Tagged: E-Data

Unintentional Consequences? The District Court of Maryland Holds Evidence Failed Rule 37(e)’s “Intent to Deprive” Requirement

A recent opinion from the District Court of Maryland highlights the challenges litigants face proving intent to deprive under Rule 37(e)(2) when seeking sanctions for spoliation of electronically stored information (ESI). In Gov’t Emps. Health Ass’n v. Actelion Pharm. LTD., et al., Magistrate Judge Mark Coulson set forth the requirements to prove entitlement to remedial measures or sanctions under Rule 37(e)(1) and (2) and then applied these requirements to decide the ESI spoliation claims before the court. This blog has written extensively on what is required to trigger Rule 37(e) and resulting sanctions. In June 2017, defendant Actelion (“defendant”) was purchased by Johnson & Johnson (“J&J”). Following the acquisition, Actelion migrated its data to J&J, which managed the data of both companies. On November 19, 2018, the plaintiff filed this antitrust litigation against Actelion alleging the plaintiff was forced to pay higher prices for one of Actelion’s drugs because of the unavailability of a cheaper generic version caused by the defendant’s blocking of competition. Soon after, J&J issued a legal hold to preserve relevant information for the antitrust litigation. The defendant’s custodians included in the legal hold were determined by the defendant’s then in-house counsel (“Thompson”). Absent from the legal hold were five former defendant employees (“at-issue custodians”) with documents relevant to the antitrust litigation....

A Poor Substitute: The Eastern District of Texas Holds That Facebook Screenshots Are Not Sufficient to Avoid Sanctions Under Rule 37

In Edwards v. Junior State of America Foundation, the Eastern District of Texas determined that screenshots of social media messages are not sufficient evidentiary substitutes for spoliated native files. As a result of the plaintiffs’ discovery misconduct and spoliation of relevant electronically stored information (ESI), the court imposed sanctions under Rule 37(c) and (e) against the plaintiffs for failing to preserve Facebook messages in native format, including its metadata, which prevented the defendant from authenticating the messages. The plaintiffs filed a complaint against the defendant alleging that a student member of the defendant, a youth organization, sent “racist and homophobic Facebook messages” to one of the plaintiffs (the “Messages”). After the alleged Messages were sent, the student’s father filed a complaint with the youth organization which included .jpeg “snapshot” images of the Messages. During the litigation, the defendant served written discovery requests on the plaintiffs, seeking production of ESI from the plaintiff’s Facebook Messenger account to authenticate the alleged Messages, including the production of the Messages in HTML or JSON format. The native format of Facebook messages can typically be retrieved and produced in HTML or JSON format and contain metadata that can be used for authenticity purposes. The defendant’s request for native format would have allowed the defendant to authenticate the Messages. The plaintiffs never...

“The Death Penalty Lives”: Magistrate Judge Recommends Entry of Default Judgment After Defendants Manipulate and Permanently Delete Electronic Data

This blog has previously discussed cases in which district courts considered and sometimes ultimately entered the so-called sanctions “death penalty” – a default judgment order of terminating sanctions, pursuant to Rule 37(e)(2), as a result of a party’s destruction of evidence. Recently, a U.S. District Court for the Southern District of Texas magistrate judge recommended granting terminating sanctions, i.e., default judgment, after finding that the defendants “delayed discovery, manipulated electronic data, and permanently deleted a significant amount of electronic data.” The magistrate judge noted that the deletions that occurred required the user to “go into the bowels of the system, requiring advanced knowledge,” and the electronic data was deleted “within days” of an agreed upon preliminary injunction. In Calsep Inc. v. Intelligent Petroleum Software Solutions, LLC, the plaintiffs alleged misappropriation of trade secrets after their employee, one of the defendants, left their employment and allegedly downloaded the plaintiffs’ trade secret information to a personal device. According to the plaintiffs, the former employee then used the trade secret information with the other defendants to develop oil and gas industry software to compete with the plaintiffs’ software. The plaintiffs attempted to obtain discovery, including specifically the defendants’ “source code control system, which ordinarily contains the complete, auditable, and accurate history of the creation and evolution of software...

