27th October 2014
Ukraine, Saudi Arabia, Russia… CYFOR’s multi-jurisdictional eDisclosure work.
What happens when companies operating in international markets get into disputes and need to undertake the eDisclosure process across different countries and jurisdictions?
A very particular combination of skills and experience is needed in an eDisclosure provider. CYFOR is one such company, regularly instructed by lawyers involved in large-scale litigation matters to conduct their eDisclosure, much of which is cross-border and multi-jurisdictional in nature.
CYFOR Digital Forensics: acting globally and thinking locally
CYFOR’s work is organised around our clients’ businesses, making us truly international. We excel at managing complex projects across multiple regions with a seamless one-firm approach.
Business does not always run smoothly so when disputes between companies arise they can be confident in our ability to act globally, dispatching teams of specialists to anywhere in the world – sometimes these are sensitive conflict locations – within a matter of hours.
The following is just a sample of our recent international projects.
In July 2014 CYFOR was instructed by the company of a Ukrainian industrialist and political figure involved in multi-million pound litigation being fought in the English courts.
Given the client’s extreme concerns regarding data confidentiality CYFOR dispatched 2 senior investigators to Kiev within 24 hours, for an investigation which required an onsite data collection in excess of 30 days.
The complex litigation involved 2.5 TB of data stored on multiple data sources from a number of countries. The disclosure exercise involved 450 multi-lingual keywords resulting in 1.7 million keyword responsive items in 3 different languages.
CYFOR were approached recently to provide forensic services for a multi-million pound shareholder litigation primarily in the UK, but with a large majority of the electronic data stored on servers in the Middle East. The material was of a highly sensitive nature, and the CYFOR team had to locate and identify the data, and undertake the relevant keyword searches whilst onsite in the Middle East. To achieve this, a portable version of a product called Nuix was used, which allowed us to complete the whole investigation onsite, to the satisfaction of the client.
The CYFOR team have returned a number of times to the Middle East on this case, often acting on only one or two days’ notice, and staying onsite for as long as the investigation required.
CYFOR were instructed to examine a laptop computer as a result of network monitoring alarm activations designed to identify illegal content entering a computer via the Internet, a removable storage device or optical disc; the alarm activations were at an office in Moscow and therefore the investigation would have to happen onsite.
In Russia, the possession of child pornography with the intent to distribute it is prohibited by the Russian Penal Code; however, simple possession of child pornography is not prohibited; therefore, the investigation focussed on where these images had come from and if they had been distributed.
The alarms identified five images but the investigation established that they had come from an archive file containing an additional 600 plus illegal images which had been downloaded onto the laptop and extracted from the archive which had activated the alarm. These images were then moved from the laptop to a mobile device, which again activated the alarm, and this action was sufficient to establish distribution.
Cross borders, across sectors
We have developed a deep understanding of conducting investigations in various sectors, including aviation & aerospace, communications, manufacturing, energy and utilities, life sciences, financial services and information technology whether operating in regulated and unregulated markets.
We offer expertise with experience of operating in international contexts which are sometimes politically and militarily sensitive.