Close
Enter your
text here

eDiscoveryDaily

This Makes the Potential GDPR Fine Against British Airways Look Like Peanuts: Data Privacy Trends

It was just last week that we discussed the new (probable) largest fine since the General Data Protection Regulation (GDPR) was enacted last May, with the proposed fine of nearly $230 million against British Airways for a data breach last year.  But, this fine approved by the Federal Trade Commission (FTC) against Facebook for data privacy violations makes that fine look like peanuts.

As discussed by Sharon Nelson in her excellent Ride the Lightning blog (FTC Approves Fine of Roughly $5 Billion Against Facebook for Privacy Violations), the New York Times (subscription required) reported on July 12th that the FTC has approved a fine of roughly $5 billion against Facebook for mishandling users’ personal information, according to three people briefed on the vote, in what would be a landmark settlement that signals a newly aggressive stance by regulators toward the country’s most powerful technology companies.

The much-anticipated settlement still needs final approval from the Justice Department, which rarely rejects settlements reached by the FTC. It would be the biggest fine by far levied by the federal government against a technology company, eclipsing the $22 million imposed on Google in 2012. The size of the penalty underscored the rising frustration among Washington officials with how large technology companies collect, store and use people’s information and the Facebook settlement sets a new bar for privacy enforcement by United States officials, who have brought few cases against large technology companies.  In addition to the fine, Facebook agreed to more comprehensive oversight of how it handles user data. But none of the conditions in the settlement will impose strict limitations on Facebook’s ability to collect and share data with third parties.

The FTC’s investigation was fueled by The New York Times and The Observer of London, which discovered that the social network allowed Cambridge Analytica, a British consulting firm to the Trump campaign, to harvest personal information of its users. The firm used the data to build political profiles about individuals without the consent of Facebook users.

The agency found that Facebook’s handling of user data violated a 2011 privacy settlement with the FTC. That earlier settlement, which came after the company was accused of deceiving people about how it handled their data, required the company to revamp its privacy practices.

Facebook made more than $55 billion in revenue last year.  So, at 9.1 percent of annual revenue last year, this fine would be even more than a GDPR fine would be at 4 percent of global annual turnover.  Nonetheless, when the FTC fine was revealed, Facebook’s stock price rose, making it clear that investors were concerned the result could be even worse.  Maybe the “bite” from GDPR fines isn’t painful enough?

So, what do you think?  Do fines like cause your organization to re-evaluate your own security policies?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Thinking Like a Millennial: How Millennials are Changing Discovery, Part Five

Editor’s Note: Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems.  He has also been a great addition to our webinar program, participating with me on several recent webinars.  Tom has also written several terrific informational overview series for CloudNine, including his most recent one, Biggest eDiscovery Challenges Facing Plaintiff’s Attorneys, which we covered as part of a webcast on June 26.  Now, Tom has written another terrific overview regarding the impact of millennials on eDiscovery titled Thinking Like a Millennial: How Millennials are Changing Discovery that we’re happy to share on the eDiscovery Daily blog.  Enjoy! – Doug

Tom’s overview is split into five parts, so we’ll cover each part separately.  Part one was last Tuesday, part two was last Friday, part three was Monday and part four was Wednesday, here is the fifth and final part.

Conclusions and Recommendations

The favorite tools of millennials are in use now.  We know them. We are trying to adjust to them. But perhaps the problem is not the tools. We must acknowledge the cultural shift in work flows and communication methods influenced by millennials as more employees work remotely, including from home, than ever before. Then we must be prepared to design eDiscovery tools to deal with these changes.

Millennials will quickly and easily embrace new apps. They will employ collaboration and innovation to yield more effective workflows. Responding to those changes requires proactive planning not reactive responses.

Companies need to design and establish data retention policies and deletion protocols around these new tools. Engage custodians now to understand how they are communicating and collaborating at work. Understand that overlooked applications which you may consider informal mobile apps can, in reality, be the main form of communication for many employees.

