Posts By :

Doug Austin

If You’re Going to Store Cookies, EU Court Says You Need the Users’ Active Consent: Data Privacy Trends

After two weeks in Italy, of course my first post back had to be a post about Europe, right?  ;o)  Regardless, while I was out last week, a notable decision was announced by the Court of Justice of the European Union which might impact a few people (i.e., anyone from the EU who accesses websites).

Anyway, as covered in Rob Robinson’s terrific Complex Discovery blog last week (Storing Cookies Requires Internet Users’ Active Consent Says Court of Justice of the European Union), in Case C-673/17, Bundesverband der Verbraucherzentralen und Verbraucherverbände ̶ Verbraucherzentrale Bundesverband eV v Planet49 GmbH, the Court of Justice of the European Union decided that the consent which a website user must give to the storage of and access to cookies on his or her equipment is not validly constituted by way of a prechecked checkbox which that user must deselect to refuse his or her consent.

Per the press announcement from the Court of Justice of the European Union, the German Federation of Consumer Organisations challenged the use by the German company, Planet49, of a pre-ticked checkbox in connection with online promotional games, by which internet users wishing to participate consent to the storage of cookies before the German courts.  As a result, the Bundesgerichtshof (Federal Court of Justice, Germany) asked the Court of Justice to interpret the EU law on the protection of electronic communications privacy.  P.S., don’t ask me to pronounce some of these words… ;o)

That decision is unaffected by whether or not the information stored or accessed on the user’s equipment is personal data. EU law aims to protect the user from any interference with his or her private life, in particular, from the risk that hidden identifiers and other similar devices enter those users’ terminal equipment without their knowledge.

The Court notes that consent must be specific so that the fact that a user selects the button to participate in a promotional lottery is not sufficient for it to be concluded that the user validly gave his or her consent to the storage of cookies.

Furthermore, according to the Court, the information that the service provider must give to a user includes the duration of the operation of cookies and whether or not third parties may have access to those cookies.

Interesting data privacy developments continue that will certainly shape how we not only share information, but even use websites going forward.  It will be interesting to see what the landscape for internet use looks like a few years from now.

BTW, as noted above, I’ve been gone for two weeks, so I want to give a BIG THANKS to Tom O’Connor for his terrific white paper on 30(b)(6) witness depositions that we were able to cover as a six-part series on our blog for the past two weeks.  So, instead of giving you the “best of eDiscovery Daily” these past two weeks, we were able to give you new content!

Also, BTW, Complex Discovery is currently conducting its Fall 2019 eDiscovery Business Confidence Survey.  This is the sixteenth quarterly eDiscovery Business Confidence Survey conducted by Complex Discovery.  All questions are multiple-choice, and the entire survey can be completed in about two minutes, so please check it out and feel free to participate.

So, what do you think?  Will this ruling affect how websites request consent for cookies?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Issuing the Hold is Just the Beginning: eDiscovery Throwback Thursdays

Here’s our latest blog post in our Throwback Thursdays series where we are revisiting some of the eDiscovery best practice posts we have covered over the years and discuss whether any of those recommended best practices have changed since we originally covered them.

This post was originally published on March 23, 2012, and concludes our two-part series on this topic.  There is more to litigation holds than just issuing an automated hold, suspending auto-delete programs (including those for text and other messaging apps) and tracking the responses.

Last week, we discussed identifying custodians, preparing a written litigation hold, issuing the hold and tracking responses.  Today, we’ll discuss interviewing hold notice recipients, follow up on notices, releasing holds when the obligation to preserve is removed and tracking all holds within an organization.  Here are the rest of the best practices for implementing a litigation hold.

Interviewing Hold Notice Recipients: Depending on the case, follow-up interviews (with at least the key custodians) are generally accepted as a best practice and may be necessary to ensure defensibility of the notice.  The point of these interviews is to repeat the duty to preserve, provide a detailed explanation of the requirements of the hold, answer the recipient’s questions (if any), and confirm that the recipient understands and agrees to adhere to the notice. You should keep written records of each of these interviews and document the reasoning for determining which individuals to interview.

