Posts By :

Doug Austin

Nine is Divine! eDiscovery Daily is (Cloud)Nine Years Old!

Our “nine clouds” logo is making a one-day comeback!  If you read our blog yesterday, you probably noticed that our Throwback Thursday post was from the day eDiscovery Daily was launched.  That was nine years ago today!

We launched nine years ago on September 20, 2010.  Back then, we told you to not get “wild” with wildcards (and repeated that message yesterday).  And, we published our first case law post about a case where the spoliator of data was actually threatened with jail time –  our first of 701 posts about case law to date, covering more than 540 distinct cases!  We’ve published over 2,269 lifetime posts, and every post is still available on the site for your reference.  We’ve been around for so long and published so much, we don’t even bother with the six month milestones anymore!

And, as always, we have you to thank for all of that success!  Thanks for making the eDiscovery Daily blog a regular resource for your eDiscovery news and analysis!  We really appreciate the support – you make us feel like we’re on CloudNine!

As many of you know by now, we like to take a look back each anniversary at some of the important stories and topics during that time.  So, here are some posts over the last few months you may have missed.  Enjoy!

Here’s an evidence story that only a word geek like me can appreciate.

How many states have Security Breach Notification Laws? You might be surprised.

When does a party fight NOT to have a claim against them dismissed?  When they think it keeps their sanction possibility alive – at least in this case.

Phishing emails can be so deceiving these days.  Here’s an example of one and what you can do about them.

Do you still use the Enron data set for testing?  Maybe you shouldn’t.

Should a judge accept a Facebook friend request from a litigant?  Maybe not always.

If you’re going to fire your IT guy, you might want to change the passwords on your servers.  All 23 of them.

Significant spoliation sanctions may be more difficult to get now, but “it’s never over ‘til it’s over” as this case shows.

Just because you have a Motion to Dismiss pending doesn’t mean you can stay discovery until it’s decided.

Why do hackers hack?  For the money, of course.

Here’s a “cautionary tale about how not to conduct discovery in federal court”.  ‘Nuff said.

How many times do you have to spoliate ESI before you receive case termination sanctions?  In this case, more than three.

There are plenty of reasons that organizations experience a data breach: unpatched vulnerabilities in your software is only the latest one to worry about.

Not since Clubber Lang predicted “pain” in Rocky III has the state of legal tech consolidation seen such “carnage”.

Data privacy fines keep going up.  This proposed fine was for $230 million.  This one was approved for more than 20 times that.

If you keep track of Hollywood news, you probably already know this story.  But, you may not know the eDiscovery significance of the Kevin Spacey harassment cases.

Here are some of my observations regarding this year’s ILTACON conference using the theme of the classic spaghetti western The Good, The Bad and the Ugly.

Sure, we’ve been talking a lot the past couple of years about GDPR and CCPA.  But, “COPPA” just cost YouTube and Google $170 million.

In this case regarding spoliation of cell phone data, the judge recommended that the intent to deprive question be left up to the jury.  So did this one.

This is just a sampling of topics that we’ve covered.  Hope you enjoyed them!

Thanks for the interest you’ve shown in the topics!  We will do our best to continue to provide interesting and useful eDiscovery, cybersecurity and data privacy news and analysis.  And, as always, please share any comments you might have or if you’d like to know more about a particular topic!  On to 10 years!  Do it again at ten!  :o)

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Don’t Get “Wild” with Wildcards: eDiscovery Throwback Thursdays

Here’s our latest blog post in our Throwback Thursdays series where we are revisiting some of the eDiscovery best practice posts we have covered over the years and discuss whether any of those recommended best practices have changed since we originally covered them.

