Electronic Discovery

The Cat and Mouse Game Between Data Privacy Regulators and Online Advertisers: Data Privacy Trends

You didn’t think companies that make a lot of their revenue in online advertising were going to just roll over when Europe’s General Data Protection Regulation (GDPR) was enacted to protect personal information, did you?  Apparently not, as this article discusses.

According to Legaltech® News (Is the GDPR Creating a Cat-and-Mouse Game Between Advertisers and Regulators?, written by Frank Ready), the browser company Brave alleged last week that Google was using a mechanism called “push pages” to work around restrictions on the sharing of personally identifiable information (PII) laid out by the EU’s General Data Protection Regulation (GDPR). It did so, Brave said, by assigning a distinct, almost 2,000 character-long code to user information shared with advertisers.

Google issued a response to the site Tom’s Hardware saying that it does not “serve personalized ads or send bid requests to bidders without user consent.”  But, Google’s ad practices are already facing an inquiry by the Irish Data Protection Commission (DPC), specifically with regards to how well they comply with “GDPR principles of transparency and data minimization.” However, regulators attempting to enforce the anonymization of user data could find it difficult to keep pace with companies looking for new ways to both comply with privacy requirements and protect the online advertising revenue that is central to their business.

Jarno Vanto, a partner in the privacy and cybersecurity group at Crowell & Moring, thinks part of the problem is most of the information that’s collected about users online nowadays could potentially qualify as PII.

“Ad tech companies are now trying to come up with ways on the one hand to comply, but then they are still stuck in the old world where they were able to collect all of this data because they could rely on this distinction between non-PII and PII, and that’s no longer really a valued distinction,” Vanto said.

Debbie Reynolds, founder of the data privacy and cyber response firm Debbie Reynolds Consulting, believes other companies will be looking towards the outcome of the Irish DPC’s inquiry with interest as they try to align their own data practices with compliance and profitability.  Still, she’s not expecting much in the way of new parameters surrounding what constitutes a unique identifier.

“I don’t think the regulators are going to try and go out of their way to create new words or new definitions,” Reynolds said.

Vanto said he thinks it could be a tough road due to the amount of resources that would have be leveraged in order to keep track of the practices employed by each technology company.  But Vanto also noted that there are tech-savvy privacy activists who have an interest in monitoring such activity, as well as rival companies that may also be inclined to keep their competitors moving towards the same kind of consent-based data sharing models that they are being driven to adopt into their advertising practices.

Just like Tom is always finding it difficult to stop Jerry, it appears that regulatory agencies – even with GDPR – are finding it difficult to stop the companies wanting to do everything they can to keep the advertising dollars flowing.  It will be interesting to see how this struggle plays out over time.

So, what do you think?  Will the regulatory agencies be able to find a way to protect personal information from advertisers?  Please share any comments you might have or if you’d like to know more about a particular topic.

Image Copyright © Turner Entertainment

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Appellate Court Vacates Order Allowing Plaintiff’s Expert Access to Defendant’s ESI Prior to Privilege Determination: eDiscovery Case Law

In Crosmun v. Trustees of Fayetteville Technical Community College, No. COA18-1054 (N.C. Ct. App. Aug. 6, 2019), the Court of Appeals of North Carolina, holding that the trial court abused its discretion by compelling production through a protocol that provided the plaintiffs’ expert with direct access to potentially privileged information and precluded reasonable efforts by Defendants to avoid waiving any privilege, vacated the order and remand for further proceedings not inconsistent with its opinion.

Case Background

In this claim of retaliatory dismissals from the defendant’s community college in violation of the North Carolina Whistleblower Protection Act, the plaintiffs served discovery requests on the defendants, including for ESI located in the school’s computers and servers.  After expressing concerns that the defendants had destroyed responsive ESI and sending several letters, the plaintiffs filed a motion to compel requesting the trial court “[o]rder that the parties identify a computer forensics entity or individual who, at Defendants’ cost, will search the computer servers at FTCC to determine if Defendants have deleted emails and files pertaining to these discovery requests.”

