Tech-Based Data Sources: The Brave New World of Discovery

By Bethany Schneider


REQUEST #1

Please produce any and all documents . . .

You are all too familiar with requesting traditional discovery sources – medical records, correspondence, photographs, telephone records. But if you are limiting your discovery requests to these types of traditional data sources, then you may be ignoring some data gold mines. Tech-based sources have grown exponentially in the past few years, and the good news for us plaintiffs lawyers is that these data sources can be accessed more easily and cheaply than ever before. While that fact can be frightening for all of us on a personal level (because it means companies and individuals can also access our personal information without us ever even knowing it), tech-based data sources open up a whole new world for us in discovery in our civil cases.

There are two main categories of tech-based data sources to consider when drafting your discovery requests: (1) electronic vehicle information, which includes things like vehicle “black boxes” and infotainment systems; and (2) electronic personal information, such as cell phones and apps, Apple watches, and even drones.

Electronic Vehicle Data:
Commercial and Passenger Vehicles

Since the early 2000s, the National Highway Traffic Safety Administration (NHTSA) has been collecting information from vehicles through vehicle “black boxes” called Event Data Recorders (EDRs). EDRs record digital data, such as speed and acceleration, around the time of an “event.” According to NHTSA, as of 2013, 96% of new vehicles sold had EDRs. As of 2014, all new vehicles must have EDRs.

For commercial vehicles, unlike passenger vehicles, the EDR is located inside of the truck engine. Special software is required to download the data from the truck engine. To perform the data download, you can hire an accident reconstructionist or a company called Collision Data (www.collisiondata.com) that only does downloads, which can be less expensive than hiring an accident reconstructionist. Collision Data is able to obtain EDR data from Caterpillar, Cummins, Detroit Diesel, International, Mercedes-Benz, PACCAR, and some Volvo engines. These engines can be found in trucks produced by various manufacturers including Freightliner, International, Kenworth, Peterbilt, Sterling, Volvo, Western Star, and others.

According to Collision Data, commercial vehicles’ EDRs can record vehicle speed, accelerator/throttle usage, engine RPM, brake application, clutch status, cruise control operation, electronic log books, and more. Depending on the truck manufacturer, there may be up to 1 minute and 44 seconds of data before a triggering event and 15 seconds after, in at least 1 second intervals.

If a truck is no longer driven after a collision, then the information on the EDR will never be erased. If the truck is put back into service after a collision, then the EDR information from the collision will be erased at some point. The length of time you have to download the data can be unpredictable. It is best to download the data as soon as possible if you find out the truck is back in service.

Collision Data also advertises that they can obtain useful accident related data from the various Anti-lock Brake Systems found on commercial vehicles including Bendix and Meritor WABCO systems.

To access EDR data, you should request a vehicle inspection. Trucking companies also use GPS fleet tracking programs, such as PeopleNet Fleet Manager, to keep track of all trucks on the roadways. These fleet tracking programs typically save speed and some even have dash cam videos. The frequency of the data depends on the system, and data can be recorded every second to every five minutes. The fleet tracking data is generally saved on a corporate server and accessible to the fleet safety manager.

To access information from the fleet tracking program, you should send a discovery request to the trucking company specifically requesting data from the fleet tracking system. The company would have to provide that information itself, versus being able to download it from the actual truck.

Quest Engineering & Failure Analysis, Inc., is a company that offers failure analysis and accident reconstruction services. They specialize in obtaining electronic vehicle information. Shane Remy from Quest noted that some truck drivers have dash cameras themselves. He recommends always looking for them during a truck inspection so that you can request videos from the driver’s personal dash cameras as well.

For passenger vehicles, the EDR is the airbag control module. The airbag control module is triggered whenever the airbags are deployed or whenever the vehicle is thinking about deploying the airbags. Typically, the airbag control module will save data beginning with five seconds before impact. As in commercial vehicles, the data from the airbag control module is obtained from the vehicle itself. Collision Data can download the data for a $500 flat rate, according to Shane.

To access airbag control module data, you should request a vehicle inspection.

If a defendant has a personal GPS like a Garmin, you can download information from that device as well. To do that, you would have to request production of the actual device.

Another source of tech-based data from passenger vehicles is the vehicle’s infotainment system. Infotainment systems are what plays music, provides navigation, allows Bluetooth calling, etc. When a cell phone is hooked up to these systems, the vehicle actually downloads information from the phone, such as personal contacts, favorite places, call logs, texts and navigation information. This can be particularly worrisome on a personal level for rental cars. Anytime you hook up your phone to a rental car’s infotainment system, the rental car actually stores all of that information even long after you disconnect your phone.

Newer Ford vehicles have started saving even more information about the vehicle itself, such as the GPS locations of opening and closing doors. Shane from Quest expects other manufacturers to follow suit.

To download the data from infotainment systems, you actually have to take the module out of the vehicle. The best practice would be to send a specific discovery request for the infotainment system beyond just a vehicle inspection request.

Electronic Personal Data Devices

In the last several years, there has been increasing controversy over the breadth of information that must be produced from cellular phones. This controversy has largely centered around the right of privacy, particularly in criminal cases. In Riley v. California, 134 S. Ct. 2473, 189 L. Ed. 2d 430 (2014), Chief Justice Roberts observed that smart phones are “now such a pervasive and insistent part of daily life that the proverbial visitor from Mars might conclude they were an important feature of human anatomy.”

