Posted on: September 08, 2016in Blog
Maintaining a Great Wall of Data Control in eDiscovery
Recently I had a meeting with an attorney at a respected law firm here in Shanghai. We were discussing the various aspects of her firm’s requirements that we are fulfilling as her digital forensic investigations and eDiscovery services provider. In a country where data security, privacy and management are highly controlled, she asked me a question I’ve heard before--except my usual response took on a whole new meaning this time.
“How do you make sure my project doesn’t get mixed up with another project from a different firm?”
Her question is valid. With many projects from several customers in the shop at any given time, eDiscovery service providers will deal with massive amounts of data. It is understandable for a client to be concerned about the privacy and security for their project, and equally vital for service providers to have infallible procedures in place to ensure absolute confidence in their services.
“We just set up a Chinese Wall,” I replied. It’s a phrase that lawyers, accountants and business people often use without giving it a second thought. But now after living in China for a few months and especially after personally hiking the Great Wall of China for a day, I have a new, much deeper appreciation for the applicability of the phrase. Much deeper.
The Great Chinese Firewall
Walls have been a part of the Chinese culture for thousands of years. The ancient Great Wall of China was built to protect the citizens of China from the threat of invaders to the north. As I hiked along the top of the wall set on mountainous ridges on the impressive and formidable ancient stones, I noted how clearly the wall designated the definitive “Thou Shall Not Pass” barrier.
The prevailing Chinese Wall today pertains to controlling the China internet. At the end of 2015, China’s president Xi Jinping opened the World Internet Conference with a speech requesting the world respect “China’s cyber-sovereignty,” which applies China’s national borders to the internet. The Chinese government owns the backbone telecommunication companies that provide China their internet, which enables them to control data flow and monitor content.
The Great Chinese Firewall is real and as stated in the previous blog, those who don’t respect it may suffer serious consequences. “In country review” by PRC attorneys to flag potential information on the Chinese “forbidden to cross” list is the most defensible best practice. Information not flagged by counsel can cross the border and be used as evidence for an investigation or litigation as required. It’s that simple.
The notion of a Chinese Wall doesn’t only apply to the internet within China’s borders – but once an eDiscovery project has begun in any country, specific data security measures must be taken to protect one project’s data from another.
Data Security and eDiscovery Project Management
Webster’s dictionary defines Chinese Wall as an insurmountable barrier, especially to the passage of information or communication. During the eDiscovery process, when we casually declare our plan to “set up a Chinese Wall,” we are declaring an unrelenting, fierce commitment to protect our clients, just as Emperor Qin did for his people more than 2000 years ago. Walls, whether physical or computer networks defined by connectivity, are real and are established to protect the people they serve.
Just as it is important for service providers to implement data security policies, it is equally as important for an attorney to inquire about them and confirm their reliability.
Attorneys take on immense responsibility to protect their clients’ interests. Just as it is important for service providers to implement data security policies, it is equally as important for an attorney to inquire about them and confirm their reliability.
At D4 we are vigilant about keeping client data protected and secure. Each project is uniquely protected within its own borders and over the years we’ve fine-tuned best practices for regulating data on our servers. D4 has standardized conventions for managing data from the time it enters our possession all the way thru final deposition.
Back to my meeting in Shanghai. I smiled as soon as the common, yet meaningful phrase left my mouth. “It means even more to me now,” I explained, “after seeing the Great Wall for myself.” As I explained some of the specific steps we take, the protocols we follow to protect customer data and how we are working with respect within China’s Great Firewall, she politely smiled and nodded. Without having to say anything more, we could see in each other’s eyes we both understood and fully appreciated the complete meaning of the phrase “Chinese Wall”.
How do you manage your "Walls"?
Walls are placed for a purpose. They are there to serve and protect. They should be honored and respected. How secure is the wall that protects your data? How do you deal with data behind a firewall in a country where you would be wise to respect local protocols before it can cross the border? D4 can help you make sure your answers are defensible and fully protected.
- Data Transfer Restrictions in China and How to Handle for Litigation
- 10 Fundamentals of eDiscovery Project Management
- UTC, GMT, ESI and eDiscovery: It's About Time
- Simple Guide on How to Transfer Data Correctly
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted January 19, 2017
Legal Hold Triggers: When Should You Document Your Reasonable Anticipation of Litigation?
Posted January 12, 2017
5 New Year's Resolutions from an Experienced eDiscovery Team
Posted January 11, 2017
"Advanced" Analytics Roundtables - Legaltech 2017 | New York
Posted January 06, 2017
2017 Sedona Conference | Discovery in a Dynamic Digital World
Posted January 06, 2017
Corporate eDiscovery Hero Awards Celebration | Zapproved
Posted January 05, 2017
Creating Strategic eDiscovery Workflows for Small Teams
Posted December 28, 2016
Predictive Coding vs. Search Terms: Who Determines the Method of Review?
Posted December 22, 2016
5 Things You Need to Know About the Managed Review Process
Posted December 15, 2016
Where Lawyers Can’t Practice
Posted December 08, 2016
Wearable Tech: The Impact on Cases and eDiscovery