Insight into where e-discovery, information governance cybersecurity, and digital transformation are heading – who is doing what now or in the future, what works and what doesn’t, and what people wish they could do but can’t – gleaned from recent publications
E-DISCOVERY
Unlock all iOS and high-end Android devices (if you are law enforcement) – Cellebrite announced that it now offers an exclusive solution for law enforcement to unlock and extract data from all iOS and high-end Android devices. Details are at the Cellebrite UFED Premium website.
New Sedona commentary – The Sedona Conference announced the publication of the Commentary on Legal Holds, Second Edition: The Trigger & The Process.
CYBERSECURITY & DATA PRIVACY
CCPA updates –
- Poor Richard’s Four Easy Steps To Compliance With the California Consumer Privacy Act (CCPA)
Jon Neiditz (Kilpatrick Townsend) (June 15) - The California Consumer Privacy Act: What Financial Services Providers Need to Know
Helen Goff Foster and Austin Smith (Davis Wright Tremaine) (June 20)
Nevada updates –
- Following California’s Lead, Nevada Privacy Law Gives Consumers Right to Opt Out
(Cooley) (June 18) - Summary of Amendment to Nevada Privacy Law
Melissa J. Krasnow (VLP Law Group) (June 20) - Nevada’s Amended Privacy Law: Groundbreaking or More of the Same?
Rebecca Mackin and Liisa Thomas (Sheppard Mullin) (June 20)
Maine internet privacy law –
- Peter Guffin of Pierce Atwood wrote that Maine recently enacted an internet privacy law, An Act To Protect the Privacy of Online Customer Information, that requires broadband internet services providers to obtain customers’ express, affirmative consent before using their personal information.
- Colleen Theresa Brown, Clayton Northouse, and Gabrielle Whitehall of Sidley also noted that the Maine statute requires opt-in, defines “customer personal information” broadly, and gives customers the right to revoke consent at any time.
New York next? – Joseph Lazzarotti, Jason Gavejian, and Maya Atrakchi of Jackson Lewis drew our attention to the New York Privacy Act, S5642, introduced last month, that they say is considered to be a more expansive version of the CCPA. It would be akin to the CCPA in providing consumers with greater control over their personal data and imposing duties on business that control and process data. It would cover a wider range of business than the CCPA, give consumers additional rights such as the right to rectification, impose greater obligations on the covered business, and add a private right of action.
Data localization in Russia – In a client alert, King & Spalding noted that a bill has entered the Russian State Duma that would allow for administrative fines of between $30K and $280K for failing to properly comply with requirements for localization of processing of Russian citizen’s personal data.
Unpatched vulnerabilities a leading cause of data breaches – More than 27% of data breaches are the results of vulnerabilities that should have been patched, according to a recent survey by security company Tripwire and Dimensional Research that was reported by Ray Lapena of Tripwire and commented on by Steve Ranger of ZDNet and Sharon Nelson of Senseient.
LEGAL TECHNOLOGY & DIGITAL TRANSFORMATION
Investing in legal tech – Ari Kaplan of Ari Kaplan Advisors interviewed Alex Nwaka, a principal with Touchdown Ventures, about venture capital investments that law firms and corporate legal departments are making in legal tech, why they are going that route, and the implications of that approach.
E-DISCOVERY CASE LAW
Recent e-discovery decisions
4/18/2019 – U.S. District Court Judge George Smith denied plaintiff’s motion seeking a mandatory adverse inference for not preserving text messages. The responding defendant acknowledged that it had a duty to preserve text messages and had failed to take reasonable steps to do so. Plaintiff established that the text messages could not be restored or replaced through additional discovery. The Court found that plaintiff had not established the requisite intent and therefore refused to impose the sought-after sanction. The Court did order a lesser sanction, curative measures under FRPC 37(e)(1). At trial plaintiff may introduce evidence of the litigation hold letter and the responding defendant’s failure to preserve text messages and may argue for whatever inference it hopes the jury will draw. In turn the responding defendant may present its own admissible evidence and argue to the jury that it should not draw any inference from the responding defendant’s conduct. The Court also ruled that the non-responding defendant may move for a jury instruction the he be held harmless from the responding defendant’s failure to preserve text messages. DriveTime Car Sales Company, LLC v. Pettigrew (S.D. Ohio April 18, 2019).
5/7/2019 – U.S. Magistrate Judge Henry Pitman ordered that a receiving party may use the contents of an inadvertently produced putatively privileged documents to challenge the producing party’s assertion of privilege. Earlier in the case, the Court had approved a stipulated FRE 502(d) protective order. The order contained conflicting two conflicting sentences concerning the use of inadvertently produced documents. To reach this result, the Court drew instruction from two earlier decisions (American Express v. Accu-Weather, Inc., 91 Civ. 6485 (RWS), 92 Civ. 705 (RWS), 1996 WL 346388 (S.D.N.Y. June 25, 1996) and Stinson v. City of New York, 10 Civ. 4228, 2014 WL 5090031 (S.D.N.Y. Oct. 10, 2014)) and the 2006 Advisory Committee Notes to FRCP 26(b)(5)(B). The Court noted that “Because no law or rule of professional responsibility prohibits a party from using inadvertently produced material to challenge the assertion of a privilege or other protection, it appears that the Federal Rules of Civil Procedure permit a party that receives an inadvertently produced privileged document to use the content of that document to challenge the assertion of privilege.” In re Keurig Green Mt. Single Serve Coffee Antitrust Litig., No. 14 MD 2542 (VSB)(HBP) (S.D. N.Y. May 7, 2019).
6/7/2019 – U.S. District Court Judge Michael Simon denied plaintiff’s motion for case-dispositive sanctions but granted a motion for lesser sanctions. An individual defendant admitted that four days after accepting service of a document subpoena he destroyed responsive evidence located on his personal computer and in his personal cloud storage account. About a month later, the individual defendant discovered and deleted a file containing responsive email messages in his cloud account, a file he had not realized was there. About four months after that, the day before a TRO hearing, the individual defendant found and destroyed a responsive file in another cloud account. Finding that all the requirements of FRCP 37(e)(2) had been met, the Court ruled that it intends to provide the jury with a permissive inference spoliation instruction that the individual defendant intended to deprive plaintiff of the use of responsive information in the litigation. Univ. Accounting Serv., LLC v. Schulton, No. 3:18-cv-1486-SI (D. Or. June 7, 2019).
ANNOUNCEMENTS
ADDITIONAL ARTICLES
UPCOMING EVENTS
Conferences, webinars, and the like can provide insight into where e-discovery, information governance cybersecurity, and digital transformation are heading
6/27/2018-7/26/2019 EVENTS
SEE PAST WEEKLY TREND REPORTS
Named an “E-Discovery Trailblazer” by The American Lawyer, George has assisted corporate, law firm, and government clients with all facets of electronic discovery, including information governance, domestically and globally. He served clients in a variety of industries including pharmaceutical, energy, retail, banking and technology, among others. As a renowned industry thought leader, he has authored more than 50 articles and spoken at more than 200 engagements across the world on a variety of e-discovery topics. His extensive knowledge has also been utilized more than 20 times to provide expert testimony.
Co-founder of the Electronic Discovery Reference Model (EDRM), a framework that outlines the standards for the recovery and discovery of digital data, and the Information Governance Reference Model (IGRM), a similar framework specific to information management, George is skilled at developing and implementing electronic discovery strategies and managing electronic discovery processes.