Close
Enter your
text here

eDiscoveryDaily

GDPR is Here! Is Your Law Firm Fully Prepared for It? Maybe Not: Data Privacy Trends

Unless you live under a rock, you know that the deadline for compliance with Europe’s General Data Protection Regulation (GDPR) has come and gone (it was May 25 – almost three weeks ago now).  So, does that mean your law firm is fully ready for it?  Based on the results of one survey, the odds are more than 50-50 that they’re not.

In Legaltech® News (Not Just Corporate: Law Firms Too Are Struggling With GDPR Compliance, written by Rhys Dipshan), the author covers a recent Wolters Kluwer survey which was conducted among 74 medium (26-100 staff members) to large (100-plus) law firms.  The result?  Less than half (47 percent) feel fully prepared to address the new GDPR requirements.  Another 16 percent of respondents said they were somewhat prepared and more than a third (37 percent) had made no specific preparations.

Barry Ader, vice president of product management and marketing at Wolters Kluwer, noted that part of the reason why many law firms were unprepared for GDPR was because they thought there would be an extension to the deadline. “Many of the law firms kind of half expected that there would be a delay, and they wouldn’t have had to solve the problem by May 25,” he said.  Ader also noted that the lack of preparation was also a sign that “law firms just don’t have the necessary skills, people, and budget to figure out how to handle GDPR.”

Other notable results:

  • Fewer than half of respondents (43 percent) had assigned a Data Protection Officer, a requirement of many organizations under GDPR. However, nearly 60 percent had assigned an individual, team or outside consultant to lead GDPR compliance efforts. And, approximately 72 percent of those surveyed were also investing in cybersecurity solutions due to the new regulation.
  • With regard to employee training on security, the survey found that only 43 percent of law firms conducted security and privacy training annually, while 24 percent had done training in the past three years. An additional 15 percent said that while they did not currently train employees, they were planning to do so in the near future. Amazingly, 17 percent of respondents did not conduct training and had no plans to train at all.

If you’re a client of a law firm, you may want to check to see if your firm can demonstrate full preparedness for GDPR.  If you believe this survey, chances are greater that they can’t do so than they can.

So, what do you think?  Is your organization fully prepared for GDPR?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Rejects Search Terms by Both Sides as Overly Inclusive: eDiscovery Case Law

Monday, I asked for a call for key eDiscovery case law cases in 2018 to cover.  While this one wasn’t overtly suggested, it was covered by Ralph Losey in his excellent e-Discovery Team® blog the same day, so that works too… :o)

In Am. Municipal Power, Inc. v. Voith Hydro, Inc., No. 2:17-cv-708 (S.D. Ohio June 4, 2018), Ohio Magistrate Judge Elizabeth A. Preston Deavers ruling on the parties’ arguments from a May discovery conference, concluded that search terms proposed by both parties in the case were overly inclusive.

Case Background

The parties provided extensive letter briefing for a discovery conference on May 24, 2018 regarding discovery disputes relating to the production of ESI and other documents, with the parties’ dispute centered around two ESI-related issues: (1) the propriety of a single-word search by Project name proposed by the defendant which it sought to have applied to the plaintiff’s ESI and (2) the propriety of the plaintiff’s request that the defendant run crafted search terms which the plaintiff proposed that were not limited to the Project’s name.

Judge’s Ruling

After careful consideration of the parties’ letter briefing and their arguments during the discovery conference, Judge Deavers concluded as follows with regard to the defendant’s proposed search terms:

“Voith’s single-word Project name search terms are over-inclusive. AMP’s position as the owner of the power-plant Projects puts it in a different situation than Voith in terms of how many ESI “hits” searching by Project name would return. As owner, AMP has stored millions of documents for more than a decade that contain the name of the Projects which refer to all kinds of matters unrelated to this case. Searching by Project name, therefore, would yield a significant amount of discovery that has no bearing on the construction of the power plants or Voith’s involvement in it, including but not limited to documents related to real property acquisitions, licensing, employee benefits, facility tours, parking lot signage, etc. While searching by the individual Project’s name would yield extensive information related to the name of the Project, it would not necessarily bear on or be relevant to the construction of the four hydroelectric power plants, which are the subject of this litigation. AMP has demonstrated that using a single-word search by Project name would significantly increase the cost of discovery in this case, including a privilege review that would add $100,000 — $125,000 to its cost of production. The burden and expense of applying the search terms of each Project’s name without additional qualifiers outweighs the benefits of this discovery for Voith and is disproportionate to the needs of even this extremely complicated case.”

