Yottabytes: Storage and Disaster Recovery

April 21, 2014  12:55 AM

California Government Officials Get Gigantic Open Records Loophole

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

Okay, this is really bad.

A California court, the Sixth District Court of Appeal, has ruled that email messages and other forms of electronic communication about public business are not subject to the state’s Public Records Act as long as they’re conducted on a private computer or device.

“We conclude that the [California Public Records] Act does not require public access to communications between public officials using exclusively private cell phones or e-mail accounts,” wrote the three judges in their unanimous ruling.


Do we really need to talk about how really bad this is? Basically, the court has just given California public officials carte blanche to do anything illegal, unethical, secret, or just plain weird, and their constituents have no way to find out about it.

“That decision hews to the narrow language of the act, but it distorts the act’s larger purpose, which is to ensure that the public can scrutinize the actions of its employees when they are doing public work,” writes the Los Angeles Times (which filed an amicus brief in the case) in an editorial. “Indeed, the problem with the ruling should be obvious to all: As soon as a public official realizes that his constituents have no right to look at anything he says on his personal cellphone or laptop, he’ll simply do all of his sensitive or secret communications on those devices. With a flick of the wrist, public officials will exempt themselves from accountability.”

The March 27 ruling reversed a lower court decision in favor of environmental activist Ted Smith, who sought access to messages sent on private devices through private accounts of the San Jose mayor and City Council members, writes the AP. In addition to the LA Times, a number of other news organizations also supported the lawsuit, including the First Amendment Coalition, the California Newspaper Publishers Association, McClatchy Newspapers, Inc., and the California Broadcasters Association.

We’ve already done a number of stories about public officials behaving badly, ranging from erasing messages, using personal email addresses, and otherwise trying to evade proper oversight by the people. And that’s with public records laws applying to private devices. What’s it going to be like when they don’t?

No other state gives its public officials such latitude, writes Brian Heaton in Government Technology (though the ruling does mention a similar case in Pennsylvania). As California is often a bellwether in technology issues, it raises the spectre that other states could follow suit. Not to mention, if private devices are considered protected for public officials, how long is it going to take for employees in the private sector to make the same argument?

Obviously, governments aren’t using the argument that they want the right to give their officials free rein. Instead, the argument — by organizations such as the League of California Cities, writes the AP — is that having to maintain and produce these records, from employees’ private devices, would be too great an administrative burden. This is all happening at the same time that states are dealing with the issue of whether they need to retain texting information — including metadata — having to deal with public business, writes Heaton — which the cities are also saying is too arduous. In addition, the League expressed concern with violating California’s right to privacy, the ruling added.

Smith’s attorney James McManis told the AP that he will ask the state Supreme Court to review the case. “If it doesn’t, the 6th District’s decision would stand, creating a precedent for similar situations in the future,” Heaton writes.

“When you think about it — it’s just nuts,” McManis told the San Jose Mercury News. “If they can hide stuff by using their private devices, that’s no way to run a railroad.”

The California Legislature could also address the issue, and the Sixth explicitly brought that up as a possibility, writes William Adams in Public CEO. “We are bound to interpret statutory language as written and avoid any encroachment on the province of the Legislature to declare public policy,” the ruling reads, passive-aggressively. “Had the Legislature intended to encompass such individuals within the scope of ‘public records,’ it could easily have done so.” Really, though, how likely is it that the Assembly would take away from itself such a juicy privilege?

Cross your fingers.

April 9, 2014  3:55 PM

So What’s the Deal With the OpenText-Box Lawsuit, Anyway?

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

In case you missed it, OpenText is known as the largest software company in Canada, and its CEO is Mark Barrenechea, which I mention only because I’m always delighted to see a good Basque name. Anyway, OpenText filed suit against Box last June, claiming patent infringement, for which the first hearing was held in January. A case management conference is scheduled for Thursday of this week. At the end of March, the company went on to claim $268 million in damages, the first time it had mentioned an amount. In addition, it asked for an injunction against Box that not only would forbid Box from selling its products and services but would demand that it go out to everybody it had sold them to and get them back, writes Tom Petrocelli at Neuralytix.

“OpenText doesn’t just want Box to stop selling their products,” Petrocelli writes. “They want them to “recall and collect from all persons and entities that have purchased any and all products”, “destroy or deliver all such infringing products to OpenText”, and “disable all applications providing access to all such infringing software; and destroy all infringing software that exists on hosted systems. Basically, they say they want Box to stop operating.”

