Prepare for a Data Breach

Don’t fail to prepare for a data breach! Check out what experts Lee Neubecker and Kari Rollins say are the three strategies to prepare for a data breach.

In the famous words of Benjamin Franklin “By failing to prepare, you are preparing to fail.” Forensic Expert Lee Neubecker and Kari Rollins with Sheppard Mullin agree with our Founding Father and warn that a data breach is inevitable, don’t fail to be prepared!

In her practice, Kari focuses on data privacy, data security and data breach preparedness. Together, they discuss two basic strategies to help you prepare for a data breach; understanding what data you have, where that data resides. Check out our video with transcripts to learn more on how to prepare for a data breach.

Part 2 of our 3-Part Series on Data Breach

The Video Transcripts of How to Prepare for a Data Breach Follows

Lee Neubecker: Hi, I’m back on the show again with Kari Rollins. Thanks for coming back again.

Kari Rollins: Thank you.

LN: We’re continuing our discussion about the Sedona Conference Data Incident Response Guide and some of the best practices of how to prepare for the inevitable data breach and what you should be doing beforehand. So Kari, can you tell me what some of the things are that you advise your clients to do in anticipation of a potential issue?

KR: Sure, and I think planning, in our view, is just as important as the actual response itself and how you investigate. And in the Sedona Response Guide, we’ve pulled together some suggestions for sort of two elements of planning. One is the more technical, understanding what data you have, where that data resides, what your network systems are so that when you do have an incident, and you have to understand what information may have been impacted, to understand whether you have a legal obligation to notify, you have a better understanding and a better map of what those systems are and the information they hold. And a lot of times, using not just counsel and conducting that analysis, but using third party forensic firms to come in and help with that data mapping process is a really important step in getting prepared to understand where are all of the jewels of the company lying within the systems to know what the type of critical impact could be if one of those systems is hit.

LN: And some of the problems I’ve seen is, oftentimes the documents that are distributed and given to legally become outdated, so this is something really that organizations should be periodically updating their network data map and actually using either consultants or tools to help them map out what devices exist on their network.

KR: Right, exactly. And to that point, too, understanding what contracts with those vendors control here. Especially in the event, you have an incident that impacts the system that is managed by a vendor, do you know what information is being controlled by that vendor, and how you all are going to liaise when that incident occurs, who’s going to take control, what the contractual obligations are? Because vendor management is a hot-button issue these days. The FCC itself just came down with a number of guidelines and best practices for vendor management, so being prepared in that sense, knowing where your data is, who your vendors are, who controls it is really important.

LN: Exactly, and I can’t stress enough, it’s important, too, that companies have offline backups of their data because if you have a storage mass go down suddenly, if your company doesn’t have offline documents that describe what the drive geometry for that raid array is, the ability to recover the data becomes compromised and if a hacker gets in and takes out a storage network and the documentation for how to rebuild that storage network is on that drive, that could cause a real problem.

KR: Absolutely.

LN: Do you see that this guide is applicable to companies that are concerned about cryptolocker type malware as well?

KR: Sure, I think this Incident Response Guide can help guide companies through any type of incident, whether it’s a ransomware attack, where their information is being withheld from them, whether for ransom or for other purposes, it could just be useful in investigating the so often seen phishing attacks that seek to attack the email accounts of employees and then further perpetrate other credential harvesting schemes. So it’s useful in the sense that it helps companies prepare for any of those types of attacks. And it does so by helping them with the data mapping, giving them some guidelines on that front. And then also helping them to craft an incident response plan, which I think it’s just as you were talking about, being prepared here with an incident response plan is also the other critical component of preparation and it’s not a one-size-fits-all for the companies. You can’t just, there aren’t these stock-standard off-the-shelf policies that you can then apply because each company has different data systems, and different requirements, and different teams. But this guide provides you with resources and guideposts for how you build that plan that makes sense in the context of your company.

LN: Exactly, and depending on where the company operates, if they operate in Illinois, they might be subject to BIPA, the Illinois Biometric Information Protection Act, which has a whole host of unique requirements. So in our next segment, we’ll be talking more about what should be done after a data incident arises. Just because it’s an incident, does not mean it’s a data breach, but there are certain things you want to do, like have your team in place beforehand. But before we leave, what are your recommendations and what does Sedona say about forming a team to be able to respond in advance of an incident?

KR: I think that is probably one of the most critical elements of an incident response plan is really just knowing who your team is going to be. Who are the individuals that you are going to call when an incident occurs and building that team, it’s important to have the right buy-in? Legal, of course, is extremely important because you want to be able to conduct the investigation under privilege, and in a fashion that gets the facts to your legal counsel in a timely and expedient manner so that you can understand the point at which you have information that suggests you’ve had a breach as defined by law. Because the point at which you learn you’ve had a breach is defined by law as to when your clock starts ticking for notification and that’s in some jurisdictions, that’s a really tight turnaround. So in the incident response plan, in the Sedona Conference Instant Response Guide, we talk about having that team. Having the information security teams, knowing who your third-party experts are going to be if you need third party support to come in and investigate, knowing who your crisis management team from a PR perspective would be. So having all of those individuals listed, with the contact information in the back of your plan so you know who to call, sort of the Ghostbusters, but the privacy busters of an incident, who are you going to call when you get an incident. So I think that’s most important because having the right people mobilized is going to save you time in the end.

LN: It’s important, too, that especially with your forensic experts, you want to make sure you’re working with experienced people that understand the sensitivity around email because as you investigate incidents, your initial impression of what happened or what is going on might change as you learn new information, so it’s important not to begin with the word data breach when you don’t know if it’s a true data breach. Because sometimes, an organization has a security incident but there’s no proof that any data actually exfiltrated or that it was used in any way, so that’s part of at least during that response that we’ll talk about next, those are part of the issues that need to be investigated, but being sensitive to that and making sure that privilege is in place and communications is definitely important.

KR: Yeah, exactly.

LN: Well, thanks and tune in to our next segment where we talk about what to do after the inevitable data breach.

KR: Right.

View Part 1 of our 3-Part Series on Data Breach

Related Articles on How to Prepare for a Data Breach

Prepare for a Data Breach, Secure Your Supply Chain

Learn More About How to Prepare for a Data Breach. Check out Kari Rollins

https://www.sheppardmullin.com/krollins

More About Sedona Conference Data Breach Guide

https://thesedonaconference.org/search/node/data%20breach%20guide

End of Windows 7

What are some of the potential problems for an organization trying to secure Windows 7? Cyber Security Experts Lee Neubecker and Atahan Bozdag say it’s analogous to owning a home and not maintaining it, eventually something breaks and it’ll cost you a fortune to fix!

Securing Windows 7 Environments

On January 14, 2020, Microsoft announced support for Windows 7 has ended. As reported by Microsoft, “Technical assistance and software updates from Windows Update that help protect your PC are no longer available for the product. Microsoft strongly recommends that you move to Windows 10 to avoid a situation where you need service or support that is no longer available.” It’s official…it’s the end of Windows 7! We have to end our love affair with Windows 7 and move onto Windows 10. What does that mean for the end-user? Well, if you stay on Windows 7, you will deal with constant security threats, and there will be no more updates or support. If you upgrade it’ll cost you approximately $139 for a home computer, $199 for a small to large business and $309 to upgrade a workstation that needs a faster powerful operating system.