Judge Deavers also concluded this with regard to the plaintiff’s proposed search terms:

“AMP’s request that Voith search its ESI collection without reference to the Project names by using as search terms including various employee and contractor names together with a list of common construction terms and the names of hydroelectric parts is overly inclusive and would yield confidential communications about other projects Voith performed for other customers. Voith employees work on and communicate regarding many customers at any one time. AMPs proposal to search terms limited to certain date ranges does not remedy the issue because those employees still would have sent and received communications about other projects during the times in which they were engaged in work related to AMP’s Projects. Similarly, AMP’s proposal to exclude the names of other customers’ project names with “AND NOT” phrases is unworkable because Voith cannot reasonably identify all the projects from around the world with which its employees were involved during the decade they were engaged in work for AMP on the Projects. Voith has demonstrated that using the terms proposed by AMP without connecting them to the names of the Projects would return thousands of documents that are not related to this litigation. The burden on Voith of running AMP’s proposed search terms connected to the names of individual employees and general construction terms outweighs the possibility that the searches would generate hits that are relevant to this case. Moreover, running the searches AMP proposes would impose on Voith the substantial and expensive burden of manually reviewing the ESI page by page to ensure that it does not disclose confidential and sensitive information of other customers. The request is therefore overly burdensome and not proportional to the needs of the case.”

So, what do you think?  Are these parties overreaching, do they need a course in search best practices or do they need a TAR approach?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Lawyers Failing to Cite Important Cases in Their Briefings is Far From Unprecedented: eDiscovery Case Law

Lawyers often spend hours on legal research to identify cases to cite in their briefings to the court.  Hopefully, they do a thorough job and identify all of the key case precedents that can support their case.  But, how often do they miss key, highly relevant cases?  And, how often do those omissions jeopardize the outcome of their cases?  Based on one survey of Federal and State judges, it happens a lot.

The legal research company Casetext surveyed 66 federal and 43 state judges to learn whether missing precedent over affects the outcome of a matter and published the findings in a report The Prevalence of Missing Precedents (available for download here).  The survey asked just two questions:

  1. How often do you or your clerks uncover case law that attorneys should have cited in their briefing but did not?
  2. Has a party missing a precedent before your chambers impacted the outcome of a motion or proceeding?

With regard to the first question, judges were asked how often they uncover case law that is not cited in the attorney’s brief, on a scale of “never happens” to “almost every case.” The findings revealed that:

  • 83 percent of the judges said that they or their clerks catch attorneys missing relevant cases at least some of the time.
  • Over 27 percent of the judges (and 29 percent of the federal judges) see it occur the majority of the time or in almost every case.
  • Less than 17 percent experienced missed cases rarely.

With regard to the second question, when asked whether missing precedent impacts the outcome of a motion or proceeding, over 68 percent of judges (and nearly 70 percent of federal judges) have experienced missing precedent impacting the outcome of a motion or proceeding.

Of course, as Bob Ambrogi notes in his LawSites blog, “For Casetext, the takeaway of this survey is that lawyers should use its CARA artificial intelligence technology to help find missing cases.”  And, that is certainly a good tool.  But, as Bob notes (and I agree), it’s important to use multiple tools to round out your legal research.  When it comes to research about eDiscovery cases (and which ones we’re going to cover), we use eDiscovery Assistant (our write-up on that tool is here), which is a great research tool.

And, eDiscovery Daily has written over 600 case law write-ups, covering over 460 unique cases, since our inception in 2010.  So, you can always check our site as well!

So, what do you think?  What sites do you research for case law precedents?  Or any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Daily First Ever Call for Important Case Law

We’ve already covered 21 eDiscovery related case law decisions so far this year (18 of them are case law decisions that happened this year, 3 of them covered early in the year were decisions from last year).  Believe it or not, that’s less than we’ve usually covered by this point in the year.  But, have we covered the most important case rulings so far this year?  Do you have one or more favorite case law decisions so far this year?  Now is your chance to weigh in and tell us about it!

Usually, we pick the cases to cover and I think we generally do a pretty good job of picking important case law decisions with regard to eDiscovery.  So far this year, we’ve covered a case where the plaintiff wanted to email all of the defendant employees to request relevant ESI, where one plaintiff’s case was dismissed after she was found to have manufactured text messages, an appellate court reversed a lower court ruling and ordered the plaintiff to turn over private photos on Facebook, a ruling regarding warrantless cell phone searches at the US border, a ruling involving the deletion of “sock puppet” social media accounts by an infringing author and a case where the defendant owners of a fishing boat were told by the court that their request for ESI after an incident on their boat amounted to “fishing” (what else would you expect?).  :o)

However, while it would be great to cover every case law decision, we want to cover other stories as well.  As a result, we are simply going to miss covering some important case law decisions.  But, have we missed any of the most important ones (at least in your view)?  If so, we want to hear from you.

