Close
Enter your
text here

Criminal Law

Despite Estimate of 37 Years to Crack iPhone, Government Doesn’t Have to Return it – Yet: eDiscovery Case Law

Tired of stories about COVID-19?  So are we.  So, here’s an interesting case to take a look at instead.  :o)

In U.S. v. Morgan, No. 1:18-CR-00108 EAW (W.D.N.Y. March 6, 2020), New York District Judge Elizabeth A. Wolford denied the defendant’s Motion for Return of Property Under Federal Rule of Criminal Procedure 41(g), ruling that “[t]he government’s evidentiary interest in the [defendant’s] iPhone outweighs Defendant’s interest in its return, at least at this stage of the proceedings”.

Case Background

In this case involving a Superseding Indictment alleging conspiracy to commit wire fraud and bank fraud served on this defendant on May 21. 2019, a search warrant over a year earlier was issued for Morgan Management, LLC, which included search and seizure of “multiple servers, computers or storage media … including but not limited to … devices … associated with … Robert Morgan.”  Later the same month that the search warrant was issued, a 62-count indictment was returned against other defendants, but Robert Morgan was not initially named in the indictment.

Nonetheless, sometime in May of 2018, the government started to try to crack the defendant’s iPhone’s passcode, using a device called “GrayKey”, which uses “brute force” to try and access the iPhone, a process by which a computer program enters potential passcodes seriatim until the correct passcode is revealed.  A six-digit passcode yields 1,000,000 potential passcode combinations, but the iPhone’s hardware only allows two or three passcode attempts each hour.  Even though this defendant wasn’t charged until a year later, GrayKey’s “painstaking” efforts to unlock the iPhone continued, with “a mere 960,526 possible passcodes” remaining as of January 9, 2020.  As a result, on January 2, 2020, the defendant filed a Motion for Return of Property Under Federal Rule of Criminal Procedure 41(g).

While the government argued that it was the defendant’s burden to show that either the seizure was illegal or the government’s need for the device as evidence has ended, the defendant argued that regardless of the government’s stated need for the property, it was unreasonable for the government to continue its retention of the iPhone.

Judge’s Ruling

Judge Wolford noted that “Rule 41(g) allows ‘[a] person aggrieved by an unlawful search and seizure of property or by the deprivation of property [to] move for the property’s return…. If it grants the motion, the court must return the property to the movant, but may impose reasonable conditions to protect access to the property and its use in later proceedings.’”  But she also noted that “Defendant does not argue that the government’s continued possession of the iPhone and its efforts to access it constitute an untimely seizure. Instead, Defendant argues that his interest in his iPhone and the information contained therein exceeds the government’s interest in the device, and thus, the Court should order its return.”

With that in mind, after a review of the history of Rule 41(g), Judge Wolford stated: “Defendant argues that at its current pace, it may take the government 37 years to successfully unlock the iPhone. The Court agrees that anywhere close to 37 years is an unreasonable time to retain the iPhone. This does not mean, though, that the government should be compelled to return it now. The government suggests that if it is successful, the contents of the iPhone could still be used at trial, regardless of when the contents are eventually accessed. At this stage of the proceedings—with a trial not scheduled to commence until next year…the Court agrees that there is still plenty of time for the government to access the iPhone’s contents. In the context of the current motion, the Court will not resolve whether that may cease to be the case as the trial date approaches. Indeed, the question of specifically how long the government can retain the device is not before this Court. There may very well come a point where the government’s retention of the iPhone is unreasonable—and that may be a time when the government continues to maintain that it needs the iPhone as evidence—but that date has not yet occurred.”  As a result, Judge Wolford denied the defendant’s motion.

So, what do you think?  How long can the government be allowed to retain a device to attempt to crack the password in a criminal litigation case?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Here’s another interesting article about this case from David Horrigan of Relativity on Legaltech® News!

