Hacking Procedure

A long time ago I joined Bruce Schneier on a panel on cyber security. I spoke on legal issues, developing a theme on self-defense which I later turned into a paper which won a little prize. Schneier was the real expert though, knowledgeable not just on technical details, the state of the art, but also the human factor and organizational causes of insecure computer systems. He’s since come out with a series of books on computer security, privacy, and related issues, and publishes a fairly regular “Crypto-Gram” newsletter.

Hacker’s Mind

Schneier’s latest book is “A Hacker’s Mind: How the Powerful Bend Society’s Rules, and How to Bend them Back.” This plays off the old notion of the hacker—the one I grew up with—as one who delights in understanding and manipulating systems to generate unexpected results- or at least results unintended by the system’s developer. A hacker is not a crook, but an exploder of limits. “Hacks follow the rules of a system but subvert their intent,” Schneier writes in his March 15, 2023 Crypto-Gram. Hacks aren’t necessarily illegal, although some are. Some are normalized and eventually accepted as a feature of the system. Banks that play fast and loose with reserve requirements might lead Congress to make the practice illegal (or the opposite: Congress might bail out the banks and allow bankers to keep their bonuses). Tax loopholes which plainly subvert the public intent of the tax system are often subsumed as an acceptable practice.

Schneier has a lot of examples of hacks. One of them reminded me of my sister who hacked the frequent flier system: Once, to get to some magic level (Platinum Worldwide Jade? whatever it was) she flew to Chicago and back, enough to tip her over into the most glorious of preferred statuses. Financial markets, politics and many other systems are filled with hacks: as Schneier says, with enough power and money, there are few systems that cannot be hacked. Some hacks will evaporate as they are discovered by the masses and lose their advantage. Some will be mooted by new laws and fixes—patches, in computer lingo. Others will become normalized, part of the system.

Some of the legal hacks are obvious. We have tax strategies, especially those involving multiple jurisdictions; the use of Delaware and other jurisdictions to minimize corporate constraints, or shipping flags of convenience (such as of Panama) all without having to actually do business in Delaware (or Panama). We have the use of dark money to fund political goals, which subverts disclosure requirements. Citizens United v. Federal Election Com’n (2010) 558 U.S. 310. These are all hacks, apparently legal, and each a subversion.

Civil Procedure

But there are more mundane legal hacks as well, and I have been tracking them in the most banal of environments: civil procedure. These hacks camouflage themselves as routine, they survive because they are accepted as ordinary. That is, many have been normalized. Unlike many of Schneier’s hacks and the implication of his book’s subtitle, not all of them are wielded by the powerful: they are common weapons of lawyers and some of self-represented litigants.

Following Schneier’s formulation, we first note the intent, the point of the system of civil procedure. To quote the federal rules, it’s the “the just, speedy, and inexpensive determination of every action and proceeding.” FRCP 1.

Next we identify vulnerabilities: the system’s features that allow the hack. Then we identify the exploit. Then we evaluate the patch, the fix.

I provide a few examples.

CCP §§ 170.1 (and 170.3) and 170.6 are state statutes which allow parties to disqualify a judge. The point is, of course, to ensure unbiased judges. The vulnerability is, in the case of a 170.6 challenge, that no one can go “behind” the challenge: If it’s timely, it sticks. It doesn’t matter if the party doesn’t believe, for a second, that the judge is biased. In the case of a 170.1 challenge, which does require cause to bump the judge, the vulnerability is that generally while it is pending the proceedings come to halt. CCP § 170.4(c)(1).

The 170.6 exploit is this: it can be used repeatedly by institutional litigants to eviscerate the ability of a judge to preside in a certain kind of department (i.e. a criminal assignment). This is done through the process known as ” blanket papering.” People v. Superior Court (Tejeda) (2016) 1 Cal.App.5th 892, 896. When prosecutors or defenders “paper” a judge in every case, the judge can in effect be all but driven out of the courthouse.

The 170.1/170.3 exploit is that except for challenges frivolous on their face (e.g. alleging bias because the judge followed one authority rather than another, or wore an oddly colored shirt), the delay can be substantial: It takes 10 days to answer the challenge, weeks to get the case assigned to an out-of-county judge, and up another 90 days to get the matter decided. Even if the challenge is denied, the moving party may get months of delay. Which often is just the point.