Oh, and this all happened the same week that Box formally filed for its IPO, coincidentally valued at $250 million.

So, now what?

The big question, then (other than “Is ‘OpenText’ one word or two?”), is “What makes Box different from all the other cloud storage vendors?” In other words, why is OpenText picking on Box instead of Dropbox, Google, Apple, Microsoft, etc.? The patents we’re talking about, after all, include three called “System and method for the synchronization of a file in a cache” — surely that seems generic enough to apply to all the myriad cloud storage services out there. As John Coonen in CMS Connections writes, “Is this lawsuit a shot over the bow to Box competitors, with similar technology? In other words, if OT wins this battle war, will DropBox or Syncplicity (now an EMC-owned technology) or Google be next in line to receive a registered letter from the IP folks from Waterloo?”

So what’s the deal? Is there something specific about Box’ product, such as more collaboration, that arouses OpenText’s ire? Does Box have a reputation for wussy legal counsel? Is it because Box tends to have more corporate customers? Does OpenText have a personal issue with flamboyant Box CEO Aaron Levie? Is OpenText hurt because Box didn’t cite it as a competitor in its prospectus? Is it concerned because KapitallWire said that Box’s IPO was most threatening to OpenText stock directly?

One could argue that it’s because Box was first to file for an IPO, and that OpenText would have nailed anybody who went public, but that doesn’t explain why OpenText initially filed suit last June against Box, and against nobody else that I could discover. On the other hand, the timing and amount of the injunction — almost the same that OpenText expects to raise with its IPO — are certainly suspicious (as Coonen also mentions).

What it will all boil down to is the issue of whether the patents are valid. While the vice president of investor relations claims they date back to the 1990s and 2000s, all three of the file synchronization patents were awarded after Box was founded. Now, nobody’s accusing OpenText of being a patent troll, but the notion of trying to patent cloud storage seems like a stretch. On the other hand, while the Electronic Frontier Foundation has been running around looking for overbroad patents to help topple (and succeeding at it, thanks very much), it hasn’t said anything about this one yet. And, of course, the whole issue of software patents in general is an open legal question.

And this is the argument that Box is making, Petrocelli writes. “They claim that the file synchronization patents are invalid due to prior art which means that the technology existed before inventor came up with the idea described in the patents,” he says.

(Ironically, OpenText’s own cloud synchronization product, OpenText Tempo Box — and how hard did it work to get “box” in the name of the product? — was announced in November , 2012, well after Box was founded in 2005.)

It’s been suggested that what the goal really is here is to shake down Box for a licensing agreement, which Cantech Letter said could add as much as $2 per share to the value of OpenText stock. “The devastating demand that Box stop selling their product is pretty common language in patent infringement suits: The complainant demands death for the competitor but they end up with a settlement of some sort, often a cross-licensing deal or an on-going royalty payment,” Petrocelli writes. “A fair monetary settlement that comes short of beating Box to death with a club is in the interest of both parties.”

And perhaps the whole goal of the injunction is to get Box to settle before the court issues its ruling on the original patent infringement — especially if OpenText were to lose. If the court were to find that the patents are invalid, it would not only be a big win for Box but for the entire computer industry, writes Petrocelli, because the industry could then run out and develop cloud storage apps with impunity. On the other hand, if the settlement is made, OpenText could then run out to all of Box’ competitors and try to get the same licensing agreement with them, he continues — before they have a chance to go out and find a bunch of prior art with which to attack any follow-on lawsuits by OpenText.

Stay tuned.

March 31, 2014  10:58 PM

Ready for the Post World Backup Day Sales?

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

The crumpled wrapping paper litters the floor, and tomorrow is half-price chocolate disk drives. Yes, another World Backup Day — the fourth — has come and gone.

The World Backup Day website explains it all, right down to defining “backup” — “A backup is a second copy of all your important files. Instead of storing it all in one place (like your computer), you keep another copy of everything somewhere safe.” It then goes on to explaining why — because people lose their files, and it lists a bunch of statistics about that — and several different ways that people can back up their files, ranging from external hard drives to services.

