Texas CoA Addresses Electronic Community Property and Invasion of Privacy

August 5, 2016

Reference:

Miller v. Talley Dunn Gallery LLC, 2016 Tex. App. LEXIS 2280

(Tex. App. – Dallas March 3, 2016) (mem. opinion)

(Cause No. 05-15-00444-CV)

Relevant Documents:

Memorandum Opinion:  March 3, 2016, Cause No. 05-15-00444-CV

Texas Penal Code 33

In this case, part of the original trial court’s decision determined that Talley Dunn and the Tally Dunn Gallery LLC had “established a probable right to recover on their claims under the HACA. [Harmful Access to Computers Act]”  [March 3, 2016, Cause No. 05-15-00444-CV, pg. 19]

In his appeal, Bradley B. Miller argues that, while he admits that he took screenshots of information contained on the phone, the screenshots do not qualify as “access” and that he had effective consent to do so because the cell phone was community property.  [March 3, 2016, Cause No. 05-15-00444-CV, pg. 21-22]

Texas Penal Code § 33.01(1) defines access as:

“to approach, instruct, communicate with, store data in, retrieve or intercept data from, alter data or computer software in, or otherwise make use of any resource of a computer, computer network, computer program, or computer system.”

Neither party disputes that a cell phone is a computer, and the appellate court found that in order to take the screen shots Miller necessarily HAD to access the the computing device, within the definition of the penal code.  [March 3, 2016, Cause No. 05-15-00444-CV, pg. 22]

Regarding his argument that he had effective consent to access the cell phone because it was community property, the CoA relied upon the penal code definition of ‘owner’ as:

“a person who:

(A) has title to the property, possession of the property, whether lawful or not, or a greater right to possession of the property than the actor;

(B) has the right to restrict access to the property; or

(C) is the licensee of data or computer software.”

Dunn used the cell phone on a daily basis, had the right to place a password on it (and had), and the court determined Dunn had a ‘greater right to possession of the cell phone’.[March 3, 2016, Cause No. 05-15-00444-CV, pg. 23]  Further, the CoA notes earlier in the opinion that “[N]othing in the Texas Constitution or our common law suggests that the right of privacy is limited to unmarried individuals.”  [March 3, 2016, Cause No. 05-15-00444-CV, pg. 20]

Interestingly, the court does not address the multiple licenses that are part of the software and operating system that users have to acknowledge and accept to use a modern cell phone.  I would expect that will start coming up as another layer to the definition of ‘owner’, though.

Accordingly, the CoA concludes that “the trial court did not abuse its discretion by determining appellees established a probable right to recover on their claims under the HACA.”  [March 3, 2016, Cause No. 05-15-00444-CV, pg. 23]

Leave a Comment » | Admissibility, Cases, Inforensics News, Inforensics Opinion, Production, Uncategorized | Tagged: , , , , , | Permalink
Posted by inforensics

Weekly Highlights: September 10, 2012

September 10, 2012

Things You Might Have Missed Last Week

(Highlights in legal and electronic discovery news for the past week)

Interesting Electronic Evidence Cases

Robinson v. Jones Lang LaSalle Americas, Inc., No. 3:12-cv-00127-PK (D. Or. Aug. 29, 2012)

The defendant was seeking to compel production of discovery in (among other things) “all social media content involving [Plaintiff] since July 1, 2008” related to the Plaintiff’s “‘emotion, feeling, or mental state,’ to ‘events that could be reasonably expected to produce a significant emotion, feeling, or mental state,’ or to allegations in [Plaintiff’s] complaint.”.

Magistrate Judge Paul Papak (Oregon) found:

“I see no principled reason to articulate different standards for the discoverability of communications through email, text message, or social media platforms. I therefore fashion a single order covering all these communications.”

