Collection

Here’s an ACEDS Houston CLE Event You Can Attend No Matter Where You Are: eDiscovery Education

In a normal non-COVID-19 (coronavirus) world, our chapter events for the Association of Certified E-Discovery Specialists (ACEDS) Houston chapter would in-person local events and probably limited to legal professionals in Houston and surrounding areas.  But, we must adapt in the current (hopefully temporary) world of “social distancing”.  As a result, here’s a CLE event that you can “attend”, even if you’re nowhere near Houston.

One week from today, on Thursday, April 2 at noon CST (1:00pm EST, 10:00am PST), ACEDS will host the webinar Mining for Valuable Data – Collection Fundamentals.  In this one-hour webcast that’s CLE-approved for 0.75 hours in Texas, Paul Price, Vice President of Forensic Services at Xact Data Discovery will discuss collection fundamentals including: the scope of collection; how data is stored and recovered; the importance of metadata, forensic soundness and chain of custody; the risks of self-collection and other available collection approaches; and major source categories to be considered.

Let’s face it: While the left side of the EDRM (Identify, Preserve, and Collect) may be the least expensive part of the eDiscovery process, it can hold the biggest value because improper collections can result in having to repeat the entire process increasing the client’s total cost; sanctions can occur if the data is no longer available; and unnecessary legal battles may ensue to defend the decisions that were made at the beginning of the case.  If you don’t have the time to do it right, when are you going to have the time to do it over?

You’re probably asking: If the webinar is CLE approved for 0.75 hours in Texas, how does that apply to me if I’m NOT in Texas?  Well, based on CloudNine’s experience in hosting our own webcasts, we know that several states (and even one territory) offer reciprocal credit for approved CLE webinars in other states.  Reciprocal credit may also be available in these states (and territory): Alaska, Arizona, Arkansas, California, Colorado, Florida, Hawaii, Maine, Montana, New Jersey, New York, North Dakota, Oregon, Puerto Rico, Rhode Island, Virginia, Washington, West Virginia and Wisconsin.  And, these are the states we have confirmed will provide CLE credit – other states may as well (check with your local state bar on requirements in your state).

To get CLE credit in Texas after the webinar, email your name and bar number to me at my email address – daustin@cloudnine.com – and (once I confirm your attendance for the full 0.75 hours) I can record your credit for you.  To get credit in another state, email me and (after confirming credit) I can send you a certificate so that you can pursue credit in your state.  What could be easier than that?!?

BTW, don’t forget CloudNine’s next webcast – Winning the Battle on Discovery Form of Production – with Tom O’Connor and me on Thursday, April 2 at noon CST (1:00pm EST, 10:00am PST).  That’s nearly 2 hours of new CLE courses in less than a week!

So, what do you think?  Are you looking for opportunities to obtain CLE credit during the pandemic?  Well, here’s one chance to do so!  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Here’s a Terrific Listing of eDiscovery Workstream Processes and Tasks: eDiscovery Best Practices

Let’s face it – workflows and workstreams in eDiscovery are as varied as organizations that conduct eDiscovery itself.  Every organization seems to do it a little bit differently, with a different combination of tasks, methodologies and software solutions than anyone else.  But, could a lot of organizations improve their eDiscovery workstreams?  Sure.  Here’s a resource (that you probably already know well) which could help them do just that.

Rob Robinson’s post yesterday on his terrific Complex Discovery site is titled The Workstream of eDiscovery: Considering Processes and Tasks and it provides a very comprehensive list of tasks for eDiscovery processes throughout the life cycle.  As Rob notes:

“From the trigger point for audits, investigations, and litigation to the conclusion of cases and matters with the defensible disposition of data, there are countless ways data discovery and legal discovery professionals approach and administer the discipline of eDiscovery.  Based on an aggregation of research from leading eDiscovery educators, developers, and providers, the following eDiscovery Processes and Tasks listing may be helpful as a planning tool for guiding business and technology discussions and decisions related to the conduct of eDiscovery projects. The processes and tasks highlighted in this listing are not all-inclusive and represent only one of the myriads of approaches to eDiscovery.”

