Evidence

Pennsylvania Supreme Court Rules that Forcing Provision of Computer Password Violates the Fifth Amendment: eDiscovery Case Law

In Commonwealth v. Davis, No. 56 MAP 2018 (Pa. Nov. 20, 2019), the Supreme Court of Pennsylvania, in a 4-3 ruling, overturned a lower-court order that required a criminal suspect to turn over a 64-character password to his computer, concluding that “compelling the disclosure of a password to a computer, that is, the act of production, is testimonial” and rejecting the Commonwealth’s argument that provision of the password was a foregone conclusion, finding that “the prohibition of application of the foregone conclusion rationale to areas of compulsion of one’s mental processes would be entirely consistent with” US Supreme Court decisions.

Case Background

In this case involving alleged child-pornography activities, agents of the Office of Attorney General (“OAG”) executed a search warrant at Appellant’s apartment based upon a video found to contain child pornography being shared via a peer-to-peer file-sharing network (eMule) from an IP address associated with the appellant.  At Appellant’s apartment, after the agents discovered a single computer, an HP Envy 700 desktop, which was encrypted with TrueCrypt, Appellant informed the agents that he lived alone, that he was the sole user of the computer, and that only he knew the password to his computer.  When the agent requested that Appellant provide him with the password to the computer, he responded: “It’s 64 characters and why would I give that to you? We both know what’s on there. It’s only going to hurt me. No f*cking way I’m going to give it to you.”  Appellant was charged with two counts of disseminating child pornography in violation of 18 Pa.C.S. § 6312(c), and two counts of criminal use of a communication facility in violation of 18 Pa.C.S. § 7512(a).

On December 17, 2015, the Commonwealth filed with the trial court a pre-trial motion to compel Appellant to divulge the password to his HP 700 computer. Appellant responded by invoking his right against self-incrimination.  The trial court focused on the question of whether the encryption was testimonial in nature, and, thus, protected by the Fifth Amendment.  Applying the foregone conclusion exception, the trial court determined that the information the Commonwealth sought from Appellant was a foregone conclusion, in that the facts to be conveyed by Appellant’s act of production of his password already were known to the government. As, according to the trial court, Appellant’s revealing his password would not provide the Commonwealth with any new evidence, and would simply be an act that permitted the Commonwealth to retrieve what was already known to them, the foregone conclusion exception was satisfied.  A three-judge panel of the Superior Court later affirmed that ruling, leading to appeal to the Pennsylvania Supreme Court.

Judge’s Ruling

In the majority opinion written by Justice Debra Todd, she wrote:

“Based upon these cases rendered by the United States Supreme Court regarding the scope of the Fifth Amendment, we conclude that compelling the disclosure of a password to a computer, that is, the act of production, is testimonial. Distilled to its essence, the revealing of a computer password is a verbal communication, not merely a physical act that would be nontestimonial in nature. There is no physical manifestation of a password, unlike a handwriting sample, blood draw, or a voice exemplar. As a passcode is necessarily memorized, one cannot reveal a passcode without revealing the contents of one’s mind. Indeed, a password to a computer is, by its nature, intentionally personalized and so unique as to accomplish its intended purpose — keeping information contained therein confidential and insulated from discovery. Here, under United States Supreme Court precedent, we find that the Commonwealth is seeking the electronic equivalent to a combination to a wall safe — the passcode to unlock Appellant’s computer. The Commonwealth is seeking the password, not as an end, but as a pathway to the files being withheld. As such, the compelled production of the computer’s password demands the recall of the contents of Appellant’s mind, and the act of production carries with it the implied factual assertions that will be used to incriminate him. Thus, we hold that compelling Appellant to reveal a password to a computer is testimonial in nature.”

Judge Todd also, after commenting on several US Supreme Court rulings, stated “the prohibition of application of the foregone conclusion rationale to areas of compulsion of one’s mental processes would be entirely consistent with the Supreme Court decisions, surveyed above, which uniformly protect information arrived at as a result of using one’s mind. To broadly read the foregone conclusion rationale otherwise would be to undercut these pronouncements by the high Court.”

Judge Max Baer offered the dissenting opinion, stating: “In my opinion, the compulsion of Appellant’s password is an act of production, requiring him to produce a piece of evidence similar to the act of production requiring one to produce a business or financial document”.  He also stated: “Under the majority’s reasoning, the compelled production of documents would be tantamount to placing the defendant on the stand and requiring him to testify as to the location of the documents sought. The mere fact that Appellant is required to think in order to complete the act of production, in my view, does not immunize that act of production from the foregone conclusion rationale.”

