In re: Apple Inc. Device Performance Litigation

NOTICE by Rebecca Westerfield (Ret.) re: Special Discovery Master Order No. 9 Modified on 7/9/2019 Modified text on 7/15/2019.

Northern District of California, cand-5:2018-md-02827

Current View

Full Text

| 1 UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF CALIFORNIA SAN JOSE DIVISION Case No. 18-md-02827-EJD IN RE: APPLE INC. DEVICE PERFORMANCE LITIGATION SPECIAL DISCOVERY MASTER ORDER NO. 9 DENYING PLAINTIFFS' MOTION FOR A PROTECTIVE ORDER AND GRANTING DEFENDANT'S REQUEST TO CONDUCT FORENSIC INSPECTION OF DEVICES Hon. Rebecca Westerfield (Ret.) Special Discovery Master 1. INTRODUCTION Plaintiffs, who are domestic and international Apple cell phone users, bring this putative class action against Apple Inc. ("Apple"). This case concerns Apple's alleged use of "OS" operating system updates to "throttle" and hamper device performance regarding certain of its iPhone 6 devices; iPhone 6 and 6 Plus, iPhone 6s and iPhone 6s Plus (the "Devices"). At a high level, Plaintiffs allege that two of Apple's updates, iOS 10.2.1 (installed beginning in January, 2017) and 11.2, have impaired the integrity, condition, quality, and usefulness of the Devices without Plaintiffs' knowledge or consent. Presently before the Special Discovery Master ("SDM") is Plaintiffs' motion for a protective order denying Apple's [Proposed] Device Inspection Protocol dated May 8, 2019 ("Protocol"). See Danitz Decl Ex 8. According to Plaintiffs, the Protocol seeks to (1) make multiple complete forensic copies of all domestic Plaintiffs' Devices, including all of the private and personal data they contain; and (2) require Plaintiffs to turn over all of that information to Case No.: 18-md-02827-EJD SPECIAL DISCOVERY MASTER ORDER DENYING PLAINTIFFS' MOTION FOR A PROTECTIVE ORDER AND GRANTING DEFENDANT'S REQUEST TO CONDUCT FORENSIC INSPECTION OF DEVICES 1 Apple's experts and attorneys for inspection. Although the Plaintiffs' instant motion is styled as one seeking a protective order, it was filed in response to Apple's request for the forensic inspection at issue. On April 22, 2019, the Court issued an Order granting Apple's motion for reconsideration of Apple's prior motion to dismiss Plaintiffs' Consolidated Amended Complaint (the "Order"). Upon reconsideration, the Court granted in part and denied in part Apple's motion to dismiss claims in the Second Amended Complaint ("SAC"). ECF No. 315. The Order permitted multiple causes of action in the SAC to remain active. One of the remaining causes of action relates to alleged computer intrusion ("throttling"), whereby Plaintiffs claim that Apple failed to disclose that its iOS updates at issue were designed to reduce the processing speed of their Devices in order to prevent unexpected power outages. Other remaining causes of action include those brought under 18 U.S.C. § 1030(a)(5)(A) (the "Consumer Fraud and Abuse Act") and various California state laws. II. REFERENCE TO THE SPECIAL MASTER In an order dated August 22, 2018, the Court, pursuant to Federal Rule of Civil Procedure 53 and the parties' stipulation, appointed the undersigned as Special Discovery Master to adjudicate all pretrial discovery motions and disputes. III. SUMMARY OF CONCLUSIONS 1. Plaintiffs' motion for a protective order is denied. 2. Defendant's request to conduct a forensic inspection of the Devices is granted in accordance with the below. 3. The parties should continue to meet and confer along with their respective experts regarding modification of the terms of the protocol to govern the Case No.: 18-md-02827-EJD SPECIAL DISCOVERY MASTER ORDER DENYING PLAINTIFFS' MOTION FOR A PROTECTIVE ORDER AND GRANTING DEFENDANT'S REQUEST TO CONDUCT FORENSIC INSPECTION OF DEVICES ||1 Apple's request was overbroad, unduly burdensome, not proportional, and that Apple was improperly seeking data equally available to it. Moreover, Plaintiffs have consistently maintained that Apple has not precisely defined "inspection" as it relates to RFP No. 22. Thus, and despite the fact that Plaintiffs did not formally object to an inspection on a global basis, there was no waiver or failure to comply with the deadline imposed by Rule 34. The SDM further finds that Plaintiffs' conduct during the meet and confer process did not constitute any waiver of objections. The meet and confer process consisted of complex negotiations surrounding the definitions and scope of terms such as "relevance" and "inspection." For example, the parties disputed (and continue to dispute) as to what information is relevant and whether an "inspection" would include full forensic imaging. At most, Plaintiffs acknowledged that some "inspection" could be appropriate, but only if the parties were able to later reach agreement on the scope, type, and other protections related to same. This Special Discovery Master has been and remains cognizant of Plaintiffs' significant privacy concerns regarding the proposed inspection. Given the privacy issues at stake, the complexity regarding any type of appropriate inspection, and the SDM's preference for a mutual agreement on a forensic inspection, it is unsurprising that the meet and confer process has stretched out over several months. There is no evidence that Plaintiffs have acted in bad faith during the meet and confer process. As such – and because the Special Discovery Master has consistently requested and endorsed the meet and confer process – the Special Discovery Master finds that Plaintiffs did not waive any rights to oppose Apple's request for a forensic inspection. Accordingly, the parties' substantive contentions on the merits are addressed below. B. Whether (and What Kind of) Inspection is Appropriate As noted above, the SDM finds that the instant motion for a protective order is better 11 Case No.: 18-md-02827-EJD SPECIAL DISCOVERY MASTER ORDER DENYING PLAINTIFFS' MOTION FOR A PROTECTIVE ORDER AND GRANTING DEFENDANT'S REQUEST TO CONDUCT FORENSIC INSPECTION OF DEVICES |1 classified, for practical purposes, as a dispute concerning Apple's request to compel a forensic