The Modern Archivist

CA Supreme Court allows warrantless cell phone searches

Even though you aren’t likely to be arrested anytime soon, a recent California Supreme Court decision may cause you to rethink where you carry your cell phone in the event you encounter police.  The Court’s recent decision in People v. Diaz broadened the Fourth Amendment’s warrantless search exception to allow an arresting officer to search the content of an arrestee’s cell phone if it is found on the arrestee’s person.  And, the search doesn’t have to be conducted at the time of the arrest; the search can be postponed until after the arrestee is safe and secure at the station.  The lesson, at least at this juncture:  don’t keep your cell phone in your pocket and make sure it is password protected. 

In Diaz, the police seized defendant’s cell phone while he was at the sheriff’s station following his arrest for a drug deal.  Ninety minutes after being arrested, the police searched the contents of defendant’s phone and found an incriminating text message that resulted in the defendant’s admission that he participated in the drug deal.  Note that the police manipulated the defendant’s phone (exactly how was not clarified) to find the message.  The California Supreme Court affirmed both lower courts’ decisions that seizure and search of the contents of the cell phone was valid under the Fourth Amendment.

The Court reasoned that because the phone was immediately associated with the defendant’s person, the police were entitled to not just seize the phone, but to inspect its contents as well.  The Court paid little heed to the phone being searched 90 minutes after defendant’s arrest and after the phone had been seized.  Nor did concerns for exigency (i.e. destruction of evidence or the threat of a weapon that could be used against the police) appear to have been a factor in the Court’s decision.  Lastly, the Court paid little heed to the character of device (that it was a cell phone) or the sheer quantity of personal information that could be (and likely was) contained within the device.  Rather, the decision hinged on three U.S. Supreme Court cases from the early 1970’s – when rotary phones were “modern technology” and answering machines were not even a household item.  United States v. Robinson, 414 U.S. 218, 224 (1973); United States v. Edwards, 415 U.S. 800, 802-803 (1974); and United States v. Chadwick, 433 U.S. 1, 14-15 (1977). 

The dissent noted these technological distinctions and stated:  “The potential impairment to privacy if arrestees’ mobile phones and handheld computers are treated like clothing or cigarette packages, fully searchable without probable cause or a warrant, is correspondingly great.”  See top of Page 25 here.  There is a large amount of data that can be stored on a smart phone, which won’t be decreasing anytime soon.  Moreover, the dissent argued that the grounds for a loss of privacy rights in the person do not apply to that person’s privacy interest in data – personal or business – stored on their electronic devices; privacy of data stored on a device is distinct from the person of the arrestee.

A notable concern that arises from the Diaz holding:  in the days of wireless communication, are there any foreseeable limits to this warrantless search exception?  I’ll note again, for the overly concerned reader, that the majority of us will never be arrested.  But, in those random and rare circumstances where you are arrested for having too many unpaid parking tickets, failing to wear your seatbelt or some equally bizarre situation, should your cell phone or small computer be seized and searched without a warrant following a lawful arrest, what are the limitations?  What private information can be obtained from it and ultimately used against you?  And, what if it’s a phone or computer issued by your employer?  Is the employer’s information subject to police whims?  At least for the time, perhaps it’s better to keep your phone in your glove box or brief case and always keep it password protected.

Extended Functions of E-Discovery: Regulatory Compliance and Internal Investigations

E-discovery solutions have naturally been classified as litigation support, and in this post I’ll go over why this area continues to be of growing concern. In another section, I will cover why the same solutions which provide litigation support can also help to solve internal investigations as well.

First, rising litigation highlights the importance of e-Discovery. In Fulbright’s most recent survey litigation survey, over 90% of U.S. and U.K. respondents expecting legal disputes to increase or remain the same:

…93% of U.S. and 97% of U.K. respondents expecting legal disputes to increase or remain the same this coming year. This expectation comes during a year when 87% of U.S. respondents faced new litigation in the past year (up from 83% last year) and 53% of all respondents initiated a suit in the past year (up from 48% overall last year)….In the U.S. – and for large-caps in particular – intellectual property and patent litigation are also high on respondents’ radars.

And, according to the same study, “More regulators have been investigating a greater variety of companies, from small to large and across sectors – particularly banking, health care and energy.” Rampant regulatory changes and stricter enforcement seem to have increased the need for the ability to find documents within an enterprise.

Like most things, cost produces the constraints which this process works around. Bringing discovery in-house reduces the cost at an astonishing rate. Patrick Oot, a member of the Law Technology News Editorial Advisory Board, is director of electronic discovery and senior litigation counsel at Verizon, based in Washington, D.C. says:

In July 2008, our EDD team completed a business case that presented an opportunity for Verizon to save about $4 million in legal expenses in one year by establishing an in-house system, with support staff, infrastructure and software for internal data processing, hosting and review. We believe that over the next three years, this business case will yield up to potential 395 percent return on investment.

