LITIGATION SUPPORT TIP OF THE NIGHT

Today, the Pennsylvania Superior Court, the intermediate appellate court in the Keystone State, issued a decision affirming a lower court's approval of a motion to compel a defendant in a criminal case to provide the password for a TrueCrypt encrypted computer. Commonwealth v. Davis, 2017 Pa. Super. LEXIS 968.

A special agent of the attorney general's office received a file from a particular IP address through a peer to peer connection on a file sharing network. The file was found to contain child pornography. The IP address was registered to Comcast, which responded to a court order and identified the subscriber information for the address. The government obtained a search warrant and seized a computer in the defendant's home which was encrypted with TrueCrypt 7.1 aBootloader. The computer won't boot up the OS unless the password is entered. The question presented to the appellate court was whether or not providing the password would violate the appellant's rights under the Fifth Amendment and Article 1, Section 9 of the Pennsylvania constitution. (The Pennsylvania Supreme Court has ruled that Article 1, Section 9 does not provide any greater protections against self-incrimination than the Fifth Amendment to the United States Constitution).

There is an exception to the Fifth Amendment, allowing for productions to not be regarded as testimonial communications when the facts are already known to the government, and . . .

1. the existence of the evidence demanded has been proven;

2. the defendant is in possession of the evidence; and

3. the authenticity of the evidence has been established.

In this case, the appellant's answer to a request by the arresting agents for the password, ("Why would I give that to you?' We both know what's on there. It's only going to hurt me.") was important. Judge Seletyn's opinion states that, "the record reflects that appellant's act of disclosing the password at issue would not communicate facts of a testimonial nature to the Commonwealth beyond that which he has already acknowledged to investigating agents." (Id. at *16). The opinion notes that, "knowledge of the encrypted documents or evidence that it seeks to compel need not be exact. " The court found that the TrueCrypt password would be self-authenticating.

Under the facts in this case, providing a password was not found to be testimony protected by the Fifth Amendment.

On November 27, 2017, in Winfield v. City of New York, 2017 U.S. Dist. LEXIS 194413 (S.D.N.Y.) Magistrate Judge Katharine Parker of the Southern District of New York ruled that the defendants did not have to disclose information on the TAR system they used for document review, while granting the plaintiffs' request to sample non-responsive documents. The court did review information related to the City’s document ranking system in camera but would not disclose this information to the plaintiffs.

The Court ordered the City to perform a TAR review on the rest of its document set after completing its linear review (run with search terms the parties agreed to only with the help of the Court) on ESI collected from certain custodians. The Court judged that TAR was necessary to hasten the identification, review and production of responsive documents. The City had complained that it cost more than $350,000 to review 100,000 documents using linear review.

In order to support its position that the City's TAR system did not correctly identify responsive documents, the plaintiffs pointed to documents the City produced inadvertently, or produced with redactions which were in fact responsive. "Among these were two electronic documents for which the City only produced a 'slip sheet' because the documents had been designated as non-responsive (the 'slip-sheeted' documents), but where Plaintiffs were nevertheless able to view the 'extracted text' of the documents due to a production error." (Id. at *16). The court ordered briefing and depositions on the defendants' privilege designations, and also requested a log of a sample of 80 privileged documents. After the review of the sample, the City subsequently changed its designation of 36 documents from privileged to responsive.

Nevertheless, the Court found no evidence of gross negligence or unreasonableness in the City's use of its TAR system. It ordered that the City could use this system to run a search using 665 search terms proposed by the plaintiffs. The court stated that a meet and confer and motion for compel would be needed if the City's subsequent review found responsive documents related to primary claims and defenses in a subject area covered by a previous production phase.

The plaintiffs contended that the City over designated documents as non-responsive in the training set used for its TAR system. In holding that the producing party was in the best position to evaluate its methods for producing responsive documents, the Court cited Judge Peck's decision in Hyles v. New York City, and Sedona Principle 6. Judge Parker also noted that attorneys are obligated to comply with FRCP 26 in certifying that a reasonable inquiry was performed when making document productions; the danger of revealing trial strategy and work product; and that perfection is not required in the production of responsive ESI. Judge Parker stated that:

". . . this Court is of the view that there is nothing so exceptional about ESI production that should cause courts to insert themselves as super-managers of the parties' internal review processes, including training of TAR software, or to permit discovery about such process, in the absence of evidence of good cause such as a showing of gross negligence in the review and production process, the failure to produce relevant specific documents known to exist or that are likely to exist, or other malfeasance." [Id. at *29-30]

The Court's in camera review of the TAR system showed that the seed set included more than 7200 documents that were randomly selected and 'pre-coded example' documents. There were five training rounds and a validation process, and the review team received extensive training.

In granting the request for a sample set, the Court cited the need for transparency, the low responsiveness rate in a high volume of ESI, and specific errors in coding identified by the plaintiffs. The sample set is to consist of 400 documents - 300 from one category, and 100 from another.

While the Court did not order disclosure of information on the TAR ranking system, it did encourage the City to share this information with the plaintiffs.

On November 9, 2017, Magistrate Judge Maynard of the United States District Court for the Southern District of Florida, ruled on a plaintiff's motion to compel the production of telephone call data held by the defendant in Median v. Enhanced Recovery Co., No. 15-14342-civ, 2017 U.S. Dist. LEXIS 186651 (S.D. Fla. Nov. 9, 2017). The motion also requested documentation on policies and training, and information about prior customer complaints and lawsuits.

ERC uses automatic telephone dialing systems ("ATDS")to help with the collection of debts. The Telephone Consumer Protection Act prohibits calls to cell phones made without an owner's consent. Judge Maynard held that production of outbound call lists are allowed in TCPA actions order in order to help establish class action requirements and to prove the plaintiffs' claims. Productions can include call data from systems when there is a dispute about their status as ATDS systems. The court also ruled that data on calls made to parties other than the named plaintiffs was discoverable for the purposes of bringing a class action.

Judge Maynard did agree with the defendants that data on calls made to landlines are overboard and not permitted in TCPA actions.

With respect to producing data on millions of calls, the court specifically noted that, “the burden of producing this material is mitigated, however, by the fact that ERC can likely do this via spreadsheet or .csv ready data files.”

Prior complaints were also deemed discoverable because they could be used to identify class members and not overly burdensome because ERC was under an order in another case to show its compliance with the TCPA.