Advanced eDiscovery Institute Takes On Data Privacy Issues
January 13, 2020
When David E. McCraw, The New York Times’ deputy general counsel, came to the paper 17 years ago, most of the privacy issues he saw were fairly straightforward: People called him wanting stories about them taken off the Times’ website. The top request?
“Wedding announcements,” he said. “You know, ‘I don’t want the world to know I was married to that jerk once upon a time.’”
Today, privacy issues look very different, he said in his keynote address to Georgetown Law’s 16th annual Advanced eDiscovery Institute, hosted by the Office of Executive and Continuing Legal Education on Nov. 21 and 22. How should reporters handle leaked private information? How do they report on the spread of unverified information without violating terms of service? Who should be in charge of policing these questions?
“When we’re thinking about all these issues – about leaks and about privacy and about disinformation, and how the press can use digital tools to cover the news — I think we ultimately come to a much larger question of freedom and government regulation,” he said. “Consumers are understandably concerned about where their private data goes, and how is it used. But the question is, will it come at the expense of free expression?”
Consider, he said, the right to be forgotten under Europe’s General Data Protection Regulation, or GDPR. Until recently, that obligation to remove a search result extended only to search engines, and a ruling from a Spanish court explicitly exempted journalism. However, an Italian court recently ruled that a local news site had to remove an old article about a knifing incident between two brothers, now in their 80s.
“The idea that we’re now going to be engaged, at least if that decision holds up, in the purging of historic archives, is to my mind disturbing,” said McCraw. “Whenever we have tried to ban information, it’s not really worked out well for civilization.”
Or think of the Times’ reporting on how Cambridge Analytica had taken data about Facebook users in violation of Facebook rules, and used it to target people with advertising ahead of elections. Reporters wanted to speak to these people about how they felt about being targeted and having their data improperly shared.
“We wanted their voices to be heard, but again, doing that also discloses private information about them,” said McCraw. Whistleblowers, he noted, are often motivated by concerns that companies or governments who are breaching peoples’ privacy – but these same whistleblowers may themselves violate peoples’ privacy in handing over leaked databases, full of private data, to reporters.
These themes were echoed in panels throughout the conference, which gathered over 430 participants – judges, lawyers, and experts – for two days of discussion, insights, and debates on the most cutting-edge questions in eDiscovery. This year, the conference’s prestigious advisory board, whose members include leading practitioners, judges, and government attorneys – many of them Georgetown Law alumni – added a new track on privacy, to address growing concerns from consumers and increased attention from government regulators in a variety of jurisdictions.
“One of the most important things that happened this year was more of a focus on the intersection of eDiscovery and issues of data privacy,” said Gil Keteltas (L’89), a member of the conference advisory board, noting the wide range of views provided at the conference included both the U.S. and a cross-border or global perspective.
Over two jam-packed days, attendees participated in both plenaries and break-out sessions, gaining valuable theoretical insights and tackling hypotheticals and real-life case studies to inform their critical thinking and provide actionable information that can be applied the very next day on the job. One such highlight was a session on “New Technologies, New Ethics,” where discussants addressed, among other topics, how to deal with small errors in the processing of massive amounts of data.
“What happens when a mistake is made, in a process that just could never be perfect because of the sheer volume of information?” said Keteltas. “Does that conduct rise to the level of an ethics violation?”
Keteltas moderated a panel in which four practitioners discussed new communications technologies that automatically destroy messages after a certain amount of time has elapsed. If employees move to self-destructing messaging apps from regular messaging apps, does that amount to improper destruction of evidence? How does the duty to preserve information apply, and how can one prove what kind of information was shared and then destroyed?
Another perennial crowd favorite was the “Case Law Update,” in which four judges, U.S. District Judge J. Michelle Childs, former U.S. Magistrate Judge Anthony E. Porcelli, U.S. District Judge Xavier Rodriguez and U.S. Magistrate Judge Nina Y. Wang, gave their views from the bench on notable electronic discovery cases of the past year, with moderation by David J. Kessler of Norton Rose Fulbright US LLP.
In his keynote, McCraw said traditionally data has been collected to solve problems. But now, the abuse of data itself is the problem.
“The question that we all really have to wrestle with is, who do we trust to be
the police?” he asked. “Should we have citizens who understand how to
proportionally deal with private information, how to check fake news, how to check
the information, the sourcing of what they’re getting?”
The alternatives – relying on government regulation through an Orwellian “Ministry of Truth,” or blindly trust that corporations will not abuse our data or overstep our privacy – are simply too grim, he said.
Instead, he concluded, “We are left with what has been the traditional American solution – and that is: better citizens.”
Georgetown Law’s eDiscovery Training Academy, an in-depth law and technology course for newer eDiscovery practitioners, is coming up on June 8-12, 2020. Learn more about the training academy.