From that motion to compel, the trial court ultimately entered a Protocol Order compelling discovery and entered an order, as requested by the plaintiffs, providing for a forensic examination of the defendants’ computer files by a computer forensic expert retained by the plaintiffs.  Per the order, the plaintiffs’ forensic expert would conduct keyword searches for all responsive data and also keyword searches for potentially privileged data. Documents retrieved in responsive searches that were not identified as privileged were ordered to be delivered directly to the plaintiffs, without the defendants being able to review them for privilege. The defendants appealed the order, contending that it amounted to an involuntary waiver of their attorney-client privilege and the work-product doctrine.

Appellate Court Ruling

The appellate court ruling, written by Judge Lucy Inman, started out by noting: “Seeking justice often involves enduring tedium” and also noted that “ESI has become so pervasive that the volume of ESI involved in most cases dwarfs the volume of any paper records”.  No kidding.  Despite that, the court noted that “North Carolina authority regarding eDiscovery is bare bones.”

Relying on decisions from other courts around the country as well as Sedona Conference principles, the appellate court ruled: “In short, the Protocol Order provides Plaintiffs’ agent direct access to privileged information, which disclosure immediately violates Defendants’ privileges. It furthers that violation by directing that agent, having attempted to screen some privileged documents out through the use of search terms, to produce potentially responsive documents without providing Defendants an opportunity to examine them for privilege. If, following that continued violation, Plaintiffs—their agent notwithstanding—receive privileged documents, Defendants must attempt to clawback that information, reducing their privilege to a post-disclosure attempt at unringing the eDiscovery bell. Such compelled disclosure of privileged information is contrary to our law concerning both attorney-client privilege and work-product immunity…As a result, we hold the trial court misapprehended the law concerning attorney-client privilege and the work-product immunity (however understandably given its undeveloped state within the eDiscovery arena), vacate the Protocol Order, and remand for further proceedings.”

So, what do you think?  Should parties ever be granted access to ESI before the producing party can perform a privilege review?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

It’s Friday the 13th! So, What’s Worse – Jason or Last Minute Votes on CCPA Amendments?: Data Privacy Trends

OK, today is the day that spawned a whole series of horror movies that have been a part of the Hollywood lexicon for nearly forty years now.  But the decisions being made in California this week could impact data privacy considerations for…well, who knows how long?  So, which is worse?  Depends on your point of view, I guess.

You all know the legacy of all the Friday the 13th movies, starting with this one way back in 1980 (still a classic!).  Yes, it even had Kevin Bacon in it, which should appease all you “Six Degrees of Kevin Bacon” fans.  Thank you, sir, may I have another?  ;o)

No, you may not, because this post is about data privacy and the California Consumer Privacy Act (CCPA).  According to this article from Alysa Zeltzer Hutnik & Alex Schneider at Kelley Drye, apparently this week marks the final opportunity for California lawmakers to amend the CCPA before the legislative session closes.

And, they have been busy with changes, according to this article from yesterday from Andrew Kingman and Jim Halpert (no, not THAT Jim Halpert) from the International Association of Privacy Professionals (IAPP) where we learned that the proposed amendment to support loyalty programs (to permit the sale of personal information collected through loyalty programs in very limited circumstances) has been shelved for the year.

Speaking of IAPP, they have a great infographic here (and below) that shows the status of privacy laws in various states.  You know I love an infographic!

Not enough detail for you?  They also have this more detailed table with references to each statute or bill currently making its way through the legislative process.

They say a picture is worth a thousand words and I’ve given you at least two of them, so I’ve earned a few days off, I’d say.  I’ll settle for two.  Back Monday!

So, what do you think?  Are you concerned about last minute changes to CCPA?  Please share any comments you might have or if you’d like to know more about a particular topic.

Image Copyright © New Line Cinema (you know which one)

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Searching for Email Addresses Can Have Lots of Permutations Too: eDiscovery Throwback Thursdays

Here’s our latest blog post in our Throwback Thursdays series where we are revisiting some of the eDiscovery best practice posts we have covered over the years and discuss whether any of those recommended best practices have changed since we originally covered them.

This post was originally published on November 15, 2012 – when eDiscovery Daily was early into its third year of existence and continues the two-part series we started last week.  Email addresses still provide the same opportunities and challenges for identifying documents associated with individuals that they did nearly seven years ago.  Enjoy!

