In This Issue:

	From the Bench: Courts Rely on Computer Forensic Experts
	The Brill Files: April Fool’s Hoax Viruses
	Technology You Should Know: Malware – What Is It and Why Should I Be Concerned?
	News & Events

From the Bench: Courts Rely on Computer Forensic Experts

Court Orders Party Who Unilaterally Modified Screening Process to Pay Expert Fees
Henry v. Quicken Loans, Inc., 2008 WL 474127 (E.D.Mich. Feb. 15, 2008). In this class action suit claiming the defendants withheld overtime pay, the plaintiffs filed a motion for relief from a computer forensic expert’s invoice, claiming that while they originally agreed to pay the expert’s fees, the defendants unilaterally modified the agreed upon screening process. The parties previously agreed upon the search terms and exclusionary terms to be utilized in the search process and the expert was given direction to work under the direction and control of the defense counsel for instruction, not the plaintiffs’ counsel. Upon discovering the defendants made numerous unauthorized revisions to the filtering process resulting in additional computer forensic expert costs, the plaintiffs sought relief. Determining the additional costs to be unauthorized, the court ordered the defendants to pay all costs other than those associated with the original agreement.

Court Orders Third-Party Internet Service Provider to Disclose Identifying Information
Arista Records LLC v. Does 1-7, 2008 WL 542709 (M.D.Ga. Feb. 25, 2008). In this copyright infringement suit, the plaintiffs filed a motion seeking expedited discovery to obtain basic information about the alleged infringers from the third-party Internet Service Provider. The plaintiffs sought the name, current and permanent address, phone number, e-mail address and Media Access Control address for the individuals linked to the Internet Protocol addresses involved in the alleged distribution of the copyrighted materials over the peer-to-peer file sharing network at issue. The court granted the motion based on good cause established by the lack of other means to obtain the information and the prima facia showing of copyright infringement, combined with the expediency created by the limited retention of user activity logs.

Court Denies Motion for Forensic Inspection of Opposing Party’s Laptop
Executive Air Taxi Corp. v. City of Bismarck, North Dakota, 2008 WL 564725 (8th Cir. Mar. 4, 2008). In this §1983 discrimination claim, the plaintiff claimed the defendant violated its constitutional rights to equal protection of the laws, causing a diminution in the value of its business. The plaintiff sought a forensic inspection of the defendant’s laptop, claiming such was necessary to search for e-mail not produced in discovery. The defendant argued that it had a rational basis for preferring other businesses over the plaintiff, namely generating revenue for the city. The defendant further argued against a forensic inspection, claiming it produced all relevant e-mail and such inspection could produce confidential or privileged information. The defendant filed a motion for summary judgment which was granted by the district court and upheld by the United States Court of Appeals for the Eighth Circuit.

The Brill Files: April Fool’s Hoax Viruses

April Fool’s Day tends to bring out the hoaxster in many of us. Over the years, I have been on both the giving and receiving ends of April Fool’s jokes, and it seems that each year we attempt to outdo ourselves. Over the last few years, the first day in April tended to foster computer hardware issues where my mouse would mysteriously start acting strangely or stop working altogether. One year my mouse and keyboard were switched with the person sitting directly behind me. Another year someone in my office changed the screen saver on a colleague’s computer and got quite a chuckle out of her confusion. Another year someone reversed the left and right click buttons on an unsuspecting colleague’s mouse and reveled in watching him attempt to diligently figure out the problem.

There are, however, some practical jokes that have a tendency to cause a bit more chaos. I will never forget a few years ago when someone thought it would be funny to create an April Fool’s computer virus and circulate it to unwary folks. The virus was distributed through an e-mail with a subject line “April Fools Joke.” The body of the e-mail contained a link that, once clicked on, brought up an error message warning the user of the “virus” and began a two minute countdown until a threatened total system crash. The “virus” counted down to zero, at which point the computer monitor was filled with an April Fool’s jokester laughing as the system went back to normal.

That first instance of the April Fool’s virus was quite a few years ago, and each year since, I have seen new strains of the virus, all with varying degrees of threats of system crashes and other mischief. However, as people are getting more used to these practical jokes, the jokesters have become savvier, this year creating an actual virus portrayed as a joke. The Storm Worm is one virus that has been around for many years, and this year decided to become active again on April Fool’s Day. Common e-mail subject lines for this virus include: All Fool’s Day, Doh! All’s Fool, Gotcha! All Fool!, Happy All Fool’s Day, Happy All Fools!, Surprise! The joke’s on you, Today You Can Officially Act Foolish, as well as others.

