• Home
  • About
  • CRAIGBALL.COM
  • Disclaimer
  • Log In

Ball in your Court

~ Musings on e-discovery & forensics.

Ball in your Court

Category Archives: General Technology Posts

A Primer on Processing and a Milestone

04 Monday Nov 2019

Posted by craigball in Computer Forensics, E-Discovery, General Technology Posts, Uncategorized

≈ 9 Comments

Processing 2019Today, I published my primer on processing.  It’s fifty-odd pages on a topic that’s warranted barely a handful of paragraphs anywhere else.  I wrote it for the upcoming Georgetown Law Center Advanced E-Discovery Institute and most of the material is brand new, covering a stage of e-discovery–a “black box” stage–where a lot can go quietly wrong.  Processing is something hardly anyone thinks about until it blows up.

Laying the foundation for a deep dive on processing required I include a crash course on the fundamentals of digitization and encoding.  My students at the University of Texas and at the Georgetown Academy have had to study encoding for years because I see it as the best base on which to build competency on the technical side of e-discovery.

The research for the paper confirmed what I’d long suspected about our industry.  Despite winsome wrappers, all the leading e-discovery tools are built on a handful of open source and commercial codebases, particularly for the crucial tasks of file identification and text extraction.  Nothing evil in that, but it does make you think about cybersecurity and pricing.  In the process of delving deeply into processing, I gained  greater respect for the software architects, developers and coders who make it all work.  It’s complicated, and there are countless ways to run off the rails.  That the tools work as well as they do is an improbable achievement.  Stilli, there are ingrained perils you need to know, and tradeoffs to be weighed.

Working from so little prior source material, I had to figure a lot out by guess and by gosh.  I have no doubt I’ve misunderstood points and could have explained topics more clearly.  Please don’t hesitate to weigh in to challenge or correct.  Regular readers know I love to hear your thoughts and critiques.

I’ll be talking about processing in an ACEDS/Logikcull webcast tomorrow (Tuesday, November 5, 2019) at 1:00pm EST/10:00am PST.  I expect it’s not to late to register.

The milestone of the title is that this is my 200th blog post and it neatly coincides with my 200,000 unique visitor to the blog (actually 200,258, but who’s counting?).  When I started blogging here on August 20, 2011, I honestly didn’t know if anyone would stop by.  Two hundred thousand kind readers have rung the bell (and that’s excluding the many more spammers turned away).  I hope something I wrote along the way gave you some insight or a chuckle.  I’m intensely grateful for your attention.

By the way, if you’d like to come to the Georgetown Advanced E-Discovery Institute in Washington, D.C. on November 21-22, 2019, please use my speaker’s discount code to save $100.00.  The discount code is BALL (all caps).  Hope to see you!

Share this:

  • Email
  • Print
  • Twitter
  • Facebook
  • LinkedIn

Like this:

Like Loading...

Apple Card: Heavy Metal

03 Thursday Oct 2019

Posted by craigball in General Technology Posts, Personal, Uncategorized

≈ 3 Comments

IMG_4773I just got my Apple Card and, while I hardly need another credit card, I thought readers might be curious what the fuss is about. After all, it’s just a credit card, right?

Right, but it has some fancy features that set it apart from the other plastic in your wallet or purse.  First, it’s scarily easy to obtain.  On my iPhone, it took under a minute to be issued the electronic card with a $9,000 spending limit available in Wallet.  That was Tuesday.  Thursday morning, a courier dropped off the physical card packaged in the sleek style of all Apple’s premium products.  The fun began even before it was out of the box!

IMG_4777Although my Apple Pay credit account went live in a minute, as with all physical credit cards, the Apple Card must be activated before use.  For most cards, this requires time online or a phone call where you dial or speak a lot of digits.  With the Apple Card, you just hold the colorful sleeve it comes in against your iPhone and the NFC contactless communication capability embedded in the card does the rest.  

The next surprise is that the card is crafted from laser-etched titanium, giving it a striking heft and rigidity.  Hone the edge of this baby and you’re MacGyver (or Oddjob, hat in hand).  Investing so much in the aesthetics of a credit card may seem silly; but, I confess that the, well, the beauty of the card impressed me.  Is it so wrong that something we touch several times daily be pleasing?

