SlideShare a Scribd company logo

Smartphones are smarter than you thought geo bellas

Download as PPTX, PDF
GeoBellas
GeoBellas

Smartphones contain lots of data that can make or break a lawsuit. How do you recover the info from a Smartphone?

Technology
1 of 29
1 Presented by: George “Geo” Bellas
Everything’s on your Phone Mobile devises are “such a pervasive and insistent part of daily life that the proverbial visitor from Mars might conclude that they were an important feature of human anatomy.” ~ Chief Justice Roberts in Riley v. California 2
Smartphone Usage  198M people in the U.S. own smartphones  65% of all minuetes spent on digital devices are on smartphones  25% of all users only access the web thru mobile devices  Leading uses are social media and IMS.  93% of smartphone users use text messenging.  Leading Apps: • Facebook – 81% market penetration • Facebook Messenger – 68% • Instagram – 50% • Snapchat – 50% 3
Smartphones in Business  80% of people use texting for business  42% of financial service providers use texting for business  83% of businesses allow employees to use their smartphones for business purposes  A BIG CONCERN OF BUSINESSES IS THE CONCERN THAT CORPORATE DATA IS FINDING ITS WAY ONTO EMPLOYEE-OWNED SMARTPHONES. 4
Smartphones & ESI Because Smartphones have become ubiquitous: - 50% of all lawsuits involved preservation or collection of mobile device data. - 93% of all relevant mobile devices were smartphones. Evidence sources from smartphones were an evidence source very frequently in 81% of cases. Computers were sources of evidence in 52% of cases. ~ Cellbrite Report on Industry Trends for Law Enforcement 5
Mobile Devise Exams are Intrusive  We store everything on them including passwords, SSNs, garage door codes, location data, financial info, and private correspondence.  Imaging of a mobile device collects everything and pre- filtering is not usually possible.  All filtering is done post-collection.  This is the main reason there is a fight over imaging and analysis of mobile devices.  A well crafter protocol will help alleviate these concerns.  When a forensic exam is unavoidable, suggest a neutral third party conduct the exam pursuant to an agreed-upon protocol that carefully limits what is to be disclosed to the data that is relevant and proportional to the needs of the case. 6
Smartphones as Evidence? 7 Google’s database “Sensorvault” tracks a cell phone user’s location and is available to police departments.
Smartphones & eDiscovery Mobile device ESI is just another type of data. - Emails, texts, and chats are a form of communicaiton - ESI from mobile devices is relevant, unique and compelling. Discoverable pursuant to FRCP 34(a)(1)(A) and ISCR 214.  Subject to litigation holds and preservation orders.  But it is subject to the proportionality limitations set forth in Rule 26(b)(1) and ISCR 201(c)(3) Before permitting discovery of information on cellphones and similar devices, courts must balance privacy and confidentiality interests as required under FRCP 34. 8
Smartphones & Privacy  Electronic Communications Privacy Act (“ECPA”) makes it illegal to share digital content under certain circumstances.  Computer Fraud and Abuse Act (“CFAA”)keeps people from getting into computers without authorization or consent. • Though the law does not explicitly include cell phones, some courts may now consider cell phones to be computers, and therefore, protected under the act.  Stored Communications Act (“SCA”) addresses voluntary and compelled disclosure of stored electronic communication records held by ISPs. 9
Smartphones & Privacy  We store everything on our Smartphones which is why the use of cell phone evidence in court obtained from a user’s service provider raise significant privacy concerns.  The Supreme Court considered the question in the context of a criminal case in Riley v. California (2014) • Cell phone data could not be accessed without a warrant, even in a search incident to an arrest. • Citing privacy concerns, the court reasoned that, unless the phone could be used as a weapon, the user’s privacy outweighed the officers’ need for the evidence that might exist within the phone.  The Supreme Court considered the issue again in Carpenter v. United States (2018) and confirmed cell phone users’ legitimate expectation of privacy when using mobile devices. 10
Smartphones, Courts & Privacy  When parties cannot agree on production of relevant data from a smartphone, courts have the power to order a forensic examination.  But …. courts will safeguard privacy interests and generally require a showing that a party has failed to produce relevant information before ordering a forensic examination.  The general rule is no forensic exam absence a showing of need or failure to produce evidence. 11
Smartphones & Discovery  Hespe v. City of Chicago, No. 13-C-7998 (N.D.Ill. Dec. 15, 2016) • City wanted to search Pl’s personal mobile devices • Pl claimed all relevant materials were produced • Court denied the City’s request because:  Request was not proportional to the needs of the case  Any benefit of the inspection is “outweighed by Pl’s privacy and confidentiality interests.” 12
Smartphones & Discovery If cellphone records are relevant, then: •Ask for the opposing party to sign a release and authorization to the provider company. •Get a court order approving the issuance of a subpoena. 13
Smartphones, Privacy & FRCP 34 “Inspection or testing of certain types of electronically stored information or of a responding party’s electronic information system may raise issues of confidentiality or privacy. The addition of testing and sampling to Rule 34(a) with regard to documents and electronically stored information is not meant to create a routine right of direct access to a party’s electronic information system, although such access might be justified in some circumstances. Courts should guard against undue intrusiveness resulting from inspecting or testing such systems.” Fed. R. Civ. P. 34, Advisory Committee Notes to 2006 Amendments 14
Rules of Practice  If relevant, then preservation and production is required.  Potentially serious consequences for inadvertent loses of data • Spoliation  Do not delay in preservation steps. DO IT ASAP!  Text messages are not available after a few days from the service provider. • But phone records from the wireless carrier can establish that texts were sent.  Possession, custody and control of the devices may be a problem with company-owned devices.  Proportionality arguments are a hinderance to getting data from the responding party.  Smartphone data are not covered by ECPA, SCA or CFAA in ways that prevent discovery. 15