inspection. Thus, whether or not this motion is evaluated as one seeking a protective order, the analysis boils down to whether an inspection (and if so, what type of inspection) should be required in light of applicable concepts of relevance and privacy concerns. Plaintiffs submit two expert declarations (one in support of their motion and one in reply) by Mary Frantz. Frantz is the Managing Partner of Enterprise Knowledge Partners, LLC, and has substantial experience in cyber-forensic examinations and cyber-incident responses. ? Frantz opines that Apple's proposed Protocol would result in an irrelevant and, at best, redundant extraction. Frantz asserts that Plaintiffs' Devices are not necessary, because Apple is able to extract relevant information from iTunes and iCloud (the "cloud") without needing to examine individual Devices. Further, Frantz maintains that based upon her own testing, the proposed Protocol may result in generating historical logs only extending back a few days when Devices have been powered off at prior points. Here, Frantz notes that the iOS updates were implemented over two years ago and that most of the Devices have been used – and likely powered off and restarted at various points – since then. Thus, in Frantz's view, the Devices' usage, applications, and other details have likely significantly changed at various points since the iOS updates were installed. Frantz asserts that a forensic inspection (including one performed via Cellebrite, as discussed above) would likely only provide insight as to current or very recent usage, and would be unlikely to provide meaningful information as to "throttling" events, including as to when such events may have occurred in the past. Thus, adherence to the Protocol would likely produce false or misleading results with regard to historical performance and 2 Neither Plaintiffs' nor Defendant's expert verified subject to perjury either their credentials or opinion. The SDM proceeds on the assumption that they will do so. 12 Case No.: 18-md-02827-EJD SPECIAL DISCOVERY MASTER ORDER DENYING PLAINTIFFS' MOTION FOR A PROTECTIVE ORDER AND GRANTING DEFENDANT'S REQUEST TO CONDUCT FORENSIC INSPECTION OF DEVICES 1 whether the Devices were "throttled." See Danitz Decl., Ex. 10 at 1-2. Frantz asserts that Apple's internal databases such as collected historical diagnostics, support, and potentially archived cloud of backup files would be a preferred and sufficient method to determine historical performance. Frantz opines that there is no difference between what would be found on any specific Devices and what could be found via iTunes and iCloud analysis (which Apple could test without a forensic inspection). See Danitz Decl., Ex. 10 at 2. Also, Frantz maintains that any Device that remained in use and installed subsequent iOS updates would skew the overall evaluation of the original problem. Id. at 5. In addition, Frantz opines that a forensic examination would intrude into Plaintiffs' privacy rights. Frantz asserts that several types of data would be captured in what would be an unencrypted iPhone iTunes backup such as that proposed in the Protocol. Such data goes beyond those elements specifically enumerated in the Protocol, and includes items such as security tokens; web bookmarks; web history; cookies; user accounts; iPhone network data usage; installed applications; voicemails; application data files; content of applications; text messages and chats; messages sent via platforms on websites and applications; calendars; call logs; contacts; device locations; stored passwords; fitbit activity; banking and other health information; and searched items. See Danitz Decl., Ex. 10 at 6-7. In opposition, Apple submits the declaration of Paul D. Martin, Ph.D. (Computer Science) dated June 14, 2019 ("Martin Decl."). Dr. Martin has worked in software engineering, cybersecurity, and applied cryptographs for ten years. He also has experience in performance testing and benchmarking of computer and other technological programs. Dr. Martin explains that the word "performance" as raised in this action can have a broad variety of meanings for a device such as the Devices at issue. Performance testing can similarly 13 Case No.: 18-md-02827-EJD SPECIAL DISCOVERY MASTER ORDER DENYING PLAINTIFFS' MOTION FOR A PROTECTIVE ORDER AND GRANTING DEFENDANT'S REQUEST TO CONDUCT FORENSIC INSPECTION OF DEVICES ||1 be conducted on a broad scale, by examining application launch times, memory usage, scrolling speed, and animation performance. To assess performance conditions, Dr. Martin asserts that it is important to perform tests on a device that is configured in a way that matches, as closely as possible, the configuration of the user's device. Configuration depends both on the hardware and on what is installed on the hardware, including operating system, applications, and data. As to installed items, Dr. Martin notes that all iOS devices (including the Devices at issue) contain a complex combination of user-installed software and unique software configurations. Thus, each user controls the state of his or her Device to the extent that it deviates from the basic iOS configuration. Based upon configuration, a user may have installed software that uses more or fewer iOS resources than another user's software. Martin Decl., 194-9. In addition, Dr. Martin asserts that specific device usage patterns also impact performance. For example, a user who visits many websites that have large images and other media files may experience different performance than a user who never uses a web browser at all, or who visits simpler websites. Martin Decl., 1 10. Also, third-party software applications are updated in ways that affect performance of the applications on devices, regardless of the iOS version installed at the time. Such updated applications may use more processing cores, memory, and storage space than earlier versions of the same applications. Id., 111. Also, Dr. Martin states that network conditions may affect perceived performance. For example, devices can be used on different Wi-Fi and cellular networks, wh