The next surprise is what’s not on the Apple Card versus every other card: There are no numbers.  No card number.  No CID security identifier.  No expiration date.  No signature block.  Just your name, three corporate logos, a chip and a swipe strip.  Here are photos of both sides of my Apple Card, something I’d never post for a conventional card:

IMG_4771
IMG_4772

IMG_4774If you want to know the card number and CID for the Apple Card, you must retrieve them in Wallet.  That’s a genuine layer of security.  By the same token, heaven help anyone who comes across a neanderthal with a carbon charge slip (anyone remember those?) who tries to rub transfer the card number.

There are some nifty usage management features, but the major marketing hook for the Apple Card is daily cash back on purchases.  How much cash back?  I’m not entirely sure because it varies.  It seems you get three percent back for purchases made from Apple and a handful of other merchants like Walgreens and Uber.  But for the most part, the cash back percentage looks to be two percent if you pay with Apple Pay.  If a merchant isn’t set up for Apple Pay, then it appears you must use the Apple Card as a conventional MasterCard, and get just one percent cash back.  That’s about the same benefit I now get with my AmEx Membership Rewards program with (in my mind) less exposure to a whopping interest charge if I’m ever late with a payment.  Too, the AmEx offers many perks to protect my purchases and travel.  Now and then, those behind-the-scenes benefits have proven really worthwhile.   I wonder whether Apple will stand behinds its card users as reliably as AmEx?

Cash back is a splendid benefit, and beats the pants off cards that don’t offer rewards and perks.  So many cards do offer mileage benefits, club access and other rewards that it’s not easy to know which one is best.  The Apple Card carries no annual fee, making it worth a try, and if you buy a lot of Apple merchandise, that instant three percent back is a no-brainer.  Maybe the Apple Card will become my principal card; maybe not.  But, I’ll tell you one thing:  that titanium card is going to be hell to cut in half should I decide to close the account.

One last thing if it’s not already clear: Only iPhone users need apply.  An Android user might be able to finagle getting the Apple Card, but the real benefits only flow from using Apple Pay.

Share this:

  • Email
  • Print
  • Twitter
  • Facebook
  • LinkedIn

Like this:

Like Loading...

Cryptographic Hashing: “Exceptionally” Deep in the Weeds

02 Wednesday Oct 2019

Posted by craigball in Computer Forensics, E-Discovery, General Technology Posts

≈ Leave a comment

We all need certainty in our lives; we need to trust that two and two is four today and will be tomorrow.  But the more we learn about any subject, the more we’re exposed to the qualifiers and exceptions that belie perfect certainty.  It’s a conundrum for me when someone writes about cryptographic hashing, the magical math that allows an infinite range of numbers to match to a finite complement of digital fingerprints. Trying to simplify matters, well-meaning authors say things about hashing that just aren’t so.  Their mistakes are inconsequential for the most part—what they say is true enough–but it’s also misleading enough to warrant caveats useful in cross-examination.

I’m speaking of the following two assertions:

  1. Hash values are unique; i.e., two different files never share a hash value.
  2. Hash values are irreversible, i.e., you can’t deduce the original message using its hash value.

Both statements are wrong. Continue reading →

Share this:

  • Email
  • Print
  • Twitter
  • Facebook
  • LinkedIn

Like this:

Like Loading...

Cryptographic Hashing: A Deeper Dive

01 Tuesday Oct 2019

Posted by craigball in Computer Forensics, E-Discovery, General Technology Posts

≈ 1 Comment

It’s October (already?!?!) and–YIKES–I haven’t posted for two weeks.  I’m tapping away on a primer about e-discovery processing, a topic that’s received scant attention…ever.  One could be forgiven for thinking the legal profession doesn’t care what happens to all that lovely data when it goes off to be processed!  Yet, I know some readers share my passion for ESI and adore delving deeply into the depths of data processing.  So, here are a few paragraphs pulled from my draft addressing the well-worn topic of hashing in e-discovery where I attempt a foolhardy tilt at the competence windmill and seek to explain how hashing works and what those nutty numbers mean.  Be warned, me hearties, there be math ahead!  It’s still a draft, so feel free to push back and all criticism (constructive/destructive/dismissive) warmly welcomed.

