Electronic Discovery and Computer Forensics Case List - Kroll Ontrack

More documents

Recommendations

Info

� U.S. v. Ziegler, 456 F.3d 1138 (9th Cir. 2006). In an appeal from Montana district court, defendant claimed that child pornography and other information found on his workplace computer was protected as private information under the 4th Amendment. Plaintiff argued that a workplace computer is much like a locked desk drawer in an office and that a similar expectation of privacy should follow. However, the government argued that no employee can possibly have an expectation of privacy when the computer and internet access is paid for by the employer and when there is an entire company department dedicated to monitoring employee’s internet use. The court held that the defendant could not have an objective expectation of privacy since his employer published and practiced a computer monitoring policy. The court noted that the defendant’s personal password protection did not increase privacy expectations. Furthermore, the court stated that if the employer did not have a properly practiced policy in place, than an objective expectation of privacy may have existed for defendant. However, the court concluded “[s]ocial norms suggest that employees are not entitled to privacy in the use of workplace computers.” � Barton v. United States, 2005 WL 1355481 (9th Cir. June 9, 2005). In a suit relating to an antidepressant drug, the trial court denied the plaintiff’s writ of mandamus to prevent disclosure of answers to a law firm questionnaire completed online by prospective clients. The trial court’s decision rested on a disclaimer on the bottom of the questionnaire that stated filling out the questionnaire "does not constitute a request for legal advice and that I am not forming an attorney client relationship by submitting this information." On appeal, the court reversed the trial court’s decision and determined the questionnaire answers were submitted in the course of prospective attorney-client relationship and were thus confidential and protected by the attorney-client privilege. � United States v. Gordon, 393 F.3d 1044 (9th Cir. 2004). After discovering missing stock shares, an employer suspected embezzlement and requested the defendant’s laptop computer for examination. The employer specifically told the defendant not to delete anything from the hard drive. A computer forensic analysis revealed the defendant attempted to overwrite files on the computer by running “Evidence Eliminator,” a software wiping program, at least five times the night before he turned over the computer. The defendant was convicted of embezzlement and ordered to pay restitution, including reimbursing the employer for a portion of the investigation costs. On appeal, the defendant argued the trial court should not have awarded the employer investigation costs, including the costs of the forensic examination. The appellate court rejected this argument and affirmed the district court’s award, noting the defendant “purposefully covered his tracks as he concealed his numerous acts of wrongdoing from [his employer] over a period of years. As the victim, [the employer] cannot be faulted for making a concerted effort to pick up his trail and identify all the assets he took amid everything he worked on.” � Theofel v. Farey Jones, 341 F.3d 978 (9th Cir. 2003), amended by, 359 F.3d 1066 (9th Cir. 2004), cert. denied, 125 S. Ct. 48 (2004). Seeking e-mail discovery, a party in a commercial litigation issued a third party subpoena on the opposing party’s Internet Service Provider (ISP). Instead of limiting the scope of the subpoena to particular subject matters, custodians, or time periods, the subpoena sought all e-mail to or from the opposing party. The ISP substantially complied, but when the opposing party learned of the subpoena, it moved to quash. The court severely criticized the subpoenaing party for its overbroad subpoena and issued $9,000 in sanctions. The employees of the subpoenaed party then brought a new civil suit against the subpoenaing party and its attorney under the Stored Communications Act, the Wiretap Act and the Computer Fraud and Abuse Act. The trial court granted a motion to dismiss the new suit, finding that no claim was stated. The Ninth Circuit reversed and reinstated the civil suit, holding that an overbroad subpoena is not valid especially when directed against a third party that may not have 218
