Successful Predictive Coding Adoption is Dependent on Effective Information Governance


Predictive coding has been receiving a great deal of press lately (for good reason), especially with the ongoing case; Da Silva Moore v. Publicis Groupe, No. 11 Civ. 1279 (ALC) (AJP), 2012 U.S. Dist. LEXIS 23350 (S.D.N.Y. Feb. 24, 2012). On May 21, the plaintiffs filed Rule 72(a) objections to Magistrate Judge Peck’s May 7, 2012 discovery rulings related to the relevance of certain documents that comprise the seed set of the parties’ ESI protocol. 

This Rule 72(a) objection highlights an important point in the adoption of predictive coding technologies; the technology is only as good as the people AND processes supporting it.

To review, predictive coding is a process where a computer (with the requisite software), does the vast majority of the work of deciding whether data is relevant, responsive or privileged to a given case.

Beyond simply searching for keyword matching (byte for byte), predictive coding adopts a computer self-learning approach. To accomplish this, attorneys and other legal professionals provide example responsive documents/data in a statistically sufficient quantity which in turn “trains”the computer as to what relevant documents/content should be flagged and set aside for discovery. This is done in an iterative process where legally trained professionals fine-tune the seed set over a period of time to a point where the seed set represents a statistically relevant sample which includes examples of all possible relevant content as well as formats. This capability can also be used to find and secure privileged documents. Instead of legally trained people reading every document to determine if a document is relevant to a case, the computer can perform a first pass of this task in a fraction of the time with much more repeatable results. This technology is exciting in that it can dramatically reduce the cost of the discovery/review process by as much as 80% according to the RAND Institute of Civil Justice.

By now you may be asking yourself what this has to do with Information Governance?…

For predictive coding to become fully adopted across the legal spectrum, all sides have to agree 1. the technology works as advertised, and 2. the legal professionals are providing the system with the proper seed sets for it to learn from. To accomplish the second point above, the seed set must include content from all possible sources of information. If the seed set trainers don’t have access to all potentially responsive content to draw from, then the seed set is in question.

Knowing where all the information resides and having the ability to retrieve it quickly is imperative to an effective discovery process. Records/Information Management professionals should view this new technology as an opportunity to become an even more essential partner to the legal department and entire organization by not just focusing on “records” but on information across the entire enterprise. With full fledged information management programs in place, the legal department will be able to fully embrace this technology to drastically reduce their cost of discovery.

Automatic Deletion…A Good Idea?


In my last blog, I discussed the concept of Defensible Disposal; getting rid of data which has no value to lower the cost and risk of eDiscovery as well as overall storage costs (IBM has been a leader in Defensive Disposal for several years). Custodians keep data because they might need to reuse some of the content later or they might have to produce it later for CYA reasons. I have been guilty of over the years and because of that I have a huge amount of old data on external disks that I will probably never, ever look at again. For example, I have over 500 GB of saved data, spreadsheets, presentations, PDFs, .wav files, MP3s, Word docs, URLs etc. that I have saved for whatever reason over the years. Have I ever really, reused any of the data…maybe a couple of times, but in reality they just site there. This brings up the subject of the Data Lifecycle. Fred Moore, Founder of Horison Information Strategies wrote about this concept years ago, referring to the Lifecycle of Data and the probability that the saved data will ever be re-used or even looked at again. Fred created a graphic showing this lifecycle of data.

Figure 1: The Lifecycle of data – Horison Information Systems

The above chart shows that as data ages, the probability of reuse goes down…very quickly as the amount of saved data rises. Once data has aged 90 days, its probability of reuse approaches 1% and after 1 year is well under 1%.

You’re probably asking yourself, so what!…storage is cheap, what’s the big deal? I have 500 GB of storage available to me on my new company supplied laptop. I have share drives available to me. And I have 1 TB of storage in my home office. I can buy 1TB of external disk for approximately $100, so why not keep everything forever?

For organizations, it’s a question of storage but more importantly, it’s a question of legal risk and the cost of eDiscovery. Any existing data could be a subject of litigation and therefore reviewable. You may recall in my last blog, I mentioned a recent report from the RAND Institute for Civil Justice which discussed the costs of eDiscovery including the estimate that the cost of reviewing records/files is approximately 73% of every eDiscovery dollar spent. By saving everything because you might someday need to reuse or reference it drive the cost of eDiscovery way up.