Second Circuit Reverses Lower Court Microsoft Decision and Holds That Email Evidence Stored Abroad Cannot Be Gathered Pursuant to Criminal Warrant Issued Under Stored Communications Act

In a prior post, we reported that Southern District of New York Magistrate Judge Francis determined that Microsoft must comply with a U.S. Government’s warrant seeking a user’s email content, even though the emails are stored in Microsoft’s datacenter in Dublin, Ireland. After the lower court declined to quash the subpoena and held Microsoft in contempt for failing to turn over customer content stored abroad, Microsoft appealed to the Second Circuit. On July 14, 2016 the appeals court issued an extensive opinion reversing the lower court’s ruling.

New “Privacy Shield” for EU-U.S. Data Transfers Gains Acceptance by Europe and U.S. Regulators

As previously noted, in response to the European Court of Justice ruling in Schrems v. Data Protection Commissioner (Case C-362/14) striking down as inadequate the so-called “safe harbor” agreement that existed for more than a decade, the EU Commission and U.S. Department of Justice announced the framework of a deal to allow transatlantic data transfers between the EU and U.S. without running afoul of Europe’s strict data protection directives. Described as the EU-U.S. “Privacy Shield” agreement, that framework has now been vetted by EU Member States, modified in certain respects, and formally adopted on July 12, 2016 by the European Commission.

New York Federal Court Weighs in on Apple Encryption Debate

Anyone reading recent headlines knows that Apple, Inc. is engaged in a legal, and ultimately political, struggle with the U.S. Government over access to the cell phone of Syed Rizwan Farook, one of the shooters in the December 2, 2015 terror attack at the Inland Regional Center in San Bernardino, California. The core issue in that California proceeding is whether Apple should be forced to “create and load Apple-signed software onto the subject iPhone device to circumvent the security and anti-tampering features of the device in order to enable the government to hack the passcode to obtain access to the protected data contained therein.”

New “Privacy Shield” Agreement Seeks to Resurrect a Safe Harbor for EU-U.S. Data Transfers – Can it Succeed?

On February 2, 2016, the EU Commission and U.S. Department of Justice announced the framework of a deal to allow transatlantic data transfers between the EU and U.S. without running afoul of Europe’s strict data protection directives. It was appropriate that the announcement came on Groundhog Day, because we have been here before.

#Do-Not-Disclose — Twitter Sues Government Alleging Free Speech Violation

Twitter’s ubiquitous 140-character-or-less tweets are not, the company argues, sufficiently similar to email or other forms of stored electronic information to warrant lumping them together with the likes of Google, Microsoft, Facebook, Yahoo!, or Apple, all of which have agreed to restrictive limitations on their public reporting of government surveillance. Twitter has sued the U.S. Government in federal court in California to make its point.

New York Court Rules Email Evidence Stored Abroad is Subject to Criminal Warrant Issued Under Stored Communications Act

Southern District of New York Magistrate Judge Francis has determined that Microsoft must comply with a U.S. Government’s warrant seeking a user’s email content even though the emails are stored in Microsoft’s datacenter in Dublin, Ireland. The decision is likely to get widespread attention and be the subject of future court review, as it expands the reach of a government criminal warrant beyond the borders of the United States to allow for the collection of evidence abroad.

Think Before You Send: Communications to an Attorney Using Work Email May Not Be Protected Under the Attorney-Client Privilege

Generally, a confidential email sent to one’s personal attorney is protected under the attorney-client privilege. But what if the communication is sent using a business email account? Will a corporate policy entitling the company to access “all communications” sent on work computers undermine the privilege? Followers of this blog will recall, among other posts, our detailed recap of the extensive discussion of this issue at our Annual E-Discovery Conference in the wake of the New Jersey Supreme Court’s decision in Stengart v. Loving Care Agency, Inc., upholding the privilege where the employee used a company computer to communicate with her attorney via a personal password-protected internet based e-mail account, and sanctioning the employer’s attorneys for failing to turn over the protected communications. Readers may also recall our discussion of US v. Hamilton, where the United States Court of Appeals for the Fourth Circuit held that a husband waived the marital communications privilege when he sent messages from his work email account to his wife, but took no steps to protect their sanctity. Since those decisions, courts nationwide have continued to wrestle with these issues. Most recently, a Delaware Court held an employee waived the attorney client privilege where he used his work email account to email his lawyer with knowledge of the company’s policy establishing its right to access all communications on work computers.