Discovery Advocate

Discovery Advocate

News, Developments and Practical Advice on eDiscovery in the trenches of Litigation

Dear Mr. Snowden: Is it reasonable to expect my attorney-client communications are confidential?

Posted in E-Discovery Rules, Privacy

Last month, Edward Snowden provided the press a document describing “how Australian intelligence conducted surveillance of trade talks between Indonesia and the United States and, in the process, monitored communications between Indonesian officials and an American law firm retained by Indonesia for help with the trade dispute.”

Web-based email service providers may use automated processes to review email you send and receive.  This may be done to look for spelling errors and spam.  But it also may be done to target advertising based on the content of the email.

The terms of service of some cloud providers give the provider the right to access the content of material you create or store for purposes ranging from technical support to refining the cloud services they provide.

In this new digital world, is it reasonable to expect that a communication between client and lawyer for the purpose of obtaining legal advice is confidential (and, therefore, privileged)?  The attorney-client privilege faces new tests with the advent of “the cloud” and other digital innovations.  This was one of the topics covered in the Association of Certified E-Discovery Specialists’ program, “Inviting Scrutiny:  The Impact of Digital Age Innovations on the Attorney-Client Privilege,” in which I participated with U.S. Magistrate Judge James Francis (SDNY) and Phil Favro of Recommind.

Continue Reading

Isn’t E-Discovery Hard Enough Without the Internet of Things?

Posted in E-Discovery Rules, Privacy

This week, after a seemingly endless year of construction, my family and I moved into our new, energy-efficient home.  As I was in the kitchen unpacking, my daughter cried out, somewhat dramatically, “Mama, come here …. The thermostat is watching me…”  Whereupon she proceeded to demonstrate this by waiting until the thermostat went dark and then walking toward it, causing it to awaken.  Being a seasoned privacy and e-discovery lawyer, I responded with equal drama, “Of course dear … We are living in the age of the Internet of Things.”  She was unimpressed with my knowledge.  But it did get me to thinking.  Isn’t e-discovery hard enough without worrying about the Internet of Things (“IoT”)?

The IoT seems to have popped up everywhere around us.  Bob Gohn at Navigant has a great background piece on the IoT as well as a piece on the types of devices that make up the IoT and the security risks they create.  But in layman’s terms, the IoT refers to all the devices that collect data through the use of sensors and connect to the internet that are not traditionally thought of as computing devices.  It is exemplified not just by my nifty thermostat, but also by the FitBit, Google Glass, and even that smart parking meter that tells the meter reader when to come give you a ticket.   The IoT is so pervasive in fact that the term is used interchangeably with the term the “Internet of Everything” and is expected to eclipse the market for traditional computing devices.

Certainly privacy and data security issues related to the IoT are legion.  Given the ubiquity of the IoT, there is little doubt that it is only a matter of time until issues over devices that make up the IoT arise in regulatory enforcement proceedings and litigation.  In fact, late last year, the FTC announced that it had its eye on the consumer risks presented by the IoT by filing a seven-page complaint against TRENDnet, a company that sells internet-connected cameras.  The FTC complaint, which was settled just a few weeks ago by consent order, alleged that TRENDnet’s practices failed to provide reasonable security “to prevent unauthorized access to sensitive information, namely the live feeds from the IP cameras.”   And just in case this enforcement activity wasn’t enough of a signal of its interest in the IoT, the FTC presented a workshop on the IoT, Internet of Things – Privacy and Security in a Connected World, late last year as well.

Continue Reading

Human or Technology Assisted: Imperfect Review Can Still be Defensible (SDNY)

Posted in E-Discovery Rules

It’s a common refrain that, while courts have allowed the use of technology assisted review, no court has yet blessed the outcome of an imperfect technology assisted review process over the objection of another party.  But dicta in Judge Denise Cote’s recent decision in FHFA v. HSBC North America Holdings Inc. (SDNY) (“HSBC“) gets darn close.

