eDiscoveryDaily

Move Over Google, Here May Be Your New Largest GDPR Fine: Data Privacy Trends

Now, we’re talking some serious money!  In January, we covered the first big fine for failing to comply with Europe’s General Data Protection Regulation (GDPR) when France’s data protection regulator, the Commission nationale de l’informatique et des libertés (CNIL), issued a €50 million fine (about $56.8 million) fine to Google for failing to comply with GDPR.  Now, we have a new fine being proposed which is more than four times that amount.

As discussed by Sharon Nelson in her excellent Ride the Lightning blog (British Airways Faces Record Fine After Data Breach), the New York Times (subscription required) reported on July 8th that British authorities have said that they intend to order British Airways to pay a fine of nearly $230 million for a data breach last year, the largest penalty against a company for privacy lapses under GDPR.

Poor security at the airline allowed hackers to divert about 500,000 customers visiting the British Airways website last summer to a fraudulent site, where names, addresses, login information, payment card details, travel bookings and other data were taken, according to the Information Commissioner’s Office, the British agency in charge of reviewing data breaches.

In a statement British Airways said it was “surprised and disappointed” by the agency’s finding and would dispute the judgment, which isn’t final regarding the amount.

As we’ve noted many times on this blog, GDPR allows regulators in each European Union country to issue fines of up to 4 percent of a company’s global revenue for a breach. And by acting against an iconic British brand, officials showed that enforcement would not be limited to American-based tech companies, which have been seen as a primary target.

Before GDPR, fines by the Information Commissioner’s Office were capped at 500,000 pounds, or about $625,000. That was the fine it imposed on Facebook last year for allowing Cambridge Analytica to harvest information on millions of users without their consent. However, Facebook and Google are among other companies currently under investigation by the European authorities over breaches of the GDPR (despite previous fines before and after GDPR went into effect, respectively).

The large proposed fine against British Airways is thought to be based on the fact that this was an avoidable breach caused by alleged sloppy security and organizational practices.

As noted above, the British decision to fine British Airways £183.5 million, worth about 1.5 percent of the airline’s annual revenue, is not final. The agency said it would “carefully consider” responses from the airline and others to its penalty before issuing a final decision.  Even if it’s reduced, it seems inevitable to be a new record for GDPR fines (at least for now).

So, what do you think?  Do fines like this cause your organization to re-evaluate your own security policies?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Thinking Like a Millennial: How Millennials are Changing Discovery, Part Three

Editor’s Note: Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems.  He has also been a great addition to our webinar program, participating with me on several recent webinars.  Tom has also written several terrific informational overview series for CloudNine, including his most recent one, Biggest eDiscovery Challenges Facing Plaintiff’s Attorneys, which we covered as part of a webcast on June 26.  Now, Tom has written another terrific overview regarding the impact of millennials on eDiscovery titled Thinking Like a Millennial: How Millennials are Changing Discovery that we’re happy to share on the eDiscovery Daily blog.  Enjoy! – Doug

Tom’s overview is split into five parts, so we’ll cover each part separately.  Part one was last Tuesday, part two was last Friday, here is the third part.

Drivers for Millennials’ Thinking Today

Voting Studies

So, where do we learn more about this new generation? Most of the information we have on millennials comes from studies of their voting patterns and buying habits. In the first area the general assumption is that they are social loners who don’t vote. An estimated 31% of eligible people ages 18 to 29 voted in the 2018 midterms, according to the Center for Information and Research on Civic Learning and Engagement (CIRCLE). This exceeds participation from the same age group in the 2014 midterms by about 10 percentage points but is still far below the number that voted in the 2016 presidential election, when 51% of eligible millennial voters cast a ballot.

In the 2018 midterm, a poll released the week of the election by the Institute of Politics at Harvard Kennedy School, found four out of 10 adults under 30 said they would “definitely vote” and in Texas and Georgia, early turnout by 18-29 year olds was up by a whopping 500 percent in the days before the election, according to The Independent.

But the fact is that millennial voting rates have never exceeded 50%, even in 2018. According to a national poll last fall, just two-in-ten of America’s young adults consider themselves “politically engaged and active.” So far, only  41% of millennials ages 18-29 are certain they’ll vote.

But are they really isolated social loners intent only on gaming and texting? Why such low turnout when in the 1800’s 80% turnout was commonplace?