Service providers need to develop new strategies and processes for collecting data from these new tools.  These new tools may be will be less uniform and more diversified in their deployment and this implementation may vary widely within departments of the company. This will require extensive collaboration with IT departments in order to understand how their tools are implements

Data growth is expanding at an enormous rate. In 2018, DOMO reported that “over 2.5 quintillion bytes of data were created every single day and it estimated that by 2020, 1.7MB of data will be created every second for every person on earth.  And, a recent report in the Visual Capitalist found the following:

  • 500 million tweets are sent daily
  • 294 billion emails are sent daily
  • 4 petabytes of data are created on Facebook daily
  • 4 terabytes of data are created from each connected car daily
  • 65 billion messages are sent on WhatsApp daily
  • 5 billion searches are made every day

By 2025, it’s estimated that 463 exabytes of data will be created each day globally – that’s the equivalent of 212,765,957 DVDs per day!

Source: Visual Capitalist

As technology advances, millennials will continue to blur the lines between personal and professional communications and the demand for faster and better tools and applications that are integrated with both work applications and personal social media will continue to create more and more data. This combination will place even more stress on the eDiscovery components of preservation and collection.

Companies and law firms will need to proactively identify and address all these new data sources and combinations by designing new internal policies while working with vendors to develop new collection tools.  Getting ahead of the technology curve is the best way to limit exposure to litigation risks and reduce the inevitable costs related to eDiscovery.

So, what do you think?  Have the habits of millennials impacted eDiscovery for your organization?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

ILTACON is One Month Away. And, I’m Speaking – Twice!: eDiscovery Trends

Hard to believe, but we’re just one month away from ILTACON 2019, being held this year at the Walt Disney World Swan and Dolphin Resort in Orlando August 18-22.  CloudNine will be at the conference in a big way again this year.  And, so will I, as I will be speaking not just once, but twice at this year’s conference!

As always, the conference will be four days, preceded by some networking activities (including the annual golf tournament) on Sunday the 18th.  Educational sessions will begin on Monday the 19th and continue through Thursday the 22nd.  And, the Exhibit Hall will also be open for four days, starting with the annual opening reception: A Whole New World of Possibilities-A Journey through Classic TV.  Should be interesting to see what types of characters people dress up for that one!  Here’s a link to the summary agenda.

Speaking of the Exhibit Hall, CloudNine will be exhibiting again at this year’s show at booth #624.  We expect to have several exciting announcements regarding our products in the next couple of weeks and will announce what we plan to showcase before the conference begins.  If you are attending ILTACON this year and would like to schedule a meeting with us, you can go to this page to request a demo and indicate that you want to meet at ILTACON 2019!

When we get closer to the conference, we will have a preview post to identify some of the more interesting topics to be covered at this year’s educational sessions.  Here’s a link to the session grid – keep in mind that this is as of July 12 and still subject to change.

One thing that won’t change is that I’m speaking at ILTACON again this year.  This time, I’m speaking twice!  On Wednesday, I will be part of ILTACON’s brand new Litigation Support Day, which features a DAY of SPARK (Short, Provocative, Action-oriented, Realistic, and Knowledgeable) talks by leaders in the industry.  Organized by David Hasman of Bricker & Eckler, David Horrigan of Relativity, and Philip Weldon of Fried Frank, this program will be moderated by David, and the program will feature presentations on everything from cloud transformation to career development and job interview techniques.

I will be participating in Session One – Litigation Support State of the Union from 9:00-10:30am that day.

I will also be moderating the session Choosing a Predictive Coding Approach – “Predictive Coding For Dummies” on Thursday from 11:30am-12:30pm.  In that session, you can gain a full understanding of analytic jargon, acronyms [TAR, CAL, SPL, SAL?], learn the pros and cons of each approach, and collect a few tips for selling it to case teams, clients, and opposing counsel!  We’ll also conduct a fun exercise that illustrates how a supervised machine learning approach works.  Speakers for the session include: Doug Matthews, Partner at Vorys, Sater, Seymour and Pease LLP; Lia Majid, CEO and Founder of Acorn Legal Solutions; Julian Ackert, Managing Director at iDiscovery Solutions, Inc. and Trena Patton, Solutions Architect at Epiq.  Come check it out!

So, what do you think?  Do you plan to attend ILTACON this year?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Move Over Google, Here May Be Your New Largest GDPR Fine: Data Privacy Trends

Now, we’re talking some serious money!  In January, we covered the first big fine for failing to comply with Europe’s General Data Protection Regulation (GDPR) when France’s data protection regulator, the Commission nationale de l’informatique et des libertés (CNIL), issued a €50 million fine (about $56.8 million) fine to Google for failing to comply with GDPR.  Now, we have a new fine being proposed which is more than four times that amount.

