Exterro's Legal GRC Breakdown

Get your daily dose of news, best practices, and technology from Exterro's e-discovery, privacy, and digital forensics experts here.

Data Privacy Alert: Insurance Company Settles BIPA Claim for $4 Million

Created on August 5, 2022


E-Discovery Market Analyst at Exterro

The Illinois Biometric Information Protection Act (BIPA) has been in effect since 2008, but enforcement was relatively rare until 2015. Since then, a variety of enforcement actions have taken place, with the most recent being this $4 million settlement of a class action lawsuit filed against Lemonade, a New York City-based insurance company that offered insurance to Illinois residents. Overview In May 2022, Lemonade Insurance Company reached a $4 million settlement to end a lawsuit that claimed the company collected, stored, analyzed and used the biometric data of thousands of its... Read More

We're Doubling Down on Growth! A Quick Walk through Exterro's New Funding Announcement

Created on July 29, 2022


E-Discovery Market Analyst at Exterro

If you hop over to our news page, you can see the latest exciting news about our funding. Or if you prefer you could read about it on the Wall Street Journal or maybe the official press release. It's up to you. But for those of you visiting on the blog, I have an opportunity to provide a little more context in a little less formal manner. Let's get to it. The press release explains: Exterro, Inc., a portfolio company of Leeds Equity Partners (“Leeds Equity”), announced today that it has completed... Read More

7 Best Practices for Information Governance

Created on July 29, 2022


Director - Solution Team Consultants at Exterro

Information governance is the set of rules used to control the creation, management, storage, and ultimately the disposition of data within an organization. It governs data from paper files, phone records, and voicemails to electronic data like emails, spreadsheets, word processing documents, presentations, database records, and new types of electronically stored information (ESI). As a definition, it works well, but in practice, it doesn’t necessarily tell you how to get from identifying the need for IG to having an effective, functioning set of policies and procedures. Fortunately, in Exterro’s Basics of E-Discovery... Read More

Case Law Alert: Stop Wasting Time Refusing to Produce Relevant Evidence

Created on July 29, 2022


Vice President, E-Discovery

Courts will no longer accept excuses that producing data is too hard or unduly burdensome without evidence of that burden. At the very least, if they anticipate difficulty during discovery, parties have a duty to understand what the complexities of production may be and explain them to the court in order to win a proportionality claim, as illustrated by US Dept. of Labor v. Federal Armament (W.D. Ark. June 28, 2022). Overview In this FLSA case involving alleged failure to pay employees time and a half overtime wage, the plaintiff moved to... Read More

4 Expert Tips for Incident Response in Remote Workplaces

Created on July 22, 2022


E-Discovery Market Analyst at Exterro

Many aspects of the IT infrastructures that serve organizations today are nothing like they were two to three years ago. Hybrid and remote work models are now firmly in place at numerous companies, and they are unlikely to go away any time soon—a fact we’ve talked about numerous times. In a previous post on remote work environments, this blog discussed its implications for e-discovery professionals. Today we’ll be focusing on something that’s top of mind for IT and cybersecurity professionals—responding to cyber-incidents in remote environments. In the current environment, end-user devices are... Read More

3 Tips to Get Internal Investigations Done Right

Created on July 22, 2022


E-Discovery Market Analyst at Exterro

More and more organizations are recognizing the need to have digital forensic investigatory abilities in-house. With data breaches and ransomware attacks on the rise, they need to be able to respond quickly (if not automatically) in order to contain and begin remediating incidents—heck, it’s becoming harder to obtain cybersecurity insurance without having endpoint detection and response technology in place. And that’s only one use case. Investigations for human resources of possible employee wrongdoing, legal department reviews to facilitate regulatory compliance, and investigations related to civil litigation remain priorities as well. But given... Read More

Data Privacy Alert: Canada’s Bill C-27 May Make Important Changes to PIPEDA

Created on July 22, 2022


E-Discovery Market Analyst at Exterro

Canada’s federal government has introduced Bill C-27 to the House of Commons on June 17, to introduce the most important changes to Canada’s federal privacy regime in 20 years. Overview PIPEDA, the Personal Information Protection and Electronic Documents Act, was introduced in 2001, and at the time was regarded as providing a principles-based approach to privacy protection that was balanced and innovative. However, it was developed prior to the advent of the internet and social media and many of the innovations that have subsequently impacted personal information use and collection. Except... Read More