Last week, we discussed the various permutations of names of individuals to include in your searching for a more complete result set, as well as the benefits of proximity searching (broader than a phrase search, more precise than an AND search) to search for names of individuals.  Another way to identify documents associated with individuals is through their email addresses.

Variations of Email Addresses within a Domain

You may be planning to search for an individual based on their name and the email domain of their company (e.g., daustin@cloudnine.com), but that’s not always inclusive of all possible email addresses for that individual.  Email addresses for an individual’s domain might appear to be straightforward, but there might be aliases or other variations to search for to retrieve emails to and from that individual at that domain.  For example, here are three of the email addresses to which I can receive email as a member of CloudNine:

To retrieve all of the emails to and from me, you would have to include all of the above addresses (and others too).  There are other variations you may need to account for, as well.  Here are a couple:

  • Jim Smith[/O=FIRST ORGANIZATION/OU=EXCHANGE ADMINISTRATIVE GROUP (GZEJCPIG34TQEMU)/CN=RECIPIENTS/CN=JimSmith] (legacy Exchange distinguished name from old versions of Microsoft Exchange);
  • IMCEANOTES-Andy+20Zipper_Corp_Enron+40ECT@ENRON.com (an internal Lotus Notes representation of an email address from the Enron Data Set).

As you can see, email addresses from the business domain can be represented several different ways, so it’s important to account for that in your searching for emails for your key individuals.

Personal Email Addresses

Raise your hand if you’ve ever sent any emails from your personal email account(s) through the business domain, even if it’s to remind you of something.  I suspect most of your hands are raised – I know mine is.  Identifying personal email accounts for key individuals can be important for two reasons: 1) those emails within your collection may also be relevant and, 2) you may have to request additional emails from the personal email addresses in discovery if it can be demonstrated that those accounts contain relevant emails.

Searching for Email Addresses

To find all of the relevant email addresses (including the personal ones), you may need to perform searches of the email fields for variations of the person’s name.  So, for example, to find emails for “Jim Smith”, you may need to find occurrences of “Jim”, “James”, “Jimmy”, “JT” and “Smith” within the “To”, “From”, “Cc” and “Bcc” fields.  Then, you have to go through the list and identify the email addresses that appear to be those for Jim Smith.  Any email addresses for which you’re not sure whether they belong to the individual or not (e.g., does jsmith1963@gmail.com belong to Jim Smith or Joe Smith?), you may need to retrieve and examine some of the emails to make that determination.  If he uses nicknames for his personal email addresses (e.g., huggybear2012@msn.com), you should hopefully be able to identify those through emails that he sends to his business account.

To summarize, searching by email address is another way to identify documents pertaining to a key individual.  The key is making sure your search includes all the email addresses possible for that individual.

So, what do you think?  How do you handle searching for key individuals within your document collections?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Fall 2019 Predictive Coding Technologies and Protocols Survey Results: eDiscovery Trends

So many topics, so little time!  Rob Robinson published the latest Predictive Coding and Technologies and Protocols Survey on his excellent ComplexDiscovery site last week, but this is the first chance I’ve had to cover it.  The results are in and here are some of the findings in the largest response group for this survey yet.

As Rob notes in the results post here, the third Predictive Coding Technologies and Protocols Survey was initiated on August 23 and concluded on September 5 with individuals invited to participate directly by ComplexDiscovery and indirectly by industry website, blog, and newsletter mentions – including a big assist from the Association of Certified E-Discovery Specialists (ACEDS).  It’s a non-scientific survey designed to help provide a general understanding of the use of predictive coding technologies and protocols from data discovery and legal discovery professionals within the eDiscovery ecosystem.  The survey was designed to provide a general understanding of predictive coding technologies and protocols and had two primary educational objectives:

  • To provide a consolidated listing of potential predictive coding technology and protocol definitions. While not all-inclusive or comprehensive, the listing was vetted with selected industry predictive coding experts for completeness and accuracy, thus it appears to be profitable for use in educational efforts.
  • To ask eDiscovery ecosystem professionals about their usage and preferences of predictive coding platforms, technologies, and protocols.