the resources to oppose the subpoena. The ISP’s consent by complying with the e-mail production was invalid since the subpoenaing party had at least constructive knowledge of the subpoena’s invalidity and thus any consent was obtained deceptively and through mistake. � Advanced Micro Devices, Inc. v. Intel Corp., 292 F.3d 664 (9th Cir. 2002). In a dispute relating to the market conduct of Intel Corp, Advanced filed a complaint with the European Commission, and sought discovery according to practices and rules in the United States under federal law. Adopting a broad interpretation of the scope of discovery rights in cases involving foreign tribunals, the court permitted domestic-style discovery under 28 U.S.C. § 1782 in an investigation conducted by the European Community Directorate. � Sea-Land Service, Inc. v. Lozen Int’l, 285 F.3d 808 (9th Cir. 2002). The court ruled that the trial court should have admitted an internal company e-mail, which an employee of the plaintiff had forwarded to the defendant. The defense persuasively argued on appeal that the e-mail was not excludable hearsay because her remarks in forwarding the e-mail manifested an adoption or belief in truth of the information contained in the original e-mail. The court ruled that this satisfied the requirements for an adoptive admission under Fed.R.Evid. 801(d)(2)(B). � Monotype Corp. v. Int’l Typeface Corp., 43 F.3d 443 (9th Cir. 1994). The court declined admission of a detrimental e-mail in a license infringement action, due to the prejudicial nature of the message and fact that the e-mail was not admissible under the business record exception. � United States v. Catabran, 836 F.2d 453 (9th Cir. 1988). Computer printouts are admissible as business records under the Federal Rules of Evidence 803(6), provided that proper foundational requirements are first established. � Williams v. Owens-Illinois, Inc., 665 F.2d 918 (9th Cir. 1982). In an employment discrimination suit, the court refused to order production of the electronic information on computer tape where all the data was previously produced in hard copy. Therefore, the court determined that the Appellants were not deprived of any data. � Transamerican Computer Co. v. IBM, 573 F.2d 646 (9th Cir. 1978). The court was more lenient regarding waiver of privilege where the party was required to produce larger amounts of data and where they actually performed some degree of privilege review. � None reported Alaska Arizona � Surowiec v. Capital Title Agency, Inc., 2011 WL 1671925 (D. Ariz. May 4, 2011). In this breach of contract, inter alia, litigation, the plaintiff requested sanctions, arguing the defendants spoliated evidence and misrepresented the extent of its discovery efforts. In response, the defendants argued a letter it received threatening future litigation did not trigger a duty to preserve because the letter did not specifically name the plaintiff. Clarifying the duty is owed to the court rather than the party’s potential adversary, the court found the letter clearly encompassed a threat from homeowners such as the plaintiff, thus triggering the duty to preserve. Although the court declined to apply the Pension Committee culpability standard, it nonetheless found the defendants’ in-house counsel’s failure to issue a litigation hold, suspend routine document destruction and capture evidence, constituted gross negligence. Reviewing the alleged discovery abuses, the court determined the defendant used unreasonably narrow and literal search terms that initially 219
Page 1 and 2:
Electronic Discovery and Computer F
Page 3 and 4:
Florida ...........................
Page 5 and 6:
protocol. The search protocol allow
Page 7 and 8:
Finally, the court expressed disple
Page 9 and 10:
should rely on IT professionals to
Page 11 and 12:
to compel, the plaintiff sought pro
Page 13 and 14:
had been withheld, and if e-mails w
Page 15 and 16:
the defendants continued to destroy
Page 17 and 18:
ordering recovery and production of
Page 19 and 20:
evidence supporting this contention
Page 21 and 22:
ehavior as a direct contradiction o
Page 23 and 24:
the effort required to conduct a pr
Page 25 and 26:
defendant’s motion to dismiss was
Page 27 and 28:
under Rule 803(6) of the Federal Ru
Page 29 and 30:
pay judgment in favor of the plaint
Page 31 and 32:
equally all costs associated with h
Page 33 and 34:
subpoena would not “prejudice the
Page 35 and 36:
stopped the automatic deletion of e
Page 37 and 38:
far produced refuted an inference o
Page 39 and 40:
commentary that “privacy is no lo
Page 41 and 42:
documents since resorting to the Ha
Page 43 and 44:
� Arista Records LLC v. Usenet.co
Page 45 and 46:
expense of production. The court he
Page 47 and 48:
substantive. Rejecting the SEC’s
Page 49 and 50:
claimed these requests raised user
Page 51 and 52:
efused to issue adverse jury instru
Page 53 and 54:
evidence would have been favorable
Page 55 and 56:
failed to issue a proper litigation
Page 57 and 58:
tapes were meant only for disaster
Page 59 and 60:
cost and time considerations requir
Page 61 and 62:
defendant’s investment officer wa
Page 63 and 64:
Aug. 22, 2003). Stating the order w
Page 65 and 66:
which the court issued severe sanct
Page 67 and 68:
ordered a computer forensics examin
Page 69 and 70:
evidence, and/or failed to make rea
Page 71 and 72:
information from its computer netwo
Page 73 and 74:
production was incomplete, and move
Page 75 and 76:
falsely claimed to have been raped
Page 77 and 78:
� State v. Voorheis, 2004 WL 2581
Page 79 and 80:
sanctions were disproportionate and
Page 81 and 82:
the defendants were responsible for
Page 83 and 84:
was not equitable to force the defe
Page 85 and 86:
choose not to heed the court’s or
Page 87 and 88:
magistrate judge improperly minimiz
Page 89 and 90:
appropriate. The court refused to m
Page 91 and 92:
plaintiffs waived any privilege cla
Page 93 and 94:
defendants failed to preserve and d
Page 95 and 96:
portions of the plaintiff’s Faceb
Page 97 and 98:
court denied sanctions, but issued
Page 99 and 100:
equire the non-party to allow the p
Page 101 and 102:
server. The court also granted the
Page 103 and 104:
preserve the computer’s memory .
Page 105 and 106:
� Itzenson v. Hartford Life and A
Page 107 and 108:
� Eckhardt v. Bank of America, 20
Page 109 and 110:
� Bank of Amer. Corp. v. SR Int
Page 111 and 112:
� Morris v. Metals USA, 2011 WL 9
Page 113 and 114:
did not address the employer’s ab
Page 115 and 116:
� Mezu v. Morgan State Univ., 201
Page 117 and 118:
any such information was irrelevant
Page 119 and 120:
plaintiff’s motion for sanctions
Page 121 and 122:
at Dulles airport, the defendants f
Page 123 and 124:
documents in a manner that was resp
Page 125 and 126:
“destroyed some documents because
Page 127 and 128:
“would be even more reliable than
Page 129 and 130:
defendant’s withholding of respon
Page 131 and 132:
when it was reasonably anticipated.
Page 133 and 134:
Mississippi � PIC Grp., Inc. v. L
Page 135 and 136:
he allegedly sent to the victim. Th
Page 137 and 138:
absent a motion to compel. The cour
Page 139 and 140:
disclosure of the hard drive to the
Page 141 and 142:
to all payment histories of account
Page 143 and 144:
aware that a party in litigation mu
Page 145 and 146:
not clear enough to warrant enforce
Page 147 and 148:
ecause the computer expert testifie
Page 149 and 150:
database contained proprietary info
Page 151 and 152:
should have provided the substance
Page 153 and 154:
protective relief (including cost s
Page 155 and 156:
drive from a vital computer in the
Page 157 and 158:
preserve ‘every shred of paper, e
Page 159 and 160:
defendant plainly manifested an exp
Page 161 and 162:
argued that it previously produced
Page 163 and 164:
� United States v. Premera Blue C