Next month, Tom O’Connor and I will conduct a webcast covering important case law decisions from the first half of 2018.  We plan to do it the week of July 23rd, which is Shark Week on the Discovery Channel and “Case Week” for us (why? because it’s fun!).  If you think there is an important case from this year so far that needs to be covered, we want to hear from you!  The sooner, the better as we would like to cover the case on eDiscovery Daily before Tom and I discuss it during next month’s webcast.  So, if you have a favorite case so far from 2018, or two of them, or even several of them, please let us know.

So, what do you think?  Do you have any favorite cases from 2018 so far?  If so, please share those!  Or any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Plaintiff is Able to Get Some Subpoenas for Personal Data Quashed, But Not All: eDiscovery Case Law

In Delgado v. Tarabochia, et al., No. C17-1822RSL (W.D. Wash. May 4, 2018), Washington District Judge Robert S. Lasnik granted in part and denied in part the plaintiff’s motion to quash subpoenas for personal phone records and bank records, finding that phone records before the plaintiff’s hand injury on the defendant’s fishing boat were “of vital importance to defendants’ theory of the case”, but that the need for pre-incident bank records was not proportional to the needs of the case and that, with regard to subpoenas of post-incident data, defendants were “fishing”.

I’ll pause a moment to let you enjoy the irony of that statement… :o)

Case Background

Anyway, the plaintiff injured his hand while on board the F/V JOYCE MARIE and sued the vessel and vessel owner(s) for Jones Act negligence and unseaworthiness, alleging that he lost his balance and his hand went through a plate glass window on the wheelhouse, causing severe injuries with continuing disabilities.  However, another crew member on board at the time of the incident claimed that the plaintiff was using heroin in the days leading up to the incident and was in the midst of a heated argument with his girlfriend when he punched through the window.  After the plaintiff left the vessel, defendants located a computer file supposedly created by the plaintiff, containing text messages, emails, and photographs dated October 2013 to July 2014 that seemed to reflect drug transactions and a volatile relationship, but the plaintiff (in his deposition) denied fighting with his girlfriend and denied punching through the wheelhouse window.  Reporting that he had no feeling in three of his fingers and his thumb and was in constant, severe pain, the plaintiff claimed he was entitled to damages of $3 million, but the defendant had surveillance video that seemed to contradict the plaintiff’s testimony regarding the extent and severity of his injuries.

The defendants issued three subpoenas for phone records from January 2014 to the present, including all account information, call and text message logs, and roaming data. They also issued two subpoenas for bank records for the same period, seeking detailed summaries of credit and debit card transactions, withdrawals, and deposits. The plaintiff seeks to quash all five subpoenas as irrelevant and an unwarranted burden on his privacy interests.

Judge’s Ruling

With regards to the pre-incident phone records, Judge Lasnik indicated that “defendants have identified a specific need to confirm events and authenticate communications that are directly relevant to a determination of whether defendants’ negligence and/or the vessel’s unseaworthiness caused plaintiff’s injuries. To the extent these records mirror the electronic files found on the vessel’s computer and corroborate the other crewman’s statements, they are of vital importance to defendants’ theory of the case. While much will be disclosed that has nothing to do with this case, plaintiff’s privacy interests do not outweigh the need to obtain relevant information regarding the cause of plaintiff’s injuries in this case where plaintiff says he is entitled to damages of $3,000,000.”

With regards to the pre-incident bank records, Judge Lasnik stated that “defendants offer no reason to suspect that these records will authenticate or corroborate the electronic files plaintiff left behind. Production of plaintiff’s pre-incident finances, including every purchase and every deposit, is unlikely to result in admissible evidence (there is no reason to suspect that plaintiff used a credit card to purchase heroin or that defendants would be able to identify such transactions from a list of charges or withdrawals). Because of its minimal relevance and the outsized burdens it would impose on plaintiff’s privacy interests, discovery of the pre-incident bank records is not proportional to the needs of the case.”

As for the post-incident phone and bank records, Judge Lasnik stated that “defendants are fishing” and granted the plaintiff’s motion to quash the subpoena for these records because the “balance of the benefits and burdens of these post-incident discovery requests are not in defendants’ favor: they are not prompted by any specific need for information and are likely to drive discovery and generate disputes that are wholly collateral to the primary issues in this case.”