There were 100 total respondents in the survey (a nice, round number!).  Here are some of the more notable results:

  • 39 percent of responders were from law firms, 37 percent of responders were from software or services provider organizations, and the remaining 24 percent of responders were either part of a consultancy (12 percent), a corporation (6 percent), the government (3 percent), or another type of entity (3 percent).
  • 86 percent of responders shared that they did have a specific primary platform for predictive coding versus 14 percent who indicated they did not.
  • There were 31 different platforms noted as primary predictive platforms by responders, nine of which received more than one vote and they accounted for more than three-quarters of responses (76 percent).
  • Active Learning was the most used predictive coding technology, with 86 percent reporting that they use it in their predictive coding efforts.
  • Just over half (51 percent) of responders reported using only one predictive coding technology in their predictive coding efforts.
  • Continuous Active Learning (CAL) was (by far) the most used predictive coding protocol, with 82 percent reporting that they use it in their predictive coding efforts.
  • Maybe the most interesting stat: 91 percent of responders reported using technology-assisted review in more than one area of data and legal discovery. So, the uses of TAR are certainly expanding!

Rob has reported several other results and provided graphs for additional details.  To check out all of the results, click here.  Want to compare to the previous two surveys?  They’re here and here:o)

So, what do you think?  Do any of the results surprise you?  Please share any comments you might have or if you’d like to know more about a particular topic.

Image Copyright © FremantleMedia North America, Inc.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Another Case Where Intent to Deprive is Put in the Hands of the Jury: eDiscovery Case Law

In Woods v. Scissons, No. CV-17-08038-PCT-GMS (D. Ariz. Aug. 14, 2019), Arizona Chief District Judge G. Murray Snow granted in part and denied in part the plaintiff’s motion for sanctions for spoliation of video footage of an arrest incident involving the plaintiff and the defendant (a police officer with the Prescott Police Department), ruling that non-party City of Prescott violated a duty to preserve evidence of the alleged incident, but that the question of intent should be submitted to the jury to determine appropriate sanctions.

Case Background

In this claim of excessive force against the defendant arising out of the plaintiff’s arrest in June 2016, the plaintiff alleged that after the defendant placed him in handcuffs, he struck the plaintiff several times while he lay face-down on the pavement, resulting in a fracture to his lower back which left him in severe pain and will likely require future surgery to repair.  Several officers arrived on the scene during the course of the arrest.  After the Prescott Police Department Review Board determined that no “criminal, civil or Department Policy violations” had occurred during the arrest, the plaintiff filed this action in February 2017.  Subsequently, the plaintiff filed a motion for spoliation sanctions, arguing that non-party City of Prescott violated a duty to preserve evidence of the alleged incident—video footage automatically captured by the cameras in the various officers’ vehicles—by allowing the footage to be automatically deleted from the police department’s systems.

Judge’s Ruling

Noting examples of at least two officers (in addition to the defendant’s) whose dash cams would likely have been recording, Judge Snow stated: “the available evidence, taken as a whole, establishes that dash cam footage was recorded by at least two vehicles that could have been relevant to Woods’ claim.”  Judge Snow also “decline[d] to assume that any recordings from the vehicles in question would have been irrelevant to Woods’ claim”, stating “the footage’s value cannot simply be replaced by having eyewitness testimony regarding Woods’ arrest—much of the value provided by video footage is that it allows a jury to make its own determination.”

Judge Snow also ruled that the City of Prescott (which was paying for legal representation for the defendant) “had a duty to preserve any video recordings from the responding officers’ dash cams once it knew that litigation was reasonably likely” (which was by April 2017, at the latest) and “the parties do not dispute that any footage has been erased.”  And, Judge Snow ruled that “[t]he spoliation can be imputed to Scissons”, observing that the City would pay any judgment against the defendant in the case.

As a result, Judge Snow granted in part and denied in part the plaintiff’s motion for sanctions, ordering the following: “Because there is evidence that video recordings of the alleged event existed but were not preserved, the jury will hear evidence concerning the potential existence of video footage and will be instructed that it may consider that evidence along with all other evidence in reaching its decision. It will also be instructed that if it determines that the Police Department destroyed evidence and did so with the intent to deprive Woods of the use of the video footage, it may infer that the footage would have been favorable to Woods. However, the Court declines to give the instruction as requested by Woods because the question of intent will be submitted to the jury.”

