Close
Enter your
text here
Posts By :

Doug Austin

eDiscovery Case Law: Fifth Amendment Doesn’t Extend to Encrypted Hard Drives – Or Does It?
 

In the case U.S. v. Fricosu, Colorado district judge Robert Blackburn has ruled that a woman must produce an unencrypted version of her Toshiba laptop's hard drive to prosecutors in a mortgage fraud case for police inspection.  The woman, Ramona Fricosu, had argued that the Fifth Amendment's privilege against self-incrimination protected her from having to disclose the password to her hard drive, which was encrypted using PGP Desktop and seized when investigators served a search warrant on her home.

The day the search warrant was carried, Fricosu spoke with her imprisoned ex-husband Scott (indicted with Fricosu in the case) by phone. The conversation was recorded, and Fricosu implied that relevant information could be found on the encrypted laptop:

Scott: (SC [simultaneous conversation]) oh yeah that’s right it was on your laptop wasn’t it

Ramona: I think so but I’m not sure

Scott: OK

Ramona: yeah cause they kept asking me for passwords and I said, ya know no I just didn’t answer them

Scott: right (SC). Because when you went there you took your laptop

Ramona: yeah I think so I think I did

Scott: and so (SC) it would been on there

Ramona: yeah

Scott: OK

Ramona: and my lawyer said I’m not obligated by law to give them any passwords or anything they need to figure things out for themselves

Based on this conversation, the government sought a warrant under the “All Writs Act, 28 U.S.C. § 1651, requiring Ms. Fricosu to produce the unencrypted contents of the computer.”  Fricosu declined, “asserting her privilege against self-incrimination under the Fifth Amendment”.

In providing his ruling, Judge Blackburn referenced In re Grand Jury Subpoena to Boucher in which child pornography was identified on the defendant's laptop during a border search in Vermont. When the laptop was later seized, it was determined to be password protected. A magistrate judge initially sided with the defendant finding that he could not be compelled to reveal the contents of his mind, which is what the act of producing the password would be.  Revising the grand jury’s request to require the defendant to produce, not the password itself, but rather an unencrypted version of the drive, a Vermont District judge granted that request.

With that case as precedent, Judge Blackburn ruled that Fricosu was required to provide the government in this case with an unencrypted copy of the Toshiba laptop computer’s hard drive.  However, Judge Blackburn also ruled that the government would be “precluded from using Ms. Fricosu’s act of production of the unencrypted contents of the computer’s hard drive against her in any prosecution”.

Fricosu’s attorney has indicated he plans to appeal the ruling and noted that his client may not even be able to decrypt the hard drive, stating “If that's the case, then we'll report that fact to the court, and the law is fairly clear that people cannot be punished for failure to do things they are unable to do”.

So, what do you think?  Should production of the hard drive have been compelled?  Does the preclusion from using evidence from the hard drive against her in prosecution address any Fifth Amendment concerns?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Trends: Small Cases Need Love Too!
 

There was an interesting article in Law Technology News from Tom O’Connor, a previous thought leader interviewee on this blog, regarding the dilemma associated with affordability of eDiscovery technology for small cases (entitled Pricing: The Small Case E-Discovery Dilemma).  Even though small cases make up the overwhelming majority of cases filed and there is ESI to manage in those cases just like there is in the big cases, eDiscovery technology has historically been cost prohibitive for the cases when compared to the amount at dispute.

To make technology work for the smaller cases, Tom makes some assumptions, including:

  • Typical ESI File Formats: The types of files you’re working with in the smaller cases are typical file formats for email and office functions.  If you get into the less common file formats, you’re more likely to need more expensive technology to handle those.
  • Host the Data Yourself: Tom assumes “that you want to host the data yourself, and that you have the equipment and skills to do so” and that small cases “demand applications that can be installed on one computer for processing and review”.  It’s an interesting assumption, the question is do many of the firms managing these small cases have both the equipment and the skills to do so? (I’m not sure that they do).
  • Smaller Volumes of ESI: Of course, it makes perfect sense that the small case would be dealing with less ESI.  As Tom notes, “[w]e're also assuming you are not dealing with terabytes of information.”  Of course not.  However, with each GB representing 50,000 pages of data (or more), it doesn’t take much volume to require technology to effectively manage the data.
  • Cooperative Relationship: Tom also states the assumption that “you have a cooperative relationship with the other side, at least in terms of dealing with EDD”.  When that’s the case, it’s a lot easier to keep eDiscovery at a proportional level.

