Yottabytes: Storage and Disaster Recovery

August 31, 2014  10:54 PM

What We Can Learn From the ‘ISIS Terror Laptop of Doom’

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
Encryption, privacy, Security

Our government loses so many laptops, it’s kind of nice when the tables are turned once in a while. That said, a lot of people are talking about what’s purported to be a laptop belonging to the Sunni jihadist group ISIS.

You may recall in 2011, when Osama bin Laden’s hideout was raided and he was killed, that Navy SEALS retrieved several computers and storage devices. This is similar, except the laptop was captured in January by a moderate rebel group in northern Syria, from an ISIS hideout, according to Foreign Policy, which broke the story. 

In fact, according to reporter Harald Doornbas, the laptop — which he dubbed the “terror laptop of doom” — was conveniently neither password-protected nor encrypted, and the material it contained was only nominally protected. “Buried in the ‘hidden files’ section of the computer were 146 gigabytes of material, containing a total of 35,347 files in 2,367 folders,” he writes. And what was in those files? Besides “videos of Osama bin Laden, manuals on how to make bombs, instructions for stealing cars, and lessons on how to use disguises,” it also contained what is said to be detailed information on how to weaponize bubonic plague for biological warfare. 


Opinions vary on the veracity of the laptop (incidentally, apparently the laptop of choice for biological terrorists is Dell, and it’s black). Some found it evidence that the U.S. should attack and some — damn few, sadly — found that there are aspects of the story that lack credibility. Such as, really? You capture an enemy laptop in January and don’t look at it til months later, in front of a reporter?

Similarly, the reporter was criticized for looking at the laptop in the first place, as opposed to having it examined forensically. because running it would modify dates and other information that could be useful in determining its veracity , noted one online commenter, who went on to point out that similar “magic laptops” justifying conspiracy theories had been found in Colombia in 2008.

One of the less hysterical reactions — though it didn’t address the veracity issue — is from Outbreak News Today. Specializing in covering infectious diseases, the publication not only points out the long history of attempts to use plague in biological warfare — dating back to the 14th century — but also talked about the difficulties of such.

Other commenters noted that none of the information was particularly a smoking gun, that such information is readily available to anybody (Anarchist Cookbook, anyone?), and that perhaps the laptop was a plant intended to encourage a war. “How convenient!” posted one. “Just as the US have troubles coming up with a reasonable justification in international law for air strike operations, a laptop – luckily the one with all the plans – comes up.”

Perhaps we could call it the Zimmermann Laptop, after the Zimmermann Telegram — originally thought to be fake but later demonstrated to be true — which helped propel the U.S. entry into World War I.

August 29, 2014  2:49 PM

BackBlaze Tests 6TB Drives in Storage Pods

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
Backup, Seagate, Storage, western digital

As you may recall, there are a number of vendors using a monstrous lot of hardware by buying a lot of commodity hardware, stripping off everything extraneous, and then stuffing boxes full of them. In addition, many of these vendors are also being nice and sharing information with us about their experiences.

Along with companies such as Facebook and Google, one of these companies is the online backup provider BackBlaze, which creates giant storage “pods” out of commodity disk drives. It both uses them itself and sells them to other companies, such as Netflix. BackBlaze not only publishes details on how to build your own, but also reveals data about how well the various commodity disk drives work. This can be valuable best practices information for any company.

Consequently, BackBlaze periodically creates a new pod with a new type of disk drive just to check it out, and that’s where we are today. As of February 2013, the company was building its pods with 4TB disk drives, which meant the pods could store up to 180TB. Recently, however, the company is starting to test pods with 6TB drives, which not only means the pod can now store 270TB — half as much again, in the same space — but gives the company a chance to check out the new models of 6TB drives, for when prices drop down enough later. So far there’s one pod with Western Digital drives, and the company is planning to build another pod with Seagate drives.

There’s a couple of interesting nuances to the BackBlaze experiment, which, as usual, it details in a blog post.

First, let’s talk about electricity. The 6TB drives use less power than the 4TB ones. Moore’s Law FTW. However, BackBlaze pays a flat rate per rack for electricity rather than using metered electricity, so that it has a more regular expense flow. This might be something for other businesses to consider, if their power companies offer it.

