Late last year the Sedona Conference released their final version of the third edition of its principles addressing electronic document production. These principles were the result of years of collaboration between the drafting team and other members of the e-discovery community. It had been a decade since the second edition was published, and there have been countless technological innovations in the subsequent years. Indeed, the previous edition was released in the same month as Apple put its very first iPhone on sale. Facebook was still in its infancy, while Twitter and Snapchat had not yet been created. The release of the updated principles presents a good opportunity to examine new sources of electronically stored information and evaluate their impact on the discovery process.
In 2007, there were readily identifiable locations for the storage of ESI. The data resided locally on a hard drive, on your company’s server or on the server of a service provider. Arguably, it was relatively easy to ensure that your data was protected from being destroyed by accident or a catastrophic event. Even in the abstract, the data was tangible. The growth of cloud-based storage has lowered infrastructure costs by lessening the need for an individual company to maintain massive server farms, but it has also made it has also made the location of the data less clear. Thus, customers are putting much more faith in technology that is being controlled by a third party.
The use of cloud storage may require additional due diligence on behalf of companies, to ensure that it is being properly protected. It would be wise to carefully evaluate the procedures and protocols of your storage provider. It is always advisable to examine your provider’s disaster recovery plan to ensure that your data will be protected in the event of a catastrophic failure.
In addition to the discovery concerns, entities will always need to be cognizant of information security. There have been a number of large-scale data breaches in the last several years that have put people’s personal information at risk. Ultimately a company may be responsible for security failures of their cloud storage vendor.
Messaging apps that offer both privacy and security are becoming widely adopted. The encryption prevents third parties from accessing the message’s contents including the app’s inventors and the server’s owners.
Snapchat is an ephemeral messaging app that offers encrypted communications that automatically delete after a set period of time. The data is not stored on any server or on the device where it the app is installed. As a result, there is no way to preserve or collect information transmitting using these types of applications.
Many companies have already prohibited their employees from communicating via social media, and it is likely that these policies will need to expand to other messaging technologies in the future. It will be key to stay abreast of new technological developments and to carefully study their potential effects on litigation.
Bitcoin is the most well-known cryptocurrency, but there are almost 1,000 others in digital circulation. Previously, they were heavily used by to engage in illicit activities, but now their use is more widely accepted. Cryptocurrencies have become major investment vehicles for members of the financial industry. The anonymity maintained by these transactions can create major headaches when it comes to litigation.
The decentralized, peer-to-peer ledger system makes the discovery process more complicated than with traditional financial transactions. There is no bank to serve with a subpoena, so attorneys will have to be more innovative in order to acquire information associated with cryptocurrency transactions. For example, litigators may be able to get pertinent data by obtaining an image of the user’s cryptocurrency wallet. This could allow parties to identify transactions that are relevant to the issues involved. It may also be possible to examine the device used to connect with the cryptocurrency’s network and find important information. Alternatively, a user may be forced to turn over their login credentials so that an adverse party may examine their transactions.
These anonymous transactions may make it difficult for an aggrieved party to identify the other user involved. In fact, the IRS has recently been issuing John Doe summonses to help discover the identities of users suspected of violating the tax code. There is an inherent risk in using these mechanism because it may be exponentially more complicated to begin any potential cause of action.
One of the drawbacks of such an extensive drafting process is that it is difficult to keep pace with technological innovations. It’s impossible to predict what new technologies will be shaping the legal landscape in years to come. It may be necessary for these discovery principles to be more regularly updated in order to keep pace with emerging sources of electronically stored information.
Article sourced from law360.com by Charles McGee
To read the complete in-depth article please visit Law360.com