The Modern Archivist

CA Supreme Court allows warrantless cell phone searches

Even though you aren’t likely to be arrested anytime soon, a recent California Supreme Court decision may cause you to rethink where you carry your cell phone in the event you encounter police.  The Court’s recent decision in People v. Diaz broadened the Fourth Amendment’s warrantless search exception to allow an arresting officer to search the content of an arrestee’s cell phone if it is found on the arrestee’s person.  And, the search doesn’t have to be conducted at the time of the arrest; the search can be postponed until after the arrestee is safe and secure at the station.  The lesson, at least at this juncture:  don’t keep your cell phone in your pocket and make sure it is password protected. 

In Diaz, the police seized defendant’s cell phone while he was at the sheriff’s station following his arrest for a drug deal.  Ninety minutes after being arrested, the police searched the contents of defendant’s phone and found an incriminating text message that resulted in the defendant’s admission that he participated in the drug deal.  Note that the police manipulated the defendant’s phone (exactly how was not clarified) to find the message.  The California Supreme Court affirmed both lower courts’ decisions that seizure and search of the contents of the cell phone was valid under the Fourth Amendment.

The Court reasoned that because the phone was immediately associated with the defendant’s person, the police were entitled to not just seize the phone, but to inspect its contents as well.  The Court paid little heed to the phone being searched 90 minutes after defendant’s arrest and after the phone had been seized.  Nor did concerns for exigency (i.e. destruction of evidence or the threat of a weapon that could be used against the police) appear to have been a factor in the Court’s decision.  Lastly, the Court paid little heed to the character of device (that it was a cell phone) or the sheer quantity of personal information that could be (and likely was) contained within the device.  Rather, the decision hinged on three U.S. Supreme Court cases from the early 1970’s – when rotary phones were “modern technology” and answering machines were not even a household item.  United States v. Robinson, 414 U.S. 218, 224 (1973); United States v. Edwards, 415 U.S. 800, 802-803 (1974); and United States v. Chadwick, 433 U.S. 1, 14-15 (1977). 

The dissent noted these technological distinctions and stated:  “The potential impairment to privacy if arrestees’ mobile phones and handheld computers are treated like clothing or cigarette packages, fully searchable without probable cause or a warrant, is correspondingly great.”  See top of Page 25 here.  There is a large amount of data that can be stored on a smart phone, which won’t be decreasing anytime soon.  Moreover, the dissent argued that the grounds for a loss of privacy rights in the person do not apply to that person’s privacy interest in data – personal or business – stored on their electronic devices; privacy of data stored on a device is distinct from the person of the arrestee.

A notable concern that arises from the Diaz holding:  in the days of wireless communication, are there any foreseeable limits to this warrantless search exception?  I’ll note again, for the overly concerned reader, that the majority of us will never be arrested.  But, in those random and rare circumstances where you are arrested for having too many unpaid parking tickets, failing to wear your seatbelt or some equally bizarre situation, should your cell phone or small computer be seized and searched without a warrant following a lawful arrest, what are the limitations?  What private information can be obtained from it and ultimately used against you?  And, what if it’s a phone or computer issued by your employer?  Is the employer’s information subject to police whims?  At least for the time, perhaps it’s better to keep your phone in your glove box or brief case and always keep it password protected.

Tags: Discovery, e-discovery, e-discovery software, records management

E-Mail Retention Policies

While corporate retention policies are not a new concept, the implementation of e-mail retention policies impact employees in an instant, everyday fashion. If not properly implemented, new document retention policies can frustrate employees by deleting documents that the employees expect to find.  But the answer cannot be to have each employee categorize each document individually – that will never happen.  Instead, the ideal solution for organizations is to have technology that can automatically classify all electronic documents into specific retention policies in standardized ways.  This technology can easily determine which e-mails are about attending the Giants victory parade (go Giants!) and therefore should be eliminated after only 90 days and which are about giant plans for growth and therefore should be saved for a longer time period.  These policies can be customized based on each organization’s specific needs, and automated to ensure a fully defensible, standardized process.

Want to learn more?

