Archive for the ‘Security’ Category

Metadata?

Saturday, May 29th, 2010

Metadata“What does metadata mean?” is a question we get every day and which is answered by looking at electronic documents properties and explaining different types of metadata. We wish to thank United States Magistrate Judge Frank Maas for sharing his explanations in Adriana Aguilar v. Immigration and Customs Enforcement Division of the United States Department of Homeland Security (PDF):

1. Types of Metadata
Metadata, frequently referred to as “data about data,” is electronically-stored evidence that describes the “history, tracking, or management of an electronic document.” It includes the “hidden text, formatting codes, formulae, and other information associated” with an electronic document. The Sedona Principles-Second Edition: Best Practices Recommendations and Principles for Addressing Electronic Document Production Cmt. 12a (Sedona Conference Working Group Series 2007), http://www.thesedonaconference.org/content/miscFiles/TSC_PRINCP_2nd_ed_607.pdf (“Sedona Principles 2d” ); see also Autotech Techs. Ltd. P’Ship v. Automationdirect.com, Inc., 248 F.R.D. 556, 557 n. 1 (N.D.Ill.2008) (Metadata includes “all of the contextual, processing, and use information needed to identify and certify the scope, authenticity, and integrity of active or archival electronic information or records”). Although metadata often is lumped into one generic category, there are at least several distinct types, including substantive (or application) metadata, system metadata, and embedded metadata. Sedona Principles 2d Cmt. 12a; see United States District Court for the District of Maryland, Suggested Protocol for Discovery of Electronically Stored Information 25-28, http://www.mdd.uscourts.gov/news/news/ESIProtocol.pdf (“Md.Protocol” ).

a. Substantive Metadata
Substantive metadata, also known as application metadata, is “created as a function of the application software used to create the document or file” and reflects substantive changes made by the user. Sedona Principles 2d Cmt. 12a; Md. Protocol 26. This category of metadata reflects modifications to a document, such as prior edits or editorial comments, and includes data that instructs the computer how to display the fonts and spacing in a document. Sedona Principles 2d Cmt. 12a. Substantive metadata is embedded in the document it describes and remains with the document when it is moved or copied. Id. A working group in the District of Maryland has concluded that substantive metadata “need not be routinely produced” unless the requesting party shows good cause. Md. Protocol 26.

b. System Metadata
System metadata “reflects information created by the user or by the organization’s information management system.” Sedona Principles 2d Cmt. 12a. This data may not be embedded within the file it describes, but can usually be easily retrieved from whatever operating system is in use. See id. Examples of system metadata include data concerning “the author, date and time of creation, and the date a document was modified.” Md. Protocol 26. Courts have commented that most system (and substantive) metadata lacks evidentiary value because it is not relevant. See Mich. First Credit Union v. Cumis Ins. Soc’y, Inc., No. Civ. 05-74423, 2007 WL 4098213, at *2 (E.D.Mich. Nov.16, 2007); Ky. Speedway, LLC v. Nat’l Assoc. of Stock Car Auto Racing, No. Civ. 05-138, 2006 WL 5097354, at *8 (E.D.Ky. Dec.18, 2006); Wyeth v. Impax Labs., Inc., 248 F.R.D. 169, 170 (D.Del.2006). System metadata is relevant, however, if the authenticity of a document is questioned or if establishing “who received what information and when” is important to the claims or defenses of a party. See Hagenbuch v. 3B6 Sistemi Elettronici Industriali S.R.L., No. 04 Civ. 3109, 2006 WL 665005, at *3 (N.D.Ill. Mar.8, 2006). This type of metadata also makes electronic documents more functional because it significantly improves a party’s ability to access, search, and sort large numbers of documents efficiently. Sedona Principles 2d Cmt. 12a.

c. Embedded Metadata
Embedded metadata consists of “text, numbers, content, data, or other information *355 that is directly or indirectly inputted into a [n]ative [f]ile by a user and which is not typically visible to the user viewing the output display” of the native file. Md. Protocol 27. Examples include spreadsheet formulas, hidden columns, externally or internally linked files (such as sound files), hyperlinks, references and fields, and database information. Id. This type of metadata is often crucial to understanding an electronic document. For instance, a complicated spreadsheet may be difficult to comprehend without the ability to view the formulas underlying the output in each cell. For this reason, the District of Maryland working group concluded that embedded metadata is “generally discoverable” and “should be produced as a matter of course.” Id. at 27-28.

Tags:, , , , , ,
Posted in Caselaw, E-Discovery, Security | 1 Comment »

Compliance vs. Hard drives in printers, photocopiers and scanners

Thursday, May 13th, 2010

Here is a news report that explains well something we have been telling our clients for a while now. Multifunction machines, scanners, printers, photocopiers, etc. contain hard drives which capture ALL documents that run through them, unless you take action!