The key question to ask is; how do you get employees to delete stuff instead of keeping everything? In most organizations the culture has always been one of “save whatever you want until your hard disk and share drive is full”. This culture is extremely difficult to change…quickly. One way is to force new behavior with technology. I know of a couple of companies which only allow files to be saved to a specific folder on the users desktop. For higher level laptop users, as the user syncs to the organization’s infrastructure, all files saved to the specific folder are copied to a users sharedrive where an information management application applies retention policies to the data on the sharedrive as well as the laptop’s data folder.

In my opinion this extreme process would not work in most organizations due to culture expectations. So again we’re left with the question of how do you get employees to delete stuff?

Organizational cultures about data handling and retention have to be changed over time. This includes specific guidance during new employee orientation, employee training, and slow technology changes. An example could be reducing the amount of storage available to an employee on the share or home drive.

Another example could be some process changes to an employee’s workstation of laptop. Force the default storage target to be the “My Documents” folder. Phase 1 could be you have to save all files to the “My Documents” folder but can then be moved anywhere after that.

Phase 2 could include a 90 day time limit on the “My Documents” folder so that anything older than 90 days is automatically deleted (with litigation hold safeguards in place). This would cause files not deemed to be important enough to moved to be of little value and “disposable”. The 3rd Phase could include the inability to move files out of the “My Documents” folder (but with the ability for users to create subfolders with no time limit) thereby ensuring a single place of discoverable data.

Again, this strategy needs to be a slow progression to minimalize the perceived changes to the user population.

The point is it’s a end user problem, not necessarily an IT problem. End users have to be trained, gently pushed, and eventually forced to get rid of useless data…

eDiscovery Cost Reduction Strategies


In these still questionable economic times, most legal departments are still looking for ways to reduce, or at least stop the growth, of their legal budgets. One of the most obvious targets for cost reduction in any legal department is the cost of responding to eDiscovery including the cost of finding all potentially responsive ESI, culling it down and then having in-house or external attorneys review it for relevance and privilege. Per a CGOC survey, the average GC spends approximately $3 million per discovery to gather and prepare information for opposing counsel in litigation.

Most organizations are looking for ways to reduce these growing costs of eDiscovery. The top four cost reduction strategies legal departments are considering are:

  • Bring more evidence analysis and do more ESI processing internally
  • Keep more of the review of ESI in house rather that utilize outside law firms
  • Look at off-shore review
  • Pressure external law firms for lower rates

I don’t believe these strategies address the real problem, the huge and growing amount of ESI.

Several eDiscovery experts have told me that the average eDiscovery matter can include between 2 and 3 GB of potentially responsive ESI per employee. Now, to put that in context, 1 GB of data can contain between 10,000 and 75,000 pages of content. Multiply that by 3 and you are potentially looking at between 30,000 and 225,000 pages of content that should be reviewed for relevancy and privilege per employee. Now consider that litigation and eDiscovery usually includes more than one employee…ranging from two to hundreds.

It seems to me the most straight forward and common sense way to reduce eDiscovery costs is to better manage the information that could be pulled into an eDiscovery matter, proactively.

To illustrate this proactive information management strategy for eDiscovery, we can look at the overused but still appropriate DuPont case study from several years ago.

DuPont re-looked at nine cases. They determined that they had reviewed a total of 75,450,000 pages of content in those nine cases. A total of 11,040,000 turned out to be responsive to the cases. DuPont also looked at the status of these 75 million pages of content to determine their status in their records management process. They found that approximately 50% of those 75 million pages of content were beyond their documented retention period and should have been destroyed and never reviewed for any of the 9 cases. They also calculated they spent $11, 961,000 reviewing this content. In other words, they spent $11.9 million reviewing documents that should not have existed if their records retention schedule and policy had been followed.

An information management program, besides capturing and making ESI available for use, includes the defensible deletion of ESI that has reached the end of its retention period and therefore is valueless to the organization.

Corporate counsel should be the biggest proponents of information governance in their organizations simply due to the fact that it affects their budgets directly.

Information Governance and Predictive Coding


Predictive coding, also known as computer assisted coding and technology assisted review, all refer to the act of using computers and software applications which use machine learning algorithms to enable a computer to learn from records presented it (usually from human attorneys) as to what types of content are potentially relevant to a given legal matter. After a sufficient number of examples are provided by the attorneys, the technology is given access to the entire potential corpus (records/data) to sort through and find records that, based on its “learning”, are potentially relevant to the case.