Duly noted.  Nonetheless, the list of processes and tasks is comprehensive.  Here are the number of tasks for each process:

  • Initiation (8 tasks)
  • Legal Hold (11 tasks)
  • Collection (8 tasks)
  • Ingestion (17 tasks)
  • Processing (6 tasks)
  • Analytics (11 tasks)
  • Predictive Coding (6 tasks)*
  • Review (17 tasks)
  • Production/Export (6 tasks)
  • Data Disposition (6 tasks)

That’s 96 total tasks!  But, that’s not all.  There are separate lists of tasks for each method of predictive coding, as well.  Some of the tasks are common to all methods, while others are unique to each method:

  • TAR 1.0 – Simple Active Learning (12 tasks)
  • TAR 1.0 – Simple Passive Learning (9 tasks)
  • TAR 2.0 – Continuous Active Learning (7 tasks)
  • TAR 3.0 – Cluster-Centric CAL (8 tasks)

The complete list of processes and tasks can be found here.  While every organization has a different approach to eDiscovery, many have room for improvement, especially when it comes to exercising due diligence during each process.  Rob provides a comprehensive list of tasks within eDiscovery processes that could help organizations identify steps they could be missing in their processes.

So, what do you think?  How many steps do you have in your eDiscovery processes?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Mobile Collection: It’s Not Just for iPhones Anymore, Part Four

Editor’s Note: Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems.  He has also been a great addition to our webinar program, participating with me on several recent webinars.  Tom has also written several terrific informational overview series for CloudNine, including his most recent one, DOS and DON’TS of a 30(b)(6) Witness Deposition.  Now, Tom has written another terrific overview regarding mobile device collection titled Mobile Collection: It’s Not Just for iPhones Anymore that we’re happy to share on the eDiscovery Daily blog.  Enjoy! – Doug

Tom’s overview is split into four parts, so we’ll cover each part separately.  The first part was last Thursday, the second part was Monday and the third part was Wednesday, here’s the fourth and final part.

Conclusions

So, when you think of smart phone collection be sure to ask what OS you going to encounter.  Android phones are market leaders both here in the US and worldwide and offer corporate archiving solutions that are second to none. Your litigation opponent might actually have the droid you are looking for.

And, why is that important?  Because we’re seeing more cases where mobile device data is relevant than ever.  As I mentioned in my Millennials series last summer, Americans send about 8.5 billion texts every day!  Texts and other mobile data are routinely relevant in just about every type of litigation case.

And, we’re certainly seeing more cases where mobile device data is figuring prominently in court rulings.  Here are some cases covered by eDiscovery Daily in just the past year regarding mobile devices and (in some cases) consideration of sanctions for failing to preserve mobile device data:

The good news is that you’ve now learned about some terrific resources to preserve that mobile device data and hopefully avoid sanctions in your own cases, regardless of whether the device is Apple or Android.

So, what do you think?  Are you having to increasingly address issues associated with mobile device discovery?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Mobile Collection: It’s Not Just for iPhones Anymore, Part Three

Editor’s Note: Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems.  He has also been a great addition to our webinar program, participating with me on several recent webinars.  Tom has also written several terrific informational overview series for CloudNine, including his most recent one, DOS and DON’TS of a 30(b)(6) Witness Deposition.  Now, Tom has written another terrific overview regarding mobile device collection titled Mobile Collection: It’s Not Just for iPhones Anymore that we’re happy to share on the eDiscovery Daily blog.  Enjoy!  And, BTW, Happy Birthday to my beautiful wife Paige! – Doug

Tom’s overview is split into four parts, so we’ll cover each part separately.  The first part was last Thursday and the second part was Monday, here’s the third part.