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Pennsylvania Supreme Court Rules that Forcing Provision of Computer Password Violates the Fifth Amendment: eDiscovery Case Law

In Commonwealth v. Davis, No. 56 MAP 2018 (Pa. Nov. 20, 2019), the Supreme Court of Pennsylvania, in a 4-3 ruling, overturned a lower-court order that required a criminal suspect to turn over a 64-character password to his computer, concluding that “compelling the disclosure of a password to a computer, that is, the act of production, is testimonial” and rejecting the Commonwealth’s argument that provision of the password was a foregone conclusion, finding that “the prohibition of application of the foregone conclusion rationale to areas of compulsion of one’s mental processes would be entirely consistent with” US Supreme Court decisions.

Case Background

In this case involving alleged child-pornography activities, agents of the Office of Attorney General (“OAG”) executed a search warrant at Appellant’s apartment based upon a video found to contain child pornography being shared via a peer-to-peer file-sharing network (eMule) from an IP address associated with the appellant.  At Appellant’s apartment, after the agents discovered a single computer, an HP Envy 700 desktop, which was encrypted with TrueCrypt, Appellant informed the agents that he lived alone, that he was the sole user of the computer, and that only he knew the password to his computer.  When the agent requested that Appellant provide him with the password to the computer, he responded: “It’s 64 characters and why would I give that to you? We both know what’s on there. It’s only going to hurt me. No f*cking way I’m going to give it to you.”  Appellant was charged with two counts of disseminating child pornography in violation of 18 Pa.C.S. § 6312(c), and two counts of criminal use of a communication facility in violation of 18 Pa.C.S. § 7512(a).

On December 17, 2015, the Commonwealth filed with the trial court a pre-trial motion to compel Appellant to divulge the password to his HP 700 computer. Appellant responded by invoking his right against self-incrimination.  The trial court focused on the question of whether the encryption was testimonial in nature, and, thus, protected by the Fifth Amendment.  Applying the foregone conclusion exception, the trial court determined that the information the Commonwealth sought from Appellant was a foregone conclusion, in that the facts to be conveyed by Appellant’s act of production of his password already were known to the government. As, according to the trial court, Appellant’s revealing his password would not provide the Commonwealth with any new evidence, and would simply be an act that permitted the Commonwealth to retrieve what was already known to them, the foregone conclusion exception was satisfied.  A three-judge panel of the Superior Court later affirmed that ruling, leading to appeal to the Pennsylvania Supreme Court.

Judge’s Ruling

In the majority opinion written by Justice Debra Todd, she wrote:

“Based upon these cases rendered by the United States Supreme Court regarding the scope of the Fifth Amendment, we conclude that compelling the disclosure of a password to a computer, that is, the act of production, is testimonial. Distilled to its essence, the revealing of a computer password is a verbal communication, not merely a physical act that would be nontestimonial in nature. There is no physical manifestation of a password, unlike a handwriting sample, blood draw, or a voice exemplar. As a passcode is necessarily memorized, one cannot reveal a passcode without revealing the contents of one’s mind. Indeed, a password to a computer is, by its nature, intentionally personalized and so unique as to accomplish its intended purpose — keeping information contained therein confidential and insulated from discovery. Here, under United States Supreme Court precedent, we find that the Commonwealth is seeking the electronic equivalent to a combination to a wall safe — the passcode to unlock Appellant’s computer. The Commonwealth is seeking the password, not as an end, but as a pathway to the files being withheld. As such, the compelled production of the computer’s password demands the recall of the contents of Appellant’s mind, and the act of production carries with it the implied factual assertions that will be used to incriminate him. Thus, we hold that compelling Appellant to reveal a password to a computer is testimonial in nature.”

Judge Todd also, after commenting on several US Supreme Court rulings, stated “the prohibition of application of the foregone conclusion rationale to areas of compulsion of one’s mental processes would be entirely consistent with the Supreme Court decisions, surveyed above, which uniformly protect information arrived at as a result of using one’s mind. To broadly read the foregone conclusion rationale otherwise would be to undercut these pronouncements by the high Court.”

Judge Max Baer offered the dissenting opinion, stating: “In my opinion, the compulsion of Appellant’s password is an act of production, requiring him to produce a piece of evidence similar to the act of production requiring one to produce a business or financial document”.  He also stated: “Under the majority’s reasoning, the compelled production of documents would be tantamount to placing the defendant on the stand and requiring him to testify as to the location of the documents sought. The mere fact that Appellant is required to think in order to complete the act of production, in my view, does not immunize that act of production from the foregone conclusion rationale.”