The article goes on to look at a case starting with 800 GB that ultimately yields 200 GB of reviewable material and the potentially exorbitant costs (as much as $1 million) associated with managing a 200 GB case.  Yet, as Tom notes, “[b]ig EDD companies don't want this business — we've been told that directly by sales managers at two separate top-tier companies.”

Last year at LegalTech, several of the thought leaders that I interviewed indicated that they were seeing more technology alternatives suitable for the smaller cases and Tom mentions some of those toward the end of the article.  One of our 2012 predictions was a greater adoption of eDiscovery technology for smaller cases (as even those cases are no longer that small), attorneys are forced to embrace eDiscovery technology for these cases and, eDiscovery providers are taking note.

In addition to the trends and technology alternatives that Tom writes about, I wrote an article that was published in LJN’s Legal Tech Newsletter in September entitled e-Discovery Technology for the $100,000 (Or Less) Case that discusses some of the trends that are starting to make technology more affordable for the smaller case.  These include SaaS applications in the cloud, pricing models that promote simplified and pay-as-you-go technology pricing, advanced data culling techniques and self-service functionality that enables the firm to “do it yourself” instead of paying the vendor for those services.  This article also identifies some technology alternatives that promote those concepts to make eDiscovery technology affordable even when the amount in dispute is no more than $100,000.

If you’re a subscriber to Legal Tech Newsletter, you can get that entire issue here.  If you’re not a subscriber, but would be interested in a reprint of that article, send me an email to daustin@ediscoverydaily.com and I’ll send you a copy.

So, what do you think?  Are you able to effectively use eDiscovery technology for smaller cases?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Social Tech eDiscovery: Facebook Law Enforcement Policies Revisited

One of the very first posts we published on this blog, over 16 months ago, was a post regarding Facebook’s Subpoena Policy, describing and providing a link to Facebook’s Law Enforcement page to request information from Facebook.  With numerous cases involving discovery of information on Facebook, (including this one, this one, this one, this one, this one and this one – all just in the past year), it seems appropriate to revisit this page to see if anything has changed.

The first thing that has changed is the link itself.  The old link we published 16 months ago no longer takes you to that page – it defaults to the general Facebook help page.  So, I had to “go hunting” for the new location for the law enforcement page.  It took a few tries, but I did finally find it here.  If you prefer your Facebook Law Enforcement information in downloadable document form, the link to the PDF is here.

The page has a lot more information than the old page.  Sections include:

  • US Legal Process Requirements: Notes that Facebook discloses account records solely in accordance with their terms of service and applicable law, including the federal Stored Communications Act (“SCA”), 18 U.S.C. Sections 2701-2712, which requires a valid subpoena, court order or search warrant to compel disclosure of Facebook content.
  • International Legal Process Requirements: A Mutual Legal Assistance Treaty request or letter rogatory may be required to compel the disclosure of the contents of an account.  More information found here.
  • Account Preservation: Link to form to request preservation of account records for up to 90 days pending receipt of formal legal requests.
  • Emergency Requests: Email address for a law enforcement official to obtain an emergency request form in cases “involving imminent harm”.
  • Child Safety Matters: What to do when requests relate to child exploitation or safety concerns.
  • Data Retention and Availability: Reiteration that Facebook does “not retain data for law enforcement purposes unless we receive a valid preservation request before a user has deleted that content from our service”, with links to 1) how a Facebook user can request their account to be permanently deleted (with no recovery), 2) Facebook’s Statement of Rights and Responsibilities and 3) Facebook’s Data Use Policy.
  • Form of Requests: Information required with requests for information, including 1) name of the issuing authority, badge/ID number of responsible agent, email address from a law-enforcement domain, and direct contact phone number; 2) email address, user ID number or username of the Facebook profile.
  • User Consent: Instructions for users who have consented to provide their own information to law enforcement officials using Facebook’s Download Your Information feature (previously featured on this blog here).
  • Notification: What to do if officials believe that notification would jeopardize an investigation.
  • Testimony: Facebook’s declaration that they do not provide expert testimony support, but if “a special form of certification is required”, the requestor should attach it to the records request.
  • Cost Reimbursement: Facebook’s statement that they “may seek reimbursement for costs in responding to requests for information as provided by law”, without specifying what those costs might be (which is different than the specific costs stated in the previous page).
  • Contact Information: To submit records requests via email, snail mail or fax – but only if you’re a law enforcement officer.

