Category Archives: eDiscovery California

Admissibility, Cases of Interest, Constitution, Criminal Liability, eDiscovery California, Law

e-Discovery California: We Will…We Will…Track You!!!

MP900433086 Privacy took a major hit in the nine states encompassing the 9th Circuit.  The court found that the police have the right to attach a tracking device to a vehicle on private property.  That part isn't new.  What is new is that they held it may be done without a warrant.  To me, that is disturbing.  Do you see any dangers here?

This is another issue where reasonable people will disagree.  Some will look at it as another version of visual surveillance.  I don't have a problem with using a device in this manner; I just think the government should be required to secure a warrant.

I cringe when I hear arguments like "put out a 'No Trespassing' sign and then you'll be protected".  Either we possess rights or we don't.  I fail to see why I should have to advertise my right to privacy if it's a vested right.  Are we saying crooks don't need to be warned but the police do?

How far may the government go?  Suppose a person is drunk and passed out cold on their front lawn.  Should I assume the government now has the right to attach a tracking device to that person without their permission?

Another federal jurisdiction from D.C. has ruled the opposite way on a similar matter.  This will likely go to the Supreme Court.

Backup & Recovery Systems, Cost, Disaster Recovery, eDiscovery California, eMail, Implementation, Security, Technology

e-Discovery California: Don’t be EVIL, Los ANGELes…

2 Comments

MP900401409 Theory is usually easier than practice.  You project managers know exactly what I'm talking about.  Courses like the Project Management Body of Knowledge (PMBOK) have value, but one item tends to be underestimated; the human element.  Projects always look great on paper but unfortunately, they're not executed by robots.  They're executed by people with varying talent, ambition, health and – dare I say it – competence levels.  Add to that the other human elements; management support or lack thereof, other duties of the team (distractions), unexpected emergencies ("Hey, I need to borrow Steve for a few hours…"), predictive miscalculations and – dare I say it, part II – the competence of the project manager.

With this in mind, it comes as no surprise that Google has missed a deadline to convert the City of Los Angeles email system to the cloud due to security concerns with the L.A.P.D.'s data.  Tha-a-a-a-a-t's gonna cost 'em.  Worse, they beat out Microsoft for the contract.

Ultimately, the issue will be resolved, but it begs the question – what happens when L.A. requests to retrieve data?  Another cautionary tale about 3rd-party vendors…

Cases of Interest, Constitution, eDiscovery California, Law, Scope

e-Discovery California: Reasonable Search: SCOTUS Decides Quon Case

MP900443158 We've been waiting for the decision on Quon to clarify Constitutional issues of employee privacy while using an employer-supplied electronic device.  Bottom line: by unanimous decision, the Supreme Court ruled that, under the facts of this case, the search was reasonable and Quon had no 4th Amendment expectation of privacy.  I say "under the facts of this case" because the Court ruled on narrow grounds.

Justice Anthony Kennedy stated quite eloquently, "Because the search was motivated by a legitimate work related purpose,
and because it was not excessive in scope, the search was reasonable."

In my opinion, that's a beautiful sentence.

eDiscovery California, Law, Security, Technology

The Boston (I)T Party

J0443189 InformationWeek just came out with an excellent treatise on a new data protection law in Massachusetts (note – the link is an excerpt, but you may access the entire article if you're willing to register). In my opinion, this is a must-read.  Here's an excerpt of the preamble:

"The new Massachusetts data security law, 201 CMR
17.00, is a prime example of the increasingly aggressive role states are
taking to protect their citizens. More than 40 states have data breach
notification laws already on the books–a trend that started with
California's SB 1386 but certainly didn't end there. Much like those
other laws, Massachusetts' has impact beyond the state's borders and
could spur similar legislation in other states.

Federal action is also a distinct possibility."

If that doesn't whet your appetite to continue reading, I don't know what will…

eDiscovery California, eMail, Technology

e-Discovery California: State & Local Governments get the “Message”

J0428606 In the, "We've finally figured out that emails, texts and voice mails are in the public-domain." department, state and local governments are taking steps to limit the use of electronic devices during official sessions.

This article is of interest because such a policy is now being proposed in the heart of Silicon Valley.  The California Assembly is also considering a similar rule.

Are politicians doing so out of the kindness of their hearts?  Hardly.  They're responding because public watchdogs are filing lawsuits seeking access to these messages under the California Public Records Act.  And they're not just limiting their requests to public devices; they're going after personal PDAs and laptops as well.

One more step in the continuing game of leapfrog between the limits of individual privacy and the public's right to know…

Cases of Interest, Constitution, eDiscovery California, Judges, Law, Technology

e-Discovery California: The Friday Brush-Off

J0403056 Forgive me for my limited time this week.  As we harken back to "Privacy Week", comes word that the Supreme Court is going to rule in the spring – for the 1st time – on texting and privacy, specifically the City of Ontario, California's appeal arising out of the 9th Circuit case, Quon v. Arch Wireless, 529 F.3d 892 (9th Cir. 2008) [Warning: Link opens 24-page PDF].

My colleague, Ralph Losey, has done a superb treatise on this subject, so I'm going to port you over if you'd like additional information.  I'm particularly fascinated by the 4th Amendment issues raised in this case (there I go again…criminal & Constitutional aspects…), plus, as a technology consultant, I've had a hand in crafting corporate policies regarding electronic communications many times in the past.

My opinion?  I'm staying with my usual view.  Texting someone using your corporate device is similar to having a conversation on the telephone from your office cube – where anyone around might hear you.  I'm not saying the content of the text (or phone conversation) isn't technically private, but by transmitting it by way of someone else's device, you're basically creating a waiver (in my mind, anyway).

What if an employee transmits child porn through their corporate device?  Is that private?  Does that not ensnare the company?  Is the company culpable for allowing child porn to be transmitted?  How would the company know unless it's allowed to monitor & review transmissions?  Just a few simple questions for you to ponder…this is your chance to emulate a Supreme Court justice.

More 'stuff' is on the way from me…as soon as I can ration the time to post it!

Criminal Liability, eDiscovery California, Law

e-Discovery California: I, Witness

J0434085 I'd probably file newly-signed California SB 748 under 'good intentions, questionable results'.  This new privacy law results in a misdemeanor if one posts data on the Internet that
discloses information about witnesses or their family members if the
intent is to injure them or incite violence.

Here are two notables from the article:

"The impetus behind the bill was preventative, DA's office spokeswoman
Erica Derryck said. "This is an example of our office recognizing the
way in which technology is used," she said."

…and…

"The bill also allows witnesses to submit opt-out forms to Internet
search engine providers to keep their identifying information out of
public databases. Businesses and agencies are required to take down
identifying information about a witness within two days of receiving
such an opt-out form, or face a $5,000 civil fine."

The law targets gang activity in particular, which should tell you why this isn't going to work.  Gang members who are interested in witness intimidation or worse are not going to be intimidated by a misdemeanor for posting data on the 'net.  Conversely, the idea that one can police "businesses and agencies" in this manner tells me that the D.A.'s office doesn't recognize 'the way in which technology is used'.

I guess they forgot to call me to get my opinion on this one…