ZL Technologies will be live at this weekend’s ARMA Conference in San Francisco. We will be at booth 829, ready to talk to you about the ways we can help your organization achieve this sort of comprehensive and defensible e-mail retention policy.

Adam Sand, General Counsel of ZL, will discuss document retention policies and how to ensure success for enterprises deploying archiving solutions on Sunday, November 7^th. Mr. Sand will be speaking from 2:30 to 3:45pm in Speaking Room #350, Moscone Expo Hall.

Hope to see you there.

Tags: records management, retention

Is There Any Privacy on Social Networking Sites?

1. The answer appears to depend on your privacy settings and the relevance of the data to a lawsuit.  Here are several recent cases and rules that illustrate the state of privacy on social networks today:
2. 1.  In Crispin v. Audigier, the court held that social network communications are private per the Stored Communications Act** (including wall postings that were limited to friends only) and not susceptible to subpoena.  “Moreover, the information the parties gave Judge McDermott establishes that Facebook wall postings and the MySpace comments are not strictly “public,” but are accessible only to those users plaintiff selects.”  Because the communications were private, the discovery was denied except for those messages/wall postings that are accessible to the public. 
3. 2.  In Sasqua v Courtney, the defendant argued that the plaintiff’s client list isn’t confidential since “virtually all personnel in the capital markets industry that Sasqua serves have their contact information on Bloomberg, LinkedIn, Facebook or other publicly available databases.”    In addition, this case has some fun facts (a family business, an uncle suing his niece and a live demonstration – on the stand – showing how to use the Internet to find prospective clients).  Check out more by reading the whole decision or this blog entry.    This is vastly different from a 2008 UK case that ordered an employee to hand over their Linkedin contacts when they left the company. 
4. 3.  In Romano v. Steelcase, the court ordered the plaintiff to deliver a consent that would allow the defendant to gain full access to the “Plaintiff’s current and historical Facebook and MySpace pages and accounts, including all deleted pages and related information.”   The court issued this ruling mainly because the Plaintiff placed her physical condition in controversy and the pages in question likely contained information directly relevant to her claims. 
5. 4.  The NY State Bar Association recently ruled that lawyers can view and utilize Myspace and Facebook profiles so long as they don’t gain access by ‘friending’ the person.  In other words, if your profile is accessible by the public then it is fair game for any litigation.  Specifically, the new rule states:  “A lawyer who represents a client in a pending litigation, and who has access to the Facebook or MySpace network used by another party in litigation, may access and review the public social network pages of that party to search for potential impeachment material. As long as the lawyer does not “friend” the other party or direct a third person to do so….” 
6. 5. In State v. Huertas, the defendant’s social network postings were used as evidence during the sentencing phase of her criminal case.  The judge noted that the postings showed a failure of the defendant to take responsibility for her actions after she gave drugs to a friend and then failed to seek help as her friend lay dying.    
7. 6.  Lastly, in the case of Cvent v. Eventbrite, the court ruled that public websites (those capable of being browsed by the public) are susceptible to scraping since the information is public (“scraping” is the methodical gathering of data from a website usually done by small programs that travel to the site, gather the data and send it back to the host).  While this is not about a social network, the same principles apply – namely that public information is fair game.  If you want more info on scraping, methods to stop it and the lawsuits around it, please see Eric Goldman’s blog. 

Although it is too early to find many hard and fast rules surrounding social networking sites and litigation, here are ones that are easy to spot:  1) Data from social networking sites is often used as evidence in lawsuits;  2) That data is discoverable (even deleted pages); and 3) Your best bet to quash a subpoena using the SCA is to make sure no information is completely public. 

Or maybe the answer is either to stop using Facebook entirely or just change your name. 