This automation can dramatically reduce costs due to the fact that computers, instead of attorneys conduct the first pass culling of potentially millions of records.

Predictive coding has several very predictable dependencies that need to be addressed to be accepted as a useful and dependable tool in the eDiscovery process. First, which documents/records are used and who chooses them to “train the system”? This training selection will almost always be conducted by attorneys involved with the case.

The second dependency revolves around the number of documents used for the training. How many training documents are needed to provide the needed sample size to enable a dependable process?

And most importantly, do the parties have access to all potentially relevant documents in the case to draw the training documents from? Remember, potentially relevant documents can be stored anywhere. For predictive coding, or any other eDiscovery process to be legally defensible, all existing case related documents need to be available. This requirement highlights the need for effective information management by all in a given organization.

As the courts adopt, or at least experiments with predictive coding, as Judge Peck did in Monique Da Silva Moore, et al., v. Publicis Groupe & MSL Group, Civ. No. 11-1279 (ALC)(AJP) (S.D.N.Y. February 24, 2012, an effective information management program will become key to he courts adopting this new technology.

Assembling an effective Exchange data retention policy


From an article by Kevin Beaver, CISSP at Searchexchange.techtarget.com

Data retention is one of those unsexy areas of IT management that we know needs to be addressed but would rather ignore. Besides, that’s what your legal team is for, right?

Well, not really. And unfortunately, data retention is not something you can avoid. There are real ramifications if your business doesn’t properly retain and protect email messages, especially once there’s notice of a lawsuit. In addition, you can also create unnecessary business risks by holding onto Exchange email too long.

Data retention policy dos and don’ts
Exchange data retention is a science, not an art. You must have a clear and concise idea of what your business is willing to take on. Otherwise, you run the risk of increased liability, spoiled evidence and numerous other negative side effects when lawyers get involved.

Some companies think it’s as simple as saying, “We’re saving all email indefinitely” or “We should try to save what’s needed, and then delete everything else after a year or so.” It’s not.

Another common gaffe is when in-house legal counsel downloads a template off the Web and pulls a random retention time out of the air. Some people mistakenly think that this is enough for an effective data retention policy.

The entire article can be read here

Golf and Early Case Assessments – A Drama


Effective early case assessment is dependent on a complete data set.

On the average 97% of data generated within businesses is electronic. The average employee generates and receives up to 20 MB of email and potentially hundreds of MBs of office work files per day. Litigation is a huge problem these days for businesses. A huge amount of the cost of litigation is the cost of finding and reviewing electronically stored information (ESI) for both early case assessment as well as eDiscovery request response. ESI can hide anywhere in the corporate infrastructure; custodian workstations, network share drives, USB thumb drives, CD/DVDs, iPods etc. A centrally managed and fully indexed archive can speed the collection and review of potentially responsive records for early case assessment as well as more fully control and insure the placement of litigation holds.

No matter the case, the first question when you’re faced with litigation is whether the case has merit. If you haven’t prepared a case assessment strategy ahead of time, it will be difficult to quickly and effectively determine your strategy going forward; should you settle or fight…

An early case assessment capability provides you with four obvious benefits:

  • Provides an early indication of the merits of the case – do you have any actual liability.
  • Can suggest the proper strategy going forward.
  • Can provide you an estimate of the cost of defending the case and the time required.
  • Will help you plan for the discovery process and prepare for the “meet and confer” meeting.

Let’s look at some scenarios.

Scenario #1

You’re the General Counsel of a publicly traded software company in the state of California.

It’s a Friday near the end of summer and you’re sitting in your office thinking about your Hawaiian golf vacation which begins tomorrow.

You’re checking the last of your mail before you leave for 3 weeks.

You open a letter from an outside law firm addressed to you…

(Your secretary hears a string of profanities emanating from your office)

You immediately think to yourself; once this news gets out, your company’s stock will be hammered, your board of directors will want an update yesterday, your channel partners will want to be advised on their potential liability, sales that are in process will stop, your CEO will want to know if the case has merit…and your wife will want to know why you just cancelled the Hawaiian vacation she was looking forward to (she was staying home).

What to do first?

You call the plaintiff’s law firm of Tolson & Yonamine to determine what this case is based on…what’s driving it. The Partner managing the case can’t be reached but 2 hours later you receive a fax (a fax, really?) of a printed email that looks like it came from within your company…

What the…? Who, in their right mind would seriously consider something like this much less put it in writing?