Google Vault and the Emphasis of Android Devices

During the same time period as when Google TakeOut hit the market, Google also created Google Vault in 2012, their web tool for preservation of data in the Google Suite. It’s easy and inexpensive but only covers some email archiving, searching, and exporting capabilities for Gmail. Unlike iOS however it has 3rd party add-ons that can securely archive Gmail messages, Gmail Notes, Appointments and some Calendar Items.

A Gartner review of many of these products notes how they quickly and easily integrate with Google Apps to make up for the deficiencies in Vault and allows archived data to be stored into one unified message archive. Some of them even can search, publish, and perform eDiscovery from the archive, which is in one central location.

So perhaps not the quick and easy solution offered by iTunes or iOS backup and, like O365, based on a web archive. But still a relatively easy and to create archives and now given the arrival of Google One, a variety of methods exist for handling Android smartphone data.

Why is all this emphasis on Android phones important? As I noted in the Introduction, it’s because Android market share is now bigger than Apple everywhere in the world. Again, while Apple iOS holds a large share of the smartphone operating systems’ market within the United States, Google Android remains the market leader with a 51.8% share as of September 2019.  Worldwide, Android has a 76% market share with iOS far behind at 22%. (Source, IDC Nov 2019)  Clearly, you’re not only as likely to need to preserve Android devices as you are iPhones, you’re more likely, possibly much more likely, to need to do so.

Apple, of course, registers strongly in actual smartphone sales because they sell the phone AND the operating system unlike Android systems which are fragmented among multiple phone manufacturers. But even here, Apple is not the market leader. Although their share of smartphone users in the US has risen roughly 20% since early 2012 and stood at 42% in Q3 2019, the combination of all Android phones at that time was 47%, led by Samsung with 25%. And that Apple growth surge in the United States goes against a global trend that has seen their market share of smartphone shipments drop to around 10 percent.

Samsung, known for consumer products worldwide including mobile devices and home entertainment systems, is the global leading smartphone vendor. Since 2012, the South Korean company has held a share of 20 to 30 percent in the smartphone market. In 2018, they shipped more than 292 million smartphones worldwide and by the third quarter of 2019, Samsung’s global market share was 21.8%.

Apple is not one to take these statistics lightly and is responding with a new cheap phone. Channel manufacturers, reported to be Hon Hai Precision Industry, Pegatron Corp. and Wistron Corp, are currently preparing their production lines and planning to start mass production next month with an official release expected in March.

A cheaper offering may help Apple compete better in price-competitive phone markets such as India and China. India, in particular, presents a substantial challenge for Apple which has a high number of Android rivals coming in at prices less than $200.  Still, Apple has set a goal of shipping more than 200 million units in 2020 and recovering some of that lost market share.

We’ll publish Part 4 – Conclusions – on Friday.

So, what do you think?  Are you having to increasingly address issues associated with mobile device discovery?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Mobile Collection: It’s Not Just for iPhones Anymore, Part Two

Editor’s Note: Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems.  He has also been a great addition to our webinar program, participating with me on several recent webinars.  Tom has also written several terrific informational overview series for CloudNine, including his most recent one, DOS and DON’TS of a 30(b)(6) Witness Deposition.  Now, Tom has written another terrific overview regarding mobile device collection titled Mobile Collection: It’s Not Just for iPhones Anymore that we’re happy to share on the eDiscovery Daily blog.  Enjoy! – Doug

Tom’s overview is split into four parts, so we’ll cover each part separately.  The first part was last Thursday, here’s the second part.

Mobile Collection and Preservation, Courtesy of Craig Ball

As I mentioned in the Introduction, Craig Ball has provided a lot of terrific information regarding preservation and collection of data from mobile devices.  These are terrific resources that everyone who deals with discovery of mobile devices should be aware of.  His original discussion about preservation of cell phone data was a 2017 article called Custodian-Directed Preservation of iPhone Content: Simple. Scalable. Proportional and, as the title denotes, dealt with iPhones. It proposed a wonderfully simple way to preserve iPhone data using iTunes. Although it did not preserve email, content from iTunes or iBooks, some data stored in iCloud and data from Apple Pay, Activity, Health or Keychain. Additionally, it offered several advantages in Craig’s mind to an iCloud backup, primarily that it took less time and you could choose not to encrypt the backup.

