Well, another day, another email hacking story. This one involves the Bush clan, with reports that a hacker who goes by the name Guccifer accessed private emails and photographs, telephone numbers and addresses sent between members of the Bush family, including both former presidents. Among the data released are catty emails about Bill Clinton, photographs

Sealed Court Documents.jpgOver the past few days we’ve dealt with two cases where our clients were deeply invested in the question of whether or not the contents of sealed court documents could be made public. And our answer to both of them was the same: If someone knows about the documents, some of the information might

Among the pros (and cons) of having a cell phone is that you don’t have to stay chained to your desk anymore. Now you can do business anywhere you have phone coverage. But sometimes we are so consumed by the convenience of being able to conduct business on the go that we forget the risks.
Continue Reading

Unbeknown to most cell phone users, just turning your cell phone on reveals your location. That’s because once turned on, your cell phone constantly “pings” (bounces a signal off of) nearby cell phone network towers. This data is collected by the cell phone company and can be traced to reveal your location.

Short of turning your cell phone off and pulling out its battery, there’s nothing you can do about this: This is just basic cell phone technology at work. Technology that can determine your physical whereabouts for as long as your cell phone is turned on, which for most of us means 24 hours a day.
Continue Reading

Attorneys know that one of their primary obligations to their clients is to protect client confidences. Therefore, great pains are taken to make sure that clients’ highly personal information stays in safe hands. But what happens when attorneys are the ones passing along their personal information? Well, unfortunately lawyers are far less careful with their own confidential information than they are with their clients’.
Continue Reading

As investigators, we can’t always get exactly to the evidence we want to prove. Sometimes it merely doesn’t exist. Often, ethical and legal constraints keep us from being able to obtain the facts we definitively need to prove what we are investigating.

It’s easy to get lost searching for the unsearchable, pining for that one nugget that will help everything fall into place. But investigators don’t have that luxury.

So, we sometimes have to do what the computer scientists have done by pinpointing a font as a sign of trouble: We have to take a step back and look for clues elsewhere. We may not have direct evidence of wrongdoing, but we can scour the evidence in order to detect patterns that suggest wrongdoing. Alternatively, we can review the facts to see if we can find any that correlate with what it is we’ve been asked to help prove or disprove.

This is not about making assumptions–we never say that because x exists, therefore y. Instead, it is about being able to look for solutions that advance our clients’ knowledge, even if they fall short of the ideal solution.
Continue Reading

Recently proposed changes to attorney ethical rules by the American Bar Association (ABA) suggest that the profession sees technical breaches as a serious problem in need of immediate remedies. Earlier this week the ABA Commission on Ethics released a summary of proposed changes to the Model Rules, including a new rule requiring lawyers to take proactive measures to protect their client’s information when using new technologies. The proposed rule suggests that lawyers have to be more aware of both “inadvertent and unauthorized” disclosures–in other words, leaks from inside and hacks from outside a firm. The proposed rule warns technophobes that they need to change their Luddite ways. Lawyers now have a “duty to keep abreast of changes in relevant technology, including the benefits and risks associated with its use.” In other words, claiming ignorance is simply not an excuse.

By putting the onus on lawyers, the ABA is acknowledging what those of us who study and track security breaches have been shouting from the rooftops for years: preventing security breaches is not just about technology; it’s about changing human behavior. As the Wall Street Journal article makes clear, “the weakest link at law firms of any size are often their own employees.”

Other industries face similar problems. For example, a recent article on data breaches in the health care industry suggests that the epidemic of breaches of confidential health care information has more to do with human error than it does with IT shortcomings. As Larry Clinton, president and CEO of the trade association Internet Security Alliance succinctly points out “[p]eople are the biggest problem.” Consequently, Collins predicts that data breaches in hospitals and health care systems will only be prevented if these organizations approach these breaches as a “human-resource management issue and not an IT issue.”
Continue Reading

What does it really mean when an investigator says that they are going to do a background search on a person and track down all the relevant documents “on the public record”? Well, let’s start with what it doesn’t mean: bank documents and cell phone records are not public record. Any investigator who tells you he can track these down for you is ostensibly promising to break more than a couple of laws to get you that information. In addition, given that he’s acting as your agent, odds are it could get you in a heap of trouble as well.

So what can you expect instead? Below is a list of the various public documents that you should expect from your investigator when investigating a person. Future blog posts will detail similar lists for background research on companies and for asset searches.
Continue Reading