Tuesday, March 11, 2008
"Positive Pay" for ACH? Complicated, Expensive... And Not Here Yet.
New Service Enables Consumers to Deposit Paper Checks Electronically
Wednesday, February 27, 2008
Business Reaches the "Tipping Point" for Email Authentication
Check Fraud on the Rise -- National Consumer Protection Week March 2-8
Protecting the Electronic Notary Journal from Tampering
Tuesday, February 12, 2008
Widespread Use of Hashing, Key-Based Encapsulation of Data Imminent
US Government Printing Office Authenticates Need for eDocument Integrity
IT + Legal BFF to Prevent Document Tampering
Thursday, January 31, 2008
Documentation Fraud Key to FBI Investigations of Mortgage Industry (Wall Street Journal)
Now, the FBI is taking a closer look at possible fraud in the secondary market for mortgages, which could implicate well-known financial firms. The faltering U.S. housing market and a rise in defaults and foreclosures, particularly among low-end borrowers, has whipsawed global stock and bond markets, led to the dismissal of Wall Street chiefs and resulted in losses by banks, hedge funds and securities firms."
One potential angle is whether real loans were used to create mortgage securities. Typically, a mortgage security might hold thousands of mortgages. Among other things, the Justice Department is likely to look at whether one mortgage was replicated across multiple securities as underwriters sought to meet high investor demand.
"On Jan. 17, the Florida Attorney General issued a subpoena to Countrywide. Among other things, the subpoena asks Countrywide to describe the standards it used to determine whether borrowers qualified for a prime, subprime or Alt-A mortgage and for no and low documentation loans. The subpoena -- which covers the period from Jan. 1, 2005, to the present -- also asks the company to explain how its underwriting standards may have changed over time. It also asks Countrywide for copies of "promotional advertisements, literature, booklets" and other materials aimed at subprime customers as well as for copies of any scripts or instructions given to Countrywide employees."
"The attorney general is "looking for information regarding whether or not consumers have been taken advantage of and whether or not any of these business practices may potentially violate Florida law," says a spokeswoman for Florida attorney general Bill McCollum. The attorney general is conducting "a widespread review of the mortgage industry," she says."
Monday, January 28, 2008
Low-Level Société Générale Insider’s Forgeries Cost Bank $7.2 Billion
Thursday, January 24, 2008
Large Percentage of Emails Found Unusable in Court Cases
Citigroup Pays Up, Big Time, for E-Discovery Software
The customer wasn't identified by Autonomy, but insiders say that it's the global bank Citigroup. Autonomy bought Zantaz for $375 million in July, 2007. The company makes products for archiving, compliance and e-discovery. Desktop Legal Hold (DLH) enables customers to quickly identify, set aside and organize documents and emails pertinent to lawsuits. Could it be that Citigroup bought DLH to prep for the onslaught of lawsuits it is facing from investors and others over the sub-prime mortgage lending crisis? Hmmm...
Free Download! Gartner's E-Discovery Vendor Market Analysis
Friday, January 18, 2008
ProofSpace's Dave McClellan
Labels: cabinet ng, data authentication, data integrity, digital signatures, docusign, e-discovery, electronic discovery, proofmark, proofspace, RFC 3161, surety, time stamp, timestamp, timestamping, X9.95
Tuesday, January 8, 2008
Countrywide Tells Judge It 'Recreated' Letters
It's early in the year, but we agree with our friend Steve Teppler when he says this statement, from Countrywide's spokesman is an early contender for most obfuscatory spin of 2008: "A spokesman for the lender said: 'It is not Countrywide's policy to create or 'fabricate' any documents as evidence that they were sent if they had not been. We believe it will be shown in further discovery that the Countrywide bankruptcy technician who generated the documents at issue did so as an efficient way to convey the dates the escrow analyses were done and the calculations of the payments as a result of the analyses.'" English translation: It's not our custom to create or fabricate, except where we think no one will notice. In such instances, we will pile on the technical language in an attempt to blindside any inquiry. Also: "They were not generated to prove that they had been sent" Translation: They were generated to make people believe they were sent, not to prove they were sent. Jeez, can't you guys get it?
Amateur Time Hackers Play With Atomic Clocks at Home
Wired Magazine reports that with the end of the Cold War, and with telecommunications technology advancing rapidly, surplus stores and eBay have filled up with discarded precision time equipment once exclusive to government labs. Cesium clocks, rubidium clocks and even the occasional hydrogen maser can be had for less than a decent laptop. A recent search on eBay turned up an HP 5061B cesium standard for sale for $2,000, and you can get a telecom surplus rubidium standard for less than $400. Some of this equipment costs upwards of $50,000 new. Their access to once-forbidden technology lets the time hackers play in a realm of precision that underpins the modern technological world. A select few, like Tom Van Baak, have started exploring the underpinnings of the universe.
Cabinet NG Partners With ProofSpace to Authenticate Document Management
Cabinet NG, the preeminent automated document management and workflow solution for small enterprise businesses, and ProofSpace today announced an agreement to embed ProofSpace's patented ProofMark™ digital tamper-detection technology into Cabinet NG's flagship document management solution, CNG-SAFE. The ProofMark technology will be initially made available as an advanced authentication plug-in to CNG-SAFE, which consolidates all of a company's information into one organized and easy-to-use system. Targeted at Cabinet NG's financial industry customers, the ProofMark enhancement package will enable companies to better protect high-value documents and transaction records, and prove the authenticity of those records to regulators, auditors, clients and courts. You can read more about the deal right here.
Law.com Posts Great List of E-Discovery Blogs and Tools
Robert J. Ambrogi, writer for Law Technology News writes in a two-part column that no lawyer today can afford to ignore electronic data discovery. "No matter the case, digital data is likely to be implicated. That means lawyers urgently need to understand EDD and keep abreast of developments in the field." In the first column, he looks at some of the more useful Web sites for learning about and keeping current with this essential area of practice. In the second, he surveys blogs about e-discovery and look at some vendor sites that include useful resources. Both are great bookmarks for any of you out there who are trying to catch the tiger-by-its-tail that is modern E-discovery.
Tuesday, December 11, 2007
The Top Five E-Discovery Cases of 2007
As the one year anniversary of the amended Federal Rules of Civil Procedure (FRCP) approaches, our friends at Kroll Ontrack (one of the industry's largest providers of electronic discovery and forensics services) laid out a breakdown of important electronic discovery opinions from 2007, as well as a list of the year’s top five most significant discovery cases. Focusing primarily on interpreting the new FRCP, common topics reoccurring in judicial opinions issued in 2007 included: the importance of early case conferences, the accessibility of electronically stored information, and what to do when parties fail to play by the new rules. Among the five: the historic Lorraine v Markel decision, in which the Magistrate judge ruled emails inadmissable as evidence because of questions as to their authenticity. The court held there is a five-point test in determining the admissibility of electronic evidence. ESI must be 1) relevant, 2) authentic, 3) not hearsay or admissible hearsay, 4) the "best evidence", and 5) not unduly prejudicial. The court stated, "it can be expected that electronic evidence will constitute much, if not most, of the evidence used in future motions practice or at trial, [and] counsel should know how to get it right on the first try."
Establishing Authenticity: Is Hashing Enough?
ProofSpace technology wonk Jacques Francouer writes "There has been extensive discussion and use precedent in the legal and security fields around hashing, its use and its value--real and perceived. Even though its robustness and usefulness are incontrovertible in the security world, hashing's perceived value in the legal field (for the purpose of establishing the authenticity of Electronically Stored Information) could benefit from some clarification. For a hash to be secure and useful for legal applications, there must be some additional mechanism to protect and preserve the unique association between the data that is hashed, a trusted time datum, and the original hash result." Read more of his discussion right here.
Monday, November 26, 2007
Exclusive Sneak Peek! Save $300 on ProofMark Unlimited™ Bundle
ProofSpace announced availability of our new ProofMark Unlimited bundle, at special friends-and-family pricing. Until December 31st, you get the entire ProofSpace product line: ProofMail, ProofDoc and ProofMark On Demand for only $200 for a one-year subscription, with unlimited ProofMarking and validations. That's $300 off the retail price! Each of the new products offers a unique way to use the patented ProofMark technology to protect your most important documents and emails. With ProofMark On Demand, you can ProofMark virtually any file over the web, even when you're away from your primary computer. With ProofDoc, you get your own personal ProofMark engine, right on your PC desktop or shared server. And ProofMail makes it incredibly easy to digitally seal incoming or outgoing email. Claim your $300 discount now.
CERN Research Paper Urges "Checksums Everywhere"
Error levels in modern magnetic storage are very, very low. Unfortunately, personal hard drives are now very, very big--and that means you're virtually guaranteed to have multiple corrupted files on your disk, just by virtue of its sheer size. That according to a recent study out of CERN/IT, the IT group at the world's largest particle physics laboratory. According to the executive summary, "We have established that low level data corruptions exist and that they have several origins. The error rates are at the 10Exp-7 level, but with complicated patterns. To cope with the problem one has to implement a variety of measures on the IT part and also on the experiment side. Checksum mechanisms have to implemented and deployed everywhere."
ProofSpace Announces E-Discovery Framework
The worlds of Information Security and e-Discovery are coming together in a structured framework to encourage discussion among legal, security and records management professionals. Last week ProofSpace introduced the Information Security e-Discovery Framework (ISEF), a unique framework for discussing the specific role of information security before, during and after e-Discovery. The objective--bridge the gap between legal and security stakeholders. The result--a more effective response and successful outcome to an e-Discovery process. Soon a discussion white paper will be released, explaining how the ISEF was created and how it can be used. This release will also initiate a comment and review period on the ISEF. View the announcement PDF here.
The Next Big E-Discovery Challenge: Authenticity
Up until now, most of eDiscovery has been basic "blocking & tackling". That meant a lot of cataloging and indexing of data, records retention work, legal holds, destruction policy establishment, and deploying "vaulting" technologies. But the future costs and benefits of eDiscovery will likely pivot on something much different: how you handle authenticity challenges used as a negotiating tactic in a lawsuit.
Thursday, November 15, 2007
Publicity-shy Sedona "Working Group One" Meets in Hilton Head
Mark Reichenbach writes in his blog about the very quiet star chamber gathering last week at Hilton Head, South Carolina for the Sedona Conference Working Group One annual meeting. He writes, "Before you ask, there will be no blogging from Sedona, er, Hilton Head. It doesn't work that way." Earlier in his post, he reports "Analogous to the Paris Air Show and its relation to the spy community, Sedona's annual meeting brings together a special combination of the brightest and best in the e-discovery legal community... make no mistake, there will be new work product teed-up for discussion, and you should understand that even though the dialog 'stays in Sedona' the fruits of the group's collective effort don't." Past publications from the influential group can be found here.
Cargoes Stolen with Counterfeit Electronic Release Documents
The International Transport Intermediaries Club (ITIC) warned members that misreleases of valuable container-ship cargos are becoming a major factor in claims by principals against their agents, and claimed that carelessness in dealing with telex releases has contributed to these losses. "Telex release" is the industry term for the release of cargo at one port when the original bill of lading has been surrendered at another. Today, despite its name, the telex release is almost always made by email. There have been multiple accounts of telex releases (emails) received by discharge port agents which have been manipulated to appear as though they have originated from the load port agent, and authorizing the release of cargoes and confirming that freight has been received, when it has not. ITIC is now recommending that agents verify the authenticity of messages before releasing cargo.
Iron Mountain Buys e-Discovery Software Provider Stratify
Byte and Switch reported last week that Iron Mountain will shell out $158 million in cash to buy e-discovery vendor Stratify Inc. "Customers have been asking us for this... It's a white-hot market, by all accounts a billion-dollar market... We're seeing estimates between $4 billion and $12 billion in the next few years," said Iron Mountain president and COO Bob Brennan during last week's earnings conference call. Stratify's applications sift and search email, scanned documents, and electronic files for specific items, and they also map out relationships among threads and document groups, which attorneys can review when preparing for litigation. Iron Mountain will probably also attempt to leverage Stratify's Digital Repository to enhance its information retrieval services.
Universal Data Retention Specification Demoed... without Data Integrity Safeguards?
Computerworld reported last week on a new "universal" data retention spec that "divorces data from the applications that created it". While the article doesn't really offer much detail on how the technology actually works, the really interesting omission is any mention of security or control mechanisms in the proposed protocol. Brings to mind an early large-scale XML implementation at a large financial services firm that a ProofSpace staffer worked on in a previous life, where nobody gave access control a moment's thought... and the systems ended up being wide open to anyone who got their hands on the data definitions.
Vendors such as EMC Corp., Hewlett-Packard Co., Sun Microsystems Inc. and Vignette Corp. demoed their software interfaces for the new specification that offers a universal way for users to store and access unchanging or fixed data regardless of the application that created it. The specification, eXtensible Access Method (XAM), was demonstrated at Storage Networking World last week for the first time. The specification was announced last spring and is expected to be presented to the American National Standards Institute for review as a standard early next year.
Chain-of-Custody... Or Chain-Saw?
"Exploring the issues surrounding chain of custody for electronic evidence may sound like a great cure for insomnia... But a string of recent judicial sanctions over chain of custody for electronic evidence has made the dry issue a hot topic: One that can make or break your case." In other words, unless you can prove chain-of-custody and data integrity for any electronic documents that your lawyers are trying to submit into evidence, you're going to find yourself up a legal creek without a paddle. That's what Christy Burke writes in this month's Law.com Legal Technology column. "...in the next two to four years, most or all states will be creating legislation with real teeth when it comes to keeping scrupulous security measures to secure digital evidence and ensure a proper chain of custody."
Storage on Trial
What is a good data-retrieval plan worth to a company caught up in litigation? For Morgan Stanley, $15 million. The average Fortune 500 company has over 150 lawsuits in active litigation at any given time. As document retrieval requests from the legal department start piling up, IT departments are just starting to realize how big and scary the eDiscovery monster really is, with retrieval eating up increasing amounts of IT time and budget.
In 2006, Morgan agreed to pay the hefty $15M fine to resolve an investigation by U.S. regulators into its failure to retain e-mail messages. E-mail played a central role in the (later overturned) $1.58 billion judgment in favor of Ronald Perelman in the case of MorganStanley v. Coleman. Perelman is a billionaire investor who said he was defrauded by the firm over the sale of a business. The judge, frustrated by Morgan Stanley’s inability to produce e-mails demanded by Perelman’s lawyers (the firm said backup tapes had been overwritten), took the unusual step of shifting the burden of proof to Morgan Stanley, so that the firm had to prove its innocence.