As discussed by Sharon Nelson in her excellent Ride the Lightning blog (British Airways Faces Record Fine After Data Breach), the New York Times (subscription required) reported on July 8th that British authorities have said that they intend to order British Airways to pay a fine of nearly $230 million for a data breach last year, the largest penalty against a company for privacy lapses under GDPR.

Poor security at the airline allowed hackers to divert about 500,000 customers visiting the British Airways website last summer to a fraudulent site, where names, addresses, login information, payment card details, travel bookings and other data were taken, according to the Information Commissioner’s Office, the British agency in charge of reviewing data breaches.

In a statement British Airways said it was “surprised and disappointed” by the agency’s finding and would dispute the judgment, which isn’t final regarding the amount.

As we’ve noted many times on this blog, GDPR allows regulators in each European Union country to issue fines of up to 4 percent of a company’s global revenue for a breach. And by acting against an iconic British brand, officials showed that enforcement would not be limited to American-based tech companies, which have been seen as a primary target.

Before GDPR, fines by the Information Commissioner’s Office were capped at 500,000 pounds, or about $625,000. That was the fine it imposed on Facebook last year for allowing Cambridge Analytica to harvest information on millions of users without their consent. However, Facebook and Google are among other companies currently under investigation by the European authorities over breaches of the GDPR (despite previous fines before and after GDPR went into effect, respectively).

The large proposed fine against British Airways is thought to be based on the fact that this was an avoidable breach caused by alleged sloppy security and organizational practices.

As noted above, the British decision to fine British Airways £183.5 million, worth about 1.5 percent of the airline’s annual revenue, is not final. The agency said it would “carefully consider” responses from the airline and others to its penalty before issuing a final decision.  Even if it’s reduced, it seems inevitable to be a new record for GDPR fines (at least for now).

So, what do you think?  Do fines like this cause your organization to re-evaluate your own security policies?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Thinking Like a Millennial: How Millennials are Changing Discovery, Part Three

Editor’s Note: Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems.  He has also been a great addition to our webinar program, participating with me on several recent webinars.  Tom has also written several terrific informational overview series for CloudNine, including his most recent one, Biggest eDiscovery Challenges Facing Plaintiff’s Attorneys, which we covered as part of a webcast on June 26.  Now, Tom has written another terrific overview regarding the impact of millennials on eDiscovery titled Thinking Like a Millennial: How Millennials are Changing Discovery that we’re happy to share on the eDiscovery Daily blog.  Enjoy! – Doug

Tom’s overview is split into five parts, so we’ll cover each part separately.  Part one was last Tuesday, part two was last Friday, here is the third part.

Drivers for Millennials’ Thinking Today

Voting Studies

So, where do we learn more about this new generation? Most of the information we have on millennials comes from studies of their voting patterns and buying habits. In the first area the general assumption is that they are social loners who don’t vote. An estimated 31% of eligible people ages 18 to 29 voted in the 2018 midterms, according to the Center for Information and Research on Civic Learning and Engagement (CIRCLE). This exceeds participation from the same age group in the 2014 midterms by about 10 percentage points but is still far below the number that voted in the 2016 presidential election, when 51% of eligible millennial voters cast a ballot.

In the 2018 midterm, a poll released the week of the election by the Institute of Politics at Harvard Kennedy School, found four out of 10 adults under 30 said they would “definitely vote” and in Texas and Georgia, early turnout by 18-29 year olds was up by a whopping 500 percent in the days before the election, according to The Independent.

But the fact is that millennial voting rates have never exceeded 50%, even in 2018. According to a national poll last fall, just two-in-ten of America’s young adults consider themselves “politically engaged and active.” So far, only  41% of millennials ages 18-29 are certain they’ll vote.

But are they really isolated social loners intent only on gaming and texting? Why such low turnout when in the 1800’s 80% turnout was commonplace?

Maybe the reason isn’t the generation but the society. In the mid-1800s, transcendentalist Margaret Fuller envisioned the individualistic reality millennials now inhabit. Fuller believed that “American culture was best served by the influence of the self-cultivated individual.” If individuals prioritized themselves, America would fulfill its destiny as a truly democratic nation.

