LITIGATION SUPPORT TIP OF THE NIGHT

Today I purchased a copy of Electronic Discovery and Digital Evidence in a Nutshell, the second edition of the West Academic guide to electronic discovery law in the United Statues authored by Judge Shira Scheindlin (the judge in the Zubulake v. UBS Warburg) and members of the Sedona Conference. This post will be the first in an occasional series providing an outline for this book.

I. INTRODUCTION

A. FRCP Amendments

1. FRCP 26(b)(1)

a. No reference to subject of the litigation.

b. Scope of discovery proportional to the needs of the case.

i. Importance of Issues at Stake.

ii. Amount in Controversy

iii. Parties' Relative Access to Relevant Information.

iv. Parties' Resources

v. Importance of discovery in resolving issues.

vi. Does Burden outweigh potential benefit?

c. Committee Notes

i. Requesting party does not have burden of addressing all proportionality considerations.

ii. No boilerplate proportionality objection permitted.

iii. Court should make a case specific determination of scope of discovery.

d. Open Issues

i. Does not specify who has burden of proof on proportionality issues.

ii. Costs may be increased because of unilateral determinations that requests are not proportional.

iii. Pre-motion discovery necessary to assess proportionality.

e. Additional Changes

i. Information need not be admissible in order to be discoverable, but no longer needs to be reasonably calculated to lead to the discovery of admissible evidence - now tightly limited to claims or defenses.

ii. FRCP 26(c)(1)(B) - court can allocate discovery costs when granting protective order.

iii. FRCP 26(d)(2) Rule 34 requests served 21 days after compl.; don't need to wait for meet and confer.

iv. FRCP 26(f)(3) - inadvertent production of priv docs; and preservation of evidence must be discussed at first conference.

v. FRCP 37(e) if evidence that should have been preserved - and cannot be restored - court can order measures no greater than necessary to cure prejudice. Party must act with intent to deprive other party of info for adverse inference instruction.

1. Committee Note - Courts should consider sophistication of parties - corporation held to a higher standard than individual.

vi. Court can require premotion conference - would allow resolution on letter submissions rather than full briefing.

vii. FRCP 34(b)(2)(B) and FRCP 34(b)(2)(C) - if party objects to doc request must state grounds with specificity and note if document are being withheld.

This evening I attended a discussion hosted by the Sedona Conference at the offices of BakerHostetler at Rockefeller Center in Manhattan. The topic of the discussion was, "Practical Solutions to the Challenges and UncertaintyAssociated with the EU-U.S. Privacy Shield". The panel was composed of Magistrate Judge Andrew Peck of the United States District Court for the Southern District of New York; Emily Fedeles, an associate with BakerHostetler; and Stacey Blaustein, a Senior Attorney and Global E-Discovery Lead at IBM.

The panel briefly discussed the Schrems decision of a year ago. They laughed about how ironic it was that a law student had found the time to bring the case, and joked that someone could have prevented all the trouble caused by the overturning of the U.S./E.U. safe harbor scheme by giving him a job with an American law firm. The group focused on the new privacy shield adopted in response to the Schrems decision and the General Data Protection Regulation which will be fully implemented in May 2018 in the European Union after a two year transition period.

Stacey Blaustein noted that business can certify online at https://www.privacyshield.gov. The site leads companies through the process step by step. She discussed how the new framework has avenues of redress built in. The FTC has jurisdiction under section 5 of the FTC Act for adjudicating violations of the Privacy Shield Principles. Blaustein mentioned the September 30, 2016 deadline for companies to self-certify and gain a nine month grace period to update contracts made with data processors.

Ms. Fedeles said that under the new framework companies would have a 45 day deadline to address specific concerns raised by complainants. She also noted the many companies have already certified. See the list here.

Ms. Blaustein talked about the onward transfer or downward stream exchange of data, and mentioned that vendors may not have to certify but need to comply with the same standards as the companies who engage them.

The panel noted the the FTC's jurisdiction only extends to the industries that it regulates. Ms. Blaustein noted that is precluded from exercising jurisdiction over transportation.

Judge Peck talked about the anonymization of data as a potential solution to the problem of producing documents covered by European data privacy laws. He speculated that under the new GDPR review will still take place in the European Union, with anonymization taking place before ESI was transferred to the United States.

