This email hoax warns of the risk of radiation burns to Southern California residents due to the nuclear crisis in Japan.
Talk about mean-spirited…
Category Archives: eDiscovery California
e-Discovery California: Health Net, Inc.’s Records End Up in Dave(y) Jones’ Locker
Confidential records of two million current and former customers are missing – 845,000 of which are from California.
e-Discovery California: CSI meets ESI
e-Discovery California: State Bar Opinion 2010-179: Wireless Networks
If you're an attorney – or a technician tasked with protecting attorney data, take note of important California Opinion 2010-179 on the duties of confidentiality and competence in the handling of client data (warning: opens seven-page PDF).
Or, if you're pressed for time, see this excellent treatise prepared by the firm Mayer Brown.
e-Discovery California: ZIP-a-Dee-Doo-Dah!
The California Supreme Court says retailers may not ask credit card purchasers for their ZIP codes because it violates consumer-protections.
Chalk one up for privacy?
e-Discovery California: “Elementary, My Dear Watson”…
Holmes v. Petrovich Development Co. (Cal. Ct. App. – Jan. 13, 2011)
In this decision from the Third Appellate District of California, the Court found that Holmes’ emails did not fall under the protection of attorney-client privilege (warning – link opens a 40-page PDF of the ruling).
Why?
Because she wrote them on a company computer with the knowledge that the company had a “we own the data” policy.
YMMV (that’s my cute way of telling you, other state laws are contra, e.g. New Jersey’s Stengart). From that post:
“I suppose if I simply admonish you not to use your company collateral for personal purposes, you’re going to ignore me, but it’s missing the point, anyway. You can’t un-ring the bell. Sure, I understand that, in this case, they were forced to return the emails and there was to be a decision as to whether the law firm that read the emails could even continue in their representation, but the bottom line is, the emails were still read.”
A little fun fact? Holmes never said, “Elementary, My Dear Watson”.
e-Discovery California: How You Do It – How THEY Do It
I explained how you do it (give up your privacy) in my prior post.
How they (hackers) do it:
Using nothing more than information his victims readily provided, this hacker gained access to their email and/or Facebook accounts; with highly embarrassing results.
I've long been baffled by sites that, purportedly in the interest of better security, require users to supply highly specific information like their father's middle name or what high school they attend(ed).
Oh, and the hacker? He said he did it because it's funny…
e-Discovery California: ‘In Toto’, We’re not in California Anymore…
They laughed at the academy…
Do you remember when I said I maintain a password on my PDA? Do you remember how I said it sucks having a password on my PDA, but I felt it was extremely necessary? Fine – you don't remember. Here's what I said this past February:
"My PDA is password-protected. It's an incredible pain. I hate it. It makes things cumbersome. For all I know, it isn't even that effective. But you know what? At least I'm doing everything within my power to protect my client information."
Well, it just became a great decision. Why? Because the Supreme Court of California recently ruled that if arrested, the government is entitled to search your cellular device! The Court seems to be basing the opinion on the concept, misguided as it may be, that a cell phone is akin to a closed container, like a pack of cigarettes (prior 4th Amendment decisions hold that authorities may search containers under these circumstances). Meanwhile, a warrant is still required to search a briefcase!
Think about it for a moment. If this trend continues, how long do you think it'll be before this right is extended to portable devices in general? My next thought is, what if you happen to be driving your desktop PC to the local repairman at the time of your arrest?
As to the issue of password-protection, there's no case law controlling at the moment, so here's my 'ruling'; you have the right to remain silent. I don't care if I'm threatened with bodily harm – nobody will compel me to give them the password to my PDA (until the day arrives that a court of competent jurisdiction rules otherwise).
The Federal 9th Circuit already allows for warrantless tracking devices, but now this? So much for "liberal" California. Try your luck with the Ohio Supreme Court, among others, who disagree with this ruling.
But don't push your luck with the Supreme Court of the United States. With the current makeup of that body favoring government intrusion over individual protections, there's no Emerald City at the end of that yellow brick road.
Then again, a lot of powerful people carry cell phones – including Supreme Court justices. Maybe now's not the time for that vacation in wine country…
e-Discovery California: Turn your Head & Cough
How long has it been since I posted something California-specific? (September 22nd, 2010, in case you wanted to know…)
This opinion piece by a consumer watchdog group (literally named "Consumer Watchdog") does a good job of expressing the tensions between the FTC and the State of California regarding approaches to internet privacy.
Now, I've certainly banged the privacy drum loudly this past year – and I don't intend to focus on it as much in 2011, lest I risk being compared with Chicken Little (by the way, just because a chicken tells you the sky is falling, doesn't mean it's not true) – but my focus has been on the evidentiary risks of not protecting your privacy, whether it be on an individual basis, corporate or somewhere in-between.
This is an e-discovery blog, after all…
Nor do I necessarily agree with the concept of a "do not track" list, as I've mentioned before (because in my opinion, it probably won't work). There has to be an effort at formulating comprehensive policy, rather than acting like tracking a node is somehow like tracking a telephone number. What do I mean?
- Has anybody thought about how one would manage such a list? How will one identify the requestor? By name? By IP#? By a unique device name/code? (Whoops; there goes your privacy). Suppose the individual has a PC, a laptop and a PDA – and they swap PDAs annually. How will the database account for this?
- Take into account everything above, now add all of the devices in a corporate environment – and we know how often those are refreshed. Will the firewall be enough?
- Now, what about the spouse, the children and all of their devices? Children are by far the most vulnerable because, a) they already think they're bulletproof and b) they don't yet fully understand the concept of privacy (heck, neither do a lot of their parents!)
On the plus side, there are brilliant minds out there who may actually have answers to some of these issues, but the point I'm making is, you can't just slap a feel-good name on something, then give the public the impression that it's a panacea to all of their concerns.
We're not just talking about preventing annoying sales-calls at dinnertime. Placating the public without actually achieving the goal will increase the risk (through a false sense of security), not reduce it.
eDiscovery California: CA State Bar Ann’l Mtg
Trial is over…verdict came in yesterday. I got my life back – for about 3 minutes…
Next on the docket? If you're attending the California State Bar Annual Meeting in Monterey at the end of the week, yours truly is on a panel presenting CLE (continuing legal education) program #54, entitled "e-Discovery Translating — Lawyers from Mars; Techies
from Venus: Beginning e-Discovery" from 10:30 a.m. – 12 noon Friday, September 24th.
You may recognize the title. It comes from an article I featured this past May, written by my good friend and colleague on the LPMT Executive Committee, Robert Brownstone, for California Lawyer magazine, who will moderate the panel. Another colleague from the Committee, Cynthia Mascio, is joining us as well. It's going to be a lot of fun – and educational for you, we hope.
See you there!