** The Crispin court also provided a nice overview of the cases involving the Stored Communications Act.  Here is a short synopsis from page 13 of the decision:  Viacom International Inc. v. Youtube Inc., 253 F.R.D. 256, 264 (S.D.N.Y. 2008) (the SCA prohibits disclosure of information pursuant to a civil subpoena because the Act “contains no exception for disclosure of such communications pursuant to civil discovery requests”); In re Subpoena Duces Tecum to AOL, LLC, 550 F.Supp.2d 606, 611 (E.D. Va. 2008) (“Applying the clear and unambiguous language of § 2702 to this case, AOL, a corporation that provides electronic communication services to the public, may not divulge the contents of the Rigsbys’ electronic communications to State Farm because the statutory language of the [SCA] does not include an exception for the disclosure of electronic communications pursuant to civil discovery   subpoenas”), etc.  For more information on the SCA, see this article. 

Related articles by Zemanta

• Deleted Facebook and MySpace Posts Are Discoverable–Romano v. Steelcase (ericgoldman.org)
• Do Your Social Networking Privacy Settings Matter If You Get Sued? (blogs.forbes.com)

Tags: Discovery, e-discovery, electronic records, Employment, records management

Multinational Corporations Beware – EU In-House Attorneys CANNOT Create Privilege

 

In a recent decision, the European Court of Justice confirmed that communications between the company and in-house lawyers are not protected from disclosure or discovery.

London solicitor J. Daniel Fitz, former chairman of the ACC, stated “The ECJ ruling has serious ramifications as it denies in-house attorneys and multinational businesses in Europe and elsewhere the critical legal counsel on competition law matters that companies working in today’s global legalmarketplace require.”  Similarly, the Guardian’s Julianne O’Leary believes that this is an unjustified knock against in-house counsels, who will be unable to do their jobs effectively — that is to provide sound legal advice to their employers. Law.com’s Marcia Coyle agrees in that the ruling is “a blow to multinational businesses”.

The ruling holds that privilege will only be granted pertaining to “independent lawyers,” that is “lawyers who are not bound to the client by a relationship of employment.” 

Specifially, the ruling states: 

1.  Extending privilege requires “the position and status as an independent lawyer, which must be fulfilled by the legal adviser from whom the written communications which may be protected emanate… that is to say one who is not bound to his client by a relationship of employment.”

2.  “It follows that the requirement of independence means the absence of any employment relationship between the lawyer and his client, so that legal professional privilege does not cover exchanges within a company or group with in-house lawyers.”

3.  “[A]n in-house lawyer cannot, whatever guarantees he has in the exercise of his profession, be treated in the same way as an external lawyer, because he occupies the position of an employee which, by its very nature, does not allow him to ignore the commercial strategies pursued by his employer, and thereby affects his ability to exercise professional independence.”

4.  “It follows, both from the in-house lawyer’s economic dependence and the close ties with his employer, that he does not enjoy a level of professional independence comparable to that of an external lawyer.”

There can be no doubt that this ruling will dramatically reduce the abilities of EU in-house counsel to provide legal advice as sure as it will force companies to lean on outside counsel more often.  And for multinational corporations this could also lead to an increase in a new inhouse lawyer position based in New York but focused on EU legal issues. 

Tags: Business, Competition law, Corporation, e-discovery, electronic records, Employment, European Court of Justice, European Union, Law, Lawyer, litigation discovery, records management

Does Congress Really Want More Lawsuits?

In 2007 and 2008 the Supreme Court made two rulings the plaintiff‘s bar could not stomach, Ashcroft v. Iqbal and Bell Atlantic v. Twombly.  As Lisa Rickard from Townhall.com points out, the Supreme Court aimed to establish that “plaintiffs should not sue someone and subject a defendant to the costs and burdens of litigation if there is no plausible basis for their claims.” Seems pretty reasonable to me. 

But last November, Representative Jerrold Nadler from New York, introduced H.R. 4115: Open Access to Courts Act of 2009. The law “prohibits a U.S. district court from dismissing a complaint: (1) unless it appears beyond doubt that the plaintiff can prove no set of facts in support of the claim which would entitle the plaintiff to relief; or (2) on the basis of a determination by the judge that the factual contents of the complaint do not show the plaintiff’s claim to be plausible or are insufficient to warrant a reasonable interference that the defendant is liable for the misconduct alleged.”  Whoa.   