Follow-Up on Hold Notices: For a litigation hold plan to be successful and defensible, it needs to include periodic follow-up reminders to recipients of the notices to inform them that the data in question remains under hold until the case concludes. Follow-up reminders could simply be a retransmission of the original notice or they could be a summary of all of the notices the individual has received, if there are multiple cases with holds for that individual. There is no specific requirement on how often the reminders should be sent, but it’s best to send them at least quarterly.  For some cases, it may be necessary to send them monthly.

Release the Hold: Not to be confused with “release the hounds”, it is just as important to inform people when the duty to preserve the data expires (typically, when the case is completed) as it is to notify them when the duty to preserve begins.  Releasing the hold is key to ensure that information doesn’t continue to be preserved outside of the organization’s document retention policies – if it is, it may then become subject to litigation holds in other litigations unnecessarily.  Releasing the hold also helps keep custodians from being overwhelmed with multiple retention notices, which could cause them to take the notices less seriously.  However, the release notification should be clear with regard to the fact that data subject to hold in another matter should continue to be preserved to meet discovery obligations in that matter.

Hold Tracking System: It’s important to have a reliable “system” for tracking litigation holds across all matters within the organization. Depending on your needs, that could be part of the litigation hold tracking solution discussed in last week’s post, or it could even be a simple database or spreadsheet to track the information.  You should keep historical tracking data even for completed matters as that information can be useful in guiding hold issuance on new matters (by helping to identify the correct custodians for new matters that are factually similar or related to current closed or open matters).  At a minimum, a tracking system should:

  • Track responses from individual custodians and identify those who have not yet responded,
  • Track periodic reminder notices and release notices,
  • Provide ability to report a list of people with a duty to preserve for a specific matter as well as all matters for which a person is under retention.

So, what do you think?  Do you have a solid “hold” on your hold process?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Denies Sanction Request for Attorney Who Hung Up on Opposing Counsel One Time: eDiscovery Case Law

In Ewing v. Aliera Healthcare, No. 19cv845-CAB-LL (S.D. Cal. Aug. 12, 2019), California Magistrate Judge Linda Lopez denied the plaintiff’s motion for sanctions for “rudely and unprofessionally” hanging up on the plaintiff during a call that defendant’s counsel made to the plaintiff to cancel a meet and confer appointment.

Case Background

In support of his motion, the plaintiff stated that “Local Rule 83.4 requires civil, courtesy and dignity in all communication, oral and written.”  The plaintiff also noted that defendant’s counsel “admitted to hanging up the phone on Plaintiff to the Court’s law clerk” and also requested permission to file a reply.

The defendant opposed the plaintiff’s motion on the grounds that “Plaintiff has failed to establish why Judge Lopez should sanction counsel for Aliera” noting that at issue is only “one phone call between Plaintiff and Aliera’s counsel on July 24, 2019.”  The defendant also stated:

“Plaintiff insists on recording every phone conversation, despite counsel for Aliera objecting to such recordings…The reason counsel cut his July 24 phone conversation short was because he had already confirmed that the meet and confer meeting with Plaintiff would take place on July 30; not on July 25 as Plaintiff later demanded, and despite Plaintiff’s protestations and desire to schedule it for the week of July 22…Plaintiff [then] insisted on demanding why Judge Lopez allowed Aliera’s counsel, Dwight Francis, to appear at the ENE on July 1, 2019. This extraneous demand was irrelevant to the topic of the July 24 call, and followed up on a letter Plaintiff had earlier written counsel on the same non-issue. Counsel, who was extremely busy, informed Plaintiff that he would need to take that issue up with Judge Lopez, and ended the call.”

Judge’s Ruling

Judge Lopez began her ruling by stating: “As an initial matter, the Court denies Plaintiff’s request for leave to file a reply. The Court has reviewed the briefing and finds that it has sufficient information on this issue. Notably, Plaintiff’s Motion lacks any law or authority in support of the request for sanctions.”