This post was originally published on September 20, 2010 – which was the day eDiscovery Daily was launched!  We launched that day with an announcement post, this post and our first case law post where Judge Paul Grimm actually ordered the defendant to be imprisoned for up to two years or until he paid the plaintiff “the attorney’s fees and costs that will be awarded to Plaintiff as the prevailing party pursuant to Fed. R. Civ. P. 37(b)(2)(C).”  (Spoiler alert – the defendant didn’t ultimately go to jail, but was ordered to pay over 1 million dollars to the plaintiff)…

Even before the 2015 Federal Rules changes, we didn’t see any other cases where the parties were threatened with jail time.  But I personally have seen several instances where parties still want to get “wild” with wildcards.  We even covered a case where the parties negotiated terms that included the wildcard for “app*” because they were looking for phone applications or apps (an even more extreme example than the one I detail below).  Check it out too.  And, enjoy this one as well!  It’s as relevant today as it was (almost) nine years ago!

A while ago, I provided search strategy assistance to a client that had already agreed upon several searches with opposing counsel.  One search related to mining activities, so the attorney decided to use a wildcard of “min*” to retrieve variations like “mine”, “mines” and “mining”.

That one search retrieved over 300,000 files with hits.

Why?  Because there are 269 words in the English language that begin with the letters “min”.  Words like “mink”, “mind”, “mint” and “minion” were all being retrieved in this search for files related to “mining”.  We ultimately had to go back to opposing counsel and negotiate a revised search that was more appropriate.

How do you ensure that you’re retrieving all variations of your search term?

Stem Searches

One way to capture the variations is with stem searching.  Applications that support stem searching give you an ability to enter the root word (e.g., mine) and it will locate that word and its variations.  Stem searching provides the ability to find all variations of a word without having to use wildcards.

Other Methods

If your application doesn’t support stem searches, Morewords.com shows list of words that begin with your search string (e.g., to get all 269 words beginning with “min”, go here – simply substitute any characters for “min” to see the words that start with those characters).  Choose the variations you want and incorporate them into the search instead of the wildcard – i.e., use “(mine or “mines or mining)” instead of “min*” to retrieve a more relevant result set.

Many applications let you preview the wildcard variations you wish to use before running them.  For example, our CloudNine Review solution (shameless plug warning!) performs a preview when you start to type in a search term to show you words within the collection that begin with that string.  As a result, you can identify an overbroad term before you agree to it.

So, what do you think?  Have you ever been “burned” by wildcard searching?  Do you have any other suggested methods for effectively handling them?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Today’s Webcast Will Show You How to Think Like a Millennial When Addressing eDiscovery Needs: eDiscovery Webcasts

As we learned in Tom O’Connor’s recent five part blog series, millennials may be changing eDiscovery (depending on your point of view).  Regardless, eDiscovery is changing and millennials may be a BIG part of that change.  TODAY’S webcast will help you think like a millennial to address your eDiscovery needs.

Today at noon CST (1:00pm EST, 10:00am PST), CloudNine will conduct the webcast Thinking Like a Millennial in eDiscovery.  This CLE-approved* webcast session will discuss how evolving technology trends are impacting eDiscovery today and how to think like a millennial to stay on top of those developing trends. Key topics include:

  • Understanding Millennials and How They Differ from Previous Generations
  • Drivers for Millennials’ Thinking Today
  • How Litigation Support and eDiscovery Has Evolved Over the Years
  • Challenges Posed by BIG Data and Variety of Data Sources
  • Ethical Duties and Rules for Understanding Technology
  • Impact of Millennials on Legal Technology and eDiscovery
  • Your Clients May Have More ESI Than You Think
  • Recommendations for Addressing Today and Future Technology Challenges

As always, I’ll be presenting the webcast, along with Tom O’Connor.  To register for it, click here – it’s not too late! Even if you can’t make it, go ahead and register to get a link to the slides and to the recording of the webcast (if you want to check it out later).  If you want to learn how the habits of millennials will impact your eDiscovery processes, this is the webcast for you!

