Close
Enter your
text here

eDiscoveryDaily

Here’s a Story Where Picking the Right Font Was Never More Important: eDiscovery Trends

This is a story that a word geek like me can really appreciate.  We talk a lot on this blog about the importance of metadata to provide additional useful information in discovery productions and help minimize the risk of fraud.  You wouldn’t think that the font you use on a document could expose it as a fake document, but in this case, it did.

In Newser (Alleged Fraudster Made a Really Poor Font Choice, written by Arden Dier), the choice of fonts apparently exposed a an alleged fraud scheme in Canada, where Gerald McGoey’s company, Look Communications, went bankrupt at the end of 2017. Ordered to repay $5.6 million to creditors, the former CEO sought to protect two properties—an Ontario farm purchased for $635,000 in 2003, and a cottage bought for $700,000 in 1994—with signed declarations claiming they were held in trust by his wife and three children, and therefore safe from the courts.

Here’s the problem: the farm declaration, dated 2004, was written in Calibri, while the cottage declaration, dated 1995, was written in Cambria. Per Ars Technica, Cambria was designed no earlier than 2004, while Calibri was designed between 2002 and 2004; both only became widely available in 2007.

This according to the expert report of Thomas Phinney, who has a Master of Science in graphic arts from Rochester Institute of Technology School of Printing, specializing in design and typography and over 20 years of experience in the font industry!  I guess there’s an expert for everything!  Anyway, Phinney told the court that no one but a Microsoft employee or contractor could’ve had access to Calibri in March 2004, as it wasn’t widely released until Microsoft’s Office 2007, per the National Post.

Anyway, while McGoey’s lawyers suggested the family was only mistaken about the dates the documents were signed, Ontario Superior Court Justice Michael Penny wrote in a decision earlier this month that “the conclusion that the … trusts are shams is unavoidable”.

According to the National Post, “had McGoey used Times New Roman, a popular default Microsoft font prior to 2007, it’s possible his ruse would never have been discovered.”  Whoops.

I guess if you’re going to forge a document, you’d better be up on your font history.  Or just stick with Times New Roman.

So, what do you think?  Have you ever had a case with forged documents that were identified by an unusual method?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Here’s Something Unique at Legaltech Next Week from CloudNine: eDiscovery Best Practices

Hard to believe that Legalweek begins one week from today and Legaltech (the primary conference within Legalweek) begins the next day.  Legaltech always has a lot to offer every year, between interesting sessions and a busy exhibit hall, but the exhibit hall will be a little busier this year, due to something unique that we have put together at CloudNine – TED-style talk sessions right from our booth with our inaugural NineForum series!

Next Tuesday, January 29 and Wednesday, January 30, prominent and highly respected eDiscovery and litigation support experts will deliver 9 TED-style talks, 20 minutes each, covering important topics impacting legal professionals at CloudNine’s Legaltech booth (#310-312).

Here is a list of the speakers and sessions we have put together for our first ever NineForum:

Tuesday, January 29
Session 1:  10:30-10:50am
SpeakerKelly Twigger, ESI Attorneys & eDiscovery Assistant
TopicFive Most Significant eDiscovery Cases of 2018:  Their Impact on 2019 and Beyond

Session 2:  10:50-11:10am
SpeakersJanice Jaco, Keesal Young & Logan and Amy Sellars, Walmart
Topic: 2019 State of the eDiscovery Union Address:  Issues Facing Large Law Departments and Strategies for Law Firms’ Response

Session 3:  2:00-2:20pm
Speaker: Craig Ball, Craig Ball, P.C.
TopicMobile to the Mainstream:  Meeting Today’s Mobile Device Discovery Challenges

Session 4:  2:20-2:40pm
Speaker: Mike Quartararo, eDPM Advisory Services
TopicRecent eDiscovery Disasters and How to Avoid Them:  Don’t Let This Happen to You!

Session 5:  3:30-3:50pm
SpeakerDoug Austin, CloudNine
TopicDiscovery Isn’t Just for Litigation Anymore: Why Waiting Until the Case is Filed May Now be Too Late

Wednesday, January 30
Session 6:  9:40-10:00am
Speaker: Trent Livingston, ESI Analyst
TopicConnecting the Dots in Investigations:  Empowering your ESI Technology Investment with Metadata Analysis

Session 7:  10:00-10:20am
SpeakerBrandon Law, Oasis Discovery
TopiceDiscovery Today from a Service Provider Point of View

Session 8:  2:30-2:50pm
SpeakerMary Mack, ACEDS
TopicBold eDiscovery Predictions for 2019:  What to Expect and How to Prepare for It

Session 9:  2:50-3:10pm
SpeakerTom O’Connor, Gulf Coast Legal Technology Center
TopicThe State of eDiscovery Education Today:  The Good, The Bad and the Ugly

All of these sessions will be free-of-charge to all show attendees.  So, if you have at least an Exhibits Plus Pass (only $30 through this Thursday, January 24th), you can check them all out.  How cool is that?!?

