The Future of Mobile E-Discovery
In the business world, the use of mobile devices such as smartphones, cell phones and tablet devices is proliferating. This presents enormous challenges for attorneys who oversee electronic discovery (e-discovery) for organizations.
Mobile Discovery and Criminal Litigation
In criminal law, there is a long tradition of mobile device forensics. In many instances, though, the technology has been overshadowed by potential Fourth Amendment violations and privacy concerns. For example, the Michigan State Police utilize mobile forensic devices that are capable of extracting information from smartphones in a matter of minutes. For several years now, the ACLU of Michigan has been filing freedom of information requests regarding the use and access of these portable devices. In a series of dueling press releases in 2011, the ACLU accused the state police of using the technology to "quickly download data from cell phones without the owner of the cell phone knowing." In its own press release, the Michigan State Police insisted that it only uses the devices when officers have a search warrant or the owner gives consent. What can get lost in this sort of back and forth is that law enforcement has been using forensic mobile device software to extract discoverable information for years and with great success. However the association with criminal investigations has given the software an aura of being complicated or difficult to use and of little use in civil litigation. The reality is that mobile device e-discovery is coming to the civil law world whether it's ready or not.
As of February 2012, 88% of American adults have a cell phone, 46% have a smartphone, 57% have a laptop, 19% have an ebook reader and 19% own a tablet, according to Mobify (mobify.com). Mobile devices are growing increasingly sophisticated, and the market shows no sign of slowing down. The worldwide smartphone market grew 54.7% year over year in the fourth quarter of 2011, according to International Data Corporation (IDC).
With these devices, users are generating more and different types of data, which are all potentially responsive in both civil and criminal proceedings, including: call logs, email, texts, GPS data, photos, video files, voicemail, Web browsing history, address book, search history, calendar and so forth.
Once, organizations involved in civil litigation could argue that it was too difficult to collect this type of information during discovery, and therefore, they did not have to worry about acquisition, review, processing and production. Today, though, litigants should not expect to be able to claim this much longer. There is simply too much potentially relevant information being generated and stored on mobile devices. Those in the law enforcement area have been successfully extracting and capturing mobile device data for several years, making it difficult for those involved with civil litigation to claim that it's impossible for them to do the same.
In-house counsel need to understand how the mobile device landscape is changing e-discovery, and what they will have to do in order to comply with changing expectations of the court in the future in order to avoid sanctions.
Mobile Device Discovery within Corporations
Traditionally, corporations have been able to argue that discovery of this type of ESI is "unduly burdensome" for their own matters. However, since the technology has become so prevalent, corporate legal departments should not expect to be able to use this argument much longer.
While in-house attorneys are not usually concerned about the Fourth Amendment implications inherent in criminal mobile device investigations, they face unique complications when it comes to mobile device extraction for civil litigation, HR matters and regulatory issues.
Increasingly at many companies, the mobile device policy is basically "BYOD," or bring your own device. Employees may use their personal devices for work-related emails or to transfer files back and forth between work and home computers. Even when employees strictly use work-related devices for work-related purposes, mobile devices allow them to take data out of the office and off the network much more easily. However, companies have several options when it comes to controlling and containing the use of electronically stored information on mobile devices, all of which have real or perceived drawbacks.
Issue company-owned mobile devices.
Employers should make every effort to encourage their employees to keep their work-related files and communications off their personal devices, which will make discovery far more manageable. One way to do this? Pay for the latest technologies. This is an expensive option, but it will help to ensure that employees aren't tempted to send a quick text to a colleague on their personal iPhone, which could then become part of the e-discovery process. It will also help IT and legal to control the number of apps that employees download, which can create even more challenges when retrieving potentially responsive ESI from mobile devices.
However, in many organizations, this may not be financially or procedurally feasible. Some employees may feel stifled or choose to use their own devices anyway without telling managers or supervisors.
Create backup policies.
Companies can also develop strict policies that require employees to synchronize and backup their mobile devices on the organization's networks. Unfortunately, this can create ever-larger stores of data that could ultimately become discoverable. There may be changes to the metadata when location or time-specific files are downloaded from mobile devices, which could eventually cause chain-of-custody issues.