1. Types of Metadata
Metadata, frequently referred to as “data about data,” is electronically-stored evidence that describes the “history, tracking, or management of an electronic document.” It includes the “hidden text, formatting codes, formulae, and other information associated” with an electronic document. The Sedona Principles-Second Edition: Best Practices Recommendations and Principles for Addressing Electronic Document Production Cmt. 12a (Sedona Conference Working Group Series 2007), http://www.thesedonaconference.org/content/miscFiles/TSC_PRINCP_2nd_ed_607.pdf (“Sedona Principles 2d” ); see also Autotech Techs. Ltd. P’Ship v. Automationdirect.com, Inc., 248 F.R.D. 556, 557 n. 1 (N.D.Ill.2008) (Metadata includes “all of the contextual, processing, and use information needed to identify and certify the scope, authenticity, and integrity of active or archival electronic information or records”). Although metadata often is lumped into one generic category, there are at least several distinct types, including substantive (or application) metadata, system metadata, and embedded metadata. Sedona Principles 2d Cmt. 12a; see United States District Court for the District of Maryland, Suggested Protocol for Discovery of Electronically Stored Information 25-28, http://www.mdd.uscourts.gov/news/news/ESIProtocol.pdf (“Md.Protocol” ).

a. Substantive Metadata
Substantive metadata, also known as application metadata, is “created as a function of the application software used to create the document or file” and reflects substantive changes made by the user. Sedona Principles 2d Cmt. 12a; Md. Protocol 26. This category of metadata reflects modifications to a document, such as prior edits or editorial comments, and includes data that instructs the computer how to display the fonts and spacing in a document. Sedona Principles 2d Cmt. 12a. Substantive metadata is embedded in the document it describes and remains with the document when it is moved or copied. Id. A working group in the District of Maryland has concluded that substantive metadata “need not be routinely produced” unless the requesting party shows good cause. Md. Protocol 26.

b. System Metadata
System metadata “reflects information created by the user or by the organization’s information management system.” Sedona Principles 2d Cmt. 12a. This data may not be embedded within the file it describes, but can usually be easily retrieved from whatever operating system is in use. See id. Examples of system metadata include data concerning “the author, date and time of creation, and the date a document was modified.” Md. Protocol 26. Courts have commented that most system (and substantive) metadata lacks evidentiary value because it is not relevant. See Mich. First Credit Union v. Cumis Ins. Soc’y, Inc., No. Civ. 05-74423, 2007 WL 4098213, at *2 (E.D.Mich. Nov.16, 2007); Ky. Speedway, LLC v. Nat’l Assoc. of Stock Car Auto Racing, No. Civ. 05-138, 2006 WL 5097354, at *8 (E.D.Ky. Dec.18, 2006); Wyeth v. Impax Labs., Inc., 248 F.R.D. 169, 170 (D.Del.2006). System metadata is relevant, however, if the authenticity of a document is questioned or if establishing “who received what information and when” is important to the claims or defenses of a party. See Hagenbuch v. 3B6 Sistemi Elettronici Industriali S.R.L., No. 04 Civ. 3109, 2006 WL 665005, at *3 (N.D.Ill. Mar.8, 2006). This type of metadata also makes electronic documents more functional because it significantly improves a party’s ability to access, search, and sort large numbers of documents efficiently. Sedona Principles 2d Cmt. 12a.

c. Embedded Metadata
Embedded metadata consists of “text, numbers, content, data, or other information *355 that is directly or indirectly inputted into a [n]ative [f]ile by a user and which is not typically visible to the user viewing the output display” of the native file. Md. Protocol 27. Examples include spreadsheet formulas, hidden columns, externally or internally linked files (such as sound files), hyperlinks, references and fields, and database information. Id. This type of metadata is often crucial to understanding an electronic document. For instance, a complicated spreadsheet may be difficult to comprehend without the ability to view the formulas underlying the output in each cell. For this reason, the District of Maryland working group concluded that embedded metadata is “generally discoverable” and “should be produced as a matter of course.” Id. at 27-28.

