Insight into where e-discovery, information governance cybersecurity, and digital transformation are heading – who is doing what now or in the future, what works and what doesn’t, and what people wish they could do but can’t – gleaned from recent publications
ABOVE THE FOLD
Join Mary Mack and me for a new ACEDS webinar series, Monthly Insights with George & Mary, starting Wed. Sept. 11.
Relativity Fest Oct. 20-23 – Join us this fall at Relativity Fest in Chicago where I will be speaking on three sessions: LIE291972 – Is It Time to Rethink the EDRM?; PD311742 – A Call to Action: Building an e-Discovery Pro Bono Platform and Network; and PR311751 – Let’s Take This Online: Managing Mobile Data in Relativity Short Message Discovery.
ELECTRONIC DISCOVERY
On using supervised machine learning – Rasmus Mandøe Jensen and Christian Scott Uhlig of Pelsner examined the Danish Financial Supervisory Authority’s recently published guidelines on the use of supervised machine learning. Although the guidelines are meant for financial companies, the Pelsner attorneys’ analysis of them offers useful insights applicable to the use of TAR in litigation.
7-part e-discovery blog series – Brad Harris of Zapproved published a seven-part series on e-discovery, Driving Down the Cost of Ediscovery:
- Part 1: Taming the Big Data Dragon
- Part 2: Creating a Litigation Response Plan
- Part 3: Proportionality & Case Preparation
- Part 4: Robust Preservation Practices
- Part 5: Targeted Collections
- Part 6: Culling & Review
- Part 7: Going Beyond Litigation
On the challenges of e-discovery training – Frank Ready of Corporate Counsel wrote about the challenges associated with training attorneys and staff about e-discovery, whether in detail or at a high level. For the article, Frank drew on discussions with Debbie Reynolds of Eimer Stahl, David Hasman of Bricker & Eckler, Joseph Tate of Cozen O’Connor, and me.
CYBERSECURITY & DATA PRIVACY
Security risks accompanying collaboration tools – Richard Walters of CensorNet warned that as law firms adopt digital collaborate tools to improve communications with their clients – as most of the top 100 law firms have done, according to a recent PwC report – the law firms should pay close attention to security risks attendant with the use of those tools.
Adding a Facebook “Like” button to a website might make you a joint controller – Daniel Felz of Alston & Bird discussed the European Court of Justice’s decision in FashionID GmbH & Co. KG v. Verbraucherzentrale NRW, in which the ECJ found that websites integrating Facebook plugins are jointly responsible for the data collected by those plugins and sent to Facebook.
CCPA –
- CCPA Security FAQs: Does the CCPA Allow an Individual Whose Name is Compromised Through a Data Breach to Seek Statutory Damages?
David Zetoony (Bryan Cave Leighton Paisner) (July 25) - Client Alert: California Consumer Privacy Act Amendments Update
John Landolfi, Chris Ingram, and Chris LaRocco (Vorys) (July 30) - How to Know If Your Vendor is a ‘Service Provider’ Under CCPA
Brian Hengesbaugh and Amy C. de La Lama (Baker McKenzie) (July 31) - CCPA Compliance: Are you Ready for PI 2.0? (5 Months to Go)
(Womble Bond Dickinson) (Aug. 1) - CCPA Security FAQs: What Categories of Information Could Trigger A Consumer Class Action if Breached?
David Zetoony (Bryan Cave Leighton Paisner) (Aug. 1) - Keeping Up With the Latest on the California Consumer Privacy Act
Elaine F. Harwell (Procopio) (Aug. 5)
Data privacy and security legislation in states other than California – Kendall C. Burman, Rajesh De, Mickey Leibner, Lei Shen, Joshua M. Silverstein, David A. Simon, Jeffrey P. Taft, Howard W. Waltzman, and Lisa V. Zivkovic from Mayer Brown published a piece about efforts to pass stricter data privacy and security legislation in Nevada (SB 220), New York (the SHIELD Act, SB 5575; SB 5642; and SB S224), Maine (SP 275), North Dakota, Massachusetts (S.120), New Jersey (SB 2834), and Pennsylvania (HB 1049).
State “omnibus” privacy law comparison sheet – Baker McKenzie has published a comparison chart of new or proposed state privacy laws. The chart covers bills from California’s CCPA (SB 1121) and laws from Maine (LD 945 / SP 275), Nevada (SB 220), and Pennsylvania (HB 1049).
New York strengthened data breach protections for consumers – New York’s governor signed two bills meant to strengthen protections for consumers whose private information gets compromised in data breaches, reported the Buckley law firm: the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) (A5635B); and A2374, which requires consumer credit reporting agencies to offer identify theft prevention and mitigation services in the case of breaches of the agencies’ systems.
France: CNIL updated guidelines for cookies and other trackers – Olivier Haas, Evgenia Nosareva, and Hatziri Minaudier of Jones Day reported that CNIL, the French data protection authority, has released new guidelines on the use of cookies and other tracking technologies. Except in limited circumstances, trackers may not be deployed on smartphones, computers, and any other connected devices and when they are then clear information relating to the tracker’s purpose and implementation should be provided to the user.
Germany: Internal recorded statements and notes are personal data that must be disclosed – Odia Kagan of Fox Rothschild reported that on July 26 the Higher Regional Court of Cologne Germany held that internal recorded statements, conversation notes or telephone notes constitute personal data and copies of them must be disclosed in response to data access requests.