Nonetheless, by a 4-3 vote, the Pennsylvania Supreme Court reversed the order of the Superior Court and remanded the matter to the Superior Court, for remand to the trial court, for proceedings consistent with the majority Opinion.

Here’s a case from earlier this year with a different result.

So, what do you think?  Should defendants be ordered to provide their passcodes, even if it leads to incriminating evidence against them?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Happy Thanksgiving!

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

#metoo and the Increasing Investigation Emphasis on eDiscovery: eDiscovery Trends

In our April webcast (Discovery Isn’t Just for Litigation Anymore), conducted by Tom O’Connor and me, we discussed a number of factors that are increasing the need for eDiscovery software and services, including compliance considerations with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).  The need for eDiscovery in internal investigations is on the rise as well and one of the most significant factors is workplace harassment and #metoo, which we also discussed in that webcast.  Here’s another indication of the growth of that factor.

In the Legaltech News article As #MeToo Yields Harassment Investigations, Companies Turning to E-Discovery to Help (written by Victoria Hudgins), the author discusses how “e-discovery companies say they’ve seen a noticeable increase in the past two to three years from corporate legal departments leveraging their platform to investigate workplace harassment.”

“We are seeing it across the board, not just specifically to one category but the concept of trying to proactively identify behavior before it becomes a bigger issue and addressing it with additional training or self-reporting,” said Sheila Mackay, managing director of eDiscovery services at eDiscovery provider firm H5.

In our webcast, we referenced the 2019 Litigation Forecast from Crowell & Moring where #metoo was identified as one of the top 2019 litigation trends.  As that report noted: “The ensuing litigation is just beginning to wind its way through the courts, and its full impact is yet to be felt.”

“There have been a lot of complaints raised and individuals terminated, but few cases have been fully litigated,” said Ellen Moran Dwyer, a partner in Crowell & Moring’s Labor & Employment Group and chair of the firm’s Executive Committee. “So we haven’t seen a real shift in the legal and liability standards that apply in harassment cases—but that may be coming. Over time, the courts will have to grapple with these issues.”

Investigations don’t always lead to litigation, but it’s notable that, with regard to the litigation associated with #metoo claims, we’re just getting started.  And, organizations don’t just have to worry about individuals filing harassment claims, states are passing a ton of legislation to establish requirements with which organizations need to comply – over 260 laws directly addressing topics supported by the anti-sexual harassment initiatives within a 30-month period.  And, violations could and probably will lead to states filing claims against employers on behalf of harassment victims.  These are new litigation possibilities that organizations have to be prepared for as well.  Of course, the best litigation is the one you never have to conduct, so the importance of using eDiscovery software and services to identify potential harassment issues within the organization and address them proactively has become more important than ever.

So, what do you think?  How has your organization prepared to identify harassment issues?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

In Decision That Sounds the “Death Knell” for Fifth Amendment Protection, Defendant Ordered to Provide Cell Phone Password: eDiscovery Case Law

In Commonwealth v. Jones, SJC-12564 (Mass. Mar. 6, 2019), the Supreme Judicial Court of Massachusetts reversed a lower court judge’s denial of the Commonwealth’s renewed Gelfgatt motion (where the act of entering the password would not amount to self-incrimination because the defendant’s knowledge of the password was already known to the Commonwealth, and was therefore a “foregone conclusion” under the Fifth Amendment and art. 12 of the Massachusetts Declaration of Rights), and the court remanded the case to the Superior Court for entry of an order compelling the defendant to enter the password into the cell phone at issue in the case.

Case Background

In this case involving allegations that the defendant was trafficking a person for sexual servitude, the Commonwealth of Massachusetts seized a cell phone from the defendant that it believed contained material and inculpatory evidence, but was unable to access the phone’s contents because they were protected by a passcode.  The Commonwealth sought to compel the defendant to decrypt the cell phone by filing a motion for an order requiring the defendant to produce a personal identification number access code in the Superior Court.