Finally, you’re asked to take “The Pledge”: “I solemnly swear to backup my important documents and precious memories on March 31st. I will also tell my friends and family about World Backup Day – friends don’t let friends go without a backup.” As of the end of World Backup Day, more than 1800 people had taken the pledge — a big drop from last year, unfortunately.

The website also contains flyers, t-shirt ordering, social media links, and so on. Interestingly, it didn’t seem to include information on World Backup Day sales, a major benefit to the holiday. (There is, however, a Backing Up song, which dates from 2010.) That said, many backup vendors — who don’t usually get a lot of press attention — were ecstatic at the opportunity to promote themselves, such as with a “Gremlin Defense Kit.

Why March 31? In case there’s a virus or something on April 1 that destroys files. (According to Tom Coughlin in Forbes, in 2005 there used to be a backup awareness month but apparently it was decided that just one day would provide enough awareness.)

March 27, 2014  7:44 PM

‘dataSTICKIES’? Sure! Let’s Store 32 GB of Data On a Strip of Scotch Tape!

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

Earlier this month, a number of websites went gaga over something called dataSTICKIES, a graphene-based storage system that would enable you to store up to 32 gb on a narrow multicolored Post-It that could upload data  simply by being stuck anywhere on a particular conductive material on a computer.

What could go wrong?

Admittedly, this is something we aren’t going to have to worry about right away; it’s a “concept” with no date or price yet, though it does have a website, and lots of pretty, colorful pictures. And sure, I’m not the only person who has run into the 3-sided USB problem.

“dataSTICKIES solve this problem by carrying data like a stack of sticky-back notes,” explains the website. “Each of the dataSTICKIES can be simply peeled from the stack and stuck anywhere on the optical data transfer surface (ODTS), which is a panel that can be attached to the front surface of devices like computer screens, televisions, music systems, and so on. The special conductive adhesive that sticks the dataSTICKIES to the ODTS is the medium that transfers the data.”

But really? USB drives don’t have enough security issues? Now we’re going to have a big conductive area on a computer, and anybody can come up and stick a Post-It on it?

Not surprisingly, none of the articles raving about the ease of use of dataSTICKIES get into the security aspects. “It’s an interesting idea and one that demonstrates the imaginativeness of designers who are trying to make our lives just that bit simpler and better designed,” writes Huffington Post UK. “Whether or not it’s possible to make something like this remains to be seen, but it’s an incredibly cool concept, and it’s being worked on by expert industrial designers who truly believe this is a possibility,” writes Dvice.  And UberGizmo writes, “As to the possibility of this happening, it remains to be seen, but considering how we’ve sent man to the moon, why not?”

Hmm. Why not. Think think think.

  • Considering companies are already failing at locking up USB drives, do we really want it to be that much easier to upload and download data?
  • People already lose thumb drives at an alarming rate; do we really want to make thumb drives the thickness of a piece of paper?
  • What a great way to steal data! Get a handful of these things, wander through a building, slap them on a computer, and then wander back and peel them all up again!
  • Alternatively, what a great way to spread malware!
  • “You could hide porn literally anywhere,” reports the one site that had any skepticism about the notion at all, which went on to point out other issues such as lossage, fragility, loss of stickiness, dust and pet hair problems, confusion with non-data Post-Its, and the inability for Microsoft Windows to deal with more than a few of them. “Have you ever wanted to store critical information on the most disposable looking item in your office? Well, now you can!” noted one commenter. “No matter how hard I’d try to keep track of these, they’d end up stuck to the bottom of my shoe,” replied another.

On the other hand, think how much easier this would have made things for Jeff Goldblum in Independence Day.

March 25, 2014  11:51 PM

Making Music With Floppy Disk Drives

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

So it turns out making music with floppy disk drives is a thing. Who knew?

Reportedly developed in 2007, the process now has a whole group of people who use from four to 40 floppy disk drives to create music by telling the read/write head on the drive to go back and forth at the frequency described by each note — 400 Mhz for an A4, for example.

“The floppy drives are fairly cheap,” says Martin Fischer, who as Devils Child created the 40-drive array that plays songs such as the Pirates of the Caribbean theme. “You can get used ones on eBay.” He describes the process on his website, as do other creators, some of whom even demonstrate the development process on YouTube. One developer, George Whiteside, refers to the devices as “diskette organs.” Other developers include Mike Kohn and MrSolidsnake745.