So, what do you think?  Have you needed to request information from Facebook for litigation purposes?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Case Law: Appeals Court Decides Spoliation Finding For Not Producing Originals is Bull
 

Including yesterday’s post, this seems to be the week for Third Circuit appeal cases…

In Bull v. UPS Inc., No. 10-4339 (3d Cir. Jan. 4, 2012), the Third Circuit court conceded that “producing copies in instances where the originals have been requested may constitute spoliation if it would prevent discovering critical information”.  However, it found that in this case, the District Court erred in finding that spoliation had occurred and in imposing a sanction of dismissal with prejudice.

During a jury trial of a claim of disability discrimination under New Jersey law, the plaintiff (a former UPS employee) testified about two notes that she received from her doctor and faxed to UPS, regarding her neck and shoulder injury. When UPS challenged the authenticity of those notes and sought to block the admission of the faxed copies, the employee's attorney indicating that the original notes no longer existed.  However, the plaintiff testified during examination that she actually still had originals at home.  As a result, the District Court declared a mistrial and encouraged the defendant to file a motion for sanctions.  The plaintiff produced the original doctor’s notes to the court and after considering defendant’s motion for sanctions, the District Court invoked its authority and ordered the case dismissed with prejudice.  Plaintiff appealed.

After carefully examining the record and determining that there was insufficient evidence that the employee intentionally withheld the original notes, the Third Circuit reversed the sanctions, finding doubt whether or not UPS ever properly requested the original documents; and if so, whether plaintiff's counsel ever communicated those requests.

However, the Third Circuit court recognized, in footnote, a “growing concern not implicated in this case”:

“This highlights a growing concern for us that is not directly implicated in this case.  As electronic document technology progresses, the concept of an “original” document is becoming more abstract.  Moving from the more easily distinguishable photocopy or facsimile to documents created, transmitted and stored in an electronic form means that it will be increasingly difficult to ascertain where the boundary of an objectively reasonable duty to preserve such documents lies.  There are—and increasingly will be—circumstances in which the foreseeability of a duty to preserve the information contained in a particular document is distinguishable—under an objective analysis—from the need to preserve that information in its “original” form or format.  Indeed, arriving at a common understanding of what an “original” is in this context is challenging enough.  Although it does, and always will rest with the courts to preserve the distinction between an objectively foreseeable duty and actual knowledge of such a duty, there is a concomitant obligation that counsel must assume to clearly and precisely articulate the need for parties to search for, maintain, and—where necessary—produce “original” or source documents.  This case gives us one more opportunity to highlight our position that clarity in communications from counsel that establish a record of a party's actual knowledge of this duty will ensure that this technology-driven issue does not consume an unduly large portion of the court's attention in future litigation.”

So, what do you think?  Should the sanctions have been reversed?  Or should the producing party be required to produce originals whether they were clearly requested or not?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Case Law: Court Dismisses Identify Theft Case Where No Harm Was Proven
 

In the case Reilly v. Ceridian Corp, 11-1738 (3rd Cir. Dec. 12, 2011), the Third Circuit affirmed the district court’s dismissal of a class action against payroll processing company Ceridian for a data breach, finding that the plaintiffs case lacked merit because their alleged injuries were too speculative.

An unknown hacker breached Ceridian’s Powerpay system in December 2009, potentially gaining access to payroll information such as names, birth dates, bank account numbers and Social Security numbers belonging to approximately 27,000 employees at 1,900 companies. Two individual plaintiffs filed suit on behalf of all of the individuals whose information was exposed in the security breach.  However, the lawsuit did not allege that the hacker actually accessed, misused or copied the data. Instead, the plaintiffs claim was based on an allegedly increased risk of identity theft, emotional distress and the credit-monitoring costs they incurred.

The U.S. Court of Appeals for the Third Circuit upheld a District Court decision dismissing the case, finding that these asserted injuries were too speculative to give the plaintiffs standing to bring a federal lawsuit and emphasized the need for an injury-in-fact, which must be actual or imminent, not hypothetical.