The central legal issue concerned whether compelling the defendant to enter the password to the cell phone would violate his privilege against self-incrimination guaranteed by both the Fifth Amendment and art. 12.  The Commonwealth argued that under the decision in Commonwealth v. Gelfgatt, 468 Mass. 512, 11 N.E.3d 605 (2014), the act of entering the password would not amount to self-incrimination because the defendant’s knowledge of the password was already known to the Commonwealth, and was therefore a “foregone conclusion” under the Fifth Amendment and art. 12. Following a hearing, a judge denied the Commonwealth’s motion, concluding that the Commonwealth had not proved that the defendant’s knowledge of the password was a foregone conclusion under the Fifth Amendment.

Several months later, the Commonwealth renewed its motion and included additional factual information that it had not set forth in its initial motion. The judge denied the renewed motion, noting that because the additional information was known or reasonably available to the Commonwealth when the initial motion was filed, he was “not inclined” to consider the renewed motion under the Massachusetts Rules of Criminal Procedure.  The Commonwealth then filed a petition for relief in the county court, and the single justice reserved and reported the case to the full court. The single justice asked the parties to address three specific issues, in addition to any other questions they thought relevant:

  1. What is the burden of proof that the Commonwealth bears on a motion like this in order to establish a “foregone conclusion,” as that term is used in Commonwealth v. Gelfgatt?
  2. Did the Commonwealth meet its burden of proof in this case?
  3. When a judge denies a ‘Gelfgatt’ motion filed by the Commonwealth and the Commonwealth thereafter renews its motion and provides additional supporting information that it had not provided in support of the motion initially, is a judge acting on the renewed motion first required to find that the additional information was not known or reasonably available to the Commonwealth when the earlier motion was filed before considering the additional information?

Court’s Ruling

In an opinion written by Justice J. Kafker, with regard to question 1, he wrote that: “we conclude that when the Commonwealth seeks a Gelfgatt order compelling a defendant to decrypt an electronic device by entering a password, art. 12 requires that, for the foregone conclusion to apply, the Commonwealth must prove beyond a reasonable doubt that the defendant knows the password.”

With regard to question 2, Justice Kafker wrote: “The defendant’s possession of the phone at the time of his arrest, his prior statement to police characterizing the LG phone’s telephone number as his telephone number, the LG phone’s subscriber information and CSLI records, and Sara’s statements that she communicated with the defendant by contacting the LG phone, taken together with the reasonable inferences drawn therefrom, prove beyond a reasonable doubt that the defendant knows the password to the LG phone. Indeed, short of a direct admission, or an observation of the defendant entering the password himself and seeing the phone unlock, it is hard to imagine more conclusive evidence of the defendant’s knowledge of the LG phone’s password. The defendant’s knowledge of the password is therefore a foregone conclusion and not subject to the protections of the Fifth Amendment and art. 12.”

With regard to question 3, Justice Kafker wrote: “Although some, if not all, of the additional information included in its renewed motion may very well have been available to the Commonwealth at the time it filed its initial motion, in light of the nature and purpose of Gelfgatt motions and the circumstances of this case, the judge erred in concluding that he need not consider the additional information “[a]bsent a showing of new evidence not otherwise available to the Commonwealth.” The motion judge therefore abused his discretion in denying the Commonwealth’s renewed Gelfgatt motion.”

As a result, the motion judge’s denial of the Commonwealth’s renewed Gelfgatt motion was reversed, and the case was remanded to the Superior Court for entry of an order compelling the defendant to enter the password into the cell phone

Justice J. Lenk, while concurring with the decision, also said this: “The court’s decision today sounds the death knell for a constitutional protection against compelled self-incrimination in the digital age. After today’s decision, before the government may order an individual to provide it with unencrypted access to a trove of potential incriminating and highly personal data on an electronic device, all that the government must demonstrate is that the accused knows the device’s passcode. This is not a difficult endeavor, and in my judgment, the Fifth Amendment and art. 12 demand more. That is, before the government may compel an accused’s assistance in building a case against that accused, the government must demonstrate that it already knows, with reasonable particularity, of files on the device relevant to the offenses charged, and that the defendant knows the passcode to unlock them. Because I conclude that the government here met those burdens, I join in the court’s result.”

