A number of recent state regulations address privacy rights for consumers of all ages, but there is no equivalent federal law protecting all consumer’s privacy rights. That being said, the Children’s Online Privacy Protection Act of 1998 (“COPPA,” at 15 U.S. Code §6501 et seq.) provides some federal protection for data subjects under 13 years of age. This act requires the operator of a “website or online service directed to children” to provide notice on the website regarding the collection, use, and disclosure of a child’s personal information and to obtain “verifiable parental consent” for the noticed collection, use, and disclosure, with some exemptions. Parents have the right to request a description of the types of personal information collected, to revoke consent (including the operators’ use and maintenance of already collected data in addition to termination of future collection), and to obtain the personal information collected from their child(ren). By the same token, a website operator may terminate provision of services to a child when the parent has revoked consent for the use, maintenance, and/or further collection of personal information from the child. Additionally, website operators are prohibited from offering a prize for, or requiring a child to provide, additional personal information in order to participate in a game or activity. Under 15 U.S. Code §6504, the Attorney General of any US state may bring civil action for violations of 15 U.S. Code §6502(b) as parens patriae on behalf of the residents of that state.Read More
Key Insight: Plaintiff filed a motion to compel and for sanctions against defendants, claiming the defendants’ production of ESI relating to the treatment of plaintiff’s mental illness was produced in PDF as opposed to its native Excel format and not reasonably usable. The court granted plaintiff’s motion to compel, ordering defendants to produce the ESI in their native Excel format and awarded plaintiff’s counsel $25,000 in fees. The court rejected defendants’ argument that it converted the Excel data into PDF because it was required under HIPAA and Illinois law given the protective order in place. The court further found the ESI in PDF form was not “reasonably usable” under Rule 34(b). There is missing data and text, and it eliminated plaintiff’s ability to sort and organize the data contained in the spreadsheets. Quoting another court’s decision, the court noted: “One of the unique strengths of Excel software is the ability to implement calculations and formulae that are not evident in a PDF version[.]” This forced plaintiff to sort more than 270,000 pages of information, much of which is either redacted or difficult to read.
Nature of Case: Prisoner Civil Rights
Electronic Data Involved: Prisoner Records
Key Insight: A forensic imaging of Plaintiff’s electronic devices and cloud based accounts was warranted because Plaintiff lost relevant evidence during the discovery process and continually made misrepresentations regarding this evidence and how it was stored. The forensic imaging would preserve any evidence and possible recover evidence that has been loss. This would not be an invasion of privacy as Plaintiff’s privacy can be adequately protected. A third party service provider can image the devices and collect the data. Counsel would not have access to any of the data until after the court approves a review plan, which would implement additional safeguards to ensure there is no access to irrelevant or private information.
Nature of Case: Sexual Assault, Fraud
Electronic Data Involved: Audio Recording, Cloud Based Account Data, Electronic Device Data