Hey there What’s Next readers. Hope the run-up to the holidays aren’t causing too much stress. Likewise, many of us in the newsroom are taking off next week, too. But before we go dark, I wanted to leave you with a bit of light reading for the days ahead.
First up this week, a look at why advocacy groups are suing California over a DNA retention policy. Also, how a recent Facebook breach may be testing the hand of European and American regulators, a debate over law firms intent to innovate, and the Senate foots the bill(ions) in quantum computing research.
Is California’s DNA Retention A Privacy Right Violation?
California is shaping up to be the site of an interesting spat over DNA retention.
Social advocacy groups are bringing suit against the state’s attorney general and the California Department of Justice for “failure to automatically expunge” genetic info taken from arrestees who are never convicted of a crime. As per the complaint, California’s “challenging, lengthy and uncertain” expungement process results in the removal of less than one percent of samples taken from those “not ultimately convicted” of a crime.
Interestingly, the state supreme court upheld earlier this year that authorities are A-OK in collecting the DNA of suspected felons while locked up. And, the U.S. Supreme Court in 2013 upheld a Maryland law allowing DNA collection from arrestees sans warrant.
I dialed EFF’s Jamie Williams, one of the attorneys bringing the California suit, to chat about going after retention rather than collection, a move she dubs “the logical next step” given that DNA collection was “justified by expungement” in prior cases.
California’s retention policy, she explains is “not doing what they’re saying it’s doing, and that’s a violation of people’s rights. They [in prior cases] harped on this issue and then didn’t live up to that. If the courts say they need to collect it, fine. But there needs to be limitations on it, and right now there’s not.”
The California AG’s office didn’t give me a comment, though as The Mercury News reports, state law enforcement groups will likely have a very different opinion, as will as those behind Rapid DNA analysis technology, a category that includes the Codis database California uses for storing DNA profiles (and was used in identifying victims of California’s Camp Fire). And in Williams’ view, given that federal law mandates expungement processes for Codis, judges need to know requirements may not be met.
“And if judges are relying on [expungement] to uphold the constitutionality of the law, it’s really important we put some light onto what is actually happening.”
➤ Looking Ahead: In Williams’ opinion, given that DNA laws have been around for a while, now’s the time for suits like hers to land. It’s been about “ten years now since all the litigation started when arestee DNA collection laws first started coming out. It makes sense that would be coming up in a bunch of different cases.”
On The Radar: 3 Things to Know
⟶ For British Eyes Only. London’s Metropolitan Police Service began a two-day trial run of facial recognition technology Monday, a move drawing both ire and criticism of the technology as “flimsy,” to borrow the phrasing of TheINQUIRER’s Alan Martin. The police are claiming to have been up front with the trial—the seventh run since 2016—dolling out “information leaflets” and displaying info on the tech in surveilled areas. But Hannah Couchman of the human rights group Liberty told the Evening Standard the “rollout of this invasive technology” is anything but transparent. “The use of unmarked vans and false assertions in the limited public statements available shows the police have no intention of gaining the public’s consent to roll out this mass surveillance technology that undermines our rights to privacy and freedom of association.”
⟶ Quantum Cash. You get what you pay for, and the Senate is apparently willing to pay big for quantum computing. On Friday, the Senate unanimously gave the green light for a plan to spend $1.2 billion in quantum research and development over a ten-year period—pulling from likes of NIST, National Science foundation and Department of Energy for the effort—to go to the president’s desk. First drawn up by Congressional lawmakers from both sides of the aisle, the bill also makes way for stakeholders to take into account cybersecurity needs, standards and other facets of quantum computing, as well as implements a committee to advise the president in such matters. The move comes as China has ramped up its own quantum research. CNN Business reported in September that the focus could help China “surpass the United States military.”