Anyway, I want to thank all of the speakers for agreeing to participate and I’m very excited to add NineForum to the educational efforts from CloudNine that include this blog and our monthly webcasts (including our upcoming webcast on Wednesday)!

More tomorrow about what to look forward at Legaltech!

So, what do you think?  Are you attending Legaltech next week?  If so, please check out our NineForum session series!  And, as always, please let me know your thoughts or if you have a topic that you’d like to suggest.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

It’s 2019, So it Must Be Time for Another Redaction Flub: eDiscovery Best Practices

I should probably put in a disclaimer that this is not a political post – I would write about this regarding which political party this involved.  It just so happens that the latest high-profile redaction flub happens to be tied to the Russia investigation and Paul Manafort.  Regardless, it leaves me asking the question: when will they ever learn?

As covered on Sharon Nelson’s terrific Ride the Lightning blog (here and here), defense lawyers for Paul Manafort used court papers that were made public last week to say that prosecutors were overblowing a text message exchange cited as proof that Manafort tried to mislead investigators probing Russia’s interference in the 2016 election.  Unfortunately for them, that portion of the filing that had been submitted under seal was improperly redacted in the public version, allowing the text to be lifted from the document with a few keystrokes.

Oops.

Surely, you can’t be serious! (I am serious and don’t call me Shirley!)

Yep, it’s the dreaded redaction flub.  As Sharon pointed out in her blog (and as we’ve pointed out before), all you have to do is to highlight the portion that is redacted, copy it to the clipboard and then paste it to a blank document anywhere.  Voila!  There’s your redacted text.

It doesn’t take a technical genius (much less a rocket scientist) to figure it out.  As Sharon points out, Adobe provides instructions on how to remove sensitive content from PDF files here.  That’s one of many ways to address the problem – there are others, especially if the document is contained within a litigation review platform where you can leverage the review tool to ensure a proper redaction of the file (i.e., any export burns the redaction into the resulting image, eliminating the ability to copy the redacted text).

Regardless, it seems like we see a high-profile redaction flub every 12 to 18 months. If Manafort’s lawyers want to feel a little better, the last redaction flub we covered was committed by the Department of Justice.  So it seems to happen to lawyers all over the place.  Maybe someday, we will have a redaction flub that is SO high-profile, that every lawyer will be familiar with it and know what to do to avoid it.  Or maybe law schools will start teaching how to avoid it.  One may happen – someday.

If you’re curious, Sharon’s blog post does provide a link to the document with the faulty redactions.  You can check it out for yourself.

Speaking of Sharon, she and her husband John Simek have a wonderful podcast called Digital Detectives.  I’m excited to say that I will be a guest on their podcast for the second time!  Sharon and John will be interviewing me next week and the podcast is targeted to be posted on January 28!  I’ll publish a link when it’s available!

So, what do you think?  Will we have redaction flub stories to cover until the end of time?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Mobile to the Mainstream All in One Place: eDiscovery Best Practices

Craig Ball has had a lot to say about mobile device discovery, including various posts on his excellent Ball in Your Court blog (we’ve covered several of those, including this one and this one).  Now, he has assembled all of that good information in a single guide for reviewing all at once!

Mobile to the Mainstream: Preservation and Extraction of iOS Content for E-Discovery is a 24-page PDF guide that is comprised of two sections:

  • Section I (pp. 3-8 and Appendices 1-3) addresses simple, scalable preservation of iPhone and iPad content, enabling litigants to meet the duty to preserve data in anticipation of civil litigation. It informs attorneys who aren’t tech-savvy how to handle iOS-device preservation and explains why there’s little burden or cost attendant to preserving iPhones and iPads. Unlike in other scenarios, Craig points out here the benefits of custodian-directed collection (like the fact that the custodian doesn’t have to give up their phone) and the tamper-proof nature of the iPhone backup process to provide a step-by-step process to perform the backup.
  • Section II (pp. 17 et seq. and Appendix 4) looks at simple, low-cost approaches to extracting relevant mobile data to a standard e-discovery workflow and offers a Mobile Evidence Scorecard to promote consensus as to what forms of mobile content should be routinely collected and reviewed in e-discovery, giving due consideration to need, speed and expense. The Scorecard itself is terrific as it provides a simple handy reference guide regarding the different types of mobile data and the ease of collection, ease of review, potential relevance and whether you should expect to routinely collect that mobile data type.  Craig also identifies several iPhone Backup Data Extraction Tools that are worth checking out, as well.

