DOMAIN 3 - DATA CUSTODY, PRESERVATION & COLLECTION Flashcards

1
Q

The obligations of the cloud service provider as cloud ________ with regard to the production of information in response to legal process is an issue left to each jurisdiction to resolve.

A

data handler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In these circumstances, the application and environment will likely be outside the control of the client and require that a ________ or other discovery process be served on the provider directly.

A

subpoena

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

As such, clients need to account for the potential additional time and expense this limited access will cause. To the extent the customer is able to _________ or supplement the cloud service agreement, this issue could be addressed ahead of time.

A

negotiate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Depending on the cloud service and deployment model that a client is using, _________ in the cloud
can be similar to ________ in other IT infrastructures, or it can be significantly more complex.

A

preservation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

In the United States, a party is generally obligated to undertake reasonable steps to prevent the destruction or modification of data in its possession, custody or control that it knows, or reasonably should know, is relevant either to pending or reasonably anticipated litigation or a government investigation. (This is often referred to as a _________ on document destruction.)

A

“litigation hold”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

In the European Union, information preservation is governed under Directive ______ of the European Parliament and of the Council of 15 March 2006

A

2006/24/EC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A requesting party is entitled only to data hosted in the cloud that contains, or is reasonably calculated to lead to, relevant, probative information for the legal issue at hand. The party is not entitled to all the data in the cloud or in the application.

A

Scope of Preservation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The burden of preserving data in the cloud may be relatively modest if the client has space to hold it in place, if the data is relatively static, and if the people with access are limited and know to preserve the data. However, in a cloud environment that programmatically modifies or purges data, or one where the data is shared with people unaware of the need to preserve, preservation can be more difficult.

A

Dynamic and Shared Storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Because of the potential lack of __________ a client has over its data in the cloud, collection from the cloud can be more difficult, more time-consuming and more expensive than from behind a client’s firewall.

A

administrative control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Access and Bandwidth: In most cases, a client’s access to its data in the cloud will be determined by its ________.

A

SLA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Note that FRCP _______ excuses a litigant who is able to show that the information requested is not reasonably accessible

A

26(b)(2)(B)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Forensics: Bit-by-bit imaging of a cloud data source is generally difficult or impossible. For obvious security reasons, providers are reluctant to allow access to their hardware, particularly in a ________ environment where a client could gain access to other clients’ data.

A

multitenant

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A client subject to a discovery request should undertake reasonable steps to validate that its collection from its cloud provider is complete and accurate, especially where ordinary business procedures for the request are unavailable and litigation-specific measures are being used to obtain the information.

A

Reasonable Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Due to differences in how data is stored, and the access rights and privileges available to the owner of the data, there are cases where a cloud customer may not be able to access all their data stored in a cloud

A

Limits to Accessibility

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Some __________ may not be able to provide direct access, because the hardware and facilities are outside its possession, custody or control, and a requesting party would need to negotiate directly with the provider for such access.

A

cloud providers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Data in its cloud-native format may be useless to the requesting party. In these circumstances, it may be best for all concerned—requesting party, producing party and provider—that the relevant information be exported using standard _______ within the cloud environment, with due care given to preserving relevant information

A

protocols

17
Q

Storing data in the cloud does ________ affect the authentication of data to determine if it should be
admitted into evidence

A

not

18
Q

It is in the best interests of both providers and clients to consider the complications caused by discovery at the beginning of their relationship and to account for it in their _______

A

SLA