HSBC is one of a number of actions brought by the Federal Housing Finance Agency against financial institutions involved in the packaging, marketing and sale of residential mortgage-backed securities purchased by Fannie Mae and Freddie Mac. Judge Cote’s recent decision denied a request to reconsider her January 8th order barring the parties from using documents produced in separate litigation ongoing in California—the Countrywide litigation—unless those documents had also been produced in the New York action.

Among other things, Defendants sought to use a document produced in Countrywide to show that the productions in the New York litigation were incomplete.  The Court rejected this argument in large part because it concluded diligence and good faith is required in responding to discovery requests, but perfection is not. Continue Reading

What? The Rules Committee Hearings Don’t Have A Hashtag?

Posted in E-Discovery Advocacy and Management, E-Discovery Vendor, Information Governance, LegalTech, Uncategorized

This post is a joint submission with BakerHostetler Data Privacy Monitor blog.

On a snowy Sixth Avenue this week, thousands of people packed the New York Hilton Midtown for the sensory overload that is LegalTech New York (#LTNY), the annual E-Discovery, privacy, and information governance bash.

And today, just hours after the massive conference closed, the E-Discovery conversation moves to Dallas for the third (and last) Advisory Committee for the Civil Rules hearing, at which the discussion will focus on whether to reinforce the proportionality provisions adopted eight years ago, and whether and how to clarify preservation obligations and the sanctions that attach to imperfect preservation.

But more on what happens in Dallas next week.

As a conference, LegalTech focused on many different aspects of technology’s intersection with the practice of law, but overarching it all was the specter of digital information—particularly, the safe management of client information (whether it be at the client, at the law firm, or in the “cloud”) and the provision and subsequent use of that information in the practice of law generally and in the context of litigation and related E-Discovery specifically.

Continue Reading

Information Governance – The importance of putting your data house in order

Posted in Information Governance, Privacy

This blog post is a joint submission with BakerHostetler’s Data Privacy Monitor blog.

Information is the lifeblood of businesses today. As the volume of data continues to grow exponentially, intelligent governance of information is essential for enterprises to survive and thrive. Data security concerns, privacy, compliance requirements and the costs of ediscovery all militate toward implementation of policies and procedures to effectively and efficiently manage information. In addition, the ability to utilize analytics and mine valuable information from large data sets has transformed data into an essential business intelligence resource. Amazon, for example, is well known for its success in using its own data to target advertising to customers based on their past purchases and purchases of similar customers, and to improve customer service operations.

But what is Information Governance? Information Governance establishes a consistent and logical framework for employees to handle data. It should create a high-level policy focused on enterprise-wide strategic and business goals. The process of developing an Information Governance policy should include all relevant stakeholders and take into account the enterprise’s organization and culture, legal/regulatory concerns, business operations, and technology. The policy must address the enterprise’s particular data challenges, such as retention of personal health information or managing streaming data from social media.

While recognizing the inherent value in some of the information being created and collected, an Information Governance policy must recognize that most data likely has no business value. Development and implementation of a solid defensible deletion plan therefore is a crucial component of Information Governance. Keeping everything simply doesn’t make sense, but deletion must be guided by legal considerations, such as the effect of legal holds, regulatory and compliance requirements and business concerns. In light of these high-stake considerations, the cost of keeping too or deleting too much information cannot be ignored.

The Information Governance policy also must address how retained information is managed. Redundancies should be eliminated as much as possible, and classification and organizational systems should be devised so that information can be easily and quickly retrieved.

It is essential for modern enterprises to get their data house in order to reduce costs and liabilities while also exploiting the benefits information now offers. Implementation of a solid Information Governance plan should be a high priority for all enterprises looking to thrive and succeed in today’s big data environment.

