Post Process

Everything to do with E-discovery & ESI

Archive for the ‘Data Sources’ Category

Case Summary: Harding, Earley; The “do’s” and “don’ts” of Website Captures

Posted by rjbiii on June 22, 2008

Healthcare Advocates, Inc. v. Harding, Earley, Follmer & Frailey, 497 F. Supp. 2d 627, 650 (E.D. Pa. 2007)

Healthcare Advocates (“HA”), a patient advocacy group that helps its members deal with health care providers, brought an action against a competitor alleging trademark infringement and misappropriation of trade secrets. The competitor was represented by Harding, Earley, Follmer & Frailey (“Harding”), a “boutique” law firm specializing in intellectual property matters. Harding began investigating HA, and part of that investigation consisted of using the internet to do searches and view the the group’s website. Harding also used a tool known as the “wayback” machine to look at materials that had been posted to the web in the past.

The wayback machine, maintained by the Internet Archive, stores screenshots from websites that can be looked up by any interested internet surfer. This allowed Harding to HA’s website pages as they would have appeared before the litigation began. Harding printed some of these pages, and some of these prints were during the course of the litigation. Harding did not save any of the images to hard drives.

HA had placed a file, named Robots.txt, on its website server to direct indexing engines and the wayback machine from pages that HA did not want accessed or displayed by the public. On this occasion, however, this protective measure failed, and the wayback machine displayed “forbidden” content to Harding. The failure was due to an issue with the wayback machine’s servers, and not with any action taken by Harding.

Nevertheless, HA brought this action against Harding, alleging, inter alia, that Harding had: violated provisions of the Digital Millenium Copyright Act (“DMCA”); infringed upon their copyrights by printing and unknowingly saving copies of the archived web pages in temporary memory, and distributing copies of the pages to co-counsel; committed spoliation by failing to preserve the copies in temporary memory, violated provisions of the Computer Fraud and Abuse Act (“CFAA”) “by intentionally exceeding their access and obtaining information from protected computers used in interstate commerce;” and violated Pennsylvania laws with respect to conversion and trespass.

Harding requested summary judgment in its favor on all counts.

Copyright Infringement: The court found that HA had established both elements for infringement. HA had a valid copyright on the materials found on its website, and had demonstrated that Harding had “reproduced” and “publicly displayed” these materials. The court then conducted an analysis to determine whether Harding’s actions were permissible under the Fair Use Doctrine.

The court began by listing the factors considered for Fair Use:

  1. “the nature and character of the use” by the alleged infringer;
  2. “the nature of the copyrighted work;”
  3. “the amount and substantiality of the portion used in relation to the copyrighted work as a whole; and”
  4. “the effect of the use upon the potential market for or value of the copyrighted work.”

The court then continued its examination. For the first factor, although it noted that the display and copying of the website content was in pursuit of a profitable activity, that it nevertheless cut in favor of the law firm. The court noted that “[Harding] copied these materials as supporting documentation for the defense they planned to raise for their clients against the allegations,” and stated that “[i]t would be an absurd result if an attorney defending a client against charges of trademark and copyright infringement was not allowed to view and copy publicly available material, especially material that his client was alleged to have infringed.”

The court held that the second factor also cut in favor of Harding, because the the data copied was of an informational nature.

The third factor cut in favor of HA, as Harding copied and displayed the entire website, however, because the information was relevant in a pending litigation, and the firm had a duty to preserve such material, “the substantiality of the portion used does not militate against a finding of fair use.”

The fourth factor “militate[d] in favor of a finding of fair use.” Harding’s actions in copying and displaying the material were for the use in a lawsuit, and not for the purpose of “gaining a competitive advantage.” The court’s analysis concluded with a determination that Harding’s “infringing use is excusable under the doctrine of fair use.” The court granted Harding’s motion for a summary judgment with respect to HA’s copyright infringement claim.