So, what do you think?  Should defendants be ordered to provide their passcodes, even if it leads to incriminating evidence against them?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Emoji Are Showing Up in Court Cases More and More: eDiscovery Trends

Without a doubt, our forms of communication are continuing to evolve from just email and we now have to add social media, text messaging and other messaging apps as forms of communication that need to be routinely preserved, collected, processed, reviewed and produced.  But, it’s not just the forms of communication that are changing, it’s the way we communicate that is changing as well.  So, you may or may not be surprised that emoji (yes, the plural of “emoji” is still “emoji”, at least officially) are showing up in court cases exponentially.

As discussed in The Verge (Emoji are showing up in court cases exponentially, and courts aren’t prepared, written by Dani Lee), emoji are showing up as evidence in court more frequently with each passing year. Between 2004 and 2019, there was an exponential rise in emoji and emoticon references in US court opinions, with over 30 percent of all cases (53 out of 171 all time) appearing in 2018, according to Santa Clara University law professor Eric Goldman, who has been tracking all of the references to “emoji” and “emoticon” that show up in US court opinions.  Yes, there’s a guy who tracks that stuff!  Here’s a chart from Goldman, showing the rise of cases since 2004:

By the way, you do know the difference between an emoji and an emoticon, right?  An emoticon is created out of text, primarily via the use of punctuation marks, whereas an emoji is a small image, a pictograph. Nearly everyone has used an emoji and emoticon at least once in their lives, even if they didn’t know what it was called.  Personally, I’m not a big fan of emoticons… ;o)

Goldman has written extensively on the subject of “emoji law” – including his blog post Emoji Law 2018 Year-in-Review and his paper published last year titled Emojis and the Law.

So far, the emoji and emoticons have rarely been important enough to sway the direction of a case, but as they become more common, the ambiguity in how emoji are displayed and what we interpret emoji to mean could become a larger issue for courts to contend with.  Want a couple of examples?  Here you go:

  • Bay Area prosecutors were trying to prove that a man arrested during a prostitution sting was guilty of pimping charges, and among the evidence was a series of Instagram DMs he’d allegedly sent to a woman. One read: “Teamwork make the dream work” with high heels and money bag emoji placed at the end. Prosecutors said the message implied a working relationship between the two of them. The defendant said it could mean he was trying to strike up a romantic relationship. Another message from the defendant included the crown emoji, which was said to signify that the “pimp is the king.”
  • In 2017, a couple in Israel was charged thousands of dollars in fees after a court ruled that their use of emoji to a landlord signaled an intent to rent his apartment. After sending an enthusiastic text confirming that they wanted the apartment, which contained a string of emoji including a champagne bottle, a squirrel, and a comet, they stopped responding to the landlord’s texts and went on to rent a different apartment. The court declared that the couple acted in bad faith, ruling that the “icons conveyed great optimism” that “naturally led to the Plaintiff’s great reliance on the Defendants’ desire to rent his apartment,” according to Room 404.

Still, it’s rare for cases to turn on the interpretations of emoji. “They show up as evidence, the courts have to acknowledge their existence, but often they’re immaterial,” Goldman says. “That’s why many judges decide to say ‘emoji omitted’ because they don’t think it’s relevant to the case at all.” But emoji are a critical part of communication, and in cases where transcripts of online communication are being read to the jury, they need to be characterized as well instead of being skipped over. “You could imagine if you got a winky face following the text sentence, you’re going to read that sentence very differently than without the winky face,” he says. In the “pimp” case above, the ruling didn’t ultimately hinge on the interpretation of emoji, but they still provided evidentiary support.

Nonetheless, as Craig Ball has noted in several presentations that I’ve seen, the handling of emoji and emoticons will become increasingly important in discovery over time.  And, here’s one more challenge to leave you with – emoji often render differently across platforms, so the emoji you see may not be the emoji your audience sees in social media posts or text/other messages.  We may have to consult those Egyptian hieroglyphics textbooks soon to see how they managed to communicate thousands of years ago!

So, what do you think?  Are you surprised that emoji and emoticons are becoming an increasing part of legal cases?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Here’s a Story Where Picking the Right Font Was Never More Important: eDiscovery Trends

This is a story that a word geek like me can really appreciate.  We talk a lot on this blog about the importance of metadata to provide additional useful information in discovery productions and help minimize the risk of fraud.  You wouldn’t think that the font you use on a document could expose it as a fake document, but in this case, it did.