But as those ideal became reality, as individualism increases, each successive generation since World War II participates less in civic duties and governmental expectations. And so to the they are political, millennials are moved by measures championing personal choice—not society, country or planet. Only half of millennials see themselves as patriotic, and less than a third consider themselves to be environmentalists. Just 19% of millennials see themselves as generally trusting of others, compared to 40% of boomers. But we support gay and interracial marriage, abortion and marijuana legalization substantially—and sometimes exponentially—more than other generations.

Political engagement has been replaced by more direct social engagement  A 2014 report on the impact of millennials revealed 87% donated money to an organization that supported a cause they supported.

Millennials do have a desire to make an impact for a good cause, they simply don’t see voting as the best mean to accomplish that.

Millennials in 2016 were significantly less likely to vote or try to influence others vote than were the ’80s generation in the 1987 survey, or the first wave of postwar baby boomers in 1967. BUT millennials display about the same level of political interest as the youngest generation did in 1987, and millennials contact local government and work with others in the community at essentially the same rates as did youth in the earlier surveys.

So, if the 1980s generation that was once considered apathetic is now, in middle age, actually more politically active than earlier generations were at that same stage in their lives then we can expect the same for millennials. The “participation gap”, which actually just appears under closer scrutiny, to be a reluctance to vote, might just indicate that “kids these days” – the millennials – just won’t participate more actively until later in life.

What does that mean for technology usage? That’s where marketing studies come in.

Marketing

We all “know” that millennials are mobile consumers tapping their mobile devices for hours each day and we’ve all seen or heard of research that indicates they spend more time interacting with their phones than other people but at the same time have short attention spans.

This may be because, as mentioned above, millennials appreciate tech as something they saw grow up while they did. They’ve seen numerous networks and devices come and go. Instagram, Pinterest, Snapchat and Tumblr, MySpace, Vine, Google+.

Given their comfort level with technology, they tend to favor services that offer practicality, utility, convenience and even fun. In short, millennials value technology when it delivers value.

Common characteristics of millennials that marketing studies have revealed include that they:

  1. Will Embrace New Technology
  2. Want to Create Opportunities for Good Causes
  3. Want Product to Support their Creativitity
  4. Want Innovation
  5. Want Product to “Speak their Language”
  6. Want Flexibility
  7. Want Personable Company
  8. Want Passionate Company
  9. Want to Be Valued as “Real”
  10. Want to Be Recognized

What we see in these studies is that the perception as being the next “me generation” is really a focus on personal rather than social validation.  Millennials are the largest single generation in history and have become the largest influence in social and technological habits.  They value utility, effectiveness and relationship over price and are undaunted by technological innovation.

We’ll publish Part 4 – Impact of Millennials on Legal Technology and eDiscovery – on Wednesday.

So, what do you think?  Have the habits of millennials impacted eDiscovery for your organization?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Thinking Like a Millennial: How Millennials are Changing Discovery, Part Two

Editor’s Note: Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems.  He has also been a great addition to our webinar program, participating with me on several recent webinars.  Tom has also written several terrific informational overview series for CloudNine, including his most recent one, Biggest eDiscovery Challenges Facing Plaintiff’s Attorneys, which we covered as part of a webcast on June 26.  Now, Tom has written another terrific overview regarding the impact of millennials on eDiscovery titled Thinking Like a Millennial: How Millennials are Changing Discovery that we’re happy to share on the eDiscovery Daily blog.  Enjoy! – Doug

Tom’s overview is split into five parts, so we’ll cover each part separately.  Part one was Tuesday, here is the second part.

Understanding Millennials and How They Differ from Previous Generations

Well first, let’s ask, what exactly is a millennial? Are they really, as often stated, misunderstood job jumpers who have taken control of both the workplace and economy?

What exactly is the generational breakdown? Generational analysis is difficult and often shifting and it takes time for popular and expert consensus to develop precise breakdowns, but the Pew Research Center assesses such demographics and has come up with the following chart:

  • The Silent Generation: Born 1928-1945 (74-91 years old)
  • Baby Boomers: Born 1946-1964 (55-73 years old)
  • Generation X: Born 1965-1980 (39-54 years old)
  • Millennials: Born 1981-1996 (23-38 years old)
  • Generation Z (Post Millennials): born 1997 or later (up to 22 years old)

Millennials are expected to overtake Boomers in population in 2019 as their numbers swell to 73 million and Boomers decline to 72 million while Gen X is projected to pass the Boomers in population by 2028.