I disagreed with the last point but it’s a minor quibble and not worth discussing here because, well, all good things must come to an end and Apple last year decided to end iTunes. So Craig wrote another article entitled How Will We Back Up iPhones Without iTunes? in which he noted the good thing that ended had morphed into a better thing. As he explained, “In fact, preserving iPhones may be easier for Mac users as Apple is shifting the backup tool into the Finder app.  You’ll do exactly the same thing I wrote about but Mac users with Catalina won’t even need to use iTunes to preserve mobile evidence.  It’ll be built in.”

In between those two articles, Craig also wrote a piece called Mobile to the Mainstream which discussed all the various data types on a smart phone and provided a Mobile Evidence Scorecard, which rated the data types by ease of collection, ease of review, potential relevance and whether they should be part of a routine backup collection process. Everyone should have this card.  Here is a representation of it, split into a front and back section.

And, last but not least, Craig compiled all of his accumulated wisdom about mobile evidence (well, iPhone mobile evidence) into a white paper called Mobile to the Mainstream: Preservation and Extraction of iOS Content for E-Discovery. I should note that the title violated one of Craigs most often discussed issues with searching ESI.  But search is also a topic for another day.

Craig finally turned to Androids last fall. Although that was actually not his first mention of the “other” OS, that came in a 2015 paper Opportunities and Obstacles: E-Discovery from Mobile DevicesBut a column in this venue pointed out the most recent advances in Android collection.

Called Craig Ball is “That Guy” Who Keeps Us Up to Date on Mobile eDiscovery Trends: eDiscovery Best Practices, Doug Austin noted how Craig discussed Google’s recently expanded offering of “cheap-and-easy” online backup of Android phones, including SMS and MMS messaging, photos, video, contacts, documents, app data and more.  In that discussion, Craig stated: “This is a leap forward for all obliged to place a litigation hold on the contents of Android phones — a process heretofore unreasonably expensive and insufficiently scalable for e-discovery workflows.  There just weren’t good ways to facilitate defensible, custodial-directed preservation of Android phone content.  Instead, you had to take phones away from users and have a technical expert image them one-by-one.”

Now as a character in the movie Independence Day once said …. “that’s not ENTIRELY correct.” Craig was referring to Google One, the recent addition intended to improve archiving capabilities.  But as Google notes on their own website. “We’ve taken the standard Android backup (my emphasis added) that includes texts, contacts, and apps and we’re giving you even more.”

The new automatic phone backup also addresses photos, videos, and multimedia messages (MMS) and it can all be done from a Google One app.

But backups did exist before this. Craig himself mentions Google TakeOut, which has long allowed users of Google products, such as YouTube and Gmail, to export their data to a downloadable archive file. Started with some basic services in 2011, TakeOut expanded to include Gmail and Google Calendar in 2013. By 2016, Google had grown the service to include search history and Wallet details and since then, they have also added Google Hangouts to the Takeout service. In all cases, TakeOut does not delete user data automatically after exporting.

We’ll publish Part 3 – Google Vault and the Emphasis of Android Devices – on Wednesday.

So, what do you think?  Are you having to increasingly address issues associated with mobile device discovery?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Mobile Collection: It’s Not Just for iPhones Anymore

Editor’s Note: Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems.  He has also been a great addition to our webinar program, participating with me on several recent webinars.  Tom has also written several terrific informational overview series for CloudNine, including his most recent one, DOS and DON’TS of a 30(b)(6) Witness Deposition.  Now, Tom has written another terrific overview regarding mobile device collection titled Mobile Collection: It’s Not Just for iPhones Anymore that we’re happy to share on the eDiscovery Daily blog.  Enjoy! – Doug

Tom’s overview is split into four parts, so we’ll cover each part separately.  Here’s the first part.

