Electronically Stored Information

The Complete Guide to Management, Understanding, Acquisition, Storage, Search, and Retrieval

By David R. Matthews

© 2013 – Auerbach Publications

400 pages | 56 B/W Illus.

Purchasing Options:
Hardback: 9781439877265
pub: 2012-07-17
US Dollars$76.95

e–Inspection Copy

About the Book

Although we live in a world where we are surrounded in an ever-deepening fog of data, few understand how the data are created, where data are stored, or how to retrieve or destroy data. Accessible to readers at all levels of technical understanding, Electronically Stored Information: The Complete Guide to Management, Understanding, Acquisition, Storage, Search, and Retrieval covers all aspects of electronic data and how it should be managed.

Using easy-to-understand language, the book explains: exactly what electronic information is, the different ways it can be stored, why we need to manage it from a legal and organizational perspective, who is likely to control it, and how it can and should be acquired to meet legal and managerial goals. Its reader-friendly format means you can read it cover to cover or use it as a reference where you can go straight to the information you need.

Complete with links and references to additional information, technical software solutions, helpful forms, and time-saving guides, it provides you with the tools to manage the increasingly complex world of electronic information that permeates every part of our world.


Matthews has approached eDiscovery from a fresh, new perspective—one that is understandable to the layperson as well as technologist. … A must read for anyone in the information technology and legal professions … . The flow of the book from the first chapter to the last is clear, simple, and thorough … should be required reading for anyone in a computer science, information technology, or law-related program, and is now part of the Digital Forensics and the Law course I instruct. If you want to get up to speed on eDiscovery and actually understand what you read, you’ll buy this book.

—Steve Hailey, President/CEO, CyberSecurity Institute, Digital Forensic Examiner and Educator

Table of Contents

What Is Electronic Information, and Why Should You Care?


Electronically Stored Information (ESI) and the Federal Rules of Civil Procedure

Changes to the Federal Rules of Civil Procedure

Rule 16 (b)(5) and (6)—Pretrial Conferences; Scheduling Management

Rule 26— General Provisions Governing Discovery; Duty of Disclosure

Rule 37 Safe Harbor

Rule 34 (b) Producing Documents—Procedures

Rule 33 (d) Interrogatories to Parties

Rule 45 Subpoena

Form 35

Federal Rules of Evidence

FRE 502

FRE 901

FRE 802

Case Law Examples

Bass v. Miss Porter’s School (D. Conn.10/27/09)—Defining Relevancy

Crispin v. Christian Audigier, Inc. (C.D. Cal. 2010)—Private Information

Romano v. Steelcase (N.Y. Sup. Ct. 2010)—Another Social Media Privacy Case

Spoliation Examples

KCH Servs., Inc. v. Vanaire, Inc. (W. D. Ky. 7/22/09)—Trigger to Reasonably Expect Litigation

Olson v. Sax (E. D. Wis. 6/25/10)—Safe Harbor Rule

Spieker v. Quest Cherokee, LLC (D. Kan. 7/21/09)—It Is the Practice

Valeo Electric Sys., Inc. v. Cleveland Die and Mfg. Co. (E.D. Mich.6/17/09)—Production of Evidence as Requested in Meet and Confer

Takeda Pharm. Co., Ltd. v. Teva Pharm. USA, Inc. (D. Del. 6/21/10)—Not Reasonably Accessible?

O’Neill v. the City of Shoreline (Wash. 9/27/10)—Metadata Are Data and Home Computers Are Evidence

Williams v. District of Columbia (D.D.C. 8/17/11)—When "Claw-Back" Rules Can Fail You

Pacific Coast Steel, Inc. v. Leany (D. Nev.9/30/11)—Losing Privilege

Kipperman v. Onex Corp. (N.D. GA. 5/27/10)—A Textbook Case

Pippins v. KPMG LLP (S.D.N.Y. 10/7/11)—How Much Data Do You Really Have to Keep

Chen v. Dougherty (W.D. WA. 7/7/09)—Attorney Gets a Slap for Incompetence

United Central Bank v. Kanan Fashions, Inc. (N.D. Ill. 9/21/11)—Spoliation Sanctions That Hurt the Party but Not Their Attorney

Pension Comm. of Univ. of Montreal Pension Plan v. Bank of Am. Secs., LLC (S.D.N.Y 1/15/10)

Holmes v. Petrovich Development Company, LLC (CA Court of Appeals, October, 2011)—Employee’s E-mail Sent from Work Not Privileged

Lester v. Allied Concrete Company (Circuit Court VA, September, 2011)—Original Award Reduced Due to Withholding of Facebook Evidence

The Rulings of Judge Scheindlin—Zubulake, Pension, and National Day Labor

Other Federal Rules That Affect Electronic Data

The Problems with ESI as Discoverable Evidence

Why and How This Affects the Practice of Law

How This Affects Business Organizations

Effects on Government Entities

What This Might Mean to You as an Individual

Translating Geek: Information Technology versus Everyone Else


The Role of Information Technology

The Information Technologist’s Perspective

Information Technology as an Ally

Translating Geek

Where is Electronically Stored Information? It’s Everywhere!