Nonetheless, by a 4-3 vote, the Pennsylvania Supreme Court reversed the order of the Superior Court and remanded the matter to the Superior Court, for remand to the trial court, for proceedings consistent with the majority Opinion.

Here’s a case from earlier this year with a different result.

So, what do you think?  Should defendants be ordered to provide their passcodes, even if it leads to incriminating evidence against them?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Happy Thanksgiving!

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Grants Motion to Compel in Elizabeth Holmes Theranos Criminal Case: eDiscovery Case Law

In United States v. Holmes, et al, No. 5:18-cr-00258-EJD-1 (N.D. Cal. Nov. 5, 2019), California District Court Judge Edward J. Davila granted the defendants’ motion to compel federal prosecutors to produce material responsive to six requests from the Food and Drug Administration (FDA) and the Centers for Medicare and Medicaid Services (CMS), disagreeing with the prosecution’s contention that it could not be compelled to produce documents from under Rule 16 because it lacked access to them.

Case Background

In this criminal case regarding charges of wire fraud and conspiracy to commit wire fraud against key officers of the now defunct company Theranos, on April 15, 2019, defendant Holmes (later joined by defendant Balwani) moved to compel federal prosecutors to produce material responsive to six requests from FDA and CMS.  In addition, the defendants raised concerns about the Agencies’ preservation efforts, the failure of FDA to run certain search terms and failure of the Agencies to complete production by either an original deadline of October 2 or an extended deadline of October 25.

Judge’s Ruling

Noting that Rule 16 “grants criminal defendants a broad right to discovery”, Judge Davila stated: “The Prosecution does not oppose Defendants obtaining the sought-after documents, but it argues that it cannot be compelled to produce the documents under Rule 16 because it lacks access…The court disagrees. Even though the Agencies are not part of DOJ, the Prosecution’s involvement with the Agencies’ discovery efforts reveals a relationship that includes significant access, communication and assistance, such as CMS’s use of DOJ’s Litigation Technology Service Center. This cooperative relationship moves the Prosecution closer to privity of knowledge and control of the information sought. The Prosecution’s access to the requested documents is further shown through its dealings with the Agencies prior to the filing of this motion.”  As a result, Judge Davila “order[ed] the Prosecution to produce the documents discussed below as part of their Rule 16 obligation, and to assist the Agencies however possible to ensure the timely production of documents.”

Turning to the alleged deficiencies in the Agencies’ productions, Judge Davila noted, among other concerns, that “Defendants contend that over 1000 emails from a single witness have been produced as fragmentary documents—i.e, that the produced emails omit portions of the original email, such as the “to,” or “from,” or the body fields… Defendants also contend that CMS and FDA have failed to produce some hardcopy documents.”  As a result, Judge Davila “order[ed] that the Agencies shall continue their investigations of these issues and shall disclose the procedures and results of their investigations to the parties no later than November 26, 2019.”

Judge Davila also ordered FDA to “run searches of all of its custodians’ documents using the following terms: ‘LDT’, ‘Laboratory Developed Test’, ‘Theranos’, ‘fingerstick’ or ‘finger stick’, and ‘nanotainer’” and “produce any responsive documents returned by these searches” to address search term concerns expressed by the defendants.  With regard to the missed production deadlines, Judge Davila “order[ed] the Agencies and the Prosecution to complete the production of documents by December 31, 2019.”

Finally, Judge Davila “order[ed] the Agencies, the Prosecution, and Defendants to meet and confer on the above issues, and other discovery related matters” to include “(a) whether the Agencies have or will produce employee text messages, (b) any deficiencies in FDA’s production that are attributable to FDA’s instruction to employees to manually search for responsive documents instead of forensically searching for, collecting, and reviewing documents, (c) the terms the Agencies use to search for and collect potentially responsive documents, and (d) FDA’s redactions to documents and withholding of duplicate documents.”  Judge Davila also set a further status conference for January 13, 2020.

