Technology Advantage

Data Collection: Remain Calm and Turn Over Your Phone

November 19th, 2018
Data Collection: Remain Calm and Turn Over Your Phone

Mobile devices are an absolute necessity in our everyday life. It seems as if almost everyone around the globe carries a smartphone or tablet, and millennials have been using these devices from a very early age. Most of us own more than one device and check them several times a day. We use our friendly mini super computers for just about everything: communicate, drive, shop, work, learn, relax, etc.

When it comes to litigation (or potential litigation), our beloved devices are usually subject to discovery as they may contain information that is relevant to proving or disproving a case. As a result, when developing a data collection strategy, mobile devices must be considered. Mobile devices may now be as valuable as the more typical sources of information, namely personal computers and network locations, and with this newly-recognized discovery relevance comes a potential for trouble. (For information on preservation of mobile device data, check out my colleague Nicole Allen’s article, here).   

As a Senior Project Manager working daily on complex e-discovery projects, I often provide guidance on the technical aspects of mobile device discovery, including where mobile data might exist, whether the data is accessible, how best to collect it, and how to review and produce it in a format that makes sense. In this post, I will explore the complexities of mobile device discovery and address some potential pitfalls.

1)  Which devices are subject to discovery?

Any device that has relevant information (personal or company-issued) is typically subject to discovery. These devices can be owned by the employee or the company. Some people carry two devices to keep work and personal information separate while some companies have a bring your own device policy (BYOD) that governs how employees mix professional and personal content in the employee’s device (you can read more about BYOD policies and best practices in an article by my colleague, Russ Beets, here). Because of security and privacy concerns that are inherent in mixing personal and confidential business data, some companies are approaching BYOD in a new way with company owned but personally enabled (COPE) devices. These devices are company-owned and the personal and work contents are regulated by company policy. Users of COPE devices should carefully consider what personal communications they conduct, and what information they store, on these devices. Before any collection of mobile data begins, it is important that a practitioner understand and appreciate how many devices the employee has, who owns the devices (the employee or the employer) and how the employee uses them for work-related activities.

2)  What content is subject to discovery?

In simple terms, relevant communications and files are discoverable. (Note that I will not be focusing on proportionality in this article, but you can read about it in my colleagues’ articles here and here.) Mobile devices may not be so simple, though, in terms of review and collection of relevant data. To the contrary, mobile devices can be complex information repositories because there are so many potential applications that employees can use to communicate, manage and track information. Mobile communications include emails, voice messages, texts, chats, SMS and MMS. In addition to direct communications, mobile devices are also the portal many people use to engage social media communities. I work in this field, yet I find that my own teenagers at home regularly teach me about new communication apps. The large storage capacity of mobile devices also allow users to store and edit photographs, notes, GPS coordinates, contacts, etc.  Some of this data is only available by collecting it directly from the mobile device while some can be accessed via the web or cloud. All of this data could be relevant to your matter, so it will be important to ask what data exists, make sure it is preserved and determine the best way to collect it.

3)  How can the relevant contents be retrieved?

Since mobile data is not conducive to standard collection methods, I’ve found that it is helpful to engage someone with specialized expertise in retrieving such data. With the use of specialized tools and experience, you can be more confident that the collection will be thorough, defensible and useable.

While there are varying options for collecting mobile data, I will focus on three here.

  • Send Off: When extensive analysis is needed (or when there is a fear that important data may have been lost), it may be necessary to send the mobile device to a specialist (oftentimes, a forensic examiner). In these cases, the employee would be without their device for several days, something which many would find untenable. However, in some cases, it is the best collection option.
  • In-Person Collection: In these situations, the specialist visits the employee in person and retrieves the relevant data. Note that in some cases, it is necessary to image an entire device in order to collect even a small subset of data. While the option is faster and the employee will not need to be without their device for an extended period of time, there are downsides. For example, this option can be expensive if the specialist needs to travel. In addition, some states that license these specialists require that the examiners be licensed in the jurisdiction where the data is being collected. Neither of these issues should stand in the way of conducting an in-person mobile device collection, but they should be taken into consideration.
  • Self-Collection (aka, the dreaded self-collection): This option is fraught with peril since data can be altered or lost during the collection process if the person collecting the data doesn’t follow proper protocols and best practices. Self-collection can work, however, if it is done under the oversight of an expert and involves the employee backing up their mobile device to their computer or an online repository.   

4)  What are some potential pitfalls with collection from mobile devices?