She ended her ruling by stating: “Here, the conduct at issue in Plaintiff’s Motion, defense counsel hanging up the phone prematurely one time during a conversation with Plaintiff, does not warrant sanctions. Indeed, defense counsel’s opposition sets forth a reasonable explanation of why defense counsel “cut short” the July 24, 2019 phone conversation. Accordingly, the Court DENIES Plaintiff’s request to impose sanctions. The Court also DENIES Defendant’s request to order Plaintiff to compensate Defendant for the time incurred in having to oppose the instant Motion. However, the Court reminds the parties that any future unprofessional conduct or otherwise improper conduct (including but not limited to filing motions with no basis in the law) may warrant a motion for sanctions by either party.”

So, what do you think?  Should attorneys be sanctioned for hanging up on each other?  Or for filing sanctions motions for opposing counsel doing so?  Or both?  ;o)  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Hold It Right There!: eDiscovery Throwback Thursdays

Here’s our latest blog post in our Throwback Thursdays series where we are revisiting some of the eDiscovery best practice posts we have covered over the years and discuss whether any of those recommended best practices have changed since we originally covered them.

This post was originally published on March 22, 2012, when eDiscovery Daily was just over a year and a half old.  Even though the Federal Rules changes of 2015 have made sanctions more difficult to obtain with the “intent to deprive” standard in Rule 37(e) for significant sanctions for spoliation of ESI, failure to issue a litigation hold has been seen in the eyes of some courts as an intentional act, leading to adverse inference instruction sanctions or even dismissal or default judgment of the case.  So, implementing a solid litigation hold is as important than ever.  Also important is suspending any auto delete programs that are running for key custodians.  Seven and a half years ago, those were primarily associated with email auto delete programs, but it now is just as important for text message and other message programs as well, as illustrated by these three recent cases.  Enjoy!

When we review key case decisions every year related to eDiscovery, the most case law decisions are almost always those related to sanctions and spoliation issues.  Most of the spoliation sanctions were due to untimely or inadequate preservation of the data for litigation.  As noted in the historic Zubulake decision, Judge Shira Sheindlin ruled that parties in litigation have an obligation to preserve potentially relevant data as soon as there is a reasonable expectation that data may be relevant to future litigation.  However, even if the party reacts in a timely manner to take steps to preserve data through a litigation hold, but executes those steps poorly, data can be lost and sanctions can occur.  Here are some best practices for implementing a litigation hold.

The most effective litigation hold plans are created before actual litigation arises and applied consistently across all matters. While cases and jurisdictions vary and there are not many hard and fast rules on implementing litigation holds, there are generally accepted best practices for implementing holds.  Implementation of a litigation hold generally includes each of the steps identified below:

Identify Custodians and Suspend Auto-Delete Programs: As we have learned in many cases over the years, it’s important to completely identify all potential custodians and suspend any automatic deletion programs that might result in deletion of data subject to litigation.  As noted above, those auto-delete programs extend to more than just email these days, as we have seen several cases (especially lately) involving failure to suspend auto-delete programs for text and other messaging apps.

Custodians can be individuals or non-individual sources such as IT and records management departments.  To determine a complete list of custodians, it’s generally best to conduct interviews of people identified as key players for the case, asking them to identify other individuals who are likely to have potentially relevant data in their possession.

Prepare Written Hold Notice: Hold notices should be in writing, and should typically be written in a standard format.  They should identify all types of data to be preserved and for what relevant period.  Sometimes, hold notices are customized depending on the types of custodians receiving them (e.g., IT department may receive a specific notice to suspend tape destruction or disable auto-deletion of emails).

Distribute Hold Notice: It is important to distribute the notice using a communication mechanism that is reliable and verifiable. Typically, this is via email and litigation hold distribution and tracking mechanisms have become much more common in recent years. Distribution should occur only to the selected and specific individuals likely to have potentially relevant information, usually not company-wide, as not everyone will understand the parameters of the hold.  Believe it or not, notices with overly broad distributions have, in some cases, been deemed inadequate by courts.

Track Responses: It is advisable to require recipients of the litigation hold notice to confirm their receipt and understanding of the notice via a method that can be tracked (again, a litigation hold program can help automate this process as it can keep track of those who have acknowledged receipt of the hold notice as well as who hasn’t).  These litigation hold distribution and tracking programs have become preferable to any manual programs for tracking read receipt notifications through email.