Best Practices for Smartphones If you feel that a party’s Smartphone holds critical data:  Send a preservation demand ASAP  Tailor discovery requests seeking only relevant and proportional information that cannot be obtained elsewhere.  Propose a protocol by which relevant information can be extracted by a neutral third party without disclosure of confidential, personal information.  Work cooperatively with your opponent to limit discovery to matters proportional to the needs of the case, and make clear what you are not providing and why.  Consider alternative, less burdensome or less intrusive sources for the information sought.  When a forensic exam is unavoidable, suggest a neutral third party conduct the exam pursuant to an agreed-upon protocol that carefully limits what is to be disclosed to the data that is relevant and proportional to the needs of the case. 16
Your Client’s Smartphone  If you think you need the data, isolate the device.  Preserve the data as soon as possible. • Data has a way of “disappearing”  How you collect the data depends on factors such as make, model, operating system, carrier and settings.  Special forensic tools are required to extract as much data as possible.  Hire a consultant to extract the data and to give you the requisite IRE 902(13) Affidavit. 17
Collection Software Touch2 – made by Israeli company Cellebrite  Universal extraction device  Pulls data from almost any gadget  Preserves the data in a format courts accept Cloud Analyzer  Reaches the data on Google’s servers  Tracks location points  Can pinpoint a person’s location at a specific time. Hire a professional forensic examiner. 18
Using Analytics: Linking Data for Evidence 19 Ringleader Rule 1006 – Use of Summaries
Smartphones & the Third Pary Doctrine The "third party doctrine" Individuals have a reduced expectation of privacy when it relates to information knowingly shared with a third party, including cell phone companies. Therefore, such information is not protected by the Fourth Amendment and police don't need a warrant to legally access it. See: Smith v. Maryland, U.S. Supreme court 1979 In Carpenter v. U.S. (Supreme Court 2018) held that the use of cell site location info (CSLI) is not subject to the third party doctrine. CSLI is data generated every time your phone connects to a nearby tower. 20
Authentication of Evidence  Authentication of evidence is governed by Rule of Evidence 901” “To satisfy the requirement of authenticating or identifying an item of evidence, the proponent must produce evidence sufficient to support a finding that the item is what the proponent claims it is.” In other words, the authentication requirement means that there must be a showing that the “smoking gun” email, for example: • is not a forgery and • was actually sent and received 21
Authentication of Evidence  The bar for authentication of evidence is not high.  The prima facie showing can be made using direct evidence or circumstantial evidence.  Courts tend to conduct this analysis regarding conventional evidence by using a “reasonable person” standard.  The same “reasonable person” analysis seemingly is becoming the general rule for social media evidence authentication despite some modern complications. 22
Authentication of Evidence  The Sedona Conference came out with a new paper which is required reading if you are dealing with evidentiary issues with ESI: “The Sedona Conference Commentary on ESI Evidence and Admissibility, Second Edition”  Also, required reading: Lorraine v. Markel American Insurance Company, 241 F.R.D. 534 (D.MD. 2007) 23
Admissibility of ESI Lorraine v. Markel American Insurance Company, 241 F.R.D. 534 (D.MD. 2007) • a landmark decision about the admissibility and authentication of digital evidence was set down in a 100- page opinion by Magistrate Judge Paul W. Grimm • established a detailed baseline for the use of ESI before his court (and in courts using the FRE). • Given the guidelines and references provided by the judge, it now becomes difficult for counsel to argue against the admissibility of electronic evidence. 24
Self-Authenticating ESI – New Rules 902(13)  Rule 902(13) now provides that the following are self-authenticating: • Electronic records generated by a system that produces an accurate result as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12). • This dispenses with the business records foundation. • The certification must “contain information that would be sufficient to establish authenticity were the information provided by a witness at trial.” 25
Self-Authenticating ESI – Rules 902(13) Example  Websites can be authenticated by: • Witness testifies that they logged into the website and reviewed what was there. • And the proferred exhibit fairly and accurately reflects what the witness say. • A Rule 902(13) certification that provides these facts is a substitute for testimony and shifts the burden to the other party to refute the foundation. • Court’s role is to rule if there is a sufficient basis for the jury to determine authenticity. • Court must still assess admissibility. 26
Rule 902(14) - Authenticating Digital Copies  Rule 902(14) is aimed at digital copies, making the following self-authenticating: Certified Data Copied from an Electronic Device, Storage Medium, or File. Data copied from an electronic device, storage medium, or file, if authenticated by a process of digital identification, as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12). The proponent also must meet the notice requirements of Rule 902(11). 27
Rule 902(14) Certification - a Product of Technology  FRE Advisory Committee Note discusses how to authenticate a digital copy: Data copied from electronic devices, storage media, and electronic files are ordinarily authenticated by the “hash value.” HASH VALUE is a number that is often represented as a sequence of characters and is produced by an algorithm based upon the digital contents of a drive, medium, or file.... [I]dentical hash values for the original and copy reliably attest to the fact that they are exact duplicates. This amendment allows self-authentication by a certification of a qualified person that she checked the hash value of the proffered item and that it was identical to the original. 28
A Word on Texts  New technology called Over-The-Top (OTT) messaging channels using existing internet connections. • Google’s Business Messages - a business-focused channel that allows consumers to directly message businesses from Google Search or Maps • Apple Business Chat allows customers to message companies from Maps, Safari, or Search. • WhatsApp Business add QR-code reading and catalogue sharing capabilities • Facebook Messenger for Pages offers a new, consolidated inbox for businesses 29

