Keep Your Documents Close and Your Flash Drives Closer

In 1969, when Mario Puzo published his novel “The Godfather,” his line “A lawyer with his briefcase can steal more than a hundred men with guns” became highly quoted and recognized because of the innate truth it contained: it’s easier to rob a company through information than through violence.

He could not have imagined that, just forty years later, enough information to take over, bring down, or steal from a company could be contained on a device the size of a pack of gum. Flash drives have made it possible for corporate espionage to reach new heights, and for any disgruntled employee - from the receptionist to the president of the company - to succumb to temptation, download and walk away with the company’s data in a format so small that it can be hung on a keychain. If not accounted for in a document retention policy, flash drives present a significant risk of comprising the integrity and negating the purpose of a document retention plan. 

In a posting called “Deter the Use of Flash Drives to Avoid Corporate Espionage” by James Koopman on the DCIG website, Koopman says,

The portability and high capacity of flash drives is creating headaches for many companies. The Net is swarming with stories of the ill-use, illegal activities, and security concerns as more and more of these devices are lost and stolen or used to steal sensitive information.

The site links to reports on the theft or loss of flash drives containing information as diverse as military secrets, patient data, and confidential child welfare cases, all because the drives are convenient, easy to use, take up no space, are inexpensive and easily obtainable in any electronics store.

 

What all this means to legal departments, of course, is that flash drives have to be accounted for when complying with record retention policies, and in planning electronic document production for litigation purposes. In some environments - the Pentagon being a notable example ("Pentagon Bans Flash Drives"), flash drives have been outlawed entirely due to security concerns.  

But even if national security isn’t your bailiwick, record retention policies should take into account information stored on flash drives and all other e-document locations, as noted by Robert Miller, in The Why and How of Document Retention Programs,” e-files can be stored using an array of portable media such as microfilm, flash drives, CDs and DVDs; or on devices such as Blackberries, Palm Pilots, laptops or even iPods. Additionally, files can be housed on systems such as workstations, servers, corporate e-mail systems, shared network drives, or even the company’s voicemail system.  Clearly, the chore of locating and identifying all discoverable documents is a lot more complicated now than when they existed solely in a metal file cabinet!

 

It does not take a “stab” in the dark to create a sound document retention policy because specific document retention periods are set forth in several sources of law which include the Sarbanes-Oxley Act, the Federal Rules of Civil Procedure, and other federal and state statutes. You can minimize the risk of unknowingly having a “smoking gun” document act as a “silencer” at a time when you least expect it by ensuring that your company has developed a document retention policy that covers the retention and disposition of physical records and all sources of electronic records. By doing so, you’ll certainly sleep easier - and you won’t wake up to a horse’s head in your bed.

Portable Devices - Another Source for E-Discovery

In my earlier post "Hosted Apps: A Source for E-Discovery" I pointed out that "hosted applications" are a good source of information when deposing 30(b)(6) representatives and drafting requests for production of electronic information. But what about information buried in portable storage devices such as USB drives, flash drives, hard drives, iPods, PDAs, CD-ROM, DVD drives and even cell phones?

These little gadgets have become very popular tools for transferring data among computer systems and networks. What would be the smoking gun that indicates the deposed party actually utilizing such devices and denied possession of them?

The Windows computer platform may be tight in security but it also contains a trail of bread crumbs that may unveil the presence of some portable devices. Take a look at the Windows registry. It is essentially a database that resides on the computer containing critical information and settings for all the hardware and operating system software, among other things. Each time a portable device is attached to the computer (via a USB, serial / parellel port), Windows grab the information regarding the device manufacturer and serial number if it has one and stores it in its registry.

The registry also keeps a date stamp associated with the last time the portable device was written. So unless the deposed party is a computer forensics expert who knows how to hide her tracks, the Windows registry would likely provide a glimpse of whether the other party is forthright with producing the content you seek.