Posted on: December 08, 2016in Blog
Wearable Tech: The Impact on Cases and eDiscovery
This blog was originally published by Special Counsel.
Any industry that deals with technology is destined to see changes from year to year as tech continues to evolve at a rapid pace. eDiscovery is no exception. Wearable technology (like Fitbits and Apple Watches) are the latest devices to make waves in the legal field.
These wearable devices track more information than their users may even be aware of, including heart rate, blood pressure, sweat, sleep cycles and GPS location. Apple Watches go even further, downloading emails and storing text messages. All that data can have a big impact on legal cases if it’s discoverable and admissible in court.
As a legal professional, you need to be aware of the ways these wearable devices could change the landscape of eDiscovery and case law. Take note of these challenges related to wearable tech, and be prepared for how this new technology is changing the game in the legal field.
Cloud-based data can lead to loopholes
Many wearable devices store user data in their app’s own cloud-based servers. Though the Supreme Court ruled that the Fourth Amendment applies to personal digital devices, the cloud-based data storage that wearable tech relies upon may open up legal loopholes.
Corporations need to be aware that any data stored on a company-issued wearable device could reasonably be subject to eDiscovery.
Data storage has always been a concern in the realm of eDiscovery. Now, thanks to wearable tech’s reliance on the cloud, that concern continues to grow.
Companies need wearable tech policies
Companies have plenty of reasons to be concerned with how their employees share private data. Court cases have been won and lost over emails the sender never thought would be shared, and the data collected on devices like Fitbits is no exception. Businesses are coming to terms with the need for wearable tech policies to protect themselves.
Many companies already have a "bring your own device" or BYOD policy in place, which allows employees to access corporate data from their personal devices as long as they are properly secured.
There is a lot to consider when planning a mobile device management policy. Download this white paper to get a more in-depth look at some of the unique legal hold triggers that are specific to different operating systems.
Others prohibit BYOD due to security and litigation risks. But where is the line when a company issues wearable devices to its employees as part of a corporate health initiative?
Corporations need to be aware that any data stored on a company-issued wearable device could reasonably be subject to eDiscovery. They and their employees should be prepared with a corporate document retention policy surrounding the proper use and security of wearable devices like Fitbits.
Wearable device data may not be accurate
Devices like Fitbits sync automatically to a smartphone throughout the day via Bluetooth. The wearer’s personal data is now stored on not one but two devices and in the cloud—and all this sharing of information leaves device users open to security breaches. Security gaps don’t just point to privacy concerns; they can also leave the door open for the manipulation of data.
A study published by Canadian nonprofit Open Effect found that “the fitness data generated by several wearable devices can be falsified by motivated parties, calling into question the degree to which this data should be relied upon for insurance or legal purposes.”
In addition to data manipulated by a third party, the wearers themselves may be able to trick a wearable device into logging data that isn’t accurate. There’s nothing stopping a Fitbit user from shuffling her feet while she watches a movie on the couch to log additional “steps.” Ideas for tricking your Fitbit are in high demand among employees who are after insurance discounts.
There’s an entire website dedicated to “hacking” your wearable device! Some devices, like the Apple Watch, aren’t as easily deceived, but these considerations may be enough to make courts think twice before allowing data from wearable tech to be admissible in court.
Treat wearable tech like any other device... for now
With wearable tech as the new frontier in eDiscovery, you may be tempted to treat data retrieved from a wearable device differently from that found on a smartphone or tablet. But the best way to approach wearable tech in eDiscovery may be to handle it like any other device.
“Don’t let form-factor fool you,” warns Anne Mitchell, attorney at law and founder of the Institute for Social Internet Public Policy. “It’s just another device. Even the things [wearable devices] track, such as steps and heart rate, are also tracked by smartphones now.”
Bottom line: The rules of wearable technology in the legal field will continue to evolve. It’s still unclear what part wearable devices will play in the courtroom. Until then, don’t overlook wearable devices in the eDiscovery process. The data collected there could be just as important to a case as files found on a personal computer.
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted May 24, 2017
Unique eDiscovery Challenges with Mobile Device Data and How to Solve Them
Posted May 17, 2017
How to Comply with 21 CFR and HIPAA Data Retention Requirements
Posted May 11, 2017
4 Key Advantages of Conducting Remote Depositions
Posted May 03, 2017
eDiscovery in International Dispute Resolution: What Experts Want You to Know
Posted April 27, 2017
China Expands Data Transfer Requirements for its Cybersecurity Law
Posted April 26, 2017
How to Use Office 365 Advanced eDiscovery to Prioritize Your Review
Posted April 21, 2017
American Bar Association Section of International Law | 2017 Spring Meeting in Washington DC
Posted April 19, 2017
Office 365 Enterprise E5: 6 Features That Could Benefit Your Business
Posted April 12, 2017
Data Reuse in eDiscovery: 4 Questions to Help Start Your Policy
Posted April 05, 2017
ESI Data Mapping Basics for eDiscovery