Maybe the reason isn’t the generation but the society. In the mid-1800s, transcendentalist Margaret Fuller envisioned the individualistic reality millennials now inhabit. Fuller believed that “American culture was best served by the influence of the self-cultivated individual.” If individuals prioritized themselves, America would fulfill its destiny as a truly democratic nation.

But as those ideal became reality, as individualism increases, each successive generation since World War II participates less in civic duties and governmental expectations. And so to the they are political, millennials are moved by measures championing personal choice—not society, country or planet. Only half of millennials see themselves as patriotic, and less than a third consider themselves to be environmentalists. Just 19% of millennials see themselves as generally trusting of others, compared to 40% of boomers. But we support gay and interracial marriage, abortion and marijuana legalization substantially—and sometimes exponentially—more than other generations.

Political engagement has been replaced by more direct social engagement  A 2014 report on the impact of millennials revealed 87% donated money to an organization that supported a cause they supported.

Millennials do have a desire to make an impact for a good cause, they simply don’t see voting as the best mean to accomplish that.

Millennials in 2016 were significantly less likely to vote or try to influence others vote than were the ’80s generation in the 1987 survey, or the first wave of postwar baby boomers in 1967. BUT millennials display about the same level of political interest as the youngest generation did in 1987, and millennials contact local government and work with others in the community at essentially the same rates as did youth in the earlier surveys.

So, if the 1980s generation that was once considered apathetic is now, in middle age, actually more politically active than earlier generations were at that same stage in their lives then we can expect the same for millennials. The “participation gap”, which actually just appears under closer scrutiny, to be a reluctance to vote, might just indicate that “kids these days” – the millennials – just won’t participate more actively until later in life.

What does that mean for technology usage? That’s where marketing studies come in.

Marketing

We all “know” that millennials are mobile consumers tapping their mobile devices for hours each day and we’ve all seen or heard of research that indicates they spend more time interacting with their phones than other people but at the same time have short attention spans.

This may be because, as mentioned above, millennials appreciate tech as something they saw grow up while they did. They’ve seen numerous networks and devices come and go. Instagram, Pinterest, Snapchat and Tumblr, MySpace, Vine, Google+.

Given their comfort level with technology, they tend to favor services that offer practicality, utility, convenience and even fun. In short, millennials value technology when it delivers value.

Common characteristics of millennials that marketing studies have revealed include that they:

  1. Will Embrace New Technology
  2. Want to Create Opportunities for Good Causes
  3. Want Product to Support their Creativitity
  4. Want Innovation
  5. Want Product to “Speak their Language”
  6. Want Flexibility
  7. Want Personable Company
  8. Want Passionate Company
  9. Want to Be Valued as “Real”
  10. Want to Be Recognized

What we see in these studies is that the perception as being the next “me generation” is really a focus on personal rather than social validation.  Millennials are the largest single generation in history and have become the largest influence in social and technological habits.  They value utility, effectiveness and relationship over price and are undaunted by technological innovation.

We’ll publish Part 4 – Impact of Millennials on Legal Technology and eDiscovery – on Wednesday.

So, what do you think?  Have the habits of millennials impacted eDiscovery for your organization?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Thinking Like a Millennial: How Millennials are Changing Discovery, Part Two

Editor’s Note: Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems.  He has also been a great addition to our webinar program, participating with me on several recent webinars.  Tom has also written several terrific informational overview series for CloudNine, including his most recent one, Biggest eDiscovery Challenges Facing Plaintiff’s Attorneys, which we covered as part of a webcast on June 26.  Now, Tom has written another terrific overview regarding the impact of millennials on eDiscovery titled Thinking Like a Millennial: How Millennials are Changing Discovery that we’re happy to share on the eDiscovery Daily blog.  Enjoy! – Doug

Tom’s overview is split into five parts, so we’ll cover each part separately.  Part one was Tuesday, here is the second part.

Understanding Millennials and How They Differ from Previous Generations

Well first, let’s ask, what exactly is a millennial? Are they really, as often stated, misunderstood job jumpers who have taken control of both the workplace and economy?

What exactly is the generational breakdown? Generational analysis is difficult and often shifting and it takes time for popular and expert consensus to develop precise breakdowns, but the Pew Research Center assesses such demographics and has come up with the following chart:

  • The Silent Generation: Born 1928-1945 (74-91 years old)
  • Baby Boomers: Born 1946-1964 (55-73 years old)
  • Generation X: Born 1965-1980 (39-54 years old)
  • Millennials: Born 1981-1996 (23-38 years old)
  • Generation Z (Post Millennials): born 1997 or later (up to 22 years old)

Millennials are expected to overtake Boomers in population in 2019 as their numbers swell to 73 million and Boomers decline to 72 million while Gen X is projected to pass the Boomers in population by 2028.