So, what do you think?  Did the judge assess the relevancy and proportionality in this case correctly and were the defendants “fishing” for the post-incident records?  Tee-hee!  Please share any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

As Blockchain Joins the Healthcare Profession, Are Legal Departments Prepared to Keep Up?: eDiscovery Trends

When we hear the word blockchain, most of us still think of Bitcoin, that mysterious new currency that seems to equally enthrall forward thinking investors and less-than-savory entrepreneurs who lurk around the darkest parts of the Dark Web. But blockchain technology is finding more and more practical uses, most recently in the healthcare industry.

In a recent Wall Street Journal Article, blockchain is presented as a low-cost, highly secure way to unify healthcare records, which to date has been a huge obstacle. As the article puts it, “In the current tangle of incompatible records systems that typifies U.S. health care, incorrect information can creep in when patient data gets re-entered multiple times by doctors’ offices, insurers and hospital staff. Big errors can seriously affect the quality of care that patients receive, small discrepancies can result in wrongful denials of insurance coverage, and errors of all types add to the system’s cost.”

In very simplified terms, Blockchain works like a giant Google Sheet: a single ledger that can be added to simultaneously by all users in the system, with each “transaction” creating an audit trail so that its data is nearly infallible. For healthcare records systems, this can put patients, insurers, and providers literally on the same page, providing secure and accurate information for all stakeholders across the board.

In January, Nashville-based Change Healthcare (a network of 800,000 physicians, 117,000 dentists and 60,000 pharmacies) introduced a blockchain system for processing insurance claims. The shared ledger of encrypted data gives providers a “single source of truth,” according to Emily Vaughn, blockchain product development director at Change Healthcare.

All parties can see the same information about a claim in real time, so that a patient or provider won’t have to call multiple parties to verify information. Each time data is changed, a record is shown on the digital ledger, identifying the responsible party. Any changes also require verification by each party involved, ensuring record’s accuracy.

Change Healthcare won’t reveal actual numbers about how much the new system (which processes roughly 50 million events daily) cuts costs, but the efficiencies, accuracy, and security will no doubt bring huge savings.

The question regarding the eDiscovery implications with this type of move are clear: How will this data be preserved, collected, and prepared for review? It’s not so much a question of a technical nature (though that will have to be answered by someone, but I’ll leave it to the software engineers to properly answer it). What I mean to say, is that anytime a new data source is introduced into the organization’s landscape, the question of preservation, collection, and production should already be on the minds of the legal department. Often, changes in a company’s technology infrastructure are driven by departments outside of legal: usually a combination of IT and business units looking for efficiency, security, and cost savings. Many times, large decisions will be made, leaving the legal team in the position of playing catch up when it comes to discovery should litigation arise.

So, even if your company isn’t moving to blockchain anytime in the near future, this story of what is happening in the healthcare space is important to consider, because, to quote the poet William Blake, “What is now real, was once only imagined.” And the potential uses for blockchain technology lately seems to be on everyone’s mind.

So, what do you think?  How do you see the increased use of blockchain technology affecting eDiscovery?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Freedom of Information? Not Necessarily for Text Messages: eDiscovery Trends

What percentage of Freedom of Information Act (FOIA) requests actually result in receiving all of the information requested?  75 percent?  50 percent?  You might be surprised.  Apparently, according to a recent survey, one part of the problem could be the lack of capturing text messages within government organizations.

According to the 2018 Public Sector Text & Mobile Communications Survey from Smarsh, 70 percent of federal, state, county and city government organizations surveyed report allowing SMS/text for official business communication.  But, almost half of those (46 percent) are not formally capturing and retaining these messages.  There were 236 total respondents in the survey.

Here are some other interesting findings from the report:

  • The vast majority of agencies allow organizational email (97 percent) on mobile devices, but right behind it is SMS/text messaging, with 70 percent allowing it for official government business. Social channels Facebook and Twitter are the next most frequently cited, with 58 percent and 44 percent, respectively.
  • Two-thirds of surveyed organizations allow employees to use their own BYOD devices for official business, for those devices, only 35 percent of respondents are retaining SMS/text messages (as opposed to 62 percent for Corporate Owned Personally Enabled (COPE) devices).
  • The top four reasons SMS/Text records are NOT captured are: 1) Don’t currently have budget this year, 2) SMS/text isn’t required to be retained by law, 3) Waiting for Capstone/FOIA guidance, 4) Existing capture technologies are too complicated.
  • The majority of respondents, 62 percent or nearly 2/3, lacked confidence that they could provide specifically requested mobile text messages promptly if responding to a public records or litigation request.
  • Agencies with no retention solution in place have very little confidence in their ability to fulfill requests. 23 percent reported that if requested, it was unlikely they could produce SMS/text messages from their organizational leader at all.