Recommended

White Paper 2011 BOC
White Paper 2011 BOCWhite Paper 2011 BOC
White Paper 2011 BOCBrian O'Connor
 
CCPA: What You Need to Know
CCPA: What You Need to KnowCCPA: What You Need to Know
CCPA: What You Need to KnowIronCore Labs
 
Getting the social side of pervasive computing right
Getting the social side of pervasive computing rightGetting the social side of pervasive computing right
Getting the social side of pervasive computing rightblogzilla
 
Cosac 2013 Legal Aspects of Byod
Cosac 2013 Legal Aspects of ByodCosac 2013 Legal Aspects of Byod
Cosac 2013 Legal Aspects of ByodTAL Global - International Security and Counter-Terrorism Consultancy
 
Understanding h.r. 1540 the national defense authorization act for fy2012 se...
Understanding h.r. 1540 the national defense authorization act for fy2012 se...Understanding h.r. 1540 the national defense authorization act for fy2012 se...
Understanding h.r. 1540 the national defense authorization act for fy2012 se...Kristal Snider
 
The Changing Landscape of Cyber Liability
The Changing Landscape of Cyber LiabilityThe Changing Landscape of Cyber Liability
The Changing Landscape of Cyber LiabilityRachel Hamilton
 
Workplace Privacy and Employee Monitoring: Laws and Methods
Workplace Privacy and Employee Monitoring: Laws and MethodsWorkplace Privacy and Employee Monitoring: Laws and Methods
Workplace Privacy and Employee Monitoring: Laws and Methodscmilliken09
 
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...Black Duck by Synopsys
 

Recommended

White Paper 2011 BOC
White Paper 2011 BOCWhite Paper 2011 BOC
White Paper 2011 BOCBrian O'Connor
 
CCPA: What You Need to Know
CCPA: What You Need to KnowCCPA: What You Need to Know
CCPA: What You Need to KnowIronCore Labs
 
Getting the social side of pervasive computing right
Getting the social side of pervasive computing rightGetting the social side of pervasive computing right
Getting the social side of pervasive computing rightblogzilla
 
Cosac 2013 Legal Aspects of Byod
Cosac 2013 Legal Aspects of ByodCosac 2013 Legal Aspects of Byod
Cosac 2013 Legal Aspects of ByodTAL Global - International Security and Counter-Terrorism Consultancy
 
Understanding h.r. 1540 the national defense authorization act for fy2012 se...
Understanding h.r. 1540 the national defense authorization act for fy2012 se...Understanding h.r. 1540 the national defense authorization act for fy2012 se...
Understanding h.r. 1540 the national defense authorization act for fy2012 se...Kristal Snider
 
The Changing Landscape of Cyber Liability
The Changing Landscape of Cyber LiabilityThe Changing Landscape of Cyber Liability
The Changing Landscape of Cyber LiabilityRachel Hamilton
 
Workplace Privacy and Employee Monitoring: Laws and Methods
Workplace Privacy and Employee Monitoring: Laws and MethodsWorkplace Privacy and Employee Monitoring: Laws and Methods
Workplace Privacy and Employee Monitoring: Laws and Methodscmilliken09
 
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...Black Duck by Synopsys
 
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015Robert Craig
 
Privacy Implications of Biometric Data - Kevin Nevias
Privacy Implications of Biometric Data - Kevin NeviasPrivacy Implications of Biometric Data - Kevin Nevias
Privacy Implications of Biometric Data - Kevin NeviasKevin Nevias
 
Surveillance technologies a primer
Surveillance technologies a primerSurveillance technologies a primer
Surveillance technologies a primerHector Dominguez
 