The Millennial generation growth is not just from a growing birth rate. Census figures show that young immigrants also expand its ranks. Meanwhile, boomers are aging and their numbers shrinking in size as the number of deaths among them exceeds the number of older immigrants arriving in the country.

What does this mean in terms of technical usage trends? The Millennial segment may not be “digital natives” to the degree of the Gen Z population but they have grown up during the digital revolution.  They’re tech savvy and saw firsthand the explosion in the use of mobile phones, social media and Internet-based information at your fingertips.

Compare that to my generation. As a bona fide boomer, I was born in 1950 in upstate Vermont. I grew up listening to a radio for my entertainment and getting my news from a paper. When TV entered my life, it came on at 4PM, went off at 11PM and consisted of two Lo VHF channels. One of which was from Montreal. At least I didn’t need to speak French to watch hockey.

Then came transistor radios. Portable data! I listened to the first Mercury launch, to the Beatles sing I Want to Hold Your Hand. To Cassius Clay beat Sonny Liston, Bill Mazeroski homer to win the World Series in the 9th. In my own room.

Next up was a car. AM radio. Better than a transistor. But I was a teenage and on AM radio there was a nothin’ goin’ down at all. Then one morning I found a New York station and I couldn’t believe what I heard at all. I started shakin’ to that fine, fine music and my life was saved by rock ‘n’ roll. FM baby. And the next thing I know I was rolling down the window and letting the wind blow back my hair on the New Jersey Turnpike in the wee, wee hours.

8 tracks, cassette players, the Internet, IPods: all of it one big wow. But technology does not present a “wow” factor for millennials and Gen Z. Rather new technology products and apps are just another channel in the cable network world of 500 channels that is their lives. A new channel appears, they try it. If they like it, they listen more. If not, switch the channel, flip the switch, try something new.

We’ll publish Part 3 – Drivers for Millennials’ Thinking Today – next Monday.

So, what do you think?  Have the habits of millennials impacted eDiscovery for your organization?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Chain, Chain, Chain – Chain of Custody: eDiscovery Throwback Thursdays

Here’s our latest blog post in our Throwback Thursdays series where we are revisiting some of the eDiscovery best practice posts we have covered over the years and discuss whether any of those recommended best practices have changed since we originally covered them.

This post was originally published on June 24, 2013 – over six years ago.  Back then, we referenced both baseball player Ryan Braun and legendary singer Aretha Franklin in a single post(!).  Braun ultimately did receive a suspension from Major League Baseball for his involvement with a clinic associated with performance enhancing drugs, but has resumed a successful playing career.  And, of course, the Queen of Soul is no longer with us, sadly.

As for chain of custody tracking, it’s as important as ever.  But technology has helped us out here with some mechanisms to automate the delivery of files.  The use of File Transfer Protocol (FTP) for transfer of files has become commonplace for even fairly large document sets and the use of secured FTP protocols (such as SFTP and FTPS) have become commonplace.  At CloudNine, most of the data we receive from clients today for loading into our CloudNine Review platform is received via secured FTP – either directly or through our Discovery Client that automates the loading of data into the platform.

However, our Client Services team still receives some data from clients via media transportation, especially when it’s a lot of data (we’re often talking terabytes, not gigabytes) and needs to get to us quickly and securely.  In those instances, we still follow the same chain of custody procedures described below to document that transfer.  When it comes to those types of transfers, ensuring proper chain of custody tracking is also an important part of handling that ESI through the eDiscovery process in order to be able to fight challenges of the ESI by opposing parties.  An insufficient chain of custody is a chain, chain, chain of fools.

Information to Track for Chain of Custody

ESI can be provided by a variety of sources and in a variety of media, so you need a standardized way of recording chain of custody for the ESI that you collect within your organization or from your clients.  At CloudNine, we use a standard form for capturing chain of custody information.  Because we never know when a client will call and ask us to pick up data, our client services personnel typically have a supply of blank forms either in their briefcase or in their car (maybe even both).

