In October 2010, Facebook announced a new Download Your Information (“DYI”) feature, billed as “an easy way to quickly download to your computer everything you’ve ever posted on Facebook and all your correspondences with friends: your messages, wall posts, photos, status updates and profile information.” The Facebook announcement included a short video detailing how to use the feature. Cnet TV has a more in-depth video. Craig Ball also wrote an article about this feature in the February 23, 2011 issue of Law Technology News.
When a party voluntarily dumps data on its adversary without first conducting a meaningful privilege review, that party may be deemed to have waived any applicable privileges, particularly where it fails to timely argue that a privilege review would be too costly. That is the lesson of In re Fontainebleau Las Vegas Contract Litig., 2011 U.S. Dist. LEXIS 4105 (S.D. Fla. Jan. 7, 2011), a cautionary tale of the dangers of data dumping. After repeatedly failing to meet court-ordered production deadlines, in response to a subpoena, Fontainebleau Resorts, LLC (“FBR”) essentially dumped on the requesting parties (the “Term Lenders”) three servers containing approximately 800 GB of data–without first conducting any meaningful privilege review. Consequently, in its January 7th decision, the court granted the Term Lenders’ motion seeking a declaration that FBR waived its privilege claims. Had FBR litigated this matter differently, it might have protected its privileged information.
New York’s Appellate Division Finds Facebook Accounts Off-Limits When Discovery Demands are Non-Specific
In McCann v. Harleysville Insurance Co. of New York, 910 N.Y.S.2d 614, 2010 N.Y. App. Div. LEXIS 8396 (N.Y. App. Div. Nov. 12, 2010), New York’s Appellate Division, Fourth Department affirmed the trial court’s refusal to compel Plaintiff to produce information regarding or provide access to her Facebook account. Plaintiff was injured in an auto accident with one of Harleysville’s insured. She filed a personal injury suit against the insured, which resulted in a settlement. Plaintiff thereafter commenced a new action directly against Harleysville for certain uninsured/underinsured auto insurance benefits.
Analyzing “Care, Custody or Control” for Preservation and Production of Electronically Stored Information
A party has an obligation under the Federal Rules of Civil Procedure to produce materials — including electronically stored information (“ESI”) — within their “care, custody or control.” Rule 34 of the Federal Rules construes this to mean either “the legal right” or “the actual ability” to obtain the materials; and New York courts have broadly interpreted this obligation to extend to documents and materials that a party has the “right, authority, or practical ability to obtain.” See In re NTL, Inc. Securities Litigation, 244 F.R.D. 179, 195 (S.D.N.Y. 2007).
No Privilege for Information Posted on Social Network Sites — Court Orders Production of Plaintiff’s Social Network Account Usernames and Passwords
A Pennsylvania Court of Common Pleas has ordered the production of a plaintiff’s social network account passwords and usernames in the recent decision of McMillen v. Hummingbird Speedway, Inc., Case No. 113-2010 CD (Pa. Ct. of Common Pleas, Jefferson Cty. September 9, 2010) In this case, McMillen sued Hummingbird Speedway Inc. and others for injuries he allegedly suffered when he was rear-ended during a cool down lap after a stock car race in 2007 on Hummingbird’s premises. During discovery, Hummingbird requested that plaintiff disclose information regarding social network websites that plaintiff belonged to and asked that plaintiff turn over his log-in and passwords for his accounts. McMillen responded that he had accounts on Facebook and MySpace but objected to any request for his log-in and passwords on the basis that the requested information was privileged and would lead to the production of private communications. Ultimately, Hummingbird filed a motion to compel the production of the requested information as they wanted “to determine whether or not plaintiff has made any other comments which impeach and contradict his disability and damages claims.” The court found that such information is not protected by any evidentiary privileges under Pennsylvania law and thus, is discoverable.
The 2010 E-Discovery Landscape: Panel Discussion on the Essential E-Discovery Decisions of 2010 at Gibbons Fourth Annual E-Discovery Conference
Gibbons’ Fourth Annual E-Discovery Conference kicked off with a panel discussion on the essential e-discovery decisions from 2010. The panel, comprised of renowned e-discovery authority Michael Arkfeld of Arkfeld & Associates, Scott J. Etish, Esq., an associate at Gibbons and member of the firm’s E-Discovery Task Force, and the Hon. John J. Hughes, United States Magistrate Judge for the District of New Jersey (Retired), addressed numerous recent decisions related to the following areas: (1) the need for outside and inside counsel to monitor compliance; (2) obtaining electronically stored information from foreign companies; (3) cooperation between adverse parties; (4) social media discovery; (5) searches and inadvertently disclosed privilege documents; and (6) legal holds and sanctions. The panel provided guidance as to best practices related to numerous areas, including navigating e-discovery challenges in the aftermath of the seminal Pension Committee, Rimkus and Victor Stanley II decisions. A brief summary of all of the cases the panel discussed is available here, and a copy of the PowerPoint slides the panel used is available here.
Congress enacted the Computer Fraud and Abuse Act (“CFAA”) 18 U.S.C. § 1030 et seq., in 1984 to combat hackers and to address federal computer-related offenses. The CFAA prohibits individuals from “intentionally access[ing] a computer without authorization or exceed[ing] authorized access, and thereby obtain[ing] … information from any protected computer.” See 18 U.S.C. § 1030(a)(2)(C). A “protected computer” includes a computer “exclusively for the use of a financial institution or the United States Government” or a computer that is “used in or affecting interstate or foreign commerce or communication.” See 18 U.S.C. § 1030(e)(2). The CFAA provides for criminal fines and penalties as well as a private civil right of action to remedy violations. See 18 U.S.C. § 1030(g). Civil remedies are limited to economic damages. Id.