Thanks to the IoT, This Isn't 2006's E-Discovery
FTI's Jake Frazier and Relativity's David Horrigan break down why internet of things discovery is different, preservation issues and more ahead of a Legalweek panel.
January 18, 2018 at 08:00 AM
7 minute read
It's been about a decade and a half since the original Sedona Principles and Judge Shira Scheindlin's decision in Zubulake v. UBS Warburg. It's been a little less than that since the 2006 amendments to the Federal Rules of Civil Procedure. Attorneys have this e-discovery thing down by this point, right?
Not so fast. As the world changes and technology along with it, so too does the practice of e-discovery. These days, the issue isn't limited to how to collect emails. Now, e-discovery practitioners must grapple with social media, internet chat, text messages, and other data that those in 2003 couldn't have even dreamed of.
And the next wave of this data is already here: the internet of things (IoT). Sure, you know how to collect Facebook posts, but what about, say, driving data from internet-connected cars? Or what somebody says to Apple's Siri assistant? In the connected universe, there exists a whole host of issues concerning the collection, preservation and production of this massive amount of data.
A session on Jan. 31 at the Legaltech conference during Legalweek New York 2018, titled “From the Iron Rooster to Amazon Alexa: Mobile Discovery and the Internet of Things,” will explore the legal, technical and practical considerations of mobile, social and IoT data. The panel includes a former Department of Justice cybercrime coordinator (Ed McAndrew), a prominent discovery attorney (Kelly Twigger), a corporate information governance expert (Jake Frazier), and a leading legal industry analyst (Ari Kaplan), with Relativity's David Horrigan moderating.
Ahead of the panel, LTN spoke with Frazier and Horrigan to get their takes about what makes IoT discovery so different, what the new paradigm means for planning and preservation, and more.
LTN: What exactly makes IoT device discovery different from everyday e-discovery?
Frazier: IoT device discovery can contain information that Americans would consider to be extremely private and/or sensitive. This can include an individual's TV viewing habits, their internet searching habits, where they've physically been via geotracking, as well as data that may be picked up by Siri, Alexa or other “always listening” home devices. The more we integrate technology into our everyday lives and personalize it to make our lives easier, the more this technology can reveal about us.
Horrigan: Both the types of data and the location of the data make IoT data different. Although e-discovery is still bewildering to many lawyers and legal teams, in 2018, most practitioners specializing in e-discovery have sophisticated workflows to handle discovery of email. IoT presents new challenges. As it often does, technology has changed the rules of the ball game—figuratively, and sometimes literally. For instance, Fed. R. Evid. 902 was amended last month with new provisions for authentication of electronic data. In addition, although electronic discovery has traditionally been considered the domain of complex commercial litigation, as we'll see from the cases we're discussing at Legaltech, IoT is helping make e-discovery an important part of criminal practice as well.
LTN: There are some cases involving some devices that most attorneys would understand have data (Fitbit, Alexa), but some others (like trucks) some wouldn't even think to check. How does the IoT change the way attorneys prepare for the discovery process by identifying data sources?
Frazier: Lawyers may have a false sense of security when they use old forms that only ask about “desktops, phones, file shares and email.” Legal teams should consider evaluating their e-discovery questionnaires to make sure they are incorporating potential IoT data early in the process. Relying on questionnaires from the “good old days” may leave them blindsided.
Horrigan: That's a great point, because IoT comes in all shapes and sizes. With the extensive publicity surrounding Amazon Echo's Alexa in State v. Bates and to a lesser extent, the Fitbit data in State v. Dabate, many lawyers and clients are on notice that IoT data are potentially discoverable in court. But a 2005 GMC pick-up truck? It's why Below v. Yokohama Tire is such an interesting case. In litigation over a tire blow-out, just about any practitioner would know you need to preserve the tire and mechanical equipment, but ESI from a vintage truck might not be on counsel's radar. Legal teams may want to cast a wider net, but you've also got the proportionality provisions in FRCP Rule 26(b)(1) from the 2015 amendments. You can't simply request everything and the kitchen sink; you've got to be strategic about it.
The preservation question is an interesting one to me. With so many sources of data with the IoT, does counsel need to adjust their preservation requirements at all to hold it all, or can it be included neatly in pre-existing policies?
Frazier: It may depend on how advanced the corporate client is in their information governance. As part of an information governance program, corporations can evaluate IoT data and develop policies to ensure that they are not logging a bunch of extraneous data they don't have a need for, and work with IT to ensure that those logs aren't turned on.
Horrigan: No matter how neatly they're included in pre-existing policies, boilerplate discovery requests—and responses—aren't going to cut it. As Craig Ball noted recently, when private counsel for President Donald Trump sent a cease and desist letter to the publishers of the recent book, “Fire and Fury: Inside the Trump White House,” for their preservation provisions, they apparently borrowed heavily from an exemplar Craig had created years ago. In an ironic twist, because the preservation exemplar was created over a decade ago, the demand from a famously tweeting president didn't include preservation provisions for Twitter. Second, as U.S. Magistrate Judge Andrew Peck [of the Southern District of New York] noted last year in Fischer v. Forrest, boilerplate responses to discovery responses won't get you very far either. In fact, they're prohibited specifically by the 2015 amendments to FRCP Rule 34.
What's one key takeaway that you want attendees to take from the panel?
Frazier: Start discussing your IoT policy now. These devices aren't perfect. There are some well-documented cases where first-generation IoT devices all had the same username and password, or that the manufacturer published the password online for all to see and access. And, some of these IoT devices allow for remote access for technical support, which could potentially lead to discovery issues. Having your IoT policy in place can act as a forcing function for the company to examine how these devices work, to educate employees on the risks, and to develop an information governance strategy that incorporates IoT data.
Horrigan: Perhaps the biggest takeaway is that IoT, mobile and social data can affect your case even when you least expect it. In formulating our panel for Legaltech at Legalweek, we've tried to cover all the bases. Jake Frazer of FTI Consulting Inc. brings corporate expertise, while Ed McAndrew of Ballard Spahr LLP will give both a complex commercial litigation perspective and cover criminal law considerations from his years with the U.S. Department of Justice. Ari Kaplan of Ari Kaplan Advisors will give us some insight gained from his surveys and studies, and Kelly Twigger of ESI Attorneys will provide perspectives from practitioners of all sizes. I like to think we've covered all the bases—or as many as we can in the 2018 world of the internet of things and mobile and social data.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllTrending Stories
- 1Call for Nominations: Elite Trial Lawyers 2025
- 2Senate Judiciary Dems Release Report on Supreme Court Ethics
- 3Senate Confirms Last 2 of Biden's California Judicial Nominees
- 4Morrison & Foerster Doles Out Year-End and Special Bonuses, Raises Base Compensation for Associates
- 5Tom Girardi to Surrender to Federal Authorities on Jan. 7
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250