In effect, Mr. Nadler aims to open the floodgates of litigation by imposing the burden on the defendant to prove “…beyond doubt that the plaintiff can prove no set of facts in support of the claim…” In an era of ever increasing litigation, with docket’s backed up for years, frivolous lawsuits around every corner, and with people even suing themselves…it may be wise to continue to use a judge’s discretion when there exists no plausible basis for an expensive lawsuit.

If the law passes, there would be no barrier to entry for potential litigation. The average person could play the Lawsuit Lottery: posting frivolous lawsuits until a corporation settles under the weight of potential discovery. Perhaps, if plaintiffs were penalized with the cost of litigation in the event they lose, the liability would give them adequate exposure to litigation risk and mitigate frivolous lawsuits. But the way the system is right now, H.R. 4115 will only exacerbate an already cramped situation.  What do you think? 

Tags: e-discovery, e-discovery costs, Lawsuit, records management

Archiving Software is the Best Way to Handle eDiscovery

Barry Murphy’s recent post discussing whether file/email archiving software or ECM software is best for e-discovery reminded me of the little boat that Quint used in Jaws.  Mr. Murphy correctly points out that, “While ECM systems are closely connected to content-centric processes (think insurance claims management), the information deemed necessary could be archived (alongside email and other content) – and the archive could become the eDiscovery system of record.”   This is precisely what we are seeing in the market today.  Archiving solutions are being asked to ingest all document types including ECM files (like Sharepoint) so that there is one repository for all documents that need to be searched, culled and reviewed for e-discovery purposes.  And with the explosion of data inside large companies, this problem will only grow.  As most companies are realizing, when it comes to e-discovery – you are going to need a bigger boat.

Thanks for the awesome picture Steve!

Tags: Discovery, e-discovery, e-discovery search, e-discovery software, electronic records, litigation discovery, records management

Social media is now in a relationship with e-discovery

Maybe it wasn’t love at first site, but there can be no question that the two are now firmly in each other’s arms.  But don’t take my word for it.  Check out the updated state of Florida record-keeping regulations here.   It used to be that e-discovery evidence and records were to be found in Word, Excel or email files.  But the state of Florida has expanded their definition of electronic records to include those made by “email, instant messaging, text messaging (such as SMS, Blackberry PIN, etc), multimedia messaging (such as MMS), chat messaging, social networking (such as Facebook, Twitter, etc.), or any other current or future electronic messaging technology or device.” 

Courts have also found that social media and e-discovery are made for each other.  For example:

• In Monster Worldwide, Inc. v. HR Guru.biz, HR Guru issued counter-claims that allege Monster Worldwide created and maintained a FaceBook page and Twitter account that infringes trademarks and constitutes an unfair business practice;
• In TEKsystems v. Brelyn Hammernik et al, Teksystems  alleges that three former employees breached their non-compete agreements by using LinkedIn to contact current employees;
• In Bass v Miss Porter’s School , the court found that the content of Plaintiff’s Facebook usage was relevant to both the liability and damages phase of the lawsuit; and   
• In Horizon Group Management v Amanda Bonnen, alleges that defendant tweeted about her “moldy apartment” which defamed apartment management. 

And these are just the tip of the iceberg.  Attorneys that specialize in employment and divorce in particular are keen to exploit social media evidence.  Isn’t young love grand?

Tags: e-discovery, e-discovery software, records management, social media

Best Practices: Stopping “Precrime”

In the movie Minority Report, the fictitious Department of Precrime taps into the gifts of three people to identify potential crimes before they happen. The Department of Precrime is intent on stopping the crime from happening by intercepting the perpetrator before the crime occurs. In the movie this was impossible due to false positive prediction flaws in the system and (and Tom Cruise’s acting limitations); however, these reasons do not prevent the idea of stopping precrime from being of particular use to today’s enterprises.

Indeed, stopping electronic precrime is an integral part of an information governance strategy that is linked to eDiscovery, regulatory compliance, and internal investigations. This requires a scalable application that is well integrated into the organization’s IT infrastructure, and cannot be accomplished by standalone review and analysis tools that require manual collection. Forward thinking organizations are proactively monitoring email for compliance and halting offending email communications before they are delivered. 