Second, let’s talk about cost. BackBlaze explains that it typically upgrades to a new size of disk drive when the price differential between the two sizes drops to half a cent per gigabyte. Currently, the differential between 4TB and 6TB disk drives is a nickel per gigabyte, which is why the company is only testing the 6TB drives and not switching to them. However, due to its experience in the industry, it has a fairly good idea of how storage prices change, and that they decrease on a fairly regular curve, meaning the company can already predict that it’s likely to be able to switch to 6TB drives in early 2015.

In the meantime, BackBlaze is testing various vendors’ 6TB drives so that by the time prices do reach that point, it will know which disk drives are faster, use less power, fail less often, and so on.

On the other hand, with Seagate now shipping 8TB drives this month, it means BackBlaze already has a new kind of disk drive to test — which would make a 360TB pod. No word yet on how much it will cost.

Disclaimer: I am a BackBlaze customer.

August 25, 2014  11:50 PM

What Crimes Do Vendors Look for In Our Email?

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
Email, Google, privacy, Security

We’ve written before about how people’s storage privacy rights seem to go out the window whenever child pornography is mentioned, whether it’s on hard disks and USB drives, the cloud, or whatever.

Now we’re finding it’s true of email too.

(Stipulated: Child pornography is bad. Moving on.)

John Henry Skillern, of Texas, was arrested earlier this month for child pornography in his Gmail account, after Google alerted police. Police then came with a warrant, searched his home, found other evidence, and arrested him.

Wait a minute. How did Google know? Doesn’t the company talk all the time about how it doesn’t really look at the content of our email? That it’s just looking for keywords so it can sell ads?

It works like this. Really, there’s not that many newly generated child porn images out there; old ones keep getting sent around. As we’ve written about before, companies such as Dropbox, Facebook, and LinkedIn have a database of known child pornography images that have been hashed, or reduced by algorithm to a much smaller size. This is helped by an organization called the Internet Watch Foundation, which is co-funded by Google. Those companies compare the hashes of files being sent or stored with the database of child pornography hashes, and look for a match. It saves time, it saves space, and it means the companies don’t need to keep a database of eeeeevil pictures around for comparison.

It’s also why you don’t get arrested for sending a picture of your kid in the bathtub — because that picture isn’t in the database.

Turns out that Google is doing this searching with Gmail as well. It claims, in fact, that it is required by U.S. law to do so. Sort of. It is required by law to notify the National Center for Missing and Exploited Children if it finds people sending child pornography. It is less clear whether it is required to search for them doing so.

Either way, what’s the problem? If you don’t send out or receive child pornography in your Gmail, you don’t have to worry, right?

First of all, this incident raises the question of, what else does Google (and, presumably, other email providers, such as Microsoft and Yahoo!, according to CNN) look for in our Gmail? What else might they be willing to turn over to the police or other government agency?

Google claims that it doesn’t do this for anything other than child pornography. “if you’re Gchatting with a friend about buying marijuana, Google doesn’t want you to worry about being turned in,” writes CNN. But according to the legal expert CNN consulted, there was no reason Google couldn’t do that — it’s right in the terms of service. 

“This kind of search technique can’t be easily translated to other crimes,” Business Insider reassures us blithely. “It’s not the same as a keyword search looking for words like ‘murder, ‘killed,’ ‘stolen’ or ‘bomb.’ Think how many times people use use those words innocently.”

On the other hand, as you may recall, Dropbox used a similar method of storing files to eliminate duplicates — by hashing them to see if a file was already stored online, and if it was, putting in a pointer rather than another copy of the file. But that would also make it easy for a law enforcement organization to determine whether a person was storing copyrighted material, such as movies, in their accounts — just create a similar hash database of popular movies and television programs. The same could be done for music files.

Not to mention anything considered to be terrorist activity, which is right up there with child pornography in terms of the throw-your-civil-liberties-out-the-window card. Or, as GigaOm suggests, fraud or illegal drugs. 