Our chain of custody tracking form includes the following:

  • Date and Time: The date and time that the media containing ESI was provided to us.
  • Pick Up or Delivery Location: Information about the location where the ESI was provided to us, including the company name, address, physical location within the facility (e.g., a specific employee’s office) and any additional information important to note where the data was received.
  • Delivering Party: Name of the company and the name of representative of the company providing the media, with a place for that representative to sign for tracking purposes.
  • Delivery Detail (Description of Items): A detailed description of the item(s) being received. Portable hard drives are one typical example of the media used to provide ESI to us, so we like to describe the brand and type of hard drive (e.g., Western Digital My Passport drive) and the serial number, if available.  Record whatever information is necessary to uniquely identify the item(s).
  • Receiving Party: Name of the company and the name of representative of the company receiving the media, with a place for that representative to sign for tracking purposes. In our form, that’s usually somebody from CloudNine Discovery, but can be a third party if they are receiving the data from the original source – then, another chain of custody form gets completed for them to deliver it to us.
  • Comments: Any general comments about the transfer of media not already addressed above.

I’ve been involved in several cases where the opposing party, to try to discredit damaging data against them, has attacked the chain of custody of that data to raise the possibility that the data was spoliated during the process and mitigate its effect on the case.  In these types of cases, you should be prepared to have an expert ready to testify about the chain of custody process to counteract those attacks.  Otherwise, you might be singing one of Aretha Franklin’s most famous songs (but not as well as she did).

So, what do you think?  How does your organization track chain of custody of its data during discovery?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Here’s a Webcast to Learn About Key eDiscovery Case Law in 2019 (so far) and How it Affects You: eDiscovery Webcasts

The appearance of the shark can only mean one thing – it’s time for our eDiscovery case week on The Discovery Channel’s Shark Week! Don’t worry, it makes sense to us. :o) So far, 2019 has been another interesting year with notable and important case law decisions related to eDiscovery best practices. What do you need to know about the cases to avoid mistakes made by others and save time and money for your clients?  Here’s a webcast where you can catch up on these cases and find out what they mean to you!

On Wednesday, July 31st at noon CST (1:00pm EST, 10:00am PST), CloudNine will conduct the webcast Key eDiscovery Case Law Review for First Half of 2019.  This CLE-approved* webcast session will cover key case law covered by the eDiscovery Daily Blog during the first half of 2019 to identify trends that lawyers should consider for their own practices. Key topics include:

  • Can ESI related to an unsolved murder case be compelled to be produced in a related civil case?
  • Is the use of biometric fingerprint scanning technology an invasion of privacy?
  • When can non-parties be compelled to produce ESI in litigation?
  • Are social media photos that you didn’t post discoverable if you’ve been tagged in them?
  • Can sanctions be so important that you fight NOT to have a claim against you dismissed?
  • Is being forced to provide your cell phone password the “death knell” for fifth amendment protection?
  • Should a case ruling be reversed if a judge is Facebook friends with one of the parties?
  • Should discovery be stayed while a motion to dismiss is being considered?
  • Does Rule 37(e) eliminate the potential for obtaining sanctions for spoliation of ESI?

As always, I’ll be presenting the webcast, along with Tom O’Connor.  To register for it, click here.  Even if you can’t make it, go ahead and register to get a link to the slides and to the recording of the webcast (if you want to check it out later).  If you want to learn from past eDiscovery case law decisions, this is the webcast for you!

So, what do you think?  Do you think case law regarding eDiscovery issues affects how you manage discovery?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Thinking Like a Millennial: How Millennials are Changing Discovery

Editor’s Note: Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems.  He has also been a great addition to our webinar program, participating with me on several recent webinars.  Tom has also written several terrific informational overview series for CloudNine, including his most recent one, Biggest eDiscovery Challenges Facing Plaintiff’s Attorneys, which we covered as part of a webcast on June 26.  Now, Tom has written another terrific overview regarding the impact of millennials on eDiscovery titled Thinking Like a Millennial: How Millennials are Changing Discovery that we’re happy to share on the eDiscovery Daily blog.  Enjoy! – Doug

Tom’s overview is split into five parts, so we’ll cover each part separately.  Here’s the first part.

Introduction

I was asked to tackle this topic after a question in a recent webinar. It seems to imply that millennials are or will be using some forms of technology that will present significant challenges to ESI preservation and production as the member of that social group enter the work force.

Paul Gentile, Senior Director, Product Marketing at LogMeIn (a.k.a., GoToMeeting) had this observation regarding millennials impact on the workforce:

The major shifts taking place in the modern workforce—remote working, geographically distributed teams, the growing popularity of online collaboration tools—can be attributed to the millennial generation’s preferences that flow into their careers.