Call logs, text messages and photographs are the obvious data retrievable from a cell phone. Those types of data, however, are not the entire universe potentially accessible to you from a cell phone. The GPS on a cell phone, for instance, records every latitude and longitude for when it connects with a Wi-Fi network or when the phone takes a photograph. Cell phone analysis can actually generate a map of where the phone’s owner has been. Apps for messaging, like WhatsApp, and payments, like Venmo, can also be accessed to provide potentially valuable information in a civil case.

Greg Freemyer from SullivanStrickland, a firm specializing in forensic electronic data retrieval, explained that Cellebrite is the industry standard tool for analyzing cell phone data. It is the tool used by almost every law enforcement agency. The capabilities and limitations of downloading and analyzing cell phone data is dictated by the capabilities and limitations of that software. Cellebrite essentially creates a back-up of all of the databases stored on the phone itself. Data is typically stored on the phone for a period of two weeks before being permanently uploaded to the Cloud, according to Greg. This is especially informative if you are interested in accessing e-mails on a phone because only the past two weeks of emails will be available from a phone download. To obtain data from the Cloud, you have to separately access that directly from the Cloud through a different process. There are some additional legal and privacy concerns related to accessing the Cloud. Cellebrite routinely adds support for apps. If there is a specific app from which you are looking for data, you should specify that when retaining a forensics firm because that app may not be supported in the standard analysis but companies like SullivanStrickland can still access that information if it is preserved on the phone.

SullivanStrickland charges $950 for imaging and the first phase of reporting. It takes four hours to perform the imaging, and reports can be completed within a couple of days.

According to Greg, there has been tremendous growth in the use of cell phone data in legal cases. Five years ago, he was imaging ten phones per year. Now, he images ten phones per month.

Because of the privacy concerns related to the breadth of data contained on cell phones, the court is unlikely to allow unrestricted access to the defendant’s cell phone and will likely require a forensic protocol. You should file a motion to inspect the defendant’s cell phone and submit a proposed forensic protocol.

A forensic protocol should contain the following information and procedures:

1) Who will conduct the forensic examination? Usually this will need to be a neutral party, such as a forensics firm like SullivanStrickland.

2) The appointed expert will serve as an Officer of the Court so to the extent that expert has access to privileged information, such access will not waive the privilege.

3) Whether the appointed expert will need to sign a confidentiality order.

4) Whether the search will be limited to specific search terms or time periods.

5)  Time limits for the defendant to review the search results and produce a privilege log.

See, e.g., Wynmoor Cmty. Council, Inc. v. QBE Ins. Corp., 280 F.R.D. 681, 687-88 (S.D. Fla. 2012) (while there are no reported Georgia civil cases on inspecting a party’s cell phone, this case appears instructive as to what Georgia courts may require); see also Antico v. Sindt Trucking, Inc., 148 So. 3d 163 (Fla. 1st DCA 2014) (trial court in a wrongful death case against a trucking company did not err by allowing company’s expert to retrieve data from driver’s cellphone under limited and controlled conditions).

As to other tech-based data sources for personal information:

  • Apple Watches: If the Apple Watch is backed up to an iPhone or the iCloud, then the data on the Apple Watch is available through the same method as for an iPhone, such as using Cellebrite to download the data through the creation of a “back-up.” You should request to inspect the Apple Watch and propose a forensic protocol, as you would a cell phone.
  • Fitbits: The information contained on wearable devices like Fitbits can be obtained through download using the USB interface on the device. You should request to inspect the wearable device. Wearable devices are not subject to HIPAA.
  • PayPal: You can subpoena PayPal directly because the company keeps records of transactions.
  • Uber/Lyft: You can subpoena the company directly for a record of transactions, as well as photographs of the car.
  • Drones: Drones are managed by an app through which you can program the drone’s route and to which the drone sends photographs along the route. You should be able to access this data through an inspection of the cell phone if you specify to the forensics firm that you would like to access the drone app.
  • Alexa/Echo/Google Home: There is not currently any way to access the information from the device directly so you should send a subpoena to the service provider (Amazon or Google).

In conclusion, new tech-based data sources are nothing to fear; instead, as it is definitely certain that defense counsel will utilize these more and more to discover information to defeat our clients’ claims, we can use these same sources preemptively to prove our claims. In fact, as an example, recently I retained an accident reconstructionist in a disputed liability car wreck case. Through the downloading of the EDR data, we were able to prove that the defendant’s car was accelerating at the time of the collision, rather than decelerating, as he had told the police and his employer and as he claimed in his deposition. That information was a game-changer for the case and one of the things that resulted in a six-figure settlement offer in that case.

So, in the new age of technology, even those of you would do not consider yourselves to be “tech-savy,” do not stick to your typical standard form discovery requests of “any and all documents…” Instead, embrace and exploit these tech-based data sources to significantly increase the value of your cases. ●

Bethany Schneider is the founder of Schneider Law P.C. in Atlanta where her practice focuses on premises and products liability, road wrecks, medical malpractice, catastrophic injury, and wrongful death. She received her bachelor’s from the University of Georgia and her Juris Doctor from the University of Texas School of Law before spending nine years with King & Spalding. Bethany is currently serving on the GTLA New Lawyer’s Division Board and as a members of the LEAD Program, and she can be reached at bschneider@schneiderlawpc.com.


PHOTOS:
Natthawee Suwannatthachot/Shutterstock.com, julia.m/Shutterstock.com

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.