By Bill Kammer
eDiscovery Lessons Learned from January 6
As the FBI and other law enforcement agencies investigate the origins, circumstances, and occurrences surrounding the Capitol invasion in January, we learn more about evidence and information that might be available and useful in litigated matters. As early as the 2017 shooting in Las Vegas, we learned that the software tool X1 Social Discovery can immediately isolate and collect all tweets from a location. The Capitol incident taught us more about evidence available after occurrences as byproducts of our use of mobile devices.
Video feeds, tweets, Parler content, text messages, and chat exchanges can all be harvested without immediate access to a mobile device. Other information is readily available from the ubiquitous security cameras deployed in urban settings. That information is not only available from the originator’s devices but also from those of any recipient of the communication or broadcast.
Chat Apps
The events of January 6 and other demonstrations provoked some to migrate from traditional messaging apps such as WhatsApp, Facebook Messenger, and SMS. New favorites include Signal and Telegram. This migration discussion is not meant as social commentary but only as a suggestion that this development also raises significant discovery considerations if those chat apps are used within business enterprises. That they are encrypted end-to-end is not as important as the issues presented by their storage features. By default, Signal stores conversations only on a user’s device, but Telegram stores content on both the device and on Telegram’s servers. Accessing that information for discovery preservation and production implicates issues of access to mobile devices and to the servers of third parties.
Cybersecurity Risks and Insurance
The present pandemic has clearly affected law practices, particularly those of us primarily working at home. That fact introduces additional cybersecurity risks because of the interconnection of our home office computers, mobile devices, and IoT equipment. Maintenance of enterprise information security in a traditional office has always been challenging, though doable with facile management. Maintenance of similar security across the dispersed workforce is far more challenging. (Witness the intelligence community’s concerns about President Biden’s Peloton.)
Insurers issuing cybersecurity policies have learned of those additional risks, and coverage may be narrower and exclusions more numerous than we thought. Additionally, the cost of good cybersecurity insurance has likely increased, commensurate with the additional risks encountered. We must make sure that we understand our coverages and, if appropriate, evaluate alternatives and their costs.
Browser Password Managers
Most know that a password manager is a far superior technique to store varied and complex passwords. For years, experts have recommended managers such as LastPass and 1Password as functional managers easily deployed across all our computers and mobile devices. More recently, the architects of internet browsers, such as Chrome, Firefox, and Safari, have incorporated a management tool within the browser itself. We often receive suggestions from our browsers to store a new password within the browser itself. However, for a variety of reasons, many experts suggest that we not do so.
Discussion of the reasons for that suggestion require more space than this column; consider these articles for further information: https://youritconsultant.senseient.com/2021/01/dont-use-a-browser-password-manager.html and www.pcworld.com/article/3604671/why-your-browsers-password-manager-isnt-good-enough.html.
Other Laws for Lawyers
These are not statutes, but rather certain principles of analysis that could enlighten some professional work. For instance, “Benford’s Law” can be useful in detecting fraud. That law says that approximately 30% of all naturally occurring numbers begin with 1. Numbers that begin with 7, 8, or 9 each constitute only about 5% of numbers. Parties and criminals who manipulate records may create numbers with beginning numerals with a frequency disproportionate to the natural occurrence.
“Sutton’s Law” draws its name from the notorious bank robber, Willie Sutton. When asked why he robbed banks, he supposedly replied “because that’s where the money is.” Sutton’s Law’s greatest use is in medical diagnosis and stands for the proposition that, during diagnosis, first consider the obvious rather than the more exotic solution. A common expression of the law is “when you hear hoof beats, think horses, not zebras.”
“Occam’s Razor” began as a logical and philosophical rule that the simplest solution is usually the best. Suppose there are two possible solutions. The one that requires the fewest assumptions is usually the correct one. Named for a 14th-century English Franciscan friar, its philosophical application has been extended to other disciplines including science, religion, statistics, and artificial intelligence.
Ethics and Working at Home
When working at home, we store information and copies on home office equipment and transmit that data to our offices and clients over Wi-Fi and via our internet service providers. Nevertheless, we are still subject to our ethical responsibility to maintain client confidentiality and the security of client data. These are not new issues. For instance, the Pennsylvania Bar Association issued a formal opinion on the ethics of virtual law offices (FEO 2010-20). Over the years, state and local bar associations have issued similar opinions about communications, encryption, storage, and confidentiality. They all serve as reminders that, in a pandemic environment, we must still maintain the confidence and preserve the secrets of our clients. Bus. & Prof. Code §6068(e)(1).
Bill Kammer (wkammer@swsslaw.com) is a partner with Solomon Ward Seidenwurm & Smith, LLP.