As technology has advanced, courts have struggled to apply federal statutes such as the Electronic Communications Privacy Act of 1986 (ECPA) in discovery. Issues regarding retrieval of electronically stored information by third parties have been ripe for litigation.
“The treatment of cloud computing-related issues in court has not been entirely clear, and case law has exemplified the fact that courts have been forced to enter unchartered territory with these types of issues,” says James P. Martin, managing director at Cendrowski Corporate Advisors LLC.
Smart Business spoke with Martin regarding the issues that can arise when attempting to obtain information in the new era of electronic discovery.
What is cloud computing?
Cloud computing describes an IT model in which computing resources can be obtained and utilized on an as-needed basis.
The end user is provided a turnkey solution that is supported and maintained by the service provider at a remote location where data is stored. ‘The cloud’ is a term referring to the pool of resources hosted on the Internet.
What are some common cloud data sources that should be considered in litigation?
People and businesses are putting more content in the cloud continuously, and a lot of that data could be of interest to adverse parties in litigation.
Cloud computing applications include hosted email products, such as Gmail or Hotmail, picture hosting services, text message services, hosted document processing, as well as social media services such as Facebook and Twitter.
How does this affect electronic discovery?
Moving to a cloud computing solution does not remove an organization’s document retention requirements, and many cloud solutions tout their ability to help organizations meet statutory requirements. If a cloud vendor performs services to the public, access to data is subject to Stored Communication Act (SCA) restrictions.
What is the SCA?
Data hosted by a third-party service provider may be covered by the SCA (18 U.S.C. §§ 2701-2712). This act was included as Title II of the ECPA.
The SCA states that ‘a person or entity providing an electronic communication service to the public shall not knowingly divulge to any person or entity the contents of a communication while in electronic storage by that service.’
The SCA was primarily written to protect the end user of computing services from government surveillance. In civil litigation, some courts concluded that contents of communications cannot be disclosed to litigants even when presented with a civil subpoena.
When the ECPA, which governs the interception and monitoring of electronic communications, was passed, cellular telephones and other electronic media for storing information did not exist.
However, 28 years later, it remains a central legislation restricting the release of electronic communications held by a third-party. As technology has frequently outpaced legislation pertaining to discovery procedures, it comes as little surprise that courts struggled with issues about retrieval of electronic communications in litigation.
How can a litigant obtain information subject to the SCA?
The SCA defines three categories of information; each category has different requirements to obtain the information.
In litigation, the parties will tend to need access to ‘contents,’ such as email conversations and documents, which has the highest threshold. Contents generally require a subpoena with notice, a court order with notice or search warrant.
One wrinkle is that the SCA defines a ‘court of competent jurisdiction’ only as any district court of the U.S. and the Court of Appeals.
How are courts dealing with third party information?
According to the ECPA, one allowable avenue for production is to obtain the permission of the entity controlling the account to produce the data; however, the identity of that entity is not always clear in complex litigation with multiple parties involved. ●
Insights Accounting is brought to you by Cendrowski Corporate Advisors LLC