Next example: applications seeking accommodations under the Americans With Disabilities Act. The process is in the rules of court, CRC 1.100. Many ADA applications are genuine, and the need for the process obvious. The vulnerability is two-fold, a function of the fact that as with 170.6 challenges there is usually no way to “go behind” the application to sort the genuine from the fabricated. First, virtually, anything can be sought as an accommodation, including extraordinary delays of many months, months of time to respond to motions, shortened days in court (including shortened to e.g., 20 minute sessions), and so on. Second, the applicant only need state a “medical condition” in support of the request, and almost anything can qualify including highly idiosyncratic views of what a ‘medical’ condition is. While the judge can request further information, that can come from anyone, including anyone claiming any degree of “medical” competence, or indeed just from the applicant. The rules don’t seem to allow denying apparently groundless applications. As an exploit, these applications can be effective in securing delays: when filed in connection with a series of hearings, the delays can last for months.

These hacks are relatively rare. More common are those in, e.g., the summary judgment context. The goal of the process (or ‘system’ as Schneier would say) is efficiency: the process allows the court to “pierce” the pleadings and determine whether there really is anything for the jury to decide. If there are no disputed facts, the motion is granted, and theoretically everyone saves a lot of time and money.

But few lawyers believe this is generally true. The motions are stunningly expensive (around the price of new car), need about 3 months for notice, and often fail for a wide variety of technical reasons. The vulnerability is this: due process. The rules are designed to ensure summary judgment is granted only when fully admissible evidence is offered and there’s no admissible evidence on the other side. So among the many procedural features is the use of objections: Everyone can object to everyone else’s facts, and they do—on all possible grounds. There can be hundreds of these objections, and many of them are frivolous. That’s the hack. The hack often succeeds because it drives up the cost of the proceeding and makes the motion difficult to grant, defeating its purpose.

Why then is the motion brought? Sometimes a lawyer may actually think it’ll work. But if not, there are other perceived benefits: billable hours; some discovery of the other side’s evidence; driving up the other side’s costs; and—every now and then—victory with a weak motion because the other side can’t figure out the technicalities and can’t muster opposing admissible evidence. There’s not much of a downside, and what downside there is (cost to the client) isn’t the lawyer’s downside.

The vulnerability—the allowance of infinite objections—has been noted: “it has become common practice for litigants to flood the trial courts with inconsequential written evidentiary objections, without focusing on those that are critical.” Reid v. Google, Inc. (2010) 50 Cal.4th 512, 532. Reid cited Nazir v. United Airlines, Inc. (2009) 178 Cal.App.4th 243, 248 to this effect: “employer filed 324 pages of evidentiary objections, consisting of 764 specific objections, which the Court of Appeal characterized as the ‘poster child’ for abusive objections.”

Then a patch: the rules were amended to state that only material facts (and so, objections) were to be made. CRC 3.1350. Some cases suggested that while the blanket sustaining of objections wasn’t permissible, blanket overruling of them might be (another patch). Morgan v. Wet Seal, Inc. (2012) 210 Cal.App.4th 1341, 1370; Cole v. Town of Los Gatos (2012) 205 Cal.App.4th 749, 764 n.6.

None of this mattered. There is no end to the objections. This increases the cost of the process and the likelihood of a wrong result, subverting its purpose to provide an efficient way to resolve cases.

Anti-SLAPP motions too have a vulnerability. These are motions to dismiss, triggered by complaints brought to chill free speech. For example, some big developer sues local residents who are protesting against the development: the developer doesn’t care if it wins or loses, it just wants to intimidate the protesters with a suit. Anti-SLAPP motions are an efficient way to get rid of those obnoxious suits, and so are a patch for the original hack (the abusive suit). But there’s a vulnerability: no matter what the judge decides, the losing side can immediately appeal, and that’s a 2+ year process. (The statewide average for 90% of the cases disposed of on appeal is 964 days [about 2.6 years]; for one court, it was 1800 days [just under 5 years]. Judicial Council 2022 Court Statistics Report at 36.) The reader will be shocked, shocked, to learn that some anti-SLAPP motions are brought just to get the delay: that’s the hack.

Another routine hack is buried in the settlement process. Because litigation is very expensive, cases settle not just as a function of the merits, but of cost. It is rational to settle even a worthless case for something less than the cost of further litigation. The vulnerability is the cost; the hack is extracting a settlement to which one is not (on the merits) entitled.

The most common hack in civil procedure is the objection to discovery demands. Lawyers routinely lodge every objection, then meet-and-confer, and eventually respond in some way. This can double the time for a response. The vulnerability is a combination of (i) the right to object and (ii) the requirement that no motion to compel may be brought without a meet-and-confer. The meet-and-confer requirement was itself a patch, to ensure only real disputes were brought to the court. Now it’s a vulnerability: the hack is getting twice as long to respond as contemplated by law (in addition to making life more painful and expensive for the other side).