Cyber Security & Computer Forensic Expert Lee Neubecker and “Fellow Forensicator” Atahan Bodzdag break down what impact is imposed on cyber security when computers no longer receive service patch updates or support for Windows 7. They discuss the usage of Windows 7 by the Health Care organizations that are resistant to change or have application that have not been ported to work with Windows 10.

Atahan Bodzdag provides an overview of top three items that all organizations dependent on Windows 7 should be undertaking to maintain cyber security resilience.

Window 7 Security Vulnerabilities

The Video Transcript Follows

Lee Neubecker: Hi, I’m here today with Adahan Bozdag. Thank you for being on the show Adahan.

Atahan Bozdag: Thank you for inviting me, Lee.

LN: Atahan is a fellow forensicator and cybersecurity expert. He works within the healthcare sector and works internally to an organization, doing some of the things I do as an expert witness outside an organization. And today we’re going to be talking about Windows 7, the end of the life cycle of Windows 7, and some of the cybersecurity issues relating to organizations that are in Windows 7 and are trying to prevent future data breaches. So, Adahan, could you tell everyone a little bit about what Microsoft did recently as it relates to Windows 7?

AB: Well, as you said, Windows 7 end of life cycle happened. It’s was January 14, 2020. They stop patching Windows 7 environment, so it is vulnerable to any attack after the date. January 14, 2020.

LN: So then when people report their CVEs, detailing vulnerabilities on Windows 7, eventually they’re up there for the hacker world to see. and to exploit because Microsoft’s not patching that operating system.

AB: Very true. It’s a dream come true for the hackers.

LN: Yeah, well, no more data patches means what exactly?

AB: It means that you are more vulnerable to attacks.

LN: So every day the risk of cyber compromise only grows for organizations still on Windows 7.

AB: Very true.

LN: So, what is for the non-technical person out there, could you explain what this is analogous to?

AB: Well, I can give you the house analogy. You buy a house and you don’t do any upgrades. You don’t do any maintenance. Something is going to break. So this is what’s going to happen with Windows 7. Because there’s no more patch, there are no more updates, there’s no more security involved in it. At one point if you still continue using it, you will get breached.

LN: So, it’s kind of like your locks start to fall off the door at a particular time

AB: Exactly, exactly.

LN: And if you consider the contents of a health care provider, to have sensitive data like patient medical records, electronic medical records, protected health care information, or PII, all of that stuff is vulnerable to exfiltration?

AB: Yes, very, yes.

LN: So, why are people still using Windows 7, given this threat?

AB: Well, some applications are not upgraded to work with Windows 10, and what happens. So then a lot of people working in the corporate environment are resistant to change because the applications are not working with Windows 10. So those,

LN: Or they just like the cleanness of Windows 7, relative to Windows 10, which

AB: Yes

LN: It has a lot of bloatware loaded on it if you’re getting the version off the shelf.

AB: True, true.

LN: Who really needs to have all these games on their environment?

AB: Exactly. But at the same time, every healthcare company that, you know, even my company that I’m working for, we have a golden image that we create, which are stripped down from all those games and stuff like that. So we don’t use those. But, to get there, there is always an image needs to be updated in Windows 10.

LN: So what are some of the potential problems for the organization that stays on Windows 7 and just doesn’t get with the program to migrate off?

AB: Well, first thing is, APT.

LN: What’s an APT?

AB: APT is an Advanced Persistent Threat.

LN: That’s like that nation-state, Big Brother lurking on the chips of the computer device, waiting for a moment to attack, right?

AB: They can infiltrate you. They can do nothing, just sit and wait, and look at your data. And we have seen that in many breaches. The time that you found out that the company was breached, they’ve been in the system for more than six, seven months. So they were collecting data slowly by slowly, and at one point they turned the engine on, and then the doomsday attack starts. Suddenly you start losing data. Deletion happens and then, they grab everything out from your system.

LN: “So there’ ve been a lot of nation-states making threats.

AB: Oh, very much so.

LN: This could be a huge opportunity for certain nation-states to get themselves onto hackable systems and merely wait until the opportune time to strike is such that they could magnify the damage.

AB: Exactly.

LN: We have a power outage,

AB: Yes.

LN: And they were to strike at that time, that would probably magnify the damage significantly.

AB: Very, very much. And now you’ve been talking about those in your other videos about these kinds of things. The cyber realm is another way of attacking our national interests. Health care is one of them.

LN: So let’s assume that an APT gets into a health care environment, health care provider’s systems, and they’re able to access electronic medical records, EMR, patient health care information, what might they want to do with that information?

AB: Well, patient records, especially the names, social security numbers, medical records, everything is sellable in the Darkweb.

LN: And it’s worth a lot more than just giving social security numbers.

AB: It is. True. It’s like a single record may go for $35. If you got about 10,000 records, 10,000 records times about $35.

LN: It’s likewise though, that data exfiltrates, and it gets out there in the market, the health care providers are looking at potentially significant financial damages, as well as reputational damage.

AB: Yes, yes. Because when these things happen, suddenly you have to report this either to the government or to the media. And then afterward the penalties will come. And investigations cost a lot of money. Penalties are really severe And doing all of these things, and if you’re still in the Windows 7 environment you’re actually opening yourself to these kinds of attacks.

LN: Yeah so, when these data incidents happen, as you like to call them, what do you see the role of internal IT investigations versus an outside computer forensic firm like myself specializes in data breaches and EMR. What is the typical role and function of the internal versus the outside expert witness?

AB: Internal it’s you know like myself, we do the investigation internally but we would love to hire, I mean we would like to hire an outside investigation, to give unbiased information. Saying that if you go to the legal ways that you will be able to say that hey, I’m not involved with this company I’m doing this…

LN: Sometimes, there’s benefit to having an outside forensic expert that’s independent speak only to the issues that are relevant and not necessarily have a knowledge of who was in IT that got fired or any of that other stuff that isn’t really relevant to the investigation but could create risk for the health care provider.

AB: True. True.

LN: So with regard to reporting obligations, let’s say you find that there was indeed exfiltration of patient data and that information left the organization, what are the reporting obligations?

AB: Well the best way that I can tell right now is if you were at the hhs.gov or consult your attorney it will actually tell you especially the website, will tell you what are the reporting obligations. There are multiple levels. If I go into details over here, it’s not going to last.

LN: Got it. And so, we talked about exfiltration but what can happen if someone gets in and actually deletes patient medical records?

AB: Well, the first thing is in hospital systems that patient who’s going to be either going into surgery or something like that, they will not be able to get, pull out the data.

LN: And so people who have a need for critical life-saving care, might actually die.

AB: Yes.

LN: Or worse yet, if someone were to alter the medical records

AB: That is a threat

LN: And say instead of your left lung having cancer it’s your right lung and you get the wrong lung removed, that’s a real problem

AB: It’s a big problem.

LN: So if you have to say, wrap it up what would be the top three recommendations you make to health care organizations to help defend against the potential future data breach that’s from running Windows 7?

Top 3 Measures to Defend Windows 7

AB:

  1. First is implementing operate plan to leave Windows 7, immediately. That’s a given fact.
  2. Second, isolate Windows 7 legacy into VDIs which we call the Virtual Desktop Environments. Isolate them from the network.
  3. And the third, make sure that your disaster recovery is in place and you do periodic tabletop exercises.

LN: Well thanks so much, that was really informative. I appreciate you coming on the show.

AB: Thank you for inviting me again.

LN: Take care.