Next week, we’ll discuss follow up on notices, releasing holds when the obligation to preserve is removed and tracking all holds within an organization.  Hasta la vista, baby!

So, what do you think?  Do you have a solid “hold” on your hold process?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Craig Ball is “That Guy” Who Keeps Us Up to Date on Mobile eDiscovery Trends: eDiscovery Best Practices

So many topics, so little time (again).  In our webcast about millennials and their impact on eDiscovery last week, Tom O’Connor and I spent a lot of time talking about how millennials are quick to embrace new technology and certainly there have been few technology areas of growth like mobile device use.  They’re everywhere and used by (seemingly) everybody and used (seemingly) all day long.  Texts are the new emails, which means they have considerable importance from an eDiscovery perspective.  So, who should you go to if you want to stay apprised of mobile eDiscovery trends?  Craig Ball is “that guy”.

In Craig’s excellent Ball in Your Court blog, his latest post from last week (Preserving Android Evidence: Return of the Clones?), discusses Google’s recently expanded offering of “cheap-and-easy” online backup of Android phones, including SMS and MMS messaging, photos, video, contacts, documents, app data and more.  In discussing this new capability, Craig states: “This is a leap forward for all obliged to place a litigation hold on the contents of Android phones — a process heretofore unreasonably expensive and insufficiently scalable for e-discovery workflows.  There just weren’t good ways to facilitate defensible, custodial-directed preservation of Android phone content.  Instead, you had to take phones away from users and have a technical expert image them one-by-one.

Now, it should be feasible to direct custodians to undertake a simple online preservation process for Android phones having many of the same advantages as the preservation methodology I described for iPhones two years ago.  Simple.  Scalable.  Inexpensive.”

Craig did acknowledge that because Android backups live in the cloud, he anticipates that, at first, there will be no means to download the complete Android backup to a PC for analysis, thus requiring restoring the data to a factory-initialized “clean” phone as a means to localize the data for collection (at least until Google hopefully provides a suitable takeout mechanism).  As a result, “examiners may revive the tried-and-true cloning of evidence to clean devices then collecting from the restored device” (just like they once did with computer drives).  “Everything old is new again.”

Whether it’s informing us of simpler, less expensive ways of preserving iPhone and Android data, or keeping us updated as Apple announces it’s doing away with iTunes, or educating us on geolocation data, or providing us an easy to understand Mobile Evidence Burden and Relevance Scorecard.  Or he’s providing us with an entire 24 page white paper on mobile device discovery titled Mobile to the Mainstream.  So, when it comes to best practices and useful tips regarding mobile device discovery, Craig Ball is “that guy” (see what I did there, Craig?).  ;o)

So, what do you think?  Are you struggling with mobile device discovery?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Nine is Divine! eDiscovery Daily is (Cloud)Nine Years Old!

Our “nine clouds” logo is making a one-day comeback!  If you read our blog yesterday, you probably noticed that our Throwback Thursday post was from the day eDiscovery Daily was launched.  That was nine years ago today!

We launched nine years ago on September 20, 2010.  Back then, we told you to not get “wild” with wildcards (and repeated that message yesterday).  And, we published our first case law post about a case where the spoliator of data was actually threatened with jail time –  our first of 701 posts about case law to date, covering more than 540 distinct cases!  We’ve published over 2,269 lifetime posts, and every post is still available on the site for your reference.  We’ve been around for so long and published so much, we don’t even bother with the six month milestones anymore!

And, as always, we have you to thank for all of that success!  Thanks for making the eDiscovery Daily blog a regular resource for your eDiscovery news and analysis!  We really appreciate the support – you make us feel like we’re on CloudNine!

As many of you know by now, we like to take a look back each anniversary at some of the important stories and topics during that time.  So, here are some posts over the last few months you may have missed.  Enjoy!

Here’s an evidence story that only a word geek like me can appreciate.

How many states have Security Breach Notification Laws? You might be surprised.

When does a party fight NOT to have a claim against them dismissed?  When they think it keeps their sanction possibility alive – at least in this case.

