What you need to know about China’s Cybersecurity Law

by Lauren Grest on June 9, 2017 in Legal Developments with No comments

In June 2017, the People’s Republic of China is implementing its controversial Cybersecurity Law. The government is becoming more involved with data protection and strengthening enforcement. Up until now, its current rules have not been clearly defined or regularly enforced, so it is important to keep up with developments or risk getting caught off guard.

Unlike Japan’s focus on protecting data, China turns its attention to the network operators managing data. Below are some key facets to its new policy.

1. Data stored in mainland China: The new law insists that Chinese citizens’ “personal information” and “important data” be stored on servers within its borders. Any companies claiming an exception that is “truly necessary” must undergo a security assessment before information can be released.

2. Law applies to network product and service providers: The majority of the new law’s provisions apply to “Critical Information Infrastructure Operators” (CIIO) possessing data critical to China’s security. Industries predominantly targeted in this new definition include financial, transportation, health care, utilities and telecommunications.

3. Stronger data protection provisions: Supplementing existing data privacy guidelines in China, network operators must first obtain their clients’ consent before collecting and disclosing personal information, including the reason for the disclosure, and take measures to ensure the security of personal information.

4. Security examinations: All network providers must pass a “network security examination.” This includes specific requirements that network operators must follow when purchasing new network systems.

5. Severe consequences for noncompliance: While specific penalties are unknown at this time, cancellation of a business license is part of the current regulations. Additionally, the new regulations require CIIO’s to establish violation reporting mechanisms, suggesting that China is taking the new law very seriously.

As legal and technology professionals in law firms and corporations prepare for the data protection implications of the EU GDPR, do not disregard important changes afoot in Asia. Most importantly, seek guidance from local, in-country experts, prepared to help you collect, host and transport data in investigations, litigation or regulatory matters around the world.

The lowdown on Japan’s APPI amendment

by Lauren Grest on May 25, 2017 in Legal Developments with No comments

On 30th May 2017, Japan’s historic Act on the Protection of Personal Information is going to be amended (APPI) . The APPI in its current form has been unchanged since the early 2000s and is one of Japan’s oldest data protection laws. The decision to amend APPI are, like other forthcoming updates to data protection legislation like the the GDPR, is in reaction to rising data volumes, increased data breaches and increased concern over privacy.

What does the amendment change?

1. Creation of the Personal Information Protection Commission: The amended APPI went into partial effect in 2016, creating the Personal Information Protection Commission (PPC) as a central, independent regulatory authority with enforcement powers.

2. Two new classifications: Two information classifications will determine whether data can be transferred and if the owner of that information can give consent to its transfer: sensitive information and anonymised information. Sensitive information (information about a person’s race, creed, social status, medical records, criminal history, etc.) receives enhanced regulatory protection, with the person’s content required before such data can be transmitted. Anonymised information (personal information where there is no possibility of identifying the person) can be transmitted with restrictions but without the express consent of the individual.

3. “Opt-in” is now “opt-out”: The current rules require the user’s permission before personal data can be transferred. Under the amendments, companies can share data without permission if they disclose certain information to the user beforehand, such as the nature and purpose of the personal data being provided, and the way the data is being provided. The company transferring the information must also give the user the option to opt out of the transfer before it occurs. Businesses must disclose to the PPC if they will continue to default to an “opt-out” policy, or change the process transferring information to a third party. The PPC will make these changes known to the public.

4. International data transfer policy: For the first time, the APPI will address international information-sharing. Any company transferring personal records outside Japan’s borders will need the user’s permission, and opting out will not be an option unless the foreign jurisdiction has similar privacy standards.

5. Sanctions for noncompliance: The PPC is enacting a two-tiered criminal penalty measure into the APPI and its guidelines. A negligent violation will bring about an enforcement notice ordering the company to either correct the issue or halt data transfer operations. Failure to comply may result in imprisonment up to six months or a fine up to JPY 300,000. Intentionally stealing or providing personal information for a dishonest purpose may result in a direct penalty of up to one year in prison or a fine up to JPY 500,000.

Companies and law firms who are processing data in Japan will need to be pro-active and vigilant in order to comply with these changes. For truly international companies who are preparing for GDPR, the changes will mesh well with their compliance plans. For smaller companies or those operating only in Japan, it is like to be more of a challenge.