So, what do you think?  Are you concerned about how the habits of millennials will impact your eDiscovery processes?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

The Cat and Mouse Game Between Data Privacy Regulators and Online Advertisers: Data Privacy Trends

You didn’t think companies that make a lot of their revenue in online advertising were going to just roll over when Europe’s General Data Protection Regulation (GDPR) was enacted to protect personal information, did you?  Apparently not, as this article discusses.

According to Legaltech® News (Is the GDPR Creating a Cat-and-Mouse Game Between Advertisers and Regulators?, written by Frank Ready), the browser company Brave alleged last week that Google was using a mechanism called “push pages” to work around restrictions on the sharing of personally identifiable information (PII) laid out by the EU’s General Data Protection Regulation (GDPR). It did so, Brave said, by assigning a distinct, almost 2,000 character-long code to user information shared with advertisers.

Google issued a response to the site Tom’s Hardware saying that it does not “serve personalized ads or send bid requests to bidders without user consent.”  But, Google’s ad practices are already facing an inquiry by the Irish Data Protection Commission (DPC), specifically with regards to how well they comply with “GDPR principles of transparency and data minimization.” However, regulators attempting to enforce the anonymization of user data could find it difficult to keep pace with companies looking for new ways to both comply with privacy requirements and protect the online advertising revenue that is central to their business.

Jarno Vanto, a partner in the privacy and cybersecurity group at Crowell & Moring, thinks part of the problem is most of the information that’s collected about users online nowadays could potentially qualify as PII.

“Ad tech companies are now trying to come up with ways on the one hand to comply, but then they are still stuck in the old world where they were able to collect all of this data because they could rely on this distinction between non-PII and PII, and that’s no longer really a valued distinction,” Vanto said.

Debbie Reynolds, founder of the data privacy and cyber response firm Debbie Reynolds Consulting, believes other companies will be looking towards the outcome of the Irish DPC’s inquiry with interest as they try to align their own data practices with compliance and profitability.  Still, she’s not expecting much in the way of new parameters surrounding what constitutes a unique identifier.

“I don’t think the regulators are going to try and go out of their way to create new words or new definitions,” Reynolds said.

Vanto said he thinks it could be a tough road due to the amount of resources that would have be leveraged in order to keep track of the practices employed by each technology company.  But Vanto also noted that there are tech-savvy privacy activists who have an interest in monitoring such activity, as well as rival companies that may also be inclined to keep their competitors moving towards the same kind of consent-based data sharing models that they are being driven to adopt into their advertising practices.

Just like Tom is always finding it difficult to stop Jerry, it appears that regulatory agencies – even with GDPR – are finding it difficult to stop the companies wanting to do everything they can to keep the advertising dollars flowing.  It will be interesting to see how this struggle plays out over time.

So, what do you think?  Will the regulatory agencies be able to find a way to protect personal information from advertisers?  Please share any comments you might have or if you’d like to know more about a particular topic.

Image Copyright © Turner Entertainment

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Appellate Court Vacates Order Allowing Plaintiff’s Expert Access to Defendant’s ESI Prior to Privilege Determination: eDiscovery Case Law

In Crosmun v. Trustees of Fayetteville Technical Community College, No. COA18-1054 (N.C. Ct. App. Aug. 6, 2019), the Court of Appeals of North Carolina, holding that the trial court abused its discretion by compelling production through a protocol that provided the plaintiffs’ expert with direct access to potentially privileged information and precluded reasonable efforts by Defendants to avoid waiving any privilege, vacated the order and remand for further proceedings not inconsistent with its opinion.

Case Background

In this claim of retaliatory dismissals from the defendant’s community college in violation of the North Carolina Whistleblower Protection Act, the plaintiffs served discovery requests on the defendants, including for ESI located in the school’s computers and servers.  After expressing concerns that the defendants had destroyed responsive ESI and sending several letters, the plaintiffs filed a motion to compel requesting the trial court “[o]rder that the parties identify a computer forensics entity or individual who, at Defendants’ cost, will search the computer servers at FTCC to determine if Defendants have deleted emails and files pertaining to these discovery requests.”