Obviously, the real trick here is the converter that takes the music and tells the floppy drives how fast to move back and forth for each note, not to mention coordinating this activity between up to 40 floppy drives. “In my previous versions (1 and 2) I had to type every note,” Fischer says. “The third version supports MIDI playback. A C# application converts the MIDI files to a C++ include file.”

Many of the floppy drive musicians are now using an Arduino electronics prototyping platform to communicate with the drives. Fischer is using an Arduino, but not directly, he says. “Playing the MIDIs directly on the Arduino would require far more storage and parsing,” he says. “Since parsing MIDIs in C# is fairly easy with the right library, I decided to convert them instead of directly playing them.” Similarly, he has an array of the conversion charts between the frequencies and the notes, instead of expecting the Arduino to do the conversion itself. “An Arduino is not really fast in that manner,” he admits.

Keeping the vibration from “walking” the disk drives off the table is probably a good trick, too.

March 14, 2014  1:08 PM

Google Finally Follows Yahoo!’s Lead, Drops Storage Prices

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

It took almost a year, but the other shoe finally dropped. And so did the price of Google online storage.

In May 2013, Yahoo! announced that all users of its Flickr online photo storage service would get a terabyte for free. At the time, we predicted there’d be a flurry of copycats.

Instead, we got crickets, pretty much

Until this week, when Google announced it was slashing the monthly prices of all its online storage — from $4.99 to $1.99 for 100 GB, from $49.99 to $9.99 for a terabyte, and a new level of $99.99 for 10 TB. Granted, that terabyte isn’t free (Google continues to offer 15 GB free) but it’s a lot closer. And I’m sorry, Yahoo!, but my Google storage is a lot more versatile than Flickr’s; I can share that one glob of storage among all my different Google services.

(And, kudos to Google for automatically repricing existing users, of which I’m one. That said, as an early adopter I’m in the legacy “20 GB for $5 a year” plan, which isn’t available any more and is priced roughly the same per byte as the new 100 GB plan. So our plan doesn’t change)

It’s not terribly surprising that Google is doing this. Competitive pressures with Flickr aside, companies like BackBlaze (of which I’m also a customer) have demonstrated that the price of storage has been steadily going down.

Google has also been facing competition from other cloud storage vendors, and it’s now cheaper, says Re/code. “Keep in mind that the different providers offer all sorts of freebies and incentives and have different tweaks to their accounting styles, but that now puts the price of 100GB at $23.88 per year using Google, $50 per year on Microsoft and $99 per year on Dropbox,” writes Liz Gannes.

GigaOm also pointed out that the move was likely in response to similar moves by Microsoft’s recently renamed OneDrive. “For Google Drive, a relevant comparison is Microsoft OneDrive (formerly known as SkyDrive),” writes Barb Darrow. “Microsoft just offered an array of freebies for that product that gave users 7GB for free and, should they add another 50 GB, they pay just over $2.00 per month ($25 per year).” So Google is now offering nearly twice as much for less money.

Commenters on the various other blog postings on this subject are all eagerly awaiting matching moves from Apple’s iCloud, Dropbox, Box, and so on. This is particularly relevant for Box, which has already filed for an IPO, and Dropbox, which is speculated to be considering one — neither of which would want to be seen as dropping a lot of users right now. Some commenters were already wondering why they would even need Dropbox any longer — particularly if they’re already juggling a handful of cloud storage services.

“Storage is sort of like the crack cocaine of cloud computing,” Darrow writes. “Vendors bank that if you put your stuff in their cloud, you’ll keep coming back for more storage and potentially add more higher-priced services.”

It looks like a lot of people are looking to Google to set them up with a fix.

February 28, 2014  7:00 PM

On the Quest for the Mysterious Source of the ‘Data Loss Causes Company Failure’ Statistic

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

Oh, no! The file/data/disk is gone!