Second, just how automated is this process? If someone receives a child pornography file through email that they didn’t want and didn’t ask for, how likely is it that the email provider is going to turn them in? What a great way to take care of your enemies!

Third, what other online products do this? If someone Googles “child pornography,” is this going to come back to haunt them later? The CNN piece indicated that it applied to search as well. What if they’re doing research for an article or a blog post?

Hypothetically, of course.

August 12, 2014  9:34 PM

Another Judge Tells Microsoft, ‘All Your Data Are Belong to Us’

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
Microsoft, privacy

Another judge has told Microsoft that it must release data stored on one of its servers to a U.S. government agency, even though the data in question is outside the U.S., setting the stage for a massive worldwide confrontation on just who has the right to have access to data where.

The agency is unnamed, but the Wall Street Journal identifies it as the Justice Department, and several media reports indicate that the case has something to do with drugs.

This particular ruling is just another stepping stone on the path; according to the New York Times, the judge in question, Judge Loretta A. Preska of the United States District Court for the Southern District of New York, agreed to an immediate stay pending the next step in the appeals process, meaning nobody has to do anything yet except the lawyers.

And the lawyers are very busy.

“It is a question of control, not a question of the location of that information,” Preska said, according to newspaper reports. Because Microsoft could make a copy of the information in the Irish server from the United States, it doesn’t violate Ireland’s sovereignty, she ruled.

“She cited a 1984 case that held that a court may require a company to disclose its business records no matter where in the world they are, and that the disclosure did not require the consent of the country in which they are stored,” writes the Washington Post. “She said that Congress was aware of the 1984 case when it passed [the Electronic Communications Privacy Act], and so the law implicitly authorized the overseas reach.”

Microsoft is the point person here, but in a there-but-for-the grace-of-God-go-I move, several other companies that have worldwide data centers have filed briefs with the court supporting the company, including Apple, AT&T, Cisco, and Verizon, according to the Times and the Guardian, as well as the nonprofit Electronic Frontier Foundation.

Aside from keeping several law firms afloat, the case could have several other ramifications. First, it puts companies in the position of violating either European Union or U.S. law. “All of [this] puts Microsoft in a very difficult position,” explains Forbes. “If they obey the US order then they’re in breach of EU law, if they stick to EU law then they’re going to be in breach of this US order (for however long the order survives the appeals process).”

Second, it could scare worldwide companies away from using U.S. companies’ data centers to store their data, which could have a significant impact on those companies’ finances. Companies are worried they could lose billions of dollars in revenue to foreign competitors if customers fear their data is subject to seizure by US investigators anywhere in the world, the Guardian writes.

Third, it gives other countries the opportunity to come up with reasons why they should have access to data stored in the U.S. based on their laws. The U.K., for example, recently created the Data Retention and Investigatory Powers (DRIP) Act, which “requires internet and phone companies to collect their customers’ personal communication data, tracking their phone and internet use, and store it for 12 months to give access to the police, security services and up to 600 public bodies on request,” according to the Guardian.

The U.K. government also added a clause making it clear that foreign firms holding data on U.K. citizens can also be served with a warrant to hand over information, the Guardian writes.

Similarly, Microsoft’s attorney said that authorities in China had appeared at Microsoft offices there demanding a password to gain access to material that the company stores in the United States, according to the Associated Press. 

All in all, it has the potential to create a terrible mess.

July 31, 2014  8:27 PM

Another Reason Not to Poke USB Sticks in Things

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
Flash drive, Security, Thumb drive, USB drive

Black Hat is always a fun time to find out what new security vulnerabilities there might be to keep you up at night — particularly if you attend and get your system infected while you’re there — and this year is no exception. The conference will be held in Las Vegas next week and the online world is already atwitter, so to speak, about one of the presentations.

This is all according to the German security organization SR Labs, which is offering a presentation called “Bad USB — On Accessories That Turn Evil.” The organization released a preview of its presentation on its website.