In the introduction to the guide, Craig sums up the need for these guidelines and tips, as follows:

“Chances are you’re reading this on your phone or tablet. If not, I’ll bet your phone or tablet are at hand. Few of us separate from our mobile devices for more than minutes a day. On average, cell users spend four hours a day looking at that little screen. On average. If your usage is much less, someone else’s is much more.

It took 30 years for e-mail to displace paper as our primary target in discovery. It’s taken barely 10 for mobile data to unseat e-mail as the Holy Grail of probative electronic evidence. Mobile is where evidence lives now; yet, mobile data remains “off the table” in discovery. It’s infrequently preserved, searched or produced.”

Craig will also be presenting regarding mobile devices at the University of Florida E-Discovery Conference in March.  As I noted yesterday, early bird registration is open for $49 for both in person or livestream until January 31st!  That’s 75% off the in-person price!  You can register here to attend, either in person or via livestream.  Do it quickly and save!

Craig will also be presenting as part of our NineForum educational presentations CloudNine is conducting at Legaltech.  More on that program to come in the next few days – it’s very exciting!

So, what do you think?  Do you routinely deal with mobile devices in discovery or is it still rare?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

It’s Never Too Early to Start Talking About the U-Fla E-Discovery Conference Here’s Why: eDiscovery Best Practices

Believe it or not, this is the seventh year for the University of Florida E-Discovery Conference.  As usual, the panel of speakers is an absolute who’s who in eDiscovery.  And, if you act quickly you can save as much as 75% to attend!

The conference focus this year is effectively managing discovery from the opposition. As they state on the site: “The opposition often holds the keys to the case. How can you make sure you get the documents you are entitled to? How can you assure that the opposition is doing the best job identifying, collecting, searching and producing requested documents.”

The conference this year is on Thursday, March 21 from 8am to 6pm ET.  Again this year, U-Fla will also have CareerFest the day before (March 20) at noon ET.

As you can always expect from the U-Fla conference, there are a veritable plethora of experts, including Craig Ball, George Socha, Aaron Crews, Scott Milner, Kelly Twigger, Tessa Jacobs, David Horrigan, Canaan Himmelbaum, Suzanne Clark, Mike Dalewitz, Mike Quartararo, and Ian Campbell.  And, a bunch of distinguished federal and state judges, including U.S. Magistrate Judges William Matthewman, Mac McCoy, Patricia Barksdale, and Gary Jones and retired Florida Circuit Court Judge Ralph Artigliere.

I will be there again as well, presenting in the Special Topics: E-Discovery Nuts and Bolts session.  Topic to be determined, but I’ll come up with something good! (I hope)…  :o)

Normally, it’s only $199 for the entire day in person and only $99 for livestream attendance.  And, members of the 8th Judicial Circuit Bar Association, ACEDS and other Friends of the conference are eligible to receive a discounted rate.

BUT…

Until January 31st, early bird registration is open for $49 for both in person or livestream.  Just $49!  That’s 75% off the in-person price!  If you live in Florida reasonably near Gainesville, there’s no better time to register and attend!  Even if you’re thinking of attending the livestream, that’s half price as well.  That’s beyond a bargain.

You can register here to attend, either in person or via livestream.  Do it quickly and save!

So, what do you think?  Are you going to attend the conference in March?  If so, now’s the time to register!  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Judge Suggests That “Bone-Crushing” Discovery is Needed to Explore Extent of Facebook Breach: Cybersecurity Trends

Remember the latest Facebook breach – the one from September of last year that exposed 50 million accounts?  I say “latest” because you have to differentiate these days.  Well, naturally, that breach spawned several lawsuits.  And, the judge presiding over those suits indicated that he will allow Facebook users “bone-crushing” discovery in those lawsuits, saying he’s sympathetic to users’ concerns and that’s worth “real money” — not just “some cosmetic injunctive relief.”

According to LAW360 (Alsup Wants ‘Bone-Crushing’ Discovery Into Facebook Breach, by Dorothy Atkins, subscription required), U.S. District Judge William Alsup said Facebook users don’t know how badly they’ve been harmed yet and he sees the “real anxiety and harm” to individuals who are going to be worried for the rest of their lives that their personal information and pictures were stolen off of the social media platform.

“That is a real problem that is worth money, not just a security package from Equifax,” he said, adding that the amount at stake is a “serious proposition” for Facebook if found liable.

While Facebook’s attorney indicated that it appears that the hackers only took users’ names and email addresses, Judge Alsup appeared skeptical, saying repeatedly that he’s going to allow their attorneys to take “bone-crushing discovery” to find out if that is true.

“I’ve seen too many defendants that say that and … another good lawyer gets in there, with bone-crushing discovery, and we find out it’s not true,” he said.

