Photo of John Davis

John Davis is co-chair of Crowell & Moring’s E-Discovery & Information Management Practice and a member of the Litigation Group. John has over 20 years of experience advising clients on information law issues – including discovery, data analytics, privacy, cross-border transfers, cybersecurity, information governance and emergent technology – and representing companies in complex litigations. He leads responses to U.S. and foreign governmental inquiries, conducts international investigations of data breaches, and counsels companies on managing data risk in litigation and through their policies and procedures. John is an award-winning author and frequent lecturer on investigations and information law.

The DOJ has long expressed concern about the impact of personal messaging – in particular of encrypted and ephemeral message apps – on its ability to effectively conduct investigations (and rely on the results of company investigations). Close on the heels of the well-publicized SEC enforcement sweeps of financial industry message retention practices, Deputy Attorney

The latest report in the In re Opioid litigations is a sharp reminder not to fall short in your disclosure obligations

When it rains it pours. The ongoing saga of disclosure disputes in the many In re Opioid litigations started a new chapter with the release of a Report (referenced below) by former Justice Maltese, acting as Referee in a New York state court Opioid case.

The Report, which sketches out a series of discovery mishaps and omissions stretching across multiple courts and cases, as well as some apparent sharp dealing by defense counsel, is a strong reminder to be thorough and exercise independent judgment in fulfilling discovery obligations. In particular in mega-litigations such as the In re Opioid matters, even the smallest discovery disputes may be weaponized. Plaintiffs are actively looking for opportunities to attack defendants for discovery irregularities, and often seeking the extreme sanctions when they do. Outside counsel for defendants are not out of the line of fire. Here, because the defendant resolved the underlying case before the Report was released, Justice Maltese’s hammer largely fell on defense counsel for counsel’s, client’s and discovery vendor’s mistakes leading to the belated production of relevant interview notes, and what the court viewed as related gamesmanship.

The Report (at 18-19) briefly discusses the aggrieving conduct, finding thatContinue Reading Don’t fall short in your disclosure obligations: In re Opioid litigations.

The new year has brought one of the most comprehensive court decisions yet reminding attorneys in no uncertain terms of the rules mandating fundamental competency in the treatment of electronically stored information (“ESI”). Falling short may get both lawyers and clients sanctioned.

In January 2021, U.S. District Judge Iain Johnston issued his opinion in DR Distributors, LLC v. 21 Century Smoking, Inc. (N.D. Ill. No. 12 CV 50324) coming down hard on defense counsel for failing to possess the skills and diligence necessary to competently meet their ESI discovery obligations. In a detailed opinion that is well worth reading (if you have an hour or two), the court recounts the many e-discovery “missteps, misdeeds, and misrepresentations” both of client and counsel that culminated in the issuance of harsh evidentiary and cost-shifting sanctions on each.Continue Reading Off the edge of the E-Discovery map, there be monsters! Federal court issues epic opinion sanctioning counsel for failure to show competence and diligence in meeting ESI discovery obligations.

As none of us can forget, the COVID-19 pandemic forced companies to close their brick and mortar offices with little time to adequately prepare their employees for a remote work environment. All of a sudden, in-person meetings were replaced with virtual conferences via Microsoft Teams, Zoom, and Amazon Chime – each leaving a new data

On January 13, 2020, U.S. District Court Judge Castel of the Southern District of New York in SEC v. Telegram Group Inc. et al., No. 19 Civ. 9439 (PKC) granted the motion of the U.S. Securities and Exchange Commission (“SEC”) to compel Telegram Group Inc., a technology company best known for its secure messaging app, to produce overseas bank records (Dkt. 67). The SEC had sought these records “fully unredacted” on an expedited basis in support of its claim that Telegram engaged in an unregistered securities offering (Dkt. 52). Telegram objected to any production, asserting that the records were of questionable relevance, that they contained banking and personal information protected by a host of foreign laws, and that it would be unduly burdensome to “to cull through these records and redact the personal information of non-U.S. persons and entities subject to foreign data privacy law protections.” (Dkt. 55). In a short decision, the Court ordered Telegram to produce the records on a tight timeline, holding that “[o]nly redactions necessitated by foreign privacy laws shall be permitted, and a log stating the basis for any redaction shall be produced at the same time the redacted documents are produced.”

There are a few key takeaways from this decision. First, the Court recognized foreign data privacy laws as legitimate grounds for withholding otherwise discoverable information. Defendant was not given a blank check to redact; rather, the Court required Telegram to log the basis for any privacy assertions, and one can expect the SEC will closely question Telegram on the redactions. At the same time, the Court clearly did not agree with the SEC’s characterization of data privacy laws as “blocking statutes” to be ignored, and was not swayed by its complaints that Telegram had not shown that such laws require deference. This is consistent with an observed general heightened sensitivity to data privacy and data security interests in the U.S. and abroad.

Judge Castel’s approach represents a change from U.S. courts’ prior dismissive treatment of similar disclosure objections. Courts traditionally would apply a multi-factor comity analysis that generally prioritized U.S. discovery interests over those of conflicting foreign laws and ultimately required unredacted production. See, e.g., Laydon v. Mizuho Bank, Ltd., 183 F. Supp.3d 409 (S.D.N.Y. 2016) (requiring unredacted production of data protected by the then EU privacy regulation, the 1995 EU Directive 95/46/EC, based on comity analysis set out in Société Nationale Industrielle Aerospatiale v. U.S. Dist. Court for S. Dist. of Iowa, 482 U.S. 522, 544 n.29 (1987) (hereinafter “Aerospatiale”)). Certainly, the SEC pushed for the customary approach, but Judge Castel appears implicitly to have to have resolved in short form (or skipped over) the Aerospatiale comity analysis and accepted the legitimacy of foreign restrictions on disclosure in U.S. proceedings.Continue Reading Burden of Compliance With Foreign Data Privacy Laws Does Not Justify Withholding of Banking Records