# Uber's Not the Only One That Should Be Wary of Disappearing Messaging Apps



## Hugh G (Sep 22, 2016)

*Uber's Not the Only One That Should Be Wary of Disappearing Messaging Apps*


12.07.17 7:00 am
https://www.wired.com/story/uber-waymo-wickr-ephemeral-messaging/
During a pair of explosive pre-trial hearings last week, the lawsuit between self-driving Alphabet spinoff Waymo and Uber over trade secrets got an unlikely, new star player. It wasn't an engineer, like Anthony Levadowski, the former Google engineer who allegedly brought reams of Waymo trade secrets to his next big gig as head of autonomous driving at Uber. It wasn't a security analyst, like Ric Jacobs, a former Uber employee whose allegations of malfeasance within the company delayed the Uber-Waymo trial by two months as the judge reopened the document discovery process.

It was a messaging app. Anybody can download Wickr to send encrypted messages that destroy themselves, but its professional, workplace product takes the extra step of giving the employers the power to determine how long the messages stick around before it deletes them. It's [like Slack, but for the Impossible Missions Force. According to pre-trial testimony, intelligence gathering teams at Uber used Wickr and another app called Telegram to discuss sensitive information. Levandowski and Lior Ron, another former Google self-driving engineer who ended up at Uber, also used it to communicate, according to testimony from Uber employees.

Waymo's theory is that Levandowski, Ron, and other Uber employees used Wickr and other "ephemeral" messaging apps, which delete conversations, to discuss the trade secrets they had stolen from Waymo. This "may explain why the 14,000 files stolen from Waymo by Anthony Levandowski have not yet been discovered on the Uber infrastructure," Waymo's legal team wrote in a brief filed this week. The company hasn't yet publicly produced decisive evidence that Uber used Waymo intellectual property to advance its self-driving efforts.1

Whatever the truth (the trail is now slated to start February 5), Wickr's sudden starring role in this high-profile case raises questions about how companies at risk of litigation should be using such systems, if at all.

Courts are already wrestling with new forms of electronic communications. Today's office creates so much data, the discovery process no longer involves handing over all your communications, there's simply too much of the stuff. Instead, parties often agree on a set of search terms they'll use to scan their databases, and hand over any files those turn up. Ephemeral messaging apps, like Wickr, Telegram, and Snapchat, add a new level of complication. What happens when the tech biz's fetish for privacy runs headlong into the legal profession's fetish for documentation?

"The arguments that are being made by both sides in this case are happening in courtrooms all across the county," says John Jablonski, a lawyer who specializes in data privacy and security.

The Uber-Waymo case probably won't answer that question, but privacy law experts are watching. Could Uber be held culpable for destroying evidence because its employees used these apps, and the company failed to preserve their messages? (Uber CEO Dara Khosrowshahi tweeted last week that Uber employees no longer use Wickr or Telegram. Uber did not respond to a request for comment for this story.)

Businesses have good, non-nefarious reasons for using ephemeral messaging. "There's very little doubt that there are really strong and persistent efforts by nation states to undertake computer theft of trade secrets," says Joel Wallenstrom, Wickr's CEO. He says Wickr is one part of a larger, industrywide realization: "We don't need to rely on data persistence anymore." Meaning, the best way to keep your stuff safe is to not keep it in the first place.

The legal community isn't so sure. There are a few federal, state, and local regulations that require specific sorts of companies to keep specific documentation, like tax records, on hand. And if you have an inkling that you could be sued, you're supposed to keep hold of your documents, instead of routinely destroying them. Thanks to federal court decisions dating back to the early 2000s, companies under threat of suit must save even electronic documents, and turn them over in discovery, if asked. (In a 2016 case in Colorado, a judge held a company responsible for failing to hand over text messages during discovery, even though a low-level employee accidentally deleted those messages.)

"Frankly, it's appalling to me that someone could be using a network like Wickr for the express purpose of evading their potential obligations in litigation," says John Marsh, a lawyer with the firm Bailey Cavalieri who specializes in trade secrets litigation. "I don't think there would be many federal judges who would be happy with using a means of communication that would frustrate or impede discovery under the federal rules."

Indeed, the judge overseeing the Waymo-Uber case has hinted he may the inform jury about Uber's wily legal dealings, including that the law firm handling the case tried to protect certain incriminating documents under attorney-client privilege. That's the kind of disclosure that could swing a jury in a tight case.

And judges are getting savvier about what sorts of data companies control. "Courts are starting to get much better at looking at the technical aspects of how the computer systems work and how this information is stored at the company on a person's device, on a network, how it's transferred out to a third-party network, and they're expecting companies to know how all that works," says Jablonski. This is all on a case-by-case basis, he says, so no legal outcomes are guaranteed. But if a judge thinks you used Snapchat wantonly? Expect the hammer.

Even if you're not using an app like Wickr to hide your wrongdoing, you want to be careful. Legal experts say you still need to have a plan in case you end up in a legal brouhaha, and that means knowing exactly how this technology works. Most electronic messaging applications with business-friendly editions-like Wickr-allow companies to retain data for a set amount of time, and set erase dates. Your IT department might clear your email after 30 days; it might allow a vendor to keep retain your messages on their encrypted, cloud-based server for 48 hours. Whenever you think a lawsuit is coming, start hitting the "save" button. That's doubly true if you're a larger company, since a court is more likely to hold you responsible if it knows you have the resources to do the proper thing.

And oh, if you're thinking of using a disappearing message app to discuss your illegal activity, the official legal advice is: don't. "If you're purposefully stealing trade secrets, that's a different ballgame," says Josh Gilliland, a lawyer who writes about electronic discovery on the blog Bow Tie Law. "I would go out on a limb and encourage people to reevaluate life choices."

*Waymo v. Uber*


The spectator who threw a wrench into the Waymo/Uber lawsuit
Hidden evidence could crack open the first great self-driving car fight
The Uber/Waymo lawsuit gets a new star, and takes a wild turn
1Story updated at 15:05 ET on Thursday, December 7 to better describe the Waymo legal team's evidence and argumentation.


----------