Judge Alsup added that many Facebook users post highly personal information on the site, and it doesn’t make sense that hackers would only steal a users’ name and email address when they could also take photos and other more sensitive information.

Facebook announced last September that hackers accessed approximately 50 million accounts from July 2017 through September 2018 by exploiting a vulnerability in Facebook’s code through its “View As” feature, which enabled the hackers to steal access tokens — digital keys that allow users to stay logged into Facebook without having to repeatedly re-enter passwords — that the attackers could then use to take over accounts, according to the company.

Judge Alsup also expressed his own frustrations with serving as a federal judge in a digital age, noting that U.S. marshals are currently trying to figure out how to protect the home addresses of federal judges. He also said a hacker recently stole his identity and posed as him online, posting a blog about the now settled, high-profile Waymo v. Uber trade secrets dispute, which Judge Alsup presided over.

“I think most people realized it wasn’t really me,” the judge said.

Whether that’s true or not, it’s clear Judge Alsup is going to have high expectations regarding discovery related to the breach.

So, what do you think?  Will Facebook face “real money” payouts or “some cosmetic injunctive relief”?  And, what about European interests and GDPR possibly yet to come?  Please let me know your thoughts or if you have a topic that you’d like to suggest.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Ice, Ice Baby! Is eDiscovery Business Confidence on Ice or Warming Up?: eDiscovery Trends

Hard to believe that we’ve started the fourth year of the Complex Discovery eDiscovery Business Confidence Survey!  The results are in for the Winter 2019 eDiscovery Business Confidence Survey and as was the case for the previous three years’ surveys, the results for this year’s Winter survey are published on Rob Robinson’s terrific Complex Discovery site.  How confident are individuals working in the eDiscovery ecosystem in the business of eDiscovery?  Let’s see.

As always, Rob provides a complete breakdown of the latest survey results, which you can check out here.  As I’ve done for the past few surveys, I will provide some analysis and I’m continuing to take a look at all surveys conducted to look at trends over time.  So, this time, I will look at the results for all thirteen surveys to date.

The Winter 2019 Survey response period was initiated on December 27 and continued until registration of 75 responses last week.  Initiated in January 2016, to date the survey has been administered thirteen times with 1,268(!) individual responses.

Providers, Providers, Providers: Software and/or Services Provider respondents tied for the top spot with Law Firm respondents at 29.3% of all respondents.  Consultancy respondents were again third at 22.7%.  If you count law firms as providers (they’re technically both providers and consumers), this is a provider heavy survey with 83.3% of total respondents (which is high, but not as high as last time).  Here’s a graphical representation of the trend over the thirteen surveys to date:

So, it’s another provider heavy survey (if not quite as heavy).  So, how confident are providers in eDiscovery business confidence?  See below.

A Little Over Half of Respondents Consider Business to Be Good: Yo-yo time!  This time, 53.3% of respondents considered business to be good, over 9% (9.1%, to be exact) less than the 62.4% we had last quarter.  And, 4.7% less than last Winter when it was 58%.  10.7% of respondents rated business conditions as bad, which is the first time it was over ten percent since back in Summer 2016.  So, it seems the pattern of up and down over quarters continues.  Here is the trend over the thirteen surveys to date:

So, how good do respondents expect business to be in six months?  See below.

Lowering Numbers on Revenue and Profit Expectations As Well: While most respondents (93.3%) expect business conditions will be in their segment to be the same or better six months from now, that’s almost three percentage points worse than last quarter’s 96.5%), but the percentage expecting business to be better did rise to 52%.  However, revenue (at combined 92% for the same or better) is 2.1 points worse than the last quarter.  Profit expectations (combined 93.3%) rose 6.6 points from last quarter, but with those expecting higher profits dropping to a new low of 28% – 10.7% lower than the previous low and down 25% since last summer. Here is the profits trend over the thirteen surveys to date:

Are the prophets predicting lower profits (see what I did there?) correct?  We’ll see.

It’s Budget Time!  Budgetary Constraints Considered to Be Most Impactful to eDiscovery Business: Budgetary Constraints moved back from tied for last to all the way to the top at 22.7%.  Increasing Volumes of Data was once again second at 21.3%, followed by Increasing Types of Data at 18.7%.  Inadequate Technology was fourth at 13.3%, followed by Lack of Personnel and Data Security tied for last at 12%.  The graph below illustrates the distribution over the thirteen surveys to date:

It’s not surprising that, as often as not, it’s about the costs in the end.

Level of Support Can’t Get More Even: A three-way tie!  Executive Leadership, Operational Management and Tactical Execution respondents were all tied at 33.3%.  So, from a level of support standpoint, you can’t get more balanced than that.  Here’s the breakdown over the thirteen surveys to date:

The variance in distribution continues each quarter, demonstrating that it’s not the same people giving the same answers each time.