The Basics

Database Systems

E-Mail Systems

File and Print Servers

Instant Messaging Services

Mobile Devices

Physical Access Records


Cellular Devices

Digital Video

Internet or Online Data

Storage Media

Desktop Computer Facts

Metadata and Other Nonapparent Data


Who’s in Charge Here? Allies, Owners, and Stakeholders


The (Long) List of Stakeholders

Information Technology Professionals

Legal Staff

Records Managers


Department Heads, Vice Presidents, and Executives

Physical and Information Security Personnel

Ownership of Data

Data Control Considerations

Required Skill Sets and Tools

The Hunt: Recovery and Acquisition


Where Oh Where Has My Data Gone?

Applications as a Vital User Interface

Hidden or Restricted Access Data

Encrypted Data

Deleted or Corrupted Data

Proprietary Data or Data Stored on Obsolete Media

Privileged, Sensitive, and Inaccessible Data Management

Proving Ownership and Integrity

Marking Time—How Time Is Recorded and Ensuring Integrity

Legal and Forensically Sound Acquisition

Keeping Your Treasures: Preservation and Management


Securing the Data

Access Control and Management

Organization and File Management Techniques

Day-to-Day Organization

Management of Data over Time

Response to Litigation or Audits

Safe Storage Issues and Considerations

Litigation Hold

Spoliation—The Loss of Relevant Data

Automated Technical Solutions

Sharing Is Good: Dissemination and Reporting


Format Issues—Original or Usable?

Mediums for Transfer

Creating Readable Reports

Tips for Depositions and Expert Witness



Appendix A: Links and References for More Information

Appendix B: Forms and Guides


About the Author

David Matthews is Deputy Chief Information Security Officer (CISO) for the City of Seattle. He worked in the information technology (IT) field since 1992. He began working for the City of Seattle as the technology manager for the legislative department (city council) in 1998. In early 2005 he was selected to be the first Deputy CISO for the city. In his work for the city he developed and created an incident response plan that is compliant with the National Incident Management System (NIMS)/Incident Command System (ICS); updated and extensively rewrote the city’s information security policy; and created and taught training courses on information security and forensics. He most recently created an IT primer for the city’s law department as part of his collaboration with them on e-discovery issues.

He is a participant and leader in regional information security organizations. He is the public-sector co-chair of the U.S. Computer Emergency Readiness Team (US-CERT)/Department of Homeland Security (DHS) sponsored North West Alliance for Cyber Security (NWACS). With NWACS he has worked with the Pacific Northwest Economic Region (PNWER) nonprofit to sponsor information security training for Supervisory Control and Data Acquisition (SCADA) operators and managers; a risk management seminar; a regional cyber response exercise; four Blue Cascades disaster scenario exercises; and is the creator and editor of a portal website with local information security and forensics activities, a library of best practice documents, and links to information security and forensics websites.

Matthews is also an active participant in many local, national, and international information security, forensics, and e-discovery organizations. He is the chair of the local Critical Infrastructure Protection subcommittee of the Regional Homeland Security team, and also is a member of the American Bar Association’s Science and Technology and Electronic Discovery committees. He published an article on active defense in the Information Systems Security Association (ISSA) journal and has presented at many emergency management and information security conferences. His most recent presentation on e-discovery called "New Issues In Electronic Evidence" has been presented to records managers and information technology and security audiences in corporations such as REI and Starbucks, was presented as a peer-to-peer session at RSA, and was given as a continuing legal education course for the U.S. Attorney’s office in Seattle and the City of Seattle’s law department.

He holds the titles of Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Digital Recovery Forensics Specialist (DRFS), and CyberSecurity Forensic Analyst (CSFA).

Matthews is a native of the Seattle area whose interests spread much further than IT or even information security. He is an avid reader, writer, hiker, biker, gardener, and a black belt in Shitoryu karate. He and his wife live with their three children north of Seattle.

Subject Categories

BISAC Subject Codes/Headings:
COMPUTERS / Information Technology
COMPUTERS / Security / General
LAW / Forensic Science