Tag: evidence

The Increasing Role of Cybersecurity Experts in Complex Legal Disputes

The testimonies and guidance of expert witnesses have been known to play a significant role in high-stakes legal matters, whether it be the opinion of a clinical psychiatrist in a homicide case or that of a career IP analyst in a patent infringement trial. However, in today’s highly digital world—where cybercrimes like data breaches and theft of intellectual property are increasingly commonplace—cybersecurity professionals have become some of the most sought-after experts for a broadening range of legal disputes.

Below, we will explore the growing importance of cybersecurity experts to the litigation industry in more depth, including how their insights contribute to case strategies, the challenges of presenting technical and cybersecurity-related arguments in court, the specific qualifications that make an effective expert witness in the field of cybersecurity, and the best method for securing that expertise for your case.

How Cybersecurity Experts Help Shape Legal Strategies

Disputes involving highly complex cybercrimes typically require more technical expertise than most trial teams have on hand, and the contributions of a qualified cybersecurity expert can often be transformative to your ability to better understand the case, uncover critical evidence, and ultimately shape your overall strategy.

For example, in the case of a criminal data breach, defense counsel might seek an expert witness to analyze and evaluate the plaintiff’s existing cybersecurity policies and protective mechanisms at the time of the attack to determine their effectiveness and/or compliance with industry regulations or best practices. Similarly, an expert with in-depth knowledge of evolving data laws, standards, and disclosure requirements will be well-suited to determining a party’s liability in virtually any matter involving the unauthorized access of protected information. Cybersecurity experts are also beneficial during the discovery phase when their experience working with certain systems can assist in potentially uncovering evidence related to a specific attack or breach that may have been initially overlooked.

We have already seen many instances in which the testimony and involvement of cybersecurity experts have impacted the overall direction of a legal dispute. Consider the Coalition for Good Governance, for example, that recently rested its case(Opens an external site in a new window) as the plaintiffs in a six-year battle with the state of Georgia over the security of touchscreen voting machines. Throughout the process, the organization relied heavily on the testimony of multiple cybersecurity experts who claimed they identified vulnerabilities in the state’s voting technology. If these testimonies prove effective, it will not only sway the ruling in the favor of the plaintiffs but also lead to entirely new policies and impact the very way in which Georgia voters cast their ballots as early as this year.

The Challenges of Explaining Cybersecurity in the Courtroom

While there is no denying the growing importance of cybersecurity experts in modern-day disputes, it is also important to note that many challenges still exist in presenting highly technical arguments and/or evidence in a court of law.

Perhaps most notably, there remains a significant gap in both legal and technological language, as well as in the knowledge and understanding of cybersecurity professionals and judges, lawyers, and the juries tasked with parsing particularly dense information. In other words, today’s trial teams need to work carefully with cybersecurity experts to develop communication strategies that adequately illustrate their arguments but do not result in unnecessary confusion or a misunderstanding of the evidence being presented. Visuals are a particularly useful tool in helping both litigators and experts explain complex topics while also engaging decision-makers.

Depending on the nature of the data breach or cybercrime in question, you may be tasked with replicating a digital event to support your specific argument. In many cases, this can be incredibly challenging due to the evolving and multifaceted nature of modern cyberattacks, and it may require extensive resources within the time constraints of a given matter. Thus, it is wise to use every tool at your disposal to boost the power of your team—including custom expert witness sourcing and visual advocacy consultants.

What You Should Look for in a Cybersecurity Expert

Determining the qualifications of a cybersecurity expert is highly dependent on the details of each individual case, making it critical to identify an expert whose experience reflects your precise needs. For example, a digital forensics specialist will offer an entirely different skill set than someone with a background in data privacy regulations and compliance.

Making sure an expert has the relevant professional experience to assess your specific cybersecurity case is only one factor to consider. In addition to verifying education and professional history, you must also assess the expert’s experience in the courtroom and familiarity with relevant legal processes. Similarly, expert witnesses should be evaluated based on their individual personality and communication skills, as they will be tasked with conveying highly technical arguments to an audience that will likely have a difficult time understanding all relevant concepts in the absence of clear, simplified explanations.

Where to Find the Most Qualified Cybersecurity Experts

Safeguarding the success of your client or firm in the digital age starts with the right expertise. You need to be sure your cybersecurity expert is uniquely suited to your case and primed to share critical insights when the stakes are high.

© Copyright 2002-2024 IMS Legal Strategies, All Rights Reserved.
For more news on Cybersecurity Experts, visit the NLR Civil Procedure section.