Again, Rob has published the results on his site here, which shows responses to additional questions not referenced here including the three recently added questions.  Maybe we’ll cover them soon?  Anyway, check them out.

So, what do you think?  What’s your state of confidence in the business of eDiscovery?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

First Ever Multi-State Data Breach Lawsuit Targets Healthcare Provider: Cybersecurity Trends

Just as the number of data breaches continues to rise, the number of lawsuits over data breaches continues to rise as well.  Chances are that your data has been hacked at some point from at least one company with which you do business.  But this lawsuit is unique.

According to The Expert Institute (12 US States Join Forces to File First Ever Multi-State Data Breach Lawsuit, written by Victoria Negron), an Indiana court will serve as the venue for the first-ever multistate data breach lawsuit, as the attorneys general of twelve US states join forces against a healthcare provider and its subsidiary.

The lawsuit alleges that Fort Wayne-based Medical Informatics Engineering and its subsidiary NoMoreClipboard “failed to take adequate and reasonable measures to ensure their computer systems were protected,” resulting in a 2015 breach that gave hackers access to the personal healthcare information of 3.9 million US citizens. The stolen information included not only identifying details, such as names and Social Security numbers, but also healthcare information, including diagnoses and lab results.

Patients whose data was stolen in the hack had visited 11 different healthcare providers and 44 different radiology clinics, all of whom shared one common feature: they used the WebChart app offered by Medical Informatics Engineering and NoMoreClipboard. Most of the affected patients lived in Indiana, but several others were residents of different states.

In response to the hack, the attorneys general from Arizona, Arkansas, Florida, Iowa, Indiana, Kansas, Kentucky, Louisiana, Minnesota, Nebraska, North Carolina and Wisconsin have jointly filed a cross-state lawsuit alleging multiple violations of the Health Insurance Portability and Accountability Act (HIPAA).  The lawsuit claims that the defendants failed to implement “basic industry-accepted data security measures,” leading to the breach.

According to the article, the use of “tester” accounts (with easily-guessed default usernames and passwords) enabled hackers to launch a SQL injection attack (which is execution of malicious SQL statements to control a web application’s database server), giving them useful information that eventually led to the access of medical data.  Allegedly, Digital Defense, a company specializing in network security solutions, tested the software in 2014 and 2015 and reported “high risk” in the way the system was designed both times, yet the lawsuit alleges that the defendants did not make changes after Digital Defense’s warnings.

Amazingly, not all states allow patients whose personal health information (PHI) is breached to bring a private right of action regarding the breach (hopefully that changes someday), so pursuing legislation at the state level enables the attorneys general named in the complaint to more directly address HIPAA violations and the alleged misconduct that may have caused them.  Of course, chances are that any breach takes months to discover, so it’s not just about the breach, it’s also about discovering the breach too.

So, what do you think?  Will we see more groups of states go after companies who fail to protect sensitive consumer data?  Please let me know your thoughts or if you have a topic that you’d like to suggest.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

2018 eDiscovery Case Law Year in Review, Part 4

As we noted Monday, Tuesday and yesterday, eDiscovery Daily published 65 posts related to eDiscovery case decisions and activities over the past year, covering 56 unique cases!  Yesterday, we looked back at cases related to sanctions and spoliation.  Today, let’s take a look back at cases related to the number one category for 2018 (drum roll, please!), disputes regarding proportionality vs. relevancy vs. privacy!

We grouped those cases into common subject themes and will review them over the next few posts.  Perhaps you missed some of these?  Now is your chance to catch up!

But first, it’s also worth noting that Tom O’Connor and I will be discussing some of these cases – and what the legal profession can learn from those rulings – on our webcast on Wednesday, January 23rdImportant eDiscovery Case Law Decisions of 2017 and Their Impact on 2018 at noon CT (1pm ET, 10am PT).  The webcast is CLE accredited in selected states, so come check it out!

PROPORTIONALITY vs. RELEVANCY vs. PRIVACY

And we all thought that Rule 37(e) had the biggest impact from the 2015 Federal Rules changes when maybe it was actually Rule 26(b)(1)!  Regardless, we’re seeing more disputes regarding proportionality vs. relevancy vs. privacy than ever.  There are a lot of disputes related to proportionality vs. privacy, with some requestors asking for a lot (like permission to email all defendant employees to ask for relevant information) and some responders making strong claims regarding the costs of complying with discovery requests (like a $250,000 estimate to produce metadata related to medical records).  And, we’re also seeing parties identifying privacy as a reason not to comply with discovery requests (including at least one case where even the courts couldn’t agree on the outcome).  Here are our fifteen cases related to proportionality vs. relevancy vs. privacy this past year:

Court Denies Plaintiffs’ Request to Email All Defendant Employees as “Simply Unreasonable”: In Firefighters’ Ret. Sys., et al. v. Citco Grp. Ltd., et al., Louisiana Magistrate Judge Erin Wilder-Doomes denied the plaintiffs’ renewed motion to compel after the parties previously agreed upon search terms and document custodians, stating that the plaintiffs’ request to “email everyone in every Citco entity to ask whether anyone employed by any Citco entity has knowledge relevant to this litigation, and thereafter require the Citco Defendants to conduct additional electronic and hard copy searches for documents” was “simply unreasonable” and would be “unduly burdensome”.