How many times have you find yourself saying that? It’s a comfort to feel you’re not alone, which is why so many people like to seize on statistics like these from the Boston Computing Network, including some subset of the following statements:

  • 6% of all PCs will suffer an episode of data loss in any given year. (The Cost Of Lost Data, David M. Smith)
  • 30% of all businesses that have a major fire go out of business within a year. 70% fail within five years. (Home Office Computing Magazine)
  • 31% of PC users have lost all of their files due to events beyond their control.
  • 34% of companies fail to test their tape backups, and of those that do, 77% have found tape back-up failures.
  • 60% of companies that lose their data will shut down within 6 months of the disaster.
  • 93% of companies that lost their data center for 10 days or more due to a disaster filed for bankruptcy within one year of the disaster. 50% of businesses that found themselves without data management for this same time period filed for bankruptcy immediately. (National Archives & Records Administration in Washington)
  • Companies that aren’t able to resume operations within ten days (of a disaster hit) are not likely to survive. (Strategic Research Institute)
  • Every week 140,000 hard drives crash in the United States. (Mozy Online Backup)
  • Simple drive recovery can cost upwards of $7,500 and success is not guaranteed.

One of the best known, though, is the one that states, “80% of businesses affected by a major incident close within 18 months.” There’s dozens of variations of this on the Internet. It must be true.

Except it’s not. Not really.

“I have read many explanations of where this 80 percent myth originates from, but have never managed to find the original source,” wrote Mel Gosling for Continuity Central in what appears to be 2007. “It has, though, been repeated again and again over the years to frighten executives into developing business continuity plans, and just when I thought that the business continuity profession had decided to stop dragging out such a dubious statistic it has reappeared in all its glory.”

Not that frightening executives into developing business continuity plans is a bad thing, of course. Hey, whatever works.

In discussing the potential source of the quotation, it was tracked down at least as far as Amdahl in 1983. Others said they had heard it 30 years ago (from 2007, which tracks it back to 1977).

In 2009, Gosling went on to follow up on 29 of these and similar statistics, looking for their sources, and determined that in the vast majority of cases, they either couldn’t be sourced or were wildly out of date.

And yet the same data loss statistics still get quoted. Less than a year ago, business backup company Code 42 trotted them out again, attributing “60% of companies that lose their data will go out of business with 6 months of the disaster” to Computer Troubleshooters the previous year. If you go to Computer Troubleshooters, it in turn lists a whole series of statistics, attributed to VaultLogix – but with no source and no date. Moreover, the 60% VaultLogix statistic is quoted by other sites as well.

But while the provenance of the statistic is in doubt, it has what people call “truthiness” (which, incidentally, was the Merriam-Webster Word of the Year in 2006).  It feels right.  “Truthiness” was defined by the American Dialect Society as “the quality of preferring concepts or facts one wishes to be true, rather than concepts or facts known to be true.” As with urban legends, we’d all like to believe there’s a little boy whose dying wish is to get a lot of postcards or that Bill Gates will give money to people who share a link on Facebook. It fits our preconceived notions, so we jump on it without looking too carefully at where the data might have come from.

Now, does this mean that all such studies and quoted facts are suspect? No, not at all. A 2013 blog post from Backupify presented another list of data loss statistics. While it does include the lovely tautology “Data Loss is the #2 reason for data loss (up from #5 in 2010)” (one wonders what the #1 reason for data loss is, if not Data Loss), on the whole, the statistics it lists have more validity.

What makes these numbers more reliable? First, there’s the fact that they actually have dates attached to them, which gives them some context. Second, it’s possible to track down the actual sources of the statistics.  It’s not a single out-of-context fact — or, worse, a whole list of them — passed down through the generations as gospel truth.

You really want to calculate some lost business? Figure out just how many person-hours have been wasted trying to find the source of this mythical statistic.

February 22, 2014  5:28 PM

The 2 Really Dumb IT Mistakes Scott Walker and Staff Made

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

Ethical issues aside — after revelations this week of a cache of as many as 28,000 documents obtained through an investigation into illegal use of  Milwaukee County, Wis.,  staff for campaign purposes by now-Governor Scott Walker — one thing is clear: These people don’t know much about IT.

Here’s the tl;dr background: When Walker was County Executive, staff members worked on his gubernatorial election campaign, which is illegal under the laws of Wisconsin (and most other governmental organizations, including the federal government). They did this through a secret wireless router in the county office with staffers using their personal laptops and email accounts. The scheme was discovered through a raid on county and campaign offices, as well as staffers’ homes, on November 1, 2010 — the day before Election Day — and an investigation, which ended last year after six staff members were charged. The documents were released this week after a request by Wisconsin press agencies.

We’re not going to get into the actual contents of the messages, which journalists are having great fun ferreting out. Our interest is the IT angle, and the two really elementary mistakes that Walker and his staff made.

