What Is Electronic Information, and Why Should You Care?IntroductionElectronically Stored Information and the Federal Rules of Civil ProcedureProblems with ESI as Discoverable EvidenceWhy and How This Affects the Practice of Law How This Affects Business OrganizationsEffects on Government EntitiesWhat This Might Mean to You as an IndividualTranslating Geek: Information Technology versus Everyone Else IntroductionRole of IT Information Technologist's Perspective Information Technology as an AllyTranslating Geek Where Is Electronically Stored Information? It's Everywhere!Introduction Basics Database SystemsE-Mail Systems File and Print ServersInstant Messaging Services Mobile Devices Physical Access RecordsTelecommunications Cellular Devices Digital Video Internet or Online Data Storage MediaInternet of Things (IOT) or of Everything (IOE)Event and System Logs Desktop Computer Facts Metadata and Other Non-apparent Data ConclusionWho's in Charge Here? Allies, Owners, and Stakeholders Introduction The (Long) List of StakeholdersOwnership of Data Data Control Considerations Required Skill Sets and Tools The Hunt: Recovery and Acquisition Introduction Where, Oh Where, Has My Data Gone?Privileged, Sensitive, and Inaccessible Data Management Proving Ownership and Integrity Marking Time: How Time Is Recorded and Ensuring IntegrityLegal and Forensically Sound Acquisition Keeping Your Treasures: Preservation and ManagementIntroduction Securing the Data Access Control and Management Organization and File Management TechniquesSafe Storage Issues and Considerations Litigation Hold Spoliation: The Loss of Relevant Data Automated Technical SolutionsSharing Is Good: Dissemination and Reporting Introduction Format Issues: Original or Usable? Mediums for Transfer Creating Readable Reports Tips for Depositions and Expert Witness Conclusion Appendix I: Links and References for More Information Appendix II: Forms and Guides Appendix III: Links to Technical Software SolutionsIndex
David Matthews has worked in the information technology (IT) field since 1992. He began working for the City of Seattle as the technology manager for the Legislative Department (City Council) in 1998. In early 2005, he was selected to be the first Deputy CISO for the city. In his work for the city, he developed and created an incident response plan that is compliant with the National Incident Management System (NIMS)/Incident Command System (ICS); updated and extensively rewrote the city's information security policy; and created and taught training courses on information security and forensics. He created an IT primer for the city's law department as part of his collaboration with them on e-discovery issues.In 2012, he was recruited by Expedia, Inc. to develop and lead their global cyber incident response team. He created and exercised a plan that integrated with their network response and disaster recovery plans and led a team located both in the United States and India. He retired in 2014 and is now doing consultant work mostly with local governments and critical infrastructure to enhance their cyber response and resiliency capabilities.
"Matthews has approached e-discovery from a fresh, new perspective-one that is understandable to the layperson as well as the technologist. ... A must-read for anyone in the information technology and legal professions, the book provides invaluable information to be proactive or reactive in responding to requests of electronically stored information. ... This book goes a long way in removing the intimidation factor between IT, the corporate legal department, and outside counsel. This book should be required reading for anyone in a computer science, information technology, or law-related program, and is now part of the Digital Forensics and the Law course I instruct. If you want to get up to speed on e-discovery and actually understand what you read, you'll buy this book."-Steve Hailey, President & CEO, CyberSecurity Institute; Digital Forensic Examiner; and Educator