I am a member of the American Bar Association’s Science & Technology Section, Electronic Discovery and Digital Evidence (EDDE) Committee and recently had the privilege of spending a couple of days with the leading experts in the country on electronically stored information, legal forensics and e-discovery.
The two-day meeting was packed with excellent and timely new information whose highlights I have summarized below:
1) Federal Rules of Civil Procedure (FRCP) expected to be approved within the next week or so. Proposed changes: (NOTE: these are still “proposed” and could change)
a. Rule 26(b)(1) – the issue of proportionality now at the top of the list of considerations that a court should use when deciding on the relevancy and importance of evidence to a case.
i. If preservation or production of electronic evidence will place a burden on one of the parties disproportionate to either:
1. The issues of the case, or
2. That party’s responsibility and capability to preserve or produce the evidence,
ii. The court is asked to make decisions on whether to compel production, and who should pay for the production, based on the weight of the burden.
b. New language to clarify that this decision should no longer be based entirely on the financial burden but should consider all issues that are affected by the request and might impact the parties involved (e.g. reputation, time & personnel resources, etc.)
c. Rule 37(e) clarified that some of the more onerous sanctions for spoliation should only be considered if there can be shown that the party acted with the intent to deprive another party of the information's use in litigation. It also states no sanctions, unless it can be shown that the spoliation of loss of evidence has created prejudice.
d. Rule 34(b)(2)(B) - Objecting to producing electronic evidence due to an assertion of burden will require showing real reasons with actual evidence of the burden. You will need to state specifically why you’re objecting to and what you are withholding as a result of your objection.
2) The Internet of Things and the complexities involved in the acquisition, preservation and production of evidence from these devices.
a. Most of them are not designed to log events
b. The majority of current products are not secured in any way
c. All connected to the Internet
d. All with the capability, if compromised or accessed by the wrong people, to disrupt our lives, steal sensitive information, or even cause physical damage
i. The flaming toaster: imagine an Internet connected toaster that a bad guy intentionally changes the settings to toast infinitely, the toast catches fire and the house burns down.
ii. The smart refrigerator: Food packaging that contain computer chips so the fridge can tell you what is about to spoil and even make a grocery order for you over the Internet. That means your refrigerator (or whoever can connect to it) has the ability to charge your credit card. ’Nuff said.
3) Computer forensics data can easily be lost or compromised if the acquisition is delayed with many organizations storing data in the cloud and/or using virtual machines.
4) The use of social media to screen jurors during voir dire (jury selection). The ABA formal opinion 466 basically states that counsel has a duty to examine a potential jurist’s “Internet presence”. It was opined that not doing this extensive research could result in malpractice lawsuits and is basically another part of an attorney’s ethical obligation to understand and use technology responsibly.
We are in a rapidly shifting landscape when it comes to the world of electronic data. All of us have an obligation to understand and manage it and take responsibility for the data we create, collect, store or manage. Those who practice law or participate in any way with litigation have an even greater ethical responsibility to do our best to stay up to speed in all of these areas and to provide adequate, timely and relevant expertise and assistance to our clients.
Type your search and press enter
- Threat Intelligence
- Happy Hour
- InfoSec 101
- Security Awareness
- Public Sector
- Financial Services
- Press Release
@critinformatics | Sep 21, 2018#ICYMI: Our technology is the foundation of the @pisces_nw project, which provides no-cost #cybersecurity event monitoring to #localgovernments while training the next generation of #securityanalysts in WA State. https://t.co/goUE7p2rXQ https://t.co/jGp9hQrKiS
@critinformatics | Sep 20, 2018[EVENT] We’re going to @techtalksummits in #Seattle next Wed., 9/26, at El Gaucho, and we’d like you to join us! Register today for an engaging evening of IT discussions, w/ free drinks and apps—Get there in time to hear @seattlemkh speak at 7 PM! https://t.co/V7Zp8XgNqd https://t.co/471r9FKiHY
@critinformatics | Sep 20, 2018#ICYMI [VIDEO] Check out this month’s #NewsJacker w/ @seattlemkh for the latest #InfoSecNews on #SmartCity & #Aviation #vulnerabilities, #ElectionSecurity, #WannaCry culprits, #NationStates, & more. #ITSecurity #InfoSec #ThursdayThoughts https://t.co/uREOTBFN7P https://t.co/f5V3OOBFCA
@critinformatics | Sep 19, 2018RT @FileFacets: #GDPR - Another Y2K or Real Apocalypse? Learn the essential #cybersecurity requirements that U.S. companies need to know to…