Link to Opinion PDF

Apple, Inc. v. Samsung Elecs. Co. Ltd., No. C 11-1846 LHK (PSG) (N.D. Cal. July 25, 2012)

The Defendant in this case was sanctioned for the loss of relevant emails due to Defendant’s failure to follow-up with employees to ensure compliance, and the Defendant’s failure to halt the email system’s auto-delete function.  Sanctions included an adverse inference that allowed the jury to presume that the missing evidence was relevant and favorable to the Plaintiff.

Link to Opinion PDF

Weekly Highlighted Case

EEOC v. Simply Storage Mgmt., LLC, 270 F.R.D. 430 (S.D. Ind. May 2010)

This case can be very useful when dealing with social media electronic evidence matters.  It was utilized by the Oregon magistrate in the above listed case (Robinson v. Jones Lang LaSalle Americas) when forming his opinion.

The defendant in this matter was seeking production of claimants’ social networking site profiles, as well as other communications from social sites used by the claimant.

Last May, the Great State of Texas saw a similar matter that relied, in part, on the EEOC case:

IN RE MAGELLAN TERMINALS HOLDINGS, L.P. AND MAGELLAN MIDSTREAM HOLDINGS GP, LLC 
Link to PDF Document

Electronic Evidence News

State Bar of Texas Alert Says ‘Scam Artist’ Stole Nonpracticing Lawyer’s ID for Fake Website

West Let Off the Hook on Web Malpractice Claim

OJ Simpson Prosecutor: Johnnie Cochran May Have Tampered with Bloody Glove

Leave a Comment » | Admissibility, Cases, Forensics Beyond the Hard Drive, Inforensics News, Investigation, Production, Reading | Permalink
Posted by inforensics

The Fifth Amendment and Sebastien Boucher: Beyond Knee-Jerk Response

February 27, 2009

In December of 2006, Sebastien Boucher was crossing the US border when he was stopped and his laptop was reviewed by ICE officials.   The laptop was in his backseat and, according to documents, the drive containing the child pornography was accessible without requiring a password.

Mr. Boucher was Mirandized, but waived his rights and continued to talk to the agent.  During this conversation Mr. Boucher told the agent that he sometimes accidentally downloaded child pornography but would then delete the files when he realized what they were.  The agent requested that Mr. Boucher show him where he stored the files that he downloaded and Mr. Boucher directed him to a drive “Z”.

The agent continued to search the laptop and found several more instances of child pornography.  Mr. Boucher was subsequently arrested and the laptop seized (it was shutdown).

Nine days later a forensic bit image was made of the drive and the drive “Z” was found to be encrypted by PGP, and the content unaccessible without the encryption key which, curiously enough, Mr. Boucher has refused to turn over.

In November 2007 Judge Jerome J. Niedermeier granted Sebastien Boucher’s motion to quash the subpoena directing him to turn over his encryption key for the drive, citing his fifth amendment rights.

An appeal was filed and U.S. District Judge William Sessions in Vermont ruled this week that Mr. Boucher does not have a fifth amendment right to keep the files encrypted.

What motivates me most to write about this case is the knee-jerk response that will surely follow by those that only read news releases and not the actual filings in the case.  Both judges have raised some fascinating issues regarding the fifth amendment and this specific case, and both the granting of the motion to quash and the subsequent reversal hinged on specific facts in this case, and NOT a blanket decision as some blogs will have you believe.

Judge Niedermeier weighed issues regarding compulsion to testify (subpoena) and the various components that make up a valid fifth amendment argument. In pondering these points the judge notes:

Both parties agree that the contents of the laptop do not enjoy Fifth Amendment
protection as the contents were voluntarily prepared and are not testimonial. See id. at 409-10 (holding previously created work documents not privileged under the Fifth Amendment). Also, the government concedes that it cannot compel Boucher to disclose the password to the grand jury because the disclosure would be testimonial. The question remains whether entry of the password, giving the government access to drive Z, would be testimonial and therefore privileged.

The state evidently agreed to “not use the production of the password against Boucher.”  In so doing the state felt it would remove the testimonial aspect of entering the password.  Judge Niedermeier rejected this outright, citing United States v. Hubbell, 530 U.S. 27 (2000).

