ABA Talks Social Media Mining And Evidence

May 21, 2014 Administrator Leave a comment Tech for Lawyers

Legal Loop: ABA on lawyers mining social media for evidence (NY Daily Record, 4 May 2014) – Social media has been around for more than a decade now and its impact on our society is indisputable. But it’s only been in recent years that lawyers have begun to fully realize what a treasure trove of useful information can be obtained from social media throughout the litigation process. Of course, mining social media for evidence has both drawbacks and benefits. Lawyers who seek to use social media evidence to obtain evidence for their cases must tread carefully and ensure that they fully comply with their ethical obligations when doing so. Fortunately, there is a good amount of guidance available since a number of jurisdictions have addressed the ethics of mining social media for evidence. For the most part, the ethics boards have concluded that lawyers may not engage in deception when attempting to obtain information on social media, regardless of whether the party from whom information is sought is represented by counsel. See, for example: Oregon State bar Ethics Committee Op. 2013-189 (lawyer may access an unrepresented individual’s publicly available social media information but “friending” known represented party impermissible absent express permission from party’s counsel); New York State Bar Opinion No. 843 [9/10/10] (attorney or agent can look at a party’s protected profile as long as no deception was used to gain access to it); New York City Bar Association Formal Opinion 2010-2 (attorney or agent can ethically “friend” unrepresented party without disclosing true purpose, but even so it is better not to engage in “trickery” and instead be truthful or use formal discovery); Philadelphia Bar Association Opinion 2009-02 (attorney or agent cannot “friend” unrepresented party absent disclosure that it relates to pending lawsuit); San Diego County Bar Association Opinion 2011-2 (attorney or agent can never “friend” represented party even if the reason for doing so is disclosed); and New York County Lawyers Association Formal Opinion No. 743 (attorney or agent can monitor jurors’ use of social media, but only if there are no passive notifications of the monitoring. The attorney must tell court if s/he discovers improprieties and can’t use the discovery of improprieties to gain a tactical advantage). The American Bar Association’s Standing Committee on Ethics and Responsibility weighed in just last month. In Opinion 466, the committee considered “whether a lawyer who represents a client in a matter that will be tried to a jury may review the jurors’ or potential jurors’ presence on the Internet leading up to and during trial, and, if so, what ethical obligations the lawyer might have regarding information discovered during the review.”

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/photoraidz.

Google Cracks Down On Student Gmail Scans

May 19, 2014 Administrator Leave a comment News

Google halts student Gmail advertisement scans (BBC, 30 April 2014) – Google has stopped scanning millions of Gmail accounts linked to an educational scheme – a process it uses to target adverts. The decision includes email accounts associated with Google Apps for Education (GAE) . This initiative provides teachers and students with access to free apps and storage, as well as customised @schoolname.edu email addresses. The move follows reports the scans might have breached a US privacy law. Google highlighted its use of such scans when it updated its terms and conditions last month. “Our automated systems analyse your content (including emails) to provide you personally-relevant product features, such as customised search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored,” the terms read . However, the Education Week website said this data-mining activity might place the firm in breach of the US Family Educational Rights and Privacy Act. “We’ve permanently removed all ads scanning in Gmail for Apps for Education, which means Google cannot collect or use student data in Apps for Education services for advertising purposes,” wrote Google for Education director Bram Bout on a company blog. The change is also promised for users who signed up to Gmail as part of the service while at school or university, but have now moved on.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/digitalart.

When Your Phone Always Knows Where You Are

May 16, 2014 Administrator Leave a comment Privacy

Phones are giving away your location, regardless of your privacy settings (Quartz, 28 April 2014) – Sensors in your phone that collect seemingly harmless data could leave you vulnerable to cyber attack, according to new research. And saying no to apps that ask for your location is not enough to prevent the tracking of your device. A new study has found evidence that accelerometers-which sense motion in your smartphone and are used for applications from pedometers to gaming-leave “unique, trackable fingerprints” that can be used to identify you and monitor your phone. Here’s how it works, according to University of Illinois electrical and computer engineering professor Romit Roy Choudhury and his team: Tiny imperfections during the manufacturing process make a unique fingerprint on your accelerometer data. The researchers compared it to cutting out sugar cookies with a cookie cutter-they may look the same, but each one is slightly, imperceptibly different. When that data is sent to the cloud for processing, your phone’s particular signal can be used to identify you. In other words, the same data that helps you control Flappy Bird can be used to pinpoint your location. Choudhury’s team was able to identify individual phones with 96% accuracy. “Even if you erase the app in the phone, or even erase and reinstall all software,” Choudhury said in a press release, “the fingerprint still stays inherent. That’s a serious threat.” Moreover, Choudhury suggested that other sensors might be just as vulnerable: Cameras, microphones, and gyroscopes could be leaving their smudgy prints all over the cloud as well, making it even easier for crooks to identify a phone.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/KROMKRATHOG.