Following this example, both NBC and Microsoft have moved their discovery internally. At NBC, Jonathan Chow -Chief Information Security Officer (CISO) – heads the IT implementation and explained to ComputerWorld that, as with many corporations, the information security department includes e-discovery as a key responsibility for litigation support, M&A activities, and internal investigations. The move in-house allows NBC to administer searches and investigations internally without the dubious cost of hiring outside vendors.

E-discovery Used Internally

E-discovery solutions have traditionally only been seen as a litigation support tool. But no longer. Today, savvy businesses are using the same tools to solve internal investigations, regulatory compliance and records management issues.

The use of e-discovery tools in internal investigations remains vital for international corporations as well as domestic outfits. All major companies need the ability to search electronically stored information ( ESI) to complete internal investigations that may be generated by HR or corporate security. No matter the regulatory environment, personnel misconduct and fraud detection must be of vital importance for any company – and a particular worry for CISOs, Chief Security Officers, General Counsels, and CEOs. Unauthorized access to sell or manipulate data and sexual harassment or other inappropriate communication has become all too common, and internal investigations have become ever more important as a result.

Compliance with government regulations remains of great importance to industries such as financial services and healthcare as well as the broader set of publically listed companies. NASD, SEC, and HIPAA govern strict regulations on the retention of e-mail and other ESI. As a part of information management and security, e-discovery tools like ZL’s Unifed Archive can manage the retention (or destruction) schedules for ESI based on a granular set of rules. If a company’s ESI were sand in a box, ZL’s proactive e-discovery tool is a very speedy fine-toothed comb.

As the application of e-discovery tools expand, many companies find that classifying them purely as litigation support can be a misnomer. The discovery function serves both litigation support and internal investigations due to the increasing need to hold employees accountable to company policies. No matter the name, the ability to search through a company’s ESI remains a pillar of responsible corporate governance.

Elastic Clouds, Archiving and E-Discovery

A key aspect of managing archiving / e-discovery costs with the cloud, whether it is on the public cloud or a private on-premises cloud, is the ability to control hardware costs by matching it with the required workload through elastic scaling. In this article I will talk about why elasticity is important information governance and the different cloud computing layers (SaaS, PaaS, IaaS, etc.) that are required for a cloud computing solution.

Both archiving and e-discovery are well-suited for elastic cloud solutions due to the amount of one-time work needed. For archiving this often occurs when migrating from one system to another; while for e-discovery, this often occurs during collection and processing which is associated with individual matters. During any of these tasks, a large amount of processing power may be needed to collect and process data, whether it is several gigabytes or several hundred terabytes. In a traditional solution, hardware resources are fixed over the short-term meaning that either you cannot easily obtain additional needed resources or you are budgeted for peak loads and have additional carrying costs when not performing those functions. Using an elastic cloud-based solution allows organizations to match their hardware with their processing needs, scaling up when needed and scaling down or redeploying when not needed. At ZL Technologies, our customers run cloud environments ranging from several servers to several hundred servers, easily adding and removing servers as necessary for archiving and e-discovery.

To be truly effective, a cloud-based system must be cloud-enabled at several layers:

• Infrastructure – Infrastructure as a Service (IaaS)
• Platform – Platform as a Service (PaaS)
• Application – Software as a Service (SaaS)

Cloud infrastructure is generally easy to obtain, whether it is on Amazon’s public cloud or a VMware-powered private cloud; however, this takes advantage of only the most basic resource pooling benefits of cloud computing. By scaling at the application layer, a SaaS / PaaS solution enables true elasticity where servers can not only be easily brought online, but also brought into the worker pool to share tasks and then be redeployed when the tasks have been completed. Today, cloud-based elasticity at the SaaS and PaaS layers generally needs to be built directly into the archiving / e-discovery solution.

ZL Unified Archive®’s success as a scalable archiving and e-discovery solution (see IDC case study) is based on its ability to scale at the application and platform layers using ZL’s Globally Redundant, Integrated and Distributed (GRID^TM) platform and applications. The GRID^TM platform and protocol was developed by ZL to handle carrier-class Internet and mobile deployments that manage 100,000s of users and millions of emails per day for some of the world’s largest telecoms. This same technology allows ZL’s Fortune 500 customers to effectively manage hundreds of terabytes and billions of documents in the cloud.