My students at the  University of Texas School of Law and the Georgetown E-Discovery Training Academy spend considerable time learning that all ESI is just a bunch of numbers.  They muddle through readings and exercises about Base2 (binary), Base10 (decimal), Base16 (hexadecimal) and Base64; as well as about the difference between single-byte encoding schemes (ASCIII) and double-byte encoding schemes (Unicode).  It may seem like a wonky walk in the weeds; but the time is well spent when the students snap to the crucial connection between numeric encoding and our ability to use math to cull, filter and cluster data.  It’s a necessary precursor to their gaining Proustian “new eyes” for ESI.

Because ESI is just a bunch of numbers, we can use algorithms (mathematical formulas) to distill and compare those numbers.  Every student of electronic discovery learns about cryptographic hash functions and their usefulness as tools to digitally fingerprint files in support of identification, authentication, exclusion and deduplication.  When I teach law students about hashing, I tell them that hash functions are published, standard mathematical algorithms into which we input digital data of arbitrary size and the hash algorithm spits out a bit string (again, just a sequence of numbers) of fixed length called a “hash value.”  Hash values almost exclusively correspond to the digital data fed into the algorithm (termed “the message”) such that the chance of two different messages sharing the same hash value (called a “hash collision”) is exceptionally remote.  But because it’s possible, we can’t say each hash value is truly “unique.”

Using hash algorithms, any volume of data—from the tiniest file to the contents of entire hard drives and beyond—can be almost uniquely expressed as an alphanumeric sequence; in the case of the MD5 hash function, distilled to a value written as 32 hexadecimal characters (0-9 and A-F).  It’s hard to understand until you’ve figured out Base16; but, those 32 characters represent 340 trillion, trillion, trillion different possible values (2128 or 1632). Continue reading →

Share this:

  • Email
  • Print
  • Twitter
  • Facebook
  • LinkedIn

Like this:

Like Loading...

Preserving Android Evidence: Return of the Clones?

17 Tuesday Sep 2019

Posted by craigball in Computer Forensics, E-Discovery, General Technology Posts

≈ 4 Comments

When computer forensics was in its infancy, examiners collected evidence from disks by copying their contents byte-for-byte to matching, sterilized disks, creating archival and working copies called “clones.”  Cloning drives was inefficient, expensive and error prone compared to the imaging processes that replaced it.  Yet, disk cloning worked for years, and countless cases were made on forensic evidence preserved by cloning and examined on cloned drives.

Now, cloning may be coming back; not to preserve hard drives but  to collect data from mobile devices backed up online, particularly Android phones.  If I’m right, it will be only a stopgap technique; but, it will also be an effective (if not terribly efficient) conduit by which mobile data preserved online can be collected and analyzed in discovery.

Case in point: Google’s recently expanded offering of cheap-and-easy online backup of Android phones, including SMS and MMS messaging, photos, video, contacts, documents, app data and more.  This is a leap forward for all obliged to place a litigation hold on the contents of Android phones — a process heretofore unreasonably expensive and insufficiently scalable for e-discovery workflows.  There just weren’t good ways to facilitate defensible, custodial-directed preservation of Android phone content.  Instead, you had to take phones away from users and have a technical expert image them one-by-one.

Now, it should be feasible to direct custodians to undertake a simple online preservation process for Android phones having many of the same advantages as the preservation methodology I described for iPhones two years ago.  Simple.  Scalable.  Inexpensive.

But unlike the iOS/iTunes methodology, Android backups live in the cloud.  At first, I anticipate there will be no means to download the complete Android backup to a PC for analysis.  Consequently, when we must process the preserved data for litigation, we may need to first restore the data to a factory-initialized “clean” phone as a means to localize the data for collection.  That’s not to say that Google won’t eventually offer a suitable takeout mechanism; after all, Google Takeout capabilities are second to none.  But, until we can backup Android content in a way that it can be faithfully and intelligibly retrieved directly from Google, examiners may revive the tried-and-true cloning of evidence to clean devices then collecting from the restored device.  Everything old is new again.