Spoliation of Evidence: With respect to the specific case of the data copied to temporary files, the court noted that HA had not presented any evidence of what had been copied. HA argued that it deserved a “spoliation inference” because the Harding’s duty to preserve existed with respect to this data. The court began by discussing the three factor test used in the third circuit for spoliation determinations. “The considerations are: (1) the degree of fault of the party who altered or destroyed the evidence, (2) the degree of prejudice suffered by the opposing party, and (3) whether there is a lesser sanction that will avoid substantial unfairness to the opposing party and where the offending party is seriously at fault, will serve to deter such conduct by others in the future.”

In examining the facts in the context of the first factor, the court found that because the files were deleted automatically, and not by an affirmative action on the part of Harding, the factor weighed in favor of Harding. The court was not convinced by HA’s argument that Harding’s failure to immediately “remove the computers from further use” did not “shock the conscience.” Nor did the court find persuading HA’s argument that Harding should have taken measures once it received a subsequent letter demanding all evidence be preserved, as the firm felt that nothing relevant had been saved onto the hard drives of its computers.

The second factor, likewise, weighed in favor of a finding against spoliation, because the court concluded that HA suffered no real prejudice from the loss of this data.

The court determined that the final factor cut the same way as the other two, when it stated: “[t]he Harding firm did not purposefully destroy evidence. To impose a sanction on the Harding firm for not preserving temporary files that were not requested, and might have been lost the second another website was visited, does not seem to be a proper situation for an adverse spoilation inference.”

The Claim under the DMCA: The court then turned to examine HA’s claim that Harding had violated the provision in the DMCA under 17 U.S.C. § 1201(a)(1)(A), prohibiting the circumvention of a technical mechanism designed to protect copyrighted material. Here, HA argued that Harding bypassed the protection of the “robots.txt” file, and thus was in violation of the measure. The court found that, “in this situation,” the placement of the file on the website constituted an anti-circumvention technological measure as defined under the DMCA. The court emphasized, however, that “this finding should not be interpreted as a finding that a robots.txt file universally qualifies as a technological measure that controls access to copyrighted works under the DMCA.”

The court continued by noting that the defect was with Internet Archive’s server, and that when used by Harding, it was as though the protective measure was not present. Harding accessed the data, but not by circumventing the protection, and was therefore not in violation of the DMCA. Harding’s motion for summary judgment on HA’s DMCA claim was granted.

HA’s claim under the CFFA: HA argued that Harding’s viewing of the content prohibited by the Robots.txt file constituted a violation of the CFAA. The court concluded that Internet Archive’s computers were used in interstate commerce, and were protected under the act, and that the costs accrued by HA in investigating the unauthorized access, estimated in excess of $9,600, met the statutory threshold. However, merely using a public website does not create liability under the act, and HA was unable to present evidence of prohibited activity, and Harding’s motion for summary judgment on the CFFA claim was granted.

HA’s claims for trespass to chattels and conversion: The final two claims arose under state law, and the court concluded that these claims were preempted by the federal copyright claims under 17 U.S.C. § 301(a), that the court had already examined. Harding’s motion summary judgement with respect to the state law claims was also granted.

Posted in 3d Circuit, Case Summary, Computer Fraud and Abuse Act, Conversion, Copyright Infringement, Data Sources, Digital Millenium Copyright Act, Duty to Preserve, Duty to Produce, E.D. Pa., Judge Robert F. Kelly Sr., Spoliation, Trespass to Chattels, Website Capture | Tagged: , | Leave a Comment »

ABA Section Journal Addresses Admissibility of Text & Instant Messages

Posted by rjbiii on March 14, 2008

The March Issue of Litigation News (no link available to current issue) contains an article relating to the Admissibility of text and instant messages. According to the article, the major challenge for authenticating the messages is “usually proving the identity of the persons in the conversation.” These challenges are, however, navigable. To wit:

The New York Appellate Division, for example, recently held that the trial court properly admitted an Internet text message that had been authenticated strictly on the basis of circumstatial evidence. People v. Pierre. The sender, a defendant in a murder trial, allegedly transmitted a message to the victim’s cousin, stating that he did not want the victim’s baby. The prosecution did not ask the Internet service provider to authenticate the message, and the witness who testified to its origination did not print or save the message.

