affirmative duty to make payments and preserve the evidence. Plaintiff cannot bypass this duty by abandoning its documents to a third-party and claiming lack of control. . . . A contractual relationship with a third-party entity provides, at a minimum, an obligation to make reasonable inquiry of the third party entity for the data at issue.”
25
Legal Holds
Document management/Litigation response plan must take cloud services into account
Talk to custodians about what they use/how they store
Contract with Cloud provider should be specific about how legal holds will be handled/charged
Specific of how any deletion will be discontinued
How handle preservation of your data, while handling co-mingled data
Must understand retention periods, back up practices, co-mingling of data, redundancy of systems, security practices of cloud provider
Provider failing or being taken off line during preservation period could be found to be spoliation
Preservation periods could be years long, how maintain/transfer
Legacy ESI
Cloud Let’s The Issue
26
Federal Rule 26(f)
“In conferring the parties must … discuss any issues
about preserving discoverable information …”
26(f) Advisory Committee Notes
discussion of ESI will involve nature of parties’
information systems
“It may be important for the parties to discuss those
systems, and accordingly important for counsel to
become familiar with those systems before the
conference.”
27
Federal Rule 26(f)
Advisory Committee Notes
Reasonableness should guide preservation efforts
“The parties’ discussion should pay particular
attention to the balance between the competing
needs to preserve relevant evidence and to continue
routine operations critical to ongoing activities.”
Recommends parties’ goal should be to agree to
“reasonable preservation steps” taking all
considerations into account
28
Rule 26(f) Conferences
Due diligence to understand how cloud provider is
storing data
Must understand cloud provider system to meet
requirements of 26(f)
If problematic features (slow collection, change
metadata, failed or lost data or provider), should
flag in conference
Cloud Let’s The Issue
29
Inaccessible data – FRCP 26(b)(2)(B)
Specific Limitations on Electronically Stored Information. A party need not provide discovery of electronically stored information from sources that the party identifies as not reasonably accessible because of undue burden or cost. On motion to compel discovery or for a protective order, the party from whom discovery is sought must show that the information is not reasonably accessible because of undue burden or cost. If that showing is made, the court may nonetheless order discovery from such sources if the requesting party shows good cause, considering the limitations of Rule 26(b)(2)(C). The court may specify conditions for the discovery.
30
Inaccessible data – FRCP 26(b)(2)(B)
Advisory Committee Notes: “A party’s identification of sources of [ESI] as not reasonably accessible does not relieve the party of its common-law or statutory duties to preserve evidence. Whether a responding party is required to preserve unsearched sources of potentially responsive information that it believes are not reasonably accessible depends on the circumstances of each case. It is often useful for the parties to discuss this issue early in discovery.”
31
Calixto v. Watson Bowman Acme Corp., 2009 WL
3823390 (S.D.Fla. 2009)
Defendant argued backup tapes were inaccessible because
of undue burden or cost
Vendor estimate for restoring and searching: $40,000 + all
expense to review for relevance and privilege
Found inaccessible
No “good cause” found because material likely duplicative
given time frame and evidence of defendant’s preservation
But one backup tape from earlier time period found not
inaccessible because cost of restoring and reviewing one
tape not burdensome, and evidence of no duplication of
material
32
Starbuck’s v. ADT Security Services, 2009 WL 4730798
(W.D. Wash.)
Used a Zantaz e-mail archive system for certain time period –Plasmon System
500 double sides DVDs accessed by a robot arm
Very slow and laborious to retrieve – but still in use
ADT argued that archive was inaccessible
Court held archive not inaccessible
Court did not find time or expense estimates credible
Because still in use – held must be accessible
Cannot relieve party of duty to produce those documents merely because has chosen a means to preserve which makes ultimate production of documents expensive
33
Inaccessible Data
Burden is on data owner to show inaccessibility
Agreement should be specific about costs for litigation
support
Not inaccessible just because ESI hard/expensive to get
Must understand what cloud provider has and how it works to
support argument of inaccessibility
Arguments that data is redundant
Support specific arguments regarding expense
Cloud Let’s The Issue
34
Collection
35
Collection of ESI
Collect by custodian
Full collection
Self collection
Collect by search terms
Sweep and keep systems
File shares
Non-custodial sources
Databases
Cloud sources
Preservation of metadata and file
structure
36
Collection
Ability to collect completely as important under federal case law
Understand where data is stored
Need to be able to identify custodian material and track what is collected
Speed of collection Collection in bulk or custodian-by-custodian/document-by-document
Format - does cloud storage change metadata What metadata is provided
Will provider be able to prove nothing was deleted - audit
Cloud Let’s The Issue
37
Authentication
38
Procedure of Authentication
Authenticity under 104(b)
Judge makes preliminary determination
Based on admissible evidence
Sufficient evidence to support a jury finding of relevance
Court need not find that the evidence is necessarily what the
proponent claims, but only that there is sufficient evidence
that the jury ultimately might do so
39
Authentication
Evidence rules on authentication apply to ESI in the
same way as other evidence
Rules are the same for paper and ESI
Three methods of authentication refer to computer
based evidence in advisory notes (federal)
901(b)(7) (public records and reports)
901(b)(8) (ancient documents or data compilations)
901(b)(9) (processes or systems)
40
Rule 901. Requirement of Authentication or
Identification
(a) General provision.—The requirement of
authentication or identification as a condition
precedent to admissibility is satisfied by evidence
sufficient to support a finding that the matter in
question is what its proponent claims.