1. Just because you have a Seekrit Router and personal laptops and email doesn’t mean that investigators can’t still find this stuff. Anything that has governmental (or corporate) records on it can be seized in electronic discovery, even if it’s personal.

2. It isn’t clear from the investigation whether staff made any attempt to delete the messages, though it’s interesting to note that the investigation made a point of seizing the computers the day *before* Election Day — no doubt inspired by incidents such as Govs. Mike Huckabee and Mitt Romney wiping government-owned hard disk drives to stymie future investigations. If they did, staff either did a lousy job or didn’t realize that even deleted email could still be read from hard disks. Or maybe they really thought that by using their own laptops and a secret email router that nobody would find out?

(It’s apparent that staffers weren’t necessarily the sharpest tools in the shed about IT themselves. Regarding the original investigation, for example, the Milwaukee Journal-Sentinel wrote, “In one 2009 chat with Timothy Russell, a longtime friend and fellow Walker aide, [constituent services manager Darlene] Wink asked how she could clear a document from her chat session. Russell told her it would disappear when she logged out. ‘I just am afraid of going to jail – ha! ha!’ Wink wrote in August 2009. Russell replied, ‘You wouldn’t, not for that.'”)

Ha ha.

This is just another example of Government Behaving Badly by using alternative email systems in an attempt to hide what it’s doing. Unfortunately, we’ve seen too many similar incidents in the past few years.

Walker, who has not been charged, has denied knowledge of the secret email system.

February 17, 2014  6:30 PM

Another Iron Mountain Fire Points Up Shortcomings of Physical Storage

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

If you needed any more persuasion that it was a good time to move away from physical storage of records, here it is: Nine first responders were killed and 12 others injured when an Iron Mountain document storage facility in Buenos Aires, the capital of Argentina, burned earlier this month. How many documents were destroyed wasn’t clear, but it took ten squads of firefighters to put out the fire.

Boston-based Iron Mountain Inc. reportedly manages, stores and protects information for more than 156,000 companies and organizations in 36 countries, according to the Washington Post. (The company has a fascinating history; it started as a mushroom farm. Really.) The 19th-century building stored largely paper records and was supposed to have been protected by multiple systems that were intended to preserve records, including halon.

This isn’t the first time Iron Mountain facilities have been struck by fire. In 2006, the company suffered two fires in a single month, including one that destroyed a London building and one, reportedly caused by roofing repairs, that damaged 3 percent of the files in an Ottawa building. Three other suspicious fires occurred in a single Iron Mountain facility in South Brunswick, N.J. in March, 1997. Both the London and New Jersey fires were later determined to be arson, the Post noted. A 2011 fire in Italy was thought to be electrical in origin. Lawsuits associated with the London fire amounted to some $33 million, according to the Iron Mountain 2007 annual report — which also mentioned that the sprinkler system in the London building had been “disabled” in two places, but it wasn’t clear whether the “disabling” was in connection with the fire.

Adding an additional layer of intrigue to this incident is the fact that the facility stored the records for the Argentine banking industry — just days after the Argentine Central Bank’s foreign exchange had come under criticism by JP Morgan, and just a month after the U.S. Supreme Court agreed to decide whether a holdout creditor for Argentina should be allowed to seek bank records about the country’s international assets, a case stemming from Argentina’s historic 2001 default, wrote the Wall Street Journal.

This has led some to speculate that there was a connection and that the Argentine fire was also arson. While Iron Mountain has not yet revealed the cause of the Buenos Aires fire, there are indications of arson, both because the fire started in at least three or four separate locations and that it appeared that the sprinkler system was sabotaged. Who might have set it and for what motivation are unknown.

Even before the 2006 fire was determined to be arson, it was prompting IT managers to look at electronic backup options such as mirrored replication. Eight years later, it’s a surprise that there’s still companies relying on single copies of paper records.

Admittedly, if your goal is to be able to destroy incriminating records should they become inconvenient, electronic records and multiple backups aren’t the best plan, but we’ll assume that’s not the case for the majority of companies. Certainly not the companies that just happened to store their records in the same facility. 

February 8, 2014  8:40 PM

How Wearable Technology Like Google Glass Challenges E-Discovery

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

We already know that companies tend to be behind on e-discovery. Wearable technology such as Google Glass has the potential to make them behinder.