So, what do you think?  Was the judge correct to order the prosecution to produce documents from other agencies?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Time for Another Murder (Possibly) Witnessed by Alexa: eDiscovery Trends

It’s been a while since we covered a good murder case with Internet of Things (IoT) implications.  Here’s a new case in Florida where police have submitted a search warrant to Amazon for recordings from an Echo device in a household where a man was charged with killing his partner with a spear(!).

In People (After Fla. Woman Is Impaled by a Spear, Police Seek Clues From Amazon Alexa Recordings, written by KC Baker), the author reports that Florida police are trying to find out what – if anything – the voice-controlled Amazon Echo Dot smart speakers (commonly known as “Alexa”) heard on July 12 when a Hallandale Beach woman died during a fight with her boyfriend. The incident left her impaled by a spear and him charged with murder, the South Florida SunSentinel reports.

Silvia Galva, 32, and Adam Reechard Crespo, 43, who is reportedly either her boyfriend or husband, were allegedly fighting in their condo after a night out. Crespo told police he was trying to pull Galva off the bed when she grabbed a spear that snapped and pierced her chest as he continued to pull her up.  Crespo then told police he pulled the blade out of the victim’s chest, hoping it was “not too bad,” the Sun Sentinel reports.

The defendant’s actions, the police report goes on to say, “caused the victim to grab the spear to keep herself on the bed. The force used by the defendant to remove the victim cause the shaft to break and in an unknown way caused the blade to pierce the victim which caused the loss of life.”

Crespo was arrested and charged with murder without premeditation, the SunSentinel reports.

In August, Hallandale Beach Police obtained a search warrant for the recordings on two of the Amazon voice assistants that were in the apartment where Galva was killed, the Sun Sentinel reports.

The search warrant, later obtained by CBS Miami, says “It is believed that the evidence of crimes — audio recordings capturing the attack on victim Silvia Crespo…and any events that preceded or succeeded the attack — may be found on the server(s) maintained by or for Amazon.com for all recordings made by the aforementioned Echo smart speakers.”

Amazon turned over recordings to the authorities, who are analyzing the data, Hallandale Beach Police Department spokesman Sgt. Pedro Abut told the SunSentinel.

“It is believed that evidence of crimes, audio recordings capturing the attack on victim Silvia Crespo that occurred in the main bedroom … may be found on the server maintained by or for Amazon,” police wrote in their probable cause statement seeking the warrant, the SunSentinel reports.  Still, it’s unclear how much information the recordings will yield since the Echo supposedly only records when users utter the word “Alexa” or a “wake” word of their choice and don’t usually record entire conversations, according to an Amazon spokesperson.

Crespo’s attorney, Christopher O’Toole, told PEOPLE he feels the recordings can only bolster the case of his client, who he says is innocent.

We’ve certainly seen other murder cases that involve Amazon Echo recordings potentially having data, including this one and this one.  And, we’ve also seen murder cases involving other IoT devices as well, including these this one and this one involving Fitbit devices.  It’s tougher than ever to get away with murder these days!

So, what do you think?  Are you aware of any civil cases where IoT devices came into play?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Cell Phone Geolocation Evidence May Be Off the Mark (At Least in Denmark): eDiscovery Trends

If you watch Dateline, 20/20, 48 Hours or any other news program that covers notable crime stories, one trend has become more and more common – the use of cell phone/mobile device geolocation data to put alleged criminals at the scene of the crime (or at least very close to it).  We consider these devices – and the geolocation data obtained from them – to be highly accurate and important evidence in obtaining convictions for guilty parties or exonerating innocent ones.  Maybe we shouldn’t.

According the The Guardian (Denmark frees 32 inmates over flaws in phone geolocation evidence, written by Jon Henley), Denmark has released 32 prisoners as part of an ongoing review of 10,700 criminal cases after serious questions arose about the reliability of geolocation data obtained from mobile phone operators.

In addition, nearly 40 new cases have been postponed under a two-month moratorium on the use of mobile phone records in trials, which was imposed after police found multiple glitches in the software that converts raw data from phone masts into usable evidence.