In Newser (Alleged Fraudster Made a Really Poor Font Choice, written by Arden Dier), the choice of fonts apparently exposed a an alleged fraud scheme in Canada, where Gerald McGoey’s company, Look Communications, went bankrupt at the end of 2017. Ordered to repay $5.6 million to creditors, the former CEO sought to protect two properties—an Ontario farm purchased for $635,000 in 2003, and a cottage bought for $700,000 in 1994—with signed declarations claiming they were held in trust by his wife and three children, and therefore safe from the courts.

Here’s the problem: the farm declaration, dated 2004, was written in Calibri, while the cottage declaration, dated 1995, was written in Cambria. Per Ars Technica, Cambria was designed no earlier than 2004, while Calibri was designed between 2002 and 2004; both only became widely available in 2007.

This according to the expert report of Thomas Phinney, who has a Master of Science in graphic arts from Rochester Institute of Technology School of Printing, specializing in design and typography and over 20 years of experience in the font industry!  I guess there’s an expert for everything!  Anyway, Phinney told the court that no one but a Microsoft employee or contractor could’ve had access to Calibri in March 2004, as it wasn’t widely released until Microsoft’s Office 2007, per the National Post.

Anyway, while McGoey’s lawyers suggested the family was only mistaken about the dates the documents were signed, Ontario Superior Court Justice Michael Penny wrote in a decision earlier this month that “the conclusion that the … trusts are shams is unavoidable”.

According to the National Post, “had McGoey used Times New Roman, a popular default Microsoft font prior to 2007, it’s possible his ruse would never have been discovered.”  Whoops.

I guess if you’re going to forge a document, you’d better be up on your font history.  Or just stick with Times New Roman.

So, what do you think?  Have you ever had a case with forged documents that were identified by an unusual method?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

No New Trial for Defendant After Carpenter Ruling Because of “Good-Faith” Exception: eDiscovery Case Law

In U.S. v. Leyva, No. 16-cr-20723 (E.D. Mich. Nov. 26, 2018), Michigan District Judge Mark A. Goldsmith, while acknowledging that the ruling in Carpenter v. United States (which held that the government must obtain a warrant before acquiring cell site location information (“CSLI”)) “applies retroactively” to the defendant’s case, ruled that “the question of whether a constitutional right is retroactive is distinct from the question of whether an individual is entitled to a remedy from any constitutional violation”.  Citing the “good-faith” exception, where law enforcement acts in good faith in obtaining evidence that is ultimately found to have been obtained in violation of an individual’s constitutional rights, Judge Goldsmith denied the defendant’s motion for a new trial on the basis of Carpenter.

Case Background

The defendant was charged with conspiracy to possess, and attempted possession of, heroin. At her trial, the Government introduced, among other evidence, location information from three cell phones.  The CSLI evidence showed that two of the phones traveled between Detroit and Columbus in late October 2016, and that the other phone traveled between Michigan and Texas in spring 2016. The Government used this evidence in an attempt to show that Leyva was participating in a drug-trafficking conspiracy and the jury returned its verdict on June 7, 2018, finding the defendant guilty on both counts.

After the Supreme Court ruling in Carpenter on June 22, 2018, the defendant then filed an instant motion pursuant to Federal Rule of Criminal Procedure 33(a), arguing that the CSLI evidence introduced at her trial was inadmissible and, therefore, a new trial was required.

Judge’s Ruling

Judge Goldsmith noted that “The parties do not dispute that the warrantless search of Leyva’s cell phone records violated her Fourth Amendment rights. Evidence obtained in violation of an individual’s Fourth Amendment rights may be subject to exclusion at trial. However, because “`exclusion exacts a heavy toll on both the judicial system and society at large,’ not all violations of the Fourth Amendment result in the exclusion of evidence.” United States v. Fisher.”

Judge Goldsmith continued: “One exception to the exclusionary rule is the “good-faith” exception, where law enforcement acts in good faith in obtaining evidence that is ultimately found to have been obtained in violation of an individual’s constitutional rights. The Supreme Court has ‘said time and again that the sole purpose of the exclusionary rule is to deter misconduct by law enforcement.’”