(b) Illustrations.—By way of illustration only, and not
by way of limitation, the following are examples of
authentication or identification conforming with the
requirements of this rule:
41
Available Methods to Authenticate ESI, cont’d.
Rule 902: Self-Authentication: “Extrinsic evidence of
authenticity as a condition precedent to admissibility is
not required with respect to the following:”
Does not require the sponsoring testimony of any
witness
Opposing party may still challenge authenticity
Provisions most commonly used for ESI:
902(d): Official publications (e.g., Census Bureau)
902(g): Trade inscriptions (e.g. business e-mails)
42
Internet Website Postings/Social Media
901(b)(1): Witness with personal knowledge
901(b)(3): Expert testimony
901(b)(4): Distinctive characteristics
901(b)(7): Public records
901(b)(9): System or process capable of producing
a reliable result
902(5): Official publications
902(11): Business Records
43
Other Methods of Establishing Authenticity
Examples listed in Rules 901 and 902 are illustrative
only, not exhaustive
Court may hold that documents produced by a party
in discovery are presumed to be authentic, shifting the
burden to the producing party to show that the
evidence they produced was not authentic
Court may take judicial notice under Rule 201 of
certain foundational facts needed to authenticate an
electronic record
44
Other Approaches to Authenticity
Request opponent to admit the genuineness of the
evidence through CR 36 Requests for Admission
Make request at pretrial conference that opponent
agree to stipulate “regarding the authenticity of
documents”
Disclose electronic evidence in ER 904 pretrial
disclosures of documents; if opponent does not
object within 14 days, any authenticity objections
are waived
45
Deal with Authentication Early
Party’s own records
At time of collection, production
When identifying/interviewing witnesses
Subpoenas
Limited access and leverage on witnesses
Send form declarations
Use records depositions
Get stipulations
46
Use and Admissibility
Will you have the information to satisfy the authentication under 901 and 902
Key is security and access controls
Is there visibility into this for provider
Who at provider will execute a declaration required under authentication rules
Contract should provide for this support
Cloud Let’s The Issue
47
Jurisdiction
48
Where is your data?
Location of data may control conditions of
disclosure
EU & Other data protection laws could affect your
use and transfer of data
49
Can cloud computing affect personal jurisdiction?
Perhaps.
Forward Foods LLC v. Next Proteins, Inc, 873 N.Y.S.2d 511
(N.Y. Sup. Ct. 2008)
In furtherance of sale of business, defendant set up
“virtual data room” which made important documents
available to interested parties
Plaintiff utilized data room to view documents before
finalizing purchase
Purchased business underperformed, Plaintiff filed suit
Defendant moved to dismiss for lack of personal
jurisdiction
50
Forward Foods LLC v. Next Proteins, Inc.
Here, Defendants’ contacts with New York amount to a visit by Jason Stephens, Director of Health and Fitness sales channel, a virtual data room where Defendants uploaded documents for Emigrant to review in New York, and several emails containing additional documents sent to Emigrant in New York. It is undisputed that the meeting between Jason Stephens and Emigrant in New York did concern the sale of Defendants’ business to Plaintiff and that Defendants followed up on the meeting with additional emails to New York. Plaintiffs correctly argue that Defendants maintained sufficient contacts with the state of New York and have clearly transacted business within the state such that personal jurisdiction over Defendants under CPLR § 302(a)(1) would be appropriate.
* Case dismissed for forum non conveniens
51
Third-Party
Subpoenas
52
The Stored Communications Act: 18 U.S.C. § 2701 et seq.