The Millennial generation growth is not just from a growing birth rate. Census figures show that young immigrants also expand its ranks. Meanwhile, boomers are aging and their numbers shrinking in size as the number of deaths among them exceeds the number of older immigrants arriving in the country.

What does this mean in terms of technical usage trends? The Millennial segment may not be “digital natives” to the degree of the Gen Z population but they have grown up during the digital revolution.  They’re tech savvy and saw firsthand the explosion in the use of mobile phones, social media and Internet-based information at your fingertips.

Compare that to my generation. As a bona fide boomer, I was born in 1950 in upstate Vermont. I grew up listening to a radio for my entertainment and getting my news from a paper. When TV entered my life, it came on at 4PM, went off at 11PM and consisted of two Lo VHF channels. One of which was from Montreal. At least I didn’t need to speak French to watch hockey.

Then came transistor radios. Portable data! I listened to the first Mercury launch, to the Beatles sing I Want to Hold Your Hand. To Cassius Clay beat Sonny Liston, Bill Mazeroski homer to win the World Series in the 9th. In my own room.

Next up was a car. AM radio. Better than a transistor. But I was a teenage and on AM radio there was a nothin’ goin’ down at all. Then one morning I found a New York station and I couldn’t believe what I heard at all. I started shakin’ to that fine, fine music and my life was saved by rock ‘n’ roll. FM baby. And the next thing I know I was rolling down the window and letting the wind blow back my hair on the New Jersey Turnpike in the wee, wee hours.

8 tracks, cassette players, the Internet, IPods: all of it one big wow. But technology does not present a “wow” factor for millennials and Gen Z. Rather new technology products and apps are just another channel in the cable network world of 500 channels that is their lives. A new channel appears, they try it. If they like it, they listen more. If not, switch the channel, flip the switch, try something new.

We’ll publish Part 3 – Drivers for Millennials’ Thinking Today – next Monday.

So, what do you think?  Have the habits of millennials impacted eDiscovery for your organization?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Chain, Chain, Chain – Chain of Custody: eDiscovery Throwback Thursdays

Here’s our latest blog post in our Throwback Thursdays series where we are revisiting some of the eDiscovery best practice posts we have covered over the years and discuss whether any of those recommended best practices have changed since we originally covered them.

This post was originally published on June 24, 2013 – over six years ago.  Back then, we referenced both baseball player Ryan Braun and legendary singer Aretha Franklin in a single post(!).  Braun ultimately did receive a suspension from Major League Baseball for his involvement with a clinic associated with performance enhancing drugs, but has resumed a successful playing career.  And, of course, the Queen of Soul is no longer with us, sadly.

As for chain of custody tracking, it’s as important as ever.  But technology has helped us out here with some mechanisms to automate the delivery of files.  The use of File Transfer Protocol (FTP) for transfer of files has become commonplace for even fairly large document sets and the use of secured FTP protocols (such as SFTP and FTPS) have become commonplace.  At CloudNine, most of the data we receive from clients today for loading into our CloudNine Review platform is received via secured FTP – either directly or through our Discovery Client that automates the loading of data into the platform.

However, our Client Services team still receives some data from clients via media transportation, especially when it’s a lot of data (we’re often talking terabytes, not gigabytes) and needs to get to us quickly and securely.  In those instances, we still follow the same chain of custody procedures described below to document that transfer.  When it comes to those types of transfers, ensuring proper chain of custody tracking is also an important part of handling that ESI through the eDiscovery process in order to be able to fight challenges of the ESI by opposing parties.  An insufficient chain of custody is a chain, chain, chain of fools.

Information to Track for Chain of Custody

ESI can be provided by a variety of sources and in a variety of media, so you need a standardized way of recording chain of custody for the ESI that you collect within your organization or from your clients.  At CloudNine, we use a standard form for capturing chain of custody information.  Because we never know when a client will call and ask us to pick up data, our client services personnel typically have a supply of blank forms either in their briefcase or in their car (maybe even both).