So, what do you think?  Should juries decide intent to deprive in spoliation disputes?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Forget CCPA. COPPA Just Cost YouTube and Google $170 Million: Cybersecurity Trends

Sure, we’ve been talking a lot the past couple of years about Europe’s General Data Protection Regulation (GDPR), enacted in May 2018 and we’ve already seen one big fine here and another huge potential fine here.  And, we’ve been talking for over a year now about the California Consumer Privacy Act, which is scheduled to take effect next January 1st.  But, have we talked about “COPPA”?  Not, till now.  But, “COPPA” just cost YouTube and Google $170 million.

According to CBS News (Google to pay $170 million for violating kids’ privacy on YouTube, written by Sarah Min), Google will pay a record $170 million fine to settle a lawsuit filed by federal and state authorities that charged the internet giant with violating children’s privacy on YouTube, the Federal Trade Commission (FTC) said Wednesday.

The settlement requires Google and YouTube to pay $136 million to the FTC and $34 million to New York state for violating the Children’s Online Privacy Protection Act (COPPA), by collecting personal information from children without their parents’ consent.

The FTC and the New York attorney general alleged in a complaint that YouTube gathered children’s personal information by using “cookies,” or personal identifiers, that track users online. According to the suit, YouTube earned millions of dollars by using the information to deliver targeted ads to kids.

COPPA requires online websites to obtain parental consent prior to collecting kids’ online usage information. The FTC and New York Attorney General Letitia James said that, while YouTube claimed it caters to a general audience, many of its online channels are aimed at children under the age 13. That requires the service to comply with COPPA guidelines.

“YouTube touted its popularity with children to prospective corporate clients,” FTC Chairman Joe Simons said in a statement. “Yet when it came to complying with COPPA, the company refused to acknowledge that portions of its platform were clearly directed to kids.”

For example, a toymaker with a YouTube channel could track people who viewed its videos to send ads for its own products that are targeted to children. The FTC said in its complaint that Google and YouTube told toymaker Mattel that YouTube “is today’s leader in reaching children age 6-11 against top TV channels.” It also said that the companies told Hasbro that YouTube is the “#1 website regularly visited by kids.”

But when it came to advertisers, the FTC alleged that YouTube told at least one marketer that the video-search company need not comply with COPPA, as it did not have users under the age of 13 on the platform.

Prior to Google’s settlement, the largest civil FTC penalty for a children’s data-privacy case was a $5.7 million for a case in February involving social media app TikTok. This penalty is nearly 30 times that one.  Still, critics say last week’s settlement still amounts to a drop in the bucket for Google, whose parent company Alphabet was sitting on $121 billion in cash and securities at the end of June.

Nonetheless, this penalty, along with Google’s GDPR fine from earlier this year, adds up to nearly $227 million.  That’s some serious money, even for a company like Google.  Great Google-y Moogle-y!

So, what do you think?  Will fines like these change how organizations track user data?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Grants Spoliation Sanctions for Defendant’s Failure to Preserve Photos of Prisoner Plaintiff: eDiscovery Case Law

In Wilmoth v. Deputy Austin Murphy, No. 5:16-CV-5244 (W.D. Ark. Aug. 7, 2019), Arkansas District Judge Timothy L. Brooks granted the plaintiff’s Motion for Relief Regarding Spoliation, finding that the “defendant’s conduct in this case was designed to deprive” the plaintiff the use of photographs in litigation that were purported to have shown injuries suffered by the plaintiff associated with his excessive force claim against the deputy defendant.

Case Background

In this case involving the plaintiff’s claim of excessive force against Deputy Murphy for an incident on August 12, 2016 in the plaintiff’s cell, Judge Brooks observed that “the facts surrounding that confrontation are disputed, but it is undisputed that Wilmoth sustained at least some bruising following the event.”  Pursuant to standard operating procedures, Deputy Zachary Hale took photographs of the plaintiff and his injuries using his personal cell phone (of which Sergeant Lira made specific mention in his resulting report), which were to be used in the resulting investigation of the incident.  But the photographs were either 1) never uploaded to the jail’s internal incident reporting system or 2) were uploaded and were subsequently misplaced or deleted – they were also never produced to the plaintiff during discovery.  Claiming that this evidence was intentionally destroyed or made unavailable to him by the defendant, the plaintiff requested an adverse inference instruction based on spoliation of evidence.