Introduction

Most of the talk about retrieving data from mobile devices has centered on iPhones and other Apple devices.  And no small reason for that is that most of the discussion on the topic has come from Craig Ball, who is, like many attorneys, an Apple guy.

But, iPhones are not the only mobile devices for which data collection is necessary.  In fact, they’re not even the most popular devices – by far.  Android market share is now bigger than Apple everywhere in the world. Although Apple iOS holds a large share of the smartphone operating systems’ market within the United States, Google Android remains the market leader with a 51.8% share as of September 2019.  Worldwide, Android has a 76% market share with iOS far behind at 22% (Source, IDC Nov 2019)

So, you’re just as likely – even more likely – to need to collect data from Android devices than from Apple devices, especially outside the US.

With that in mind, in this paper, we will take a look at mobile device collection topics, including:

  1. Mobile Collection and Preservation, Courtesy of Craig Ball
  2. Google Vault and the Emphasis of Android Devices
  3. Conclusions

We’ll publish Part 2 – Mobile Collection and Preservation, Courtesy of Craig Ball – next Monday.

So, what do you think?  Are you having to increasingly address issues associated with mobile device discovery?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Orders Defendants to Produce Laptop for Forensic Examination – Again: eDiscovery Case Law

In HealthPlan Servs., Inc. v. Dixit, et al., No.: 8:18-cv-2608-T-23AAS (M.D. Fla. Dec. 19, 2019), Florida Magistrate Judge Amanda Arnold Sansone granted the plaintiff’s motion to order a group of defendants (the “Dixit defendants) to comply with the court’s previous order compelling immediate inspection of a laptop of one of the defendants.  Judge Sansone also granted the plaintiff’s motion for fees, sanctions, a jury instruction, and order to show cause why the Dixit defendants should not be held in contempt of court order to the extent that the Dixit defendants were ordered to pay the plaintiff’s reasonable expenses incurred for the meet and confers with the Dixit defendants about this issue and filing its motion.  The plaintiff’s requests for additional sanctions, a jury instruction, and an order to show cause were denied without prejudice pending the forensic examination of the laptop.

Case Background

In this case involving copyright infringement and breach of contract (among other issues), the court granted the plaintiff’s oral motion to compel immediate inspection of defendant Feron Kutsomarkos’s laptop in defendant Rakesh Dixit’s possession on October 16, 2019. The court required Mr. Dixit to turn over the hard drives from Ms. Kutsomarkos’s laptop to his attorneys by October 19, which he did.  The court also required the plaintiff to identify an expert and gave the Dixit defendants ten days to object as required by the protective order.  Counsel for the Dixit defendants responded by saying “we object to your expert designation in relation to the hard drive matter address in the Order at Doc. 200.”

The plaintiff contended that the Dixit defendants did not provide good cause for objecting to the plaintiff’s selected expert and speculated that the Dixit defendants’ refusal to turn over the hard drive to the expert may be an attempt to cover up spoliation by the Dixit defendants.  In response, the Dixit defendants argued the plaintiff’s comments at the October 16 hearing suggested the drives were only to be forensically imaged, even though the plaintiff had stated that it was “creating a forensic image so that we can evaluate the documents that were produced and ensure that they’re properly preserved and that we’ve received the entirety of the documents that we’ve requested”.  The Dixit defendants also argued a different legal standard exists for permitting a forensic examination of the hard drives rather than permitting a mere image and cited Garrett v. University of South Florida Board of Trustees, No. 8:17-cv-2874-T-23AAS, 2018 WL 4383054 (M.D. Fla. Sept. 14, 2018) to support that contention.