But is that really accurate? Haven’t those changes already taken place? Aren’t millennials already part of the work force and using the same tools as the rest of us? Is there some rising tide of millennial software that will befuddle legal technologists in the coming years or are we all on the same technology flight, just some of us are sitting in first class chatting on our tablets on free Wi-Fi while the people in steerage are struggling to sign in to the Boingo signal so they can pay an outrageous fee for three hours of horribly slow connectivity?

In this paper, we will take a look at millennials, what motivates them and how they differ from previous generations and what the impact of millennials is on legal technology and eDiscovery, as follows:

  1. Understanding Millennials and How They Differ from Previous Generations
  2. Drivers for Millennials’ Thinking Today
  3. Impact of Millennials on Legal Technology and eDiscovery
  4. Conclusions and Recommendations

We’ll publish Part 2 – Understanding Millennials and How They Differ from Previous Generations – on Friday.

So, what do you think?  Have the habits of millennials impacted eDiscovery for your organization?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Will CCPA Be a “Dumpster Fire” for Those Trying to Comply? Here are 10 Reasons it Might Be: Data Privacy Trends

We’re less than six months away from the scheduled start of the California Consumer Privacy Act (CCPA) on January 1, 2020.  So, what are the law’s prospects when it goes into effect next year?  According to one article, there are ten reasons why CCPA is going to be a “dumpster fire” when it goes into effect next year.

In Truth on the Market (10 Reasons Why the California Consumer Privacy Act (CCPA) Is Going to Be a Dumpster Fire, written by Alec Stapp), real estate developer Alastair Mactaggart spent nearly $3.5 million last year to put a privacy law on the ballot in California’s November election. He then negotiated a deal with state lawmakers to withdraw the ballot initiative if they passed their own privacy bill. That law – CCPA – was enacted after only seven days of drafting and amending.

Mactaggart said it all began when he spoke with a Google engineer and was shocked to learn how much personal data the company collected and he was motivated to find out exactly how much of his data Google had. But, instead of using Google’s freely available transparency tools, Mactaggart decided to spend millions to pressure the state legislature into passing new privacy regulation.

CCPA has six consumer rights, including the right to know; the right of data portability; the right to deletion; the right to opt-out of data sales; the right to not be discriminated against as a user; and a private right of action for data breaches.  But, according to Stapp, there are ten reasons why CCPA is going to be a “dumpster file”.  Here are a few of them:

  • CCPA compliance costs will be astronomical: According to the article, if CCPA were in effect today, 86 percent of firms would not be ready. With an estimated half a million firms liable under the CCPA, if all eligible firms paid only $100,000, the upfront cost would already be $50 billion.  And, that doesn’t include lost advertising revenue, which could total as much as $60 billion
  • CCPA is potentially unconstitutional as-written: The law’s purported application to businesses not physically located in California raises potentially significant dormant Commerce Clause and other Constitutional problems.
  • GDPR compliance programs cannot be recycled for CCPA: Companies cannot just expand the coverage of their EU GDPR compliance measures to residents of California. For example, the California Consumer Privacy Act contains a broader definition of “personal data”, establishes broad rights for California residents to direct deletion of data with differing exceptions than those available under GDPR and establishes broad rights to access personal data without certain exceptions available under GDPR, among other differences.
  • CCPA’s definition of “personal information” is extremely over-inclusive: CCPA likely includes gender information in the “personal information” definition because it is “capable of being associated with” a particular consumer when combined with other datasets. Also, the definition of “personal information” includes “household” information, which is particularly problematic. A “household” includes the consumer and other co-habitants, which means that a person’s “personal information” oxymoronically includes information about other people.
  • CCPA will need to be amended, creating uncertainty for businesses: As of now, a dozen bills amending CCPA have passed the California Assembly and continue to wind their way through the legislative process. California lawmakers have just over two more months (until September 13th) to make any final changes to the law before it goes into effect.

The complete list of ten reasons that CCPA is going to be a “dumpster file” is provided in the article here.

So, what do you think?  Are you concerned about the status of CCPA?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Survey Says! Results of the ACEDS Community Survey: eDiscovery Trends

As part of its focus on offerings and opportunities that impact certifications, careers, contacts, and competence, the Association of Certified E-Discovery Specialists (ACEDS) recently conducted one of the more comprehensive online surveys of individuals currently working in the field of the eDiscovery that I’ve seen in a long time.  So, what were some of the findings?  Let’s take a look.