Two More HR Mistakes To Avoid – Human Resources

Michael Best Logo

Having just touched the tip of the HR iceberg in my recent post  “Avoid these 3 Common HR Mistakes,” let’s dive a little deeper. Below are two more common mistakes made by companies and their human resources professionals:

Mistake #4: Failing to preserve key evidence.  Every terminated employee poses the risk of future litigation. Consequently, take steps to preserve crucial evidence. To the extent possible, save all employee voice mails that involve statements of: (1) quitting; (2) insubordination; (3) threats of violence; (4) profanity; and (5) excuses for absences unrelated to any disability (if you terminated the employee for absenteeism). Similarly, print and save screen shots of employees’ texts and social media postings, particularly if the contents reveal employee misconduct. Finally, always keep a signed and dated copy of the termination letter, and save the employee’s personnel file for at least 3 years.

Mistake #5: Failing to keep quiet. When it comes to discussing employment terminations, the less said the better. Never talk with a lawyer representing an employee. Generally, anything you say is evidence that will be used against you. For the same reason, don’t talk to an employee’s family member about their situation – he/she is not the employee. Don’t talk with anyone from a government agency unless your lawyer is present. Don’t tell individuals who do not have a “need to know” why an employee was terminated; if you can’t later prove the reason(s) for the termination you may face a defamation claim. Finally, be careful what you write in emails. Do not: (1) refer to an employee’s protected characteristics (such as race, age, gender, sexual orientation, religion, disability, etc.); (2) refer to an employee’s threat of a lawsuit; or (3) call the employee derogatory names (including “troublemaker”). Emails can and will be discovered in the course of litigation, and can be highly damaging to your case.*

Navigate around these legal icebergs in order to avoid sinking your case.

ARTICLE BY

Mitchell W. Quick
OF
Michael Best & Friedrich LLP

Supreme Court Unanimously Rules That Police Officers Cannot Search the Contents of Cell Phones Incident to Arrest Without Obtaining a Search Warrant View Edit Track

RCA Logo

In Riley v. California, the United States Supreme Court unanimously held that the Fourth Amendment prohibits police officers from searching through the data on an arrested suspect’s cell phone as an “incident to the arrest” and instead ruled that police officers must get a warrant first.

Riley involved the facts of two separate cases. In the first case, officers searched through the smartphone of a suspect arrested for expired registration and possession of illegal firearms and found photos and text messages showing that the arrestee was involved in a gang shooting a few weeks earlier. In the second case, officers arrested a suspect after observing him complete a drug deal, searched his traditional cell phone (not a smart phone) for the phone number associated with his home, traced the number to his house, and found a large amount of drugs and cash, along with a firearm and ammunition. In both cases, the evidence obtained through the warrantless cell phone searches was admitted at trial and both defendants were convicted.

The Court’s analysis focused on the reach of a warrantless search “incident to a lawful arrest.” Under this exception, police officers are permitted to search the person arrested and the area within their immediate control to remove any weapons that may be used to resist arrest or endanger the officers and to prevent the destruction of evidence. SeeChimel v. California, 395 U.S. 752 (1969). The Court took the time to appreciate the complexity of modern cellphones, describing them as “minicomputers that also happen to have the capacity to be used as a telephone” that are “a pervasive and insistent part of daily life.” The Court then analyzed the two justifications in Chimel for allowing a search incident to arrest: officer safety and destruction of evidence. With respect to officer safety, the Court concluded that data cannot harm officers and examples of cellphones indirectly contributing to unsafe arrest scenes were insufficient to dispose of the warrant requirement. With respect to the destruction of evidence, the Court found that examples of remote data-wiping of cellphones in police custody were rare and could be prevented by removing the battery or storing the phone in a bag designed to block wireless signals.

As further justification, the Court examined the privacy issues that arise from allowing warrantless searches of cellphones incident to arrest. Because modern cellphones carry the equivalent of “cameras, video players, rolodexes, calendars, tape recorders, libraries, diaries, albums, televisions, maps, or newspapers” in a person’s pocket, the Court found that searches incident to arrest were not “limited by physical realities” of what a person can carry. Thus, allowing warrantless searches incident to arrest could reveal “far more than the most exhaustive search of a house.” The Court also noted that the scope of data that can be reached by cellphones, such as information uploaded to cloud servers, necessitated a warrant requirement and the proposed solutions to allow but limit warrantless searches were unworkable. Finding that cellphones store “the privacies of life,” the Court held that police must do one simple thing before searching a cell phone seized incident to an arrest: “get a warrant.”

For a full copy of the opinion, click here.

Article By:

Kevin Heaphy
Of:
Ryley Carlock & Applewhite, A Professional Corporation