Judge’s Ruling

With regard to the case cited by the Dixit defendants, Judge Sansone stated: “The Dixit defendants’ reliance on Garrett for the legal standard is misplaced. In Garrett, the plaintiff produced the recording sought by the defendant, but the defendant requested a forensic examination to see if there was evidence of an attempt to tamper with the recording…Here, counsel for Ms. Kutsomarkos noted Ms. Kutsomarkos provided pdf versions of documents from the laptop…However, the pdf files scrubbed the metadata from the documents and that metadata should be available on the hard drives…Also, the computer in Garrett was a personal computer, but here the computer was Ms. Kutsomarkos’s business computer and she gave it to Mr. Dixit, her employer.”

Judge Sansone also stated: “Since Ms. Kutsomarkos did not correctly comply with prior discovery requests by producing from the laptop incorrectly formatted documents with limited information, the court determined a forensic examination of the laptop was warranted…Ms. Kutsomarkos also conducted her own search of the emails rather than having an expert or her attorney conduct the search…Also, Mr. Dixit, another defendant, searched and recovered the same files Ms. Kutsomarkos produced in the native format…HealthPlan also conveyed certain documents that should have come from a professional search of the laptop were missing…These factors satisfy exceptional circumstances to warrant a forensic examination. Noting, the cost and burden for the forensic examination is falling on HealthPlan, who wants to confirm everything was turned over to them.”

As a result, Judge Sansone granted the plaintiff’s motions as noted above and denied without prejudice the plaintiff’s additional requests pending the forensic examination of the laptop.

So, what do you think?  Did the court go far enough to address the defendant’s discovery failings?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

When Litigation Hits, The First 7 to 10 Days is Critical: eDiscovery Throwback Thursdays

Here’s our latest blog post in our Throwback Thursdays series where we are revisiting some of the eDiscovery best practice posts we have covered over the years and discuss whether any of those recommended best practices have changed since we originally covered them.

This post was originally published on June 28, 2012, when eDiscovery Daily was less than two years old.  This post has already been revisited a couple of times since and has been referenced in a handful of webcasts as well.  It’s still good advice today.  Enjoy!

When a case is filed (or even before, if litigation is anticipated then), several activities must be completed within a short period of time (often as soon as the first seven to ten days after filing) to enable you to assess the scope of the case, where the key electronically stored information (ESI) is located and whether to proceed with the case or attempt to settle with opposing counsel.  Here are several of the key early activities that can assist in deciding whether to litigate or settle the case.

Activities:

  • Create List of Key Employees Most Likely to have Documents Relevant to the Litigation: To estimate the scope of the case, it’s important to begin to prepare the list of key employees that may have potentially responsive data. Information such as name, title, e-mail address, phone number, office location and where information for each is stored on the network is important to be able to proceed quickly when issuing hold notices and collecting their data.
  • Issue Litigation Hold Notice and Track Results: The duty to preserve begins when you anticipate litigation; however, if litigation could not be anticipated prior to the filing of the case, it is certainly clear once the case if filed that the duty to preserve has begun. Hold notices must be issued ASAP to all parties that may have potentially responsive data.  Once the hold is issued, you need to track and follow up to ensure compliance.  Here are a couple of recent posts regarding issuing hold notices and tracking responses.
  • Interview Key Employees: As quickly as possible, interview key employees to identify potential locations of responsive data in their possession as well as other individuals they can identify that may also have responsive data so that those individuals can receive the hold notice and be interviewed.
  • Interview Key Department Representatives: Certain departments, such as IT, Records or Human Resources, may have specific data responsive to the case. They should also have certain processes in place for regular destruction of “expired” data, so it’s important to interview them to identify potentially responsive sources of data and stop routine destruction of data subject to litigation hold.
  • Inventory Sources and Volume of Potentially Relevant Documents: Potentially responsive data can be located in a variety of sources, including: shared servers, e-mail servers, employee workstations, employee home computers, employee mobile devices (including bring your own device (BYOD) devices), portable storage media (including CDs, DVDs and portable hard drives), active paper files, archived paper files and third-party sources (consultants and contractors, including cloud storage providers). Hopefully, the organization already has created a data map before litigation to identify the location of sources of information to facilitate that process.  It’s important to get a high-level sense of the total population to begin to estimate the effort required for discovery.
  • Plan Data Collection Methodology: Determining how each source of data is to be collected also affects the cost of the litigation. Are you using internal resources, outside counsel or a litigation support vendor?  Will the data be collected via an automated collection system or manually?  Will employees “self-collect” any of their own data?  Answers to these questions will impact the scope and cost of not only the collection effort, but the entire discovery effort.