  • Mobile device collection can be expensive and time-consuming, so considerations of proportionality (see links above) should be front and center. Note that in my experience, it is critical to provide specific details regarding the estimated cost and time it would take collect mobile data in order to demonstrate that it would be unduly burdensome and any benefit gained would be minimal compared to that burden.
  • Self-collections are almost never defensible on their own, so if you go that route, counsel will need to monitor, verify and audit the process.
  • Backups for some mobile devices may not preserve all mobile data, including emails stored on the device or photos already stored in the cloud.
  • Mobile devices can be backed up to locations that are encrypted or unencrypted. While an encrypted backup is more secure, the tools available to process an encrypted backup are limited.
  • Some applications require user credentials to unlock their contents, so it is important to obtain those credentials from the employee.
  • Some applications are self-deleting, meaning the communication sent via those applications deletes automatically when the communication is viewed or after a certain period of time. In my experience, discovery can become difficult when employees use these types of applications for work-related communications.
  • With so many apps available (and more being added each day), different versions of apps and different mobile operating systems, the collection, processing and data mapping/organization of the contents of mobile devices can be incredibly complex.

Conclusion

Like it or not, the inclusion of both work and personal mobile devices as part of document management, collection, review and production is part of e-discovery reality. Including careful consideration of the handling of mobile device-based information at the earliest stages of litigation (or anticipated litigation) may make it easier to remain calm and turn over your phone.

 

DISCLAIMER: The information contained in this blog is not intended as legal advice or as an opinion on specific facts. For more information about these issues, please contact the author(s) of this blog or your existing LitSmart contact. The invitation to contact the author is not to be construed as a solicitation for legal work. Any new attorney/client relationship will be confirmed in writing.

Topics: E-Discovery Technology E-Discovery Experts E-Discovery Best Practices Mobile Data Mobile Devices Data Collection

Subscribe to the E-Discovery Newsletter

Related Posts

  • Data Mapping - Why is it Important for Successful E-Discovery?

    A data map is usually something that is generated along with a data retention plan and is a great starting point if and when an organization becomes involved in litigation and discovery. Long before litigation and discovery, however, it is important to understand the relevant data sources that may be in play and where those can be found within the organization’s various data systems. This blog explains what a data map is, what it contains and how it is helpful.

  • Pitfalls of Complex Search Protocols in ESI Agreements

    ESI Agreements cover the full gambit of e-discovery issues, from preservation expectations to production specifications. Sometimes, these agreements include an overview of the process by which the parties will identify the universe of potentially responsive documents by using specific date ranges, identifying priority custodians and developing proposed search terms. Adding another layer of complexity, this discussion is often had in a vacuum before the parties even know how much data their clients have. Coming up with criteria that identifies the relevant documents, but is not overly broad, in this vacuum can be difficult. However, the process is important because the date range, custodians and terms will inevitably dictate how much data is collected, processed and reviewed, which can significantly affect any litigation budget.

Newest Posts

  • When The Timing of Your Spoliation Motion Can Be As Important As Its Substance

    A motion for an adverse inference was denied in Pratt v. Robbins, et al. where Defendants failed to preserve or produce a video that might have contained pivotal evidence going to the heart Plaintiff’s civil rights claim for excessive force.  Plaintiff argued that Defendants spoliated evidence by failing to produce the video footage that may have recorded the use of force at issue.   A party seeking spoliation sanctions bears the burden of proving all of the elements of Rule 37(e), and under Fourth Circuit precedent is generally held to a clear and convincing standard. Plaintiff’s decision to suddenly cry foul on the eve of trial did not go over well with the Court.

  • PLAY IT AGAIN, SAM . . . BUT WAIT – WHAT IS HE PLAYING, AND WHO IS SAM?: Website Session Replay Software and Wiretapping

    The trend of class action cases alleging wiretap statute violations against website operators for the use of session replay software to collect information of website users continues to be a concern for companies in 2024.  While many of these cases have turned on whether website operators disclosed and obtained consent from website users prior to deploying any session replay software, a recent decision in a pending class action brought under the Pennsylvania Wiretap Act indicates that consent alone may not be the end of the story in these cases.

  • Utilizing E-Discovery Tools in Innovative Ways

    As part of the e-discovery process, we use digital means to identify relevant information for use in a legal proceeding. The proceeding may be a large-scale medical malpractice lawsuit, a patent infringement case, a government investigation, or countless other legal actions. However, the skills and resources used in those types of matters can also be used in other areas.