Ediscovery Costs: Pay as you gone?

by Hitesh Chowdhry on May 17, 2017 in Best Practice & Top Tips, Pieces of Interest with No comments

eDiscovery On-Demand

In today’s no-frills ‘on-demand’ economy, customers apparently want to rent rather than own things. Why commit to purchasing a car when you can order a cab instantaneously? Why take on permanent lawyers in-house when you can hire temps as and when required? And in the ediscovery world, why pay astronomical sums to license technology in-house when you can tender out work to vendors on a project-by-project basis? The way ediscovery technology is bought and sold is a hot topic.

The latter ‘pay as you go via tender’ model has been the preferred modus operandi for most law firms in the UK and Ireland. Many of the firms who have tried to make ediscovery into a ‘profit centre’ by licensing technology in-house have failed to do so. In my experience the reasons for this have included the following:

The up-front hardware costs can be enormous;
Technology becomes obsolete quickly and law firms are not set up to maintain it;
A small team (often only one person) within the firm knows how to operate the technology. The firm therefore becomes overly-reliant on those people; as and when they leave they take the key operational knowledge with them. One firm I deal with has been without a litigation support manager for 2 years and hires external consultants to operate their system on an ad hoc basis;
The ‘profit centre’ argument may make sense on paper, but in reality the technology cost is often the first line item to get written off of a client’s bill.

A False Economy?

That said, the tender model is not without its difficulties. Ediscovery is not a taxi service – it is a complex blend of technological and consultative processes which requires matter-specific application. Not to mention time and costs. Associates often spend an inordinate amount of (non-billable) time comparing quotes that seem to require a PhD in Mathematics to comprehend. Even if estimates are put into a standardised format, predicting data volumes can be as kind to the forecaster as predicting the British weather. All of which goes against the maxim that costs in litigation should be both reasonable and predictable.

The reality is that ediscovery is an integral part of the modern litigator’s practice needs. Whilst only some matters proceed to the disclosure stage, the perusal of electronic data is often necessary to assess merits at the outset of a matter. At that stage a client is just about content to invest money in legal advice, let alone to approve a disbursement for technology to enable that advice. Lawyers now need the comfort of an in-house system where they can upload data as and when they please without incurring the stress, time and moreover the uncertainty of a full-blown tender process. Could you imagine having to contact three or four companies every time you needed to conduct some legal research or find a precedent? This has led to forward-thinking law firms pursuing a third option for the procurement of ediscovery services – the subscription model.

Just Sign Here…

A subscription model (aka a Software as a Service model) is a fully-flexible solution which allows you to pay a fixed monthly sum for a certain volume of data to be hosted across an unlimited number of matters. The pricing is set out in ‘bands’ so that you have the flexibility to increase your hosting volume without incurring any extra costs up until you reach the next tier. Each offering is designed bespoke to the client’s needs. The advantages are as follows:

There is far greater certainty on costs than under a ‘pay as you go’ model;
Lawyers can save significant time and stress by avoiding the tender process;
There is a tangible value-add to point your clients to. ‘Innovative’ has become an overused buzzword in law firms’ self-descriptions. Relieving clients of the uncertainty of ediscovery costs and being able to analyse key electronic data immediately when instructed on a matter are strengths to genuinely shout about;
There is no need to worry about paying huge up-front sums to invest in technology. Your provider will maintain the hardware and software in their own data centre. Moreover, you will have the ability to host data in any of the provider’s global centres and on any of the review platforms that they offer. I have come across dozens of organisations who are using an outdated review platform purely because at the time they licensed it, it was cutting-edge. As Blackberry has discovered, 5 years is a long time in business;
You can build a relationship with people at the provider, and set in motion a style of working that suits your firm, so that you receive a consistent, repeatable service. There is also no concern about an over-reliance on one person at your firm; some of our project managers are considered by their clients as extensions of the legal team.
You can decide how to bill your clients for ediscovery services.

How much does it cost?

Naturally, firms will be concerned that a subscription model is only suitable for those firms with the deepest pockets. That is simply not the case. Rather than focusing on costs, you are advised to approach vendors with a ‘wish-list’ of services and a budget in mind (it may be the last time you need to contact more than one provider). We have law firms who are able to service their clients’ needs with a spend of around £10,000 per annum. Small change for speed, reliability, and a competitive advantage.

