Insight into where e-discovery, information governance cybersecurity, and digital transformation are heading – who is doing what now or in the future, what works and what doesn’t, and what people wish they could do but can’t – gleaned from recent publications
ABOVE THE FOLD
Join Mary Mack and me for a new ACEDS webinar series, Monthly Insights with George & Mary, starting Wed. Sept. 11.
Relativity Fest Oct. 20-23 – Join us this fall at Relativity Fest in Chicago where I will be speaking on three sessions: LIE291972 – Is It Time to Rethink the EDRM?; PD311742 – A Call to Action: Building an e-Discovery Pro Bono Platform and Network; and PR311751 – Let’s Take This Online: Managing Mobile Data in Relativity Short Message Discovery.
Subpoenaing wearable technology data – In an ABA article, Meghan A. Rigney of Wiedner & McAuliffe offered advice on subpoenaing wearable technology data, in particular FitBit and Apple data.
CYBERSECURITY & DATA PRIVACY
Cyber insurance coverage – Sharon Nelson of Sensei Enterprises noted that Lloyd’s of London has called for insurance policies to be explicit about cyber coverage. In Market Bulletin Ref. Y5258, Llyod’s stated that “Lloyd’s view is that it is in the best interests of customers, brokers and syndicates for all policies to be clear on whether coverage is provided for losses caused by a cyber event. This clarity should be provided by either excluding coverage or by providing affirmative coverage in the (re)insurance policy.” (Emphasis in original.)
NAIC Data Security Model Law – Joseph J. Lazzarotti of Jackson Lewis discussed the National Association of Insurance Commissioners’ Insurance Data Security Model Law and its implications. Adopted by the NAIC in 2017, the Model Law in intended to provide a benchmark for any cybersecurity program.
New Hampshire insurance data security law – As reported in a Hunton Andrews Kurth post, New Hampshire’s governor has signed that state’s Insurance Data Security Law (SC 194). The law, effective Jan 1, 2020, requires insurers licensed in the state to put into place data security programs and report cybersecurity events.
- California Sets De Facto National Data Privacy Standard
Travis Brennan (Stradling Yocca Carlson & Rauth) and Raj Shukla and Scott Schneider (Commercial Bank of California) (July 6)
- Show Me the Money: How the CCPA Provides a Mechanism for Consumers to Monetize Their Personal Data
Joshua L. Gutter (Carlton Fields) (Aug. 4)
- The CCPA’s 50,000 California Resident Requirement – Easier to Meet Than It Might Seem
Gregory A. Gidus (Carlton Fields) (Aug. 6)
- The CCPA’s Impact on Businesses Processing Personal Data of Minors and Children
Steven Blickensderfer (Carlton Fields) (Aug. 6)
- CCPA Security FAQs: Can employees bring a class action under the CCPA following a data breach?
David Zetoony (Bryan Cave Leighton Paisner) (Aug. 6)
- CCPA: An Amendments Progress Report & Tracker
Jessica B. Lee, Robyn Mohr, and Bea Hinton (Loeb & Loeb) (Aug. 7)
- CCPA Security FAQs: What Percentage of Data Breaches Result in Class Action Litigation?
David Zetoony (Bryan Cave Leighton Paisner) (Aug. 8)
- Locke Lord QuickStudy: Looking Ahead to the CCPA’s “Look Back” Requirement
Molly McGinnis Stine and Paul B. Sudentas (Locke Lord) (Aug. 8)
- CCPA Legislative Update: What’s Next
Robert E. Braun (Jeffer Mangels Butler & Mitchell) (Aug. 9)
- GDPR Privacy FAQs: Do cookie banners that disclose the use of analytics or behavioral advertising cookies, and state that continued use of a website is deemed acceptance of those cookies, satisfy European privacy laws?