Microsoft Windows 7 End of Support

https://support.office.com/en-us/article/Windows-7-end-of-support-and-Office-78f20fab-b57b-44d7-8368-06a8493f3cb9

Other Related Articles

View Microsoft website here

https://www.microsoft.com/en-us/

Jacob Meister’s First 90 Days

Most voters think the Clerk of the Circuit Court of Cook County’s office is ground zero of what’s wrong ethically in Cook County government. Candidate Jacob Meister vows to clean up the office and deliver much needed ethical reform.

Enigma Forensics President & CEO Lee Neubecker interviews Jacob Meister, who is running for the office of Cook County Clerk of the Circuit Court. Lee is interested to learn more about what Jacob Meister plans to do in his first 90 days in office.

View Part 2 of our 4-Part Series on Jacob Meister, Candidate for Cook County Clerk of the Circuit Court

Part 2 of our 4-Part Series on Cook County Clerk of Circuit Court Candidate Jacob Meister

The Video Transcript follows

Lee Neubecker: Hi, I have Jacob Meister, who’s running for Cook County Clerk of the Court. He’s back on my show today. Jacob, thanks for coming back on.

Jacob Meister: Thank you for having me.

LN: So, as a candidate for Cook County Clerk of the Court, which is one of the largest court systems in the U.S., what do you see as your top priority in your first 90 days in terms of fixing a big problem that needs to be addressed?

JM: Well, the Clerk of the Circuit Court of Cook County’s office is ground zero of what’s wrong ethically in Cook County government, you know? The voters in recent years have elected a new Cook County Assessor, Fritz Kaegi, a new mayor, Lori Lightfoot, and have made clear that they demand ethical reform, in government, and the Clerk of the Circuit Court is ground zero of what needs to be fixed. This is an office that for decades and decades has been plagued with political patronage, political workers getting jobs at the public expense in order to do political work. We have to stop that, and in my first months in office, I want to make sure that we are cleaning up the office to make sure that we are delivering taxpayers value for their money and that employees are dedicated first, foremost and exclusively to serving the public interest in the clerk’s office. We cannot get over the operational problems that this office has until we first clean up the ethical issues. So, I want to make sure that the patronage in the office comes to an end. That we comply, there’s currently a federal decree, it’s called the Shakman Decree, that the office is under that requires patronage to hiring, to not be done by patronage. I want to make sure that people are promoted from within, not given these political jobs where employees are beholden to the party machine.

LN: Great, well, thanks for being on the show, Jacob.

JM: Thank you, Lee.

View Part 1 of our 4-Part Series on Jacob Meister

Part 1 of our 4-Part Series on Cook County Clerk of the Circuit Court Candidate Jacob Meister

Other Related Articles

Steps Employers Should do Before Using Biometrics

More and more employers are using biometrics. Biometric information and is covered by the Illinois Biometric Information Protection Act or BIPA. Forensic expert Lee Neubecker and Vedder Price Shareholder David Rownd talk about the steps employers need to take so they don’t violate BIPA.

Employers Using Biometrics

What should employers do before collecting biometric information? Biometrics is on the cutting edge of technology and more and more employers are using biometrics in the workplace. Employers use biometrics to activate machinery or computer devices, to track employee time and attendance, and can be used to gain access to specific secured environments. The most common example of employer use of a biometric recognition system is the fingerprint.

Expert Lee Neubecker and Vedder Price Shareholder David Rownd discuss the necessary steps that all employers should do before installing biometrics.

Part 3 of our 3-Part Series on Biometric Data

Part 3 of our 3-Part Series on Biometric Information

The Video Transcript Follows.

Lee Neubecker (LN): Hi, I’m here again with David Rownd. David, thanks for being back on the show.

David Rownd (DR): Oh, thanks for having me again.

LN: So we are continuing our series talking about BIPA, the Illinois Biometric Information Protection Act. And what employers should do, especially those New York employers that have satellite offices in Chicago that track their employees and whatnot and how they should, things they might want to do beforehand so that they don’t get into trouble. With that David, what are some of the concerns and responsibilities employers have under BIPA?

DR: Well, first of all, they have an obligation to notify employees that they are using biometric information. And they have to tell them why they are using biometric information. They have to safeguard the information. They have to have policies in place to safeguard the information. And they are absolutely prohibited from selling the information to third parties.

LN: That would mean if they are using time tracking software they might want to check to see what adaptations those software companies have in terms of how they protect employees’ fingerprints and whatnot.

DR: Absolutely.

LN: And is it a good idea for the employer to actually get the employee to sign a consent form?

DR: Absolutely. In fact, they are required to obtain consent

LN: Okay

DR: before doing this. And this is an important consideration for employers and it should be something that is well thought out and a program put into place that complies with the law before embarking on the use of biometric information.

LN: So employers if you have a trading firm here in New York that has a satellite trading, possibly an option firm, options are big in Chicago. What would you advise them to do just to do a check-up to make sure they are OK?

DR: Well, if you are going to be using your employee’s biometric information in Illinois it would be covered by BIPA. And you need to make sure you are in compliance with the law. And I think it makes sense for your in-house legal team or whatever counsel you rely on to go over what you planned to do and ensure that what you are going to be doing is in compliance with the law.

LN: So I think the intent though of a lot of these tracking features of time tracking software really is to try to protect employees from punching in for, you know, their friend that is running late. But there are other ways that employers can still do that without relying on fingerprints or retina scans.

DR: There are other ways. Smartphones can be used and they can be used without taking any biometric information. And there are other ways of doing it as well. But if you are going to be using biometric information, you certainly should make sure that you are in compliance with BIPA because it’s been a very active, very buried in litigation. There’s been a lot of class actions lately and a lot of companies have had some issues. Most employers would be well advised to make sure they don’t run afoul of the law.

LN: So why are we suddenly hearing so much about BIPA in Illinois? What happened last year that changed things?

DR: Well, there was an Illinois Supreme Court case that really kind of open the floodgates for plaintiffs to be able to sue. Normally in order to bring a lawsuit, you have to be able to show that you suffered some specific harm which is referred to in the law as damages, and that is an element of most civil causes of action. However, under the way, BIPA is written an aggrieved party can bring a private right of action under BIPA. And there’s the Illinois Supreme Court, a case called Rosenbach, last year, basically held that the mere violation of the law with the respect to someone’s biometric information makes that person an aggrieved party. So, the fact that your biometric information has come out of compliance in a program means you’d have the standing to bring a lawsuit. And more importantly, that you could potentially be the lead plaintiff in a class-action lawsuit which ups the ante significantly for employers and exposes them to much more significant liability.

LN: So this could expose any employer using time tracking that has a biometric component in Illinois?

DR: Potentially, yes.

LN: Now are there things that can help protect those employers though from getting in the crosshairs if they are using that software?

DR: Well, I mean, ensuring that you’re in compliance with the law, certainly. Which means making sure you’re getting consent. Making sure that the concent is informed consent and the consent is in full compliance with the requirements of BIPA. Not doing anything that BIPA prohibits such as selling the information to third parties. It sounds pretty obvious but it’s something that’s important to make sure you’re in compliance with the law.

LN: Now there was a case in Illinois involving, it was an athletic gym that had customer information and some of that information was alleged to have gone to outside parties. And I think that case settled, but it certainly not only employers could fall into the snare of BIPA, but consumers as well, people who do business with companies that choose to take their biometric data.

DR: Absolutely

LN: Like possibly even Google and Facebook.