Time to get off the app and into the driving seat.

Subject Access Requests: managing the process with minimum pain

by Lauren Grest on April 26, 2017 in Best Practice & Top Tips with No comments

What is a Subject Access Request?

Under section 7 of the Data Protection Act 1998 (DPA), individuals are entitled to access the information that an organisation holds about them. The majority of subject access requests arise from former employees who are engaged in a dispute. However, in this privacy-conscious age, some individuals may simple want to know what personal information a company is holding.

How common are Subject Access Requests?

Because requests only cost £10, more companies are receiving requests from disgruntled ex-employees who want to know what information their former bosses have on them.

How do I fulfil a request?

Delivering the information held on an individual can be surprisingly challenging. Businesses must carry out detailed searches which can include information held in emails, databases, paper records, CCTV records and spreadsheets. In the age of big data, what seems like a simple request on the surface can quickly become complicated and time-consuming.

Once collected, the data must be disclosed in an intelligible form. Where necessary, companies must include supplementary explanatory information (e.g. if codes have been used) and supply context to the data that has been held, outlining:

What personal data has been collected?
How was the data obtained and from which sources?
Why was data pertaining to the subject processed?
Who has received data about the subject

What can be done to make the process easier?

1. Get your house in order
Sprawling data estates and inconsistent approaches to archiving can make searches difficult and inaccurate. Improving information governance in general is best practice, not only for handling subject access requests but for compliance with other legislation such as the GDPR.

2. Nominate a point of contact

Subject access requests must be completed within 40 days of receiving the request. Given the breadth of information held, the request is often handled via multiple departments. Cooperating across departments can challenging and 40 days can quickly disappear. Nominating a single person or department to handle such requests is a great start in streamlining the process and meeting the deadline.

3. Use technology

Ediscovery technology is designed specifically to search, filter and analyse data, making it ideally suited for responding to subject access requests. Ediscovery consultants can advise on how to collect, search, review and produce the data in an efficient, cost-effective and expedited manner.

4. Get expert advice

We guide our clients to consider various sources of information and advise on how to get the data extracted most easily. This may include email systems, server file shares, document management systems, cloud platforms and structured databases such as HR systems or accounting systems.

5. Protect personal data belonging to others

Personal data is often tangled with data belonging to other people or data that is confidential to the company. It is easy to let data pertaining to someone else slip through the net and in trying to comply with the Data Protection act, actually end up breaching it.

Information should be carefully reviewed before being handed over to the data subject. Managed document review services can assist by reviewing the documents in accordance with your guidelines and flag any concerns about data.

To find out more about managing subject access requests, please contact one of our consultants.

Big data: high financials rewards, high regulatory risks?

by Lauren Grest on March 28, 2017 in Legal Developments with No comments

In a 2013 survey of 400 companies, management consultancy Bain & Company, found that companies using data analytics were:

Twice as likely to be in the top quartile of financial performance within their industries
Three times more likely to execute decisions as intended
Five times more likely to make decisions faster

Fast forward to 2018 and data analytics is firmly entrenched within many companies to the extent that it has attracted the attention of the regulatory authorities. The European Commission, the Competition and Markets Authority and the French Authorite de la Concurrence have all stated that big data and the competitive advantage it can give is a top investigative priority for 2017 and beyond.

How can big data give unfair competitive advantage?

Big data as an asset

Margrethe Vestager, the European Commissioner for Competition is currently considering revising merger control thresholds to include a threshold pertaining to non-turnover related big data holdings. Although the Commission previously incorporated the value of data into previous merger control investigations, this has largely involved companies where big data generates significant revenue. However, a company could acquire a business with a small turnover and large amount of user data, the new owner could exploit this data and reduce competitiveness that market place.

Big data pooling

Although sharing data is not forbidden per se, the way companies share data can breach competition rules. Companies can use big data to place themselves in dominant position over competitors. For example, if a company wants to diversify its offering and move into new areas, it can use data held on current customers to promote the new business. For instance, Uber’s access to users of its lift-sharing service can be used to promote other ventures such as UberEats. This gives Uber an unfair advantage over other providers offering a similar takeaway food business but lacking the data from such a large customer base.

The regulatory authorities take these violations seriously and are imposing significant fines. Most recently, the Belgian Lottery was fined €1 million for using a data base of customer contacts to promote a new sports lottery game.