Even so, the witness testified that she knew the defendant’s screen name, and she had sent an instant message to that name. The Appellate Division noted that the defendant had sent the witness a reply that would have made no sense unless it had come from the defendant. Most importantly, there was no suggestion that anyone had impersonated him. Thus, the court found that these factors were sufficient to warrant admission.

The article contrasts this situation with a decision by a California court to exclude a text message, because prosecutors failed to properly authenticate it, and circumstances were such that more than one person could have sent it. The Second Circuit recently rejected a court’s decision to admit a chat session’s transcript made by cutting a pasting the text from the chat window into another file format (presumably Word?). The article concludes by emphasizing the need for attorneys to engage experts:

“As a practical matter,” says Steven A. Weiss, Chicago, former Co-Chair of the Section’s Technology for the Litigator Committee, “because of the myriad of devices being used to send and receive electronic messages, lawyers will usually need an IT expert to access and retrieve IMs and text messages, and to explain to the cour how the information is stored in a particular device and how it was retrieved.”

Posted in Admissibility of ESI, Articles, Authentication, Chat Room Content, Data Sources, Texting, Trends | Leave a Comment »

TX Case Blurb: Honza; Court addresses objection to discovery request based on revealing confidential information, court order

Posted by rjbiii on March 10, 2008

[Producing Party members] seek a writ of mandamus compelling Respondent, the Honorable Greg Wilhelm, Judge of the County Court at Law No. 1 of Ellis County, to set aside a discovery order requiring the Honzas to permit a forensic expert to create a mirror image of each of the computer hard drives in the Honzas’ office in an effort to locate two particular documents or iterations of those documents

The Honzas contend that Respondent abused his discretion because: (2) the order authorizes the disclosure of information protected by the attorney-client privilege; and (3) the order authorizes the disclosure of confidential information pertaining to the Honzas’ other clients who have no connection to the underlying lawsuit.

The present discovery dispute originated with [Requesting Party’s] motion to gain access to the Honzas’ computers, which was filed about one month before trial. By this motion, [Requesting Party] sought “[i]nformation (the ‘Metadata’) contained on the actual computers of the Defendants, such as any time stamps on the Relevant Documents, versions of the Relevant Documents, if any, as well as the deletion of various versions, if any.” [Requesting Party] explained that, although the Honzas responded to a prior request for production of relevant documents in their electronic version, “the Metadata was neither produced nor made available.”

[Ed. Testimony indicated the existence of relevant documents with respect to a another transaction apparently not addressed by earlier discovery requests]

[] [Requesting Party] sought discovery of relevant documents pertaining to the [newly revealed] transaction, and the [Producing Party] complied by providing pertinent written discovery.

[Requesting Party] seeks the metadata from the [Producing Party’s] hard drives because it wants to identify the points in time when the partial assignment draft was modified in relation to the diary entry. This goes to the issue of whether [the Producing Party] altered the partial assignment after the parties concluded their agreement but before the document was presented for execution.

[Ed. The opinion then went on to list various Federal and State sources for persuasive authority in discovery law, especially with respect to ESI]

Privileged or Confidential Information

The [Producing Party] also contend[s] that the discovery order improperly authorizes the disclosure of (1) information protected by the attorney-client privilege and (2) confidential information pertaining to the Honzas’ other clients who have no connection to the underlying lawsuit.

Notwithstanding the “unlimited” access necessarily granted the forensic expert, Respondent’s order preserves any privileged or confidential information in several ways. First, the expert is limited in his search to two specific documents or iterations of those documents. [Members of the Producing Party] are then accorded the right to review the documents and information which the expert believes responsive and produce to [Requesting Party] only those documents and information which [members of the Producing Party] themselves believe are responsive. These provisions effectively preclude [Requesting Party] from having any access to documents or information pertaining to other clients of the Honzas not involved in this litigation.