According to the presentation, it’s possible to insert malware into the microcode in USB devices — that is, any USB device, including keyboards, cameras, and mice — to reprogram them and essentially turn them into another USB device. This would allow people to:

  1. Emulate a keyboard and issue commands on behalf of the logged-in user to steal files or install malware; such malware, in turn, can infect the controller chips of other USB devices connected to the computer
  2. Spoof a network card and change the computer’s DNS setting to redirect traffic
  3. Boot a small virus on startup, which infects the computer’s operating system prior to boot
  4. Replace the computer’s BIOS
  5. Though the researchers don’t mention this one, presumably it could turn on the camera and spy on you or anything else in the room

Naturally, none of this is detectable. Virus scanners don’t work because they don’t look at microcode. Beyond that, once a computer is infected, you can basically never trust it again, SR Lab researchers say, because any USB thing that might be plugged into it could still be infected, even if you reinstall the operating system.

The organization says it will be releasing unspecified “tools” on August 7, but whether these are tools to prevent this sort of attack or enable it, they don’t say. The session description, however, does seem to indicate that the researchers will be speaking about how to protect against such attacks, at least theoretically.

A Reuters article on the presentation attributes the vulnerability to a “bug,” but the SR Labs presentation doesn’t make it sound like a bug is involved — simply that the microcode isn’t protected from such malware.

Karsten Nohl, chief scientist at SR Labs, who is one of the co-presenters, also told Reuters that he wouldn’t be surprised if organizations such as the NSA weren’t already using this technique, but the NSA wouldn’t comment to Reuters.

Reuters said Nohl had done this with Google’s Android as well as with microcode on chips from Phison; Phison representatives didn’t think it was possible. Nohl also said that he believed it would work with any vendor’s chips, not just Phison’s.

We’ve said before that it’s really not a good idea to pick up strange USB sticks and use them; it sounds like that’s particularly true now.

Particularly at Black Hat.

July 27, 2014  11:55 PM

Why the ‘Hard Drive-Sniffing Dog’ Should Scare the Crap Out of You

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
privacy, Security, Storage

More than one person thought it was from the Onion: Police have trained dogs to smell out child pornography. But the truth is no laughing matter.

First of all, the dogs can’t smell pornography, child or otherwise. For heaven’s sake, writers. Have some credibility.

What the dogs (publicized in Connecticut and Rhode Island, thus far) have reportedly been trained to do is smell out storage devices, such as hard drives, memory cards, and USB sticks. Similarly, dogs have also been trained to find cell phones in prisons. And in response to media pirating, dogs were trained in 2006 to find DVDs and other recorded media, which the police would then seize and search and determine whether they were legal.

So the “pornography-sniffing dog” works like this: Police think a perp has child pornography on storage devices, bring in the dog, the dog finds storage devices “hidden” in a suspicious way, and that gives the police probable cause to seize the storage and search it. Because after all, if there was nothing creepy on it, why’d you hide it, punk?

(Slashdot commenters had fun with this story, suggesting ways to defeat the dog. “Get a lot of old flash drives, sd cards, and the like, the old super cheap ones of course, and stick them everywhere,” writes one. “Under the carpet, taped to the bottom of the drawers, in the hem of the curtain, etc. After 30 or 40 of them, somebody is going to get sick of playing that game, and it might be the dog.”)

Stipulated: child pornography is bad, and we don’t want people to do it. Stipulated also, most police officers and prosecutors genuinely want to just catch bad guys and be on the right side of the law. That said, we’ve already written about how child pornography seems to be a Get Out of the Fourth Amendment Free card for some people. And this is a particularly egregious example.

Let’s start with the fact that drug-sniffing dogs, from which this is the logical extension, and their handlers have been implicated in some pretty interesting Fourth Amendment cases. In February, 2013, the Supreme Court ruled that searches based on using drug-sniffing dogs was legal even if what was found wasn’t related to what the dog detected. (Though in more recent cases, the Supreme Court has ruled that home searches, specifically, based on a drug-sniffing dog are illegal.)

“The U.S. Supreme Court has given police ‘probable cause’ to search your vehicle if a police dog detects drugs, typically by sitting, digging or barking,” explains the Las Vegas Review-Journal in an extensive article about drug-sniffing dog flaws. “That is an extraordinary power — officers working without dogs need ‘a reasonable belief that a person has committed a crime’ for such searches. Mere suspicion is not enough, and criminal cases resulting from searches that don’t meet the ‘probable cause’ standard can be, and are, tossed out in court.”

