Close
Enter your
text here
Posts By :

Doug Austin

eDiscovery Trends: If You Use Auto-Delete, Know When to Turn It Off
 

Federal Rule of Civil Procedure 37(f), adopted in 2006, is known as the “safe harbor” rule.  It provides that “[a]bsent exceptional circumstances, a court may not impose sanctions under these rules on a party for failing to provide electronically stored information lost as a result of the routine, good-faith operation of an electronic information system.”

Let’s face it, every time we turn on our computers, we overwrite data.  And, the mere opening of files (without changing any data) can change the metadata of a file – for example, simply opening a Microsoft Access® database changes the last modified date of the Access file, even if no records are changed.  If there wasn’t some measure of “safe harbor” protection, an organization facing litigation might find it very difficult to conduct business during the case.

While it’s not always clear to what extent “safe harbor” protection extends, one case from a few years ago, Disability Rights Council of Greater Washington v. Washington Metrop. Trans. Auth., D.D.C. June 2007, seemed to indicate where it does NOT extend – auto-deletion of emails.  In this case, the defendant failed to suspend auto-delete on its email system when their preservation obligation commenced, resulting in emails only being available on back-up tapes.  Their argument that the tapes were “not reasonably accessible” was denied by the court, describing their request as “chutzpah”.

Of course, email, like any other type of ESI, should be subject to document retention and destruction policies and old emails should be purged when they reach the end of the retention period.  Microsoft Outlook® provides an option via its Auto Archive function to delete the emails instead of archiving them.  You can select this setting for all emails (via the Tools, Options menu, Other tab) or for selected folders (by right-clicking on them, selecting Properties and then selecting the AutoArchive tab).  That’s at the client level.

But, most organizations use Outlook through Exchange.  Exchange Manager enables administrators to set auto delete policies for the email user population to manage retention and destruction of emails, thus being able to disable  the auto delete function for users when the duty to preserve arises.  If your organization uses auto-delete, it’s important to have a policy in place for disabling auto-delete for litigation, whether at the Outlook client level, the Exchange level or with any other email system.

So, what do you think?  Does your organization use auto-deletion of emails?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Best Practices: Message Thread Review Saves Costs and Improves Consistency
 

Insanity is doing the same thing over and over again and expecting a different result.  But, in ESI review, it can be even worse when you get a different result.

One of the biggest challenges when reviewing ESI is identifying duplicates so that your reviewers aren’t reviewing the same files again and again.  Not only does that drive up costs unnecessarily, but it could lead to problems if the same file is categorized differently by different reviewers (for example, inadvertent production of a duplicate of a privileged file if it is not correctly categorized).

Of course, there are a number of ways to identify duplicates.  Exact duplicates (that contain the exact same content in the same file format) can be identified through hash values, which are a digital fingerprint of the content of the file.  MD5 and SHA-1 are the most popular hashing algorithms, which can identify exact duplicates of a file, so that they can be removed from the review population.  Since many of the same emails are emailed to multiple parties and the same files are stored on different drives, deduplication through hashing can save considerable review costs.

Sometimes, files are not exact duplicates but contain the same (or almost the same) information.  One example is a Word document published to an Adobe PDF file – the content is the same, but the file format is different, so the hash value will be different.  Near-deduplication can be used to identify files where most or all of the content matches so they can be verified as duplicates and eliminated from review.

Then, there is message thread analysis.  Of course, most email messages are part of a larger discussion, which could be just between two parties, or include a number of parties in the discussion.  To review each email in the discussion thread would result in much of the same information being reviewed over and over again.  Instead, message thread analysis pulls those messages together and enables them to be reviewed as an entire discussion.  That includes any side conversations within the discussion that may or may not be related to the original topic (e.g., a side discussion about lunch plans or did you see American Idol last night).

FirstPass®, powered by Venio FPR™, is one example of an application that provides a mechanism for message thread analysis of Outlook emails that pulls the entire thread into one conversation for review as one big “tree”.  The “tree” representation gives you the ability to see all of the conversations within the discussion and focus your review on the last emails in each conversation to see what is said without having to review each email.  Side conversations are “branches” of the tree and FirstPass enables you to tag individual messages, specific branches or the entire tree as responsive, non-responsive, privileged or some other designation.  Also, because of the way that Outlook tracks emails in the thread, FirstPass identifies messages that are missing from the collection with a red X, enabling you to investigate and determine if additional collection is needed and avoiding potential spoliation claims.

With message thread analysis, you can minimize review of duplicative information within emails, saving time and cost and ensuring consistency in the review.

So, what do you think?  Does your review tool support message thread analysis?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: eDiscovery Malpractice Case Highlights Expectation of Higher Standards
 

Normally, eDiscovery Daily reports on cases related to eDiscovery issues after the decision has been rendered.  In this case, the mere filing of the lawsuit is significant.