It won’t be so bad to use this stopgap approach considering that e-discovery typically entails preservation of far more mobile sources than need ultimately be processed.  So, while backing up many online and cloning a few to clean phones certainly isn’t a perfect solution for Android evidence, it’s good enough and cheap enough that courts should give short shrift to parties claiming that preserving phone evidence is unduly burdensome or complex.  For, as my e-discovery colleagues love to say, “Perfect isn’t the standard.”  I agree.  But, neither is the standard, “we couldn’t be bothered, judge.”

Share this:

  • Email
  • Print
  • Twitter
  • Facebook
  • LinkedIn

Like this:

Like Loading...

How Will We Back Up iPhones Without iTunes?

30 Friday Aug 2019

Posted by craigball in Computer Forensics, E-Discovery, General Technology Posts

≈ 5 Comments

I’ve been on something of an e-discovery crusade for the last few years.  No, not my Quixotic, decade-long, “Native Production is More Utile and Efficient” crusade.  This is the other, later-but-just-as-frustrating crusade I call, “Mobile to the Mainstream.”  It’s a relentless, battleship-banging effort to foster recognition that mobile devices and their online information ecosystems are the most important sources of probative electronic evidence we have today.  Unless privileged, mobile evidence should be routinely preserved and produced in mainstream electronic discovery.  Honestly, shouldn’t that be obvious to even the most casual observer of modern life?

That mobile evidence is routinely ignored in civil matters by counsel, government and industry is troubling, and defended–if defended at all–by pointing to the alleged burden and technical “forensic-ness” of marshalling phone content.  I’ve countered with articles showing the ease with which iPhone content can be preserved, extracted and searched–at little to no cost and, crucially, without separating custodians from their devices.  The “trick” for Apple iOS devices was exploiting iTunes, and it was a good trick because iTunes is free, easy to use and supported by Apple on both Mac and Windows platforms around the world.

Then, Apple lately announced it was doing away with iTunes.  ARRRRGGHHH! 😱😖😭

But, no worries, the iPhone backup methodology I’ve put forward is still going to work after Apple releases the new Catalina operating system and cleaves iTunes into dedicated apps for music, podcasts and TV.  In fact, preserving iPhones may be easier for Mac users as Apple is shifting the backup tool into the Finder app.  You’ll do exactly the same thing I wrote about but Mac users with Catalina won’t even need to use iTunes to preserve mobile evidence.  It’ll be built in.

From what I understand, Windows users will still have an app for the task, probably iTunes for the foreseeable future.  So, I’m relieved to know that the “demise” of iTunes won’t be a barrier to simple, scalable preservation of iPhone content.  Things may even get a little easier.

Share this:

  • Email
  • Print
  • Twitter
  • Facebook
  • LinkedIn

Like this:

Like Loading...

ILTACON 2019 at the Happiest Place on Earth

23 Friday Aug 2019

Posted by craigball in Computer Forensics, E-Discovery, General Technology Posts, Uncategorized

≈ 2 Comments

I’ve spoken at nearly all the legal technology conferences that have come and gone over the last thirty years.  Some, like LegalWorks and LegalTech West, are extinct (suggesting there is no appetite for legal technology west of Las Vegas).  Others, like ABA TechShow and LegalTech New York soldier on, shadows of what they once were, annually rearranging well-worn deck chairs.  They’re still frantic and fun to attend but TechShow has devolved to a mostly regional attendance and LegalTech’s influence has waned such that the most interesting meetings occur outside the Hilton.  Lately, the dynamic and influential meetups are those dedicated to a single product and its ecosystem (think Relativity Fest or ClioCon).  A stalwart exception, and an event I always try to cover, is ILTACON, the annual confab of the International Legal Technology Association. ILTACON remains vibrant and relevant, having found its compass after several rocky years of internal squabbling.

