Wednesday, 31 October 2007

UK House of Lords attacks government response to cybercrime report

Disappointing news this week about the UK government’s poor response to the House of Lords Science and Technology Committee report on Internet security (which originally came out in August).

The Lords committee has criticised the government in no uncertain terms - the Earl of Erroll, a member of the committee, said, “Unfortunately, the government dismissed every recommendation out of hand, and their approach seems to solely consist of putting their head in the sand."

The report was also criticised by Richard Clayton in a pretty strongly-worded post on his blog. Clayton was involved in assisting the Lords committee.

Ho hum, back to the coal face.

Monday, 22 October 2007

E-discovery seminar and downloadable presentations

I attended a very interesting e-discovery seminar just over a week ago in Washington DC, organised by GTSI and with an excellent set of speakers. Metadata and archive formats (ODF and PDF/a are key archival formats) were mentioned frequently.

The presentations are all available at this page.

E-discovery and the FRCP amends – one year on

It’s nearly a year since the US’s Federal Rules of Civil Procedure (FRCP) that govern e-discovery were amended. CNET has an excellent round-up of recent legal cases covering the discovery of electronic data – really a must-read for anyone concerned with this area.

The author also quotes Williams v Sprint, a slightly older case from 2005, where the judge ruled that where electronic documents are required to be produced, they must be in the original format including metadata. This still seems to be a grey area, and the FRCP guidance seems to also have picked up on the judge’s statement in this case that producing documents “as they are maintained in the regular course of business” is sufficient.

The lesson? Put in place a policy now that manages and cleans metadata in business documents, before any litigation!

Monday, 15 October 2007

Error by FTC gives away Whole Foods’ business secrets

This Sunday’s Observer newspaper in the UK carried a book review talking about innovative business practices that mentioned Whole Foods as an example of using new internet techniques (not sure if that includes your CTO criticising rivals online under a pseudonym?)

Anyway, it reminded me of the bizarre story from August: the Federal Trade Commission (FTC) managed to electronically file documents as part of a court case involving Whole Foods Market’s proposed $565 million takeover of Wild Oats Markets. The words looked redacted but were just shaded black.

The accidentally revealed portions included Whole Foods’ marketing strategies, and how it apparently negotiates with suppliers to drive up costs for Wal-Mart stores.

Guess what? The Associated Press managed to download the document before the FTC realised their mistake and replaced it with a clean version. The Washington Post has the full story here.

Come on guys, it’s not rocket science to avoid these mistakes. Is it?

Sunday, 7 October 2007

Company insiders are biggest IT security threat

According to the Computer Security Institute, the biggest threat to corporate IT security isn’t viruses, it’s insiders.

The CSI has released its 2007 “Computer Crime and Security Survey” – there’s a good write-up here and you can also download the full report (PDF).

The report is based on responses from IT security staff in U.S. businesses and government bodies. 59% of respondents reported “insider abuse of network access or e-mail”.