This means that any confidential (personal information, privileged material, commercial and industrial secrets, etc.)  information contained on the documents you print, copy or scan on a daily basis are retained on the hard drive contained in the machine unless it is wiped or set not to record images. That means, in many cases, you and/or your organisation are violating different statutes and regulations every day… As explained in this news report, this situation is exacerbated when you decommission these machines and give or sell them to third parties who, in turn, send them abroad to be reused or recycled:

Ledjit is glad to announce that it is the first Canadian organisation to partner with Cybex, an initiative cofunded by the European Commission’s Directorate General Freedom, Security and Justice within the framework of the Criminal Justice 2008 JPEN Programme.

Accordingly, we are happy to present you the first issue of the “Electronic Newsletter on the Fight Against Cybercrime” (eNAC). We also invite you to subscribe to this facinating newsletter”

The eNAC is a free monthly e-Newsletter mostly directed to judges, technicians, prosecutors, lawyers, computer forensics specialists, human resources managers, jurists, law enforcement bodies, and any person that deals with electronic evidence and seeks to prevent cybercrime. It is being disseminated to more than 30 countries and distributed in English, Spanish and Russian.

INDEX
E-Newsletter on the Fight Against Cybercrime – ENAC July | 2009 | no 1

Legal
“Cybercrime and electronic evidence”
Pedro Verdelho • Public Prosecutor and trainer at the Centro de Estudos Judiciários
 

Information and communication networks are a very fruitful field to new illegal activities that were in the origin of the so called cybercrime, a new branch of criminal law. Even if it is still under construction, this new legal area is already a major issue.

Data Protection
“Personal data protection in collecting traffic data in electronic communications: the Spanish experience”
Elena Domínguez Peco • Public Prosecutor and Collaborator of the Spanish Data Protection Agency

Overview of the Spanish personal data protection policy in collecting traffic data in electronic communications.

Technical
“The battle against cybercrime in our society isn’t lost”
Interview with Bruce Schneier • Security technologist

Law enforcement
“Cybercrime training, education and research: a vision for the future”
Nigel Jones • Director of Technology Risk Limited

Initiatives to harmonize cybercrime training and education across international borders plus the potential for national centers of excellence to be developed.

Institutional
“Institutional fight against cybercrime: introductory view”
Liljana Selinšek • Assistant Professor at the Law Faculty in Maribor

Different types of institutional fight against cybercrime and some opened questions connected to it.

Jurisprudence
Russian Federation • Resolution of the Federal Arbitration Court of Moscow
Norway • Borgarting Appelate Court
Singapore • Alliance Management SA v Pendleton Lane Pand another
Slovenia • Constitutional Court of the Republic of Slovenia
Stephen Mason • Barrister, Chambers of Stephen Mason

Hat tip to Stephen Mason for sending me a copy!

The Honourable Senator Goldstein is and yesterday, he gave the opening speech for the second reading of his anti-spam bill, S-220, An Act respecting commercial electronic messages (the Anti-Spam Act). If passed, the bill would crack down on spam by prohibiting the sending of commercial emails to Canadians without their prior consent.

I have to say that it is about time. Everyone who has an email account has suffer from «spam» or «phishing» attacks, which occur when spam messages lure email users to fraudulent websites resembling those of trusted businesses in the hopes that the users will be fooled into entering their user names, passwords, or other information that can be used to gain access to their online accounts.

Anti-spam softwares were unsuccessful to protect the common user from these attacks and Senator Goldstein Anti-Spam act might be the answer. In fact, as Senator Goldstein says “Yet despite the widespread recognition that spam is a serious problem that costs our economy billions in fraud and lost productivity, Canada remains the only G8 country without anti-spam legislation.” 

Furthermore, he believes that “To compete in the 21st century, Canada must be able to harness the vast commercial potential of the internet without worrying about security.» According to him «The measures in bill S-220 are urgently needed to protect Canadians from cybercrime and to restore confidence in the internet as a platform for business. »

Let’s wish he is right and in the meantime, let’s be vigilant!

Fact to be noted, the email containing the information was unsolicited and failed to fall in any of the categories proposed by the act.

More details here

“An urgent investigation was launched after the USB data stick – with the password attached to it on a memo note – went missing”!!!

- Lancashire Evening Post