Germany: HDPC concerned that Google voice assistant program violated GDPR – Theodore F. Claypoole and Dominic Dhil Panakal of Womble Bond Dickinson reported that the Hamburg Data Protection Commission (HDPC) has opened an administrative procedure to prohibit Google from carrying out evaluations of their voice assistant program by employees and third parties for a period of three months. They note that the HDPC believes temporary halting of Google’s voice recording evaluation process is necessary to allow sufficient time to determine whether there is effective protection of the rights and freedoms of those whose private conversations are being listening to, documented, and evaluated by third parties.
UK: GDPR certification is coming – Lisa Rix of Littler reported that later this year companies that show compliance with a particular “certification schemes” will be issued “certification” certificates, seals, or mark the companies will be able to display to demonstrate compliance. Note the quotations marks and future tense.
UK: Comments sought on ICO draft data sharing code of practice – The UK’s Information Commissioner’s Office is seeking input on the draft update to its data sharing code of practice, first published in 2011. The ICO will be taking public feedback, via survey or email, until Sept 9.
LEGAL TECHNOLOGY & DIGITAL TRANSFORMATION
Guidance for validation of AI-based algorithms – Nathaniel M. Glasser, Adam S. Forman, and Matthew Savage Aibel of Epstein Becker & Green pointed out two sets of resources for employers using or contemplating using artificial intelligence algorithms in their employee selection processes: the Uniform Guidelines On Employee Selection Procedures, in particular Section 14: Technical standards for validity studies; and the recently updated Frequently Asked Questions from the U.S. Department of Labor’s Office of Federal Contract Compliance Programs, especially its Validation of Employee Selection Procedures FAQs.
Four big legal tech themes – Richard Tromans of Artificial Lawyer has pulled together what he sees as the four key themes that help make sense of what is happening in the realm of legal tech and law firm innovation: (1) Consolidation and Platformization; (2) Continued Proliferation of Legal Tech Companies; (3) Incubator/Accelerator Growth; and (4) More Than Law – Law Firms as Tech Producers.
Law firm project management – ILTA published the results of its 2019 project management survey, which looks at law firms. ILTA last conducted this survey in 2015 and, according to the survey’s summary, the results do not appear to differ significantly.
Law firm legal technology sanity check – Bob Ambrogi of LawSite, analyzing the results of the 2019 Aderant Business of Law and Legal Technology Survey, notes that the most effective tech tools are not the ones sucking up all the oxygen in the room – AI or blockchain, for example – but rather far more prosaic technologies such as document management and time and billing.
E-DISCOVERY CASE LAW
Recent e-discovery decisions
7/16/2019 – U.S. District Judge Aida M Delgado-Colon denied defendant’s motion to dismiss but imposed as sanction an adverse inference. Defendant requested information about plaintiff’s social media accounts. Plaintiff responded that she once had an account but it was closed and she did not recall the name under which she had the account and no longer had access to the account. Plaintiff subsequently said that following the close of discovery she regained access to the account but did not initially mention this to her attorney. She later asserted that after regaining access she printed her profile and all information regarding her account. Defendant took issue with the production, arguing that it was incomplete, and seeking supplementation; plaintiff responded that she could not because in the interval she had deleted her account. The court found that plaintiff failed to comply with her FRCP 26(e) duty to supplement her Facebook-related discovery responses after she regained access to her account and when she deleted her account, warranting sanctions. The court ordered defendant to submit a proposed adverse-inference jury instruction regarding the content of plaintiff’s Facebook page and her deletion of the related account. Cordova v. Walmart Puerto Rico, Inc. et al., No. 16-2195 (ADC) (D.P.R. July 16, 2019).
ANNOUNCEMENTS
| Date | Focus | Organization | Title |
| 8/1/2019 | ED | Exterro | Fifth Annual E-Discovery Day to Take Place on December 4, 2019 |
| 8/1/2019 | ED | Legility | Legility Acquires eDiscovery Company iControlESI |
| 8/1/2019 | LT/DT | Linklaters | Linklaters crowdsourcing ideation platform gives its people the opportunity to shape the firm’s future |
| 8/5/2019 | ED | Ipro | Ipro Releases New Desktop Offering Combining eDiscovery and Trial Software |
| 8/6/2019 | ED | Nuix | Nuix Announces Launch of Nuix Discover |
ADDITIONAL ARTICLES
UPCOMING EVENTS
Conferences, webinars, and the like can provide insight into where e-discovery, information governance cybersecurity, and digital transformation are heading
8/8/2018-9/6/2019 EVENTS
SEE PAST WEEKLY TREND REPORTS
Named an “E-Discovery Trailblazer” by The American Lawyer, George has assisted corporate, law firm, and government clients with all facets of electronic discovery, including information governance, domestically and globally. He served clients in a variety of industries including pharmaceutical, energy, retail, banking and technology, among others. As a renowned industry thought leader, he has authored more than 50 articles and spoken at more than 200 engagements across the world on a variety of e-discovery topics. His extensive knowledge has also been utilized more than 20 times to provide expert testimony.
Co-founder of the Electronic Discovery Reference Model (EDRM), a framework that outlines the standards for the recovery and discovery of digital data, and the Information Governance Reference Model (IGRM), a similar framework specific to information management, George is skilled at developing and implementing electronic discovery strategies and managing electronic discovery processes.