Among the errors police have discovered is a tendency for the system to omit some data during the conversion process, meaning only selected calls are registered and the picture of the phone’s location is materially incomplete.

The system has also linked phones to the wrong masts, connected them to several towers at once, sometimes hundreds of kilometres apart, recorded the origins of text messages incorrectly and got the location of specific towers wrong.

Taken together, the problems meant not just that innocent people could potentially have been placed at crime scenes but that criminals could have been wrongly excluded from inquiries, said Jan Reckendorff, Denmark’s director of public prosecutions, who said “This is a very, very serious issue.  We simply cannot live with the idea that information that isn’t accurate could send people to prison.”  Announcing the case review and moratorium late last month, Reckendorff conceded it was a “drastic decision, but necessary in a state of law”.

There are no statistics on how many court cases in Denmark are decided on the basis of mobile phone data, but it is often used to corroborate other evidence and, although not considered as reliable as DNA, has previously been seen as highly accurate.

Isolated incidences of clearly inaccurate mobile data have occurred in the past in the US and South Africa, but this is the first time it has been questioned by a national justice system. Three years ago, a Kansas family sued a digital mapping company after being visited “countless times” by police and others.

I certainly experienced how inaccurate geolocation data tracking can be sometimes when I was in Italy the past couple of weeks.  Trying to use Google maps over there to help direct you to a location can be challenging as the application frequently reported inaccurate locations for where we were when trying to provide directions.

So, what do you think?  Are you concerned about the accuracy of geolocation data in the US?   Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Relying on Interpretation of the SCA, Appeals Court Reverses Subpoenas Against Facebook: eDiscovery Case Law

In Facebook, Inc. v. Wint, No. 18-CO-958 (D.C. App. Jan. 3, 2019), the District of Columbia Court of Appeals, stating that “[t]he plain text of the SCA (Stored Communications Act) thus appears to foreclose Facebook from complying with Mr. Wint’s subpoenas”, concluded that the appellee “has not established the existence of a serious constitutional doubt that could warrant application of the doctrine of avoidance” reversing the trial court’s order holding Facebook in civil contempt for refusing to comply with subpoenas served by appellee Daron Wint.

Case Background

The appellee was charged with murder in D.C. Superior Court. Before trial, he filed an ex parte motion asking the trial court to authorize defense counsel to serve subpoenas duces tecum on Facebook and a Facebook subsidiary for records, including the contents of communications, relating to certain accounts. Facebook objected, arguing that the SCA prohibits Facebook from disclosing such information in response to a criminal defendant’s subpoena. The trial court approved the subpoena request and held Facebook in civil contempt for failing to comply.

The case was argued back before the appellate court back in October 2018.

Appeals Court Ruling

In the appellate court opinion issued by Associate Judge McLeese, he noted that “In the trial court, Mr. Wint argued that if the SCA were interpreted to preclude Facebook from complying with the subpoenas at issue, then the SCA would be unconstitutional. Mr. Wint has not renewed that argument in this court, however, and that argument therefore is not before us. Rather, Mr. Wint has argued in this court only that the SCA is properly interpreted to permit Facebook to comply.”  He also noted this:

“The SCA broadly prohibits providers from disclosing the contents of covered communications, stating that providers “shall not knowingly divulge to any person or entity the contents” of covered communications, except as provided…The SCA contains nine enumerated exceptions to this prohibition…Mr. Wint does not rely on any of those exceptions, and none of them applies in the present case. The plain text of the SCA thus appears to foreclose Facebook from complying with Mr. Wint’s subpoenas.  The structure of the SCA points to the same conclusion.”

The opinion also noted that Section 2702 (Voluntary disclosure of customer communications or records) and Section 2703 (Required disclosure of customer communications or records) of the SCA “appear to comprehensively address the circumstances in which providers may disclose covered communications. Those circumstances do not include complying with criminal defendants’ subpoenas.”  The opinion also noted that “Authority from other jurisdictions also favors a plain-language reading of the SCA. As far as we have determined, every court to consider the issue has concluded that the SCA’s general prohibition on disclosure of the contents of covered communications applies to criminal defendants’ subpoenas.”