Judge Goldsmith stated that “Leyva argues that Carpenter should be applied retroactively to her case, citing Linkletter v. Walker, 381 U.S. 618 (1965) and Griffith v. Kentucky, 479 U.S. 314 (1987). The Court agrees that Carpenter applies retroactively to her case. But the question of whether a constitutional right is retroactive is distinct from the question of whether an individual is entitled to a remedy from any constitutional violation.”  Noting that “the Government argues that it relied on the then-valid SCA, as well as the Sixth Circuit’s decision in United States v. Carpenter, 819 F.3d 880 (6th Cir. 2016), in obtaining the CSLI for the three cell phones. It contends that the good-faith exception should apply to permit the introduction of this evidence at Leyva’s trial”, Judge Goldsmith stated “The Court agrees” and denied the defendant’s motion for a new trial.

So, what do you think?  Should the “good-faith” exception enable CSLI evidence acquired before the SCOTUS Carpenter ruling to remain admissible?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

IoT Devices Lead to Suspect’s Arrest for Murder: eDiscovery Trends

Honestly, I don’t know why anyone would consider committing a violent crime these days.  There’s the use of ever-improving DNA technology that leads to the arrest of scores of alleged offenders each year – even if you’re not in the Combined DNA Index System (CODIS) database, you can still be identified as a suspect through your relatives via genealogy databases, as we’ve recently seen in the case of the Golden State Killer.  And, if your DNA doesn’t get you, an Internet of Things (IoT) device may, as evidenced in this case.

As reported by CNET (Murder victim’s Fitbit data leads to alleged killer’s arrest, written by Steven Musil), Karen Navarra’s Fitbit recorded a rapid rise in her heart rate before a sudden drop-off to nothing, offering San Jose police a clearer time frame of her death on Sept. 8, the San Francisco Chronicle reported Friday. 90-year-old Tony Aiello was arrested last month in connection with his 67-year-old stepdaughter’s death.

Investigators noticed Navarra was wearing a Fitbit and they turned to the company for any possible clues the device could provide. Police learned that Navarra’s heart rate spiked at 3:20 p.m. and stopped registering a heartbeat eight minutes later, the Chronicle reported.

Although Aiello has reportedly denied killing Navarra, nearby cameras captured images of Aiello’s car parked at Navarra’s home on Sept. 8 at the same time her Fitbit showed her heartbeat rapidly falling and stopping, the newspaper reported.

Of course, those “nearby cameras” could themselves be IoT devices (Ring doorbell, anybody?).  And, we covered a different case last year regarding the Fitbit of a murder victim that helped disprove her husband’s story regarding an “intruder” that he said shot her to death – that evidence helped lead to his arrest for her murder.  In another case covered on 48 Hours recently, a Wisconsin man’s Fitbit exonerated him of his girlfriend’s 2016 murder when it showed his movements during the time police say her body was dumped in a field.  Needless to say, IoT devices are becoming more and more prominent in criminal investigations and discovery.

Changing gears here, Rob Robinson, through his terrific Complex Discovery site, is certainly the king of compilations and analysis regarding eDiscovery trends and his latest analysis involves “an aggregation of results from fourteen surveys from leading ALM magazines ranging from Corporate Counsel to Texas Lawyer administered to online audiences and published as special supplements between November 2017 and October 2018.”  Rob took the sixteen eDiscovery-centric survey categories represented in the fourteen surveys and tracked all of the providers who received at least one vote as a top three provider (101 providers in all).

Twenty-five of those providers was voted a top three provider at least six times across the fourteen surveys and Rob has ranked them by the number of times they received a top three vote.  So, which provider was voted a top three provider the most times by participants in the fourteen ALM surveys?  Click here to find out.  :o)

So, what do you think?  Have you had a case that involved evidence from an IoT device?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Despite Carpenter, This Defendant’s Cell Site Location Information is Ruled Admissible: eDiscovery Case Law

In United States v. Pleasant, Criminal Action No. 17-62 (E.D. Pa. Sept. 5, 2018), Pennsylvania District Judge Gerald Austin McHugh ruled that the defendant’s motion to suppress historical cell-site location information associated with his cellular telephone lacked merit, despite the Supreme Court’s recent decision in Carpenter v. United States, because the agents proceeded “by means of a court order issued under a federal statute that had repeatedly withstood Fourth Amendment scrutiny…in good faith under then existing law”.

Case Background

In this prosecution for multiple bank robberies, the defendant moved to suppress historical cell-site location information (CSLI) associated with his cellular telephone, citing the recent Supreme Court ruling in Carpenter v. United States. The Government obtained the CSLI, without a warrant, through an order issued pursuant to 18 U.S.C. § 2703(c), a provision of the Stored Communications Act, based on a showing that the records were “relevant and material” to an ongoing criminal investigation.