Judge’s Ruling

Judge Brooks began discussion of the issue by stating: “Before a Court can impose sanctions under Rule 37, it must first determine that the party had a duty to preserve electronically stored information. In this case, that proof is abundant.”  Noting that counsel for the defendants had issued a litigation hold letter to the officers of the Benton County Jail and that the Court’s initial scheduling order directed that, within 45 days, defendants were to provide the plaintiff with “a copy of all incident reports documenting incidents referenced in the Plaintiff’s complaint, including any color photographs”, Judge Brooks stated: “As such, defendant was clearly on notice—both through his own attorney and court orders, that he was under a duty to preserve documents relevant to the incidents recounted in Wilmoth’s complaint.”

Judge Brooks went on to note that “the evidence as a collective whole indicates that there were many times when defense counsel buried her head in the sand in this case and never fully committed to producing this evidence or discovering where it was” and “that includes conduct which might readily be viewed as intentional deception before this court.”

As a result, Judge Brooks ordered the following sanctions: “First, in light of Sergeant Lira’s role in conducting the investigation into Wilmoth’s sexual assault allegations, the Court finds it literally incredible to hear Lira explain that he does not remember what he did with the pictures that he acknowledged viewing in his report or why these photographs would not have been uploaded as a crucial part of his investigatory file in accordance with county policy. The Court finds that his actions in this case have severely undermined his credibility. Given his direct involvement in viewing and in failing to ensure preservation of these photographs, the Court finds that his actions demonstrate bad faith and that it would be appropriate to prevent the defendant from calling him as a witness in his case. The same sanction will also apply to Deputy Hale. Hale admitted during his deposition that although standard policy would have already required him to preserve and upload these photographs to the system, he certainly should have done so here given the nature of Wilmoth’s accusations against Deputy Murphy. Yet, he failed to take any reasonable steps to ensure preservation of the materials that he knew were crucial to the resulting investigation… Second, under Rule 37(e)(2)(B) and in light of the Court’s earlier finding that defendant and his counsel have willfully acted to prevent Wilmoth from accessing this documentary evidence that he claims would support his case, the Court will instruct the jury that it may, but is not required to, presume that the photographs in question would have supported Wilmoth’s claimed injuries arising from his in-cell confrontation with Deputy Murphy and that the lack of such photographic evidence should not be held against Wilmoth in this case.”

So, what do you think?  Were the sanctions granted appropriate for the level of spoliation?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

What’s in a Name? Potentially, a Lot of Permutations: eDiscovery Throwback Thursdays

Here’s our latest blog post in our Throwback Thursdays series where we are revisiting some of the eDiscovery best practice posts we have covered over the years and discuss whether any of those recommended best practices have changed since we originally covered them.

This post was originally published on November 13, 2012 – when eDiscovery Daily was early into its third year of existence.  Back then, the use of predictive coding instead of keyword searching was very uncommon as we had just had our first case (Da Silva Moore) approving the use of technology assisted review earlier in the year.  Now, the use of predictive coding technologies and approaches are much more common, but many (if not most) attorneys still use keyword searching for most cases.  With that in mind, let’s talk about considerations for searching names – they’re still valid close to seven years later!  Enjoy!

When looking for documents in your collection that mention key individuals, conducting a name search for those individuals isn’t always as straightforward as you might think.  There are potentially a number of different ways names could be represented and if you don’t account for each one of them, you might fail to retrieve key responsive documents – OR retrieve way too many non-responsive documents.  Here are some considerations for conducting name searches.

The Ever-Limited Phrase Search vs. Proximity Searching

Routinely, when clients give me their preliminary search term lists to review, they will always include names of individuals that they want to search for, like this:

  • “Jim Smith”
  • “Doug Austin”

Phrase searches are the most limited alternative for searching because the search must exactly match the phrase.  For example, a phrase search of “Jim Smith” won’t retrieve “Smith, Jim” if his name appears that way in the documents.