These activities can result in creating an inventory of potentially responsive information and help in estimating discovery costs (especially when compared to past cases at the same stage) that will help in determining whether to proceed to litigate the case or attempt to settle with the other side.

So, what do you think?  How quickly do you decide whether to litigate or settle?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Denies Plaintiff’s Request to Avoid Forensic Imaging of Devices in Apple Performance Case: eDiscovery Case Law

In the case In Re: Apple Inc., No. 5:18-md-02827-EJD (N.D. Cal. Aug. 22, 2019), California District Judge Edward J. Davila denied the plaintiffs’ motion to modify the Special Discovery Master order that authorized the forensic imaging of devices belonging to 10 of the more than 90 named plaintiffs in order to allow Apple’s outside experts to performance test the devices, finding that “Apple’s interest in performance testing the forensic images outweighs Plaintiff’s privacy interest because Plaintiffs put the performance of the devices at the center of the lawsuit”.

Case Background

In this litigation involving the performance of Apple devices after software updates, the Special Discovery Master entered an order authorizing the forensic imaging of the devices belonging to 10 of the more than 90 named Plaintiffs in order to allow Apple’s outside experts to performance test the devices.  The plaintiff’s objected to the order and sought to modify the Order so that Apple’s discovery of the devices is limited to the extraction of “limited diagnostic data” instead of full forensic imaging, arguing that the Special Discovery Master made “erroneous factual findings and reached incorrect legal conclusions”.

The plaintiffs, basing their argument on the 2017 California Supreme Court case Williams v. Superior Court, argued that “[p]ersonal devices, like those at issue here, are afforded special privacy protections under the law. Apple therefore had to demonstrate a compelling need or interest to justify the forensic imaging. The Special Discovery Master should have conducted a balancing test between that compelling interest and the intrusion into Plaintiffs’ privacy posed by the imaging. But the Special Discovery Master failed to do so when she ‘deferr[ed] the basic question of scientific reliability to trial.’”

Judge’s Ruling

Judge Davila noted that the “motion is suitable for resolution without oral argument” and stated that “Plaintiffs’ concerns over their privacy rights are understandable; they are being asked to surrender their devices and passwords to strangers.”  But, Judge Davila also noted that the forensic imaging would be completed by a neutral, third-party computer forensics vendor and that those “outside experts will only provide counsel with their analyses and the data underlying their analyses…To the extent possible, the experts will redact the contents, authors, recipients, and subject-matter of the underlying data (and any associated metadata) or replace them with summary descriptions before providing the underlying data to Apple’s counsel.”

Judge Davila also concluded that “Plaintiffs actively put their devices at issue when they chose to sue Apple over Apple’s alleged intrusion and trespass to the devices through Apple’s software updates”, stating that “[i]t is well-established that a plaintiff cannot bring suit and then limit the defendant’s discovery that is targeted at the subject matter of the plaintiff’s claims.”  Noting that the plaintiffs “overreach” with regard to their argument “that the forensic imaging would ‘violat[e] Plaintiffs’ privacy with no gain’ to Apple”, Judge Davila found that “Apple has a compelling interest in the sought-after performance testing of Plaintiffs’ devices. The devices’ performance is integral to Plaintiffs’ claims. They allege that Apple’s software updates unjustly harmed the performance of their devices…Apple is entitled to defend itself against these allegations by testing whether the performance of the devices was, in fact, harmed. Later, Plaintiffs may challenge whether that testing is admissible, scientifically reliable, or ‘necessary’ for Apple’s defenses through in limine, Daubert, and other motions.”