Judge’s Ruling

Judge McHugh observed that “Defendant correctly argues that under the Supreme Court’s recent decision in Carpenter v. United States, ___ U.S. ___, 138 S. Ct. 2206 (2018), the CSLI was obtained by the Government in violation of the Fourth Amendment. Defendant is also correct that Carpenter retroactively applies to this case. That does not end the inquiry, because the Government is equally correct that there is a good faith exception to application of the exclusionary rule. Having considered the parties’ submissions, I am persuaded that the government agents who accessed this information did so in good faith reliance on a federal statute and circuit court precedent that was controlling at the time.”

While noting that “In Carpenter, the Supreme Court addressed the constitutionality of this provision under the Fourth Amendment and concluded that, in accessing CSLI from wireless carriers, the Government had ‘invaded’ the defendant’s ‘reasonable expectation of privacy in the whole of his physical movements’”, Judge McHugh ruled:

“Despite Carpenter, Defendant’s Motion lacks merit. Under the exclusionary rule, as a general matter, the government may not introduce evidence in a criminal trial that was obtained in violation of the Fourth Amendment. The exclusionary rule, however, is rooted in policy considerations: it serves to enforce the Fourth Amendment by discouraging police misconduct. As the Supreme Court has recognized, the Fourth Amendment protects ‘[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures,’ but it has no provision ‘expressly precluding the use of evidence obtained in violation of its commands.’…Consequently, the exclusionary rule ‘is not an individual right and applies only where it `result[s] in appreciable deterrence.’’…Stated differently, it is a judicially imposed sanction applied when necessary to enforce the Constitution.”

As a result, Judge McHugh ruled: “Because application of the exclusionary rule here would not serve the purpose of deterring unlawful conduct by law enforcement, Defendant’s Motion to Suppress will be denied.”

So, what do you think?  Was the court right to have ruled the CSLI admissible despite the recent Carpenter ruling?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Also, if you’re going to be in Houston on Thursday, September 27, just a reminder that I will be speaking at the second annual Legal Technology Showcase & Conference, hosted by the Women in eDiscovery (WiE), Houston Chapter, South Texas College of Law and the Association of Certified E-Discovery Specialists (ACEDS).  I’ll be part of the panel discussion AI and TAR for Legal: Use Cases for Discovery and Beyond at 3:00pm and CloudNine is also a Premier Platinum Sponsor for the event (as well as an Exhibitor, so you can come learn about us too).  Click here to register!

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Standardizing the Non-Standard Digital Forensics Protocol, Sort Of: eDiscovery Best Practices

Leave it to Craig Ball to come up with a proposed form examination protocol for performing forensic examinations.  And, leave it to Craig to teach you what you need to know to use and adapt such a protocol.

In his latest blog post on his Ball in Your Court blog (Drafting Digital Forensic Examination Protocols, available here on his blog and here on his site in PDF form), Craig discusses the ins and outs of putting together a forensic examination protocol, equating the drafting of such a protocol to “writing out the questions in advance” when taking the deposition of a computer or smart phone.  In an unusually long blog post for Craig’s blog (dare I say a “Losey-ian” length blog post?), Craig thoroughly covers the considerations regarding drafting a sensible forensic examination protocol (which, as Craig notes, “demands a working knowledge of the tools and techniques of forensic analysis so counsel doesn’t try to misapply e-discovery methodologies to forensic tasks”).

After introducing the topic, Craig properly and bluntly sets the expectation for many of the people he expects to read his post, as follows (in bold, no less):

“If you’ve come here for a form examination protocol, you’ll find it; but the ‘price’ is learning a little about why forensic examination protocols require certain language and above all, why you must carefully adapt any protocol to the needs of your case.”

In other words, you’re missing the boat if you just blindly try to apply his proposed protocol without understanding important concepts of forensic examinations.  Would you skip to the end of a movie to see how it turns out?  (I’m not sure that’s the best analogy, but it’s the best I can think of at the end of a long day)…  Regardless, you should take the opportunity to learn the concept so that you can apply it properly.

While each forensic examination protocol is unique, Craig identifies some common elements that examination protocols should share, among other things:

  • Identify the examiner (or the selection process) and the devices and media under scrutiny;
  • set the scope of the exam, temporally and topically;
  • Insure integrity of the evidence;
  • Detail the procedures and analyses to be completed;
  • Set deadlines and reporting responsibilities;
  • Require cooperation; and,
  • Assign payment duties.