I just returned from Orlando and five days of impressive ILTACON content at the Swan and Dolphin hotels near EPCOT.  I talked about discovery tools and whether they’ve kept pace with the sea changes in electronic evidence.  My take: lawyers are behind the curve and tool vendors aren’t doing nearly enough to bridge the gap.

I’m a passionate student of architecture, with no particular skills, but boundless enthusiasm.  Thus, it was pleasing to experience the Swan and Dolphin Hotels, icons of post-modernism and two of the late architect Michael Graves’ most successful efforts.  Postmodernism was to last-century architecture what the leisure suit was to 1970’s fashion.  PoMo is no mo’, and none need mourn its passing.  Audacious in 1990, the Swan and Dolphin remain a good fit for the fever dream of Walt Disney World.  Outside of Orlando and Las Vegas, the absurd scale, palette and garish embellishment would have long lost its luster; yet in the House of the Mouse (and dead-flat Orlando), they still work.  Aesthetically, that is, not functionally.  The interiors are awful and the sprawl exhausting.  Home to ILTACON’s evening events, the dark, charmless Pacific Ballroom, should be renamed the Hangar of Terror (photo below.  Note the free throw competition hoop and backboard with tables beyond. What could POSSIBLY go wrong?).

 

Continue reading →

Share this:

  • Email
  • Print
  • Twitter
  • Facebook
  • LinkedIn

Like this:

Like Loading...

Have We Lost the War on E-Discovery?

30 Thursday May 2019

Posted by craigball in Computer Forensics, E-Discovery, General Technology Posts

≈ 11 Comments

Is there a war on e-discovery?  Sounds like a paranoid notion, but the evidence is everywhere.  The purpose of discovery is to exchange information bearing on matters in litigation, particularly material tending to prove or disprove the parties’ claims and defenses.  The soul of discovery is disclosure of relevant records and communication, limited by privilege and proportionality. So, you’d think the focus of e-discovery would be on where information resides and the forms it takes, on how to preserve it, collect it and produce it.  That was what we talked about a decade ago, but, no more.

Now, when I look at the composition of e-discovery education, I’m flummoxed by how the tide has turned to anti-discovery topics.  Instructing lawyers how to surface information has been steadily supplanted by how to keep information at bay and defend failures to disclose. There is no balance between supporting the right to obtain information and the right to withhold it.

Proportionality is about limiting the scope of discovery.  Privacy and GDPR seek to limit access to information.  Cost control is code for circumscribed discovery.  Even cybersecurity tends to be positioned to confound discovery.  I see discussions of “streamlining” privilege logs that advocate giving as little information as possible about items withheld on claims of privilege.  Considering the regularity with which privilege claims are abused, shouldn’t we require greater specificity be brought to logging so that privilege stops being the black hole in which we hide everything we don’t want to hand over?  Privilege is anathema to evidence and must be narrowly construed.  No one talks about that.

Don’t get me wrong.  These are important topics.  Discovery needs to be just, speedy and inexpensive.  But why do we keep forgetting that there’s a comma in there?  Will we ever balance our self-interest in advancing our client’s wishes against our common interest in a justice system that serves everyone? Continue reading →

Share this:

  • Email
  • Print
  • Twitter
  • Facebook
  • LinkedIn

Like this:

Like Loading...

Electronic Storage in a Nutshell

06 Monday May 2019

Posted by craigball in Computer Forensics, E-Discovery, General Technology Posts, Personal

≈ 4 Comments

I’ve just completed the E-Discovery Workbook for the 2019 Georgetown E-Discovery Training Academy. The Workbook readings and exercises plot the path that evidence follows from the documents lawyers use in court back to the featureless stream of binary electrical impulses common to all information stored electronically. At nearly 500 pages, the technology of e-discovery is its centerpiece, and I’ve lately added a 21-point synopsis of the storage concepts, technical takeaways and vocabulary covered. Here is that in-a-nutshell synopsis:

  1. Common law imposes a duty to preserve potentially-relevant information in anticipation of litigation
  2. Most information is electronically-stored information (ESI)
  3. Understanding ESI entails knowledge of information storage media, encodings and formats
  4. There are many types of e-storage media of differing capacities, form factors and formats:

    a) analog (phonograph record) or digital (hard drive, thumb drive, optical media)

    b) mechanical (electromagnetic hard drive, tape, etc.) or solid-state (thumb drive, SIM card, etc.)