⟶ Tech Troubles at the Judiciary. Being “bad” at email is one thing, but going over three years without using your work account? That’s one of the handful of charges lobbed at Harmony, New York, Justice Bruce Scolton by the state Commission on Judicial Conduct that led to his resignation. But Scolton’s tech troubles didn’t stop there—the commission also noted that Scolton neither activated nor used a computer provided by an Office of Court Administration grant in 2017, and that he didn’t install software the court used. The result? As my colleague Dan M. Clark writes for The New York Law Journal, “That apparently meant Harmony Town Court had been unable to receive electronically filed traffic tickets issued by police during that time, according to the commission.”
Law Firms are Dropping Dollars on Legal Tech, But is Innovation For Show or Survival?
Clifford Chance and Latham & Watkins seem willing to walk to the walk in the innovation game, announcing last week their investment in the Reynen Court effort—i.e. the app store for legal tech started last year by former Cravath attorney Andrew Klein.
Neither firm has dished on the amount of money dropped on the effort, though an SEC filing pegs the equity issued by Reynen Court at $10M. And by the looks of things, the app store—which Legal Week described as managing the “procurement, deployment and management of third-party apps”—is well underway. Klein told Legal Week that the group is working with over 50 vendors. What’s more, over 12 “elite” firms on either side of the pond are backing the project.
Interestingly, law firms have been in the innovation race for some time. Dentons’ NextLaw Labs has been backing tech efforts, while Clifford Chance recently spawned its own “innovation lab” in Singapore. Then there’s Atrium, the “startup” law firm that launched alongside a technology development business under internet entrepreneur Justin Kan (which announced new partners last week).
But is this broader push to innovate all just for show? That’s the take of Robert Saccone, the former CEO of Seyfarth Shaw’s SeyfarthLean Consulting subsidiary, who wrote in his blog that “most incumbent law firms do not innovate for measurable results like their corporate clients.”
“They innovate to differentiate but not to be different. Ironically as their competitors increasingly do the same. The targeted and measured innovation we are seeing in other sectors just isn’t happening,” he adds.
To be fair, Saccone’s blog was responding to a specific conference featuring a host of strategy and innovation pros from various businesses. But in terms of the legal industry, he may have a point.
As my colleague Roy Strom writes, plenty of law firms in recent years have hired “chief innovation officers” or developed groups that are focused on providing new types of service delivery for clients,” though “law firm innovation groups can struggle internally to express their return on investment to the broader law firm.” And, as one AmLaw 100 CIO who declined to be named told Strom, “We haven’t figured out ROI yet.”
“I’m trying to use touches. How many clients and people internally I’ve touched. We also have a couple big projects going on. That will help. But nothing formal. That’s the challenge for us: If there’s ever a business downturn, are we [safe] in that ecosystem?”
➤ Takeaway: Law firms are pushing ahead on innovation (or so they claim), but critics are skeptical there’s any substance to some of these plans.
Facebook’s Fight on Two Fronts—Is It Winning?
If Facebook’s latest bug—third-party apps getting access to the private photos of up to 6.8M users—didn’t cause enough of a stir, regulators could shake things up for the company.
The Irish Data Protection Commission recently announced it is launching an inquiry over the breach, which the New York Times reports could bring a whopping $1.63 billion fine (about 4 percent of the company’s global revenue). That fine is set under the EU’s General Data Protection Regulation (GDPR).
That may sound daunting, but some people think the regulation falls short in getting companies to comply. RealClear Media Group fellow Kalev Leetaru writes in Forbes that Facebook’s handling of the breach—waiting two months to notify authorities despite the 72-hour notification requirement of GDPR—shows “GDPR is far more limited than the public understands.”
“Facebook has interpreted GDPR’s 72-hour notification rule to apply only after a company has decided that a given breach requires reporting, rather than after the company is aware that there is a breach,” Leetaru writes. “If companies are free to take their time deciding whether to report breaches, they could effectively never report a single breach, simply by arguing that they need decades to make a determination.”
“I feel sure that one of the things that people will go back and comb through are the Facebook privacy policies and whether or not those adequately warned users about this,” she noted.
➤ Looking Ahead: It’s unclear whether regulators will pounce on Facebook, though international agencies appear to be scrutinizing its actions.
Thanks for reading! See you next year!