A replay of The Data Privacy and Security Landscape: Privacy Class Action Litigation Trends is available for viewing.
Artificial Intelligence Discussed at Legalweek
Privacy and data breach class action litigation, as well as artificial intelligence issues, are among the key issues that keep businesses and corporate counsel up at night. There was over $1 billion procured in settlements and jury verdicts over the last year for these types of “bet-the-company” cases. At the ALM Law.com Legalweek 2024 conference in New York City, Duane Morris partner Alex W. Karasik was a panelist at the session “Trends in US Data Privacy Laws and Enforcement.” The conference, which had over 6,000 attendees, produced excellent dialogues on how cutting-edge technologies can potentially lead to class action litigation.
How AI and ChatGPT Affects Class Action Litigation
Preservation of Ephemeral Messaging for Business Purposes
Ephemeral messaging is short-lived, yet the data preservation and regulatory obligations remain.
Ephemeral messaging apps – like WhatsApp and SnapChat – are a form of digital communication available for a limited time and then deleted. The two key characteristics of ephemeral messaging are: (1) automated deletion of message content for both the sender and the receiver and (2) end-to-end encryption which enhances privacy by making it more difficult for hackers and others to read the encrypted data while it is in transition between devices.
The three degrees of ephemerality in messaging apps are:
- Pure which involves the permanent and automated deletion of messages;
- Quasi which permits preservation of messages in certain circumstances; and
- Non-ephemeral in which messages usually remain on a source (such as a server) and may not include end-to-end encryption.
The benefits of ephemeral messaging include:
- Information governance: Data storage and records preservation/management are reduced by ephemeral messaging.
- Legal compliance: Encryption and automatic deletion of personal data help reduce exposure if a data breach occurs.
- Data security: Even if a mobile device is lost, the automatic deletion of data will likely protect against hackers.
The legal risks of ephemeral messaging include: (1) complying with subpoenas and (2) preservation of data when litigation is “reasonably anticipated”.
Subpoenas often define documents and communications broadly to capture all communications, including ephemeral messaging. Thus, the failure to preserve documents may result in an inability to fully comply with a subpoena and/or a criminal exposure, particularly if the subpoena was issued by the government.
Regarding the preservation of data, legal hold policies may need to be amended to address ephemeral messaging, including when a company is dealing with government regulators. See e.g., Federal Trade Commission v. Noland, et al., Case No. CV-20-00047-PHX-DWL (D. Ariz. 2021) (sanctioning defendants for installing and using ephemeral messaging after learning they were investigation targets).
Some regulators caution against the use of ephemeral messaging. For example:
- The U.S. Securities and Exchange Commission (“SEC”) issued a guidance in 2018 that prohibits business use of apps which permit automatic destruction of messages.
- The U.S. Department of Justice (“DOJ”) updated its Evaluation of Corporate Compliance Programs in March 2023 which discusses the factors that prosecutors should consider in conducting an investigation of a corporation including the adequacy and effectiveness of the corporation’s compliance program at the time of the offence as well as at the time of the charging decision.
Accordingly, establishing adequate and effective corporate compliance programs are important, including:
- establishing a corporate compliance program which is monitored, updated, and works in practice, and
- reviewing the company’s document-retention policies and procedures, including whether they address ephemeral messaging and mobile device data.
In sum, although ephemeral messaging is short-lived, the consequences – of failing to comply with data preservation and regulatory obligations – may be long lasting.
Webinar Replay: Privacy Issues in Cross-Border Litigation
A webinar replay of “Privacy Issues in Cross-Border Litigation” is now available.
Webinar: Privacy Issues in Cross-Border Litigation
Duane Morris is hosting the Data Privacy and Security Landscape: Legal Developments in the United States and Beyond Webinar Series. The second session, “Privacy Issues in Cross-Border Litigation,” takes place June 30, 2021, at 12:30 p.m. Eastern / 5:30 p.m. BST.
For more information and to register, please visit the event website.
Artificial Intelligence Errors Potentially Heralding Litigation and Regulation?
When we think of artificial intelligence (AI), we often think of machine learning and decision-making that far surpasses that thinking of mere humans. Many jobs once employed by humans now are being handled by AI, which over time can prove to be less expensive, and causing greater productivity and accuracy in terms of performing job tasks. But is AI truly a panacea? Not so fast. Some problems reportedly have emerged. Continue reading “Artificial Intelligence Errors Potentially Heralding Litigation and Regulation?”
Winning Cases by Telling a Story
Once upon a time, long ago but not too far away, there was a law firm associate who was working up a case for a senior trial partner with the hope of delivering a well-prepared pre-trial and trial plan.
The associate proudly presented all the miscellaneous supporting legal authorities and the various favorable facts. But what was the senior trial partner’s response? “Stop!”
E-Discovery Is More Costly, Burdensome Than You Think
Once upon a time, it was widely believed that electronic discovery would streamline litigation, making it faster, easier, less burdensome, and less expensive. So, now that we are some years into the e-discovery experience, has the prediction come true? Sadly, not necessarily.
While it is true that it can be easier to retrieve information electronically by using search terms, rather than sending teams of associates into warehouses to rummage through boxes of documents, that is just the tip of the iceberg when considering the overall e-discovery effort. And even if vast quantities of electronic information can be brought up based on a simple search, that information had to be harvested at the front-end, and ultimately will need to be reviewed at the back-end.
Continue reading “E-Discovery Is More Costly, Burdensome Than You Think”
Second Circuit Addresses DMCA Safeharbor in Landmark Case
A new Second Circuit decision could change the way some service providers conduct business on the internet, imposing a greater burden to assess specific infringing activity.
In Viacom v. YouTube, Viacom sought $1 billion in damages for direct and secondary copyright infringement based on claims that its users improperly uploaded thousands of Viacom’s videos. The district previously held that YouTube was protected against claims of copyright infringement under the DMCA safe harbor primarily because it had insufficient notice of the particular infringement at issue. Essentially, it held that under the DMCA, service providers did not have a responsibility to identify which of its users’ postings infringed a copyright.
Continue reading “Second Circuit Addresses DMCA Safeharbor in Landmark Case”