The court distinguished this case from other cases in the Seventh and Ninth Circuits where plaintiffs bringing claims for data breaches were found to have standing. The Third Circuit judges noted that those other cases involved threatened harms that were much more “imminent” and “certainly impending” due to evidence of improper intent (such as the Ninth Circuit case, where an individual had attempted to open a bank account with a plaintiff’s information following the physical theft of a laptop).

Even though the plaintiffs voluntarily expended time and money to monitor their financial situation, the court concluded:

“Here, no evidence suggests that the data has been—or will ever be—misused”…The present test is actuality, not hypothetical speculations concerning the possibility of future injury. Appellants’ allegations of an increased risk of identity theft resulting from a security breach are therefore insufficient to secure standing.”

So, what do you think?  Should the case have been dismissed?  Or should a company be held responsible for security breaches regardless what is done with the data that’s breached?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Trends: Needing “Technology Assisted Review” to Write a Blog Post
 

Late on a Thursday night, with a variety of tasks and projects on my plate at the moment, it seems more difficult this night to find a unique and suitable topic for today’s blog post.

One thing I often do when looking for ideas is to hit the web and turn to the many resources that I read regularly to stay abreast of developments in the industry.  Usually when I do that, I find one article or blog post that “speaks to me” as a topic to talk about on this blog.  However, when doing so last night, I found several topics worth discussing and had difficulty selecting just one.  So, here are some of the notable articles and posts that I’ve been reviewing:

There’s plenty more articles out there.  I’ve barely scratched the surface.  When we launched eDiscovery Daily about 16 months ago, some wondered whether there would be enough eDiscovery news and information to talk about on a daily basis.  The problem we have found instead is that there is SO much to talk about, it’s difficult to choose.  Today, I was unable to choose just one topic, so, as the picture notes, “I have nothing to say”.  Therefore, I’ve had to use “technology assisted review” to provide a post to you, thanks to the many excellent articles and blogs out there.  Enjoy!

So, what do you think?  Are there any specific topics that you find are being discussed a lot on the web?  Are there any topics that you’d like to see discussed more?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Case Law: Court Denies Plaintiff Request For Additional Searches for Acronyms
 

In the case In Re: National Association of Music Merchants, Musical Instruments and Equipment Antitrust Litigation, MDL No. 2121 (Dec. 19, 2011), U.S. Magistrate Judge Louisa S. Porter considered a motion by the plaintiffs seeking to compel the defendants to run document searches containing abbreviations and acronyms identified during discovery.  Ruling that the plaintiffs had “ample opportunity” to obtain this discovery earlier in the case, the court denied the motion.

The defendants notified the plaintiffs that they intended to use keyword searches to find relevant documents to plaintiffs’ discovery requests and asked the plaintiffs to provide search terms.  However, the plaintiffs indicated that they could not provide the terms, lacking sufficient information at that point to construct meaningful searches. So, the defendants created their own list of search terms, which they then reviewed with the plaintiffs, who protested that the terms were too restrictive and were unlikely to capture some highly relevant documents. As a result, both sides sat down and negotiated a list of agreed-upon search terms, including several terms specifically targeted to capturing defendant-to-defendant communications.

The defendants began to produce documents based on the agreed-upon terms. Through review of those produced documents, the plaintiffs discovered the frequent use of abbreviations and acronyms and filed a motion seeking to compel the defendants to run document searches containing these abbreviations and acronyms.

While the court noted that keyword searching should be “a cooperative and informed process” and emphasized the importance of “a full and transparent discussion among counsel of the search terminology”, the court chastised the plaintiffs, noting:

“Here, the Court finds Plaintiffs had ample opportunity to obtain discovery regarding abbreviations and acronyms of Defendant companies, and the burden or expense to Defendants in having to comply with Plaintiffs’ request regarding abbreviations and acronyms outweighs its likely benefit. … First, Plaintiffs had two separate opportunities to suggest that Defendants search for abbreviations and acronyms of the Defendant companies; initially, before Defendant’s produced documents; and second, during negotiations between the parties on agreed-upon expanded search terms. In the spirit of the conclusions made at the Sedona Conference, and in light of the transparent discussion among counsel of the search terminology and subsequent agreement on the search method, the Court finds it unreasonable for Defendant to re-search documents they have already searched and produced.