If you are interested in learning more about scaling archiving and e-discovery in the cloud, please contact us at ZL Technologies for an in-depth discussion of offerings and case studies.  Or visit us at the upcoming IQPC conference for Oil and Gas Companies in Houston.  We will be there discussing both cloud computing on day 1 and how to move from reactive e-discovery to proactive e-discovery on day 2.  

Is There Any Privacy on Social Networking Sites?

1. The answer appears to depend on your privacy settings and the relevance of the data to a lawsuit.  Here are several recent cases and rules that illustrate the state of privacy on social networks today:
2. 1.  In Crispin v. Audigier, the court held that social network communications are private per the Stored Communications Act** (including wall postings that were limited to friends only) and not susceptible to subpoena.  “Moreover, the information the parties gave Judge McDermott establishes that Facebook wall postings and the MySpace comments are not strictly “public,” but are accessible only to those users plaintiff selects.”  Because the communications were private, the discovery was denied except for those messages/wall postings that are accessible to the public. 
3. 2.  In Sasqua v Courtney, the defendant argued that the plaintiff’s client list isn’t confidential since “virtually all personnel in the capital markets industry that Sasqua serves have their contact information on Bloomberg, LinkedIn, Facebook or other publicly available databases.”    In addition, this case has some fun facts (a family business, an uncle suing his niece and a live demonstration – on the stand – showing how to use the Internet to find prospective clients).  Check out more by reading the whole decision or this blog entry.    This is vastly different from a 2008 UK case that ordered an employee to hand over their Linkedin contacts when they left the company. 
4. 3.  In Romano v. Steelcase, the court ordered the plaintiff to deliver a consent that would allow the defendant to gain full access to the “Plaintiff’s current and historical Facebook and MySpace pages and accounts, including all deleted pages and related information.”   The court issued this ruling mainly because the Plaintiff placed her physical condition in controversy and the pages in question likely contained information directly relevant to her claims. 
5. 4.  The NY State Bar Association recently ruled that lawyers can view and utilize Myspace and Facebook profiles so long as they don’t gain access by ‘friending’ the person.  In other words, if your profile is accessible by the public then it is fair game for any litigation.  Specifically, the new rule states:  “A lawyer who represents a client in a pending litigation, and who has access to the Facebook or MySpace network used by another party in litigation, may access and review the public social network pages of that party to search for potential impeachment material. As long as the lawyer does not “friend” the other party or direct a third person to do so….” 
6. 5. In State v. Huertas, the defendant’s social network postings were used as evidence during the sentencing phase of her criminal case.  The judge noted that the postings showed a failure of the defendant to take responsibility for her actions after she gave drugs to a friend and then failed to seek help as her friend lay dying.    
7. 6.  Lastly, in the case of Cvent v. Eventbrite, the court ruled that public websites (those capable of being browsed by the public) are susceptible to scraping since the information is public (“scraping” is the methodical gathering of data from a website usually done by small programs that travel to the site, gather the data and send it back to the host).  While this is not about a social network, the same principles apply – namely that public information is fair game.  If you want more info on scraping, methods to stop it and the lawsuits around it, please see Eric Goldman’s blog. 

Although it is too early to find many hard and fast rules surrounding social networking sites and litigation, here are ones that are easy to spot:  1) Data from social networking sites is often used as evidence in lawsuits;  2) That data is discoverable (even deleted pages); and 3) Your best bet to quash a subpoena using the SCA is to make sure no information is completely public. 

Or maybe the answer is either to stop using Facebook entirely or just change your name. 

** The Crispin court also provided a nice overview of the cases involving the Stored Communications Act.  Here is a short synopsis from page 13 of the decision:  Viacom International Inc. v. Youtube Inc., 253 F.R.D. 256, 264 (S.D.N.Y. 2008) (the SCA prohibits disclosure of information pursuant to a civil subpoena because the Act “contains no exception for disclosure of such communications pursuant to civil discovery requests”); In re Subpoena Duces Tecum to AOL, LLC, 550 F.Supp.2d 606, 611 (E.D. Va. 2008) (“Applying the clear and unambiguous language of § 2702 to this case, AOL, a corporation that provides electronic communication services to the public, may not divulge the contents of the Rigsbys’ electronic communications to State Farm because the statutory language of the [SCA] does not include an exception for the disclosure of electronic communications pursuant to civil discovery   subpoenas”), etc.  For more information on the SCA, see this article. 

