Richmond Journal of Law and Technology

The first exclusively online law review.

Category: Blog Posts

Blog: Welcoming our Volume XX Associate Staff

By

On August 5, 2013

In Blog Posts, News

by Benjamin Fox, Editor-in-Chief, Volume XX
 
It is my distinct honor to introduce the incoming staff members of Volume XX of the Richmond Journal of Law and Technology.  These students worked extremely hard during the journal competition, and we look forward to working with them during the upcoming school year!
 
Congratulations to the following students:

Billy Raska
Brittani Lemonds
Catherine Gray
Danielle Bringard
Dimitri Karles
Dylan Denslow
Emma Buck
Fiona Clancy
Jasmine McKinney
Jessica Ertel
Kevin Conneran
Kit Mathers
Laura Bedson
Matt Miller
Miles Jolley
Silvia Lee
Spencer Mead
Taylor Linkous
Walton Milam

Blog: Social Media Files and the Stored Communications Act

By

On April 4, 2013

In Blog Posts

By:  Adam Young, Associate Survey and Symposium Editor

 

            We, as a society, have entered into an era in which electronic communications has become the preferred way of communicating with friends, co-workers and loved ones.  A recent study has shown that Americans spend over 20% of their online time on social networking sites alone.[1]  Although the majority of social networking sites originated as those where you could find friends, they have exploded into increasingly complex sites.  Most social networking sites, today, allow users to upload photographs and videos, post status updates, comment on friends’ posts, play games, send messages to other users and even tag themselves at specific places where they have been.  As these sites have become more popular, the number of users and the amount of content shared has increased significantly.  For example, Facebook has one billion active users as of October 2012.[2]  604 million of those monthly users use Facebook mobile products, making social networking even more convenient for, and pervasive in, people’s lives. [3]

 

            As technology advances over time, it forces all professional fields, specifically that of the law, to keep up with it.  One way in which the law is struggling to understand the changes in technology is the discoverability of social media files.  As Americans share more personal information on social networking sites, lawyers are increasingly turning to these social networks as resources when confronted with litigation.  Social media are not just limited to certain types of litigation – they can be found in various litigated issues.

 

            Social media differ from other media outlets and websites that one might mistake them for being.  Unlike traditional media outlets like newspapers, television, or books, social media’s distinctive characteristic is ease of access.  While it takes significant effort to publish a magazine or broadcast a television program, social media allow users to publish content for wide distribution at little to no cost.  Additionally, social media are different from typical websites.  Unlike a website that can be accessed simply by entering a URL, the information on social networks is not always public because users have power to control access to the content that they publish.  This notion of privacy is not only present in the mind of a social media user.  The companies that own social networking sites are concerned about the privacy of the user as well, which creates the problems lawyers face in the discovery process of social media files.  Many social media providers, as well as other holders of electronic communications, refuse to produce the content of electronic communications of their users based upon the SCA.

 

            The SCA was enacted as Title II of the Electronic Communications Privacy Act (“ECPA”).[4]  Part of the reason why the act was adopted was to address privacy concerns created by the rise of new technologies that the Fourth Amendment might not be able to adequately address.  In passing the SCA, Congress hoped to “protect privacy interests in personal and proprietary information” that may be stored online.[5]  At the time in which the SCA was passed, internet users were very limited to what they could do.  Therefore, the language of the SCA does not take into account advanced technology due to the very limited version of the internet that existed in 1986.  Since there have been no updates to this piece of legislation, courts have struggled on how to apply it as the internet continues to grow.

 

            There is a mixture of cases supporting the protection of social media sites under the SCA and those that choose to ignore the SCA completely.  The prominent case that supports protection under the SCA comes from the U.S. District Court for the Central District of California.[6]  The Crispin court walked through the language of the SCA and considered what could be protected (putting emphasis on security settings) with regards to each aspect of social media information that was to be discovered (wall posts, private messages, etc.)  The other line cases, that disregard the SCA, allow overbroad discovery requests and subsequently fail to explain why the SCA does not protect any of the information contained in the requests.