This means that any confidential (personal information, privileged material, commercial and industrial secrets, etc.)  information contained on the documents you print, copy or scan on a daily basis are retained on the hard drive contained in the machine unless it is wiped or set not to record images. That means, in many cases, you and/or your organisation are violating different statutes and regulations every day… As explained in this news report, this situation is exacerbated when you decommission these machines and give or sell them to third parties who, in turn, send them abroad to be reused or recycled:

Tags:, , , , , , , , , , , , , , ,
Posted in Collection, Forensic, Security, Technology | 1 Comment »

Canadian Tire Embroiled in Privacy Rights Scandal

Tuesday, December 22nd, 2009


Photo: Luc Cinq-Mars

A Canadian Tire store in Verdun, Montréal recycled unshredded documents that contain employee social security numbers and other highly confidential personal information, as reported in the French language daily 24 Heures, “Des informations personnelles se retrouvent au recyclage». In this case the paper was “accidentally” re-used to print-out a duplicate customer receipt. Let’s hope this was one limited incident and not a careless practice potentially widespread throughout the company and its stores. Regardless, it points to the pressing need of every corporation to develop, implement and monitor a seal-tight information management policy. The consequences of not doing so are potentially significant, as Dominic Jaar writes about in an article published in the International In-house Counsel Journal. (See the article on PIPEDA published elsewhere on this blog).

Tags:, , , , , ,
Posted in Security | No Comments »

Cybercrime Newsletter – eNac

Wednesday, July 1st, 2009


Ledjit is glad to announce that it is the first Canadian organisation to partner with Cybex, an initiative cofunded by the European Commission’s Directorate General Freedom, Security and Justice within the framework of the Criminal Justice 2008 JPEN Programme.

Accordingly, we are happy to present you the first issue of the “Electronic Newsletter on the Fight Against Cybercrime” (eNAC). We also invite you to subscribe to this facinating newsletter”

The eNAC is a free monthly e-Newsletter mostly directed to judges, technicians, prosecutors, lawyers, computer forensics specialists, human resources managers, jurists, law enforcement bodies, and any person that deals with electronic evidence and seeks to prevent cybercrime. It is being disseminated to more than 30 countries and distributed in English, Spanish and Russian.

INDEX
E-Newsletter on the Fight Against Cybercrime – ENAC July | 2009 | no 1

Legal
“Cybercrime and electronic evidence”
Pedro Verdelho • Public Prosecutor and trainer at the Centro de Estudos Judiciários
 

Information and communication networks are a very fruitful field to new illegal activities that were in the origin of the so called cybercrime, a new branch of criminal law. Even if it is still under construction, this new legal area is already a major issue.

Data Protection
“Personal data protection in collecting traffic data in electronic communications: the Spanish experience”
Elena Domínguez Peco • Public Prosecutor and Collaborator of the Spanish Data Protection Agency

Overview of the Spanish personal data protection policy in collecting traffic data in electronic communications.

Technical
“The battle against cybercrime in our society isn’t lost”
Interview with Bruce Schneier • Security technologist

Law enforcement
“Cybercrime training, education and research: a vision for the future”
Nigel Jones • Director of Technology Risk Limited

Initiatives to harmonize cybercrime training and education across international borders plus the potential for national centers of excellence to be developed.

Institutional
“Institutional fight against cybercrime: introductory view”
Liljana Selinšek • Assistant Professor at the Law Faculty in Maribor

Different types of institutional fight against cybercrime and some opened questions connected to it.

Jurisprudence
Russian Federation • Resolution of the Federal Arbitration Court of Moscow
Norway • Borgarting Appelate Court
Singapore • Alliance Management SA v Pendleton Lane Pand another
Slovenia • Constitutional Court of the Republic of Slovenia
Stephen Mason • Barrister, Chambers of Stephen Mason

Hat tip to Stephen Mason for sending me a copy!

Posted in Security | No Comments »

Cracking down on spam

Friday, February 6th, 2009

Are you tired of receiving more unsolicited email than solicited one?

The Honourable Senator Goldstein is and yesterday, he gave the opening speech for the second reading of his anti-spam bill, S-220, An Act respecting commercial electronic messages (the Anti-Spam Act). If passed, the bill would crack down on spam by prohibiting the sending of commercial emails to Canadians without their prior consent.

I have to say that it is about time. Everyone who has an email account has suffer from «spam» or «phishing» attacks, which occur when spam messages lure email users to fraudulent websites resembling those of trusted businesses in the hopes that the users will be fooled into entering their user names, passwords, or other information that can be used to gain access to their online accounts.

Anti-spam softwares were unsuccessful to protect the common user from these attacks and Senator Goldstein Anti-Spam act might be the answer. In fact, as Senator Goldstein says “Yet despite the widespread recognition that spam is a serious problem that costs our economy billions in fraud and lost productivity, Canada remains the only G8 country without anti-spam legislation.” 

Furthermore, he believes that “To compete in the 21st century, Canada must be able to harness the vast commercial potential of the internet without worrying about security.» According to him «The measures in bill S-220 are urgently needed to protect Canadians from cybercrime and to restore confidence in the internet as a platform for business. »

Let’s wish he is right and in the meantime, let’s be vigilant!

Fact to be noted, the email containing the information was unsolicited and failed to fall in any of the categories proposed by the act.

More details here

Posted in Security | No Comments »

Health info goes missing on encrypted USB stick but…

Saturday, January 24th, 2009

A memory stick that may have contained information was lost at Preston Prison. This appears to be a banal story that happens everyday… The “funny” part follows:

“An urgent investigation was launched after the USB data stick – with the password attached to it on a memo note – went missing”!!!

- Lancashire Evening Post

Posted in Security | No Comments »