From that motion to compel, the trial court ultimately entered a Protocol Order compelling discovery and entered an order, as requested by the plaintiffs, providing for a forensic examination of the defendants’ computer files by a computer forensic expert retained by the plaintiffs.  Per the order, the plaintiffs’ forensic expert would conduct keyword searches for all responsive data and also keyword searches for potentially privileged data. Documents retrieved in responsive searches that were not identified as privileged were ordered to be delivered directly to the plaintiffs, without the defendants being able to review them for privilege. The defendants appealed the order, contending that it amounted to an involuntary waiver of their attorney-client privilege and the work-product doctrine.

Appellate Court Ruling

The appellate court ruling, written by Judge Lucy Inman, started out by noting: “Seeking justice often involves enduring tedium” and also noted that “ESI has become so pervasive that the volume of ESI involved in most cases dwarfs the volume of any paper records”.  No kidding.  Despite that, the court noted that “North Carolina authority regarding eDiscovery is bare bones.”

Relying on decisions from other courts around the country as well as Sedona Conference principles, the appellate court ruled: “In short, the Protocol Order provides Plaintiffs’ agent direct access to privileged information, which disclosure immediately violates Defendants’ privileges. It furthers that violation by directing that agent, having attempted to screen some privileged documents out through the use of search terms, to produce potentially responsive documents without providing Defendants an opportunity to examine them for privilege. If, following that continued violation, Plaintiffs—their agent notwithstanding—receive privileged documents, Defendants must attempt to clawback that information, reducing their privilege to a post-disclosure attempt at unringing the eDiscovery bell. Such compelled disclosure of privileged information is contrary to our law concerning both attorney-client privilege and work-product immunity…As a result, we hold the trial court misapprehended the law concerning attorney-client privilege and the work-product immunity (however understandably given its undeveloped state within the eDiscovery arena), vacate the Protocol Order, and remand for further proceedings.”

So, what do you think?  Should parties ever be granted access to ESI before the producing party can perform a privilege review?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

It’s Friday the 13th! So, What’s Worse – Jason or Last Minute Votes on CCPA Amendments?: Data Privacy Trends

OK, today is the day that spawned a whole series of horror movies that have been a part of the Hollywood lexicon for nearly forty years now.  But the decisions being made in California this week could impact data privacy considerations for…well, who knows how long?  So, which is worse?  Depends on your point of view, I guess.

You all know the legacy of all the Friday the 13th movies, starting with this one way back in 1980 (still a classic!).  Yes, it even had Kevin Bacon in it, which should appease all you “Six Degrees of Kevin Bacon” fans.  Thank you, sir, may I have another?  ;o)

No, you may not, because this post is about data privacy and the California Consumer Privacy Act (CCPA).  According to this article from Alysa Zeltzer Hutnik & Alex Schneider at Kelley Drye, apparently this week marks the final opportunity for California lawmakers to amend the CCPA before the legislative session closes.

And, they have been busy with changes, according to this article from yesterday from Andrew Kingman and Jim Halpert (no, not THAT Jim Halpert) from the International Association of Privacy Professionals (IAPP) where we learned that the proposed amendment to support loyalty programs (to permit the sale of personal information collected through loyalty programs in very limited circumstances) has been shelved for the year.

Speaking of IAPP, they have a great infographic here (and below) that shows the status of privacy laws in various states.  You know I love an infographic!

Not enough detail for you?  They also have this more detailed table with references to each statute or bill currently making its way through the legislative process.

They say a picture is worth a thousand words and I’ve given you at least two of them, so I’ve earned a few days off, I’d say.  I’ll settle for two.  Back Monday!

So, what do you think?  Are you concerned about last minute changes to CCPA?  Please share any comments you might have or if you’d like to know more about a particular topic.

Image Copyright © New Line Cinema (you know which one)

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Searching for Email Addresses Can Have Lots of Permutations Too: eDiscovery Throwback Thursdays

Here’s our latest blog post in our Throwback Thursdays series where we are revisiting some of the eDiscovery best practice posts we have covered over the years and discuss whether any of those recommended best practices have changed since we originally covered them.

