slide1 l.
Skip this Video
Loading SlideShow in 5 Seconds..
Cloud Computing: A Life Cycle View MITRE Conference McLean, Virginia November 9, 2009 Jason R. Baron Director of Litiga PowerPoint Presentation
Download Presentation
Cloud Computing: A Life Cycle View MITRE Conference McLean, Virginia November 9, 2009 Jason R. Baron Director of Litiga

Loading in 2 Seconds...

play fullscreen
1 / 43

Cloud Computing: A Life Cycle View MITRE Conference McLean, Virginia November 9, 2009 Jason R. Baron Director of Litiga - PowerPoint PPT Presentation

  • Uploaded on

Government Information Forecast: Partly Sunny, Partly Cloudy -- A NARA Lawyer’s Perspective. Cloud Computing: A Life Cycle View MITRE Conference McLean, Virginia November 9, 2009 Jason R. Baron Director of Litigation Office of General Counsel

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Cloud Computing: A Life Cycle View MITRE Conference McLean, Virginia November 9, 2009 Jason R. Baron Director of Litiga' - sapphire

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Government Information Forecast:

Partly Sunny, Partly Cloudy --

A NARA Lawyer’s Perspective

Cloud Computing: A Life Cycle View

MITRE Conference

McLean, Virginia

November 9, 2009

Jason R. Baron

Director of Litigation

Office of General Counsel

National Archives and Records Administration


A New Era of Government President Obama’s Memorandum dated 1/21/09 on Transparency and Open Government

life in the fishbowl

Life in the fishbowl


Federal Records Act

Privacy Act

E-Government Act of 2002

Clinger-Cohen Act (formerly IT Mgmt Reform Act)

Government Paperwork Elimination Act

OMB Circular A-130



A New Legal Term of Art Under the Federal Rules of Civil Procedure:Electronically Stored Information or “ESI”

“Electronically stored information”:

The wide variety of computer systems currently in use, and the rapidity of technological change, counsel against a limiting or precise definition of ESI…A common example [is] email … The rule … [is intended] to encompass future developments in computer technology. --Advisory Committee Notes to Rule 34(a), 2006 Amendments

rule 26 f initial meet and confer

Rule 26(f) Initial “Meet and Confer”

The early meet and confer presents an opportunity to show that government “gets it” on the subject of ESI.

Lead counsel for the government and agency point persons should be able to discuss preservation of ESI issues fluently, including with respect to

+ Scope of ESI holdings (key players and custodians of data)

+ Preservation of specific types and forms of electronic media involved

+ Formatting issues (TIFF v ‘native’ v. whatever)

+ Access issues (how searches will be conducted)

the ever increasing volume of esi is a problem

In a world of limited tools and resources…..

….The ever increasing volume of ESI is a problem


Microblogs (e.g., NASA tweets from Mars)NEW YORK (CNN) – 2/13/09 NASA was honored Wednesday for its efforts to inform the public through the popular social-networking Web site Twitter.More than 38,000 people followed NASA's "tweets" of the Mars Phoenix Lander mission.NASA received the "Shorty Award" for documenting the mission of the Mars Phoenix Lander. The Mars Phoenix Lander spent nearly five months in 2008 on the red planet conducting research.Twitter allows users to post updates or "tweets" in 140 characters or less. NASA said it delivered more than 600 updates during the 152 days the Phoenix was operating in the north polar region of Mars.By the end of the mission in early November, more than 38,000 people were following its tweets, NASA said."We created the account, known as Mars Phoenix, last May with the goal of providing the public with near real-time updates on the mission," said Veronica McGregor, a NASA spokesperson. "The response was incredible. Very quickly, it became a way not only to deliver news of the mission, but to interact with the public and respond to their questions about space exploration."

virtual worlds
Virtual worlds
  • The Library of Congress’ virtual Declaration of Independence display as officially announced and which has opened as an Info Island in Second Life. The exhibit includes dioramas, streamed audio, text in the form of larger-than-life documents, information kiosks and even period furniture.
the intersection of the public record laws and e discovery

The Intersection of the Public Record Laws and E-Discovery

+ As a baseline, the Federal Records Act requires that appropriate preservation be taken for electronically stored information which falls within the federal record definition (44 USC 3301)

+ The existence of a valid record retention policy is a factor used by courts in considering whether to impose sanctions when hearing allegations of destruction of evidence

+ Failures of adequate recordkeeping (and information management) easily translate into litigation failure

examples of potential federal records in the clouds
Examples of potential federal records “in the clouds”
  • Google Docs
  • Gmail
  • Facebook, Twitter, Youtube postings
  • Email and structured databases of all kinds hosted on private servers
  • PDA text messaging hosted on private servers
the supreme court on record retention

The Supreme Court on Record Retention

“’Document retention policies,’ which are created in part to keep certain information from getting into the hands of others, including the Government, are common in business * * * It is, of course, not wrongful for a manager to instruct his employees to comply with a valid document retention policy under ordinary circumstances.”

--Arthur Andersen LLP v. U.S., 125 S. Ct. 2129 (May 31, 2005)

the litigation minefield
The Litigation Minefield
  • U.S. litigation increasingly demands the preservation of and access to all relevant documents, including in the form of “electronically stored information” or “ESI”
  • Courts impose sanctions on parties for failing to preserve evidence under the “spoliation” doctrine
  • Absent saving everything, often it is only with 20/20 hindsight that one can determine what should have been preserved in response to a lawsuit
  • Recordkeeping solutions that rely on human judgment are prone to being second-guessed by litigants and judges.
two recent cautionary tales

Two Recent Cautionary Tales

In re Fannie Mae Litigation, 2009 WL 21528 (D.C. Cir. Jan. 6, 2009)

Aguilar v. ICE Division of US Dept of Homeland Security, 2008 WL 5062700 (S.D.N.Y. Nov. 21, 2008)

e recordkeeping in government five paths

E-Recordkeeping in Government: Five Paths

Print to hardcopy

Backup tapes

Preserve in online ad hoc folders

DoD 5015.2 recordkeeping

100% email archiving

transformation strategy e discovery strategy paper recordkeeping true e government

Transformation Strategy = E-discovery strategyPaper recordkeeping  True E-government


The Tree = The Organization’s Knowledge

And Every User’s Email Account as a Separate Twig

electronic archiving
Electronic Archiving
  • What is it?

100% snapshot of (typically) email, plus in some cases other selected ESI applications

  • How does it differ from an RMA?

Goal is of preservation of evidence, not records management per se

  • NARA Bulletin 2008-05
  • Cloud issues not yet addressed in policy guidance
impact of technology on e records management applications on the ground and in the cloud
Impact of Technology on E-Records Management Applications: On the Ground and in the Cloud
  • A universe of proprietary products exists in the marketplace: document management and RMAs
  • DoD 5015.2 compliant products
  • However, scalability issues exist
  • Utopia is records mgmt without extra keystrokes
  • Agencies must prepare to confront significant front-end process issues when transitioning to electronic recordkeeping
  • Records schedule simplification is key
  • Cloud computing adds new wrinkles: can existing products and services adequately capture non-transitory federal record content put up in cloudspace?
obama administration commitment to cloud architecture
Obama Administration commitment to cloud architecture
  • Vivek Kundra, Chief Information Officer in the White House Office of Science and Technology, announces launch of
  • With links to Business apps, Productivity apps, Social media apps, Cloud computing services
leading case precedent
Leading case precedent
  • Flagg v. City of Detroit, 252 F.R.D. 346 (E.D. Mich. 2008) (where City of Detroit, as defendant, entered into contract for text messaging services with non-party service provider, held, City exercised sufficient control over ESI in form of text messages so as to require production to plaintiff under FRCP 34 standards; additionally, court ordered plaintiff to make its request under FRCP 34, in lieu of Court adjudicating dispute over the propriety of plaintiff’s pending 3rd party subpoena for same material).
applicable federal rules of civil procedure
Applicable Federal Rules of Civil Procedure
  • FRCP 34(a)(1) requires a party to produce documents and ESI within its “possession, custody or control”
  • FRCP 26(a)(1)(A)(ii) requires initial disclosure to opposing party of “location” of information in party’s possession, custody or control to be used in support of claims or defenses
  • FRCP 37 governs ESI “lost as a result of the routine good faith operation of an electronic information system”
  • FRCP 45 covers 3rd party subpoenas
legal issues swirling in the clouds
Legal issues swirling in the clouds
  • Implications for legal holds on stored data
  • Preservation of metadata (e.g., access and modification logs)
  • Who bears the risk (and cost) of spoliation?
  • Who bears the risk if provider retains data that is subject to authorized destruction under pre-existing records retention schedules?
  • What are search and retrieval capabilities?
legal issues con t
Legal issues, con’t
  • How does ESI get produced in litigation?
  • How is privileged information protected?
  • Will data be encrypted?
  • How will actions of cloud provider be monitored for compliance?
  • How are cross-border issues dealt with, privacy laws in EU, elsewhere?
service provider agreements
Service provider agreements
  • Need to address preservation/retention, access and control issues generally
  • Subcontracting allowed?
  • Define responsibilities when ediscovery hits
  • Cloud service provider’s own retention and backup policies clarified
  • Law enforcement access to dataset
  • Segregation of data from other customers
service provider agreements con t
Service provider agreements, con’t
  • Notification if subpoenas directed to provider
  • Shipment of ESI to 3rd parties for processing
  • Capability of provider to meet regulatory/compliance requirements
  • How is a right to audit clause satisfied?
  • Cost allocations
  • Security issues
  • Cloud provider going out of business, will data be returned? What format?

Interdisciplinary Approaches--

Three Languages: Legal, RM, and IT

the leading rule for the lawyer as for the man of every calling is diligence abraham lincoln
The leading rule for the lawyer, as for the man, of every calling, is diligence.

-- Abraham Lincoln

Jason R. Baron

Director of Litigation

Office of General Counsel

National Archives and Records Administration

(301) 837-1499


Disclaimer: the views expressed in this powerpoint presentation are the author’s alone, and do not necessarily represent the official view of any component or institution with which he is affiliated.

relevant nara publications
Relevant NARA Publications
  • September 2004 – Expanding Acceptable Transfer Requirements for Permanent Electronic Records – Web Content
  • January 2005 – NARA Guidance on Managing Web Records
  • September 2006 - Implications of Recent Web Technologies for NARA Web Guidance
  • June 2009 – Guidance Concerning Managing Records in a Multi-Agency Environment
further reading
Further Reading
  • ARMA “E-discovery in the Cloud = Fog” (June 2009) (available on the Web)
  • Mark Austrian et al., “Cloud Computing Meets e-Discovery,Cyberspace Lawyer, Vol. 14, Issue 6 (July 2009)
  • NARA Bulletin 2008-05 Concerning use of Email Archiving to Store Email,
  • George L. Paul and J.R. Baron, “Information Inflation: Can the Legal System Adapt,” 13 Richmond Journal of Law and Technology 10 (2007), http://law. jolt/v13i3/ article10.pdf
further reading con t
Further Reading (con’t)
  • The Sedona Conference®, Achieving Quality in E-Discovery (2009 forthcoming)
  • The Sedona Conference®, Best Practices Commentary on the Use of Search and Information Retrieval in E-Discovery (2007)
  • The Sedona Conference®, The Sedona Principles: Second Edition (2007)