 

            With some viewing the currently unrevised SCA as falling into antiquity, many questions remain as to how to apply it to cases involving technologically advanced companies.  Social networking sites present one of the largest challenges for courts to tackle when it comes to apply the SCA.  Because social media providers continue to raise the SCA as a defense to third party subpoenas, courts cannot ignore the SCA forever.  In coming years, many courts will have to address whether the SCA actually offers protection to social media providers from third party subpoenas.

[1] What Americans Do Online:  Social Media and Games Dominate Activity, Neilson Wire (Aug. 2, 2010), http://blog.nielsen.com/nielsenwire/online_ mobile/what-americans-do-online-social-media-and-games-dominate-activity.

[2] Statistics, Facebook, http://www.facebook.com/press/info.php? statistics (last visited Jan. 20, 2013).

[3] Id.

[4] Pub. L. No. 99-508, 100 Stat. 1848 (1986).

[5] S. Rep. No. 99-541, at 3 (1986).

[6] Crispin v. Christian Audigier, Inc., 717 F. Supp. 2d 965 (C.D. Cal. 2010).

Blog: The New Cybersecurity Executive Order

By

On March 6, 2013

In Blog Posts

By Airen Adamonis, Copy Editor          

The United States is currently at war with China.  However, this war is not taking place on any battlefields.  It’s taking place in cyberspace.  According to a recent article published by the Washington Post, the United States has been the target of an immense “cyber-espionage campaign” that is threatening the country’s economic competitiveness.

            Just days after a private security firm released a study accusing the Chinese military of carrying out numerous cyber-attacks against U.S. businesses, the Obama Administration released a long-awaited Executive Order on cybersecurity measures.  The Executive Order on Improving Critical Infrastructure Cybersecurity (the “Order”), released on February 12, 2013, has a goal to address cyber threats through a strengthened partnership between the U.S. Government and critical infrastructure owners.  To accomplish this goal, the Order:

  •   Requires the development of new information sharing programs to provide both classified and unclassified threat and attack information to U.S. companies;
  •   Requires the NIST’s creation of a Framework of cybersecurity practices (“Cybersecurity Framework”) to reduce cyber risks to critical infrastructure;
  •   Compels agencies to conduct regular assessments of privacy and civil liberties impacts of their activities and to make such assessments available to the public;
  •   Establishes a voluntary program to promote the adoption of the Cybersecurity Framework, which will provide incentives for companies to comply; and
  •   Calls for a review of existing cybersecurity regulation.

 

What does all of this mean for businesses?  For now, it does not mean much since none of the industries covered by the order will actually have to meet the completely voluntary standards.  According to Hunton & Williams’ Privacy Blog, the Order could potentially impact businesses in the following ways:

(1)   Businesses in the private sector will receive a surge of notifications from the government concerning cyber threats and recommended ways to respond to threats based on a process developed by the Department of Homeland Security (“DHS”).  The current DHS process mainly shares classified cyber threats only with defense companies, but under the new Order, information will be shared with other critical infrastructure companies, such as energy companies.

(2)   Critical infrastructure companies and secondary actors (i.e. insurance companies) will be able to voluntarily use the new Cybersecurity Framework to address potential risks.  Since participation is completely voluntary, it is likely that DHS will create incentives for companies to comply.  An example included in the Order is the call for a review of the federal procurement process to create a preference for vendors who meet the Cybersecurity Framework standards.

(3)   Certain private sector companies, who if targeted would have a devastating effect, will be named on a list of “Critical Infrastructure at Greater Risk.”  If added onto the list, companies can request reconsideration of their inclusion on the list.  However, this list does not change the fact that compliance with the Framework remains completely voluntary.

Although the new Order appears to be a positive step in the right direction by encouraging information sharing between the public and private sectors, it is unlikely that it is enough to prevent what seems like an inevitable national cybersecurity catastrophe.  Congress needs to make the next move fast.

 

 

Additional Sources:

 

http://www.huntonprivacyblog.com/2013/02/articles/obama-signs-presidential-policy-directive-on-critical-infrastructure-security-and-resilience/

http://www.huntonprivacyblog.com/2013/02/articles/observations-on-the-cybersecurity-executive-order-and-presidential-policy-directive/

http://www.bna.com/president-obama-signs-n17179872423/

http://www.whitehouse.gov/sites/default/files/uploads/07_eo_quotes_02132013.pdf

Blog: DNA Profiling: An Invaluable Tool or a 4th Amendment Violation?