This post was originally published on November 15, 2012 – when eDiscovery Daily was early into its third year of existence and continues the two-part series we started last week.  Email addresses still provide the same opportunities and challenges for identifying documents associated with individuals that they did nearly seven years ago.  Enjoy!

Last week, we discussed the various permutations of names of individuals to include in your searching for a more complete result set, as well as the benefits of proximity searching (broader than a phrase search, more precise than an AND search) to search for names of individuals.  Another way to identify documents associated with individuals is through their email addresses.

Variations of Email Addresses within a Domain

You may be planning to search for an individual based on their name and the email domain of their company (e.g., daustin@cloudnine.com), but that’s not always inclusive of all possible email addresses for that individual.  Email addresses for an individual’s domain might appear to be straightforward, but there might be aliases or other variations to search for to retrieve emails to and from that individual at that domain.  For example, here are three of the email addresses to which I can receive email as a member of CloudNine:

To retrieve all of the emails to and from me, you would have to include all of the above addresses (and others too).  There are other variations you may need to account for, as well.  Here are a couple:

  • Jim Smith[/O=FIRST ORGANIZATION/OU=EXCHANGE ADMINISTRATIVE GROUP (GZEJCPIG34TQEMU)/CN=RECIPIENTS/CN=JimSmith] (legacy Exchange distinguished name from old versions of Microsoft Exchange);
  • IMCEANOTES-Andy+20Zipper_Corp_Enron+40ECT@ENRON.com (an internal Lotus Notes representation of an email address from the Enron Data Set).

As you can see, email addresses from the business domain can be represented several different ways, so it’s important to account for that in your searching for emails for your key individuals.

Personal Email Addresses

Raise your hand if you’ve ever sent any emails from your personal email account(s) through the business domain, even if it’s to remind you of something.  I suspect most of your hands are raised – I know mine is.  Identifying personal email accounts for key individuals can be important for two reasons: 1) those emails within your collection may also be relevant and, 2) you may have to request additional emails from the personal email addresses in discovery if it can be demonstrated that those accounts contain relevant emails.

Searching for Email Addresses

To find all of the relevant email addresses (including the personal ones), you may need to perform searches of the email fields for variations of the person’s name.  So, for example, to find emails for “Jim Smith”, you may need to find occurrences of “Jim”, “James”, “Jimmy”, “JT” and “Smith” within the “To”, “From”, “Cc” and “Bcc” fields.  Then, you have to go through the list and identify the email addresses that appear to be those for Jim Smith.  Any email addresses for which you’re not sure whether they belong to the individual or not (e.g., does jsmith1963@gmail.com belong to Jim Smith or Joe Smith?), you may need to retrieve and examine some of the emails to make that determination.  If he uses nicknames for his personal email addresses (e.g., huggybear2012@msn.com), you should hopefully be able to identify those through emails that he sends to his business account.

To summarize, searching by email address is another way to identify documents pertaining to a key individual.  The key is making sure your search includes all the email addresses possible for that individual.

So, what do you think?  How do you handle searching for key individuals within your document collections?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Fall 2019 Predictive Coding Technologies and Protocols Survey Results: eDiscovery Trends

So many topics, so little time!  Rob Robinson published the latest Predictive Coding and Technologies and Protocols Survey on his excellent ComplexDiscovery site last week, but this is the first chance I’ve had to cover it.  The results are in and here are some of the findings in the largest response group for this survey yet.

