Posted on: December 08, 2016in Blog
Wearable Tech: The Impact on Cases and eDiscovery
This blog was originally published by Special Counsel.
Any industry that deals with technology is destined to see changes from year to year as tech continues to evolve at a rapid pace. eDiscovery is no exception. Wearable technology (like Fitbits and Apple Watches) are the latest devices to make waves in the legal field.
These wearable devices track more information than their users may even be aware of, including heart rate, blood pressure, sweat, sleep cycles and GPS location. Apple Watches go even further, downloading emails and storing text messages. All that data can have a big impact on legal cases if it’s discoverable and admissible in court.
As a legal professional, you need to be aware of the ways these wearable devices could change the landscape of eDiscovery and case law. Take note of these challenges related to wearable tech, and be prepared for how this new technology is changing the game in the legal field.
Cloud-based data can lead to loopholes
Many wearable devices store user data in their app’s own cloud-based servers. Though the Supreme Court ruled that the Fourth Amendment applies to personal digital devices, the cloud-based data storage that wearable tech relies upon may open up legal loopholes.
Corporations need to be aware that any data stored on a company-issued wearable device could reasonably be subject to eDiscovery.
Data storage has always been a concern in the realm of eDiscovery. Now, thanks to wearable tech’s reliance on the cloud, that concern continues to grow.
Companies need wearable tech policies
Companies have plenty of reasons to be concerned with how their employees share private data. Court cases have been won and lost over emails the sender never thought would be shared, and the data collected on devices like Fitbits is no exception. Businesses are coming to terms with the need for wearable tech policies to protect themselves.
Many companies already have a "bring your own device" or BYOD policy in place, which allows employees to access corporate data from their personal devices as long as they are properly secured.
There is a lot to consider when planning a mobile device management policy. Download this white paper to get a more in-depth look at some of the unique legal hold triggers that are specific to different operating systems.
Others prohibit BYOD due to security and litigation risks. But where is the line when a company issues wearable devices to its employees as part of a corporate health initiative?
Corporations need to be aware that any data stored on a company-issued wearable device could reasonably be subject to eDiscovery. They and their employees should be prepared with a corporate document retention policy surrounding the proper use and security of wearable devices like Fitbits.
Wearable device data may not be accurate
Devices like Fitbits sync automatically to a smartphone throughout the day via Bluetooth. The wearer’s personal data is now stored on not one but two devices and in the cloud—and all this sharing of information leaves device users open to security breaches. Security gaps don’t just point to privacy concerns; they can also leave the door open for the manipulation of data.
A study published by Canadian nonprofit Open Effect found that “the fitness data generated by several wearable devices can be falsified by motivated parties, calling into question the degree to which this data should be relied upon for insurance or legal purposes.”
In addition to data manipulated by a third party, the wearers themselves may be able to trick a wearable device into logging data that isn’t accurate. There’s nothing stopping a Fitbit user from shuffling her feet while she watches a movie on the couch to log additional “steps.” Ideas for tricking your Fitbit are in high demand among employees who are after insurance discounts.
There’s an entire website dedicated to “hacking” your wearable device! Some devices, like the Apple Watch, aren’t as easily deceived, but these considerations may be enough to make courts think twice before allowing data from wearable tech to be admissible in court.
Treat wearable tech like any other device... for now
With wearable tech as the new frontier in eDiscovery, you may be tempted to treat data retrieved from a wearable device differently from that found on a smartphone or tablet. But the best way to approach wearable tech in eDiscovery may be to handle it like any other device.
“Don’t let form-factor fool you,” warns Anne Mitchell, attorney at law and founder of the Institute for Social Internet Public Policy. “It’s just another device. Even the things [wearable devices] track, such as steps and heart rate, are also tracked by smartphones now.”
Bottom line: The rules of wearable technology in the legal field will continue to evolve. It’s still unclear what part wearable devices will play in the courtroom. Until then, don’t overlook wearable devices in the eDiscovery process. The data collected there could be just as important to a case as files found on a personal computer.
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted July 13, 2017
How to Use Office 365 and X1 Discovery to Achieve Your Team's eDiscovery Goals [Webinar]
Posted July 12, 2017
Microsoft Office 365 is Disrupting the eDiscovery Industry in a Major and Permanent Fashion
Posted July 06, 2017
China's Cybersecurity Strategy: 5 Updates You Need to Know
Posted July 05, 2017
3 Workflows to Enhance Your Document Review Process
Posted June 28, 2017
Should you be using TAR? Judge Peck recommends you do
Posted June 21, 2017
Control Litigation Costs by Making the Most of Your Internal Capabilities
Posted June 15, 2017
Shanghai OSAC Quarterly Meeting
Posted June 15, 2017
5 Ways to Reduce eDiscovery Costs Before and During Litigation
Posted June 07, 2017
Defensible Deletion Strategy: Getting Rid of Your Unnecessary Data
Posted May 31, 2017
How Does the EU-US Privacy Shield Affect Cross-Border Discovery?