Posted on: September 08, 2016in Blog
Maintaining a Great Wall of Data Control in eDiscovery
Recently I had a meeting with an attorney at a respected law firm here in Shanghai. We were discussing the various aspects of her firm’s requirements that we are fulfilling as her digital forensic investigations and eDiscovery services provider. In a country where data security, privacy and management are highly controlled, she asked me a question I’ve heard before--except my usual response took on a whole new meaning this time.
“How do you make sure my project doesn’t get mixed up with another project from a different firm?”
Her question is valid. With many projects from several customers in the shop at any given time, eDiscovery service providers will deal with massive amounts of data. It is understandable for a client to be concerned about the privacy and security for their project, and equally vital for service providers to have infallible procedures in place to ensure absolute confidence in their services.
“We just set up a Chinese Wall,” I replied. It’s a phrase that lawyers, accountants and business people often use without giving it a second thought. But now after living in China for a few months and especially after personally hiking the Great Wall of China for a day, I have a new, much deeper appreciation for the applicability of the phrase. Much deeper.
The Great Chinese Firewall
Walls have been a part of the Chinese culture for thousands of years. The ancient Great Wall of China was built to protect the citizens of China from the threat of invaders to the north. As I hiked along the top of the wall set on mountainous ridges on the impressive and formidable ancient stones, I noted how clearly the wall designated the definitive “Thou Shall Not Pass” barrier.
The prevailing Chinese Wall today pertains to controlling the China internet. At the end of 2015, China’s president Xi Jinping opened the World Internet Conference with a speech requesting the world respect “China’s cyber-sovereignty,” which applies China’s national borders to the internet. The Chinese government owns the backbone telecommunication companies that provide China their internet, which enables them to control data flow and monitor content.
The Great Chinese Firewall is real and as stated in the previous blog, those who don’t respect it may suffer serious consequences. “In country review” by PRC attorneys to flag potential information on the Chinese “forbidden to cross” list is the most defensible best practice. Information not flagged by counsel can cross the border and be used as evidence for an investigation or litigation as required. It’s that simple.
The notion of a Chinese Wall doesn’t only apply to the internet within China’s borders – but once an eDiscovery project has begun in any country, specific data security measures must be taken to protect one project’s data from another.
Data Security and eDiscovery Project Management
Webster’s dictionary defines Chinese Wall as an insurmountable barrier, especially to the passage of information or communication. During the eDiscovery process, when we casually declare our plan to “set up a Chinese Wall,” we are declaring an unrelenting, fierce commitment to protect our clients, just as Emperor Qin did for his people more than 2000 years ago. Walls, whether physical or computer networks defined by connectivity, are real and are established to protect the people they serve.
Just as it is important for service providers to implement data security policies, it is equally as important for an attorney to inquire about them and confirm their reliability.
Attorneys take on immense responsibility to protect their clients’ interests. Just as it is important for service providers to implement data security policies, it is equally as important for an attorney to inquire about them and confirm their reliability.
At D4 we are vigilant about keeping client data protected and secure. Each project is uniquely protected within its own borders and over the years we’ve fine-tuned best practices for regulating data on our servers. D4 has standardized conventions for managing data from the time it enters our possession all the way thru final deposition.
Back to my meeting in Shanghai. I smiled as soon as the common, yet meaningful phrase left my mouth. “It means even more to me now,” I explained, “after seeing the Great Wall for myself.” As I explained some of the specific steps we take, the protocols we follow to protect customer data and how we are working with respect within China’s Great Firewall, she politely smiled and nodded. Without having to say anything more, we could see in each other’s eyes we both understood and fully appreciated the complete meaning of the phrase “Chinese Wall”.
How do you manage your "Walls"?
Walls are placed for a purpose. They are there to serve and protect. They should be honored and respected. How secure is the wall that protects your data? How do you deal with data behind a firewall in a country where you would be wise to respect local protocols before it can cross the border? D4 can help you make sure your answers are defensible and fully protected.
- Data Transfer Restrictions in China and How to Handle for Litigation
- 10 Fundamentals of eDiscovery Project Management
- UTC, GMT, ESI and eDiscovery: It's About Time
- Simple Guide on How to Transfer Data Correctly
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted April 26, 2017
How to Use Office 365 Advanced eDiscovery to Prioritize Your Review
Posted April 21, 2017
American Bar Association Section of International Law | 2017 Spring Meeting in Washington DC
Posted April 19, 2017
Office 365 Enterprise E5: 6 Features That Could Benefit Your Business
Posted April 12, 2017
Data Reuse in eDiscovery: 4 Questions to Help Start Your Policy
Posted April 05, 2017
ESI Data Mapping Basics for eDiscovery
Posted March 30, 2017
China’s Cybersecurity Law: Objectives, Compliance and Business Recommendations
Posted March 28, 2017
What will the future bring for the legal industry? | Q&A
Posted March 23, 2017
Beginner’s Guide to Litigation Response Planning and Execution
Posted March 16, 2017
7 Best Practices for a Defensible Legal Hold Process
Posted March 10, 2017
BYOD Privacy: 6 Considerations to Protect Your Business