Information Security and Data Breach Trends 2014-2015
Information Security and Data Breach Trends 2014-2015Information Security and Data Breach Trends 2014-2015
Information Security and Data Breach Trends 2014-2015Brian Levine
 
Open Source Insight: HBO, Voting Machines & Car Washes Hacked & Black Hat /...
Open Source Insight: HBO, Voting Machines & Car Washes Hacked & Black Hat /...Open Source Insight: HBO, Voting Machines & Car Washes Hacked & Black Hat /...
Open Source Insight: HBO, Voting Machines & Car Washes Hacked & Black Hat /...Black Duck by Synopsys
 
Cyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation GianinoCyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation Gianino-Gianino Gino Prieto -Dynamic Connector -Insurance Strategist
 
Investigatory Powers Bill & ICRs
Investigatory Powers Bill & ICRsInvestigatory Powers Bill & ICRs
Investigatory Powers Bill & ICRsrcorrigan
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskWilliam Gamble
 
Uop ajs 524 week 4 quiz new
Uop ajs 524 week 4 quiz newUop ajs 524 week 4 quiz new
Uop ajs 524 week 4 quiz neweyavagal
 
20 New Trends and Developments in Computer and Internet Law
20 New Trends and Developments in Computer and Internet Law20 New Trends and Developments in Computer and Internet Law
20 New Trends and Developments in Computer and Internet LawKlemchuk LLP
 
2016-09-05-Lessons_Learned_From_The_FTC_v1c
2016-09-05-Lessons_Learned_From_The_FTC_v1c2016-09-05-Lessons_Learned_From_The_FTC_v1c
2016-09-05-Lessons_Learned_From_The_FTC_v1cRaj Goel
 
Privacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the RiskPrivacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the Riskduffeeandeitzen
 
All's Fair in Love and Cyber Warfare
All's Fair in Love and Cyber WarfareAll's Fair in Love and Cyber Warfare
All's Fair in Love and Cyber WarfareNationalUnderwriter
 
Protecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsProtecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsBlake A. Klinkner
 
A priest’s phone location data outed his private life. It could happen to any...
A priest’s phone location data outed his private life. It could happen to any...A priest’s phone location data outed his private life. It could happen to any...
A priest’s phone location data outed his private life. It could happen to any...LUMINATIVE MEDIA/PROJECT COUNSEL MEDIA GROUP
 
Tape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysisTape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysisThomas Bronack
 
GDPR Information
GDPR InformationGDPR Information
GDPR InformationOxford City Council
 
Cyber Law With case studies
Cyber Law With case studies Cyber Law With case studies
Cyber Law With case studies Bhagya Bgk
 
Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Jordan Peacock
 
Privacy in the Information Age
Privacy in the Information AgePrivacy in the Information Age
Privacy in the Information AgeJordan Peacock
 
Mobile Practice Management
Mobile Practice ManagementMobile Practice Management
Mobile Practice ManagementClio - Cloud-Based Legal Technology
 
Cloud Security Law Issues--an Overview
Cloud Security Law Issues--an OverviewCloud Security Law Issues--an Overview
Cloud Security Law Issues--an OverviewMichael C. Keeling, Esq.
 

More Related Content

What's hot

U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015Robert Craig
 
Privacy Implications of Biometric Data - Kevin Nevias
Privacy Implications of Biometric Data - Kevin NeviasPrivacy Implications of Biometric Data - Kevin Nevias
Privacy Implications of Biometric Data - Kevin NeviasKevin Nevias
 
Surveillance technologies a primer
Surveillance technologies a primerSurveillance technologies a primer
Surveillance technologies a primerHector Dominguez
 
Information Security and Data Breach Trends 2014-2015
Information Security and Data Breach Trends 2014-2015Information Security and Data Breach Trends 2014-2015
Information Security and Data Breach Trends 2014-2015Brian Levine
 
Open Source Insight: HBO, Voting Machines & Car Washes Hacked & Black Hat /...
Open Source Insight: HBO, Voting Machines & Car Washes Hacked & Black Hat /...Open Source Insight: HBO, Voting Machines & Car Washes Hacked & Black Hat /...
Open Source Insight: HBO, Voting Machines & Car Washes Hacked & Black Hat /...Black Duck by Synopsys
 
Investigatory Powers Bill & ICRs
Investigatory Powers Bill & ICRsInvestigatory Powers Bill & ICRs
Investigatory Powers Bill & ICRsrcorrigan
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskWilliam Gamble
 
Uop ajs 524 week 4 quiz new
Uop ajs 524 week 4 quiz newUop ajs 524 week 4 quiz new
Uop ajs 524 week 4 quiz neweyavagal
 
20 New Trends and Developments in Computer and Internet Law
20 New Trends and Developments in Computer and Internet Law20 New Trends and Developments in Computer and Internet Law
20 New Trends and Developments in Computer and Internet LawKlemchuk LLP
 