Ms. Fedeles noted that certification can be rescinded, which would lead to a company having to delete the data it had collected. Audits are conducted under the new privacy shield regime.

Judge Peck discussed cross border discovery in the context of the 1987 United State Supreme Court decision, Societe Nationale Industrielle Aerospatiale v. U.S. District Court for the Southern District of Iowa,482 US 522 (1987) . Five factors were given to judge whether or not international discovery could be conducted despite a foreign blocking statute:

"(1) the importance to the . . . litigation of the documents or other information requested;

"(2) the degree of specificity of the request;

"(3) whether the information originated in the United States;

"(4) the availability of alternative means of securing the information; and

"(5) the extent to which noncompliance with the request would undermine important interests of the United States, or compliance with the request would undermine important interests of the state where the information is located."

Judge Peck noted that over the years two additional factors were added in effect to this Societe Nationale test - the hardship imposed on the producing party and whether or not the request was made in good faith. He blamed bad lawyering for over relying on the fifth factor to justify cross border discovery.

He mentioned the 2007 'Christopher X' case in which a French court only imposed a €10000 fine for the violation of a blocking statute, has been used in American courts to encourage the practice of violating such statutes.

Judge Peck warned that under the new GDPR companies could face fines potentially high as 4% of global gross revenue - not just profit. He said if foreign data currently located in the United States no longer fell under provisions allowing for its exchange, there was a good argument for it being protected under cross border discovery rules, but he felt that this was something other judges would have to be educated about.

Judge Peck noted that a party won't necessarily be sanctioned for the disclosure of private data it moves 'downstream', if it uses proper contracts. He did not know if a negligence standard or something else would be used to evaluate whether or not a party had used proper methods for transferring data.

Ms. Blaustein noted that if possible recipients should only get data for a specific purpose. The panel reminded the audience that the United Kingdom after Brexit, and Switzerland would not be bound by European data privacy laws.

Judge Peck observed that Britain was one country in which discovery could be obtained quickly through the Hague Convention - in part because the British disclosure process is similar to American discovery.

A U.S. District Court judge in Shaffer v. Gaither, 14-0106 (Sept. 1, 2016 W.D.N.C.) ruled this past September on the plaintiff's failure to preserve text messages on her phone. The court denied the defendant's motion to dismiss which was based on her failure to preserve ESI, that the court could not conclude was intentional. The messages on the phone were relevant to a defamation claim which alleges that the plaintiff's employer stated she was fired for having a sexual relationship with a married man. The plaintiff was an Assistant District Attorney and the person with whom she had the relationship was a defense attorney. The relationship itself was not denied, just the basis for her termination of employment.

The text messages on the plaintiff's phone were said to contain statements in which the plaintiff conceded the relationship was the reason for her dismissal. The plaintiff's phone was unavailable because she damaged it in a bathroom, and she turned it over to her insurer. The case is interesting because of what it shows about the recoverability of text messages and how a court will interpret the recently amended F.R.C.P. 37

The plaintiff's service provider could not produce copies of the text messages. It only kept records of when text messages were sent. There were no back-ups of the texts in cloud storage. Forensic techniques could not recover the body of the texts from the available SIM card. [Oddly, the court's decision does not indicate whether or not attempts were made to recover the phone from the insurer.]

The plaintiff's phone was broken more than a year after she had first threatened litigation. The court noted that FRCP 37 requires that steps be taken to preserve ESI when litigation is reasonably anticipated, but stated that dismissal should not the first resort. FRCP 37(e) requires courts to only take such action as necessary to cure the prejudice resulting from the lost ESI. It did not conclude the plaintiff's destruction of her phone was intentional. It set aside the question of whether any sanctions at all were necessary because other witnesses were available who had seen the text messages - more than just the plaintiff and a single recipient. The need for sanctions was to be determined after witness testimony before a jury on the content of the messages and the circumstances of the phone's loss.

The court's recommended preservation techniques for counsel consisted of, "printing out the texts, making an electronic copy of such texts, cloning the phone, or even taking possession of the phone and instructing the client to simply get another one."