Drug-sniffing dog reactions consequently practically gives police carte blanche to search whatever they want. And note that it’s been reported that some 90 percent of U.S. currency has traces of cocaine on it.  For example, in numerous cases people traveling with large amounts of cash have had it seized by virtue of it being “contaminated” with drugs.

Some people have also criticized the fact that the storage-sniffing dogs are being trained and rewarded with food. “This is how he eats every day,” according to the dog’s trainer. But other dog experts say that training a dog with food is a bad idea. “Offering a sniffer dog food in exchange for a ‘find’ opens the way for an abuse of the system — if it’s hungry enough it will take food from anybody, not just its handler and therefore defeats the object of the search,” Maggie Gwynne, of Sniffer Dogs UK & International, told the BBC.

(On the other hand, one wonders what one of these storage-sniffing dogs would do in a room full of dog biscuits.)

There have also been cases where dogs’ “detection” of drugs appears to be based primarily on the reactions of their handlers, a sort of drug-sniffing Clever Hans. The police want to find drugs in your car? Son of a gun, the dog detects something — simply because the handler believes that it’s there.  That gives police probable cause to search. And chances are, something, somewhere in your car, has been touched by an illegal drug, sometime.

Now, for how many of us is that going to be true of having some sort of data storage device?

Cue the “Bad Boys” music.

So, now the cops have “found” your data storage, which they declare was “hidden,” and thus suspicious, which gives them the right to search it, and who knows what they might find during that fishing expedition?

Well, you say, not a problem, I’ll encrypt it. Except that, as we’ve seen — typically also under the aegis of “protecting the children” — people are being forced to reveal their encryption keys. The Massachusetts Supreme Court just ruled on another one of these cases last month, saying that because the suspect agreed that it was his computer and that he had encrypted it and had the key, he had given up his Fifth Amendment rights about self-incrimination.

What could be worse is if — after the storage-sniffing dog finds the microSD card under the dresser that the cat knocked off last month and the police decide that means you were hiding it — it isn’t encrypted but the police decide that it is and you’re lying. In some countries, particularly the U.K., people have gone to jail for refusing to reveal an encryption key. And as we’ve suggested before, it’s going to be an interesting legal case when someone goes to jail for refusing to reveal a key they don’t have.

July 21, 2014  11:41 PM

Investor Calls for EMC to Divest Itself of VMWare

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
Documentum, EMC, VMware

On the eve of the annual VMWorld conference in San Francisco, scheduled for next month, people are talking a lot about VMWare, but not for the usual reason. It’s because one of EMC’s largest investors is calling on the company to break itself up — specifically, by taking VMWare public.

According to the Wall Street Journal, Elliott Management Corp. (the initials of which are also EMC; what are the odds?) has taken a stake of more than $1 billion in EMC Corp., which would amount to about 2% of its value, and also making it EMC’s fifth-largest shareholder. Elliott is reportedly flexing its muscle and suggesting that EMC should spin off VMWare, which could then mean that EMC itself might be purchased by someone else as well.

This sort of thing isn’t terribly surprising. To paraphrase Rhett Butler in Gone With the Wind, there’s two ways to make money: when a company is building itself up, or when a company is breaking itself into pieces. EMC has been obliging its shareholders that way for some time now, with a series of acquiring a whole bunch of companies, rearranging the pieces, and then spinning them off, as it did with Pivotal. (Similarly, there’s another group of people suggesting it would be a good idea for everyone concerned if EMC were to divest itself of Documentum.)

With the company’s lack of management drama, finding different ways to arrange the pieces is about the only excitement EMC shareholders get. And Elliott has done similar things with other technology companies, the Journal, as well as Barb Darrow of GigaOm, point out, to the extent that some articles referred to the investment firm as an “activist investor,” with others using terms that are less nice (“vulture” being one example).

VMWare itself is a bit of an odd duck in that regard; technically it’s a separate company, but EMC owns a big chunk of it (79% in 2012) and VMWare itself is a big chunk of EMC’s value (75% now, up from 60% in  2012). And the companies have been shuffling executives back and forth for a while now, though it’s never quite clear which one is the farm team and which one is the majors.

Both EMC and VMWare are facing “innovators’ dilemma” challenges, with EMC fighting to maintain its big iron relevance in a world of flash storage, cloud, and commodity storage pods, and VMWare watching other companies extend its virtualization model to other components.

For what it’s worth, most industry watchers don’t think it’s going to happen, because EMC and its CEO and chairman Joe Tucci are too invested in the current structure and in retaining VMWare. On the other hand, all the interest and speculation has pushed EMC’s stock price to a two-year high, reports Reuters. Speculation is that EMC might sell off part of its share of VMWare to appease Elliott, with the result that VMware’s stock is going down. In related news, EMC is scheduled to release its earnings report on Wednesday.

July 11, 2014  6:21 PM

Let’s Blow &(*&(*& Up, the Sequel: Your Smartphone

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
privacy, Security

We’ve written before that if you’re going to depurpose a laptop, or a hard drive, or a printer, that you really need to blow that sucker up, using at least two methods, to ensure that the data is really, truly, gone.

Turns out the same is true of your smartphone.

Mobile security vendor Avast reportedly bought smartphones on eBay (much like researchers have done with hard disk drives and printers) and discovered that, even though they’d been wiped and returned to factory settings, personal data on them was still visible.

Some very personal data.

We purchased 20 used Android phones off eBay and used simple and easily available recovery software to restore deleted files,” the company writes in its blog. “The amount of data we were able to retrieve was astonishing and proves that simply deleting is not enough.” It consisted of more than 40,000 photos, including more than 1,500 children, more than 1,000 Google searches, more than 750 email and text messages, more than 250 contact names and email addresses, four previous owners’ identities, and one entire completed loan application.


This was true across a wide variety of smartphones and operating systems, and even when Avast did the factory reset itself, noted the Houston Chronicle.

What’s grabbed people’s attention the most about this isn’t the passwords, banking information, or phone numbers, but some of the photos — “more than 750 photos of women in various stages of undress” and “more than 250 selfies of what appear to be the previous owner’s manhood.”


(And just so “naked selfies” doesn’t set off the NSFW filter at work, we’ll call them “data” from here on out, ‘k?)

By the way, according to Avast, there’s 80,000 used smartphones on eBay every day. (And then there’s handing it down to your kid. Can you imagine what would happen if they found your “data”? Think of the tears. Think of the trauma. Think of the emotional scars. Not to mention the effect on the kid.)

Consumer Reports also performed a study recently noting that 34% of smartphone owners did nothing to protect their phones, while 8% installed remote wipe software and 7% installed other protection such as encryption.

Admittedly, Avast has its own ax to grind here — turns out they have software that just so happens to take care of the problem, though to give them credit it’s free — but we will assume for the moment that they legitimately bought used smartphones on eBay and still found “data” on them without a whole lot of effort (though they did say they needed to root most of the phones to do so).

That stipulated, just what is it we’re supposed to do with the old smartphone when we buy a new one, to ensure that any “data” you have can’t be seen by a new purchaser? Or do you really have to destroy your old smartphone rather than getting a few bucks out of it, as though you were going for a OnePlus One?

  • You can encrypt the phone and then reset it, which will make the data unreadable. Google noted that encryption has been available for at least three years, though it is optional.
  • You can delete the files and then fill up the memory videoing the ceiling or something, and then delete the files or wipe the phone again.
  • There are apps besides Avast’s that will do the job.

Incidentally, iPhone owners smugly noted that all the phones in question were Androids. “In contrast, iPhones use a hardware encryption, so when the encryption key is destroyed on a reset, the data is very hard to recover,” writes John Martellaro in MacObserver. “Not so for Android phones apparently.” Older devices, which don’t support encryption by default, overwrite the data, according to Apple.

June 30, 2014  10:44 PM

2014 Gartner E-Discovery Magic Quadrant: More of the Same

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
E-discovery, Gartner, Symantec

Another year, another Gartner Magic Quadrant for e-discovery, and guess what? Nothing’s changed.

(Gartner also released Magic Quadrants for e-discovery in 2013, 2012, and 2011.)

  • All the vendors in the “leaders” quadrant are the same: AccessData, Exterro, FTI Technology, Guidance Software, HP Autonomy, kCura, Kroll Ontrack, Recommind and Symantec.
  • No vendors have been added.
  • Only one vendor (Driven) has been dropped.
  • HP Autonomy is still the “most visionary,” though Symantec has dropped down considerably from last year in terms of “ability to execute.” Best execution this year? Kroll Ontrack.

The company also sort of dissed its own 2011 prediction that the e-discovery market would see a wave of consolidation, eliminating up to 25 percent of the vendors, by 2014. “The level of mergers and acquisitions (M&As) for software vendors has slowed, and only a couple of noticeable acquisitions took place in 2013,” Gartner writes. “The overall e-discovery market is in a state of ‘wait and see’ mode after being overhyped through 2012.” Gartner also listed all the e-discovery acquisitions that have occurred since 2001; it’s a considerably long list.

Where consolidation is going to occur, Gartner says, echoing what it said last year, is in legal service firms. “The remaining legal service firms will take one of two routes by becoming either large firms that are ‘one-stop shops’ but not technology developers, or large firms that are one-stop shops with proprietary technology for all aspects,” the compny writes. “Although there is room for regional and specialist players, they are part of the market that is consolidating and shrinking fastest. The larger players will need international presence in the form of data centers and local legal personnel to be competitive as the market opens up geographically.” This also ties in with Gartner’s prediction that growth will come more from outside the U.S. as other countries learn more about this thing called e-discovery.

This year’s report does include writeups on seven vendors that otherwise didn’t qualify to be included in the Magic Quadrant, so it will be interesting to see how they progress in the coming year.

Gartner also notes two events that drove interest in e-discovery this year: the U.S. National Security Agency’s surveillance program (PRISM) and  the Target hack, which has led users to be more interested in incidence- or event-triggered processes.

And what happened with Symantec? Gartner cites three issues: lack of growth or new releases because of the acquisition of Clearwell (and that was in 2011! they haven’t swallowed that puppy yet?), performance and scalability issues, and the departure of Symantec’s CEO.

Otherwise, though, the report is pretty much of a snore. Predicted growth in the market? 15 percent, after 15 percent the year before and 14 percent the year before that. Gartner forecasts that revenue will grow from $1.8 billion in 2014 to $3.1 billion in 2018, after predicting last year that it would grow from  $1.7 billion in 2013 to $2.9 billion in 2017.

(Also, the obligatory being-in-the-leaders-quadrant-doesn’t-necessarily-mean-you’re-better. The other three quadrants — Challenger, Visionary, and Niche — just means that the vendor or product was considered to be somewhat lacking in either vision or ability to execute, or both. But for many use cases, those vendors and products are perfectly adequate, and perhaps, being number two, they try harder.)

Gartner did, however, indicate that next year would be different, honest. “A new set of changes on Federal Rules of Civil Procedure (FRCP) were proposed in early 2013 and have caught much debate in the U.S.,” the report notes. “Among these proposed changes, the ones most relevant to e-discovery are proportionality and sanction on willful evidence spoliations. These changes, once approved, will trigger a wave of disruption in the e-discovery practice and, in turn, on the e-discovery technology market.”


June 27, 2014  5:41 PM

Cloud Storage Wins One, Loses One With Supreme Court

Sharon Fisher Sharon Fisher Profile: Sharon Fisher
Cloud storage, privacy

It’s not often that the actions of the Supreme Court wander into our purview over here, but we were in luck this month, with not one but two cases having relevance to cloud storage. In one case, cloud storage users gained protections, while in the other, they lost them and perhaps will put themselves at risk.