2016-09-05-Lessons_Learned_From_The_FTC_v1c
2016-09-05-Lessons_Learned_From_The_FTC_v1c2016-09-05-Lessons_Learned_From_The_FTC_v1c
2016-09-05-Lessons_Learned_From_The_FTC_v1cRaj Goel
 
Privacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the RiskPrivacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the Riskduffeeandeitzen
 
All's Fair in Love and Cyber Warfare
All's Fair in Love and Cyber WarfareAll's Fair in Love and Cyber Warfare
All's Fair in Love and Cyber WarfareNationalUnderwriter
 
Protecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsProtecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsBlake A. Klinkner
 
A priest’s phone location data outed his private life. It could happen to any...
A priest’s phone location data outed his private life. It could happen to any...A priest’s phone location data outed his private life. It could happen to any...
A priest’s phone location data outed his private life. It could happen to any...LUMINATIVE MEDIA/PROJECT COUNSEL MEDIA GROUP
 
Tape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysisTape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysisThomas Bronack
 
Cyber Law With case studies
Cyber Law With case studies Cyber Law With case studies
Cyber Law With case studies Bhagya Bgk
 
Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Jordan Peacock
 
Privacy in the Information Age
Privacy in the Information AgePrivacy in the Information Age
Privacy in the Information AgeJordan Peacock
 

What's hot (20)

U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
U session 9 cyber risk-insurance conf_marcus_evans_rj_craig_15jan2015
 
Privacy Implications of Biometric Data - Kevin Nevias
Privacy Implications of Biometric Data - Kevin NeviasPrivacy Implications of Biometric Data - Kevin Nevias
Privacy Implications of Biometric Data - Kevin Nevias
 
Surveillance technologies a primer
Surveillance technologies a primerSurveillance technologies a primer
Surveillance technologies a primer
 
Information Security and Data Breach Trends 2014-2015
Information Security and Data Breach Trends 2014-2015Information Security and Data Breach Trends 2014-2015
Information Security and Data Breach Trends 2014-2015
 
Open Source Insight: HBO, Voting Machines & Car Washes Hacked & Black Hat /...
Open Source Insight: HBO, Voting Machines & Car Washes Hacked & Black Hat /...Open Source Insight: HBO, Voting Machines & Car Washes Hacked & Black Hat /...
Open Source Insight: HBO, Voting Machines & Car Washes Hacked & Black Hat /...
 
Cyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation GianinoCyber Facts and Prevention Presentation Gianino
Cyber Facts and Prevention Presentation Gianino
 
Investigatory Powers Bill & ICRs
Investigatory Powers Bill & ICRsInvestigatory Powers Bill & ICRs
Investigatory Powers Bill & ICRs
 
Legal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology RiskLegal vectors - Survey of Law, Regulation and Technology Risk
Legal vectors - Survey of Law, Regulation and Technology Risk
 
Uop ajs 524 week 4 quiz new
Uop ajs 524 week 4 quiz newUop ajs 524 week 4 quiz new
Uop ajs 524 week 4 quiz new
 
20 New Trends and Developments in Computer and Internet Law
20 New Trends and Developments in Computer and Internet Law20 New Trends and Developments in Computer and Internet Law
20 New Trends and Developments in Computer and Internet Law
 
2016-09-05-Lessons_Learned_From_The_FTC_v1c
2016-09-05-Lessons_Learned_From_The_FTC_v1c2016-09-05-Lessons_Learned_From_The_FTC_v1c
2016-09-05-Lessons_Learned_From_The_FTC_v1c
 
Privacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the RiskPrivacy and Technology in Your Practice: Why it Matters & Where is the Risk
Privacy and Technology in Your Practice: Why it Matters & Where is the Risk
 
All's Fair in Love and Cyber Warfare
All's Fair in Love and Cyber WarfareAll's Fair in Love and Cyber Warfare
All's Fair in Love and Cyber Warfare
 
Protecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber ThreatsProtecting Your Law Office Against Data Breaches and Other Cyber Threats
Protecting Your Law Office Against Data Breaches and Other Cyber Threats
 
A priest’s phone location data outed his private life. It could happen to any...
A priest’s phone location data outed his private life. It could happen to any...A priest’s phone location data outed his private life. It could happen to any...
A priest’s phone location data outed his private life. It could happen to any...
 
Tape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysisTape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysis
 
GDPR Information
GDPR InformationGDPR Information
GDPR Information
 
Cyber Law With case studies
Cyber Law With case studies Cyber Law With case studies
Cyber Law With case studies
 
Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]
 
Privacy in the Information Age
Privacy in the Information AgePrivacy in the Information Age
Privacy in the Information Age
 

Similar to Smartphones are smarter than you thought geo bellas

Advanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protectionAdvanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protectionUlf Mattsson
 
California Privacy Law: Resources & Protections
California Privacy Law: Resources & ProtectionsCalifornia Privacy Law: Resources & Protections
California Privacy Law: Resources & Protectionsipspat
 
Evolving Issues in Workplace Privacy
Evolving Issues in Workplace PrivacyEvolving Issues in Workplace Privacy
Evolving Issues in Workplace Privacymkeane
 
Cloud and mobile computing for lawyers
Cloud and mobile computing for lawyersCloud and mobile computing for lawyers
Cloud and mobile computing for lawyersNicole Black
 
Cyber Crime Investigation
Cyber Crime InvestigationCyber Crime Investigation
Cyber Crime InvestigationHarshita Ved
 
Protecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningProtecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningUlf Mattsson
 
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...Vivastream
 
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxhttpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxadampcarr67227
 
Data breach protection from a DB2 perspective
Data breach protection from a DB2 perspectiveData breach protection from a DB2 perspective
Data breach protection from a DB2 perspectiveCraig Mullins
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptOnkar1431
 
Internet Law 2014 - Presentation at CalBar IP Institute
Internet Law 2014 - Presentation at CalBar IP InstituteInternet Law 2014 - Presentation at CalBar IP Institute
Internet Law 2014 - Presentation at CalBar IP InstituteInternet Law Center
 
Data protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalData protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalDr. Donald Macfarlane
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalDr. Donald Macfarlane
 

Similar to Smartphones are smarter than you thought geo bellas (20)

Mobile Practice Management
Mobile Practice ManagementMobile Practice Management
Mobile Practice Management
 
Cloud Security Law Issues--an Overview
Cloud Security Law Issues--an OverviewCloud Security Law Issues--an Overview
Cloud Security Law Issues--an Overview
 
Advanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protectionAdvanced PII / PI data discovery and data protection
Advanced PII / PI data discovery and data protection
 
Sued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital ForensicsSued or Suing: Introduction to Digital Forensics
Sued or Suing: Introduction to Digital Forensics
 
California Privacy Law: Resources & Protections
California Privacy Law: Resources & ProtectionsCalifornia Privacy Law: Resources & Protections
California Privacy Law: Resources & Protections
 
Evolving Issues in Workplace Privacy
Evolving Issues in Workplace PrivacyEvolving Issues in Workplace Privacy
Evolving Issues in Workplace Privacy
 
Cloud and mobile computing for lawyers
Cloud and mobile computing for lawyersCloud and mobile computing for lawyers
Cloud and mobile computing for lawyers
 
04 privacy
04 privacy04 privacy
04 privacy
 
Cyber Crime Investigation
Cyber Crime InvestigationCyber Crime Investigation
Cyber Crime Investigation
 
Protecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine LearningProtecting Data Privacy in Analytics and Machine Learning
Protecting Data Privacy in Analytics and Machine Learning
 
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...
Is More Data Always Better The Legal Risks of Data Collection, Storage and Us...
 
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxhttpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
 
Data breach protection from a DB2 perspective
Data breach protection from a DB2 perspectiveData breach protection from a DB2 perspective
Data breach protection from a DB2 perspective
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Internet Law 2014 - Presentation at CalBar IP Institute
Internet Law 2014 - Presentation at CalBar IP InstituteInternet Law 2014 - Presentation at CalBar IP Institute
Internet Law 2014 - Presentation at CalBar IP Institute
 
Law w23
Law w23Law w23
Law w23
 
3170725_Unit-5.pptx
3170725_Unit-5.pptx3170725_Unit-5.pptx
3170725_Unit-5.pptx
 
Data protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalData protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-final
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics ppt
 

Recently uploaded

GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

Smartphones are smarter than you thought geo bellas

  • 2. Everything’s on your Phone Mobile devises are “such a pervasive and insistent part of daily life that the proverbial visitor from Mars might conclude that they were an important feature of human anatomy.” ~ Chief Justice Roberts in Riley v. California 2
  • 3. Smartphone Usage  198M people in the U.S. own smartphones  65% of all minuetes spent on digital devices are on smartphones  25% of all users only access the web thru mobile devices  Leading uses are social media and IMS.  93% of smartphone users use text messenging.  Leading Apps: • Facebook – 81% market penetration • Facebook Messenger – 68% • Instagram – 50% • Snapchat – 50% 3
  • 4. Smartphones in Business  80% of people use texting for business  42% of financial service providers use texting for business  83% of businesses allow employees to use their smartphones for business purposes  A BIG CONCERN OF BUSINESSES IS THE CONCERN THAT CORPORATE DATA IS FINDING ITS WAY ONTO EMPLOYEE-OWNED SMARTPHONES. 4
  • 5. Smartphones & ESI Because Smartphones have become ubiquitous: - 50% of all lawsuits involved preservation or collection of mobile device data. - 93% of all relevant mobile devices were smartphones. Evidence sources from smartphones were an evidence source very frequently in 81% of cases. Computers were sources of evidence in 52% of cases. ~ Cellbrite Report on Industry Trends for Law Enforcement 5
  • 6. Mobile Devise Exams are Intrusive  We store everything on them including passwords, SSNs, garage door codes, location data, financial info, and private correspondence.  Imaging of a mobile device collects everything and pre- filtering is not usually possible.  All filtering is done post-collection.  This is the main reason there is a fight over imaging and analysis of mobile devices.  A well crafter protocol will help alleviate these concerns.  When a forensic exam is unavoidable, suggest a neutral third party conduct the exam pursuant to an agreed-upon protocol that carefully limits what is to be disclosed to the data that is relevant and proportional to the needs of the case. 6
  • 7. Smartphones as Evidence? 7 Google’s database “Sensorvault” tracks a cell phone user’s location and is available to police departments.
  • 8. Smartphones & eDiscovery Mobile device ESI is just another type of data. - Emails, texts, and chats are a form of communicaiton - ESI from mobile devices is relevant, unique and compelling. Discoverable pursuant to FRCP 34(a)(1)(A) and ISCR 214.  Subject to litigation holds and preservation orders.  But it is subject to the proportionality limitations set forth in Rule 26(b)(1) and ISCR 201(c)(3) Before permitting discovery of information on cellphones and similar devices, courts must balance privacy and confidentiality interests as required under FRCP 34. 8
  • 9. Smartphones & Privacy  Electronic Communications Privacy Act (“ECPA”) makes it illegal to share digital content under certain circumstances.  Computer Fraud and Abuse Act (“CFAA”)keeps people from getting into computers without authorization or consent. • Though the law does not explicitly include cell phones, some courts may now consider cell phones to be computers, and therefore, protected under the act.  Stored Communications Act (“SCA”) addresses voluntary and compelled disclosure of stored electronic communication records held by ISPs. 9
  • 10. Smartphones & Privacy  We store everything on our Smartphones which is why the use of cell phone evidence in court obtained from a user’s service provider raise significant privacy concerns.  The Supreme Court considered the question in the context of a criminal case in Riley v. California (2014) • Cell phone data could not be accessed without a warrant, even in a search incident to an arrest. • Citing privacy concerns, the court reasoned that, unless the phone could be used as a weapon, the user’s privacy outweighed the officers’ need for the evidence that might exist within the phone.  The Supreme Court considered the issue again in Carpenter v. United States (2018) and confirmed cell phone users’ legitimate expectation of privacy when using mobile devices. 10
  • 11. Smartphones, Courts & Privacy  When parties cannot agree on production of relevant data from a smartphone, courts have the power to order a forensic examination.  But …. courts will safeguard privacy interests and generally require a showing that a party has failed to produce relevant information before ordering a forensic examination.  The general rule is no forensic exam absence a showing of need or failure to produce evidence. 11
  • 12. Smartphones & Discovery  Hespe v. City of Chicago, No. 13-C-7998 (N.D.Ill. Dec. 15, 2016) • City wanted to search Pl’s personal mobile devices • Pl claimed all relevant materials were produced • Court denied the City’s request because:  Request was not proportional to the needs of the case  Any benefit of the inspection is “outweighed by Pl’s privacy and confidentiality interests.” 12
  • 13. Smartphones & Discovery If cellphone records are relevant, then: •Ask for the opposing party to sign a release and authorization to the provider company. •Get a court order approving the issuance of a subpoena. 13
  • 14. Smartphones, Privacy & FRCP 34 “Inspection or testing of certain types of electronically stored information or of a responding party’s electronic information system may raise issues of confidentiality or privacy. The addition of testing and sampling to Rule 34(a) with regard to documents and electronically stored information is not meant to create a routine right of direct access to a party’s electronic information system, although such access might be justified in some circumstances. Courts should guard against undue intrusiveness resulting from inspecting or testing such systems.” Fed. R. Civ. P. 34, Advisory Committee Notes to 2006 Amendments 14
  • 15. Rules of Practice  If relevant, then preservation and production is required.  Potentially serious consequences for inadvertent loses of data • Spoliation  Do not delay in preservation steps. DO IT ASAP!  Text messages are not available after a few days from the service provider. • But phone records from the wireless carrier can establish that texts were sent.  Possession, custody and control of the devices may be a problem with company-owned devices.  Proportionality arguments are a hinderance to getting data from the responding party.  Smartphone data are not covered by ECPA, SCA or CFAA in ways that prevent discovery. 15