DR: Potentially, yes.

LN: Well, thanks a bunch. In our next segment, we’ll talk a little bit more about what is happening nationally with BIPA. And thanks again for being on the show.

DR: Thanks for having me.

View Part 1 of our 3-Part Series on Biometric Information

Part 1 of our 3-Part Series on Biometric Information

View Part 2 of our 3-Part Series on Biometric Information

Part 2 of our 3-Part Series on Biometric Information

Other Related Articles

View Vedder Price – David Rownd

https://www.vedderprice.com/david-rownd

To learn more about BIPA

http://www.ilga.gov/legislation/ilcs/ilcs3.asp?ActID=3004&ChapterID=57

How ZyLAB Can Help Your Company

ZyLAB is a global company that can help an organization who has to deal with various regulatory authorities spanning the globe. They are dual-headquartered in both Washington, D.C. as well as Amsterdam in the Netherlands. If your dealing with GDPR in the EU or CCPA in the US ZyLAB is equipped to provide service. In this video blog Lee Neubecker and ZyLAB’s Jeffrey Wolff discuss what differentiates them from their competitors.

Cyber Forensic Expert Lee Neubecker and ZyLAB’s eDiscovery Director Jeffrey Wolff discusses how ZyLAB Artificial Intelligence (AI) solutions can help your company. ZyLAB is an eDiscovery provider that works with government entities, corporations and law firms to provide data solutions. ZyLAB assists in extracting value from data, and not just metadata, but also document review that is about looking for entity information. ZyLAB is able to search for key people, places, and organizations that are mentioned in documents and/or emails, and quickly drill down to what is going on in your organization.

Watch this important final part of our 3-Part Series on Artificial Intelligence Solutions and eDiscovery. You will learn about what ZyLAB offers that will help your company with document review and ultimately save time and money.

Part 3 of our 3-Part Series Artificial Intelligence (AI) solutions and eDiscovery

The Video Transcript Follows.

Lee Neubecker (LN): Hi, I have Jeff Wolff, back on the show from ZyLAB. Jeff, thanks for coming back on.

Jeff Wolff (JW): Thank you.

LN: He’s their Director of eDiscovery, and I wanted to ask him some questions as it related to what differentiates ZyLAB from other products out on the market. Some of my clients may want to use this type of artificial intelligence program to help get through their review and see what the results are of using AI versus the traditional e-discovery review process, so.

JW: Sure.

LN: Jeff, could you tell us what sets ZyLAB apart from other competitors in the marketplace.

JW: Sure, sure, so first, I think ZyLAB is uniquely positioned in the fact we understand the corporate space quite well, as well as the law firm space, but we got our start in the corporate world, or in information governance. So we are very vested in search and data science, and that’s really where we’ve put a lot of our focus. We have both on-premise solutions, as well as cloud-based, SaaS solutions like every other next-gen provider. But we really push our interface, our user interface and our user experience, as one of the most unique selling points. And that is, that it is not difficult to start using. Anyone, any legal professional can pick up our product in an hour, from start to finish, and understand really how you utilize it. Drag and drop interfaces for getting data into the system, and immediate color-coding and tagging, easy search, and the ability to really visualize your data and understand what’s in the dataset.

LN: Okay. So, what would you say for a company that has to deal with multiple jurisdictions, they’re in Europe, they’re in the US.

JW: Sure.

LN: There are some unique challenges posed by all the various regulations out there, like GDPR.

JW: Right.

LN: Maybe the have operations in China. How could you help a company that has to deal with various regulatory authorities spanning the globe?

JW: Sure, and that’s another advantage that ZyLAB has, actually, we’re actually a global company, so we’re dual-headquartered in Washington, D.C., here in the US, as well as Amsterdam in the Netherlands, in the EU. And as a result, we have cloud operations in both jurisdictions. So our global customers can actually keep US data in the US, and they can keep European Union in the EU, and not worry about that issue. But we also have the expertise, consulting expertise, in both environments, both geographic locations. For example, I’m doing a lot of work now with corporations, not so much focused on directly just on e-discovery, because e-discovery is a bit reactive, you know? Or corporations go through peaks and valleys with e-discovery, the litigation, something they have it, sometimes they don’t. What they constantly have though, are internal investigations, regulatory responses, in the highly regulated corporations. And more and more now, data privacy concerns. So, my European colleagues have been dealing with GDPR for a while, we’re now starting to feel it here in the US, with CCPA, the California Consumer Privacy Act. And there are a number of states on the horizon that are going to California’s examples, so corporations need to be able to find, and classify all the data that they have in their organization that has customer information because if those customers request it and they can’t provide it, they’re financially in a lot of trouble.

LN: Do you think that the regulations coming down on companies are going to fundamentally change how companies chose to communicate with their vendors, suppliers, and own employees?

JW: Absolutely. If you look at all the recent data breach situations, it’s typically not the organization that has the problem, and I won’t mention any of the large companies that have recently had data breaches, but it’s typically not the original company that had the issue, it’s one of their suppliers, or one of their vendors that had accesses to the database, and wasn’t protecting it properly, and that’s how the trouble began.

LN: Yeah.

JW: Same thing with data privacy.

LN: The supply chain certainly is a huge point of vulnerability for all types of organizations. The governments, the military.

JW: Yep.

LN: and even corporations.

JW: Yes.

LN: So what do you see happening over the next few years with the adoption of AI platforms?

JW: I think the e-discovery market is going to fundamentally change. There’s still always going to be a need for discovery within corporations and law firms, but what you do you with the data is going to become much more important, so it’s going to be about how you can extract value from the data, not just metadata, which we’ve always been able to do for years now, but now more about looking for entity information. People, place, organizations that are mentioned in documents and emails, and collaborative environments, and being able to visualize those, and quickly drill down to what was going on in your organization. You know, if you got people that are going to the dentist three times a week, they’re not doing to the dentist, they’re doing something else, They’re just writing about going to the dentist.

LN: Yeah.

JW: Software like ours that can identify those references in documents are going to be crucial to the success of organizations.

LN: That’s great. So it seems that there’s continued e-discovery service provider consolidation out there.

JW: Mhmm.

LN: The companies that are using tools that are more of a channel partner tool to resell.

JW: Yes.

LN: But as those companies consolidate, do you think that there’s going to be a movement away from those providers where, the company, the firms, directly do their own e-discovery?

JW: Oh, yes. Yeah, very much so. We’ve been seeing that over the last few years. A lot of companies, even small companies that tend to have, in the past, just used outside vendors for e-discovery, are now deciding that they prefer to control, not just the cost, but also their data. They don’t want their data outside of the organization for reasons we’ve already talked about. So they’re purchasing in-house tools that they can use themselves, and then they can invite outside counsel in to make use of, that way they control their costs, they control the efficiency, and they control the data.

LN: Well, this has been great. Thanks a bunch for being on the show.

JW: Thank you again.

LN: Take care.

JW: Bye-bye.

Part 1 of our 3-Part Series on Artificial Intelligence

Part 2 of our 3-Part Series on Artificial Intelligence

View Other Related Articles

View ZyLAB website

https://www.zylab.com/en/company

Learn More About GDPR and the European Union

https://gdpr-info.eu/

Learn More About CCPA the California Consumer Privacy Act

https://oag.ca.gov/privacy/ccpa

Preventative Measures: Medical Devices

What is a FIPS 140-2 and how does it play a role in medical devices? Are medical devices manufactured with security in mind? Experts Lee Neubecker and Keith Handler discuss medical device security.