ACEDS posted Nineteen Observations on ACEDS in the Summer of 2019, written by Rob Robinson, editor of the excellent Complex Discovery blog and probably the unofficial survey king of eDiscovery.  Rob posted those same observations on his blog here.

Notably, the survey was open between May 15, 2019, and June 3, 2019. The survey was conducted by an outsourced and primary research firm, Hanover Research, and was designed to provide insight into survey areas through the responses to approximately 250 questions(!) organized around six general ACEDS-related topics.  Of those receiving invitations to participate, 149 eDiscovery professionals completed all 250 questions (I was one of those – kudos to ACEDS for generating so many responses to such a long survey). Partial responses to the survey were not tabulated as part of the survey results, and the reward for full survey completion was $20 directed by respondents to one of three charities.

Here are a few of the observations from the survey:

  • 93% of ACEDS Community Survey respondents were aware of the Certified E-Discovery Specialist (CEDS) certification, with 80% of these respondents being very familiar or extremely familiar with the CEDS certification.
  • The ACEDS Blog was noted as a primary source of legal news and thought leadership information by 79% of survey respondents.
  • Unsurprisingly given the target audience of the survey, 75% of respondents shared that they were current members of ACEDS. Additionally, 35% of respondents noted Women in eDiscovery (WiE) as the most common non-ACEDS membership to possess among presented legal industry groups.
  • 84% of respondents shared that they have a positive impression of ACEDS, and one-third of respondents noted that the reason for the positive impression was ACEDS educational content and certification course materials.
  • In considering the frequency respondents use skills acquired from certifications in their work, security-related certifications appeared to be the most utilized certification skills with 91% of respondents with security-related certifications reporting that they always use the skills related to that certification in their work. Also, 58% of respondent CEDS certificate holders noted that they always use CEDS-related skills in their work.
  • Only 7% of respondents shared that eDiscovery was taught as part of their law school or paralegal school curriculum. With just under two-thirds of that teaching (64%) being teaching as part of a course dedicated to eDiscovery.
  • 89% of ACEDS Community Survey respondents reported an increase in compensation during the last five years and 77% reported an increase in job offers.
  • 69% of survey respondents attended at least one industry professional development conference during the past year, with LegalTech NY, Relativity Fest, and ILTACON being the most attended conferences. 32% of respondents noted attending LegalTech NY, 24% of respondents noted attending Relativity Fest (Chicago or London), and 20% of respondents noted attending ILTACON.

These are just a few of the published results, check out the article for more.  Also, speaking of surveys, Rob launched the Summer 2019 eDiscovery Business Confidence Survey over the weekend, so you can participate in that one too.  I’ll cover the results of it in a few weeks as I have the previous surveys over the past 3+ years.

So, what do you think?  Are you surprised by any of the ACEDS survey results?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Daily will return next Monday.  Happy Independence Day!

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Plaintiff Requests His Entire PST File, Court Says No: eDiscovery Case Law

In Russell v. Kiewit Corp., No. 18-2144-KHV (D. Kan. June 4, 2019), Kansas Magistrate Judge James P. O’Hara denied the plaintiff’s motion seeking to compel supplemental discovery responses by the seven defendants, including the request to receive his entire e-mail personal storage (PST) file, agreeing with the defendants’ contention that the request was overly broad and not proportional.

Case Background

In this case where the plaintiff alleged he was fired in retaliation for opposing age discrimination, disability discrimination, and FMLA violations in the workplace through his role in the defendant’s human resources department, the parties had several unresolved issues that they could not agree on with regard to discovery.  The defendants proposed that the scope of electronic discovery would run from May 27, 2015 through April 22, 2016 and focus on specifically identified custodians using agreed and limited search terms, but the plaintiff did not agree with those propose limitations.

Among the areas where there were disputes were: 1) plaintiff’s email, where the plaintiff moved to compel defendants to produce the e-mail file from his entire employment with defendants as a PST file; 2) the scope of discovery searches; 3) discovery requests to additional entities beyond the plaintiff’s employer; and 4) the plaintiff’s request for policies related to the HR and IT operations of the defendants for whom plaintiff was not an employee.  The parties did resolve their dispute over production of the data from plaintiff’s company-issued iPhone.