So, what do you think?  Did the court properly weigh the balance of privacy and discovery in this case?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Chain, Chain, Chain – Chain of Custody: eDiscovery Throwback Thursdays

Here’s our latest blog post in our Throwback Thursdays series where we are revisiting some of the eDiscovery best practice posts we have covered over the years and discuss whether any of those recommended best practices have changed since we originally covered them.

This post was originally published on June 24, 2013 – over six years ago.  Back then, we referenced both baseball player Ryan Braun and legendary singer Aretha Franklin in a single post(!).  Braun ultimately did receive a suspension from Major League Baseball for his involvement with a clinic associated with performance enhancing drugs, but has resumed a successful playing career.  And, of course, the Queen of Soul is no longer with us, sadly.

As for chain of custody tracking, it’s as important as ever.  But technology has helped us out here with some mechanisms to automate the delivery of files.  The use of File Transfer Protocol (FTP) for transfer of files has become commonplace for even fairly large document sets and the use of secured FTP protocols (such as SFTP and FTPS) have become commonplace.  At CloudNine, most of the data we receive from clients today for loading into our CloudNine Review platform is received via secured FTP – either directly or through our Discovery Client that automates the loading of data into the platform.

However, our Client Services team still receives some data from clients via media transportation, especially when it’s a lot of data (we’re often talking terabytes, not gigabytes) and needs to get to us quickly and securely.  In those instances, we still follow the same chain of custody procedures described below to document that transfer.  When it comes to those types of transfers, ensuring proper chain of custody tracking is also an important part of handling that ESI through the eDiscovery process in order to be able to fight challenges of the ESI by opposing parties.  An insufficient chain of custody is a chain, chain, chain of fools.

Information to Track for Chain of Custody

ESI can be provided by a variety of sources and in a variety of media, so you need a standardized way of recording chain of custody for the ESI that you collect within your organization or from your clients.  At CloudNine, we use a standard form for capturing chain of custody information.  Because we never know when a client will call and ask us to pick up data, our client services personnel typically have a supply of blank forms either in their briefcase or in their car (maybe even both).

Our chain of custody tracking form includes the following:

  • Date and Time: The date and time that the media containing ESI was provided to us.
  • Pick Up or Delivery Location: Information about the location where the ESI was provided to us, including the company name, address, physical location within the facility (e.g., a specific employee’s office) and any additional information important to note where the data was received.
  • Delivering Party: Name of the company and the name of representative of the company providing the media, with a place for that representative to sign for tracking purposes.
  • Delivery Detail (Description of Items): A detailed description of the item(s) being received. Portable hard drives are one typical example of the media used to provide ESI to us, so we like to describe the brand and type of hard drive (e.g., Western Digital My Passport drive) and the serial number, if available.  Record whatever information is necessary to uniquely identify the item(s).
  • Receiving Party: Name of the company and the name of representative of the company receiving the media, with a place for that representative to sign for tracking purposes. In our form, that’s usually somebody from CloudNine Discovery, but can be a third party if they are receiving the data from the original source – then, another chain of custody form gets completed for them to deliver it to us.
  • Comments: Any general comments about the transfer of media not already addressed above.

I’ve been involved in several cases where the opposing party, to try to discredit damaging data against them, has attacked the chain of custody of that data to raise the possibility that the data was spoliated during the process and mitigate its effect on the case.  In these types of cases, you should be prepared to have an expert ready to testify about the chain of custody process to counteract those attacks.  Otherwise, you might be singing one of Aretha Franklin’s most famous songs (but not as well as she did).

So, what do you think?  How does your organization track chain of custody of its data during discovery?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.