Data Law Insights

Legal insights on navigating privacy, data protection, cybersecurity, information governance, and e-discovery

Latest from Data Law Insights

Finding that a lower court had underestimated the harm resulting from the government’s seizure and ongoing possession of privileged material, the Fifth Circuit ruled recently that a “taint team” process was insufficient to protect the rights of the party holding the privilege.  The appellate court’s ruling is part of a trend in which courts have expressed skepticism that the use of “taint teams” by the government is an adequate safeguard against undermining the sacrosanct attorney-client…
As the use of collaboration and cloud storage platforms expand, litigants and courts are facing increased challenges in keeping up with e-discovery requirements created with different technologies in mind. One example involves the discovery obligations associated with files referenced in email only by hyperlink. Should a litigant be required to find and produce that referenced document as if it were an attachment? What if that is very hard to do? What if the file has…
Please join us for an investigations-focused webinar series where our team of litigators, former prosecutors, and regulatory attorneys will discuss useful strategies for navigating a government probe or ensuring compliance with regulations and corporate policies. Our presenters will provide companies with critical information for navigating commercial risk and enforcement. This webinar series covers broad-reaching investigations in a variety of areas, including: Nuts & Bolts of Investigations: Protecting Privilege Labor, Employment, and COVID-related Investigations Congressional Investigations…
The new year has brought one of the most comprehensive court decisions yet reminding attorneys in no uncertain terms of the rules mandating fundamental competency in the treatment of electronically stored information (“ESI”). Falling short may get both lawyers and clients sanctioned. In January 2021, U.S. District Judge Iain Johnston issued his opinion in DR Distributors, LLC v. 21 Century Smoking, Inc. (N.D. Ill. No. 12 CV 50324) coming down hard on defense counsel for…
Crowell & Moring’s E-Discovery and Information Management (EDIM) group is pleased to announce the introduction of “CMD,” an integrated E‐Discovery solution. CMD provides access to cutting-edge analytics, processing and hosting technology, AI-driven workflows combined with our Chambers-rated legal advocacy, consulting, review and professional services to accelerate and improve data analysis. Please click here to read the full press release.…
The Virginia Consumer Data Protection Act (CDPA) has become the next major U.S. state privacy law, after being signed into law by Virginia Governor Ralph Northam on Tuesday, March 2, 2021. The new law amends Title 59.1 of the Code of Virginia with a new chapter 52 (creating Code of Virginia sections 59.1-571 through 59.1-581). Who is covered? Per Section 59.1-572, the bill applies to “persons that conduct business in the Commonwealth or that produce…
On 5 February 2021, the U.K. Supreme Court unanimously ruled that the Serious Fraud Office (SFO) does not have the power to compel a foreign company that has no registered office or fixed place of business in the U.K. to produce documents held outside the U.K. under section 2(3) Criminal Justice Act 1987 (CJA). This means that where the parent of a U.K. company is a foreign company which has no presence in the U.K.,…
More than 300,000 companies within the Defense Department’s supply chain will need to meet new Cybersecurity Maturity Model Certification (CMMC) requirements and pass a third-party assessment to ensure they are adequately protecting sensitive information on their networks. Now, Crowell & Moring has become the first AmLaw 100 firm to achieve Registered Provider Organization (RPO) status by the CMMC Accreditation Body (CMMC-AB) to help defense contractors comply with CMMC cybersecurity standards and prepare for their assessments.…
Responding parties have significant discretion to design and deploy technology assisted review (“TAR”) workflows in a manner they determine is reasonable and proportional for the case.  At least that’s what the Northern District of Illinois suggested in its September 2020 ruling in Livingston v. City of Chicago (N.D. Ill. No. 16 CV 10156). Livingston is a gender discrimination case challenging the City of Chicago’s Fire Department’s (“City”) application process.  The City collected roughly 1.5 million…
On August 14, 2020, California Attorney General Xavier Becerra released final implementing regulations for the California Consumer Privacy Act (CCPA). The CCPA became enforceable on July 1, 2020, and Becerra’s office submitted a final proposed draft of the regulations to the California Office of Administrative Law (OAL) on June 1, 2020. The Proposed Regulations have gone through several revisions since the publication of the initial draft in October of 2019. The OAL approved the final…