The appellee pushed for an alternative interpretation of § 2702, which addressed only the circumstances in which providers may voluntarily disclose covered communications and did not address compliance with court-ordered disclosures, such as subpoenas. In support of this interpretation, the appellee relied on six principal contentions, which were discussed in detail in the opinion. However, the opinion stated:

“Although some of Mr. Wint’s contentions have some force, on balance we are not persuaded by Mr. Wint’s argument.”

As a result, the appellate court reversed the trial court’s order holding Facebook in civil contempt for refusing to comply with subpoenas served by the appellee.

So, what do you think?  Does the SCA, which has been in effect for over thirty years, adequately the rights to request data from providers in 2019?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Sides with Defendants in Subpoena of Police Department Records of Unsolved Murder: eDiscovery Case Law

This case combines civil and criminal concerns, so it’s a great case to lead off the new year!

In Farmers New World Life Ins. Co. v. Atchison, No. CIV-17-1254-D (W.D. Okla. Dec. 17, 2018), Oklahoma District Judge Timothy D. DiGiusti granted the “Children” defendants’ Motion to Compel against non-party City of Oklahoma City Police Department (“OCPD”) to comply with the Children’s subpoena of records related to the murder of their father in a civil case with the insurance company.

Case Background

In an interpleader action arising from the murder of the father of minor Defendants (“Children”), one of the other defendants was the named beneficiary on an insurance policy provided by the plaintiff, but was also the primary suspect in the murder of the Children defendants’ father.  The plaintiff filed the action seeking interpleader relief on the basis of Oklahoma’s “slayer statute,” and the “Children” became aware of the action and the insurance policy in February 2018 when they were served with summons. The Children submitted a request to the OCPD, but OCPD denied the request.  The “Children” then issued a subpoena to defendant City of Oklahoma City requesting records related to the murder.

The City of Oklahoma City objected to the subpoena on behalf of OCPD stating that the criminal investigation into the death was ongoing and that the release of the requested reports might interfere with the investigation (where no charges had been filed).  In response, the “Children” filed a Motion to Compel seeking compliance with the subpoena or, in the alternative, an in-camera inspection of the investigative file.  The City of Oklahoma City opposed the motion on privilege grounds, but indicated they would agree to an in camera inspection with counsel for the “Children” during the review but objected to the presence of counsel for the defendant suspected of murder; in turn, that defendant objected to an ex parte in-camera inspection or any production of discovery that is not likewise provided to her.

Judge’s Ruling

Judge DiGiusti cited United States v. Winner in stating “To assert the law enforcement evidentiary privilege, the responsible official in the department must lodge a formal claim of privilege, after actual personal consideration, specifying with particularity the information for which protection is sought, and explain why the information falls within the scope of the privilege.”  Given that the “Children” asserted that OCPD failed to comply with these requirements, Judge DiGiusti said:

“The Court agrees with the Children. The only objections received on behalf of OCPD are an email from an individual of unidentified position in the Oklahoma City government and a letter from a municipal counselor…OCPD presents no formal claim from any responsible official within the department indicating “personal consideration” and “specifying with particularity the information for which protection is sought.” Instead, the City presents only the affidavit and search warrant along with a general objection that producing the requested information falls under the privilege because it will harm the ongoing investigation. Such a broad explanation does not comply with the requirements of Winner.”

Noting that the victim was “murdered nearly two years ago, no charges have been filed, and no arrest made” and that the affidavit informed the suspected defendant “of the theory of the case against her, the types of evidence in possession of OCPD at the time of the affidavit, as well as the evidence sought through the search warrant”, Judge DiGiusti found that “OCPD has failed to establish with particularity how production would harm the ongoing murder investigation.”  Finding that “the Children have made a compelling argument that the investigative material is relevant and necessary to their case aimed at preventing Defendant Keisha Jones from recovering a life insurance policy on the basis of her alleged involvement in Mr. Atchison’s murder”, Judge DiGiusti ordered OCPD to produce “all materials responsive to the Children’s subpoena” to the chambers of the undersigned judge within thirty days.