Page 165 and 166:
overwritten] well before th[is] law
Page 167 and 168: documents for use in her wrongful d
Page 169 and 170: devices that contain relevant elect
Page 171 and 172: asserting that the Federal Rules of
Page 173 and 174: excuse” for the obvious discovery
Page 175 and 176: defendants were not entitled to rec
Page 177 and 178: � Whitlow v. Martin, 2009 WL 3338
Page 179 and 180: documents belonging to the plaintif
Page 181 and 182: the filing of the claim, its failur
Page 183 and 184: confidential customer lists, quotat
Page 185 and 186: defendants at a cost of more than $
Page 187 and 188: expert. The court also held that an
Page 189 and 190: electronic discovery of the defenda
Page 191 and 192: within the plaintiff’s control an
Page 193 and 194: � Perfect Barrier LLC v. Woodsmar
Page 195 and 196: citing the defendants’ considerab
Page 197 and 198: � Kasten v. Doral Dental USA, LLC
Page 199 and 200: destruction of evidence indicating
Page 201 and 202: incident, her attorney’s letter c
Page 203 and 204: question to this court to determine
Page 205 and 206: � State v. Levie, 695 N.W.2d 619
Page 207 and 208: instruction because the plaintiff i
Page 209 and 210: plaintiffs’ alleged failure to me
Page 211 and 212: including those from their homes. A
Page 213 and 214: litigation was pending, he had not
Page 215 and 216: the illegal images onto his compute
Page 217: portions of the e-mail were not pro
Page 221 and 222: drive in temporary internet file fo
Page 223 and 224: "wireless sniffers" to intercept ap
Page 225 and 226: communications sent over her work c
Page 227 and 228: court also determined the attorneys
Page 229 and 230: � Keithley v. Homestore.com, Inc.
Page 231 and 232: destroyed relevant electronic docum
Page 233 and 234: personal sanctions due to an absenc
Page 235 and 236: Qualcomm, Inc. v. Broadcom Corp., 2
Page 237 and 238: liable for the destruction of the h
Page 239 and 240: investigation where the defendant r
Page 241 and 242: motion was denied by the trial cour
Page 243 and 244: documents with titles indicating th
Page 245 and 246: defendants had received requests to
Page 247 and 248: the backup tape data and to bear pr
Page 249 and 250: documents included an inaccurate bi
Page 251 and 252: � Playboy Enters., Inc. v. Welles
Page 253 and 254: � Peschel v. City of Missoula, 20
Page 255 and 256: spoliation. Through forensic analys
Page 257 and 258: Phoenix and determined that an elec
Page 259 and 260: the defendant was in possession, cu
Page 261 and 262: Nevertheless, the defendants believ
Page 263 and 264: one violation of the second order,
Page 265 and 266: delays and financial harm. In suppo
Page 267 and 268: plaintiff produced a mere ten e-mai
Page 269 and 270:
defendant’s employees continuousl
Page 271 and 272:
the e-mails and attachments to be r
Page 273 and 274:
elating to any ex parte communicati
Page 275 and 276:
“unadulterated fishing expedition
Page 277 and 278:
e-mails establishing the documents
Page 279 and 280:
metadata, the parties agree that th
Page 281 and 282:
expense in restoring and searching
Page 283 and 284:
and create a more organized and und
Page 285 and 286:
� Phillip M. Adams & Assoc., LLC
Page 287 and 288:
� ClearOne Communications, Inc. v
Page 289 and 290:
� Wright v. AmSouth Bancorp, 320
Page 291 and 292:
metadata or searchable text. Follow
Page 293 and 294:
� In re Fontainebleau Las Vegas C
Page 295 and 296:
nature of the destroyed evidence, i
Page 297 and 298:
appropriate because the plaintiffs
Page 299 and 300:
The award stemmed from the court’
Page 301 and 302:
were also overwritten per departmen
Page 303 and 304:
order, the teacher declared the pro
Page 305 and 306:
investigation of the plaintiff’s
Page 307 and 308:
Regarding the defendants’ relevan
Page 309 and 310:
� ABC Home Health Servs. v. IBM C
Page 311 and 312:
document preservation order. The re
Page 313:
search,” the court ordered the De
show all

Electronic Discovery and Computer Forensics Case List - Kroll Ontrack

Create successful ePaper yourself

Delete template?

Save as template?