LITIGATION SUPPORT TIP OF THE NIGHT

This past week, the Court of Appeals of Nevada issued a decision, Scott v. State, No. 77456-COA, 2020 Nev. App. Unpub. LEXIS 108 (Nev. Feb. 11, 2020), affirming a judgment of conviction for conspiracy to commit robbery, robbery, and grand larceny.

The victim in this case tried to use Mycelium, a smartphone app, to purchase a Bitcoin from Scott. He subsequently met Scott at a Target store to exchange $20,000 in cash for the bitcoin. After cancelling the deal when Scott proved unable to transfer the Bitcoin, the victim was robbed shortly afterwards at a McDonald's by Scott and a second man who stole his laptop, phones, and truck. (The victim passed the cash to his wife before he was robbed.) Detectives were able to identity Scott and the other man by searching for their phone numbers on Facebook, and other databases used by law enforcement. They then used Mycelium to contact Scott on the pretext of purchasing Bitcoins, and arrested him at a face-to-face meeting at a casino.

The basis for Scott's appeal was the admission of unauthenticated of several different types of evidence by the district court.

1. Scott claims that it was an abuse of discretion to allow the entry of exhibits showing screen shots from a tracking app that indicated the location of a stolen phone, because he was not knowledgeable enough about GPS to authenticate the exhibits. The Court found that there was no abuse of discretion because , "[t]he victim testified that he was able to track his phones using a Google phone tracking app; he used this technology on a daily or regular basis; he found it to be very accurate; the app could depict timelines that showed where his phones had been; and Exhibits 15, 17, and 18 were screen shots of those timelines." Id. at *8. The Court also ruled the exhibits should not be considered hearsay, as they were machine statements.

2. Scott also contested the admission of exhibits of his Facebook profile because the State did not show how the ESI was acquired with factual specificity, despite his failure to object to the admission of the exhibits at trial. The Court concluded there was no plain error. The exhibits were also ruled not be hearsay because they were used to support a detective's testimony about actions he took during the investigation - they were offered to show they were made, they were not offered for their truth.

3. The admission of a screenshot showing a money transfer made with a Wells Fargo app without objection, was also found to not be plain error.

4. Scott also asserted that the district court abused its discretion by allowing the admission of text messages. The messages were not authenticated by showing the author and recipients. Because an objection was not made at trial, there was no plain error. "[T]he State was not required to 'provide sufficient direct or circumstantial corroborating evidence of authorship in order to authenticate' the text messages. Rodriguez v. State, 128 Nev. 155,162 (2012)" Id. at *11-12.

5. The Court also rejected Scott's claim that there was abuse of discretion in allowing opinion testimony by lay witnesses because the detectives were allowed to testify about events shown on surveillance videos.

Last week, Judge Jesse M. Furman issued a decision, City of Providence v. Bats Global Markets, 14-CV-2811 (JMF), 2020 U.S. Dist. LEXIS 23726 (S.D.N.Y. Feb. 6. 2020), concluding that language proposed by Defendants for an ESI stipulation was unnecessary. The basis of the decision was a letter from the head of the SEC's Division of Trading and Markets to the Court in which it stated its opinion that the 'Regulation Systems Compliance and Integrity' did not apply to produced information from an audit trail of an exchange order. The Regulation SCI covers all national securities exchanges and requires that their trading systems have adequate security, capacity, and integrity. The exchanges and other entities covered by Regulation SCI are also required to report security breaches and system disruptions.

The SEC's letter states that, "In the Division's view, Regulation SCI does not apply to the handling of information that has been extracted in an authorized manner from an individual exchange's order audit trail or other market regulation system. Such information produced and stored for purposes of document discovery in litigation would not be an SCI system and thus would not be subject to the requirements of Regulation SCI." Id. at *10-11. However, the SEC recommended that non-public information from the audit trail, such as the exchange member's name, should be covered by the same protocols used in a case for confidential information.

The Court also ruled that 30(b)(6) depositions could be taken before production was completed.

A year ago, the Illinois Supreme Court issued a decision, Rosenbach v. Six Flags Entm't Corp., 129 N.E.3d 1197 (Ill. 2019), reversing a lower court decision on an interlocutory appeal, and held that a plaintiff can bring an action under the Illinois Biometric Information Privacy Act even if he or she has not suffered an injury other than a violation of his or her rights under the Act. The Act restricts private parties from collecting, storing, or disclosing biometric information (fingerprints; retinal scans; voice recordings; etc.).

Six Flags uses fingerprint scanners to control who can enter their theme parks. The Plaintiff's teenage son got a season pass card to a Six Flags park which allowed him to enter the park when used in conjunction with a scan of his thumbprint. Neither the boy nor his parents signed a document agreeing to a release of his biometric information and Six Flags did not give them any documentation. The fact that Six Flags would retain the fingerprint was not disclosed.

The Illinois Supreme Court found that the violation of a legal right is sufficient to qualify an individual as an aggrieved party. ". . . when a private entity fails to comply with one of [the Act's] requirements, that violation constitutes an invasion, impairment, or denial of the statutory rights of any person or customer whose biometric identifier or biometric information is subject to the breach . . . No additional consequences need be pleaded or proved. The violation, in itself, is sufficient to support the individual's or customer's statutory cause of action." Id. at *1206. The Act requires notice and must give people the ability to withhold consent. Its purpose is to protect the public welfare and safety by safeguarding biometric information, not just redress actual damage.

"When a private entity fails to adhere to the statutory procedures, as defendants are alleged to have done here, 'the right of the individual to maintain [his or] her biometric privacy vanishes into thin air. The precise harm the Illinois legislature sought to prevent is then realized.' This is no mere 'technicality.' The injury is real and significant." Id., (quoting Patel v. Facebook, Inc., 290 F. Supp. 3d 948, 954 (N.D. Cal. 2018)).