Ok, first things first. Your next steps are:

  • Find out who “Jennifer” is, who she reports to and what department she work in. Also find out if she is even still with the company
  • Call the VP of IT and let her know what’s going on and verbally tell her to secure any infrastructure data from Jennifer or Bob
  • Follow that up by sending an email to the VP of IT asking her to secure Jennifer and Bob’s email boxes, and any backup tapes for their respective email servers
  • Send an email to Jennifer informing her of the litigation hold, her duties under it and the consequences if the directions are not followed
  • Send an email to Bob informing him of the litigation hold, his duties under it and the consequences if the directions are not followed
  • Instruct  the VP of IT via email to find the original of the email in question on the email servers or backup tapes

To complicate matters, the VP of IT calls back immediately to tell you that the company only keeps backup tapes of the email servers for 30 days and are then recycled. She also informs you that the company has a 90 day email retention policy meaning that employees must clear emails older than 90 days out of their mailbox or the company will do it automatically. Copies of those emails, if they exist, will only be available on the employee’s local workstations. You think to yourself; if that’s the case, how did the outside law firm get them?

You send one of your staff attorneys and an IT person to both Bob and Jennifer’s offices to look for a copy of the email on their local computers etc.

Later, you find that Bob has a 3 GB PST, local personal email archive, on his laptop where the email might exist but for some reason the IT guy can’t open it. IT calls Microsoft support and is told that the PST is too big and is no doubt irrevocably corrupted.

In the mean time, one of your staff attorneys spends 4.5 hours at Jennifer’s office and eventually finds a copy of the email in her local PST… the email really does exist…%$#@!!. She has no idea why she would have written something like that and there are no records of any other emails associated with that particular smoking gun email. Because the email in question is older than the company’s oldest email server backup tapes, your early case assessment is stopped dead for lack of data.

Now what?

After several months of negotiating with ABC Systems and their law firm, you settle for damages of $35 million and an apology published in the business section of the San Jose Mercury News.

In the preceding scenario, the available early case assessment process suggested that the case might have merit and should be settled before more resources were expended. In this case, the early case assessment was negatively impacted by a shortage of data due to retention policies that were put into place mainly for storage management reasons.

Having access to all relevant information early on can mean the difference between fighting a winnable case and settling the case early for hopefully much less then is being asked for. An early case assessment strategy with the right tools can improve the odds of a favorable outcome.

Early Case Assessment with Proactive ESI Archiving

Let’s look at the preceding scenario with one difference… the defendant has an ESI archiving system and a more common sense retention policy which in this case includes a 3 year retention policy for email.

You are the General Counsel of a publicly traded software company in California

It’s a Friday near the end of summer and you are sitting in your office thinking about your Hawaiian golf vacation which begins tomorrow

You open the last of your mail before you leave for 3 weeks

You open a letter from an outside law firm…

This can’t be real. This must be a joke from your $*@$!! Brother-in-law. After calling him and determining it’s not a joke you think to yourself; NOW WHAT?

You call the opposing counsel to determine what this case is based on. The partner managing the case can’t be reached but 2 hours later you receive a fax showing a printed email that looks like it came from within your company…

Next, you must place a litigation hold on all potentially responsive records

  • Find out who “Jennifer” is, who she reports to and what department she work in. Also, is she even still with the company
  • Call the VP of IT and let her know what’s going on
  • Instruct one of your staff attorneys to query the email archive to determine if that specific email exists, and to provide the entire conversation thread around that email so you can review it for intent.

Your staff attorney quickly queries the archive and pulls up a copy of the email message with the entire conversation thread, puts the entire conversation thread on litigation hold and sends you the following email…

“Boss, the email in question was based on the following conversation thread starting with the CEO:”

“Based on the early case assessment using the email archive and the conversation thread capability, I found that the “smoking gun” email was taken out of context and can prove the case has no merit…We should talk to opposing counsel as soon as possible to end this now.”

You think to yourself; whatever person’s idea it was to get that email archiving system in place should be given a load of stock options…

You spend the next morning talking to the opposing counsel…the action is withdrawn a month later…

You continue with your golf vacation having only missed two days and your wife is especially happy you were able to go on your vacation (alone).

An important aspect of an early case assessment is to tell you if the case has merit. It’s difficult to make an informed assessment about a case without all the data…

Accidental Data Deletion Still Considered Spoliation


From an article posted to the Infosecurity-us.com website yesterday:

When litigation-based data management isn’t taken seriously dire consequences will occur.