Phishing emails can be so deceiving these days.  Here’s an example of one and what you can do about them.

Do you still use the Enron data set for testing?  Maybe you shouldn’t.

Should a judge accept a Facebook friend request from a litigant?  Maybe not always.

If you’re going to fire your IT guy, you might want to change the passwords on your servers.  All 23 of them.

Significant spoliation sanctions may be more difficult to get now, but “it’s never over ‘til it’s over” as this case shows.

Just because you have a Motion to Dismiss pending doesn’t mean you can stay discovery until it’s decided.

Why do hackers hack?  For the money, of course.

Here’s a “cautionary tale about how not to conduct discovery in federal court”.  ‘Nuff said.

How many times do you have to spoliate ESI before you receive case termination sanctions?  In this case, more than three.

There are plenty of reasons that organizations experience a data breach: unpatched vulnerabilities in your software is only the latest one to worry about.

Not since Clubber Lang predicted “pain” in Rocky III has the state of legal tech consolidation seen such “carnage”.

Data privacy fines keep going up.  This proposed fine was for $230 million.  This one was approved for more than 20 times that.

If you keep track of Hollywood news, you probably already know this story.  But, you may not know the eDiscovery significance of the Kevin Spacey harassment cases.

Here are some of my observations regarding this year’s ILTACON conference using the theme of the classic spaghetti western The Good, The Bad and the Ugly.

Sure, we’ve been talking a lot the past couple of years about GDPR and CCPA.  But, “COPPA” just cost YouTube and Google $170 million.

In this case regarding spoliation of cell phone data, the judge recommended that the intent to deprive question be left up to the jury.  So did this one.

This is just a sampling of topics that we’ve covered.  Hope you enjoyed them!

Thanks for the interest you’ve shown in the topics!  We will do our best to continue to provide interesting and useful eDiscovery, cybersecurity and data privacy news and analysis.  And, as always, please share any comments you might have or if you’d like to know more about a particular topic!  On to 10 years!  Do it again at ten!  :o)

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Don’t Get “Wild” with Wildcards: eDiscovery Throwback Thursdays

Here’s our latest blog post in our Throwback Thursdays series where we are revisiting some of the eDiscovery best practice posts we have covered over the years and discuss whether any of those recommended best practices have changed since we originally covered them.

This post was originally published on September 20, 2010 – which was the day eDiscovery Daily was launched!  We launched that day with an announcement post, this post and our first case law post where Judge Paul Grimm actually ordered the defendant to be imprisoned for up to two years or until he paid the plaintiff “the attorney’s fees and costs that will be awarded to Plaintiff as the prevailing party pursuant to Fed. R. Civ. P. 37(b)(2)(C).”  (Spoiler alert – the defendant didn’t ultimately go to jail, but was ordered to pay over 1 million dollars to the plaintiff)…

Even before the 2015 Federal Rules changes, we didn’t see any other cases where the parties were threatened with jail time.  But I personally have seen several instances where parties still want to get “wild” with wildcards.  We even covered a case where the parties negotiated terms that included the wildcard for “app*” because they were looking for phone applications or apps (an even more extreme example than the one I detail below).  Check it out too.  And, enjoy this one as well!  It’s as relevant today as it was (almost) nine years ago!

A while ago, I provided search strategy assistance to a client that had already agreed upon several searches with opposing counsel.  One search related to mining activities, so the attorney decided to use a wildcard of “min*” to retrieve variations like “mine”, “mines” and “mining”.

That one search retrieved over 300,000 files with hits.

Why?  Because there are 269 words in the English language that begin with the letters “min”.  Words like “mink”, “mind”, “mint” and “minion” were all being retrieved in this search for files related to “mining”.  We ultimately had to go back to opposing counsel and negotiate a revised search that was more appropriate.

How do you ensure that you’re retrieving all variations of your search term?

Stem Searches

One way to capture the variations is with stem searching.  Applications that support stem searching give you an ability to enter the root word (e.g., mine) and it will locate that word and its variations.  Stem searching provides the ability to find all variations of a word without having to use wildcards.