Regulates disclosure of content and non-content information by two types of providers: Electronic Communication Service (ECS)
Remote Computing Service (RCS)
Regulations differ depending on provider type
Generally content will not be disclosed absent consent (who can give consent depends on provider) Other more rarely used exceptions may also apply
Civil subpoena is not an exception requiring disclosure: See e.g., Special Markets Ins. Consultants, Inc. v. Lynch, No. 11 C 9181, 2012 WL 1565348 (N.D. Ill. May 2, 2012)
Non-content information, however, may be disclosed pursuant to a subpoena
53
Seeking Content? Compel Consent (or Use Rule 34):
Flagg v. City of Detroit, 252 F.R.D. 346 (E.D. Mich. 2008)
Defendants alleged SCA prohibited any disclosure of content of text messages absent consent, which Defendant sought to withhold
Court ruled that City could be compelled to provide necessary consent for disclosure:
“In any event, even if Defendants are correct in their contention that SkyTel cannot produce any communications in this case without the “lawful consent” called for under § 2702(b)(3), the Court finds that the Defendant City has both the ability and the obligation to secure any such consent that the SCA may require.”
Courts analysis relied heavily on question of “control” pursuant to Rule 34 – Defendants had control of the content such that they could consent to disclosure
Court counseled that a Rule 34 request directly to a party was a more “straightforward path” and avoided many sticky questions under the SCA
54
Does control and consent analysis apply to non-parties? Yes.
Thomas v. Deloitte Consulting LP, 2004 WL 1372954 (N.D. Tex. June 14, 2004)
Defendant sought production of bank records from non-parties
Court ordered production of documents or authorization for bank to disclose:
Rule 45(a) requires a person served with a subpoena to produce all responsive, non-privileged documents in his “possession, custody or control.” FED. R. CIV. P. 45(a)(1)(C). This rule is broadly construed to encompass both actual and constructive possession. . . . CHS and FPI make no argument that they do not have a legal right to obtain bank statements and checks from Bank of America and Regions Bank. The court will require that they do so or, alternatively, execute authorizations to enable defendant to obtain these documents directly from the banks.
55
Criminal Investigations are Different:
Twitter v. Harris, 2011NY080152 (N.Y. Crim. Ct. 2012)
NY Court ordered production of content and non-content
information from Twitter
Held account owner did not have standing to quash Twitter
subpoena
No proprietary interest
No privacy interest
Production was ordered pursuant to 18 U.S.C. § 2703(d)
(court order): court order is available to “governmental
entities” under this provision
Despite objection, Twitter finally produced the materials after
being threatened with contempt and sanctions
56
Seeking Non-Content Information? Serve a Subpoena:
Achte/Neunte Boll Kino Beteiligungs GMBH & Co. v. Does
1-4577, 736 F. Supp. 2d 212 (D.D.C. 2010)
Court granted leave to serve Rule 45 subpoenas on ISPs
seeking to obtain “information sufficient to identify each
Defendant, including name, current (and permanent)
addresses, telephone numbers, email addresses and
Media Access Control addresses”
District Court denied subsequent Motion to Quash
brought by non-parties whose information would be
produced
57
Beluga Shipping GMBH & CO. KS “Beluga Fantastic” v. Suzlon
Energy, Ltd., 2010 WL 3749279 (N.D. Cal. Sept. 23, 2010)
Foreign party sought to compel emails and records related to accounts
of foreign cross-defendants
Google, based on inability to comply, sought to intervene
Court held contents of emails could not be disclosed without
subscriber’s consent and granted motion to intervene, but ordered
production of documents reflecting: when the accounts were created,
the names of the account holders as provided to Google, the countries
from which the specific email accounts were created
Google instructed to “preserve the snapshot of the emails in the
specific Gmail accounts set forth above” pending further showing of
consent by account holders
58
www.ediscoverylaw.com
2012
Cloud Computing E-Discovery Challenges Implications for Cloud Computing Contracts
October 24, 2012
Tanya L. Forsheit, Esq., CIPP/US Founding Partner, InfoLawGroup LLP
www.infolawgroup.com
310.706.4121
SEGALIS PLLC
E-Discovery Implications for Cloud Computing Contracts
Contractual Considerations
• Searchability/Availability/Forensics
• Preservation/Integrity/Authentication
• Return and Secure Disposal
• Subpoenas, Control and Access
• Extended/Multi-Level Relationships
• Right to Conduct Forensic Exam
• Cross-Border Data Transfers
Sample Provisions 60
SEGALIS PLLC Searchability/Availability/Forensics
“Searchability” and availability of data in cloud
Forensic assessment (identifying, collecting and
preserving data) in cloud context
Metadata
61
SEGALIS PLLC
Preservation, Authentication and Data Integrity
For purposes of meeting evidence preservation
requirements, and discovery obligations in litigation and
government investigations, it may be important for a cloud
services contract to require that a cloud provider preserve
information and provide the customer with access to the
information in the form in which it is maintained in the
ordinary course of business, sometimes on short notice.