What measures are in place to help protect medical devices from cyber compromise? President & CEO of Enigma Forensics, Lee Neubecker gained insight into the latest and greatest preventative measures being developed for medical devices. Lee sat down with the top engineer for Sterling Medical Devices, Keith Handler and explored technical measures applied to the manufacturing process of medical devices. Check out this video to learn all about the tech measures. You will be so much smarter if you do!

Part 3 of our 3-Part Series on Medical Devices

Part 3 of our 3-Part Series on Medical Devices

The video transcript of Preventative Measures: Medical Devices follows.

Lee Neubecker: Hi, I’m back on the show again with Keith Handler from Sterling Medical Devices. Keith, thanks for coming back.

Keith Handler: Hi Lee, thanks for having me.

LN: So in our 3rd segment on medical device security, we’re going to talk a little bit more about some of the hardware elements, how the software gets loaded onto medical devices and what things are in place to help protect medical devices from cyber compromises. So first, Keith, can we start off with telling everyone what FIPS 140-2 is and how that plays a role?

KH: Yeah, absolutely. FIPS is the Federal Information Processing Standard, 140-2 is the specific certification for encryption libraries. That certification means that those encryption libraries are proven to be usable and certified to be usable for federal systems and medical systems.

LN: Most hospitals require FIPS 140-2 for immediate devices if you’re transferring PHI, Patient Health Information. If you’re transferring that information to external storage, they want to make sure you’re using secure storage that meets federal information processing standards.

KH: Correct.

LN: So when you’re evaluating a device for security, what are some of the things that you do to help ensure that the firmware that’s stored on the chips is secure and safe?

KH: Well, an embedded device it’s a challenge, of course, you have limited space, limited capabilities typically, especially on lower power devices. If you’ve got the space and the ability, we can use hardware encryption chips, hard-circuits, those are usually the most reliable and the most performant. If not, there’s plenty of embedded libraries out there that are FIPS 140-2 certified. The main thing being that we never roll our own as far as encryption libs go, we use federally certified ones to ensure that we’re up to the current standards and encryption strength.

LN: Those standards change over time.

KH: Correct, yes.

LN: At one point and time, SHA-1 encryption used to be considered perfectly fine, but now with quantum computing, there’s been a rush to ditch SHA-1 and require SHA-2 as encryption library to help secure things.

KH: Yes, this brings up an important point actually. How do we keep things secure moving forward when new vulnerabilities are found, new attacks are found, libraries are cracked.

LN: Yeah so, what do hospitals and other healthcare providers need to be doing to ensure their devices stay secure once deployed?

KH: Well, hospital healthcare providers need to be making sure that they are up-to-date with the manufacture of all of their devices, that they are keeping apprised of any kind of recalls or anything like that. Manufacturers, the people that we typically deal with, product developers, their responsibility is to maintain a bill-of-materials, a cyber bill-of-materials; their libraries, their encryption circuits, make sure that they’re tracking the versions and things like that so that when a company has a vulnerability exposed, they can become aware and make updates and push them, software especially, as fast as possible.

LN: All right, so if an organization or a healthcare entity were to become compromised, have you been involved with supporting the client that underwent a cyber compromise?

KH: I have not, we’re usually in the earlier stages of developing the products prior to that occurring, and our products hopefully never get compromised.

LN: So I’d imagine though that if there’s a concern about the security of certain medical devices, that there’s a need to actually dump the firmware. Firmware is software stored on an embedded chip. But the firmware will persist after power-down, reboot to whatnot, but there is an ability to go and extract the firmware of the chip with the correct tools, such as a Bus Pirate, or other devices. And then what would you do to examine, if you had access to the firmware on a chip, how would you go about ensuring that that’s authentic?

KH: Well the first thing is if we’re going to push out firmware, things like that, you need to make sure that the device can know that it’s authentic. And we do things again, like digital signing, signature verification encrypting of that firmware package. That way we have a verification process in place to ensure that what we’ve got coming down is good.

LN: So that’s known as a hash.

KH: That’s part of it yes.

LN: So the hash value is the unique encrypted thumbprint generated by a hash algorithm and those hash values can be used to compare against the manufactures release version and what’s on the chip to determine, are they running the most recent up-to-date firmware, or are they running a older version or are the running something that’s rogue that is not known by the manufacturer.

KH: And that’s the real key, to make sure that what we’re running is what we expect it to be and not something that has been tampered with.

LN: How often are hospitals and IT staff actually auditing and checking their firmware?

KH: You know I’m not clear on that, but I would say almost certainly not enough.

LN: Yeah, so that’s one of the things that I know you’ve said earlier, that it’s important that all these entities using the devices, once they’re certified and deployed, there’s still a responsibility on the healthcare delivery organizations to make sure that they’re patching and updating those devices so that they keep the standards.

KH: Ideally. Nowadays, a lot more devices are connected, communicating out with central servers, and that gives them the advantage of being able to receive security updates, so it takes that middleman out, essentially, but that also opens up additional potential security holes that have to be considered and protected against.

LN: Yeah, and anything that comes to mind that you’re concerned about in regard to new threat factors?

KH: Well, you know, again, if I’m distributing firmware by handing it to you on a USB stick, you can be pretty certain that what I’m giving you is likely to be good. If I’m telling you download it from this site, you don’t know. For all you know, it could get tampered with in transit. So it raises a lot of additional risks.

LN: Do you think that there’s something to be said for going back to the old updates on CD, read-only media?

KH: Well, you know, information is what it is, and things mover faster nowadays, so I don’t know that it makes sense to move backward, it just means that we have to have more modern methods of protection.

LN: But thanks a bunch for being on this show. This is great stuff.

KH: You’re very welcome, and thanks for having me.

LN: It’s my pleasure.

View Part 1 of our 3-Part Series on Medical Devices

Part 2 of our 3-Part Series on Medical Devices

Other Related Articles

Overview of the FDA’s Medical Device Regulations

https://www.fda.gov/medical-devices/device-advice-comprehensive-regulatory-assistance/overview-device-regulation

Sterling Medical Devices website

https://sterlingmedicaldevices.com/

Pitfalls in AI?

Artificial Intelligence (AI) is the fastest-growing eDiscovery solution in the Legal Industry. Just like in Henry Ford’s day, it’s the keen cutting edge shaving away costs by reducing time spent from evidence to production. Use AI and don’t land in the pitfall.

“Competition is the keen cutting edge of business, always shaving away at costs”…Henry Ford

Is there a pitfall if you use AI? Computer Forensic Experts Lee Neubecker interviews Chief Innovation Office with DISCO, Cat Casey both agree the largest pitfall in AI is NOT embracing AI! Artificial Intelligence (AI) is the fastest-growing eDiscovery solution in the Legal Industry. Just like in Henry Ford’s day, it’s the keen cutting edge shaving away costs by reducing time spent from evidence to production.

Cat explains DISCO was born out of the firm’s frustration with conventional eDiscovery tools that were slow and difficult for lawyers to use. Instead of being forced to adapt our work methods to technology, we wanted to invent technology that works the way lawyers work. DISCO was the result, and today we are the fastest-growing eDiscovery solution in North America. Both experts agree implementing AI will help companies gain a competitive edge. Watch this video to hear examples of how AI helps sharpen that edge!

Final Part of our 3-Part Series in Artificial Intelligence: Pitfalls in AI

The Video Transcript Pitfalls in AI Follows.