Second, after meeting and conferring with Plaintiffs, and relying on their agreement with Plaintiffs regarding search terms, Defendants have already searched and produced a significant number of documents, thereby incurring significant expenses during this limited discovery period. Further, as articulated by Defendants, the new search terms Plaintiffs have proposed would require some Defendants to review tens of thousands of additional documents that would likely yield only a very small number of additional responsive documents. Therefore, the Court finds a re-search of documents Defendants have already searched and produced is overly burdensome.”

As a result, the court denied the plaintiffs’ request to “run document searches containing abbreviations and acronyms for agreed-upon search terms concepts”.

So, what do you think?  Should the plaintiffs’ have been able to anticipate the abbreviations and acronyms during negotiations or should their motion have been granted to add them later?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Trends: Sampling within eDiscovery Software

Those of you who have been following this blog since early last year may remember that we published a three part series regarding testing your eDiscovery searches using sampling (as part of the “STARR” approach discussed on this blog about a year ago).  We discussed how to determine the appropriate sample size to test your search, using a sample size calculator (freely available on the web).  We also discussed how to make sure the sample size is randomly selected (again referencing a site freely available on the web for generating the random set).  We even walked through an example of how you can test and refine a search using sampling, saving tens of thousands in review costs with defensible results.

Instead of having to go to all of these external sites to manually size and generate your random sample set, it’s even better when the eDiscovery ECA or review software you’re using handles that process for you.  The latest version of FirstPass®, powered by Venio FPR™, does exactly that.  Version 3.5.1.2 of FirstPass has introduced a sampling module that provides a wizard that walks you through the process of creating a sample set to review to test your searches.  What could be easier?

The wizard begins by providing a dialog to enable the user to select the sampling population.  You can choose from tagged documents from one or more tags, documents in saved search results, documents from one or more selected custodians or all documents in the database.  When choosing tags, you can choose ANY of the selected tags, ALL of the selected tags, or even choose documents NOT in the selected tags (for example, enabling you to test the documents not tagged as responsive to confirm that responsive documents weren’t missed in your search).

You can then specify your confidence level (e.g., 95% confidence level) and confidence interval (a.k.a., margin of error – e.g., 4%) using slider bars.  As you slide the bars to the desired level, the application shows you how that will affect the size of the sample to be retrieved.  You can then name the sample and describe its purpose, then identify whether you want to view the sample set immediately, tag it or place it into a folder.  Once you’ve identified the preferred option for handling your sample set, the wizard gives you a summary form for displaying your choices.  Once you click the Finish button, it creates the sample and gives you a form to show you what it did.  Then, if you chose to view the sample set immediately, it will display the sample set (if not, you can then retrieve the tag or folder containing your sample set).

By managing this process within the software, it saves considerable time outside the application having to identify the sample size and create a randomly selected set of IDs, then go back into the application to retrieve and tag those items as belonging to the sample set (which is how I used to do it).  The end result is simplified and streamlined.

So, what do you think?  Is sample set generation within the ECA or review tool a useful feature?  Please share any comments you might have or if you’d like to know more about a particular topic.

Full disclosure: I work for CloudNine Discovery, which provides SaaS-based eDiscovery review applications FirstPass® (for first pass review) and OnDemand® (for linear review and production).

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Case Law: Via Rule 45 Subpoena, Plaintiff Allowed to Search Non-Party Personal Hard Drive
 

A party can subpoena a nonparty to provide a personal computer for the forensic review of electronically stored information (ESI) under Rule 45 of the Federal Rules of Civil Procedure.

In Wood v. Town of Warsaw, N.C., No. 7:10-CV-00219-D, (E.D.N.C. Dec. 22, 2011), a former police chief alleged his former employer unfairly terminated him because of his age under the Age Discrimination in Employment Act. During discovery, the plaintiff sent a non-party subpoena to the former town hall manager, who the plaintiff claimed was responsible for his termination. In the subpoena, the plaintiff asked that the former town manager make his personal computer available for a search by a forensic expert using agreed-upon search terms. He also offered to pay for the cost of the search, excluding any privilege review that the town manager wanted to conduct.

The town manager objected to the subpoena and attempted to modify it, claiming the search would be expensive, would be time-consuming, and would invade his privacy. He also claimed he did not use his personal computer for work. He offered to search the computer himself and provide any documents that were responsive to the plaintiff’s requests in the subpoena.