Related articles by Zemanta

• Deleted Facebook and MySpace Posts Are Discoverable–Romano v. Steelcase (ericgoldman.org)
• Do Your Social Networking Privacy Settings Matter If You Get Sued? (blogs.forbes.com)

Archiving Software is the Best Way to Handle eDiscovery

Barry Murphy’s recent post discussing whether file/email archiving software or ECM software is best for e-discovery reminded me of the little boat that Quint used in Jaws.  Mr. Murphy correctly points out that, “While ECM systems are closely connected to content-centric processes (think insurance claims management), the information deemed necessary could be archived (alongside email and other content) – and the archive could become the eDiscovery system of record.”   This is precisely what we are seeing in the market today.  Archiving solutions are being asked to ingest all document types including ECM files (like Sharepoint) so that there is one repository for all documents that need to be searched, culled and reviewed for e-discovery purposes.  And with the explosion of data inside large companies, this problem will only grow.  As most companies are realizing, when it comes to e-discovery – you are going to need a bigger boat.

Thanks for the awesome picture Steve!

Best Practices: Stopping “Precrime”

In the movie Minority Report, the fictitious Department of Precrime taps into the gifts of three people to identify potential crimes before they happen. The Department of Precrime is intent on stopping the crime from happening by intercepting the perpetrator before the crime occurs. In the movie this was impossible due to false positive prediction flaws in the system and (and Tom Cruise’s acting limitations); however, these reasons do not prevent the idea of stopping precrime from being of particular use to today’s enterprises.

Indeed, stopping electronic precrime is an integral part of an information governance strategy that is linked to eDiscovery, regulatory compliance, and internal investigations. This requires a scalable application that is well integrated into the organization’s IT infrastructure, and cannot be accomplished by standalone review and analysis tools that require manual collection. Forward thinking organizations are proactively monitoring email for compliance and halting offending email communications before they are delivered. 

ZL’s software proactively scans the organization’s email and content using our classification engine to identify potentially infringing documents for review. For email, this happens before the offending email is sent.  For file systems, we use our newly released Manage in Place GRID^TM application to give users vision into the documents before they are used in a courtroom or Senate investigation.  The ability to stop precrime fits into ZL’s information governance and eDiscovery solution set by giving insight into the documents housed within an organization, allowing early case assessment, and driving automatic document preservation and collection.

Goldman All Red Over Profanity

“boy, that timberwof was one s— deal.”

This one line tormented Goldman Sachs throughout the Senate’s investigation and is highlighted in recent bad press about their curse-laden culture.  Shockingly, these aren’t even as bad as it getswhen it comes to regrettable corporate e-mails that have been leaked to the press.  In response, Goldman Sachs has banned profanity from electronic communications, joining the ranks of Citigroup and J.P. Morgan Chase. Not a bad idea after losing $535M to the SEC in July.   

The lawsuit and investigation, which was in part based on Goldman’s own traders calling their deals “shi**y”, underlines the need for companies to review communications system-wide.  I am sure that Goldman is looking for software that can pre-review emails for certain phrases (like shi**y) and alert the sender and the sender’s management of the breach of policy.  Without that level of monitoring and review, employees can cost companies millions…and in this case, over half a billion. And any software that does this level of pre-review can go far beyond Goldman’s enforcement of their new curse code (or whatever they are calling it) and includes the protection of intellectual property, personal information, and general Data Loss Prevention.

People might see profanity censorship as draconian, yet this has become standard practice for many companies. Bloomberg LP says that it has monitored emails for over 10 years. As Kendall Coffee, former federal prosecutor says, “There is case after case of email disaster that is reported in newspapers or media, and you would think that the last thing any rational person would do would be to…use profanity in email, but it seems to be an unlearnable lesson.”

I agree and doubt there is any way to stop traders from using profanity.  But is it too much to hope that Goldman can learn to stop trying to f*!@ its investors?  We’ll see.

Best Practices: Manage Documents in Place and Collect Documents Automatically

One of the benefits at working at a relatively small technology company is the ability to interact with our large Fortune 100 customers.  In one of these discussions, a client mentioned their need to search for and collect documents that were not part of their archiving system.  In essence, the customer told me that they didn’t want to archive all the company’s documents but really wanted to search the documents and if they found them to be relevant to a lawsuit (for example), collect them for possible production.  Armed with this wish, our team created the Manage-in-Place and Automatic Document Collection modules that shipped with the latest ZL Unified Archive® release. 

Manage-in-Place provides organizations with complete information governance while leaving the document on the source file system.  This module allows our clients to search and analyze petabytes of data on disparate file servers without the need to archive that data.  Our client can now use this module to search for and analyze their data at the touch of a button and to perform true early case assessment before a lawsuit has been filed or discovery requests served. 

Once the documents have been searched for, analyzed and found to be potentially relevant, our new Automatic Document Collection module copies the files (with metadata intact of course) into the archive.  The client does not need to ask for the IT Department’s help or hire an expensive eDiscovery vendor to perform a manual collection – now it is all automatic.  And because the data is preserved for litigation so quickly there is little chance of a spoliation sanction.    