My notes for this article listed jury trials as the ultimate hack. But perhaps that’s exactly wrong. It depends on what the intent of the system is, and here we’re of two minds.

On the one hand, the point of any trial is the truth, a verdict in accord with the law. Judges decide trials all the time, but frequently parties don’t want a judge, they want a jury. Obviously, this must be because they expect a different result from a jury. How could that be? Lawyers talk about “jury appeal” and related factors, usually centering on a compelling narrative favoring their client or making the other side look bad. In short, jury appeal of this kind is an appeal to bias, shifting the gaze of the jury away from the strictly relevant facts and law. (See my “Telling Stories” preprint at https://works.bepress.com/curtis_karnow/64/.) The vulnerabilities here are the cognitive fallacies to which juries (actually, all of us) are subject. It’s something Schneier talks about in his book albeit in a different context, at 179 ff. The hack is swaying the jury to decide close questions of credibility, or weighing evidence one way rather than another, and using emotion and bias to do it. As I say, the conceit is that juries are more susceptible than judges to this sort of emotional influence; perhaps. To the extent that’s so, the jury trial is a hack, subverting the quest for dispassionate, unbiased truth and justice.

But there’s another way we consider juries: they are the last line of defense against governmental overreaching, a pure expression of populist control over the judicial system, the way in which the “common sense” of the “average” person decides cases in accordance with community standards, and not, strictly speaking, pursuant to the cold law imposed by the elites (legislators and judges). In this view, laws are just approximations of the sovereign popular will, and it is that will which must triumph. Jury trials cannot be a hack in this view. Rather, technical rules which end up waiving a party’s right to a jury are the hacks.

How you come out on this depends on the case, perhaps whether you think your best bet is with, or without, a jury.

Patching vulnerabilities

So, how do we patch procedural vulnerabilities? There are only a few places to go: the Judicial Council, the Legislature, and the courts.

The Judicial Council. In California the Council makes rules with the authority of law (assuming the rules don’t contravene superior law, such as a statute). Every now and then the Council will develop new rules, but it’s rare to have major shifts (aside from emergency responses, such as COVID related procedures). The process is constrained by budgets, and there’s no general mechanism to review procedures deserving of a revamp. Importantly, the Council can’t do anything inconsistent with statutes, and in California—unlike for federal courts—the rules of evidence and procedure are all statutes, not court-made rules.

The Legislature. I participated on a panel some time back on improving the legal system, which included experienced staff from the state legislature. I offered up a series of problems and solutions. (“The Law Otherwise: Notes on Access to Justice,” materials for the 2022 Bench-Bar Conference (January 2022), https://works.bepress.com/curtis_karnow/54/.) Nothing came of it. As the staff advised, there is no constituency for procedural changes. Increasing access and reducing costs for litigants means more cases for the judges, and probably less money for lawyers. And this has to be seen against the backdrop of the constant drumbeat of issues like housing, drought, climate change, abortion rights, privacy, pay equity, and the like: these are salient issues, often dealt with by legislators in crisis mode. Problems of anti-SLAPP appeals pale in comparison.

There are exceptions. I worked with a group of judges and lawyers to draft the state’s electronic discovery statutes. We had a consensus, and not one dissenting vote in the Legislature. This is consistent with what legislative staff told me: The legislature avoids controversy. This is a powerful constraint, because every real reform is likely to gore someone’s ox, and those advocating for it have little political power.

The Courts. The courts of appeal are limited: they don’t make new law; even if they think a statute is broken they usually can’t fix it. (E.g., People v. Superior Court (Tejeda) (2016) 1 Cal.App.5th 892 in connection with CCP 170.6; Golf & Tennis Pro Shop, Inc. v. Superior Court (2022) 84 Cal.App.5th 127, 136, in connection with time to bring a motion to compel.) True, they are well placed to identify problems common to the trial courts. E.g., Clarity Co. Consulting, LLC v. Gabriel (2022) 77 Cal.App.5th 454, 458 (anti-SLAPP abuses); Overstock.com, Inc. v. Goldman Sachs Group, Inc. (2014) 231 Cal.App.4th 471, 500; (sealing abuses); Shapell Socal Rental Properties, LLC v. Chico’s FAS, Inc. (2022) 84 Cal.App.5th 166, 213 (abuses in seeking defaults). But aside from an occasional sanctions award, there isn’t much these courts can do, and they usually can’t address structural reform.

