Any industry that deals with technology is destined to see changes from year to year as tech continues to evolve at a rapid pace. eDiscovery is no exception. Wearable technology (like Fitbits and Apple Watches) are the latest devices to make waves in the legal field.
These wearable devices track more information than their users may even be aware of, including heart rate, blood pressure, sweat, sleep cycles and GPS location. Apple Watches go even further, downloading emails and storing text messages. All that data can have a big impact on legal cases if it’s discoverable and admissible in court.
As a legal professional, you need to be aware of the ways these wearable devices could change the landscape of eDiscovery and case law. Take note of these challenges related to wearable tech, and be prepared for how this new technology is changing the game in the legal field.
Cloud-based data can lead to loopholes
Many wearable devices store user data in their app’s own cloud-based servers. Though the Supreme Court ruled that the Fourth Amendment applies to personal digital devices, the cloud-based data storage that wearable tech relies upon may open up legal loopholes.
Corporations need to be aware that any data stored on a company-issued wearable device could reasonably be subject to eDiscovery.
The data on the device itself may not be accessible without a warrant—but the data stored on a device manufacturer’s servers doesn’t fall under the same legal protections. Fitbit’s privacy policy clearly states that it will share identifiable personal information if necessary to comply with law or if they are served a warrant or subpoena.
Data storage has always been a concern in the realm of eDiscovery. Now, thanks to wearable tech’s reliance on the cloud, that concern continues to grow.
Companies need wearable tech policies
Companies have plenty of reasons to be concerned with how their employees share private data. Court cases have been won and lost over emails the sender never thought would be shared, and the data collected on devices like Fitbits is no exception. Businesses are coming to terms with the need for wearable tech policies to protect themselves.
Many companies already have a “bring your own device” or BYOD policy in place, which allows employees to access corporate data from their personal devices as long as they are properly secured.
Others prohibit BYOD due to security and litigation risks. But where is the line when a company issues wearable devices to its employees as part of a corporate health initiative?
Corporations need to be aware that any data stored on a company-issued wearable device could reasonably be subject to eDiscovery. They and their employees should be prepared with a corporate document retention policy surrounding the proper use and security of wearable devices like Fitbits.
Wearable device data may not be accurate
Devices like Fitbits sync automatically to a smartphone throughout the day via Bluetooth. The wearer’s personal data is now stored on not one but two devices and in the cloud—and all this sharing of information leaves device users open to security breaches. Security gaps don’t just point to privacy concerns; they can also leave the door open for the manipulation of data.
A study published by Canadian nonprofit Open Effect found that “the fitness data generated by several wearable devices can be falsified by motivated parties, calling into question the degree to which this data should be relied upon for insurance or legal purposes.”
In addition to data manipulated by a third party, the wearers themselves may be able to trick a wearable device into logging data that isn’t accurate. There’s nothing stopping a Fitbit user from shuffling her feet while she watches a movie on the couch to log additional “steps.” Ideas for tricking your Fitbit are in high demand among employees who are after insurance discounts.
There’s an entire website dedicated to “hacking” your wearable device! Some devices, like the Apple Watch, aren’t as easily deceived, but these considerations may be enough to make courts think twice before allowing data from wearable tech to be admissible in court.
Treat wearable tech like any other device… for now
With wearable tech as the new frontier in eDiscovery, you may be tempted to treat data retrieved from a wearable device differently from that found on a smartphone or tablet. But the best way to approach wearable tech in eDiscovery may be to handle it like any other device.
“Don’t let form-factor fool you,” warns Anne Mitchell, attorney at law and founder of the Institute for Social Internet Public Policy. “It’s just another device. Even the things [wearable devices] track, such as steps and heart rate, are also tracked by smartphones now.”
Bottom line: The rules of wearable technology in the legal field will continue to evolve. It’s still unclear what part wearable devices will play in the courtroom. Until then, don’t overlook wearable devices in the eDiscovery process. The data collected there could be just as important to a case as files found on a personal computer.
Attract & Retain Top Talent
With a rapidly changing industry, it's vital to offer the right compensation and set the right expectation. With our Salary Guide, get detailed job descriptions, industry insights and local salary data to equip your managers with hiring confidence and expertise.
Get your copy »