Craig then proceeds to address various aspects of those considerations, covering aspects of forensic examination that you might not otherwise think of, such as: Who pays for it?  Should you direct the examiner to “undelete everything” or simply try to find potentially relevant files and files types?

Toward the end of the post, Craig then provides an “Exemplar Acquisition Protocol”, adapted from the court’s order in Xpel Techs. Corp. v. Am. Filter Film Distribs., 2008 WL 744837 (W.D. Tex. Mar. 17, 2008).  Of course, even the exemplar protocol isn’t perfect – it doesn’t address privilege and confidentiality concerns or forms of production, for example.  The key is to take what you learn during the blog post and customize a protocol that works for your case.

As always, Craig’s post is a great read – in this case, it equates to a 15-page PDF file with a preceding cover page – and is well worth checking out.  As a provider that offers forensic examinations for our clients, we would love to consistently have such a well-defined protocol!

So, what do you think?  How do you define protocols for forensic examination in your cases?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Rules Non-Party Subpoenaed ESI Not Subject to 100-Mile Boundary: eDiscovery Case Week

eDiscovery Case Week continues!  We had a great webcast yesterday where Tom O’Connor and I discussed key eDiscovery case law for the first half of 2018 – 22 cases in all!  Now, on to covering cases for the second half of 2018!  :o)

In Curtis v. Progressive N. Ins. Co., No. CIV-17-1076-C (W.D. Okla. June 13, 2018), Oklahoma District Judge Robin J. Cauthron, noting that the non-party “subpoena at issue does not require the travel or attendance of any witnesses and Plaintiff is requesting the production of electronic documents”, found that “there is no violation of the 100-mile limitation for electronic documents pertaining to Rule 54” and granted the plaintiff’s Motion to Compel Compliance with Subpoena directed to the non-party.

Case Background

In this case where the plaintiff claimed breach of contract, bad faith, unjust enrichment, and fraud against the defendant insurance company over the valuation of the plaintiff’s vehicles after two automobile collisions, the plaintiff served non-party Mitchell International, Inc. with a subpoena duces tecum in March 2018.  The plaintiff requested documents from Mitchell pertaining to “the correspondence, purchase, and analysis of the [computer valuation system]” Mitchell utilized to create valuations of total loss vehicles for the defendant and served Mitchell through its Oklahoma registered agent.  Within two weeks, Mitchell served written objections to Plaintiff’s subpoena.  Subsequent discussion failed to reach a resolution and the plaintiff filed a Motion to Compel Compliance with Subpoena.

The plaintiff argued that her subpoena was valid and enforceable because “a subpoena that commands a person to travel beyond the 100-mile boundary must be quashed however, a Court retains discretion to command compliance with a subpoena for documents which requires production beyond the 100-mile limitation.”  The plaintiff also noted that “[t]he contractual nature of the relationship between Progressive and Mitchell, as well [as] the cost-savings incentives marketed to Progressive by Mitchell are relevant to the claims in this lawsuit . . . concerning the method and manner in which the system operates in creating values for Progressive’s Oklahoma insureds is the fundamental basis of Plaintiff’s claims.”  Mitchell argued that the Court lacked jurisdiction to hear the plaintiff’s motion because Mitchell maintains its headquarters and principal place of business in San Diego and the subpoena demands compliance in Shawnee, Oklahoma.

Judge’s Ruling

Noting that “Federal district courts enjoy broad discretion over discovery measures”, Judge Cauthron, in granting the plaintiff’s motion, stated:

“Here, Plaintiff states—and Mitchell does not dispute—that the information requested can be produced electronically. Mitchell has an Oklahoma registered agent and Progressive Northern Insurance Company continues to use the valuation system licensed and provided by Mitchell in Oklahoma to conduct business. As a result, Mitchell regularly transacts business in Oklahoma. The subpoena at issue does not require the travel or attendance of any witnesses and Plaintiff is requesting the production of electronic documents. This Court finds that there is no violation of the 100-mile limitation for electronic documents pertaining to Rule 54.”

Two weeks later, Judge Cauthron also denied the defendant’s motion to quash the subpoena.

So, what do you think?  Should there even be a 100-mile limitation for discovery?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.