By

On February 12, 2013

In Blog Posts

By: Kevin McCann, Associate Tech Editor

While technological innovation undoubtedly makes lives easier, that is not always the case for the justices of the Supreme Court when it comes to interpreting the Constitution. From arising 1st amendment issues with the introduction of online social media to 2nd amendment debates over the development of new firearms, the Supreme Court is routinely challenged to figure out how new technology should fit into legal doctrines and constitutional provisions drafted hundreds of years ago. Next month, the Supreme Court will have to yet again determine how a technological innovation should be applied to constitutional law.

 

The Supreme Court will hear oral arguments on whether the law enforcement practice of collecting DNA samples from individuals, who are arrested for but not yet convicted of violent crimes and other felonies, violates the 4th amendment. The samples are collected through a cheek swab of the arrestee’s mouth and then compiled into a national police database. With this database, law enforcement agencies can then attempt to match the DNA of the current arrestee with DNA collected in previous unsolved crimes.

 

This action arose in Maryland, where a man named Alonzo King was arrested in 2009 on charges of assault. Due to the severity of King’s felony charges, under Maryland Statute, King was required to have a DNA swab taken. Once the DNA profile was uploaded to the database, the law enforcement agency learned that King’s DNA matched evidence from an unsolved rape in 2003. The victim in the 2003 crime was unable to identify her attacker. However, with this new DNA match, a grand jury indicted King. After trying unsuccessfully to suppress evidence of the original DNA swab from his 2009 arrest, King was convicted of the rape charges and sentenced to life in prison.

 

Prior to this case came another situation in 2004 where the Maryland Statute’s cheek swab requirement was challenged. In Maryland v. Raines, an incarcerated felon was required to submit to the DNA cheek swab test. He was also matched in the criminal database and was charged with a prior unsolved sexual assault. When he sought to suppress the DNA cheek swab, the Maryland Court of Appeals founded that as an incarcerated individual, Raines “enjoy[ed] less liberty than that of ordinary citizens”, and therefore his 4th amendment rights were not violated.

 

However, King can be distinguished from Raines because the individual seeking to suppress evidence stemming from an unreasonable search and seizure in King was not incarcerated but rather only arrested. The Supreme Court has stated that the key to analyzing whether a search is appropriate under the Fourth Amendment is to take into consideration whether an individual has a ‘reasonable expectation of privacy’ as to the focus of the search and whether the government’s interest outweighs that expectation. Therefore the question emerges as to whether an arrested individual would be reasonable to expect a higher level of privacy over an individual that is already incarcerated, and whether that higher expectation level is enough to render the DNA swab an unreasonable search under the 4th amendment. Oral Arguments will be held on February 26.

 

Additional Sources:

–          http://www.cnn.com/2012/11/09/justice/court-dna/index.html

–          http://www.scotusblog.com/?p=157481

–          http://epic.org/amicus/dna-act/maryland/

–          Maryland v. Raines, 857 A.2d 19 (Md. 2004)

Blog: Metadata: Can You Use It? Should You Scrub It? It Depends Where You Are

By

On November 26, 2012

In Blog Posts

By Associate Tech Editor Hayley Mohr

“If you have it, you should not show it to others. If you receive it, you cannot look at it.”  The previous statement is not a riddle, rather; it’s a paraphrase of Arizona’s Ethics Opinion on the use of metadata.  Contrast this outlook with Oregon’s, among other states, which allows attorneys to use it if they do not use a”special software” to view the data – in other words, if you can find it without looking too hard, it’s yours! So, what is metadata, and why does the permissiveness of its use and transmission vary so widely from state to state?

Metadata, which exists in several different types but is often termed “data about data”, has become a near-minefield to parties to litigation and the attorneys that represent them.  A common example of metadata is a word processor file that contains information about when the file was created, and when it was last edited.  It becomes dangerous quickly, when one considers the vast features available in a standard word processing program: documents can contain “erased” sentences and information –after all, in order for the “undo” button to work, the file has to “remember” what the previous version contained.