In rejecting further arguments, Judge Niedermeier pointed out that the password was something in Boucher’s mind, and further stated:

This information is unlike a document, to which the foregone conclusion doctrine usually applies, and unlike any physical evidence the government could already know of. It is pure testimonial production rather than physical evidence having testimonial aspects. Compelling Boucher to produce the password compels him to display the contents of his mind to incriminate himself.

In his reversal, Judge Sessions notes that neither side questions the fact that “the contents of the laptop were voluntarily prepared or compiled and are not testimonial, and therefore do not enjoy Fifth Amendment protection.”, but notes that the root of the issue is the production of the password that in effect causes the accused to “‘disclose the contents of his own mind’”.

He also mentions the “compelling” aspect of the subpoena and notes that there are two scenarios under which the act of production in response to a subpoena may communicate incriminating facts:

(1) ‘if the existence and location of the subpoenaed papers are unknown to the government’; or (2) where production would ‘implicitly authenticate’ the documents.” Id. (quoting United States v. Fox, 721 F.2d 32, 36 (2d Cir.1983)).

Drawing from this the judge concludes that because Boucher already let the Government see the drive and the contents (unencrypted) and because the Government does not require Boucher’s production of the unencrypted drive to link him to the files on his computer, then the production is not considered incriminating and so the fifth amendment protection is not valid.

I have to say that without reading the opinions I would assume that because Mr. Boucher was Mirandized, willingly volunteered information regarding the existence and contents of the drive (prior to shutdown and encryption) and willingly allowed a Government agent to browse his drive I would have assumed that he had rung a bell that could not be unrung.

[  Copies of the opinions will be uploaded soon]

1 Comment | Cases, Production | Tagged: , , , , , | Permalink
Posted by inforensics

Aguilar v. Immigration & Customs – Beyond Blatant Commercialism

January 14, 2009

I have seen many references to the Aguilar v. Immigration & Customs Enforcement Div. of U.S. Dep’t of Homeland Sec. case, specifically to the judgement filed in November 2008.  All of the accounts I have read seem to simply be focused on the fact that metadata should be preserved.  While this is great for certain forensic companies that have a product to hawk, it is in no way the most interesting discussion about metadata in this case.

In fact the “need” to preserve and produce metadata has been addressed in such cases as:

Shirley WILLIAMS, et al. v. SPRINT/UNITED MANAGEMENT COMPANY, 2005, and

Ryan v. Gifford, 2007

Both of which address the need to produce and preserve intact metadata.

In reading through Aguilar  I find the extended definitions of metadata and the issue of timing of the request to be the most interesting aspect.

This case stemmed from allegations of unlawful search and seizure.  Plaintiffs filed their initial discovery request in Feb. 2008.  Their request failed to address manner of production – specifically metadata.  In late March the plaintiffs filed a more specific request for certain documents to be produced in TIFF format with separate files documenting metadata fields and text, while others were to be produced in native format (spreadsheets and databases).

In mid-July the defendants objected.  As it turned out they were already well into assembling the requested documents in searchable PDF format.

In ruling on the case Judge Frank Maas takes time to define the different types of metadata using the Sedona Principles:

  • Substantive metadata – Created upon generation of a file by an application and reflective of changes made by a user.
  • System metadata – Information created by the user or the organizations IT structure.
  • Embedded metadata – Information not visible that becomes part of a native file.

He then refers to Federal Rules of Civil Procedure and states:

“Metadata is not addressed directly in the Federal Rules of Civil Procedure but is subject to the general rules of discovery.  Metadata thus is discoverable if it is relevant to the claim or defense of any party and is not privileged.”

He adds:

“[f]or good cause, the court may order discovery of any matter [including metadata] relevant to the subject matter involved in the action.”

He goes on to note that metadata is subject to the balancing test introduced by Rule 26(b)(2)(c) that would require a court to weigh probative value against burden.