So, what do you think?  Should the judge have allowed those materials to be produced, even for an in camera review?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Judge Says “Alexa, Please Testify in a Double Murder Case”: eDiscovery Trends

The occurrence of Internet of Things (IoT) devices in criminal cases is becoming more and more frequent.  Just last month, we covered a case where data from a Fitbit led to the arrest of a murder suspect (we covered another case like it last year as well).  Now, an Amazon Echo may have key evidence in a double murder committed last year.

According to Time (Judge Says Amazon Must Hand Over Echo Recordings in Stabbing Case, written by George Steer), a judge in New Hampshire has requested that Amazon hand over audio recordings from an Echo device present in a house where two women were found dead.

Timothy Verrill is accused of murdering 48-year-old Christine Sullivan and 32-year-old Jenna Pellegrini at a Farmington home in January 2017. Their bodies were found underneath a porch on the property with multiple stab wounds. Mr. Verrill pleaded not guilty the following month.

But prosecutors believe that there could be corroborating evidence recorded by an Amazon Echo device which was inside the house.

A ruling was handed down by Justice Steven M. Houran on Friday.

“The court directs Amazon.com to produce forthwith to the court any recordings made by an Echo smart speaker with Alexa voice command capability … as well as any information identifying cellular devices that were paired to that smart speaker during that time period,” the statement read.

A spokesperson for Amazon told the Associated Press Friday that the company would not be handing over any data “without a valid and binding legal demand served on us”.

In a similar case in March 2017 (which we covered here), Amazon agreed to hand over data from an Echo device that may have been privy to another murder — but only after the defendant consented to handing over the recordings (the charges were eventually dropped in that case).

Amazon’s lawyers had previously sought to quash the request on the grounds that it violated customer privacy.  That’s the battle these days, apparently — privacy vs. information.  They continue to be on a collision course which will lead to many more disputes, I suspect.

So, what do you think?  Will IoT devices be the “witnesses” of the future?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

IoT Devices Lead to Suspect’s Arrest for Murder: eDiscovery Trends

Honestly, I don’t know why anyone would consider committing a violent crime these days.  There’s the use of ever-improving DNA technology that leads to the arrest of scores of alleged offenders each year – even if you’re not in the Combined DNA Index System (CODIS) database, you can still be identified as a suspect through your relatives via genealogy databases, as we’ve recently seen in the case of the Golden State Killer.  And, if your DNA doesn’t get you, an Internet of Things (IoT) device may, as evidenced in this case.

As reported by CNET (Murder victim’s Fitbit data leads to alleged killer’s arrest, written by Steven Musil), Karen Navarra’s Fitbit recorded a rapid rise in her heart rate before a sudden drop-off to nothing, offering San Jose police a clearer time frame of her death on Sept. 8, the San Francisco Chronicle reported Friday. 90-year-old Tony Aiello was arrested last month in connection with his 67-year-old stepdaughter’s death.

Investigators noticed Navarra was wearing a Fitbit and they turned to the company for any possible clues the device could provide. Police learned that Navarra’s heart rate spiked at 3:20 p.m. and stopped registering a heartbeat eight minutes later, the Chronicle reported.

Although Aiello has reportedly denied killing Navarra, nearby cameras captured images of Aiello’s car parked at Navarra’s home on Sept. 8 at the same time her Fitbit showed her heartbeat rapidly falling and stopping, the newspaper reported.

Of course, those “nearby cameras” could themselves be IoT devices (Ring doorbell, anybody?).  And, we covered a different case last year regarding the Fitbit of a murder victim that helped disprove her husband’s story regarding an “intruder” that he said shot her to death – that evidence helped lead to his arrest for her murder.  In another case covered on 48 Hours recently, a Wisconsin man’s Fitbit exonerated him of his girlfriend’s 2016 murder when it showed his movements during the time police say her body was dumped in a field.  Needless to say, IoT devices are becoming more and more prominent in criminal investigations and discovery.

Changing gears here, Rob Robinson, through his terrific Complex Discovery site, is certainly the king of compilations and analysis regarding eDiscovery trends and his latest analysis involves “an aggregation of results from fourteen surveys from leading ALM magazines ranging from Corporate Counsel to Texas Lawyer administered to online audiences and published as special supplements between November 2017 and October 2018.”  Rob took the sixteen eDiscovery-centric survey categories represented in the fourteen surveys and tracked all of the providers who received at least one vote as a top three provider (101 providers in all).