Lee Neubecker (LN): Hi and welcome back again Cat. Thanks for being on the show again.

Cat Casey (CC): My pleasure.

LN: Cat Casey from CS Disco. She’s a Chief Product Innovation Officer. Did I say that right?

CC: Chief Innovation Officer.

LN: Okay.

CC: Products too, though. It’s fine.

LN: They call her chief.

CC: They should.

LN: So we’re going to talk now, in this last part of our series on artificial intelligence, about some of the challenges of organizations that don’t adapt and don’t get on board. So, what do you see the potential risks and pitfalls for law firms that don’t begin to embrace so sort the form of a technology-assisted review or artificial intelligence to help speed up the review process?

CC: Well, at a very basic level, clients are getting smarter. We’ve got CLOC https://cloc.org/, we’ve got clients talking to each other more, and they’ve raised their expectations of how their firms are going to be competitive. And it used to be if you were big law firm A you would always have this corporate client for every anti-trust case they would always go to you. But now I was getting dozens of RFPs where they’re asking me what technology are you using? How are you driving innovation? How are you driving efficiency? Because there is a higher expectation of competition between outside counsel. That, maybe, wasn’t there a few years ago. And so, the client expectation is driving this appetite to investigate eDiscovery and Artificial Innovation (AI) based innovation in a way that wasn’t here a few years ago.

LN: Has there been any industry research that has attempted to benchmark the cost of a case using an AI platform to speed up review versus not, to your knowledge?

CC: You know. I can speak from Disco, and we see about a 60% reduction in time to evidence to production. And that translated to dollars. And so, I mean, 60% savings on the 80% of a case that is reviewed is substantial. The thing that I think is most important is cost-savings big, but getting evidence quicker.

LN: Yeah. Time is of the essence.

CC: That is the thing that is paramount because of a lot of these companies… I worked at a company that had very big budgets, but no amount of money, no amount of people, was going to be enough to get these insights I needed before the meet and confer. Or before I had a critical filing with a government investigator. And so, getting evidence quicker so I can start building my case, was the differentiator.

LN: Yeah, certainly if you’re working for a company facing a DOJ inquiry.

CC: Yep.

LN: Knowing the good, the bad, the ugly.

CC: Yep.

LN: As soon as possible can help you make better decisions for your clients. Which might involve, you know, settlement. settling. Yeah, yeah. There have been many recent settlements, recently, from big companies that didn’t want to get tied down at least.

CC: Well I’ve had cases where… One of my favorite ones I used tons of different AI and analytic tools. I had a big bank that had been fined billions of dollars and another big bank was, they had hired on people in that same group, and they were wondering if they would be subject to the same investigation. So, I did some social network analysis. Who was talking to who, with what frequency? I parsed Bloomberg’s chat. I parsed audio logs. And I used everything to keep triangulating down until I was able to identify the bad actors, saying the bad things, and the map of the structured data to show they didn’t do the bad things. And my company wasn’t on the front page of the Wall Street Journal. My company wasn’t fined. So it ends up being very compelling, even early in investigations.

LN: Yeah. Certainly responding quickly is important now. Have you seen any success stories as it relates to companies embroiled with data breach incidences, that have used your platform to help get ahead of what was going on?

CC: 100%. I mean PII, so personally identifiable information, is something that you’re going to have to notify if there is a breach. So if someone, say your Equifax, not that I’m naming them, but say you’re a big company with a lot of personally identifiable or health information. You need to identify it quickly, notify these people in their specific timelines. Tools, like Disco’s, help you use algorithms to find that quickly and act upon it. Otherwise, if you’re looking at 100 million records, there’s no amount of humans that could go through that, in a timely manner, where you’re going to comply with time obligations. And so, it’s majorly impactful.

LN: That certainly is. Well, are there any other things you want to say on the show before we wrap up?

CC: You know, adapt. The reality is no one wants to be the buggy whip maker in a Tesla world. The time to start investigating and vetting and ensuring that the tech you’re looking at isn’t hype is now. Because in a year, or three years, or four years, you might be behind the curve. So, find your resident dork, ask questions, dig into the tech. Now is the time.

LN: And it’s probably worthwhile, you know, without being biased towards Lit Funder, why not take a case try out Disco, try out another offering to see what really works. I mean you had the benefit of…

CC: Yeah.

LN: You were on the other side working for the law firm, shopping for vendors.

CC: I did a 55 vendor RFP. I’ve seen everyone. I’ve looked under every hood. I mean there’s a reason I went to Disco. But there are other tools good out there. I think you want a toolbox with lots of different tools. If you’re a hammer, everything looks like a nail. Let’s be honest, litigation is always bespoke, so you want lots of tools that can help you address it.

LN: Great. Well, thanks again for being on the show.

CC: Yeah, my pleasure.

LN: This was great.

Watch the Entire Series on Artificial Intelligence (AI)

Part 1 of our 3-Part Series on AI

Part 1 in our 3-Part Series on AI

Part 2 of our 3-Part Series on AI

Part 2 on our 3-Part Series

Other Related Articles

DISCO’s website

https://www.csdisco.com/about-us

The Association for the Advancement of Artificial Intelligence

http://www.aaai.org/

What does the Cook County Clerk of the Circuit Court do?

Meet Jacob Meister candidate for Cook County Clerk of the Circuit Court that oversees the second-largest court system in the United States. Jacob vows to improve and better manage over 400 judges in 14 different court locations all around Cook County.

The Cook County Clerk of the Circuit Court is one of those offices that is not well known but is extremely important in the operation of one of the nation’s largest court systems. The Cook County Circuit Court is the second-largest court system in the United States. The Clerk of the Circuit Court is responsible for overseeing all the court records for many courts including small claims, chancery, civil, law, probate, child support enforcement, traffic, and criminal courts. There are over 400 judges in 14 different court locations all around Cook County.

In this video, Lee Neubecker interviews Jacob Meister, a candidate for the Cook County Clerk of the Circuit Court. Jacob Meister has been a practicing attorney in Chicago for 29 years. In his law practice, he has been a near-daily user of the Cook County Court system and he has experienced firsthand the tragically antiquated and inefficient operation of the Clerk of the Circuit Court’s office. Jacob Meister shares how he intends to reform the antiquated system, create a better judicial management workflow with transparency, efficiency and while running the office in an ethical manner.

Part 1 of our 4-Part Series on Meet Jacob Meister Candidate for the Cook County Clerk of the Circuit Court

The Video Transcript for What Does the Cook County Clerk of the Circuit Court Do?

Lee Neubecker: Today I have on my show, Jacob Meister. Jacob’s running for Cook County Clerk of the Court. And he’s come on today to tell us all a little bit about what the Clerk of the Court does and what their role is. Thank you for being on the show.