  5. Computers don’t store “text,” “documents,” “pictures,” “sounds.” They only store bits (ones or zeroes)
  6. Digital information is encoded as numbers by applying various encoding schemes:

    a) ASCII or Unicode for alphanumeric characters;

    b) JPG for photos, DOCX for Word files, MP3 for sound files, etc.

  7. We express these numbers in a base or radix (base 2 binary, 10 decimal, 16 hexadecimal, 60 sexagesimal). E-mail messages encode attachments in base 64.
  8. The bigger the base, the smaller the space required to notate and convey the information
  9. Digitally encoded information is stored (written):

    a) physically as bytes (8-bit blocks) in sectors and partitions

    b) logically as clusters, files, folders and volumes

  10. Files use binary header signatures to identify file formats (type and structure) of data
  11. Operating systems use file systems to group information as files and manage filenames and metadata
  12. File systems employ filename extensions (e.g., .txt, .jpg, .exe) to flag formats
  13. All ESI includes a component of metadata (data about data) even if no more than needed to locate it
  14. A file’s metadata may be greater in volume or utility than the contents of the file it describes
  15. File tables hold system metadata about the file (e.g., name, locations on disk, MAC dates): it’s CONTEXT
  16. Files hold application metadata (e.g., EXIF geolocation data in photos, comments in docs): it’s CONTENT
  17. File systems allocate clusters for file storage; deleting files releases cluster allocations for reuse
  18. If unallocated clusters aren’t reused, deleted files may be recovered (“carved”) via computer forensics
  19. Forensic (“bitstream”) imaging is a method to preserve both allocated and unallocated clusters
  20. Because data are numbers, data can be digitally “fingerprinted” using one-way hash algorithms (MD5, SHA1)
  21. Hashing facilitates identification, deduplication and de-NISTing of ESI in e-discovery

All of these topics and more are covered in depth at the Academy, punctuated by substantive and substantial hands-on exercises. We ask more of the students than most seasoned e-discovery professionals can deliver. It’s hours of effort before you arrive and a full week of day and night endeavor once you’re here. Over a thousand pages of written material covered in toto.  Really, no picnic.  A true boot camp.  It exhausts and overwhelms those anticipating conventional professional education; but those who do the work emerge transformed.  They leave competent, confident and equipped with new eyes for ESI. Think you can hack it? We can help. Hope to see you there June 2-7.

P.S. No member of the Academy faculty is compensated.  We are all volunteers, there because we believe the more you know about e-discovery, the more you can contribute to the just, speedy and inexpensive administration of justice.

Share this:

  • Email
  • Print
  • Twitter
  • Facebook
  • LinkedIn

Like this:

Like Loading...

Mueller? Mueller? More E-Discovery Lessons from Bill and Bob

23 Tuesday Apr 2019

Posted by craigball in Computer Forensics, E-Discovery, General Technology Posts

≈ 4 Comments

 

I read a couple of good articles on the e-discovery implications of the Mueller report and tweeted,

“The Mueller report underscores why image+ productions are ridiculous. Compare the OCR to the true text. It’s a mess, so search is off. Image files many times larger than the native, ergo much more costly to load, store, host, transmit. BTW: YES, you CAN redact a Word file. It’s XML!”

This bears fleshing out, and I want to do it by sharing a simple trick enabling you to peer inside the raw guts of a Microsoft Word file and understand why native redaction isn’t the pipe dream some try to make it.  But first, let’s unpack the jargon.

“Image+” or “TIFF+” productions refer to the common practice of fixing the content of a document by printing the file to a static image format like TIFF or PDF.  I use “fixing” in the sense of making something permanent, but it’s also accurate to use it the way we speak of “fixing” a cat; that is, cutting its balls off.