This is all pretty standard stuff, and seems to be where a lot of the various forensic firms have stopped in their analysis of this case.  Too bad!  All of this has already been established in other cases (for instance the two I noted above).  There IS more, though, and it is interesting.

The judge states that metadata “has become the ‘new black,’ with parties increasingly seeking production in every case, regardless of size or complexity.”  And then he notes the time difference between the plaintiffs initial request (which did not specify manner of production) and when they actually specified the requirement for metadata.  By this time the defendants “collection efforts were largely complete” and didn’t include the metadata.  Because of this he observes that the plaintiff is essentially requesting a second production and faces an increased burden.

Even this ruling, though, has been well established in many cases – and Judge Maas cites a number of them in his decision.

The real interesting part that seems to be missed in most of the write-ups is what Judge Maas does with this “build-up”.

Relating to the emails to be produced a second time with metadata he rules that since the defendants had previously indicated a willingness to produce the emails with metadata intact that they would be ordered to produce emails that had not already been identified (about 300) with metadata.  It is interesting to me as a forensic examiner that the judge notes that “forwarding” emails kills the original metadata – someone noticed!

In addressing the Back up tapes Judge Maas applies the balance principle in Rule 26(b)(2)(B) and rules against the plaintiff.

Judge Maas addresses “Word processing documents and Powerpoint Presentations” by acknowledging the value of metadata in these documents to establishing timelines, but rejected the plaintiffs argument that metadata is required to efficiently search the documents.  He acknowledges that the probative value of metadata related to these documents outweighs the burden of production.  With this he ordered the defendants to produce the Word and Powerpoint documents with metadata intact with the provision that the plaintiff would bear the cost of production.

Regarding spreadsheets Judge Maas makes an interesting observation.  He states “the relevance of metadata depends upon complexity and purpose.”  While the spreadsheets in question did have formulas, they computed a simple sum and were not complex.  Stating that the plaintiffs had no evidence or reason to think fraudulent manipulation had occurred he found that the arguments of the plaintiff had no “relevance to claims or defenses in this case.”  Regardless, since the defendants had expressed a willingness to produce the spreadsheets in native format prior he ordered their production.

The last type of metadata addressed by Judge Maas relates to the defendants databases.  Previously the parties had agreed to review one of the databases in a live demonstration.  The plaintiff had demurred for lack of an expert to assist in the review.  The judge ruled that lack of an expert was no longer a cause for extension and ordered a date by which the plaintiffs must complete the review.

It is the many facets of metadata addressed that make this case interesting and useful.  I have no idea why others are focusing solely on the “need” to preserve and produce metadata, we already knew that.  Judge Maas has provided us with a fascinating study in metadata that goes beyond need.

Leave a Comment » | Cases, Production | Tagged: , , , | Permalink
Posted by inforensics

Subpoena Duces Tecum – Or Not?

January 13, 2009

Any expert that has had to respond to a subpoena duces tecum is likely to find this interesting.  I am not convinced as an expert that I would like to push this line, though.  Thoughts?

——————————————————————————————————————————————

In re Teleglobe Communications Corp., 2008
Category – Production, Spoliation
WL 3198875
( Bankr. D. Del. Aug. 7, 2008 )

Background:  Defendants’ motion to exclude testimony of the plaintiff’s expert as a sanction for the alleged spoliation of information considered in forming their opinions is denied.  The court found that Rule 26(a)(2)(B) does not require the plaintiffs’ experts produce all drafts of their reports.

In addition, the court rejected the notion that draft reports fall into the category of data or information “considered” by the expert, which must be produced:

“The expert does not really ‘consider’ prior drafts in forming his opinion; the prior drafts are simply preliminary iterations of his opinion.  Rather than ‘consider’ his prior thoughts and statements, in editing the report the expert is considering the underlying data which forms the basis of the revisions.”

The court recognized that the Plaintiff’s experts did not destroy any documents, they simply made corrections to their reports and failed to save the drafts.

Leave a Comment » | Cases, Production | Permalink
Posted by inforensics