Other Methods

If your application doesn’t support stem searches, Morewords.com shows list of words that begin with your search string (e.g., to get all 269 words beginning with “min”, go here – simply substitute any characters for “min” to see the words that start with those characters).  Choose the variations you want and incorporate them into the search instead of the wildcard – i.e., use “(mine or “mines or mining)” instead of “min*” to retrieve a more relevant result set.

Many applications let you preview the wildcard variations you wish to use before running them.  For example, our CloudNine Review solution (shameless plug warning!) performs a preview when you start to type in a search term to show you words within the collection that begin with that string.  As a result, you can identify an overbroad term before you agree to it.

So, what do you think?  Have you ever been “burned” by wildcard searching?  Do you have any other suggested methods for effectively handling them?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Today’s Webcast Will Show You How to Think Like a Millennial When Addressing eDiscovery Needs: eDiscovery Webcasts

As we learned in Tom O’Connor’s recent five part blog series, millennials may be changing eDiscovery (depending on your point of view).  Regardless, eDiscovery is changing and millennials may be a BIG part of that change.  TODAY’S webcast will help you think like a millennial to address your eDiscovery needs.

Today at noon CST (1:00pm EST, 10:00am PST), CloudNine will conduct the webcast Thinking Like a Millennial in eDiscovery.  This CLE-approved* webcast session will discuss how evolving technology trends are impacting eDiscovery today and how to think like a millennial to stay on top of those developing trends. Key topics include:

  • Understanding Millennials and How They Differ from Previous Generations
  • Drivers for Millennials’ Thinking Today
  • How Litigation Support and eDiscovery Has Evolved Over the Years
  • Challenges Posed by BIG Data and Variety of Data Sources
  • Ethical Duties and Rules for Understanding Technology
  • Impact of Millennials on Legal Technology and eDiscovery
  • Your Clients May Have More ESI Than You Think
  • Recommendations for Addressing Today and Future Technology Challenges

As always, I’ll be presenting the webcast, along with Tom O’Connor.  To register for it, click here – it’s not too late! Even if you can’t make it, go ahead and register to get a link to the slides and to the recording of the webcast (if you want to check it out later).  If you want to learn how the habits of millennials will impact your eDiscovery processes, this is the webcast for you!

So, what do you think?  Are you concerned about how the habits of millennials will impact your eDiscovery processes?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

The Cat and Mouse Game Between Data Privacy Regulators and Online Advertisers: Data Privacy Trends

You didn’t think companies that make a lot of their revenue in online advertising were going to just roll over when Europe’s General Data Protection Regulation (GDPR) was enacted to protect personal information, did you?  Apparently not, as this article discusses.

According to Legaltech® News (Is the GDPR Creating a Cat-and-Mouse Game Between Advertisers and Regulators?, written by Frank Ready), the browser company Brave alleged last week that Google was using a mechanism called “push pages” to work around restrictions on the sharing of personally identifiable information (PII) laid out by the EU’s General Data Protection Regulation (GDPR). It did so, Brave said, by assigning a distinct, almost 2,000 character-long code to user information shared with advertisers.

Google issued a response to the site Tom’s Hardware saying that it does not “serve personalized ads or send bid requests to bidders without user consent.”  But, Google’s ad practices are already facing an inquiry by the Irish Data Protection Commission (DPC), specifically with regards to how well they comply with “GDPR principles of transparency and data minimization.” However, regulators attempting to enforce the anonymization of user data could find it difficult to keep pace with companies looking for new ways to both comply with privacy requirements and protect the online advertising revenue that is central to their business.

Jarno Vanto, a partner in the privacy and cybersecurity group at Crowell & Moring, thinks part of the problem is most of the information that’s collected about users online nowadays could potentially qualify as PII.

“Ad tech companies are now trying to come up with ways on the one hand to comply, but then they are still stuck in the old world where they were able to collect all of this data because they could rely on this distinction between non-PII and PII, and that’s no longer really a valued distinction,” Vanto said.

Debbie Reynolds, founder of the data privacy and cyber response firm Debbie Reynolds Consulting, believes other companies will be looking towards the outcome of the Irish DPC’s inquiry with interest as they try to align their own data practices with compliance and profitability.  Still, she’s not expecting much in the way of new parameters surrounding what constitutes a unique identifier.