The “plus” in TIFF+ refers to the need to supply the native file’s searchable text and application metadata in ancillary load files to accompany the page images.  That is, rather than supply the evidence, producing parties degrade it to a deconstructed “kit” version of the evidence that requesting parties must load into review platforms to restore a crude level of searchability. This enables producing parties to suppress content (like embedded comments, speaker notes and changes in text documents) and much of the application metadata of the original.  It also neuters the evidence.  It’s no longer functional in the programs that created it, like Word, PowerPoint or Excel.

I’ve written extensively about this elsewhere (e.g., Lawyers’ Guide to Forms of Production ), and I try to present the pros and cons of TIFF+, notwithstanding my belief that the cons decidedly outweigh the pros.  It largely comes down to Bates numbers and disagreement about how and when those fetishistic Bates identifiers should be added to evidence and at what absurd cost.

TIFF+ enables producing parties to sidestep their obligation to review unprinted information for responsiveness and privilege.  Instead, they silently make that content disappear like a “fixed” cat’s testicles.  To be fair, most lawyers know so little about ESI processing that they are blissfully unaware it’s happening, so they deny it with genuine equanimity.  When you force them to acknowledge the spoliation, they fall back on claiming that, whatever they excised and didn’t review wouldn’t have been worth the trouble of reviewing or producing.  Genius, right?

Apart from what’s missing from the dumbed-down data, the big objection I offer to TIFF over native productions is the huge size difference between them.  TIFF productions are much, much fatter.  Though information and utility has been stripped from the images, the degraded set is nonetheless many times larger (measured in bytes) than the native originals.

Because most e-discovery service providers price their wares by the gigabyte volume going into, onto and out of their systems, bigger files mean bigger bills.  Much bigger files mean…well, you get it.

Perhaps you’re thinking, “Craig, you sad, sad Cassandra; how much bigger can these image sets be than their native counterparts?”  Would ten times bigger surprise you? Well, then surprise!  But, they’re usually more than ten times larger.  It’s not a one-off rip-off either.  Most hosted platforms charge you for the fatter file volume every month.  Over, and over, and over again.

Sucker. Continue reading →

Share this:

  • Email
  • Print
  • Twitter
  • Facebook
  • LinkedIn

Like this:

Like Loading...
← Older posts
Newer posts →
Follow Ball in your Court on WordPress.com

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 4,691 other followers

Recent Posts

  • Clarify Requests for Native ESI August 8, 2022
  • More Questions re: Alex Jones Defamation Case August 5, 2022
  • Ripped from the Headlines: Alex Jones and Inadvertent Waiver August 4, 2022
  • Understanding Air Conditioning…For When You Really Need to Keep Your Cool July 23, 2022
  • Fast v. Godaddy.com: Exemplary Jurisprudence and Overlooked Opportunity? February 19, 2022

Archives

RSS Feed RSS - Posts

CRAIGBALL.COM

Helping lawyers master technology

Categories

EDD Blogroll

  • The Relativity Blog
  • E-Discovery Daily (Doug Austin)
  • E-Discovery Law Alert (Gibbons)
  • Corporate E-Discovery Blog (Zapproved )
  • GLTC (Tom O'Connor)
  • E-Discovery Law (K&L Gates)
  • E-D Team (Ralph Losey)
  • Basics of E-Discovery (Exterro)
  • Litigation Support Guru (Amy Bowser-Rollins)
  • BowTie Law (Josh Gilliland)
  • eDIP (Chris Dale)
  • Illuminating eDiscovery (Lighthouse)
  • Complex Discovery (Rob Robinson)
  • Sedona Conference
  • EDA Blog (Kelly Twigger)
  • ED&E (Michael Arkfeld)
  • Ride the Lightning (Sharon Nelson)

Admin

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.com

Enter your email address to follow Ball in Your Court and receive notifications of new posts by email.

Website Powered by WordPress.com.

  • Follow Following
    • Ball in your Court
    • Join 4,691 other followers
    • Already have a WordPress.com account? Log in now.
    • Ball in your Court
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...
 

    %d bloggers like this: