Experts Describe New Kinds of Storage Liability

NEW YORK -- CIOs will soon face a fresh crop of legal problems involving storage on RAM, USB drives, and even copier hard drives. This is the warning from experts at the LegalTech show here today.

"We have collectively accomplished an awful lot, [but] more remains to be done," said Thomas Allman, the former general counsel of BASF, during this morning's keynote.

The legal guru explained that up to now, firms have only touched on the more obvious storage aspects of e-discovery, such as retrieving information from backup tapes and legacy data. In the future, warns Allman, companies will face a new challenge posed by "temporary data."

"There's a whole new world coming," he said, in response to a question from the audience this morning. "I see a lot of cases coming down the road where we're all going to have to face up to how we deal with information that's ephemeral and temporary."

To illustrate his point, Allman highlighted a recent case involving Columbia Pictures, where data held on RAM was controversially ruled to be "discoverable," therefore subject to legal holds.Given that data is often stored in RAM for just a tiny fraction of a second, the ruling could have major implications for CIOs and IT managers. It also poses questions about other forms of "temporary data" held on iPods, USB drives, and via Instant Messages.

"The issues of preservation are going to be very tough," Allman told Byte and Switch. "These cases are not going to be easy to resolve."

The issue of how to deal with temporary data was also high on the agenda during a panel discussion of legal industry CIOs at today's event.

"It's huge," said Ian Miller, CIO of New York-based law firm Weil, Gotshal, and Manges. "A day doesnt go by that I don't have that discussion with one of our litigators."

The exec told Byte and Switch that firms can address the legal aspects of RAM by switching on the logs that record data as it passes through memory, something Weil, Gotshal, and Manges now advises its clients to do. "[Otherwise] a jury can make 'adverse inference,' " Miller explained.Similarly, users are also rethinking their approach to messaging, particularly IM. "Most investment banks log IM -- this means that there is a record that a chat took place," he said.

As for USB drives, Miller sees less of a legal threat, although removable media can feature in the "preservation orders" governing which data cannot be destroyed in the event of a dispute. "In most cases, things held on USB drives exist elsewhere as well."

One of the more surprising aspects of today's panel discussion was introduced by an IT manager in the audience who voiced his concern that copiers pose a major security challenge for legal firms.

"Copiers today now have hard drives within each of the units," the manager said, explaining his fear that "latent images" on the drives could be left on the copier when it returns to the vendor for repair, disposal, or resale.

The Weil, Gotshal, and Manges CIO admitted that copier hard drives present a security challenge, although he said that his firm uses a technique called "debanding" to remove data from all rotating media before they leave the firm's premises.Despite a flurry of announcements from vendors this week, most e-discovery solutions currently focus on more traditional forms of storage, such as tape and disk, although vendors such as Symantec and startup FaceTime tout products for logging and archiving IMs.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Byte and Switch's editors directly, send us a message.