A multi-part series reviewing news stories and noteworthy new cases from across 2019
Throughout the year, XDD rounds up industry news stories, noteworthy cases, and more in monthly “Because You Need to Know” posts. In this series, we will review some of the biggest developments and most interesting cases from across 2019, including: data privacy developments, continued source proliferation, state rule changes, useful new publications from Sedona and others, and more than two-dozen new cases discussing a range of eDiscovery issues. We begin, in this Part, with a review of 2019 news to know.
If you prefer to listen rather than to read, we also recently offered a free, one-hour educational webinar reviewing this material. A recording of that program is available here.
The EU’s General Data Protection Regulation remained a frequent industry news topic in 2019. Overall, the number of GDPR complaints issued was on the rise, and some major fines were assessed. France’s data privacy enforcement agency applied a $57 million fine to Google due to alleged GDPR violations related to making information about data collection and storage easily accessible to users. The UK Information Commissioners Office also signaled an intention to pursue a unified approach to that of the EU in enforcing the GDPR, announcing a fine of about $230 million against British Airways and a fine of about $124 million against Marriott over data breaches.
In conjunction with the GDPR news, there was also EU-US Privacy Shield news this year. In September, on this side of the Atlantic, the FTC announced enforcement settlements with five organizations over false claims of compliance with the Privacy Shield. Arguments were also heard this year in a case before the European Court of Justice in Luxembourg over the continuing validity of so-called Standard Contractual Clauses (SCCs) used by many companies for EU-US data transfers, and the outcome of that case could have implications for the Privacy Shield as a whole.
There was also US data privacy news in 2019:
Once again, in 2019, there were signs that the evolution and proliferation of new ESI sources continues apace. In March, Mark Zuckerberg announced that Facebook would be moving towards encrypted, ephemeral messaging, which would create significant new eDiscovery challenges. Also in March, the DOJ announced a change to its FCPA Corporate Enforcement Policy allowing for the potential use of instant messaging apps, including ephemeral messaging apps, which had previously been flatly prohibited (no change was made in the applicable preservation duty; more latitude was just given in how to fulfill it).
Emoji also showed up in many cases causing preservation and interpretation challenges. Santa Clara University law professor Eric Goldman published “Emojis and the Law” in the Washington Law Review, which revealed that “[b]etween 2004 and 2019, there was an exponential rise in emoji and emoticon references in US court opinions, with over 30 percent of all cases appearing in 2018.”
Finally, new studies from Cellebrite and Smarsh revealed that smartphones are continuing to grow in importance as a source of relevant data, even as organizations struggle to implement policies and systems to facilitate retention and discovery.
There was also some state discovery rule news in 2019, with both Michigan and Missouri implementing procedural rule updates that mostly track updates to the FRCP regarding ESI and proportionality. The new Missouri rule updates became effective August 28, 2019, and the new Michigan rule updates became effective on January 1, 2020.
A potentially-expensive California rule change also went into effect on January 1, 2020. It requires that all documents must now be produced by identifying “the specific request number to which the documents respond.”
In 2019, there were also a variety of valuable new industry publications from The Sedona Conference and other sources:
Upcoming in this Series
In the next Part, we will continue our review of 2019 highlights with a discussion of selected social media and mobile devices cases.