First was Riley vs. California, in which the court ruled that law enforcement officials needed a warrant to search someone’s cell phone. The connection with cloud storage? “The data a user views on many modern cell phones may not in fact be stored on the device itself. Treating a cell phone as a container whose contents may be searched incident to an arrest is a bit strained as an initial matter, ” writes Chief Justice John Roberts in the majority decision. “Cell phone users often may not know whether particular information is stored on the device or in the cloud, and it generally makes little difference.  Moreover, the same type of data may be stored locally on the device for one user and in the cloud for another.”

Allowing the search would be like finding a key in a suspect’s pocket and arguing that it gave law enforcement the right to search his house, Roberts writes.

So that’s the good news.

Next, the court ruled against Aereo, the Internet company that helps subscribers gain access to live broadcast television on Internet-enabled devices. While this is certainly a bummer for Aereo itself, it also has the potential to be a bummer for people who legitimately store content in the cloud, legal experts write.

“The Aereo case puts the cloud at risk because when broadcasters have complained about Aereo, their complaints also describe cloud computing,” wrote Matt Schruers, VP, Law & Policy at the Computer & Communications Industry Association, which submitted a brief in support of Aereo, earlier this year in his “Aereo primer. “It isn’t that broadcasters necessarily bear malice toward cloud computing; it is just that when broadcasters complain about how Aereo works, their complaints describe cloud-enabled access to content.  The cloud is caught in the crossfire.”

Numerous industry organizations, besides his own, also submitted briefs in this case expressing concern about how the decision could affect cloud storage, Schruers added. “If multiple people store their own, unique, lawfully acquired copy of the latest hit single in the cloud, and then play it to themselves over the Internet, that too sounds like the broadcasters’ version of a public performance,” he explained. “The anti-Aereo rationale doesn’t distinguish between Aereo and the cloud.” Even DVRs — which broadcasters sell themselves and which served as the precedent for this case — could be at risk, Aereo CEO Chet Kanojia told Time

Essentially, Schruers wrote in a separate piece, broadcasters were arguing that although Aereo was intended to be a private service, which was allowed, it was actually a public service, because it could have been set up that way, just because it was using the Internet. “The boundary between public performances and private performances determines what copyright does and does not regulate,” he explained. “It’s why you don’t need a license to sing in the shower, but you do to sing on stage.  It’s why you don’t need a license to put your music collection in the cloud, but you do if you want to launch a commercial streaming service.”

Ironically, where experts had praised the court’s understanding of the technological nuances in Riley, they dissed it in Aereo, saying the court called it cable because it looked like it to them, regardless of the technological underpinnings.

Opinions vary on the ruling’s effect on cloud storage. Broadcasters argued that cloud-storage companies shouldn’t be affected because those businesses store content that the users upload themselves and that there is a “fundamental difference” when customers upload their own files, Bloomberg writes. The Supreme Court itself noted, written by Justice Stephen Breyer, “We agree that Congress, while intending the Transmit Clause to apply broadly to cable companies and their equivalents, did not intend to discourage or to control the emergence or use of different kinds of technologies. But we do not believe that our limited holding today will have that effect.”

“The majority says it won’t affect new technologies because they said so,” writes Ali Sternburg, Public Policy & Regulatory Counsel at the Computer & Communications Industry Association, in Disruptive Competition. “That is not a convincing argument.” And Scalia notes that in his dissent, she writes. “He specifically calls out the majority’s ‘because I said so’ argument about the cloud, saying: ‘The Court vows that its ruling will not affect cloud-storage providers and cable television systems, see ante, at 16-17, but it cannot deliver on that promise given the imprecision of its results-driven rule.'”

Moreover, the majority opinion doesn’t distinguish between primary and secondary infringement, meaning that cloud storage companies could find themselves blamed for copyright infringement their users are doing, notes the Wall Street Journal.

Ultimately, what may be needed to decide this is…another Supreme Court case. In fact, the majority opinion practically invites it, writes Bloomberg. “The ruling said that questions involving cloud computing — the business of storing content on remote servers and delivering it over the Internet — should ‘await a case in which they are squarely presented.’ That leaves technology companies with few clues to guess whether their services would pass legal muster if challenged.”

Stay tuned…as it were.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: