laws governing e data and seizure

© Copyright 2008. All rights reserved.

Laws Governing E-Data and Seizure

Presented byRonald L. Hicks, Jr.


Discussion Topics

1. Zubulake v. USB Warburg, LLC

2. US v. Arthur Andersen

3. Sarbanes-Oxley Act

4. HIPAA

5. ECPA

6. Amended FRCP


General Information

“The Electronic Evidence and Discovery Handbook: Forms, Checklists and Guidelines” published by the ABA LPM Sect.(http://www.abanet.org/abastore)

LexisNexis® Applied Discovery® (http://www.lexisnexis.com/applieddiscovery/)


Discussion Topics

1. Zubulake Decisions

No U.S. or Third Circuit decision exists re: preservation of electronic evidence or sanctions for failure.

Zubulake decisions are recognized as setting the benchmark standards.

Zubulake decisions have not been adopted by any PA federal or state court.


Zubulake Decisions

Spoliation is “the destruction or significant alteration of evidence, or the failure to preserve property for another’s use as evidence in pending or reasonably foreseeable litigation.”

Sanction determined on a “case-by-case” basis

Authority to sanction arises under the FRCP and inherent powers.


Zubulake Decisions

Duty to preserve arises when a party has notice or should have known that evidence may be relevant to litigation.

Sanctions exist only if a party has a duty to preserve the destroyed evidence.


Zubulake Decisions

Duty to preserve commonly arises when a demand letter or complaint is served.

Duty to preserve may arise earlier if a party has sufficient notice or information re: a credible threat of future litigation.

Duty to preserve requires more than a mere possibility of litigation.

Existence of duty to preserve determined by the facts of each case.


Zubulake Decisions

Duty to preserve extends only to “key players” in the litigation.

Not every piece of evidence must be preserved; only that which is relevant.


Zubulake Decisions

Zubulake holds that once litigation is reasonably anticipated, a party must suspend routine document destruction and put in place a “litigation hold” to ensure the preservation of relevant evidence.

Inaccessible back-up tapes do not need to be subject to the “litigation hold.”

Accessible back-up tapes should be placed in the “litigation hold.”


Zubulake Decisions

Zubulake creates a duty upon both the party and its counsel to ensure that all sources of potentially relevant information are identified and placed “on hold.”

Zubulake creates a duty upon counsel to oversee and monitor a party’s compliance with “litigation hold.”

Proper communication is the key.


Zubulake Decisions

Zubulake establishes guidelines that counsel should follow to avoid sanctions for electronic evidence spoliation.

The Zubulake guidelines are not meant to be onerous.

Zubulake holds that counsel’s actions in avoiding evidence spoliation are judged by a reasonableness standard.


Zubulake Decisions

Use the form documents cautiously; avoid creating duties that you may not have as counsel under PA law.

Forms documents should be tailored to your particular case.


Discussion Topics

The act that led to Arthur Andersen’s conviction was not fraudulent accounting practices, but document destruction.

On appeal, the US Supreme Court addressed whether the jury’s conviction was in error under 18 USC §1512 which dealt with “corruptly persuades” the withholding or altering of documents.

2. US v. Arthur Andersen


US v. Arthur Andersen

Compliance with a valid document retention policy is not a criminal act or violation of 18 USC §1512.

Document retention policies are common and are intended to keep information for others, including the government.


US v. Arthur Andersen

18 USC §1512 requires “knowingly ... corruptly persuading” another to destroy documents to impede an “official proceeding.”

Merely complying with a document retention policy does not give rise to a violation of 18 USC §1512 which dealt with “corruptly persuades” the withholding or altering of documents.


Discussion Topics

Created an independent Public Accounting Oversight Board to oversee conduct of auditors and accountants.

One of its most important effects is its impact on document and data retention.

3. Sarbanes-Oxley Act


Sarbanes-Oxley Act

US v. Trauger, No. 3-03-30371 (N.D.Cal. Sept. 24, 2003)

Failure to comply may result in fines up to $25 Million and 20 years imprisonment.


Discussion Topics

Goal of HIPAA is to improve privacy and security of patients’ medical information.

HIPAA Security Final Rule emphasizes security management principles and broad management controls to protect patient health information.

4. HIPAA

HIPAA Privacy Rule addresses the use and disclosure of patient health information.


HIPAA

Penalties not as severe as Sarbanes-Oxley Act, but include civil penalties of $100/violation.

No notice required to be given to government if privacy or security breach discovered.


Discussion Topics

ECPA consists of three parts: The Wiretap Act, the Pen Register Act and the Stored Wired and Electronic Communications Act.

Under the Wire Tap Act, liability requires proof of specific intent, presence of a “wire, oral or electronic communication” and an “interception.”

5. ECPA


ECPA

Fraser v. Nationwide Mut. Ins., 352 F.3d 107 (3d Cir. 2003) & US v. Councilman, 418 F.3d 67 (1st Cir. 2005)(en banc)

Cookies or other web server data do not constitute an “interception.”


ECPA

Pen Register Act initially intended to address telephone communications.

Pen registers record all numbers dialed from a particular telephone line (outgoing calls), whereas trap and trace devices record what numbers called a particular telephone (incoming calls).

US v. Forrester, 2007 U.S. App. LEXIS 16147 (9th Cir. 2007)


ECPA

Snow v. DirecTV, Inc., 450 F.3d 1314 (11th Cir. 2006)

Stored Communications Act addresses the privacy of electronic communications while “in storage”


Discussion Topics

Rationale behind “meet and confer” requirement is early discussion and counsel involvement helps to avoid evidence spoliation.

F.R.C.P. 26(f)(3) & 16(b)(5) set forth the “meet and confer” requirement.

6. FRCP


FRCP – “Meet and Confer”

The “meet and confer” conference requires you to think about what the relevant sources of evidence will be in your case.

Every case has different issues that should be addressed at the “meet and confer” conference.


FRCP – Discovery Requests

Three most common methods are interrogatories, document requests and depositions.

Using more than one of these three methods is common when performing e-discovery.


FRCP - Discovery Strategies

Interrogatories should be used to identify systems, information and people with knowledge

Absent agreement or court order, F.R.C.P. 33(a) limits the # of interrogatories to 25, including subparts.



Unlike interrogatories, document requests are not subject to an express numerical limitation; they are subject to Rule 26 admonition re: abusive discovery.

Document requests directed to a party can be done independently or as part of a deposition notice.

Document requests can be directed to non-parties by way of a subpoena.



Consult with an e-discovery vendor or computer forensics expert.

Electronically stored data should be produced in its native format with metadata.



Depositions ordinarily are used to verify that you have gathered all the relevant evidence through interrogatories and document requests.

Depositions also enable a party to prepare any necessary e-discovery-related motions, including motions in limine and sanctions for spoliation of evidence.

Using an e-discovery expert may be prudent.


FRCP - Protocols

To prepare a well-structured e-discovery protocol, you must understand in advance what the quantity and variety of data that your client has so that you can talk to the correct “key players.”

Understanding what your client’s business operations are will enable you to advocate for an e-discovery protocol that is not overly burdensome.


Structuring Protocols

Key Issues to Address in an E-Discovery Protocol:

1. Confidentiality Protection2. Screening for Privilege3. Data Acquisition/Preservation Procedure4. Costs – Who Pays What?5. Data Return/Destruction


Questions & Answers


Laws Governing E-Data and Seizure

Presented byRonald L. Hicks, Jr.

laws governing e data and seizure

Documents