In supporting litigation I am often asked to assist with a demand for inspection of an opposing party’s computer systems or to defend against unfettered access to computer systems by an adversary. These cases frequently involve a purported theft or destruction of data requiring forensic analysis of the relevant systems. Forensic analysis goes beyond what a document review will uncover.

For instance, if a Microsoft Word document is central to issues in litigation, review of that document may yield relevant content and perhaps useful metadata. The Word document itself will not, however, give you any indication if it had been copied to external media, emailed outside the organization via a personal Web mail account or whether other deleted copies or fragments exist which may help paint a more detailed picture of the provenance of that all-important document. In addition, activity occurring during the timeline of editing versions of the document may provide additional relevant information not normally included in a legal review of electronic documents. System logs and system settings maintained by the operating system are additional sources of evidence not normally included in a document review.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]