Jacob Meister: Well, thank you for having me on, Lee. The Clerk of the Circuit Court is one of those offices that are not really well known but is extremely important in the operation of our courts. The Cook County Clerk oversees the second-largest court system in the United States. We have over 400 judges in 14 different court locations all around Cook County. And the Clerk of the Court is the chief operating officer effectively of the courts, overseeing everything from all the court records to staffing the courtrooms, the Court Clerk’s who take your oath when you go testify and then all of the intake and the counters. And they also oversee things like child support, about a half a billion dollars a year in fines, fees, and forfeitures. They handle all the accounting so that when a fine is paid, it goes to the right municipality or to the state or to whoever is entitled to that money for the fines. So it’s very important. The Clerk’s office is currently occupied, as you may know by Dorothy Brown. She’s retiring after 20 years. And we really need to rethink how the Clerk’s office works. I personally am the only one in the race who has actually practiced for 29 years in the Circuit Court of Cook County and made a career of it. And it’s an office that’s broken. It’s broken ethically and operationally. We still, unfortunately, as judges and lawyers hand write out orders in triplicate using carbon paper. And for a court system that has a million and a half cases pending, that means millions and millions and millions of pieces of paper just in court orders. We can do better. We have to do better. The private industry long ago automated, implemented technology. We need to do the same thing in courts. And let me just give you a couple of examples of the real-life consequences of what happens because of our broken technology. We have about 600 prisoners right now in the Cook County or in the state of Illinois prison system who have appealed their convictions and their convictions for more than a year, cannot move forward because the Clerk’s office has lost the paperwork. And this has been pretty widely reported on. But the other things are that you know, people end up getting evicted, they have child custody issues, they sit in the Cook County jail because our current system can’t get paperwork where it needs to be. It doesn’t have good auditing standards, accounting standards. We need to do better because it affects substantial justice.

LN: So will you put computers into the courtroom with printers so that the documents are being captured instantly, electronically?

JM: Well, it’s actually beyond that. So you’ve got two kinds of systems. You’ve got one system which is, a filing system. And right now, we are in the process of moving over so that when people file paperwork, it gets filed electronically. But the second system, which is yet to come is a case management system. So once those documents have been filed, we need a way to index everything. The current Clerk’s office runs on a DOS-based system that was implemented in the 1990s and it’s just an index system. But court systems all around the country have very robust case management systems that outline exactly what’s going on in the case. And instead of having written orders, you do digital orders so that, so that those digital orders, are called minute orders, are captured right in the courtroom, real-time, by the Court Clerks, noting such things as the next court date or what happened in the court, in the court hearing. There’s still going to be a percentage of things that need to be done on paper and then uploaded as PDFs but we can probably capture about 80% of our orders fully digitized so that there is no paper but goes in digitally. And that is a great first step and it helps eliminate errors. It makes sure that there’s a clear record that’s available, it needs to be available. Web-based from outside the court system too so the lawyers and judges-

LN: So you mean you had to come down on a cold Chicago day

JM: Correct.

LN: to stand in line. To pay your money, to make your photocopy and then schlep back.

JM: Correct. I mean, right now, they’ve got electronic filing so we file, we’re required to file digitally but if you want to get a copy of what’s been filed digitally in a case, you actually have to travel to a court location, print it out hard copy, pay for the hard copy and then, of course, I go back and scan it back into the system. It’s not available web-based. It’s not web-based for download, just like the rest of the world works and that’s a problem.

LN: There are systems out there though, commercial systems out there that are designed to snap in and take care of that, correct?

JM: Correct, there are case management systems that are in use. Cook County has a tremendously complex court system with lots of divisions and different sections all over the county so we need to be very highly customized. Cook County has committed to about 36 million dollars towards a new case management system. Problem is, they want to use an off the shelf software. They tried rolling them out in the criminal division back in November. It is fraught with problems. There hasn’t been proper training for the users. Actually, the judges and lawyers and others, including the Sheriff’s Department, the State’s attorney, all of the stakeholders in the system haven’t been consulted with bringing that onboard and so as a result, we’ve got a system that is at risk of just being shelved and not used any longer because it’s just fraught with problems and errors and lack of user training. We need to do a better job. We need to train people. We need to consult with all the end-users to make sure that our case management system meets the workflow of the courts, not the other way around and our current Clerk has tried to implement it in a way to say, “Here’s a system we’re going to use. Figure out how to organize your court system around our computer system.” That’s the tail wagging on the dog.

LN: So as a reformer, you really plan to make changes to speed up and get rid of the backlog of cases that currently jam up the court.

JM: Yeah, well, right now, we’ve got a huge backlog as I mentioned in the Appellate Court. You’ve got a huge backlog because the Circuit Court’s not transmitting proper records up to the Appellate Court so you got a huge backlog in the Appellate Court and you end up having a much slower process at the Circuit Court level because it’s all based on our old paper system movement of files from courts to warehouses, back to the courts, back and forth. Things are lost.

LN: That creates lots of jobs, right?

JM: Well, that is really, you know, we’ve got a very unfortunate patronage problem in the Clerk’s office. Clerk’s office has about 1500 employees and there’s a tremendous amount of political patronage that’s controlled by the party machine. The old way of doing business. We can’t afford to do that anymore. We got to deliver good value to the taxpayers, particularly as we move to electronic systems. It’s no longer a system that can operate with paper where somebody’s job is to stamp paper and then move the pile over to somebody else to stamp something else. It’s now a much more technical job so we need to make sure we’re doing a better, making sure we’re doing a better job of training Clerk staff so that they can digitally record minute orders as I talked about. Make sure that our court records are being kept but that is going to require a lot of training. I have had discussions with the city colleges of Chicago and some of our community colleges to having a new program, a certificate in paralegals, a paralegal certificate for Cook County Courtroom management.

LN: Take the staff and put them through there to actually take the people that are there and make them more efficient by investing in their training.

JM: Correct, correct. So they’d have paralegal certificates in Cook County Courtroom management and that would make sure our systems are very uniform and automated so that everybody who interfaces with the court can rest assured that our court system’s going to operate transparently and efficiently. And so we need to do that, our employees deserve it and I think the public deserves the transparency that that would bring.

LN: Well, thanks for being on the show, Jacob. This has been really great.

JM: Well, thank you for having me. Happy to come back on again.

Other Related Articles on Cook County

More About Cook County Clerk of the Circuit Court

http://www.cookcountyclerkofcourt.org/NewWebsite/Home.aspx

What Constitutes Biometric Data?

Facebook’s record-breaking $5 billion settlement, proves the FTC takes consumer privacy very seriously. Will Facebook’s settlement spark other class-action lawsuits based on claims of privacy abuse relating to the Biometric Information Privacy Act (BIPA)? Forensic Expert Lee Neubecker and attorney David Rownd from Vedder Price discuss the ramifications of this settlement and dissect what really constitutes biometric data?

Part 2 of our 3 Part Series on BIPA

The Video Transcript Follows.

Lee Neubecker (LN): I am back again with David Rownd, and David’s going to talk a little bit more about BIPA. We’re talking about in the news recently, Facebook just reached a very large settlement related to claims of abuse relating to BIPA. What does this mean with such a large settlement? Is this inviting all the plaintiff attorneys to file more and more class-action lawsuits?

David Rownd (DR): Well, this has been a very active area of the law, and yes, the answer is yes. There’s a lot of class actions going on in this area, and it’s largely as a result of the low threshold to become a plaintiff in that you don’t have to establish specific damages, and the mere fact that the law has been violated can make you an aggrieved party who has the standing to file a lawsuit.

LN: Just so we can be clear, can you give some examples of what constitutes BIPA biometric data and what isn’t?

DR: Well, fingerprints are biometric data, a retina scanner, the veins in your hands can be evaluated as biometric data, and other things as well.

LN: What about the way you walk or the way you talk?

DR: Their voice recognition has been considered to be biometric data. Handwriting is not biometric data.

LN: So, devices like Siri and Alexa, is there a potential they’re going to fall into that?

DR: I think that that is certainly a possibility.

LN: So are we going to have to sign a contract before we use Alexa or Siri to protect, for them to be protected?

DR: I wouldn’t propose to advise Siri and Alexa as to how to conduct their business.

LN: Very good answer.

DR: I think that there is a possibility, certainly.

LN: So what do you think the future holds for BIPA-related lawsuits?

DR: Well, this is certainly an opening for plaintiffs lawyers to go after, and you see this in a variety of different areas where the law creates a low threshold to get in the courthouse door and potentially high exposure for defendants. You have plaintiffs lawyers who are attracted to that and they go after it, and that’s currently what’s happening now with BIPA in Illinois and why there are so many lawsuits filed.

LN: And I think it relates to, the fees are based on each instance of biometric data, so potentially you have multiple videos, multiple pictures, this data is stored, and if you can be aggrieved without the data even getting hacked, it’s a very large potential, which is probably why Facebook settled because what it could be much greater. And they probably weighed their risk and decided it made sense to settle.

DR: I think that’s probably right.

LN: Well, thanks again for being on the show, I really appreciate it.

DR: All right, thanks for having me.

View Part 1 of our 3-Part Series on Biometric Data

Part 1 of our 3-Part Series on Biometric Information

Other Related Articles on Biometric Data

FTC’s Press Release on Facebook’s settlement on Biometric Data

https://www.ftc.gov/news-events/press-releases/2019/07/ftc-imposes-5-billion-penalty-sweeping-new-privacy-restrictions

If you live in Illinois and use Facebook read this story from WGN, about Biometric Data.

https://wgntv.com/2020/01/30/facebook-may-pay-550-million-to-illinois-users-to-settle-lawsuit/

Optimize eDiscovery With AI

You’re looking for the smoking gun and have tens of thousands of documents to review. Experts Lee Neubecker and ZyLAB’s eDiscovery Director, Jeffrey Wolff say Optimize with AI and make your review easier!

Optimize eDiscovery with AI! Lee Neubecker sets out on a quest to find out what’s happening with Artificial Intelligence as it relates to the eDiscovery review process. Lee visits eDiscovery Director, Jeffrey Wolff from ZyLAB and together they examine how new AI algorithms are coded for priority review and can rank documents for relevance, saving countless hours and dollars for the client. Utilizing new AI will optimize your current eDiscovery process.

Part 2 of 3 Part Series on Smarter Solutions eDiscovery

Part 2 of our 3 Part Series on Smarter Solutions in eDiscovery

Optimize eDiscovery with AI Video Transcript Follows

Lee Neubecker (LN): Hi, I have Jeff Wolff back on the show again from ZyLAB. Jeff, thanks for coming back.

Jeff Wolff (JW): Thank you.

LN: And today we’re going to talk a little bit more about trends in Artificial Intelligence as it relates to eDiscovery and the review process that comes along with that. Jeff, what do you see happening right now with Artificial Intelligence as it relates to the eDiscovery review process?

JW: So what we’ve noticed over time is that, traditionally, Artificial Intelligence was always deemed to be only valid in cases where you had hundreds of thousands or millions of documents. And one of the changes that have happened over the last few years is that the Artificial Intelligence models have gotten so much better than you can now use them for much smaller data sets, and so we evangelize the use of Artificial Intelligence in smaller data sets, even, a thousand documents, you’re going to get a better review, more efficient, and more correct, faster, with AI than you would with a team of reviewers.

LN: So if you have a project and you’re using your platform, let’s say there are a million pages of documents that need to be reviewed. You put a review team on starting that process, and they start categorizing and coding, as they get through the first ten thousand documents, what is your software doing to help make this process more efficient and effective for them?

JW: Sure, so if you’re using traditional, what we call supervised machine learning, that used to be referred to as predictive coding, what our software allows you to do is train a small training batch, so a small sample of the documents, and code them for responsiveness, whether they’re responsive or not responsive. And we’ve made it very easy for users to do that. So, you can create issues, and for each issue, you get two tabs, responsive or not responsive, and you just train, you look through a bunch of training documents and you tag the documents appropriately, and the machine classifier learns, very quickly, what is responsive, what is not responsive. So, maybe after two or at most three training batches, the classifier is now bringing you back almost exclusively responsive documents. It’s already smart enough to do that. And so you only need a few training rounds to get the classifier well over the 80%, typical 80% precision and recall threshold that most attorneys feel is what the human is capable of, but the machine will do 90, 95% precision and recall, so you can be assured, not only are you getting a more efficient and more correct review, but you’re also doing it in a whole lot less time with a whole lot fewer people.

LN: And so, are your algorithms looking for synonyms, and similar phrasing that has equivalent word matches?

JW: It’s a bit of secret sauce. But, yeah, we use a support vector machine-based set of algorithms, kind of the most modern version of machine learning. And it is effective, it understands what our topics that were identified in the document, and what other topics are like them. So that’s how it’s doing an identification. But you’re effectively training in or on that.

LN: So the people using your platform, are they having to necessarily review all of the documents, or are you basically, based on the trained review process, you’re taking that universe of a million, and as they get through it, it’s starting to cluster.

JW: Correct.

LN: There’s a set that, this probably isn’t useful, and you don’t have to look at it, but you can look through it just to see.

JW: Sure.

LN: They have confidence that it’s not excluding relevant stuff, right?

JW: Yeah. What we find from an AI standpoint is that the two primary use cases that attorneys have when they use AI are priority review, so that means hey, I’m going to start teaching the data about, the classifier about my data set, and I’m going to show what responsive documents look like, and then I want it to rank all the remaining documents for me for relevance. And so I’m going to then put eyes on those top-ranking documents. That’s effectively looking for the smoking gun, right? That’s one. But they also use it a lot for QC and this is where I see I’m trying to put a lot more attorneys into utilizing AI, is you’ve already done your tagging, and you had eyes on all of your documents, now go back and use the AI and compare it against what your human reviewers did, and see if you’ve missed things. Because inevitably, your reviewers are not going to be all at the same level. Some people are going to miss-tag documents, and the AI has a really good chance of picking up those mistakes and showing them to you.

LN: So have there been any published studies that document the effectiveness of AI with the review process?

JW: There’s been a bunch of them. I know Law Geeks did one that was pretty interesting. What I’ve read recently is that only about, nationally, about 4% of all cases use Artificial Intelligence officially. But then again, there’s no requirement, in the meet and confer that you identify that you are using Artificial Intelligence in a discovery case. So a lot of attorneys can be used, and just not reporting it. Which is fine, because back when the review was manual, and you went through paper and bankers boxes, you didn’t have to document the process for that review. So why should you have to document the fact that you using a machine to do some of the identification of documents and responsiveness today?

LN: So are there potential problems as a result of using AI for failing to produce relevant documents?

JW: No, I think the case law already demonstrates that AI is an accepted form of using, of identifying reviewed documents, and again, even if you’re just using it for QC purposes, you’re still better off. You’re still less likely to miss things than if you hadn’t used it at all.

LN: Great, well, it’s been great. Thanks a bunch for being on the show.

JW: My pleasure, my pleasure.

View Part 1 of our 3 Part Series on Smarter Solutions in eDiscovery

Part 1 of our 3 Part Series about Smarter Solutions and eDiscovery

Other Articles about Artificial Intelligence (AI)

More related articles

To Learn More about ZyLAB’s Ability to Optimize eDiscovery With AI

https://www.zylab.com/