To help decrease the threat of a virus, it is important to be sure your anti-virus software is current. Additionally, counsel e-mail users within your organization not to open e-mail they have not solicited and never follow links from unknown sources. In some instances it may be the attachment that contains the virus, so be weary of suspicious attachments as well. Lastly, be sure to involve a computer forensic expert should you think there is any evidence of wrong-doing that would give rise to a lawsuit or investigation associated with the April Fool’s hoax.

If you would like to explore the opportunity of world-renown forensics expert, Alan Brill, speaking at a conference you are supporting or organizing, please contact Kristin Husom at 952 516 3781 or at khusom@krollontrack.com.

Technology You Should Know: Malware -- What Is It and Why Should I Be Concerned?

Malware is the term coined for malicious software that is created to damage a computer system including: viruses, worms, spyware and other types of unwanted software. Software is considered malicious if it is intended to cause damage to a computer without the owner’s permission. Software created with a legitimate purpose in mind which unintentionally contains harmful bugs is not considered malicious, merely defective.

A virus and a worm differ by the manner in which they are spread. A virus is a program that requires user intervention to initiate, whether known or unknown. When run, a virus spreads to other software and causes a certain action. It can be transmitted via e-mail, downloaded file, CD or memory stick and can cause immediate damage or lie dormant until necessary circumstances present themselves. Conversely, a virus that spreads automatically to other computers without user intervention is called a worm.

Before use of the Internet became so widespread, most malware was created as pranks or vandalism, but currently more is being created to generate a profit. Spyware is a program that tracks the user’s habits and secretly gathers information for advertisers or other parties. It is often installed without consent during another program download or when the user clicks on an untrustworthy pop-up window.

As many companies process and store customer information with computers, those that are unprepared are at a higher risk for a malware infection resulting in a data breach. Customer information in the hands of criminals reflects badly on the corporation and worries many consumers. There are a few steps to take to increase your protection from malware. First, keep your operating system updated. With the millions of lines of code, it is foreseeable that a security vulnerability will exist that can be exploited by a malicious program writer. Second, install a firewall. A firewall is a barrier that filters the information allowed into your system. Third, be sure to install anti-virus software which is designed to detect and remove harmful viruses before they cause damage. Finally, it is important to remember that no system is ever immune to hacking and malware. Recovery from such a disaster will be greatly lessened if your organization regularly takes and maintains system backups.

Back To Top

NEWS & EVENTS

Kroll Ontrack Issues Another “ESI Report” on the Legal Talk Network
Kroll Ontrack has partnered with the Legal Talk Network to discuss cutting-edge issues and judicial opinions relating to electronically stored information. Michele Lange, Director of the Legal Technologies product line for Kroll Ontrack, hosts the radio show entitled “The ESI Report.” The show’s segments, the Spotlight, the Buzz and Bits and Bytes Legal Analysis, concentrate on hot topics in the area of electronic discovery and give listeners a snapshot into important issues facing practitioners, including rapidly evolving case law. The current edition brings to light the important concerns faced by in-house counsel by discussing common corporate IT issues with a technical consultant and eliciting advice from a litigation counsel and e-discovery coordinator. Additionally, listeners will be briefed by Kroll Ontrack’s legal correspondent on the controversial discovery order issued in the case of Diabetes Centers of America, Inc. v. Healthpia America. Become a part of the over 10,000 listeners to date by visiting: http://www.krollontrack.com/legalresources/podcasts.aspx

Kroll Ontrack Offers Redesigned Certification Course for 2008
The industry’s legal technology thought leader has revamped its E-Discovery Certification Course for 2008 with updated topics, additional speakers and dual track, customizable sessions to appeal to beginner, intermediate and advanced learners. The redesigned course curriculum is ideal for legal and technical professionals of all levels, including in-house counsel, law firm attorneys, litigation support professionals, paralegals and IT staff. For more information and to register for an upcoming course, visit: http://www.krollontrack.com/2008courses/certcourse/.

Meet our representatives at the following events:

Visit www.krollontrack.com/upcomingevents for more information on these events and others.

Back To Top

We Request Your Input

Our legal consultants, project managers, and technology experts strive to stay on top of e-discovery law. If you are aware of any additional local court rules or new cases in this area of the law, please contact us by writing to jshogren@krollontrack.com.

This newsletter is written by Joni Shogren, a Kroll Ontrack staff attorney with assistance from Gina Jytyla, also a Kroll Ontrack staff attorney. Ms. Shogren can be contacted by writing to jshogren@krollontrack.com.

For more information about e-discovery and computer forensics services, contact Kroll Ontrack at 800 347 6105 or www.krollontrack.com.