Christian M. Auty (Bryan Cave Leighton Paisner) (Aug. 2)
- GDPR, Data Privacy and Enterprise Relationship Management
David Goyette (Introhive) (Aug. 7)
- GDPR Privacy FAQs: If a website participates in behavioral advertising, does the GDPR require that it disclose that it is “selling” consumers’ information?
Christian M. Auty (Bryan Cave Leighton Paisner) (Aug. 2)
- Researcher Exploits GDPR Fears to Obtain Private Data
Neil J. Rubenking (PC Mag UK) (Aug. 9)
Chinese draft guidelines on cross-border transfer of PI – Myles Seto and Sean Wang of Deacons reported that the Cyberspace Administration of China released for public comment a draft version of Measures for Security Assessment of Cross-border Transfer of Personal Information.
Egypt draft data protection law – Youssef Sallam of Al Tamimi & Company wrote that the Egyptian Cabinet of Ministers recently approved a draft data protection law, akin to the GDPR, which is being reviewed by the Parliament of Egypt.
LEGAL TECHNOLOGY & DIGITAL TRANSFORMATION
The current state of play in legal innovation – Jae Um of Baker McKenzie prepared a piece, published in Legal Evolution, examining the current state of play in legal innovative. Returning to a post she put up a year ago, Jae Um looked back at legal innovation over the past decade and finds hope for the future, especially if we are able to be a bit more patient and take a longer view.
E-DISCOVERY CASE LAW
Recent e-discovery decisions
7/10/2019 – Appellate Judges Smith, McKee and Fisher affirmed in part and reversed in part a District Court denial of a motion for default judgment with respect to deleted and unrecoverable emails and remanded the case for a new trial. The appellate court determined that the district court appropriately (1) concluded that the appellee acted in bad faith when it destroyed emails, (2) concluded that spoliation prejudiced the appellant, (3) and opted for the lesser sanction of a permissive adverse inference instruction instead of a default judgment. The appellate court found, however, that the district court erred in excluding expert testimony regarding the appellee’s spoliation, and error that could have affected the outcome of the case as it deprived the jury of testimony that would have been highly probative of whether the jury should adopt the permissive adverse inference. GN Netcom v. Plantronics, No. 18-1287 (3rd Cir. July 10, 2019).
7/11/2019 – U.S. Magistrate Judge Stephan Vidmar denied plaintiffs’ motion for spoliation sanctions for defendants’ failure to preserve and produce photos and excluded testimony or argument at trial concerning the photos. A fire allegedly destroyed 2,647 tons of hay, leaving only smoldering embers. Defendants’ farm manager did not see the fire but claimed to have taken photos, stored only on his cell phone, of the embers. Defendants never produced the photos to plaintiffs and by the time plaintiffs sued apparently the farm manager no longer possessed the photos; defendants’ first notice that plaintiffs intended to sue was the suit itself. Plaintiffs moved for sanctions base on the loss or destruction of the photos, arguing that defendants should have been put on notice of litigation by the fire itself and should have preserved the photos. The Court first determined that because the photos were ESI, FRCP 37(e) foreclosed reliance on the Court’s inherent authority to impose spoliation sanctions. The Court next ruled discovery of the alleged fire was not by itself sufficient to put defendants on notice and hence no duty to preserve the photos had been triggered. The Court then ruled that plaintiffs failed to show that defendants intentionally deprived them of the photos. Finally, the Court ruled that ruled that neither defendants nor plaintiffs would be allowed to mention the photos at trial as the probative value of testimony concerning them is low and potential prejudice powerful. Philmar Dairy, LLC v. Armstrong Farms, No. 18-cv-0530SMV/KRS (D.N.M. July 11, 2019).
|5/3/2019||ED||UF Law||UF Law Launches Florida E-Discovery Case Law Database|
|8/8/2019||ED||iCONECT||iCONECT Secures Strategic Capital Funding Helping Lawyers tell ‘Their Winning Story’|
Conferences, webinars, and the like can provide insight into where e-discovery, information governance cybersecurity, and digital transformation are heading