  • 16. Best Practices for Smartphones If you feel that a party’s Smartphone holds critical data:  Send a preservation demand ASAP  Tailor discovery requests seeking only relevant and proportional information that cannot be obtained elsewhere.  Propose a protocol by which relevant information can be extracted by a neutral third party without disclosure of confidential, personal information.  Work cooperatively with your opponent to limit discovery to matters proportional to the needs of the case, and make clear what you are not providing and why.  Consider alternative, less burdensome or less intrusive sources for the information sought.  When a forensic exam is unavoidable, suggest a neutral third party conduct the exam pursuant to an agreed-upon protocol that carefully limits what is to be disclosed to the data that is relevant and proportional to the needs of the case. 16
  • 17. Your Client’s Smartphone  If you think you need the data, isolate the device.  Preserve the data as soon as possible. • Data has a way of “disappearing”  How you collect the data depends on factors such as make, model, operating system, carrier and settings.  Special forensic tools are required to extract as much data as possible.  Hire a consultant to extract the data and to give you the requisite IRE 902(13) Affidavit. 17
  • 18. Collection Software Touch2 – made by Israeli company Cellebrite  Universal extraction device  Pulls data from almost any gadget  Preserves the data in a format courts accept Cloud Analyzer  Reaches the data on Google’s servers  Tracks location points  Can pinpoint a person’s location at a specific time. Hire a professional forensic examiner. 18
  • 19. Using Analytics: Linking Data for Evidence 19 Ringleader Rule 1006 – Use of Summaries
  • 20. Smartphones & the Third Pary Doctrine The "third party doctrine" Individuals have a reduced expectation of privacy when it relates to information knowingly shared with a third party, including cell phone companies. Therefore, such information is not protected by the Fourth Amendment and police don't need a warrant to legally access it. See: Smith v. Maryland, U.S. Supreme court 1979 In Carpenter v. U.S. (Supreme Court 2018) held that the use of cell site location info (CSLI) is not subject to the third party doctrine. CSLI is data generated every time your phone connects to a nearby tower. 20
  • 21. Authentication of Evidence  Authentication of evidence is governed by Rule of Evidence 901” “To satisfy the requirement of authenticating or identifying an item of evidence, the proponent must produce evidence sufficient to support a finding that the item is what the proponent claims it is.” In other words, the authentication requirement means that there must be a showing that the “smoking gun” email, for example: • is not a forgery and • was actually sent and received 21
  • 22. Authentication of Evidence  The bar for authentication of evidence is not high.  The prima facie showing can be made using direct evidence or circumstantial evidence.  Courts tend to conduct this analysis regarding conventional evidence by using a “reasonable person” standard.  The same “reasonable person” analysis seemingly is becoming the general rule for social media evidence authentication despite some modern complications. 22
  • 23. Authentication of Evidence  The Sedona Conference came out with a new paper which is required reading if you are dealing with evidentiary issues with ESI: “The Sedona Conference Commentary on ESI Evidence and Admissibility, Second Edition”  Also, required reading: Lorraine v. Markel American Insurance Company, 241 F.R.D. 534 (D.MD. 2007) 23
  • 24. Admissibility of ESI Lorraine v. Markel American Insurance Company, 241 F.R.D. 534 (D.MD. 2007) • a landmark decision about the admissibility and authentication of digital evidence was set down in a 100- page opinion by Magistrate Judge Paul W. Grimm • established a detailed baseline for the use of ESI before his court (and in courts using the FRE). • Given the guidelines and references provided by the judge, it now becomes difficult for counsel to argue against the admissibility of electronic evidence. 24
  • 25. Self-Authenticating ESI – New Rules 902(13)  Rule 902(13) now provides that the following are self-authenticating: • Electronic records generated by a system that produces an accurate result as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12). • This dispenses with the business records foundation. • The certification must “contain information that would be sufficient to establish authenticity were the information provided by a witness at trial.” 25
  • 26. Self-Authenticating ESI – Rules 902(13) Example  Websites can be authenticated by: • Witness testifies that they logged into the website and reviewed what was there. • And the proferred exhibit fairly and accurately reflects what the witness say. • A Rule 902(13) certification that provides these facts is a substitute for testimony and shifts the burden to the other party to refute the foundation. • Court’s role is to rule if there is a sufficient basis for the jury to determine authenticity. • Court must still assess admissibility. 26
  • 27. Rule 902(14) - Authenticating Digital Copies  Rule 902(14) is aimed at digital copies, making the following self-authenticating: Certified Data Copied from an Electronic Device, Storage Medium, or File. Data copied from an electronic device, storage medium, or file, if authenticated by a process of digital identification, as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12). The proponent also must meet the notice requirements of Rule 902(11). 27
  • 28. Rule 902(14) Certification - a Product of Technology  FRE Advisory Committee Note discusses how to authenticate a digital copy: Data copied from electronic devices, storage media, and electronic files are ordinarily authenticated by the “hash value.” HASH VALUE is a number that is often represented as a sequence of characters and is produced by an algorithm based upon the digital contents of a drive, medium, or file.... [I]dentical hash values for the original and copy reliably attest to the fact that they are exact duplicates. This amendment allows self-authentication by a certification of a qualified person that she checked the hash value of the proffered item and that it was identical to the original. 28
  • 29. A Word on Texts  New technology called Over-The-Top (OTT) messaging channels using existing internet connections. • Google’s Business Messages - a business-focused channel that allows consumers to directly message businesses from Google Search or Maps • Apple Business Chat allows customers to message companies from Maps, Safari, or Search. • WhatsApp Business add QR-code reading and catalogue sharing capabilities • Facebook Messenger for Pages offers a new, consolidated inbox for businesses 29