When you hear these stats, you might be surprised the numbers aren’t higher.  Last year, Federal Freedom of Information Act (FOIA) litigation jumped 26 percent over the previous year. In 2018, that number is on track to increase again. While an average of 2.08 lawsuits were filed each day in 2017, 2018 has seen the average increase to 2.72 lawsuits per day.  Last year, there were 823,222 Federal FOIA requests – 78 percent of those requests yielded censored files or no records at all.  In other words, only 22 percent of FOIA requestors got everything they asked for.  22 percent!  And, the Federal government spent $40.6 million in legal fees defending its withholding of files in 2017.  Freedom of information isn’t free, apparently.

I guess it isn’t surprising that government agencies are struggling with the same challenges of collecting and keeping mobile device data that other organizations are.  Maybe we should conduct a webinar on the topic?  Does two weeks from today work for you?  :o)

So, what do you think?  Is your organization able to produce text messages from your employees if needed?  Please share any comments you might have or if you’d like to know more about a particular topic.

P.S. — Happy Birthday, Carter!

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Plaintiff Argument for Failure to Produce Cell Phone Data in Wife’s Name is “Unpersuasive”: eDiscovery Case Law

In Ortiz v. Amazon.com LLC, et al, No. 17-cv-03820-JSW (MEJ) (N.D. Cal. May 25, 2018), California Magistrate Judge Maria-Elena James ordered the plaintiff, who failed to produce court-ordered cell phone records because the account was in his wife’s name and refused to provide her information, to provide defendant Golden State with his cell phone account holder’s name and address so that defendant could subpoena the cell phone records from her.  Judge James also ordered the plaintiff to appear for a deposition in San Francisco, as originally scheduled, instead of Los Angeles (where the plaintiff had moved).

Case Background

In this case on March 7, 2018, the Court ordered the plaintiff to produce his cell phone records to Golden State no later than April 6, 2018. The plaintiff stated these records were not in his possession or control, as the account for the phone records was in his non-party wife’s name.  The plaintiff claimed he had attempted to obtain the phone records by requesting them from the carrier, but was not authorized to do so, nor could he get them from his wife (the plaintiff didn’t explain why).  He did not inform Golden State that the cell phone records were in his wife’s name and thus unobtainable until April 27, 2018 – three weeks after the Court-ordered deadline for production.  The plaintiff also refused to provide his wife’s name and address to allow defendant Golden State to subpoena the records from her, despite his representations that he would do so by May 8 and 16.

Also, on January 25, 2018, defendant Golden State requested the plaintiff’s availability for deposition and, at the beginning of March, he confirmed his deposition would take place on April 23, 2018. On March 7, 2018, defendant Golden State served a Notice of Deposition that Plaintiff’s deposition would take place at defense counsel’s San Francisco office, but on April 19, 2018, Plaintiff cancelled the deposition because he moved to Los Angeles.

The plaintiff defendant Golden State filed two joint discovery dispute letters, from which the Court made its ruling.

Judge’s Ruling

In assessing the request for cell phone records, Judge James stated that “Plaintiff does not explain his delay in informing Golden State that the cell phone records are not in his possession or control. Plaintiff knew or should have known who is named on the account; he offers no reason why this information was not available to him prior to April 27. Plaintiff has known as early as September 18, 2017, and at the very latest, as of March 7, 2018, that he had to produce his phone records… Plaintiff states that, ‘[f]or personal reasons, Plaintiff wishes to maintain the details of his relationship status, and interactions with his wife, private.’…This argument is unpersuasive. By alleging Golden State failed to pay him for all hours worked and to provide him with meal and rest breaks, Plaintiff has placed his work day activities—including whether he made or received phone calls or text messages on his personal cell phone—at issue. Providing the account holder’s name and address reveals minimal details, if any, about Plaintiff’s marital status or interactions.”  As a result, Judge James ordered the plaintiff to provide defendant Golden State with his cell phone account holder’s name and address so that defendant could subpoena the cell phone records from her.