“I don’t think the regulators are going to try and go out of their way to create new words or new definitions,” Reynolds said.

Vanto said he thinks it could be a tough road due to the amount of resources that would have be leveraged in order to keep track of the practices employed by each technology company.  But Vanto also noted that there are tech-savvy privacy activists who have an interest in monitoring such activity, as well as rival companies that may also be inclined to keep their competitors moving towards the same kind of consent-based data sharing models that they are being driven to adopt into their advertising practices.

Just like Tom is always finding it difficult to stop Jerry, it appears that regulatory agencies – even with GDPR – are finding it difficult to stop the companies wanting to do everything they can to keep the advertising dollars flowing.  It will be interesting to see how this struggle plays out over time.

So, what do you think?  Will the regulatory agencies be able to find a way to protect personal information from advertisers?  Please share any comments you might have or if you’d like to know more about a particular topic.

Image Copyright © Turner Entertainment

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Appellate Court Vacates Order Allowing Plaintiff’s Expert Access to Defendant’s ESI Prior to Privilege Determination: eDiscovery Case Law

In Crosmun v. Trustees of Fayetteville Technical Community College, No. COA18-1054 (N.C. Ct. App. Aug. 6, 2019), the Court of Appeals of North Carolina, holding that the trial court abused its discretion by compelling production through a protocol that provided the plaintiffs’ expert with direct access to potentially privileged information and precluded reasonable efforts by Defendants to avoid waiving any privilege, vacated the order and remand for further proceedings not inconsistent with its opinion.

Case Background

In this claim of retaliatory dismissals from the defendant’s community college in violation of the North Carolina Whistleblower Protection Act, the plaintiffs served discovery requests on the defendants, including for ESI located in the school’s computers and servers.  After expressing concerns that the defendants had destroyed responsive ESI and sending several letters, the plaintiffs filed a motion to compel requesting the trial court “[o]rder that the parties identify a computer forensics entity or individual who, at Defendants’ cost, will search the computer servers at FTCC to determine if Defendants have deleted emails and files pertaining to these discovery requests.”

From that motion to compel, the trial court ultimately entered a Protocol Order compelling discovery and entered an order, as requested by the plaintiffs, providing for a forensic examination of the defendants’ computer files by a computer forensic expert retained by the plaintiffs.  Per the order, the plaintiffs’ forensic expert would conduct keyword searches for all responsive data and also keyword searches for potentially privileged data. Documents retrieved in responsive searches that were not identified as privileged were ordered to be delivered directly to the plaintiffs, without the defendants being able to review them for privilege. The defendants appealed the order, contending that it amounted to an involuntary waiver of their attorney-client privilege and the work-product doctrine.

Appellate Court Ruling

The appellate court ruling, written by Judge Lucy Inman, started out by noting: “Seeking justice often involves enduring tedium” and also noted that “ESI has become so pervasive that the volume of ESI involved in most cases dwarfs the volume of any paper records”.  No kidding.  Despite that, the court noted that “North Carolina authority regarding eDiscovery is bare bones.”

Relying on decisions from other courts around the country as well as Sedona Conference principles, the appellate court ruled: “In short, the Protocol Order provides Plaintiffs’ agent direct access to privileged information, which disclosure immediately violates Defendants’ privileges. It furthers that violation by directing that agent, having attempted to screen some privileged documents out through the use of search terms, to produce potentially responsive documents without providing Defendants an opportunity to examine them for privilege. If, following that continued violation, Plaintiffs—their agent notwithstanding—receive privileged documents, Defendants must attempt to clawback that information, reducing their privilege to a post-disclosure attempt at unringing the eDiscovery bell. Such compelled disclosure of privileged information is contrary to our law concerning both attorney-client privilege and work-product immunity…As a result, we hold the trial court misapprehended the law concerning attorney-client privilege and the work-product immunity (however understandably given its undeveloped state within the eDiscovery arena), vacate the Protocol Order, and remand for further proceedings.”

So, what do you think?  Should parties ever be granted access to ESI before the producing party can perform a privilege review?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.