Posted on: September 08, 2016in Blog
Maintaining a Great Wall of Data Control in eDiscovery
Recently I had a meeting with an attorney at a respected law firm here in Shanghai. We were discussing the various aspects of her firm’s requirements that we are fulfilling as her digital forensic investigations and eDiscovery services provider. In a country where data security, privacy and management are highly controlled, she asked me a question I’ve heard before--except my usual response took on a whole new meaning this time.
“How do you make sure my project doesn’t get mixed up with another project from a different firm?”
Her question is valid. With many projects from several customers in the shop at any given time, eDiscovery service providers will deal with massive amounts of data. It is understandable for a client to be concerned about the privacy and security for their project, and equally vital for service providers to have infallible procedures in place to ensure absolute confidence in their services.
“We just set up a Chinese Wall,” I replied. It’s a phrase that lawyers, accountants and business people often use without giving it a second thought. But now after living in China for a few months and especially after personally hiking the Great Wall of China for a day, I have a new, much deeper appreciation for the applicability of the phrase. Much deeper.
The Great Chinese Firewall
Walls have been a part of the Chinese culture for thousands of years. The ancient Great Wall of China was built to protect the citizens of China from the threat of invaders to the north. As I hiked along the top of the wall set on mountainous ridges on the impressive and formidable ancient stones, I noted how clearly the wall designated the definitive “Thou Shall Not Pass” barrier.
The prevailing Chinese Wall today pertains to controlling the China internet. At the end of 2015, China’s president Xi Jinping opened the World Internet Conference with a speech requesting the world respect “China’s cyber-sovereignty,” which applies China’s national borders to the internet. The Chinese government owns the backbone telecommunication companies that provide China their internet, which enables them to control data flow and monitor content.
The Great Chinese Firewall is real and as stated in the previous blog, those who don’t respect it may suffer serious consequences. “In country review” by PRC attorneys to flag potential information on the Chinese “forbidden to cross” list is the most defensible best practice. Information not flagged by counsel can cross the border and be used as evidence for an investigation or litigation as required. It’s that simple.
The notion of a Chinese Wall doesn’t only apply to the internet within China’s borders – but once an eDiscovery project has begun in any country, specific data security measures must be taken to protect one project’s data from another.
Data Security and eDiscovery Project Management
Webster’s dictionary defines Chinese Wall as an insurmountable barrier, especially to the passage of information or communication. During the eDiscovery process, when we casually declare our plan to “set up a Chinese Wall,” we are declaring an unrelenting, fierce commitment to protect our clients, just as Emperor Qin did for his people more than 2000 years ago. Walls, whether physical or computer networks defined by connectivity, are real and are established to protect the people they serve.
Just as it is important for service providers to implement data security policies, it is equally as important for an attorney to inquire about them and confirm their reliability.
Attorneys take on immense responsibility to protect their clients’ interests. Just as it is important for service providers to implement data security policies, it is equally as important for an attorney to inquire about them and confirm their reliability.
At D4 we are vigilant about keeping client data protected and secure. Each project is uniquely protected within its own borders and over the years we’ve fine-tuned best practices for regulating data on our servers. D4 has standardized conventions for managing data from the time it enters our possession all the way thru final deposition.
Back to my meeting in Shanghai. I smiled as soon as the common, yet meaningful phrase left my mouth. “It means even more to me now,” I explained, “after seeing the Great Wall for myself.” As I explained some of the specific steps we take, the protocols we follow to protect customer data and how we are working with respect within China’s Great Firewall, she politely smiled and nodded. Without having to say anything more, we could see in each other’s eyes we both understood and fully appreciated the complete meaning of the phrase “Chinese Wall”.
How do you manage your "Walls"?
Walls are placed for a purpose. They are there to serve and protect. They should be honored and respected. How secure is the wall that protects your data? How do you deal with data behind a firewall in a country where you would be wise to respect local protocols before it can cross the border? D4 can help you make sure your answers are defensible and fully protected.
- Data Transfer Restrictions in China and How to Handle for Litigation
- 10 Fundamentals of eDiscovery Project Management
- UTC, GMT, ESI and eDiscovery: It's About Time
- Simple Guide on How to Transfer Data Correctly
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted June 21, 2017
Control Litigation Costs by Making the Most of Your Internal Capabilities
Posted June 15, 2017
Shanghai OSAC Quarterly Meeting
Posted June 15, 2017
5 Ways to Reduce eDiscovery Costs Before and During Litigation
Posted June 07, 2017
Defensible Deletion Strategy: Getting Rid of Your Unnecessary Data
Posted May 31, 2017
How Does the EU-US Privacy Shield Affect Cross-Border Discovery?
Posted May 24, 2017
Unique eDiscovery Challenges with Mobile Device Data and How to Solve Them
Posted May 17, 2017
How to Comply with 21 CFR and HIPAA Data Retention Requirements
Posted May 11, 2017
4 Key Advantages of Conducting Remote Depositions
Posted May 03, 2017
eDiscovery in International Dispute Resolution: What Experts Want You to Know
Posted April 27, 2017
China Expands Data Transfer Requirements for its Cybersecurity Law