As for the deposition, Judge James ordered the deposition to be conducted in San Francisco, noting the fact that the plaintiff “did not inform Golden State that his relocation would cause difficulties until the eve of the deposition is not well taken” and rejecting the plaintiff’s proposed compromise to have one of Golden State counsel’s Los Angeles attorneys take the deposition in counsel’s Los Angeles office.  She also granted Golden State’s request for an order that “Plaintiff appear at his deposition before he can compel or proceed with depositions of Golden State’s witnesses”.

So, what do you think?  Do these seem like delay tactics or could the plaintiff have had a legitimate reason for failing to produce the cell phone records?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Unsure About How to Map Your Data for GDPR? Here are Several Templates to Get Started: Data Privacy Best Practices

Now that Europe’s General Data Protection Regulation (GDPR) is in effect, all organizations out there have a good handle on all of their data, including which personally identifiable information (PII) they handle for European data subjects out there and clear policies for how they ensure protection of that PII.  Right?  OK, maybe not.  If your organization is still scrambling to comply with GDPR and still trying to get a handle on the data you’re managing and the flow of that data, here is a site with several templates to help you get started in that process.

The site Demplates has templates for all sorts of things, including SWOT analysis templates (we wrote about the benefits of a SWOT analysis here), Certificates of Appreciation for employees, even Pest Control Service Agreements.  A couple of months ago (on my birthday, no less), the site posted GDPR Data Mapping Template: 10+ Print-Ready Templates, with several useful templates to help organizations create data maps, data flow diagrams, GDPR Data Processing Notices, privacy policy and data protection policy statements, data protection impact assessments and data audits.  The template documents are in different formats, including Excel, Word and Visio.  Here are pictures of a couple of examples:

With the challenges these days stemming from the growth of big data, data mapping is not only a good organization practice to not only help get a handle on your organization’s big data, but also to document your organization’s handling of PII and compliance with GDPR on the handling of PII.  Tom O’Connor and I talked about the importance of data mapping in our webcast on GDPR back in February (you can check it out here).  Data mapping supports in compliance and adherence to critical GDPR factors such as:

  • Maintenance of the data lifecycle;
  • Documentation that records are kept in adherence to the rules of GDPR to submit to the regulatory and supervising authorities;
  • Maintaining Accountability of the data for the full data lifecycle;
  • Evidence for the organization that the data is protected in its full cycle.

If you’re still scrambling to comply with GDPR, perhaps one or more of these templates can help you document your compliance or help you discover one or more areas where you may be deficient in your compliance.

So, what do you think?  Is your organization still trying to comply with GDPR?  Does your organization have an organization data map?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Collecting Responsive ESI from Difficult Places: eDiscovery Webcasts

Happy June!  I don’t normally promote webcasts twice in one week, but this month’s webcast is a little earlier than normal.  What can I say, it’s family vacation season and my family has plans the last week of this month… :o)

Believe it or not, there was a time when collecting potentially responsive ESI from email systems for discovery was once considered overly burdensome. Now, it’s commonplace and much of it can be automated. But, that’s not where all of the responsive ESI resides today – much of it is on your mobile device, in social media platforms and even in Internet of Things (IoT) devices. Are you ignoring this potentially important data? Do you have to hire a forensics professional to collect this data or can you do much of it on your own?  We will discuss these and other questions in a webcast in a few weeks.

Wednesday, June 20th at noon CST (1:00pm EST, 10:00am PST), CloudNine will conduct the webcast Collecting Responsive ESI from Difficult Places. In this one-hour webcast that’s CLE-approved in selected states, we will discuss what lawyers need to know about the various sources of ESI today, examples of how those sources of data can be responsive to litigations and investigations, and how lawyers may be able to collect much of this data today using intuitive applications and simple approaches. Topics include:

  • Challenges from Various Sources of ESI Data
  • Ethical Duties and Rules for Understanding Technology
  • Key Case Law Related to Mobile Devices, Social Media and IoT
  • Options and Examples for Collecting from Mobile Devices
  • Options and Examples for Collecting from Social Media
  • Examples of IoT Devices and Collection Strategies
  • Recommendations for Addressing Collection Requirements
  • Resources for More Information

As always, I’ll be presenting the webcast, along with Tom O’Connor.  To register for it, click here.  Even if you can’t make it, go ahead and register to get a link to the slides and to the recording of the webcast (if you want to check it out later).  If you want to know how to collect electronically stored information from difficult places, this is the webcast for you!

So, what do you think?  Do you feel like you know when and how to collect ESI from mobile devices, social media and IoT devices?  If not, register for our webcast!  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.