Court Rules on Scope of Plaintiff Discovery Requests: In Performance Pulsation Control, Inc. v. Sigma Drilling Techs., LLC, et al., Texas District Judge Amos L. Mazzant granted the plaintiff’s motion to compel in part, ordering the defendants to produce documents related to four specific categories, but within certain parameters.

NY Appellate Court Reverses Ruling on Discovery of “Private” Facebook Posts: In Forman v. Henkin, the Court of Appeals of New York reinstated a trial judge’s ruling requiring the plaintiff who was disabled in a horse riding accident to turn over “private” photos to the defendant taken before and after her injuries.

Court Compels Discovery in Response to Party That Was Using Outdated Rule 26 Standard: In Cen Com, Inc. v. Numerex Corp., Washington Chief District Judge Ricardo S. Martinez ruled that the Plaintiff’s refusal to comply with the Defendant’s request for discovery using specific search terms was not justified, and that the Plaintiff must “fully comply with the subpoenas that Defendants served upon them and shall produce all responsive documents in a format that is accessible/readable by Defendants.”

Judge’s Ruling on Scope Under Rule 26 Brings a Mixed Bag of Motions Granted and Denied: In TMJ Grp., LLC v. IMCMV Holdings, Louisiana Magistrate Judge Janis van Meerveld ruled on Motions to Compel by both parties, both of which were granted in part and denied in part.

Plaintiff is Able to Get Some Subpoenas for Personal Data Quashed, But Not All: In Delgado v. Tarabochia, et al., Washington District Judge Robert S. Lasnik granted in part and denied in part the plaintiff’s motion to quash subpoenas for personal phone records and bank records, finding that phone records before the plaintiff’s hand injury on the defendant’s fishing boat were “of vital importance to defendants’ theory of the case”, but that the need for pre-incident bank records was not proportional to the needs of the case and that, with regard to subpoenas of post-incident data, defendants were “fishing”.

Court Rejects Search Terms by Both Sides as Overly Inclusive: In Am. Municipal Power, Inc. v. Voith Hydro, Inc., Ohio Magistrate Judge Elizabeth A. Preston Deavers ruling on the parties’ arguments from a May discovery conference, concluded that search terms proposed by both parties in the case were overly inclusive.

Court Puts an End to an Inquiry to “Rival the Punic Wars”: In Motorola Sols., Inc. v. Hytera Commc’ns Corp., Illinois Magistrate Judge Jeffrey Cole, ruling on what started as a stolen intellectual property (IP) case, admitted making a mistake and put a halt to the extensive discovery of 700,000 documents over 8 months, saying, “While the inquiry should have been uncomplicated, it has become a long, drawn out, pitched battle—one, in a rhetorical sense, to rival the Punic Wars—albeit without the elephants and the Alps and the sheer drama.”

Court Vacates Order Requiring Defendant to Review and Produce as Much as Three Million Emails: In Nece v. Quicken Loans, Inc., Florida District Judge Steven D. Merryday sustained the defendant’s objection to an order requiring the defendant to produce all documentation related to do-not-call requests received between September 2012 and June 2013 and also required the plaintiff to move for class certification by April 13.

Court Rules Search Terms Overly Broad Under Rule 26 in Convertible Top Patent Case: In Webastro Thermo & Comfort v. BesTop, Inc., Michigan Magistrate Judge R. Steven Whalen ruled in favor of the plaintiff’s protective order, requesting the narrowing of search terms for ESI production in this patent dispute.

Court Rules Non-Party Subpoenaed ESI Not Subject to 100-Mile Boundary: In Curtis v. Progressive N. Ins. Co., Oklahoma District Judge Robin J. Cauthron, noting that the non-party “subpoena at issue does not require the travel or attendance of any witnesses and Plaintiff is requesting the production of electronic documents”, found that “there is no violation of the 100-mile limitation for electronic documents pertaining to Rule 54” and granted the plaintiff’s Motion to Compel Compliance with Subpoena directed to the non-party.

Court Grants Defendant’s Motion to Compel Various Records from Plaintiff in “Slip and Fall” Case: In Hinostroza v. Denny’s Inc., Nevada Magistrate Judge Nancy J. Koppe granted the defendant’s motion to compel discovery various sources of ESI related to the plaintiff’s claim of injuries resulting from a “slip and fall” accident at one of the defendant’s restaurants.