62
SEGALIS PLLC
Preservation, Authentication and Data Integrity (cont.)
Duplication/Replication Issues. You may have many extra
copies of data in many additional locations. This could increase
the scope of company preservation obligations (especially if
information is not disposed of pursuant to routine records
retention schedule).
Data Authentication and Integrity. If multiple copies are made
(without your knowledge), it may be difficult to ascertain which
is the “original” (also consider timing issues/server settings).
63
SEGALIS PLLC
Return/Disposal
Like other outsourcing agreements, cloud
contracts should provide for return and/or
secure disposal of the information in
accordance with the customer’s directions.
64
SEGALIS PLLC
Access-Extended/Multi-Level Relationships
Extended Cloud Relationships- Cloud providers use
other cloud providers
Ensure ability to access data when several levels
removed
Where is the data actually being stored, processed
and transmitted?
Has the “direct” cloud provider secured rights to
ensure that it can preserve/gather data?
65
SEGALIS PLLC
Cross-Border Data Transfers
What happens when the data resides in another country?
Conflicting EU Privacy Laws and Blocking Statutes
Contracts Insufficient to Address
Need Safe Harbor/Standard Contractual Clauses/BCRs
Still may not be able to process data for US discovery
66
SEGALIS PLLC
SAMPLE PROVISIONS
67
SEGALIS PLLC
Preservation, Return, and Secure Disposal of Information
“Service Provider shall preserve any information provided by
Customer to Service Provider, including but not limited to any
metadata, in accordance with Customer’s instructions and
requests, including without limitation any retention schedules
and/or litigation hold orders provided by Customer to Service
Provider, independent of where the information is stored
(specifically, and without limitation, even where such
information resides with or is held, processed or stored by a
service provider, sub-contractor, vendor, or other third party).”
68
SEGALIS PLLC
Preservation/Integrity, Return and Secure Disposal of Information (cont.)
“Service Provider shall take reasonable steps to ensure proper destruction (such that information is rendered unusable and unreadable) and return of information to Customer in a format requested by Customer and at Service Provider’s expense when it is no longer needed to perform services pursuant to the Agreement or [x] days following termination of the Agreement. Service Provider shall provide written certification that all such information has been returned and deleted.”
69
SEGALIS PLLC
Subpoenas, Control and Access “Service Provider shall cooperate with Customer in responding to any party, non-
party, or government request for information, including but not limited to
metadata, provided by Customer to Service Provider. In the event that such
requests are served on Customer, Service Provider shall provide Customer with
access to such information in the format in which it is maintained in the ordinary
course of business (or, on Customer’s request, with copies) within [x] hours of
receipt of any request by Customer for such access or copies. In the event that
such a request (in the form of a subpoena, order or otherwise) is provided to or
served on Service Provider, Service Provider shall notify Customer in writing by
electronic mail to [INSERT EMAIL ADDRESS] immediately and in no event more
than [x] hours after receiving the request, subpoena or order. Such notification
must include a copy of the request, subpoena or court order.” 70
SEGALIS PLLC
Subpoenas, Control and Access (cont.)
“Service Provider also shall immediately inform in writing the
third party who caused the request, subpoena or order to
issue or be provided or served on Service Provider that
some or all the material covered by the request, subpoena
or order is the subject of a nondisclosure agreement.”
“Service Provider shall cooperate with Customer in seeking
any protection from disclosure for such information that
Customer shall deem appropriate.”
71
SEGALIS PLLC
Authentication
“In the event that Customer is required to authenticate any of
the information, including without limitation metadata, provided
by Customer to Service Provider, Service Provider shall
cooperate with Customer in providing any requested
assistance with such authentication, including without
limitation testifying (by affidavit, declaration, deposition, in
court, or otherwise) as a custodian of records to authenticate
the information, establish chain of custody, and/or provide any
other requested information.”
72
SEGALIS PLLC
Want More?
Please feel free to contact:
Tanya L. Forsheit
(310) 706-4121
73
2012
Cloud Computing E-Discovery Challenges Implications for Cloud Computing Contracts
October 24, 2012
Tanya L. Forsheit, Esq., CIPP/US Founding Partner, InfoLawGroup LLP
www.infolawgroup.com