That’s why I prefer to use a proximity search for individual names, it catches several variations and expands the recall of the search.  Proximity searching is simply looking for two or more words that appear close to each other in the document.  A proximity search for “Jim within 3 words of Smith” will retrieve “Jim Smith”, “Smith, Jim”, and even “Jim T. Smith”.  Proximity searching is also a more precise option in most cases than “AND” searches – Doug AND Austin will retrieve any document where someone named Doug is in (or traveling to) Austin whereas “Doug within 3 words of Austin” will ensure those words are near each other, making is much more likely they’re responsive to the name search.

Accounting for Name Variations

Proximity searches won’t always account for all variations in a person’s name.  What are other variations of the name “Jim”?  How about “James” or “Jimmy”?  Or even “Jimbo”?  I have a friend named “James” who is also called “Jim” by some of his other friends and “Jimmy” by a few of his other friends.  Also, some documents may refer to him by his initials – i.e., “J.T. Smith”.  All are potential variations to search for in your collection.

Common name derivations like those above can be deduced in many cases, but you may not always know the middle name or initial.  If so, it may take performing a search of just the last name and sampling several documents until you are able to determine that middle initial for searching (this may also enable you to identify nicknames like “JayDog”, which could be important given the frequently informal tone of emails, even business emails).

Applying the proximity and name variation concepts into our search, we might perform something like this to get our “Jim Smith” documents:

(jim OR jimmy OR james OR “j.t.”) w/3 smith, where “w/3” is “within 3 words of”.  This is the syntax you would use to perform the search in our CloudNine Review platform.

That’s a bit more inclusive than the “Jim Smith” phrase search the client originally gave me.

BTW, why did I use “jim OR jimmy” instead of the wildcard “jim*”?  Because wildcard searches could yield additional terms I might not want (e.g., Joe Smith jimmied the lock).  Don’t get wild with wildcards!  Using the specific variations you want (e.g., “jim OR jimmy”) is usually best.

Next week, we will talk about another way to retrieve documents that mention key individuals – through their email addresses.  Same bat time, same bat channel!

So, what do you think?  How do you handle searching for key individuals within your document collections?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Weekly Trends From a Name and an Organization You Know Well: eDiscovery Trends

I’m shocked – shocked! – that I haven’t covered this before now.  What if I told you there is a single place you can go to get a list of weekly trends on eDiscovery – everything from articles to case law to announcements and even upcoming events and webinars?  And that it’s available from an organization you probably know well and an author you probably know even better?  You’d probably want to check that out, right?

Indeed, you should.  It’s the Weekly Trends Report compiled by none other than EDRM co-founder and BDO Managing Director George Socha, available on the blog page of the Association of Certified E-Discovery Specialists (ACEDS) website or directly from the weekly trends page here, which also includes previous weekly trends reports, back to December of last year.  The weekly trends report delivers:

“Insight into where e-discovery, information governance cybersecurity, and digital transformation are heading – who is doing what now or in the future, what works and what doesn’t, and what people wish they could do but can’t – gleaned from recent publications”

Here are examples of the types of topics that George covers on his weekly trends report:

  • An Above the Fold section where George touches on some of his upcoming speaking engagements (he has a new webinar series coming up with Mary Mack and will be speaking – 3 times! – at Relativity Fest).
  • An Electronic Discovery section where he links to interesting articles related to eDiscovery.
  • A Cybersecurity & Data Privacy section where he does the same for those topics, breaking it down into subcategories for things like CCPA and GDPR.
  • A Legal Technology & Digital Transformation section where he links to interesting articles that tie into those topics.
  • An E-Discovery Case Law section with a brief blurb on recent cases and links to coverage/case opinions.
  • An Announcements section where he links to announcements by companies in the eDiscovery space.
  • An Additional Articles section where he links to other notable articles not covered above.
  • An Upcoming Events section where he provides a list of notable webinars, conferences, podcasts and meetings over the next month, with (of course) links for more info on how to register, etc.

In short, it’s a great summary of what’s going on in eDiscovery from a standpoint of notable articles, cases, company announcements and events.  Now, you know – if you didn’t before!

So, what do you think?  Where do you get your weekly trends for eDiscovery?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.