Second, the order allows the [Producing Party executives] to withhold from discovery any documents or information which they claim to be privileged or confidential and provide instead a privilege log, subject to in camera review by Respondent.

Finally, the order provides that: (1) the observation of information by [Requesting Party] representatives during the imaging process shall not constitute a waiver of privilege or confidentiality; (2) all participants in the imaging process are subject to a protective order prohibiting the unauthorized disclosure of information; and (3) [Requesting Party’s] expert must provide proof of being bonded and of having commercial liability insurance by which the [Producing Party] may be “fully indemnified against any monetary loss.”

For these reasons, we hold that Respondent appropriately tailored the discovery order to prohibit the unauthorized disclosure of privileged or confidential information and no abuse of discretion is shown.

[Ed. Note that a dissenting opinion is also entered by one of the Judges hearing the case. See the order itself for the full text of that dissent, or of the opinion itself.]

In re Honza, 2007 WL 4591917 (Tex. App. Dec. 28, 2007)

Posted in Case Blurbs, Computer Forensics, Data Collection, Data Custodians, Data Sources, Discovery Requests, Duty to Produce, Objections to Discovery Requests, Privacy, Privilege, Privilege Log, Scope of Discovery, Texas, TX Judge Felipe Reyna | Leave a Comment »

TX Case Blurb: Honza; Court addresses objection to ‘overly broad’ discovery requests, court order

Posted by rjbiii on March 10, 2008

[Producing Party members] seek a writ of mandamus compelling Respondent, the Honorable Greg Wilhelm, Judge of the County Court at Law No. 1 of Ellis County, to set aside a discovery order requiring the Honzas to permit a forensic expert to create a mirror image of each of the computer hard drives in the Honzas’ office in an effort to locate two particular documents or iterations of those documents

The Honzas contend that Respondent abused his discretion because: (1) the discovery order is overbroad and authorizes an improper “fishing expedition”;…

The present discovery dispute originated with [Requesting Party’s] motion to gain access to the Honzas’ computers, which was filed about one month before trial. By this motion, [Requesting Party] sought “[i]nformation (the ‘Metadata’) contained on the actual computers of the Defendants, such as any time stamps on the Relevant Documents, versions of the Relevant Documents, if any, as well as the deletion of various versions, if any.” [Requesting Party] explained that, although the Honzas responded to a prior request for production of relevant documents in their electronic version, “the Metadata was neither produced nor made available.”

[Ed. Testimony indicated the existence of relevant documents with respect to a another transaction apparently not addressed by earlier discovery requests]

[] [Requesting Party] sought discovery of relevant documents pertaining to the [newly revealed] transaction, and the [Producing Party] complied by providing pertinent written discovery.

[Requesting Party] seeks the metadata from the [Producing Party’s] hard drives because it wants to identify the points in time when the partial assignment draft was modified in relation to the diary entry. This goes to the issue of whether [the Producing Party] altered the partial assignment after the parties concluded their agreement but before the document was presented for execution.

[Ed. The opinion then went on to list various Federal and State sources for persuasive authority in discovery law, especially with respect to ESI]

Overbroad Discovery

The [Producing Party] first contend that the discovery order is overbroad and authorizes an improper “fishing expedition.” In this regard, they argue that Respondent improperly “gave blanket approval for [the Requesting Party] to gain total access to [their] computers and all information stored on them, whether or not it has anything to do with this lawsuit.”

Although it is true that Respondent’s order gives A & W’s forensic expert [FN8]complete access to all data stored on the Honzas’ computers, the order provides that the expert is to index all forensic images acquired from the imaging process “for the limited purpose of searching (the ‘Examination Process’) for two documents, previously Bates-labeled as HONZA 00019 and HONZA 00017, which are drafts of “Assignment of Contract” and any iterations (the ‘Relevant Documents’).” The expert must then compile any documents or information which the expert believes responsive and deliver them to the Honzas to determine for themselves which are responsive to A & W’s discovery request and which they choose to withhold, providing a privilege log instead.