When it comes to electronic discovery, if you fail to protect potentially relevant data and it’s destroyed, no matter the excuse, you have deprived the other side of their right to all relevant evidence to support their case and subsequently put them at a disadvantage.

What are your responsibilities when it comes to securing data that could be used against you in a current or future civil lawsuit? Judges today have little sympathy for accidental or shoddy data handling practices when it comes to protecting and turning over data in litigation.

Controlling your company’s information at all times is crucial if, or when, you get dragged into civil litigation. What is eDiscovery? Well, it’s not an afterhours team-building exercise. Electronic discovery (also called eDiscovery or Discovery) refers to any process (in any country) in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a civil or criminal legal case. The eDiscovery process can be carried out offline on a particular computer or it can be accomplished on a corporate network.

Since the new amendments to the Federal Rules of Civil Procedure (FRCP) were adopted in December 2006, judges expect that organizations in eDiscovery have complete control of their organization’s data and can fully respond to an eDiscovery request in days or weeks, not months or years.

The entire article can be read here

How easy is eDiscovery in SharePoint 2010?


There has been nagging questions surrounding SharePoint and its ability to allow complete and effective eDiscovery searches of all potentially responsive content in the repository. The below description is from the Microsoft Enterprise Content Management (ECM) Team Blog.

From the Microsoft blog:=================================================================

Hi everyone, I am Quentin Christensen and I work on document and records management functionality for SharePoint. Electronic discovery (commonly referred to as eDiscovery) is an area we are supporting with new set of capabilities in SharePoint Server 2010. In case you are not familiar with eDiscovery, it is the process of finding, preserving, analyzing and producing content in electronic formats as required by litigation or investigations. eDiscovery is an important concern for all of our customers and given that SharePoint has grown to be an integral part of collaboration, document, and records management for many organizations, we recognize the need to support the eDiscovery process for SharePoint content.

Microsoft Office SharePoint Server 2007 included a hold feature that could be used for eDiscovery, but it was scoped to the Records Center site template. With SharePoint Server 2010 the eDiscovery capabilities have been greatly expanded to provide more functionality and the power to use these features across your entire SharePoint deployment.

In this post, I want to highlight three major improvements in SharePoint that support eDiscovery. You can:

  • Manage holds and conduct eDiscovery searches on any site collection
  • Use SharePoint Server Search or FAST Search for SharePoint out of box to search and process content
  • Automatically copy eDiscovery search results to a separate repository for further analysis

Read on to learn how SharePoint Server 2010 can support your eDiscovery initiatives and provide you with the tools you need to manage holds, identify, and collect SharePoint content.

The eDiscovery Process

The Electronic Discovery Reference Model from EDRM (edrm.net) provides an overview of the different parts of the eDiscovery process:

imageSharePoint Sever 2010 addresses the Information Management, Identification, Preservation and Collection stages. While this blog post will focus mostly on the identification, preservation and collection components, SharePoint provides a rich Information Management platform for Collaboration, Social Computing, Document Management and Records Management.  This means that you can take a proactive approach to eDiscovery by putting a governance framework in place and using appropriate disposition policies to expire content. Managing content and deleting it when it is no longer needed will reduce the amount of content that must be indexed and searched, and collected for eDiscovery.  The result is that eDiscovery costs can be dramatically reduced, changing the problem from finding a needle in a hay stack to finding a needle in a hay bale. Ultimately, the key to achieving legal compliance for eDiscovery obligations is built upon a foundation of robust Information Management.

When an eDiscovery event occurs, such as a receipt of complaint, discovery, or notice of potential legal claim, the identification stage begins. Content that may be subject to eDiscovery must be identified and searches are conducted to find that content. That content needs to be preserved and at some point, the content will be collected.

 

The eDiscovery Features

Hold and eDiscovery

Hold and eDiscovery is a site level feature that can be activated on any site.

imageActivating this feature creates a new category in Site Settings that provides links to Holds and Hold Reports lists. There is also a page to discover and hold content that allows you to search for content and add it to a hold. Once the Hold and eDiscovery feature is activated you can create holds and add to hold any content in the site collection. By default only Site Collection administrators have access to the Hold and eDiscovery pages. To give other users permission, add them to the permissions list for the Hold Reports and Holds lists. This will also give access to the Discover and hold content page.

clip_image005You can manually locate content in SharePoint and add it to a hold, or you can search for content and add the search results to a hold. With the Hold and eDiscovery feature you can create holds in the hold list and then manually add content to the relevant hold by clicking on Compliance Details from the drop down menu for individual items.

imageThen click on the link to Add/Remove from hold.

imageAnd you can select the relevant hold to add to or remove from.

imageBy manually adding an item to hold you will block editing and deletion of that item until it is released from hold. You will notice that the document now has a lock icon showing that it cannot be edited or deleted.

imageEach night a report for each hold is generated by a timer job. If you need a hold report faster you can manually run the Hold Processing and Reporting timer job in Central Administration.