One of the most changing and varied areas of law at the moment is the proper use of metadata: both when it accompanies documents produced in response to a discovery request and outside of formal discovery.  Contrary to the “show no metadata, see no metadata” approach of many states, one of the earliest and cases to deal with the proper use of metadata, Williams v. Sprint[1],  held that the defendant in an age discrimination suit violated the discovery order by “scrubbing” metadata from a table of employees produced to the plaintiff.  The court held that documents maintained in the regular course of business should be produced in the same format, and that the scrubbed metadata was relevant to the case.[2]

Certainly, many lawyers are excited by the prospect of following a digital treasure hunt  to examine the motives and concealed actions of defendants, and other parties are terrified at the prospect of having their comment and mistakes revealed – if metadata is likely to lead to reliable and useful evidence, why prohibit it from being used?  Many are concerned about the ability of commercial software to fully “scrub” these documents, the cost of doing so, and the fact that the technology becomes more and more sophisticated.

Ultimately, there are no hard-and-fast rules to follow when it comes to producing, using, or cleaning files of metadata.  What is right in one state is, literally, wrong in another. (See the ABA’s chart for a helpful overview of the ethics standards by jurisdiction.)  It will be interesting to observe over the next decade what internal changes and  innovations companies will make in order to avoid the metadata minefield altogether .

 

[1] 230 F.R.D. 640, (D. Kansas 2005)

[2] For a comprehensive overview of decisions related to metadata, see Marjorie A. Shields, Annotation, Discoverability of Metadata, 29 A.L.R.6th 167 (2007).

Blog: My Executor Has Never Used the Internet: Estate Planning and Digital Property

By

On November 26, 2012

In Blog Posts

By Associate Editor Kevin McCann

In 2007, a devoted World of Warcraft player decided it was time to put down his virtual crossbow and axe and sell his player account. Given the amount of time put into leveling up the abilities and gear of the character, the account was in high demand and sold for 7,000 Euros (approximately $9,000). What if before the player decided to sell this he experienced an unfortunate real life death? Most likely there would be no provision in his last will and testament stating what to do with this asset, and the account would have been deleted and the potential money lost.

While this is an extreme example of protecting a digital asset, estate planners and lawyers indicate that few people give the new reality of digital assets and online accounts consideration when drafting their wills. There is a range of issues to contemplate involving electronically stored items, such as preserving online photos, projects and personal records to how you would want your family to manage your social media accounts. A survey by McAfee revealed that U.S. consumers value their digital assets, on average, at nearly $55,000, with approximately $19,000 attributed to personal memories (photographs and videos) alone. A living person would certainly want to determine the distribution of these electronically stored personal memories just as if they were photos in an attic.

In addition, social media websites such as Facebook and Twitter now have deceased user policies. Both policies allow interested parties to select one of two options: either delete the user account entirely or save the account in order to memorialize the deceased and allow others to interact with his or her preserved account. (For an interesting look at the differences between the two policies, see http://news.cnet.com/8301-27076_3-20013219-248.html). One could see a situation where a person would want his account deleted to save his family embarrassment, or the opposite situation where a person would want his family to continue to interact with his account through the grieving process after his death. This would be another consideration to contemplate when drafting a will.

Several states have enacted legislation that pertains to post-death access of digital accounts. For instance, a New Jersey bill was introduced in June of this year that would grant the executor or administrator of an estate the power to take control of any account of the deceased person for social networking, blogging, or e-mail service websites. However, many of the states’ legislation specify that the deceased must have designated the representative in writing prior to the death. The U.S. General Services Administration recommends people set up a “social-media will,” and even go as far as naming a separate “digital executor” who is more up to speed on technology innovations and is more qualified to oversee the administration of the deceased’s digital assets. In addition, estate planners advise that the probate process would take considerable less time if the devisee were to include in his will a list of all accounts, passwords, and security question answers. Otherwise the executor would have to go through the process of submitting death certificates and relationship authentication to each of the websites.

The internet has changed the way society communicates and expresses itself, and various legal issues arose with this modernization. The protection of online assets at death is now a growing concern, with states just beginning to recognize the need for legislation. As the internet continues to reinvent itself with new services to better connect the world, so to must the estate planning process strive to keep up with these innovations.

 

Additional Resources:

Wall Street Journal Article on issue

Chicago tribune article on the issue

List of online services that are designed to help someone plan for probate process of digital assets.

Page 75 of 75

Previous

Powered by WordPress & Theme by Anders Norén