Twenty-five of those providers was voted a top three provider at least six times across the fourteen surveys and Rob has ranked them by the number of times they received a top three vote.  So, which provider was voted a top three provider the most times by participants in the fourteen ALM surveys?  Click here to find out.  :o)

So, what do you think?  Have you had a case that involved evidence from an IoT device?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Tinder Date Murder Case Highlights the Increasing Complexity of eDiscovery in Criminal Investigations: eDiscovery Trends

With things like social media, electronic purchases, GPS tracking, and the Internet of Things, a normal day in anyone’s life creates an in-depth data trail. So, it’s no surprise that more and more, electronic evidence plays a key component in criminal investigations. While eDiscovery technology is mostly used in the civil courts, namely because corporate and government organizations have more resources than municipal, county, and even state law enforcement agencies to conduct reviews of large data-sets, it’s still worthwhile to look at the varied ways electronically stored information (ESI) is used to help detectives piece together a chain of events in order to solve a crime.

In an article published in The Daily Beast this week, we find the seemingly mismatched couple, 51-year-old Aubrey Trail and 24-year-old Bailey Boswell, charged with the murder of a 24-year-old Nebraska woman, Sydney Loofe. The story echoes the Starkweather / Fugate crime spree throughout the same region 60 years ago, only this time digital evidence led investigators to the perpetrators.

Trail and Boswell were arrested as part of a gold coin theft racket in November, but after further investigation, are now charged with Loofe’s murder, who was last seen November 15th before going on a Tinder date with Boswell. Police found the remains of Loofe’s body in a field a few weeks later, and in the months that followed, used a wide variety of ESI, along with traditional forensics, to link Trail and Boswell to the murder. The list of evidence pieced together is remarkable from an eDiscovery point of view:

  • Tinder Profiles: 140 messages between Loofe and Boswell in the days before November 15th were pulled from their online dating profiles. The last was on Nov. 15 at 6:54 p.m., when Boswell said she’d arrived at Loofe’s apartment. Police also found that Boswell went by “Audrey” on her online-dating profile.
  • Snapchat Photo: Loofe sent a selfie to a friend via Snapchat on November 15th with the caption, “Ready for my date.”
  • Facebook Videos: Trail and Boswell both posted Facebook videos claiming innocence while police were looking for them. In one, Boswell said she was “Audrey on Tinder and a few other names because I have warrants.”
  • iPhone Reset: After her arrest, Boswell gave investigators permission to search her iPhone 7, which they found had been reset to factory default settings on November 17.
  • Cellphone Pings/GPS Locations: Loofe’s phone last pinged a cell tower near Wilber, where Boswell and Trail lived in a basement apartment. When detectives searched that residence, the landlord, who lived upstairs, “reported a strong odor of bleach coming from the basement.” Data from Boswell’s phone showed its location was “in close proximity to the area where the remains were discovered Dec. 16th.”
  • Security Video Footage: Security footage from a local Home Depot showed Trail and Boswell on Nov. 15 around 10:35 a.m., shopping for tools and supplies that could be used to cover up the crime.
  • Phone Calls from Jail: In two different phone calls, one to the Lincoln Journal Star and the other to the Omaha World-Herald, Trail gave different accounts, claiming he unintentionally killed Loofe in a sex game gone wrong.

All of this led to a confession from Trail, stating that he had killed Loofe, and then he and Boswell covered up the crime scene and disposed of the body.

Using electronic evidence to solve crimes is nothing new, but now more than ever, the digital footprint that individuals and organizations leave is staggering in its depth and variance. At the same time, it’s amazing how skilled investigators are using the raw data left behind in order to put together cases in both the criminal and civil courts. The common denominator with both then becomes the ability to preserve, collect, and review this data in a timely and affordable fashion, in order to get the facts as quickly and efficiently as possible.

So, what do you think?  How do you see the influx of new data sources affecting your eDiscovery practices and policies in the future?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

  • 1
  • 2