In addition to limiting the expert’s search to two specific documents, the order provides that no waiver of privilege or confidentiality occurs if any otherwise privileged or confidential information is observed by A & W’s counsel or representatives during the imaging process, and they are prohibited from using such information other than in compliance with the terms of the order. The forensic expert is likewise prohibited from disclosing any information observed during the imaging process. And finally, the order requires the expert and all party representatives or counsel participating in the imaging process to sign an acknowledgment agreeing that they are subject to contempt of court for any violation of the order.

Any order requiring the imaging of a computer hard drive necessarily grants the expert who is conducting the imaging process access to all data on that hard drive. Here, Respondent specifically limited the expert’s search to two documents; gave the [Producing Party] a “right of first refusal” with regard to determining which documents or information are relevant to those two documents and responsive to [Requesting Party’s] discovery request; imposed stringent limitations on inadvertent disclosures to prevent any unintended waiver of confidentiality or privilege; and placed all participants in the imaging process under a carefully drawn protective order.

Therefore, we do not agree with the Honzas’ contention that the discovery order is overbroad.

[Ed. Note that a dissenting opinion is also entered by one of the Judges hearing the case. See the order itself for the full text of that dissent, or of the opinion itself.]

In re Honza, 2007 WL 4591917 (Tex. App. Dec. 28, 2007)

Posted in Case Blurbs, Computer Forensics, Data Custodians, Data Sources, Discovery Requests, Duty to Produce, Form of Production, Objections to Discovery Requests, Overly Broad Request, Privacy, Scope of Discovery, State Courts, Texas, TX Judge Felipe Reyna | Leave a Comment »

Brad Harris writes about early stages of discovery

Posted by rjbiii on October 2, 2007

Computer Technology Review posts an article by Fios’ Brad Harris on data collection. Actually, it discusses both custodian identification and collection:

The first consideration in improving an organization’s litigation readiness is to identify where and how personal data is being created and stored. What applications are used to create messages and/or documents throughout the organization? Are application programs centrally managed to limit the types or versions being used?
[…]
Once an employee’s personal data repositories has been identified as potentially relevant to a particular matter, there are a variety of methods used to preserve or copy source files for electronic discovery. Typical collection methodologies range from user discretion, where the employee chooses which files are appropriate, to full forensics imaging that use investigative software to preserve an entire hard drive. Different methodologies have differing cost and risk impacts and, therefore, vary in their applicability.

The article is nicely done, and Brad created a neat matrix comparing the various methods of collection.

[HT: EDD Blog Online]

Posted in Articles, Best Practices, Data Collection, Data Sources, Discovery | Tagged: , | Leave a Comment »

“Hidden” Sources of Data: Your photocopier

Posted by rjbiii on September 8, 2007

EDD Blog Ride the Lightning points out that the copy machine is a favorite, and usually overlooked, source of data:

Most of the law firms we see haven’t a clue that their digital copier (typically configured as a network printer too) may contain recoverable data. The majority of currently available digital copiers contain a hard drive. It is prudent to buy or lease a digital copier that can perform a secure wipe, thereby ensuring confidentiality. Our own copier is set to do a secure wipe after each job, probably a good practice for most lawyers to implement.

Probably a good practice for most businesses to implement, too.
They also link to a funny advertisement featuring a photocopier and an office worker discovered in, shall we say, a compromising position. Good stuff.

Posted in Computer Forensics, Data Management, Data Sources | Leave a Comment »

Case Blurb; WestLB AG; Key Players have a duty to preserve relevant documents

Posted by rjbiii on August 28, 2007

The scope of the duty [to preserve relevant documents] extends to the “key players” in a litigation. Quinby v. WESTLB AG, 2006 WL 2597900 (S.D.N.Y. 2006).

Posted in 2nd Circuit, Case Blurbs, Data Custodians, Data Sources, Duty to Preserve, Key Players, S.D.N.Y | Leave a Comment »