Here are ways to use the new modules:

• Early Case Assessment: By proactively analyzing the organizations data, users can quickly zero in on relevant data for any litigation, identifying information and then launching automatic collection and preservation tasks that take days instead of months to compete.
• Automatic Custodian-based Collection: Collection is a major eDiscovery challenge since networked files are often not as easily delineated by user as compared to user mailboxes. With ZL Manage-in-Place, a custodian map is created for all files managed in place to enable search and collection by custodian. This can be used for custodian-based collections and is supported by integration with user directories (e.g. Active Directory, LDAP) and file systems (Windows / CIFS, NFS, etc.).
• Automatic Matter-based Collection: For targeted investigations, ZL’s matter-based collection uses keywords, date ranges and other query parameters to target data for collection across the entire organization.  Matter-based collection can be used to identify just the data to be collected and to identify custodians whose data should be included in any collection.  

I am really excited about these innovations because implementing these features will have a dramatic effect on improving our clients’ eDiscovery efficiency.

Is it Possible to hide a Document Anymore?

 In the past, when a company was sued and received onerous discovery requests for “all documents,” they might simply open up their warehouse filled with boxes of documents and tell the opposing party that they have free reign to search for relevant documents.  And as many in the legal world may recall, this could be successful in hiding documents.   However, a recent post on www.appliedediscovery.com and others makes me think that companies can no longer hide smoking gun documents.

As Toyota, BP and countless other companies know, even if they don’t produce a document to a regulatory body or an opposing counsel, some whistle blowing employees will release the document anyway. For example, see here and here.    Or, as the White House learned, a FOIA request can show some questionable activities. 

Even without whistle blowers and FOIA requests, it is important to remember that when it comes to electronic documents, there is almost always going to be a copy outside of your control.  For example:  Emails that make it outside of the organizations servers can be very difficult and sometimes impossible to find; and backups allow records to be restored even if the data was purposefully deleted from the active platform.  In addition, most of the onerous spoliation sanctions come from the evidence left behind when a party tries (or succeeds) in destroying data.  For example, see TR Investors, LLC v. Genger (an owner of the TRI business was fined $750,000 as a result of ordering his IT consultant to clean out his hard drive which resulted in the inability to produce ten relevant documents in court). 

The best way to deal with the potential of smoking gun emails is to establish appropriate retention policies and consistently delete documents. The risks involved with attempting to hide an email or electronic file are far greater than any potential reward.

Departing Employees and the Importance of Saving Their ESI

Virginia Henschel of Lexis Nexis wrote an interesting piece on the perverse logic of the New Hampshire Attorney General’s Office ESI (non)retention policy.  She is right that government agencies can’t just delete their departed employees’ ESI.  Private corporations can’t hide their heads in the sand either.

Although there are too many examples of sanctions for failing to preserve departed employees’ ESI for just one blog post, I must point out that in May, FINRA fined Piper Jaffray $700,000 for email retention failures and disclosure violations. And this wasn’t Piper Jaffray’s first time through the wringer. Back in December of 2002, leading investment houses including Goldman Sachs, Morgan Stanley, Deutsche Bank, and Piper Jaffray failed to preserve e-mail and were fined a total of $8.25M . As FINRA reports on Piper Jaffray (emphasis mine):

FINRA discovered Piper Jaffray’s continuing email retention deficiencies when its investigators requested all emails sent or received by a former firm employee suspected of misconduct…When reviewing the CD-ROM’s contents, however, FINRA discovered that one particular email was not produced that investigators had already obtained in hard copy form…Only after further inquiries about that missing email did the firm finally inform FINRA of the intermittent email retention and retrieval issues it had been experiencing firmwide…

It is clear that retaining departed employees’ ESI is an essential component of any good enterprise-wide records management, compliance and eDiscovery system. Employees leaving the company present a formidable compliance challenge for companies and government agencies.  Many companies mistakenly rely on their IT departments to save the hard-drives of the departing employees as well as the departing employee’s mailbox and network drive ESI.  Not only does this waste corporate resources (do you really need all that data?  for how long?), it is also creates increased legal and compliance risk.

I believe that a robust file and e-mail archiving system is needed to ensure 100% capture and storage of this type of ESI.  This system must be customizable so that an organization can consider legal and economic factors to ensure that information is retained as long as necessary, but no longer. Just because ESI can be deleted at the click of a button does not mean you aren’t responsible for it. Many will learn this lesson the hard way, while the ones who are prepared will save significant time and money.