More Sanctions for Improper Electronic Filing of Court Documents

Posted on January 9, 2011 by V. John Ella

With some harsh words of warning, a judge in the U.S. District Court for the District of Minnesota has sanctioned another law firm for electronic filing of documents disclosing birth dates, names of minors, financial account numbers and at least one social security number in violation of Fed. R. Civ. P. 5.2(a).

In a decision issued on November 24, 2010 in the case of Allstate Insurance Company v. Linea Latina de Accidentes, Judge Joan N. Erickson noted that,

"Every federal district has now embraced electronic filing.  The days of attorneys being able to ignore the computer and shift blame to support staff in the event of an error are gone.  The consequences are simply too serious. To the extent there are attorneys practicing in federal court who are under the impression that someone in the Clerk's office will comb their filings for errors and call them with a heads-up, the court delivers this message: its is the responsibility of counsel to ensure that personal identifiers are properly redacted."

In this case, upon being notified of the problem, plaintiff's counsel initially moved to have the complaint and its attachments filed under seal.  The court responded by stating that there was no reason to seal the complaint if had been properly redacted, and then noted that plaintiff's motion showed no sense of urgency to remedy the fact the information was on the Internet, perhaps permanently.  Counsel then attempted to redact the information using Adobe Acrobat's rectangle tool, which the court found insufficient as the black rectangles could be removed with a few keystrokes. The court ultimately ordered the plaintiff's counsel to remedy the problem, notify each individual affected, provide credit monitoring,and to pay $300 to a charity.

 We previously warned you about similar sanctions in the case of Engeseth v. County of Isanti. Caveat jurisconsultor (lawyer beware)!

Tags: , ,

Social Security Number Protection Act of 2010

Posted on December 23, 2010 by Jason C. Gavejian

On December 18, 2010 President Obama signed into law the Social Security Number Protection Act of 2010. The law has two key components. 

First, the law establishes that no Federal, State, or local agency may display the Social Security account number of any individuals or any derivative of such number, on any check issued for payment by said agency. 

Second, the law prohibits Federal, State, or local agencies from employing, or entering into a contract for the use or employment of, prisoners in any capacity that would allow such prisoners access to the Social Security account numbers of other individuals. 

As employers have been grappling with the recent uptick in state laws addressing safeguards for Social Security numbers, this new law tightens protections at the federal level.   Additionally, federal contractors may need to consider how this change impacts their other obligations under the Federal Information Security Management Act.

Tags: , , , , , , ,

Do You Know How to Take Out the Trash?

Posted on November 9, 2009 by Jason C. Gavejian

Joining the growing number of states which have enacted laws regulating the destruction of records to prevent possible identity theft, the Rhode Island Legislature passed H. 5092 on October 29, 2009. The bill requires businesses and government agencies to completely destroy records containing personal information, or render the personal information unusable, before disposing of records whether in electronic and paper form. Not surprisingly, H. 5092 comes on the heels of Texas’s Attorney General settling related violations for nearly $1,000,000 with Select Medical, and over $600,000 with Radio Shack.

As with most legislation of this nature, including the FTC’s data disposal rule, the law provides two means by which covered entities may destroy records: either by modifying the personal data to make it entirely unreadable or indecipherable through any means, or by taking reasonable steps to shred, erase, or otherwise destroy records. The bill also exempts certain covered entities whose destruction practices are covered by federal law or who contract with data disposal firms (who would be subject to the data disposal law). The need for such measures is further underlined by the overzealous office workers who used documents containing personal information as “confetti” during the New York Yankees World Series parade. 

Underlying the consequential nature of proper destruction, this bill permits individuals to sue to recover actual damages, and permits the state attorney general to seek fines or sue on behalf of individuals, with each record not properly disposed of being counted as a separate violation.

Tags: , , , , , , , ,

Law Firm Fined for Filing Papers with Social Security Numbers

Posted on November 6, 2009 by V. John Ella

In another recent example of a law firm running afoul of privacy requirements in litigation (See also the discussion of Kim v. St. Elizabeth’s), U.S. District Judge Michael Davis recently assessed a $5,000 sanction against the law firm for electronically filing an affidavit that contained the Social Security numbers and dates of births of 179 people. Engeseth v. County of Isanti, No. 06-CV-2410 (D. Minn.), Oct. 20, 2009. The court’s order was premised on Rule 5.2(a) of the Federal Rules of Civil Procedure which states that filings in federal court may only include the last four digits of an individual’s social security number or taxpayer identification number. Judge Davis noted that: 

The Court is deeply concerned with the harmful and widespread ramifications associated with negligent and inattentive electronic filing of court documents. Although electronic filing significantly improves the efficiency and accessibility of our court system, it also elevates the likelihood of identity theft and damage to personal privacy when lawyers fail to follow the federal and local rules. 
(emphasis added)

In addition to the $5,000 sanction, Judge Davis required the plaintiff’s law firm to pay the costs associated with preventing identity theft for the 179 harmed individuals including informing the individuals and paying the costs of FICO standard services consisting of a credit report and a 12-month subscription to FICO Quarterly Monitoring.

Tags: , , ,