E-Discovery in 2013 – Waiting for Godot, Closing Kimonos, and Your World Doesn’t Just Seem Bigger

Posted in E-Discovery Advocacy and Management, E-Discovery Rules, Privacy

In some respects, 2013 seemed like a conversation between Vladimir and Estragon.  Some commentators likened it to a simple, unified message that finally had E-Discovery practitioners, litigators in general, and affected clients speaking the same language; others feared that a continuation of the status quo meant simply that another year had passed without addressing the significant concerns associated with the over-preservation of data and the lack of judicial consistency.

Info Keeps on Growing

The truth, as was often the case, was somewhere in between. Certainly, more than “nothing” happened: by the end of 2013’s 525,600 minutes, 63 million additional people had joined LinkedIn (at a rate of two-per-second), 42% of whom regularly update their profiles; a comparatively paltry 25,228,800 hours of video was uploaded to YouTube; and an additional 3 billion web pages were created.  And we cannot forget the users (and bots) who combined to send 52 trillion pieces of email. All of this contributed to an overall growth of enterprise-data by an astounding 40 to 60% over the course of 2013 (with an expected annual increase of 4,300% by 2020), which magnifies the importance of preservation and disposition decisions (or the lack thereof) – which is not to say no cases were decided in 2013, however.

There are Limits to your Search

The concerns about over-preservation and judicial consistency made some small strides in this rapidly increasing area of information storage, as courts continued to catch up with the practices followed several years ago. On one hand, absent a showing of relevance, courts will not always order discovery of social media in the context of “fishing expedition[s],” may decline to compel responses to “ultra-broad” requests and may uphold reasonable, proportional limits to the scope of discovery. In fact, a court might decline to sanction the routine deletion of text messages.On the other, the deletion of a Facebook account earned an adverse inference instruction, and auto-delete sanctions will continue into the foreseeable future. As far as case law trends in general go, e-discovery opinions were fairly evenly distributed across categories dealing with costs, preservation & spoliation, procedural issues, production, and sanctions.

Continue Reading

Something Wicked This Way Comes – Dark and Dusty Data and the Risk Your Organization Already Owns

Posted in E-Discovery Rules, Ethics

This blog post is a joint submission with BakerHostetler’s Data Privacy Monitor blog.

During the final panel of Thomson Reuters17th Annual eDiscovery & Information Governance in Practice Forum, Thomas Barnett, Ignatius Grande, and Sandra Rampersaud led a lively discussion on Managing Big Data, Dark Data, and Risk.  And while the exchange incorporated Information Governance 101 principles such as the explosion of Social Media and the corresponding growth of new data year-over-year, an additional set of concerns was raised about “dusty” and “dark” data—data unknown to many organizations, and unmanaged by many more.

Dusty and Dark Data

Dusty data is data the organization – or someone within it – kind of knows about, but is still cloaked with mystery and obscured by time.  Dark data is data organizations keep unknowingly, entirely lurking within the shadows.  Put more simply, dusty data is the “known unknown;” dark data is the “unknown unknown.” But while there has at least been some scholarship done on dark data as a concept, dusty data has received a lot less press.  Both are important, and both present risk; however, they present different risk, and should be treated differently.

You need both Responsibility and Authority to Drive Change?

The panel had limited time, and chose to consolidate both dusty and dark data into a single set of information when providing a framework for a pragmatic approach to a solution that would identify, classify, and manage the data within the context of information governance and legal holds.  Their proposal, while complicated in practice, would rely on a clear mandate from a decision maker/stakeholder who would empower someone within the organization with both the responsibility to undertake the project, and the authority to implement change (e.g., assign resources and, perhaps most importantly, spend money where necessary). Continue Reading

Bring Your Geek to the Supreme Court Day Cancelled for Lack of Interest

Posted in Predictive Coding, TAR

Magistrate Judge Andrew J. Peck has observed that judicial understanding and resolution of ediscovery disputes can benefit from “bring your geek to court day” — where those knowledgeable about ESI issues in a case participate in court conferences.   As we predicted, the Supreme Court isn’t yet ready for Bring Your Geek to the Supreme Court Day.

