CIOs have always had to worry about the challenges of preserving evidence, but now we have a whole new class of challenges.
The so called Duty to Preserve comes into play when one party learns about the possibility of litigation. This happens, many times, before any lawsuit is actually filed. Once a party has reasonable knowledge of potential litigation, they have to make sure that potential evidence is not deleted (note: I am not a lawyer, so this may not, exactly, be technically correct, but it is close).
So lets assume that you are the CIO of a company. It is relatively easy to preserve emails – there are many solutions for what is called a litigation hold.
It is much harder to deal with employees’ personally owned computing devices, which includes phones.
Most companies, unless they are in a particular industry like financial services, don’t have a requirement to preserve anything absent pending litigation. Once you think there could be pending litigation, things change.
Think about these things –
- Facebook Messenger UNSEND
- iMessage TAP BACK
- iMessage (and many other platforms) automatic delete function
- Signal and Telegram’s delete functions
In Fast v. GoDaddy, Fast used the unsend feature to stop disclosure of 109 messages. The court was not happy with this and sanctioned them. The court even fined them $10,000. Eventually, they did cough up 108 of the messages, but the last one never appeared.
The court concluded that the failure to produce this message warranted the court’s issuance of an adverse inference instruction at trial. Basically, this means that the judge will tell the jury that because of the failure to produce this evidence, you can assume the contents were not favorable, or worse (again, I am not trying to be a lawyer here, but you get the idea).
The iMessage tapback feature allows an iPhone user to send back an emoticon in response. But if the recipient is an Android user, they get a copy of the message again. Which if you intended to delete the message, is not what you want. At a minimum, it could signal the existence of a deleted message. Again, the judge issued an adverse inference instruction because messages were selectively deleted, but because of the tap backs, forensics could see that messages had been deleted.
If you use a messaging platform that either can or does automatically delete old messages and you have a duty to preserve, the courts can, again, issue sanctions.
That included ephemeral messages that go away after a few seconds.
So now the IT department has to manage preserving evidence on user owned devices. Doesn’t that sound like fun. Credit: Prof. Eric Goldman’s blog, guest post by Philip Favro