The state Supreme Court of course has more flexibility, and can always shift judge-made law—and there’s a lot of that, from anti-SLAPP analysis (Flatley v. Mauro (2006) 39 Cal.4th 299) to the various tests for reasonableness and validity under CCP § 998. But the Court handles few cases every year (19 civil cases in the judicial year 2021, 34 in 2020, Kirk C. Jenkins, “The California Supreme Court In Judicial Year 2021-2022: Emerging From The Pandemic,” 35 Journal Of The Litigation Section Of The California

Lawyers Association 9) and it has similar constraints to those of the intermediate courts: it can’t change statutes and can’t address most structural issues.

Oddly, this all leaves trial judges as the prime actors in patching vulnerabilities. Indeed, in the cases I cited above where the courts of appeal address a vulnerability, they usually instruct the trial courts to carry out the fix.

Here’s why:

As Schneier suggests (Hacker’s Mind at 233), every system is underspecified: there are infinite options. No contract can provide for every eventuality; no legal regime can prescribe the result for every set of facts. Every procedure is vulnerable. Schneier notes this is generally not fatal because we expect, and get, good faith compliance. We know what the rules are getting at, and we don’t construe them literally when that obviously avoids their import. The rule that contracts must be pled “verbatim” isn’t offended when one immaterial word is mistakenly used; a demand for all documents “relating to” a contract doesn’t call for the invoices from the manufacturer of the printer used to print the contract. Someone testifies as to her own name—which might be objectionable hearsay (she heard it from her parents) but we don’t expect anyone to make that objection. We understand the context, we understand the point of the rules; we exercise good faith which means not seeking to hack the system. Trial judges are responsible for enforcing this with sanctions for bad faith actions, e.g., CCP §§ 128.5, 128.7 (This is entirely different from the violation of rules or refusing to comply with court orders; those are punished under different regimes, including contempt, evidence exclusion, and so on.)

It is trial judges who guide good faith, a function of the peculiar circumstances before them. That’s why they have discretion. The appellate courts don’t usually have any discretion: they rule as they think they should, and they might have flexibility in doing so; but they’re developing and following the law, not tailoring orders to circumstance. It’s trial judges who put flesh on the bones of the law and ensure good faith, who patch systems prone to an infinite variety of exploits.

Trial judges have essentially two techniques: norms and sanctions. Norms are, almost by definition, ineffective for those bent on bad faith exploitation. It’s the old joke about ethics training: The people who show up aren’t those who need it. Most parties willing to provide frivolous papers are immune to shame. And because many hacks, such as patently overbroad discovery demands, empty, obstructive responses, and frivolous (but de rigueur) motions for a new trial have been normalized, norms by definition are ineffective.

That leaves the trial judge’s usual tool: money sanctions. These can be imposed in most discovery motions; attorney fees are available in anti-SLAPP, some venue, and other motions where the judge can make orders to compensate a party. E.g., CCP § 473(a)(2).

But there are two groups of people who don’t care: The very wealthy, and the very poor. To be sure, the sanction of dismissal (or entering a default judgment) is eventually available for bad actions, but those are “doomsday” sanctions, reserved for the worst offenses or imposed only after exhaustive efforts with lesser sanctions. Money-based sanctions are an effective threat only for those who can, but don’t want to, pay them.

There’s a deeper problem with this patch of enforcing good faith with sanctions. It is the reluctance of trial judges to impose them. The reluctance is based on sometimes inchoate views of the adversarial system and the desire not to stifle creative advocacy; in short, to allow parties as much room as possible to explore the merits.

One can imagine a system that takes the discovery sanctions model—losing party pays the other side’s attorneys fees unless there was “substantial justification” for the losing position—and expands it to most other motions. This could be partially effective, because it increases the costs of hacking the system, but as noted some parties won’t care, and some will hack the system to generate delay anyway, willing to pay the cost. And as with many patches, it comes with its own vulnerability: every motion will be accompanied by satellite litigation devoted to sanctions, just as most anti-SLAPP motions come with a fees motion. It’s a two-for-one deal. How nice, thinks the trial judge: twice as many motions as before.

And so the story goes. Schneier and other computer security experts speak of the arms race between hackers and patchers, every fix inviting a new exploit. So too perhaps for us, as we eternally try for a more just, speedy, and inexpensive system.

Categories: A Hacker’s Mind, Articles, Book Reviews

Sidebar photo of Bruce Schneier by Joe MacInnis.