On Monday, as Monica Bay aptly put it in Law Technology News, “[t]he United States Supreme Court . . . declined to participate in the ongoing e-discovery soap opera/saga” in Da Silva Moore.

On its face, the petition for certiorari involved the appropriate standard for review of a decision that rejected recusal of Judge Peck from a case based on his publicly stated views on technology assisted review (TAR) and his participation in organizations, seminars and other events that cover the development of TAR.   But the petition targeted what it described as “a global precedent in favor of predictive coding — a technique that had never before been adopted, and that is now (in large part thanks to Judge Peck) gaining footing.”

Does this denial of certiorari change the landscape for machine learning in litigation?  No.  In the time since Judge Peck issued his decision in Da Silva Moore, has the world reached agreement on how and when advanced search methods should be deployed in litigation?  Perhaps not agreement, but certainly evolution in thinking, as evidenced by the June 2013 DESI V Workshop, Standards for Using Predictive Coding, Machine Learning, and Other Advanced Search and Review Methods in E-Discovery

In many cases, which you do not and generally will not read about, parties are negotiating the terms of search and review in discovery. But standardization across dockets and technologies presents more complicated questions, as Jason Baron noted in his report on the DESI V Workshop.

But Bring Your Geek to the Supreme Court Day is off the calendar, for now.

Your Request for Spoliation Sanctions Could Get You Sanctioned

Posted in E-Discovery Rules, Spoliation

We like our litigation to be decided on the merits. Sanctions motions based on unsupported claims of spoliation create expensive sideshows that distract from the merits. And sometimes – although perhaps not frequently enough – baseless and abusive motions are punished.

Recently, in Smith v. Westchester County Dept. of Corrections, No. 07-CIV-1803 (SDNY), Judge Shira A. Scheindlin sanctioned plaintiff’s counsel for his repeated, unsupported claims of spoliation of evidence that ignored the court’s previous decision that no such spoliation occurred. The ruling was remarkable because it not only awarded fees and costs, but also “permanently enjoined” plaintiff’s counsel from raising in other cases allegations of misconduct in Smith. And Judge Scheindlin required that plaintiff’s counsel submit a letter, attaching her decision, to two other judges “retracting any allegations, statements, facts, or arguments regarding [defense counsel's] alleged misconduct and/or the discovery issues in this action.”

What did plaintiff’s counsel do to warrant this extraordinary ruling?

Continue Reading

The Da Silva Moore Sideshow Seeks The Big Stage

Posted in Predictive Coding, TAR

Will a challenge to the use of predictive coding or technology-assisted review (TAR) disguised as a recusal fight capture the attention of the U.S. Supreme Court? Probably not. Recently, the Da Silva Moore plaintiffs petitioned the Supreme Court for certiorari on the narrow question of the standard of review for a recusal decision. And we all know that the recusal decision involved a failed attempt to disqualify Magistrate Judge Andrew J. Peck from a case because of his publicly stated views that TAR could be used in the right circumstances, and due to his participation in organizations, seminars and other events that discuss the development and use of TAR.

The petition asks the Supreme Court to provide guidance on the appropriate standard of review for recusal decisions asserting:

[T]he impact here of the standard of review is stark: Judge Peck avowedly used this case to set a global precedent in favor of predictive coding – a technique that had never before been adopted, and that is now (in large part thanks to Judge Peck) gaining footing. Judge Peck’s decision was nothing short of a landmark, and the precedent it set continues to reverberate in discovery disputes throughout the United States. Such decisions must be free from any appearance of impropriety or partiality.

Despite this, it is unlikely that the Supreme Court will accept the petition. First, the Court is unlikely to view the identified circuit split – all but one of the circuit courts agree with the standard applied by the U.S. Court of Appeals for the Second Circuit – as an important question requiring resolution. Second, the Second Circuit’s decision is not unusual or extraordinary – it applied the same standard already established by the Second Circuit to review recusal decisions. Moreover, apart from challenging the standard of review itself, the petition does not appear to question how the Second Circuit applied this standard in its ruling. Continue Reading