As Rob notes in the results post here, the third Predictive Coding Technologies and Protocols Survey was initiated on August 23 and concluded on September 5 with individuals invited to participate directly by ComplexDiscovery and indirectly by industry website, blog, and newsletter mentions – including a big assist from the Association of Certified E-Discovery Specialists (ACEDS).  It’s a non-scientific survey designed to help provide a general understanding of the use of predictive coding technologies and protocols from data discovery and legal discovery professionals within the eDiscovery ecosystem.  The survey was designed to provide a general understanding of predictive coding technologies and protocols and had two primary educational objectives:

  • To provide a consolidated listing of potential predictive coding technology and protocol definitions. While not all-inclusive or comprehensive, the listing was vetted with selected industry predictive coding experts for completeness and accuracy, thus it appears to be profitable for use in educational efforts.
  • To ask eDiscovery ecosystem professionals about their usage and preferences of predictive coding platforms, technologies, and protocols.

There were 100 total respondents in the survey (a nice, round number!).  Here are some of the more notable results:

  • 39 percent of responders were from law firms, 37 percent of responders were from software or services provider organizations, and the remaining 24 percent of responders were either part of a consultancy (12 percent), a corporation (6 percent), the government (3 percent), or another type of entity (3 percent).
  • 86 percent of responders shared that they did have a specific primary platform for predictive coding versus 14 percent who indicated they did not.
  • There were 31 different platforms noted as primary predictive platforms by responders, nine of which received more than one vote and they accounted for more than three-quarters of responses (76 percent).
  • Active Learning was the most used predictive coding technology, with 86 percent reporting that they use it in their predictive coding efforts.
  • Just over half (51 percent) of responders reported using only one predictive coding technology in their predictive coding efforts.
  • Continuous Active Learning (CAL) was (by far) the most used predictive coding protocol, with 82 percent reporting that they use it in their predictive coding efforts.
  • Maybe the most interesting stat: 91 percent of responders reported using technology-assisted review in more than one area of data and legal discovery. So, the uses of TAR are certainly expanding!

Rob has reported several other results and provided graphs for additional details.  To check out all of the results, click here.  Want to compare to the previous two surveys?  They’re here and here:o)

So, what do you think?  Do any of the results surprise you?  Please share any comments you might have or if you’d like to know more about a particular topic.

Image Copyright © FremantleMedia North America, Inc.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Another Case Where Intent to Deprive is Put in the Hands of the Jury: eDiscovery Case Law

In Woods v. Scissons, No. CV-17-08038-PCT-GMS (D. Ariz. Aug. 14, 2019), Arizona Chief District Judge G. Murray Snow granted in part and denied in part the plaintiff’s motion for sanctions for spoliation of video footage of an arrest incident involving the plaintiff and the defendant (a police officer with the Prescott Police Department), ruling that non-party City of Prescott violated a duty to preserve evidence of the alleged incident, but that the question of intent should be submitted to the jury to determine appropriate sanctions.

Case Background

In this claim of excessive force against the defendant arising out of the plaintiff’s arrest in June 2016, the plaintiff alleged that after the defendant placed him in handcuffs, he struck the plaintiff several times while he lay face-down on the pavement, resulting in a fracture to his lower back which left him in severe pain and will likely require future surgery to repair.  Several officers arrived on the scene during the course of the arrest.  After the Prescott Police Department Review Board determined that no “criminal, civil or Department Policy violations” had occurred during the arrest, the plaintiff filed this action in February 2017.  Subsequently, the plaintiff filed a motion for spoliation sanctions, arguing that non-party City of Prescott violated a duty to preserve evidence of the alleged incident—video footage automatically captured by the cameras in the various officers’ vehicles—by allowing the footage to be automatically deleted from the police department’s systems.

Judge’s Ruling

Noting examples of at least two officers (in addition to the defendant’s) whose dash cams would likely have been recording, Judge Snow stated: “the available evidence, taken as a whole, establishes that dash cam footage was recorded by at least two vehicles that could have been relevant to Woods’ claim.”  Judge Snow also “decline[d] to assume that any recordings from the vehicles in question would have been irrelevant to Woods’ claim”, stating “the footage’s value cannot simply be replaced by having eyewitness testimony regarding Woods’ arrest—much of the value provided by video footage is that it allows a jury to make its own determination.”