FTC Wins First Round In Battle Over Data Security

May 14, 2014 Administrator Leave a comment Security

Wyndham decision affirms FTC jurisdiction and assertive role on “thorny” cyber and data security issues (Wiley Rein, 8 April 2014) – The Federal Trade Commission (FTC) has just won the first major round of its fight with Wyndham Hotels over data security. In FTC v. Wyndham Worldwide Corp., et al., No. 13-1887 (D.N.J.), the FTC’s jurisdiction to punish companies for allegedly lax data security practices was challenged when Wyndham moved to dismiss the FTC’s unfair and deceptive practices claims. On April 7, 2014, after briefing, oral argument, and several amicus submissions, federal judge Esther Salas rejected all of Wyndham’s arguments and affirmed the FTC’s jurisdiction. In doing so, she noted that the case highlights “a variety of thorny legal issues that Congress and the courts will continue to grapple with for the foreseeable future.” The court affirmed the FTC’s jurisdiction and its discretion to proceed by enforcement action, rejecting Wyndham’s argument that ‘the FTC’s “‘failure to publish any interpretive guidance whatsoever’ violates fair notice principles and “bedrock principles of administrative law.’” (quoting briefing). The court found the unfairness proscriptions in Section 5 to be flexible and noted that the FTC had brought “unfairness actions in a variety of contexts without preexisting rules or regulations.” In this sense, the Court found “inapposite” Wyndham’s reference to evolving frameworks at the Department of Homeland Security (DHS) and the National Institute of Standards and Technology (NIST) as examples of what the FTC should be expected to do. (See February 13, 2014 Client Alert ). The court analogized the FTC’s enforcement action to case-by-case approaches used by the National Labor Relations Board (NLRB) and Occupational Safety and Health Administration (OSHA), despite Wyndham’s argument that the “rapidly-evolving nature of data security” made those agencies’ actions poor examples. The court also rejected the challenge to the deceptive practices claim, finding that the FTC had adequately pled it under whatever standard applied.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Stuart Miles.

Public Officials- Past The Age Of Privacy?

May 12, 2014 Administrator Leave a comment Privacy

Public officials in a wired world: How much privacy should they get? (LA Times editorial, 15 April 2014) – New technology often challenges society’s long-standing assumptions and standards, but sometimes courts – and others – lose sight of common sense as they grapple with the changes. That’s the case in a recent decision of California’s 6th Appellate District, which found that text messages and emails between public officials are beyond the reach of the Public Records Act if they are sent on private devices rather than ones owned by public agencies. The three-judge panel said that electronic communications between council members and the mayor of San Jose, even those regarding city business, should not be considered “public” records if they are not “used” or “retained” by the city government (the language cited comes from California’s Public Records Act, written long before smartphones existed). Accordingly, the 6th Circuit overturned the decision of the trial court judge and ruled that the city need not turn over the communications to interested members of the public, even though both sides conceded that they involved official business. That decision hews to the narrow language of the act, but it distorts the act’s larger purpose, which is to ensure that the public can scrutinize the actions of its employees when they are doing public work.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/basketman.

Lawyers Ethically Required To Understand E-Discovery?

May 9, 2014 Administrator Leave a comment Ethics

Botched e-discovery can be an ethics violation, proposed opinion says (ABA Journal, 14 April 2014) – A proposed ethics opinion says California’s duty of competence requires lawyers to have a basic understanding of e-discovery issues and could require greater technical knowledge in certain cases. The proposed opinion (PDF) by the California State Bar’s Standing Committee on Professional Responsibility and Conduct says lawyers without the necessary competence have three options. They can acquire sufficient skill, they can seek out technical consultants or competent counsel, or they can decline the representation. The committee is accepting comments on the proposed opinion through June 24. The proposed ethics opinion is based on a hypothetical situation in which a lawyer agrees to opposing counsel’s search terms for a search of his client’s database. The lawyer instructs his client to allow the opposing counsel’s database search, wrongly assuming a clawback agreement would allow for recovery of anything inadvertently produced. After the search results are turned over to the opposing counsel without the lawyer’s review, the lawyer learns the search produced privileged information and showed that his client had deleted some potentially relevant documents as part of a regular document retention policy. The lawyer in the hypothetical not only breached his duty of competence, he also breached a duty to maintain client confidences and to protect privileged information, the proposed opinion says. In addition, the proposed opinion says, the lawyer should have assisted the client in placing a litigation hold on potentially relevant documents as part of the ethical duty not to suppress evidence.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/digitalart.