ZL’s software proactively scans the organization’s email and content using our classification engine to identify potentially infringing documents for review. For email, this happens before the offending email is sent.  For file systems, we use our newly released Manage in Place GRID^TM application to give users vision into the documents before they are used in a courtroom or Senate investigation.  The ability to stop precrime fits into ZL’s information governance and eDiscovery solution set by giving insight into the documents housed within an organization, allowing early case assessment, and driving automatic document preservation and collection.

Tags: analysis, Discovery, Preservation, records management

Electronic Privacy and the Vast Machine

Last week, the Saudi Arabian government announced their intention to block BlackBerry service, claiming that the BlackBerry producer Research in Motion (RIM) had failed to “meet the regulatory requirements of the [government] commission.” The statement did not elaborate much further. This announcement came after the United Arab Emirates had recently decided to suspend BlackBerry service for the benefit of national security. Other countries such as Indonesia and India have expressed similar interest in limiting Smartphone communications as well.

Over the weekend, RIM came to an agreement with Saudi Arabia to place servers inside the Middle Eastern kingdom in order to avoid a ban on service. Saudi officials will now be capable of reviewing messages from BlackBerry products in efforts to curb whatever they deem to be illegal activity.

This agreement creates a dangerous precedent for other governments in the region, and anywhere else in the world.  They will undoubtedly compel all smartphone producers to provide full access to previously encrypted, private information (if they haven‘t already).  Just like RIM, they won’t have any real choice.

The grim reality is that personal emails were (still are?) being read by employers and agents of supposed “free democratic” societies such as the United States. And employees already know that their emails and communications are capable of being read by their employers.  Indeed, there exists very little expectation of privacy for anything online, and the fact that messages are sent on personal phones does not change this reality. In this way, I appreciate that Saudi Arabia and UAE are open and forthcoming about their intentions.

Will individuals begin to behave differently because they are aware that they are being watched?  As it becomes increasingly apparent that someone may be (likely is) reviewing electronic communications, we could simply limit the quantity or type of information we view and share (this will be the virtual panopticon).  Or will we reverse course?  The increasing abundance of data could create a sense of “that couldn’t happen to me” because of such an overwhelming base of information (the ostrich defense?).

Whatever the outcome, don’t be fooled into thinking that the original desire of the Saudi government to review emails is something new, or something limited to oppressive Middle Eastern regimes – privacy is a shared illusion worldwide.

Tags: electronic records, legal discovery, litigation discovery, records management, smoking gun documents

Goldman All Red Over Profanity

 

“boy, that timberwof was one s— deal.”

This one line tormented Goldman Sachs throughout the Senate’s investigation and is highlighted in recent bad press about their curse-laden culture.  Shockingly, these aren’t even as bad as it getswhen it comes to regrettable corporate e-mails that have been leaked to the press.  In response, Goldman Sachs has banned profanity from electronic communications, joining the ranks of Citigroup and J.P. Morgan Chase. Not a bad idea after losing $535M to the SEC in July.   

The lawsuit and investigation, which was in part based on Goldman’s own traders calling their deals “shi**y”, underlines the need for companies to review communications system-wide.  I am sure that Goldman is looking for software that can pre-review emails for certain phrases (like shi**y) and alert the sender and the sender’s management of the breach of policy.  Without that level of monitoring and review, employees can cost companies millions…and in this case, over half a billion. And any software that does this level of pre-review can go far beyond Goldman’s enforcement of their new curse code (or whatever they are calling it) and includes the protection of intellectual property, personal information, and general Data Loss Prevention.

People might see profanity censorship as draconian, yet this has become standard practice for many companies. Bloomberg LP says that it has monitored emails for over 10 years. As Kendall Coffee, former federal prosecutor says, “There is case after case of email disaster that is reported in newspapers or media, and you would think that the last thing any rational person would do would be to…use profanity in email, but it seems to be an unlearnable lesson.”

I agree and doubt there is any way to stop traders from using profanity.  But is it too much to hope that Goldman can learn to stop trying to f*!@ its investors?  We’ll see.

Tags: Discovery, e-discovery search, electronic records, Preservation, records management, review