Our chain of custody tracking form includes the following:

  • Date and Time: The date and time that the media containing ESI was provided to us.
  • Pick Up or Delivery Location: Information about the location where the ESI was provided to us, including the company name, address, physical location within the facility (e.g., a specific employee’s office) and any additional information important to note where the data was received.
  • Delivering Party: Name of the company and the name of representative of the company providing the media, with a place for that representative to sign for tracking purposes.
  • Delivery Detail (Description of Items): A detailed description of the item(s) being received. Portable hard drives are one typical example of the media used to provide ESI to us, so we like to describe the brand and type of hard drive (e.g., Western Digital My Passport drive) and the serial number, if available.  Record whatever information is necessary to uniquely identify the item(s).
  • Receiving Party: Name of the company and the name of representative of the company receiving the media, with a place for that representative to sign for tracking purposes. In our form, that’s usually somebody from CloudNine Discovery, but can be a third party if they are receiving the data from the original source – then, another chain of custody form gets completed for them to deliver it to us.
  • Comments: Any general comments about the transfer of media not already addressed above.

I’ve been involved in several cases where the opposing party, to try to discredit damaging data against them, has attacked the chain of custody of that data to raise the possibility that the data was spoliated during the process and mitigate its effect on the case.  In these types of cases, you should be prepared to have an expert ready to testify about the chain of custody process to counteract those attacks.  Otherwise, you might be singing one of Aretha Franklin’s most famous songs (but not as well as she did).

So, what do you think?  How does your organization track chain of custody of its data during discovery?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Here’s a Webcast to Learn About Key eDiscovery Case Law in 2019 (so far) and How it Affects You: eDiscovery Webcasts

The appearance of the shark can only mean one thing – it’s time for our eDiscovery case week on The Discovery Channel’s Shark Week! Don’t worry, it makes sense to us. :o) So far, 2019 has been another interesting year with notable and important case law decisions related to eDiscovery best practices. What do you need to know about the cases to avoid mistakes made by others and save time and money for your clients?  Here’s a webcast where you can catch up on these cases and find out what they mean to you!

On Wednesday, July 31st at noon CST (1:00pm EST, 10:00am PST), CloudNine will conduct the webcast Key eDiscovery Case Law Review for First Half of 2019.  This CLE-approved* webcast session will cover key case law covered by the eDiscovery Daily Blog during the first half of 2019 to identify trends that lawyers should consider for their own practices. Key topics include:

  • Can ESI related to an unsolved murder case be compelled to be produced in a related civil case?
  • Is the use of biometric fingerprint scanning technology an invasion of privacy?
  • When can non-parties be compelled to produce ESI in litigation?
  • Are social media photos that you didn’t post discoverable if you’ve been tagged in them?
  • Can sanctions be so important that you fight NOT to have a claim against you dismissed?
  • Is being forced to provide your cell phone password the “death knell” for fifth amendment protection?
  • Should a case ruling be reversed if a judge is Facebook friends with one of the parties?
  • Should discovery be stayed while a motion to dismiss is being considered?
  • Does Rule 37(e) eliminate the potential for obtaining sanctions for spoliation of ESI?

As always, I’ll be presenting the webcast, along with Tom O’Connor.  To register for it, click here.  Even if you can’t make it, go ahead and register to get a link to the slides and to the recording of the webcast (if you want to check it out later).  If you want to learn from past eDiscovery case law decisions, this is the webcast for you!

So, what do you think?  Do you think case law regarding eDiscovery issues affects how you manage discovery?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Thinking Like a Millennial: How Millennials are Changing Discovery

Editor’s Note: Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems.  He has also been a great addition to our webinar program, participating with me on several recent webinars.  Tom has also written several terrific informational overview series for CloudNine, including his most recent one, Biggest eDiscovery Challenges Facing Plaintiff’s Attorneys, which we covered as part of a webcast on June 26.  Now, Tom has written another terrific overview regarding the impact of millennials on eDiscovery titled Thinking Like a Millennial: How Millennials are Changing Discovery that we’re happy to share on the eDiscovery Daily blog.  Enjoy! – Doug

Tom’s overview is split into five parts, so we’ll cover each part separately.  Here’s the first part.

Introduction

I was asked to tackle this topic after a question in a recent webinar. It seems to imply that millennials are or will be using some forms of technology that will present significant challenges to ESI preservation and production as the member of that social group enter the work force.

Paul Gentile, Senior Director, Product Marketing at LogMeIn (a.k.a., GoToMeeting) had this observation regarding millennials impact on the workforce:

The major shifts taking place in the modern workforce—remote working, geographically distributed teams, the growing popularity of online collaboration tools—can be attributed to the millennial generation’s preferences that flow into their careers.

But is that really accurate? Haven’t those changes already taken place? Aren’t millennials already part of the work force and using the same tools as the rest of us? Is there some rising tide of millennial software that will befuddle legal technologists in the coming years or are we all on the same technology flight, just some of us are sitting in first class chatting on our tablets on free Wi-Fi while the people in steerage are struggling to sign in to the Boingo signal so they can pay an outrageous fee for three hours of horribly slow connectivity?

In this paper, we will take a look at millennials, what motivates them and how they differ from previous generations and what the impact of millennials is on legal technology and eDiscovery, as follows:

  1. Understanding Millennials and How They Differ from Previous Generations
  2. Drivers for Millennials’ Thinking Today
  3. Impact of Millennials on Legal Technology and eDiscovery
  4. Conclusions and Recommendations

We’ll publish Part 2 – Understanding Millennials and How They Differ from Previous Generations – on Friday.

So, what do you think?  Have the habits of millennials impacted eDiscovery for your organization?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Will CCPA Be a “Dumpster Fire” for Those Trying to Comply? Here are 10 Reasons it Might Be: Data Privacy Trends

We’re less than six months away from the scheduled start of the California Consumer Privacy Act (CCPA) on January 1, 2020.  So, what are the law’s prospects when it goes into effect next year?  According to one article, there are ten reasons why CCPA is going to be a “dumpster fire” when it goes into effect next year.

In Truth on the Market (10 Reasons Why the California Consumer Privacy Act (CCPA) Is Going to Be a Dumpster Fire, written by Alec Stapp), real estate developer Alastair Mactaggart spent nearly $3.5 million last year to put a privacy law on the ballot in California’s November election. He then negotiated a deal with state lawmakers to withdraw the ballot initiative if they passed their own privacy bill. That law – CCPA – was enacted after only seven days of drafting and amending.

Mactaggart said it all began when he spoke with a Google engineer and was shocked to learn how much personal data the company collected and he was motivated to find out exactly how much of his data Google had. But, instead of using Google’s freely available transparency tools, Mactaggart decided to spend millions to pressure the state legislature into passing new privacy regulation.

CCPA has six consumer rights, including the right to know; the right of data portability; the right to deletion; the right to opt-out of data sales; the right to not be discriminated against as a user; and a private right of action for data breaches.  But, according to Stapp, there are ten reasons why CCPA is going to be a “dumpster file”.  Here are a few of them:

  • CCPA compliance costs will be astronomical: According to the article, if CCPA were in effect today, 86 percent of firms would not be ready. With an estimated half a million firms liable under the CCPA, if all eligible firms paid only $100,000, the upfront cost would already be $50 billion.  And, that doesn’t include lost advertising revenue, which could total as much as $60 billion
  • CCPA is potentially unconstitutional as-written: The law’s purported application to businesses not physically located in California raises potentially significant dormant Commerce Clause and other Constitutional problems.
  • GDPR compliance programs cannot be recycled for CCPA: Companies cannot just expand the coverage of their EU GDPR compliance measures to residents of California. For example, the California Consumer Privacy Act contains a broader definition of “personal data”, establishes broad rights for California residents to direct deletion of data with differing exceptions than those available under GDPR and establishes broad rights to access personal data without certain exceptions available under GDPR, among other differences.
  • CCPA’s definition of “personal information” is extremely over-inclusive: CCPA likely includes gender information in the “personal information” definition because it is “capable of being associated with” a particular consumer when combined with other datasets. Also, the definition of “personal information” includes “household” information, which is particularly problematic. A “household” includes the consumer and other co-habitants, which means that a person’s “personal information” oxymoronically includes information about other people.
  • CCPA will need to be amended, creating uncertainty for businesses: As of now, a dozen bills amending CCPA have passed the California Assembly and continue to wind their way through the legislative process. California lawmakers have just over two more months (until September 13th) to make any final changes to the law before it goes into effect.

The complete list of ten reasons that CCPA is going to be a “dumpster file” is provided in the article here.

So, what do you think?  Are you concerned about the status of CCPA?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.