Court Compels Non-Party Insurance Agents to Produce Text Messages in TCPA Case: In Gould v. Farmers Insurance Exchange, Missouri District Judge Rodney W. Sippel granted the plaintiff’s motion to compel two non-party Farmers Insurance agents to comply with subpoenas and produce documents pertaining to text messages that they allegedly sent to potential customers, rejecting the agents’ argument that compliance with the subpoenas would violate their Fifth Amendment right against compelled, self-incriminating testimony.

Court Grants Motion to Quash Subpoena From Defunct Non-Party Entity: In Swift Beef Co. v. Alex Lee, Inc., Kansas Magistrate Judge Kenneth G. Gale, finding that “the information requested by the subpoena has limited relevance and is not proportional to the needs of the case” and that the non-party entity (Vantage Foods) had established that its production would be unduly burdensome, granted Vantage’s Motion to Quash Subpoenas and denied the plaintiff’s Motion to Compel Compliance with Subpoena as moot.

Court Denies Defendant’s Request for Protective Order Against Producing Metadata for Medical Records: In Miller v. Sauberman, New York Supreme Court Justice Joan A. Madden, despite the defendant’s estimated cost of $250,000 to produce metadata related to the plaintiff’s medical records, denied the defendant’s motion for a protective order and granted the plaintiff’s cross-motion to compel the production of that metadata within 30 days of the decision and order.

That’s it for this year’s review, but we’ve already started assembling cases for next year with this decision we covered last week.  So, what will be the notable cases of 2019?  Catch them as we cover them here all year!

Want to take a look at cases we covered the previous seven years?  Here they are:

So, what do you think?  Did you miss any of these?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

2018 eDiscovery Case Law Year in Review, Part 3

As we noted Monday and yesterday, eDiscovery Daily published 65 posts related to eDiscovery case decisions and activities over the past year, covering 56 unique cases!  Yesterday, we looked back at cases related to mobile device discovery, technology assisted review, the use of sampling to settle disputes, objections to production requests, an update on an interesting dispute between an eDiscovery provider and their former sales people and the final(?) post regarding the ubiquitous Apple v. Samsung case.  Today, let’s take a look back at cases related to sanctions and spoliation.

We grouped those cases into common subject themes and will review them over the next few posts.  Perhaps you missed some of these?  Now is your chance to catch up!

But first, it’s also worth noting that Tom O’Connor and I will be discussing some of these cases – and what the legal profession can learn from those rulings – on our webcast on Wednesday, January 23rdImportant eDiscovery Case Law Decisions of 2017 and Their Impact on 2018 at noon CT (1pm ET, 10am PT).  The webcast is CLE accredited in selected states, so come check it out!

SPOLIATION / SANCTIONS

For the first time ever, sanctions and spoliation issues are not the topic with the largest number of case law decisions related to eDiscovery that we covered last year (only 13 out of 56 total cases for 23.2% of all cases covered).  Admittedly, there are some sanctions issues in a couple of cases we classified in other categories.  Nonetheless, Rule 37(e) may have made an impact on the likelihood of significant sanctions, but there are still significant sanctions applied to litigation parties and we had some interesting cases this year, capped off by a case involving Jimi Hendrix copyright infringement.  Here are our thirteen sanctions and spoliation cases this past year:

No Sanctions for Spoliation of ESI Against Plaintiff Leads to Summary Judgment Against Defendant: In IBM v. Naganayagam, New York District Judge Nelson S. Romàn, finding that no intent to deprive by the plaintiff and no prejudice against the defendant for spoliation of ESI, denied the defendant’s motion for spoliation sanctions, which facilitated granting the plaintiff’s motion for summary judgment against the defendant by Judge Romàn.

No Sanctions for Failing to Preserve Videos and Photos of Prisoner Accident: In Hernandez v. Tulare Cnty. Correction Center, et al., the California Magistrate Judge denied the plaintiff’s motion for sanctions, ruling that the defendants did not act with the intent to deprive there was no prejudice to the plaintiff from loss of videos and photos of an accident suffered by the plaintiff, a state prisoner at the defendant’s correctional facility.

No Sanctions for Failing to Preserve Cell Phone Records and Call Logs: In Dotson, et al. v. Edmonson, et. al., Louisiana District Judge Susie Morgan denied the plaintiff’s motion in limine seeking sanctions for spoliation of evidence, finding that the plaintiff had “not met his burden of establishing that the Trooper Defendants had a duty to preserve” cell phone records and call logs from the evening of October 7, 2015 from Louisiana State Police (LSP) issued cell phones that were used that night by LSP officers during an undercover operation, or that their destruction of the evidence was intentional.