Judge Snow also ruled that the City of Prescott (which was paying for legal representation for the defendant) “had a duty to preserve any video recordings from the responding officers’ dash cams once it knew that litigation was reasonably likely” (which was by April 2017, at the latest) and “the parties do not dispute that any footage has been erased.”  And, Judge Snow ruled that “[t]he spoliation can be imputed to Scissons”, observing that the City would pay any judgment against the defendant in the case.

As a result, Judge Snow granted in part and denied in part the plaintiff’s motion for sanctions, ordering the following: “Because there is evidence that video recordings of the alleged event existed but were not preserved, the jury will hear evidence concerning the potential existence of video footage and will be instructed that it may consider that evidence along with all other evidence in reaching its decision. It will also be instructed that if it determines that the Police Department destroyed evidence and did so with the intent to deprive Woods of the use of the video footage, it may infer that the footage would have been favorable to Woods. However, the Court declines to give the instruction as requested by Woods because the question of intent will be submitted to the jury.”

So, what do you think?  Should juries decide intent to deprive in spoliation disputes?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Forget CCPA. COPPA Just Cost YouTube and Google $170 Million: Cybersecurity Trends

Sure, we’ve been talking a lot the past couple of years about Europe’s General Data Protection Regulation (GDPR), enacted in May 2018 and we’ve already seen one big fine here and another huge potential fine here.  And, we’ve been talking for over a year now about the California Consumer Privacy Act, which is scheduled to take effect next January 1st.  But, have we talked about “COPPA”?  Not, till now.  But, “COPPA” just cost YouTube and Google $170 million.

According to CBS News (Google to pay $170 million for violating kids’ privacy on YouTube, written by Sarah Min), Google will pay a record $170 million fine to settle a lawsuit filed by federal and state authorities that charged the internet giant with violating children’s privacy on YouTube, the Federal Trade Commission (FTC) said Wednesday.

The settlement requires Google and YouTube to pay $136 million to the FTC and $34 million to New York state for violating the Children’s Online Privacy Protection Act (COPPA), by collecting personal information from children without their parents’ consent.

The FTC and the New York attorney general alleged in a complaint that YouTube gathered children’s personal information by using “cookies,” or personal identifiers, that track users online. According to the suit, YouTube earned millions of dollars by using the information to deliver targeted ads to kids.

COPPA requires online websites to obtain parental consent prior to collecting kids’ online usage information. The FTC and New York Attorney General Letitia James said that, while YouTube claimed it caters to a general audience, many of its online channels are aimed at children under the age 13. That requires the service to comply with COPPA guidelines.

“YouTube touted its popularity with children to prospective corporate clients,” FTC Chairman Joe Simons said in a statement. “Yet when it came to complying with COPPA, the company refused to acknowledge that portions of its platform were clearly directed to kids.”

For example, a toymaker with a YouTube channel could track people who viewed its videos to send ads for its own products that are targeted to children. The FTC said in its complaint that Google and YouTube told toymaker Mattel that YouTube “is today’s leader in reaching children age 6-11 against top TV channels.” It also said that the companies told Hasbro that YouTube is the “#1 website regularly visited by kids.”

But when it came to advertisers, the FTC alleged that YouTube told at least one marketer that the video-search company need not comply with COPPA, as it did not have users under the age of 13 on the platform.

Prior to Google’s settlement, the largest civil FTC penalty for a children’s data-privacy case was a $5.7 million for a case in February involving social media app TikTok. This penalty is nearly 30 times that one.  Still, critics say last week’s settlement still amounts to a drop in the bucket for Google, whose parent company Alphabet was sitting on $121 billion in cash and securities at the end of June.

Nonetheless, this penalty, along with Google’s GDPR fine from earlier this year, adds up to nearly $227 million.  That’s some serious money, even for a company like Google.  Great Google-y Moogle-y!

So, what do you think?  Will fines like these change how organizations track user data?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.