A new form of white collar crime?

The formation of so-called digital cartels is predicted to be one of the biggest challenges regulators will face in the future. Digital cartels arise from companies using automated pricing systems. These digital tools automatically calculate prices according to a set of criteria such as supply versus demand, profit targets and so forth. Increasingly, these systems use machine learning technology. This can lead to the situation where two rival companies use the same pricing technology and react identically to changing market conditions. This results in prices being unintentionally fixed and the law being violated.

Getting value from big data without incurring fines

When it comes to the formation of digital cartels, prevention is complicated. Automated pricing systems are widespread and manual pricing models are unlikely to make a comeback. For regulatory authorities, who are reliant on laws written in the pre-digital age, enforcement is a greater challenge. However, Vestager has suggested a new directive might follow later in 2017 which may bring clearer rules and stricter enforcement.

Other streams of revenue enabled by the collection and analysis of big data are more easily policed. For companies who rely on sharing information for product development, Vestager recommends referring to the Commission’s guidelines on horizontal cooperation which shows companies how to share data in a way that doesn’t reduce competition.

She also discussed ways for companies to share information with competitors anonymously in a way that doesn’t harm their own business interests such as sending information to a platform anonymously. In return, they would receive aggregate data with no indication of which company it comes from.

In conclusion, competition enforcement is changing, and fast. Companies who use big data and smaller companies who hold big data should but don’t actively use it should closely monitor the Commissions announcements over the next few months in order to prepare for any changes. Watch this space!

[1] http://www.theregister.co.uk/2015/08/21/forget_big_data_hype_says_gartner_as_it_cans_its_hype_cycle/

[2] https://ec.europa.eu/commission/commissioners/2014-2019/vestager/announcements/big-data-and-competition_en

The danger of ‘deleted’ data

by Lauren Grest on March 16, 2017 in Case Studies & War Stories with No comments

What computer forensics experts talk about when they talk about deletion

As computer forensics specialists, we are often asked about deleted data. Is something truly deleted? Can deleted data be recovered? What should we do with old laptops? We thought the best way to answer these questions would be to conduct an experiment to show that in computer science, deletion is more of a spectrum than a binary state. The experiment also demonstrates the importance of protecting data, even when the device is no longer in use.

Introducing Project Gumtree

Armed with just £20, we responded to an advert on community selling portal, Gumtree and purchased four ostensibly clean hard drives from the seller, who had advertised them as coming from old family laptops. After payment and collection, we handed over the drives to our forensics team.

The first step of any forensics investigation is undertaking a procedure called ‘imaging’. Forensic imaging involves creating an exact copy of the hard disk, enabling investigations to be conducted without endangering or tampering with the original data held on the disk. Once we had imaged the Gumtree drives, the real investigation could begin.

Upon initial inspection, three of the hard drives appeared to be blank, as promised by the seller. The fourth simply showed the Windows base installation menu. For the average domestic user, the seller’s privacy would have been protected but the first rule of forensics is deleted does not always mean deleted and we anticipated that we would be able to extract data from the seemingly blank disks.

Lost and found

Once we examined the imaged drives closely, we uncovered an incredible amount of information. Below is an overview of exactly what we found on each disk:

Data recovered from Disk 1

1400 PDFs
500 Excel Files
200 Word Docs
8 Powerpoint Presentations
40,000 picture files

Although the seller had originally described the disks as coming from family machines, the information recovered suggested otherwise, with numerous documents detailing expenditure in excess of £120,000 on roof lights and £170,000 on installing cladding on a bridge walkway. The drive also contained other invoices for tens of thousands of pounds as well as a cache of foreign language documents, all which suggested the disk was not used in a domestic context.

Data recovered from Disk 2

Disk 2 was the drive which had a visible base windows installation but nothing else. However, once again we were able to recover a lot of data, the majority of which consisted of confidential documents taken from the internal file sharing system, Sharepoint. Files held on Sharepoint are for internal viewing only and therefore should not have been saved on the laptop, providing furher evidence that the seller of the drives had perhaps obtained them via dubious means.

Data recovered from Disk 3

Disk 3 also yielded some interesting data. We found 3,800 Google search terms that provided a great deal of insight into the life of the previous owner. For example, we saw that the owner had searched for Patisserie Valerie bakeries, swiftly followed by a search for gyms in a particular area. More intriguingly and perhaps disturbingly, hidden amongst quotidian work documents was a raft of files relating to philosophy and the occult.

Data recovered from Disk 4

Of all the data recovered from the drives, Disk 4 contained the most sensitive information. Unfortunately, our in-house counsel has advised that we cannot go into detail about the contents of the drives as they contain data related to the UK government as well as CCTV footage.

By the end of the exercise, it was clear that the drives were not from family computers. In total, we recovered around 10,000 official documents and there is evidence that they come from the same government department. Kroll Ontrack is currently taking steps to return the data and the disks to that department so they can conduct their own investigations as to how the data was stolen.

How to disappear completely

The difficulty of truly deleting data from devices is something of a double-edged sword. On the one hand, if data appears to be lost, chances are that with the assistance of an experienced forensics technician, the data can be recovered. Yet, if a company disposing of devices capable of storing data (which comprises of a surprisingly long list including satellite navigation systems, mobile phones, USB sticks and more), the information stored on there could potentially be accessed by a third party unless actions are taken to forensically delete date the data.

We would recommend that companies disposing of devices capable of storing data should contact a forensics provider to ensure all confidential data is unrecoverable by third parties.

If you would like to find out more about how computer forensics can help you support and secure your business, please join us for a breakfast seminar in Central London on 6th April. The seminar is specifically designed for those working in human resources or employment law. Please click here to register your place.

Document Review turns Two: Mischief. Mayhem. Darts.

by Lauren Grest on February 15, 2017 in Uncategorized with No comments

Can you believe it’s been two years since we opened our dedicated document review centre? Since then we’ve gone from strength to strength, doubling in size and caseload. Below are just a few statistics that highlight how powerful an offering this service and how much demand is increasing:

We have over 1,800 document reviewers registered with us
We have worked the capacity to work in 173 languages
We have worked on 36 projects over the last 7 months in English, French, Afrikaans, Italian, German, Greek, Hindi, Romanian, Hungarian and Portuguese
We have 100 seats at our London centre
We are expanding into continental Europe

A competitive second birthday party

Richard, one of our Document Review Managers, takes aim

Richard takes aim

We couldn’t do this without the support of our amazing document review lawyers who come from all over the world to work with us. To thank them, our Managed Review team held a birthday party at Flight Club in Finsbury Square.

For those who haven’t been, Flight Club is a darts bar but not as you know it- gone are battered old boards, pints of flat lager and that particular mental stress that comes from trying to do mental arithmetic in the pressure of a competitive group environment. Instead each cloche has a control panel, a choice of games and a computer/camera set up that automatically calculates scores.

Each group played three games and six finalists from each cloche were invited to compete in the grand finale. It was a bit of a surprise to see so many skilled darts players and the final tournament was a nail-biting affair with great performances from each player. However, there could only be one winner- Mr Luke Aaron, Legal Consultant and wannabe late night chat host, who seized victory and took home the coveted gold medal.

If you’re a lawyer and fancy joining our document review team, you can find out more information here.

The winner takes it all!

Ediscovery trends in 2017: from artificial intelligence to mobile data centres

by Lauren Grest on January 12, 2017 in Pieces of Interest with No comments

2017 is set to be a year of change as organisations prepare for the new General Data Protection Regulation (GDPR) and the accelerated adoption of artificial intelligence. Faced with the need to manage greater volumes of data as well as multiplying communications channels, organisations and their legal representatives will be increasingly reliant on ediscovery technology processes to reduce the time needed to identify and manage information required to satisfy regulatory and legal issues.

Against this backdrop, we make the following predictions for 2017:

Technology will play a vital role in helping organisations prepare for GDPR

The tough new General Data Protection Regulation currently being implemented in Europe will have a global impact. In cross-border litigation and investigations, where data needs to cross borders to comply with discovery requests, mobile discovery will become essential. These solutions capture, process, filter and examine data on-site, avoiding the need to transfer data across borders. GDPR has strict rules for protecting individuals’ right to be forgotten and organisations will need the relevant tools to find and erase personal data. Breaches of some provisions by businesses, which law makers have deemed to be most important for data protection, could lead to fines of up to €20 million or 4% of global annual turnover for the preceding financial year, whichever is the greater, being levied by data watchdogs.

Ediscovery will find new homes beyond regulation and legislation

While ediscovery is widely used by professionals working on legal cases in litigation, regulation, competition law and merger control, employment law and arbitration, it will be used more and more this year in an anticipatory manner by organisations to identify, isolate and address any concerns about compliance that could expose them to the risk of some kind of intervention or sanction. This trend will be exacerbated by the introduction of an increasingly complex and aggressive regulatory environment, exemplified by the French Anti-Corruption laws adopted in November 2016.

New sources of evidence will move into the spotlight

Enterprises are creating more data than ever before. Data can be found anywhere that there are storage devices to hold it, whether that is a data centre, laptop, mobile, on wearable devices or the Cloud. Channels to move data from one place to another are also proliferating. As a result we are seeing a diversification of evidence sources being used to build up a picture of what has happened in a legal matter. Whilst email and structured data remain the most common sources of evidence, other data sources such as social media, satellite navigation systems are gaining in importance and providing key insights into many cases. Clients are increasingly choosing ediscovery providers who can integrate a wider variety of data sources into one platform for analysis.

The robots are coming.

Savvy law firms and corporate counsel will benefit from bringing the latest technologies including artificial intelligence (AI) to the attention of their clients. A long line of court decisions in the US, and now also in the UK and Ireland has already driven greater interest in and adoption of predictive coding.

The ediscovery industry will continue to evolve

The past few years have seen huge changes in the ediscovery industry itself as it seeks to provide the technologies that organisations need to keep up with more stringent regulation in data governance. Only larger, international partners now have the resources and capabilities required to provide local services and data processing centres where organisations need them, together with cutting edge tools and technologies to manage huge volumes of data and channels moving forwards.

Big data will take centre stage in competition and data privacy matters

Regulators are becoming increasingly aware of the competition and data privacy implications of big data. From a competition point of view, big data held by companies can trigger both Articles 101 (relating to antitrust cases) and 102 TFEU (abuse of dominance cases). This is highlighted by the joint report of May 2016 from the French and German Competition Authorities entitled Competition Law and Data which explains that big data can trigger article 101 TFEU and thus be considered a cartel. Companies that handle substantial data volumes on a day-to-day basis will need to factor it into their compliance strategies and embrace technological solutions to aid in investigations and redactions.

There will be a greater need for electronic documents

Despite evidence becoming mostly electronic, until recently regulatory authorities still required the submission hard copies of RFI forms, merger filings and other investigatory materials. However, the introduction of the European Commission’s eQuestionnaire for merger control and antitrust cases means parties must now submit all information electronically.

In December 2016, the EC has also recently published guidelines entitled “Recommendations for the Use of Electronic Document Submissions in Antitrust and Cartel Case Proceedings”. It is important to note that the EC strongly encourages the use of electronic formats even for paper documents which means they have to be scanned and made readable.

Tim Philips, Managing Director at Kroll Ontrack, said: “Ediscovery continues to provide essential tools and technologies for all manner of legal matters and allows companies to efficiently navigate through this era of big data, regulatory scrutiny and more stringent data protection requirements. 2017 is set to be another landmark year in terms of the adoption of ediscovery technology and the evolution of ediscovery technology itself.”

Merry Christmas!

by Lauren Grest on December 22, 2016 in Uncategorized with No comments

Predictive coding: taking the world by storm!

by Daniel Kavan on December 16, 2016 in News with No comments

First the United States, then Ireland and England, and now Australia.

On a day to day basis, many of Kroll Ontrack’s clients use predictive coding to speed up their review and find key documents quickly in investigations and disputes. Predictive coding is a machine learning technology used in document review exercises, which learns from the decisions made about documents and applies the learning to documents which have not yet been reviewed to suggest (or “predict”) which ones are most likely to be relevant.

This technology has been used in US litigation for a number of years and has been approved by the US courts for almost as long. Other common law countries are now following suit. Although European companies have been using predictive coding for just as long as Americans, until recently we didn’t have court approval to confirm that litigants can cut their review sets for discovery or disclosure purposes by relying on predictive coding to say which documents are unlikely to yield anything of interest. I was excited when this changed in March 2015, when the High Court of Ireland provided the first European approval of predictive coding in Irish Bank Resolution Corporation Ltd & v Quinn. I was sure that the UK would be quick to follow and approve the use of such technology, which it did in February this year when the England and Wales High Court in Pyrrho Investments Ltd v MWB Property Ltd.

