On January 9, the Securities & Exchange Commission (“SEC”) released its National Examination Priorities (“NEP”) for 2014 and once again identified cybersecurity as a heightened risk that the agency intends to scrutinize as part of its mission to protect investors.  The NEP identifies technology — specifically, companies’ governance and supervision of IT systems, information security, and response readiness — as one of its most significant initiatives for 2014.  The NEP’s Broker-Dealer Exam Program also identifies market access controls related to “information leakage and cyber security” as a core risk on which the agency will focus in the coming year.

We wrote in a previous post about the SEC’s intensifying focus on corporations’ cybersecurity efforts – and on their cybersecurity weaknesses and risks.  Cybersecurity has continued to be a focal point for the SEC, especially in the face of mounting Congressional pressure on the agency to demand more transparency from companies about their cybersecurity risks and steps taken to address those risks, and recent reports of cyberattacks against U.S. companies and the massive costs to those companies that result.  SEC Chair Mary Jo White noted in a speech to the National Association of Corporate Directors in October that cybersecurity was a “hot topic from many perspectives.”  This year’s NEP is the latest sign that corporate cyber risks and incidents will remain in the agency spotlight in 2014.
Continue Reading SEC to Focus on Corporate Cybersecurity Risks in 2014

Last Friday, the Supreme Court agreed to weigh in on whether law enforcement officers need a warrant to search the contents of a smart/cell phone seized during a lawful arrest (see Washington Post and Wall Street Journal Articles).  As I’ve previously written, this issue, which has deeply divided federal and state courts, highlights the tension between individual privacy interests and applying the Fourth Amendment – a document drafted hundreds of years ago, when mail could take months to travel across the Atlantic – to today’s technology, when data can span the globe in a matter of seconds.

The two cases are:  Riley v. California, stemming from a decision by the California Court of Appeal, and United States v. Wurie, an appeal from a decision by the U.S. Court of Appeals for the First Circuit.  With regard to the Wurie decision, the First Circuit’s denial of the government’s petition for en banc review is especially noteworthy.  There, Chief Judge Lynch noted that the case clearly merited en banc review, but he voted to deny such a rehearing:
Continue Reading Supreme Court to Decide Whether Privacy Interests and Fourth Amendment Protections Apply to Warrantless Smart Phone / Cell Phone Searches Incident to Arrest

Earlier this month, the U.S. District Court for the District of Kansas “substantially revised its ESI guidelines to address that particularly critical and rapidly evolving subject.” As part of an ongoing effort to adapt its local rules and guidelines to ensure “that civil litigation actually is handled in the ‘just, speedy, and inexpensive’ manner contemplated by Rule 1 of the Federal Rules of Civil Procedure,” the Court’s Bench-Bar Committee approved recommendations made by various working groups of its Rule 1 Task Force. That task force project included a working group dedicated to e-discovery, and the result is that the Court’s ESI Guidelines have been revamped to incorporate the growing volume of e-discovery case law and guidance published in recent years.

Now twelve pages instead of its original five, the revised Guidelines include various notable updates. For example, the Guidelines now address the use of technology-assisted review (TAR), they reference the Sedona Conference Cooperation Proclamation, and they instruct counsel about the availability of Federal Rule of Evidence 502(d) to protect against waivers of privilege. The new ESI Guidelines undoubtedly place the U.S. District Court for the District of Kansas as one of the leading federal courts in the area of civil litigation e-discovery.
Continue Reading Kansas Federal District Court Revamps ESI Guidelines To Address Developments in E-Discovery Case Law, TAR and Social Media Evidence

On Wednesday August 14, 2013, I will be participating in a free BNA webinar exploring the constitutional and practical dimensions of ESI in federal and state criminal actions. I will be speaking with an experienced group of panelists, including Hon. Craig B. Shaffer, United States Magistrate Judge, District of Colorado; Roy Altman, Assistant United States

In an ethics opinion issued last month, New Hampshire joined the growing list of states and cities whose bar association ethics committee has provided its lawyers with formal guidance on the ethics of using social media to search for evidence in pending litigation. Given the ubiquity of social media use today, some may contend that searching for social media evidence that may be available from the accounts of clients, opposing parties and third-party witnesses is part of a lawyer’s ethical duty to represent his or her client competently and diligently and to investigate the case. Using social media to collect evidence or investigate a case, however, may implicate additional ethical duties, including the duty to be honest in dealing with others. Consequently, an increasing number of bar association ethics committees are addressing the fact that their respective rules of professional conduct don’t offer express guidance on how to navigate the ethical issues that these new technologies present to lawyers. In addition to communications with third-party witnesses, recent ethics opinions address a host of other novel issues, such as the July 2013 New York County Lawyer’s Association’s Ethics Opinion advising lawyers on “how attorneys may advise clients concerning what may be posted or removed from social media websites.”
Continue Reading New Hampshire Becomes Latest Jurisdiction to Advise Lawyers on How to Ethically Use Social Media When Searching for Evidence on Facebook and Twitter

In conjunction with the 2013 American Bar Association annual State of Criminal Justice, I have published a new article on “E-Discovery in Government Investigations and Criminal Litigation.” The article provides an in-depth look at many of the current and cutting edge issues raised by e-discovery in this context, including the search and seizure

We commonly see news stories about law enforcement using social media to investigate, arrest or prosecute criminal defendants. Some of these cases are starting to raise interesting constitutional issues. One such case relates to Cameron D’Ambrosio, a high school senior who was arrested last month for “communicating terrorist threats” through music lyrics that were posted to his Facebook page. As I told Michelle Bowman of Lawyers.com, “D’Ambrosio’s case is an example of the new legal issues that the recent proliferation of social media use is bringing to the attention of courts and the public.”
Continue Reading Music Lyrics Posted to Facebook Results in Criminal Charge: A Trend in the Legal Issues Surrounding Social Media Use

Earlier this month, the Internal Revenue Service issued a policy statement declaring that, going forward, it will obtain search warrants when requesting user e-mails in criminal investigations from an internet service provider.  The IRS specifically noted that it would follow the Sixth Circuit decision in U.S. v. Warshak, 631 F.3d 266 (6th Cir. 2010),

According to the CTIA-The Wireless Association, there are more mobile phones than people in the United States. The explosion of smart phones has fed another important and developing issue relating to ESI in government investigations and criminal litigation – the warrantless searches of mobile phones incident to a lawful arrest.

As with Fourth Amendment search warrants, courts have struggled to apply traditional doctrines to modern day technology – in this case comparing mobile phones to a closed container on an arrestee’s person, such as a wallet, purse, address book or cigarette package. However, unlike a closed container, a computer – and a modern mobile phone is a computer – does not store physical objects which are in plain view once the container is opened. Moreover, the storage capability of an electronic device is not limited by the physical size of the container. Today’s mobile phones are gateway devices, allowing a user – or potentially a law enforcement officer pursuant to a lawful arrest – to access data stored in the cloud, countless photographs, text messages, location data, chats, or items located on another computer, just to name a few.
Continue Reading Mobile Phone Searches Incident to Arrest

Back in February, I spoke at the at the Richmond Journal of Law and Technology’s annual symposium, titled “E-Discovery: A New Frontier.” During my presentation, I discussed many of the new and cutting edge issues facing practitioners in government investigations and criminal litigation, including pre-indictment practice, various constitutional issues, privacy, and various issues