Judge’s Ruling

With regard to production of the plaintiff’s PST file, the plaintiff argued that the defendants had an unfair advantage by having access to e-mails that the plaintiff could not access, also arguing that it was proportional to allow him to “see all emails in context maintained in his own email folders” because it “equalizes access.”  The defendants argued the plaintiff’s request was overly broad and not proportional, asserting they had searched for all terms requested by plaintiff, as well as many additional search terms not requested by plaintiff, and produced all responsive e-mails.

With regard to this dispute, Judge O’Hara stated: “The court agrees with defendants. Rule 26(b)(3)(c) relates to a party’s ‘own previous statement about the action or its subject matter.’ To the extent plaintiff seeks his own e-mails related to this action, those were captured in the e-mails defendants produced in response to plaintiff’s search terms, plus the additional terms defendants searched…Conspicuously, plaintiff has not cited any authority for the proposition that Rule 26(b)(3)(C) requires the production of all statements plaintiff has ever made in an e-mail about any subject, such that his entire e-mail file during his tenure with Kiewit Energy must be produced.

Although plaintiff is entitled to request the production of files in .pst format, which are ‘generally associated with the Microsoft Outlook email program,’ Document Request No. 29 seeks the entire file for the ‘email account assigned to plaintiff during his employment with defendants.’  Plaintiff purports to address the ‘proportionality standpoint’ by arguing the .pst file would allow him to more efficiently review the file. But producing the entire PST is ‘simply requesting discovery regardless of relevancy,’ which most definitely is not the standard under the 2015 amendments to Rule 26(b). The language in Document Request No. 29 is not tied to plaintiff’s protected activity or his employment with the company; rather, plaintiff requests the entire e-mail account during the entire length of his employment. That request is facially overly broad and not proportional. Plaintiff has not shown how every e-mail he has sent and received is relevant to this action, particularly in light of defendants’ production of 775 documents from e-mail searches.  The court sustains defendants’ objection to Document Request No. 29.”

Judge O’Hara also found that “defendants have adequately responded to plaintiff’s discovery requests” and rejected his requests for ESI from other entities, sustaining the defendants’ objection that the requests were overly broad and not proportional.

So, what do you think?  Should a former employee have the right to look at his or her entire email repository in litigation?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

From Legal Week to Legal Geek, The Conference You May Not Have Heard Of: eDiscovery Trends

Don’t feel bad – neither did I until after the fact.  But, the first ever Legal Geek North America conference happened last week in Brooklyn and it sounds like it might be one to check out in the future – if you can get in.

In Legal IT Professionals (Legal Geek North America Makes Its Mark in Brooklyn), Christy Burke described the “Legal Geek Ethos” as outlined by Legal Geek founder Jimmy Vestbirk as one that “prioritizes friendship over selling, recommends both learning and teaching, reminds of the importance of pitching in to help, and reminds about the all-important ‘no ties’ policy, which was strictly observed – no ties in sight!”  According to Christy, “Vestbirk compared the conference to Woodstock, the legendary American music festival of 1969 – a great analogy because the event’s clear aim was to bring a diverse group of people together for a memorable, singular experience that could never be recreated.”

Speakers included Marc Cohen of Legal Mosaic (who actually attended the original Woodstock), Dr. Eva Bruch of AlterWork, Tess Blair of Morgan Lewis, Lucy Dillon of Reed Smith, Susan Hackett of Legal Executive Leadership, Karl Chapman of EY Riverview Law, Karl Kong from Axiom, Nicole Bradick of software development and design firm Theory & Principle and Dan Reed, CEO of UnitedLex.  According to Reed, the push of innovation is coming from Boards and C-Suites of the best companies in the world.  “Law has lost its immunity,” he said, and “going digital” means extreme client centricity.  Corporate clients are thinking in terms of “value capture” – gains built on performance and quality, lowering risk and cost.  Reed said that law firms need value capture to be relevant in today’s world.

These were just some of the 60+ speakers from 6+ countries that spoke to 450 attendees (apparently a waitlist of another 100+ couldn’t get into the event).  So, clearly some people have heard of it and it sounds like it was a very interesting and entertaining event.  Christy’s article goes a lot more in depth into some of the content discussed by the speakers and it sounds like there will be a Legal Geek Festival in London for a whole week from October 14 through October 18.  Legal Geek – Week!

I’m intrigued and will have to consider it for next year.  Are you intrigued?

So, what do you think?  Are you a “legal geek”?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.