The whole point behind e-discovery is to put all the corporate records in one place, so that they can be managed, deleted when they reach a certain age, and protected if they could be needed in a litigation situation. IT and legal staff have a hard enough time preventing corporate and government employees from deleting things they’re supposed to keep, or making sure they aren’t using personal email and cloud storage accounts for data. So now they have to deal with people running around with little computers on their wrists and on their faces and God knows where else.

And it’s likely to be a big deal. According to a market report published last April by Transparency Market Research Wearable Technology Market – Global Scenario, Trends, Industry Analysis, Size, Share and Forecast, 2012- 2018, “the global wearable technology market stood at USD 750.0 million in 2012 and is expected to reach USD 5.8 billion in 2018, at a CAGR of 40.8% from 2012 to 2018.” Credit Suisse was even more optimistic, predicting last May that “The wearables market is a lot bigger than investors realize, at perhaps $3 billion to $5 billion today, rising to perhaps $30 billion to $50 billion over the next three to five years,” writes Tiernan Ray in Barron’s.

So what next?

“While these products are only now moving from the public periphery, it is only a matter of time before they begin to cause headaches in litigation,” writes Frank Gorman in the eDiscovery Service Blog. “All of the aforementioned devices have a not-insignificant amount of local storage, meaning that the discovery net will have to widen to ensure data is collected from any wearable smart devices that could provide relevant ESI [electronically stored information]. The Galaxy Gear and Google Glass both have the ability to take pictures, share, post, and create documents more seamlessly than ever, all of which could easily affect litigation.”

“There is no doubt that courts will deem non-privileged, relevant electronically stored information (ESI) on these devices as a discoverable type of e-data,” agrees Michele Lange,  an attorney, writer, marketer and e-discovery thought leader at Kroll Ontrack, in JD Supra Business Advisor.The basic application of this inevitable ruling is pretty clear—videos and pictures stored or shared from the device will be discoverable.”

Moreover, Gorman adds, there’s the devices’ tracking potential. “If you have an employee suing for wrongful termination, it would certainly be pertinent to know that, on days they called in sick, their smart watch tracked them at a Cubs game or dancing to “Twist and Shout” in the middle of a parade,” he continues.

“If there were a case regarding a dispute over an individual’s location at a certain point in time, activity on the individual’s wearable device might be used as evidence,” writes Greg Cancilla, director of forensics for RVM. “The smart device might have automatically detected this metadata unbeknownst to the user, and could be used during the discovery process.”

Not to mention the wealth of data preserved by a FitBit.

Okay, but all this data is synced up to the cloud anyway, so what’s the problem? Plenty, Gorman writes. “A smart phone set to sync automatically with a wearable device that has discrepancies between the files found on each could indicate spoliation, whether intended or inadvertent,” he writes. “Google Glass, for example, syncs with Google Drive, so any case involving relevant ESI collected from the glasses will also certainly require access to a custodian’s Google Drive account, meaning that litigating lawyers must have the technical know-how to appreciate the connections between the two functionalities.”

Unfortunately, while attorneys with expertise in this area all agree that it’s really important and companies should start planning for it, they don’t say much about what companies should actually do. “Litigators need to be prepared for ways in which wearable technology will push eDiscovery even further,” Gorman writes. “If a critical mass of society actually adopts this technology,  the revolution will come when the judiciary (and all of us) are forced to cope with a tsunami of duties to preserve this ESI, along with the ever-present threat of back-end spoliation sanctions that will follow,” chimes in Lange.


I am not an attorney. That stipulated, it would seem to make sense that the safest thing to do, if employees are starting to use wearable technology in your company — whether it’s for work or not — is to ensure that they are at least aware of the situation and make sure they preserve any data the devices collect, much as they would do in a BYOD smartphone situation. Cancilla appears to agree. “It is likely that the same policies that apply for the typical mobile devices would apply to these wearable gadgets,” though he goes on, with the same handwaving as the others, “Only time will tell how new policies or amendments to the policies will arise throughout the advancement of wearable technology. It is certain that as these technological changes progress, lawyers will be expected to be well-versed on the new guidelines relating these devices to litigation as well as the mechanics behind them from a strategic perspective.”

Keep in mind that, should you be called before a judge, “The dog ate my data” or any other technological equivalent isn’t going to help you. Judges don’t have much of a sense of humor about such things these days, and have slapped companies with hefty fines for not producing the information, aside from the value of the litigation itself.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: