Q. Does the electronic transmission of data from the United States to a foreign legal services provider waive Fourth Amendment protection with respect to the data that is electronically transmitted?
A. While this question is waiting for clarification in federal court, here is a review of the arguments.
Q. What is hashing? Does it take into account only the file contents and not metadata?
A:
This summary from the Litsupport Group postings created by the wonderful and talented members of the group has been culled by Mark Kerzner (mkerzner@top8.biz) and edited by Aline Bernstein (aline.bernstein@gmail.com).
A. While this question is waiting for clarification in federal court, here is a review of the arguments.
- Obviously the big draw for overseas outsourcing is a large reduction in cost, but is it legal and what about the question above? Markets like New York and Chicago have been outsourcing for years, but others are more cautious;
- Since we know that the US government is monitoring all foreign traffic, when in doubt, encrypt and overnight hard drives;
- The US government has organizations that break almost any type of encryption;
- Forget the government: if your case has anything to do with a defense contractor, a financial institution, the auto industry, etc., it is highly probable that someone is actively looking for information on the web;
- US government does not have the time or resources to listen to all information flowing in and out of the US;
- Physically shipping ESI on encrypted media solves all issues;
- If there is a breach of data (Intellectual Property Theft) in a foreign country, what is the client's recourse?
- More discussion here.
Q. What is hashing? Does it take into account only the file contents and not metadata?
A:
- Hashing can be done on any desired combination of data/metadata, and it is common to run a hash code on email body+attachment file name/content+selected metadata to support deduplication;
- For signature purposes metadata should not be included - there may be a question as to which metadata to include - and of its relative natures (such as dates and time zones where hash is computed);
- An MD5 or SHA-1 hash is calculated over any set of data. You can have 2 files which contain the same data, but with different file system MAC dates and file names, and they would have identical MD5 or SHA-1 hashes. The hashes in this case tell you that the contents of the files are identical;
- One use of hashing is to create an evidence container file that contains a collection of files, including full paths along with the related MAC dates, etc., generate a hash of the evidence container file, and use it to validate the collection;
- Here is an article on hashing, though its conclusions are open to debate.
No comments:
Post a Comment