Search and Process

You can manually add items to hold on any site collection, which is great. But that doesn’t help you find the content you don’t already know about. What if you have a large amount of items you want to find and add to a hold? For that you can use the features on the Discover and hold content page, which is a settings page in Site Settings. From this page you can specify a search query and then preview the results. The configured search service (SharePoint Search Server or FAST Search for SharePoint) will automatically be used. You can then select the option to keep items on hold in place so they cannot be edited or deleted, or if you have configured a Content Organizer Send to location in Central Administration you can have content copied to another site and placed on hold. You may want to create a separate records center site for a particular hold to store all content related to that hold. The Content Organizer is a new SharePoint Server 2010 feature based on the Microsoft Office SharePoint Server 2007 Document Router with richer functionality to automatically classify content based on Content Type or metadata properties. Look for a future blog post covering the Content Organizer.

Holding content in place is recommended if you want to leave content in the location is was created with all the rich context that SharePoint provides, while blocking deletion and editing of content. Be aware that this will prevent users from modifying items. If you prefer users to continue editing documents, then use the copy to another location approach.

When searching and processing, the search will by default be scoped to the entire Site Collection and run with elevated permissions so all content can be discovered. The search can be scoped to specific sites and you can also preview search results before adding the results to a hold. Items can be placed on multiple holds and compliance details will show all of the holds that are applied to an item.

imageIn summary, SharePoint Server 2010 contains key features that make it an essential aspect of your eDiscovery strategy. With the new SharePoint Server 2010 capabilities you can easily apply proper retention policies for all content and make it easier to discover content if an eDiscovery event occurs. eDiscovery often prescribes tight deadlines for production. SharePoint 2010 helps you find the right content and deliver it faster.

Quentin Christensen
Program Manager – Document and Records Management
Microsoft

Steps to avoid email archiving woes


On April 26, ProofPoint, a cloud email archiving provider (among other solutions), published a short but interesting article; “Steps to avoid email archiving woes” talking about incomplete email archives.

I must say I agree with the article in general and especially with the point that the archive needs to be easy to search for in eDiscovery. With that thought I also wanted to add that for really effective eDiscovery of your email data, a complete archive is essential. What you want to avoid is being forced to go to backup tapes because some potentially responsive email might reside only on your backup tapes; a costly situation.

If you’re going to archive your email with eDiscovery in mind, be sure you choose a vendor that can captures everything that could be asked for in eDiscovery.

2011 Seems to be the Year of On-Line Privacy Laws…Finally


One day after an internet privacy bill was introduced in the senate, one was introduced in the house. The senate bill called the Commercial Privacy Bill of Rights introduced by Sens. John F. Kerry and John McCain includes measures to address consumer concerns that their sensitive data could be misused. The senate bill does not however include the “Do Not track” provision asked for by many. The unrestrained collection and sale of our data and on-line habits to retailers and others have raised wide concern.

The house bill, referred to as “the Consumer Privacy Protection Act of 2011” was introduced by U.S. Rep. Cliff Stearns. The Stearns bill would require web sites to clearly state what personally identifiable information is being collected and how it is used. If a consumer opts out from having his information collected, the opt-out will last for five years unless the consumer changes his mind before then.

“The Consumer Privacy Protection Act of 2011” bill joins another House bill introduced in February by Congresswoman Jackie Speier, Democrat from California, that also targets privacy issues. Speier’s “Do Not Track Me Online Act of 2011” directs the FTC to develop a “do not track” mechanism that allows consumers to opt out of having their data collected, used or sold. The California State Legislature also is considering a bill at the state level that would give consumers more control over how their online behavior is tracked and shared with marketers and retailers.

What do these potential laws mean to consumers? Well, if one or more of them are finally passed into law, your electronic footprints, habits and on-line purchasing information will not be sold to organizations that you don’t know and don’t approve of. These types of laws need to be passed into law so the average consumer is not afraid to utilize all aspects and capabilities of our electronic frontier.