Former Football Players Sanctioned for Failure to Produce: In Michael E. Davis, et al. v. Electronic Arts, Inc., California Magistrate Judge Donna M. Ryu ruled that the plaintiff’s failure to fully comply with the discovery requests by the defendant were sanctionable under FRCP Rule 37, which states, “Such sanctions may include ordering a party to pay the reasonable expenses, including attorneys’ fees, caused by its failure to comply with the order or rule.”

Former Employee Sanctioned for Lying Under Oath, Destruction of ESI: In Heggen v. Maxim Healthcare Servs., Inc., Indiana Magistrate Judge Susan Collins ruled that the plaintiff’s destruction of requested cellphone recordings, as well as lying under oath, were sanctionable under FRCP Rule 37.

Court Grants Adverse Inference Sanction Against Infringing Author: In Nunes v. Rushton, Utah District Judge Jill N. Parrish, ruling that the plaintiff was prejudiced by the deletion of one of the defendant’s Google “sock puppet” accounts, granted the plaintiff’s motion for sanctions in part, ordering an adverse instruction to the jury regarding the “bad faith” deletion of that account.  Judge Parrish denied the motion with regard to several other accounts, ruling that the plaintiff was not prejudiced by deletion of those accounts (as most of the information was still available or recoverable).

Court Sanctions Plaintiff After Jury Verdict for Failing to Disclose Third Party Communications: In Singer Oil Co., LLC v. Newfield Exploration Mid-Continent, Inc., Oklahoma District Judge Vicki Miles-LaGrange ruled that the plaintiff did violate Federal rules by not disclosing the communications its counsel had with the third parties referenced in plaintiff’s counsel’s time records, but found that the defendant’s proposed sanction was an “extremely harsh sanction not warranted by the circumstances involved” and limited the plaintiff sanction to require the plaintiff to pay the attorneys’ fees the defendant incurred in filing its motion for sanctions and its reply.

Even with Bad Communication and Unfulfilled Discovery Obligations, Sanctions Still Not Granted: In US v SuperValu, Illinois District Judge Richard Mills ruled against sanctions requested by the defendants at this time, even though the relators didn’t “live up to their discovery obligations.”

Houston, We Have an Adverse Inference Finding: In Hernandez, et al. v. City of Houston, Texas District Judge Kenneth M. Hoyt, finding that the defendant “intentionally destroyed” evidence by wiping the hard drives of several custodians no longer employed by the City, determined “that entering an adverse inference finding is appropriate” against the defendant.

In No Small Ruling, Court Takes Defendant to Task for Discovery Violations: In Small v. Univ. Med. Ctr., Nevada Magistrate Judge Peggy A. Leen, in a lengthy ruling so large it included a table of contents, accepted and adopted in part and overruled in part the Special Master’s Report and Recommendation and Final Findings of Fact and Conclusions of Law.  Judge Leen sanctioned the defendant with an adverse inference instruction to the jury instead of the default judgment sanction recommended by the special master four(!) years prior.

Court Denies Plaintiff’s Request for Sanctions for Defendant’s Failure to Preserve Surveillance Video: In Ball v. George Washington Univ., District of Columbia District Judge Dabney L. Friedrich, denied the plaintiff’s motion for sanctions for allegedly destroying two surveillance videos, stating: “Because Ball has not proven—even by a preponderance of the evidence—that GW permanently stored the Lafayette Hall surveillance footage, the Court need not conduct further inquiry under Rule 37(e).”

Judge Recommends Sanctions for Defendant Under FRCP 37(e)(1): In Franklin v. Howard Brown Health Ctr., the Illinois Magistrate Judge, stating that “the defendant has had to concede that, at the very least, it bollixed its litigation hold – and it has done so to a staggering degree and at every turn”, recommended that the plaintiff’s motion for discovery sanctions be granted to the extent that the “parties be allowed to present evidence and argument to the jury regarding the defendant’s destruction/failure to preserve electronic evidence in this case”.

Court Sanctions Defendants in Jimi Hendrix Copyright Infringement Case: In Experience Hendrix, L.L.C. et al. v. Pitsicalis et al., New York District Judge Paul A. Engelmayer granted the plaintiffs’ motion for an adverse inference instruction against selected defendants associated with Purple Haze Properties (referred to as the “PHP defendants”) and he directed the PHP defendants to pay the reasonable fees and costs incurred by plaintiffs in bringing the motion.  He denied (at least at this time) the plaintiffs’ request for terminating sanctions and a preliminary injunction against the PHP defendants.

One more day to go!  What category will we cover tomorrow that had the most cases we covered this past year?  Stay tuned!

Want to take a look at cases we covered the previous seven years?  Here they are:

So, what do you think?  Did you miss any of these?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.