The court reviewed Rule 45 of the Federal Rules of Civil Procedure, which required it to balance three factors in deciding whether to modify or quash a subpoena: (1) the relevance of the information sought, (2) the plaintiff’s need for the information, and (3) the potential hardship to the non-party. In doing so, it concluded that the plaintiff’s narrow request for “non-privileged documents identified by an electronic search for key words related to the claims and defenses asserted by the parties” was reasonable. The court also noted that “in this age of smart phones and telecommuting, it is increasingly common for work to be conducted outside of the office and through the use of personal electronic devices.” Therefore, it was reasonable to expect to find relevant ESI on the town manager’s computer. Finally, the fact that the plaintiff assumed all of the costs except the privilege review minimized the burden on the town manager.

The court also noted that the subpoena’s requests were limited to tangible documents, not including ESI, and would thus not “encompass the information sought by the request to search [the town manager’s] hard drive.”

Therefore, it ruled that the subpoena was proper but modified it to clarify that the plaintiff was not entitled to the complete contents of the hard drive—just to those responsive to the search terms that were neither privileged nor confidential.

So, what do you think?  Should the search have been allowed?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case Summary Source: Applied Discovery (free subscription required).

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Trends: The Sedona Conference International Principles
 

One of our eDiscovery predictions for 2012 was that there would be a continued focus on International eDiscovery and that was also a prediction of three of the other sets of eDiscovery predictions we evaluated.  Multinational companies with operations in the United States are often subject both to the US civil procedure discovery rules as well as the privacy laws of the European Union and other countries where they operate.  Trying to comply with both sets of rules and laws can be difficult when those rules and laws conflict.

To attempt to address those conflicts, Working Group 6 of The Sedona Conference (TSC) has drafted the 2011 Public Comment Version of The Sedona Conference® International Principles on Discovery, Disclosure and Data Protection (“International Principles”), downloadable here.  This is the European Union Edition, which as noted in the Foreward, states “[a]lthough focused principally on the relationship between U.S. preservation and discovery obligations and the EU Data Protection Directive . . . is intended to apply broadly wherever Data Protection Laws, regardless of national origin, conflict with U.S. preservation and discovery obligations”.

As with other TSC “Principles” documents, there are a collection of principles around which the document is built which are listed at the beginning of the document and then discussed within it.  Here are the six principles:

  1. With regard to data that is subject to preservation, disclosure, or discovery, courts and parties should demonstrate due respect to the Data Protection Laws of any foreign sovereign and the interests of any person who is subject to or benefits from such laws.
  2. Where full compliance with both Data Protection Laws and preservation, disclosure, and discovery obligations presents a conflict, a party’s conduct should be judged by a court or data protection authority under a standard of good faith and reasonableness.
  3. Preservation or discovery of Protected Data should be limited in scope to that which is relevant and necessary to support any party’s claim or defense in order to minimize conflicts of law and impact on the Data Subject.
  4. Where a conflict exists between Data Protection Laws and preservation, disclosure, or discovery obligations, a stipulation or court order should be employed to protect Protected Data and minimize the conflict.
  5. A Data Controller subject to preservation, disclosure, or discovery obligations should be prepared to demonstrate that data protection obligations have been addressed and that appropriate data protection safeguards have been instituted.
  6. Data Controllers should retain Protected Data only as long as necessary to satisfy legal or business needs. While a legal action is pending or remains reasonably anticipated, Data Controllers should preserve relevant information, including relevant Protected Data, with appropriate data safeguards.

The appendices include a 15 page Model Protected Data Protective Order and a Cross-Border Data Safeguarding Process + Transfer Protocol, which is an ease-of-reference guide identifying common techniques for achieving best possible legal compliance with conflicting U.S. eDiscovery rules and Data Protection laws when processing and transferring foreign data for U.S. litigation.

As noted in the document, “[o]ther editions of the International Principles are planned for publication by Working Group 6 that will focus on sovereign countries or regions other than the EU and the intersection of their data protection laws and U.S. preservation and discovery requirements.”  So, there is more to come!

To submit a public comment, you can download a public comment form here, complete it and fax (yes, I said fax) it to The Sedona Conference® at 928-284-4240.  You can also email a general comment to them at tsc@sedona.net.

So, what do you think?  Do the International Principles provide significant guidance for addressing international discovery issues?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.