When I wrote about the Australian jurisdiction in Kroll Ontrack’s recent New Frontiers in Ediscovery report, released in September this year, I said:

“Popular newcomers, such as predictive coding are not nearly as common in Australia as they are in other jurisdictions. However, since predictive coding has become to be more accepted and judicially approved in several jurisdictions over the last few years, including Ireland and the United Kingdom, Australia is likely to follow.”

It followed quicker than we could have expected. Earlier this month, the Supreme Court of the Australian State of Victoria, in the case of McConnell Dowell Constructors v Santam, used the above cases in other jurisdictions as persuasive authorities to approve the use of predictive coding to reduce the number of documents to be reviewed for discovery in a dispute. This was based on a recommendation from the appointed Special Referee rather than a motion by one of the parties.

We should expect to see further use of predictive coding in Australia, as an operating procedure for predictive coding has been integrated into a new Technology in Civil Litigation Practice Note SC Gen 5, which will come into effect in January 2017.

I’m proud that Supreme Court of Victoria (my own home jurisdiction) is leading the way in Australia and has delivered an early Christmas present to us legal technologists out there!

For a more detailed look at how predictive coding is used in practice, check out our recent video.

RT @raconteur: New EU data regulations could mean bigger fines > https://t.co/eD1FwzgGZ8 https://t.co/Zz6myCdIyx
- Thursday Jun 22 - 12:11pm

Are you ready for #GDPR? https://t.co/DYln5J116w
- Thursday Jun 22 - 11:10am

RT @EU_Commission: Article 50 negotiations just started. #Brexit https://t.co/xxbt5ayrqz
- Monday Jun 19 - 9:54am

We have a short French doc review project coming up. If you want to be considered please send your CV to registrati… https://t.co/EPI1mVSWwN
- Monday Jun 19 - 9:38am

RT @EU_Justice: How many people in the EU use internet every day? How many buy clothes online? See @EU_Eurostat latest report, released tod…
- Friday Jun 16 - 2:26pm

What you need to know about China’s Cybersecurity Law

The lowdown on Japan’s APPI amendment

Ediscovery Costs: Pay as you gone?

eDiscovery On-Demand

A False Economy?

Just Sign Here…

How much does it cost?

Subject Access Requests: managing the process with minimum pain

What is a Subject Access Request?

How common are Subject Access Requests?

How do I fulfil a request?

What can be done to make the process easier?

Big data: high financials rewards, high regulatory risks?

How can big data give unfair competitive advantage?

A new form of white collar crime?

Getting value from big data without incurring fines

The danger of ‘deleted’ data

What computer forensics experts talk about when they talk about deletion

Introducing Project Gumtree

Lost and found

How to disappear completely

Document Review turns Two: Mischief. Mayhem. Darts.

A competitive second birthday party

Ediscovery trends in 2017: from artificial intelligence to mobile data centres

Technology will play a vital role in helping organisations prepare for GDPR

Ediscovery will find new homes beyond regulation and legislation

New sources of evidence will move into the spotlight

The robots are coming.

The ediscovery industry will continue to evolve

Big data will take centre stage in competition and data privacy matters

There will be a greater need for electronic documents

Merry Christmas!

Predictive coding: taking the world by storm!

First the United States, then Ireland and England, and now Australia.

Visit our website

Subscribe to the latest posts

Tweets

Categories

Industry news

eDiscovery On-Demand

A False Economy?

Just Sign Here…

How much does it cost?

What is a Subject Access Request?

How common are Subject Access Requests?

How do I fulfil a request?

What can be done to make the process easier?

How can big data give unfair competitive advantage?

A new form of white collar crime?

Getting value from big data without incurring fines

What computer forensics experts talk about when they talk about deletion

Introducing Project Gumtree

Lost and found

How to disappear completely

A competitive second birthday party

Technology will play a vital role in helping organisations prepare for GDPR

Ediscovery will find new homes beyond regulation and legislation

New sources of evidence will move into the spotlight

The robots are coming.

The ediscovery industry will continue to evolve

Big data will take centre stage in competition and data privacy matters

There will be a greater need for electronic documents

First the United States, then Ireland and England, and now Australia.

Visit our website

Subscribe to the latest posts

Tweets

Categories

Tags