Friday, we noted that competency ethics was no longer just about the law and that competency in eDiscovery best practices is expected from the attorneys and any outside providers they retain.  An interesting article from Robert Hilson at the Association of Certified eDiscovery Professionals® (ACEDS™) discusses what may be the first eDiscovery malpractice case ever filed against a law firm (McDermott Will & Emery) for allegedly failing to supervise contract attorneys that were hired to perform the client’s work and to protect privileged client records.  A copy of the article is located here.

J-M Manufacturing Co., Inc., a major manufacturer of PVC piping, had hired McDermott to defend against civil False Claims Act charges concerning the quality and sale of its products to federal and state governments. After the case was filed in January 2006, it remained under seal for nearly three years.  According to the complaint, during that time, a large-scale document review ensued (160 custodians) and McDermott hired Stratify, an outside vendor, to cull through the ESI.

J-M retained Sheppard Mullin Richter & Hampton to replace McDermott in March 2010.  Why?  According to the complaint, McDermott worked directly with the Assistant US Attorney to develop a keyword list for identifying responsive ESI, but, despite this effort, the first production set was returned by the government after they found many privileged documents. The complaint indicates that McDermott and its contract lawyers then produced a second data set again with a large number of privileged documents even though it was filtered through a second keyword list.

J-M contends in the complaint that McDermott's attorneys “performed limited spot-checking of the contract attorneys' work, [and] did not thoroughly review the categorizations or conduct any further privilege review.”  After Sheppard replaced McDermott on the case, they asked for the privileged documents to be returned, but the “relator” refused, saying that McDermott had already done two privilege reviews before giving those documents to the government and, therefore, J-M had waived the attorney-client privilege. In the complaint, J-M contends that 3,900 privileged documents were erroneously produced by McDermott as part of 250,000 J-M electronic records that were reviewed.  It is unclear from the complaint whether McDermott provided the contract reviewers themselves or used an outside provider.  It will be interesting to see how this case proceeds.

So, what do you think?  Have you experienced inadvertent disclosures of privilege documents in a case?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Best Practices: Competency Ethics – It’s Not Just About the Law Anymore
 

A few months ago at LegalTech New York, I conducted a thought leader interview with Tom O’Connor of Gulf Coast Legal Technology Center, who didn’t exactly mince words when talking about the trend for attorneys to “finally tak[e] technology seriously”.  As he noted, “lawyers are finally trying to take some time to try to get up to speed – whining and screaming pitifully all the way about how it’s not fair, and the sanctions are too high and there’s too much data.  Get a life, get a grip.  Use the tools that are out there that have been given to you for years.” 

Strong words, indeed.  The American Bar Association (ABA) Model Rules of Professional Conduct (Model Rules) require that an attorney possess and demonstrate a certain requisite level of knowledge in order to be considered competent to handle a given matter.  Specifically, Model Rule 1.1 states that, "[a] lawyer shall provide competent representation to a client. Competent representation requires the legal knowledge, skill, thoroughness, and preparation reasonably necessary for the representation."

Preparation not only means understanding a specific area of the law (for example, antitrust or patent law, both highly specialized.).  It also means having the technical knowledge and skills necessary to serve the client in the area of discovery.

The ethical responsibilities of counsel these days includes competently directing and managing the identification, preservation, collection, processing, analysis, review and production of electronically stored information (ESI) required to be produced pursuant to lawful discovery requests.  If counsel does not have that level of competency in a particular area, he or she is obligated to either acquire the knowledge or skill necessary to support those needs, or include someone else who does have the requisite skills as part of the representation.

Not too long ago, I met with an attorney and discussed how they handled preservation obligations with their clients.  The attorney indicated that he expected his clients to self-manage their own preservation and collection.  When I asked him why he didn’t try to get more involved to make sure it was being handled properly, he said, “I don’t want to alarm them.  They might decide they need a bigger firm.”

Recent case law is full of cases where counsel didn’t fully understand their eDiscovery obligations, and got themselves and their clients “burned” in the process.  If your organization gets involved in litigation, make sure to include eDiscovery competence among the factors you consider when determining counsel qualifications to represent you.

So, what do you think?  Is your counsel eDiscovery savvy?  If not, do they use a provider that is?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: Think Before You Hit Send
 

It’s not the only instance of a one character typo possibly ending a career; instead, it may simply be the latest.

Unless you’re living under a rock, you’re probably aware of the “Twittergate” story involving Rep. Anthony Weiner (D-N.Y.), where he initially claimed that a lewd photo posted via Twitter was posted by a hacker to his account, then subsequently admitted this past Monday that he, in fact, posted that picture.  Many are calling for him to resign from his Congressional position after posting the picture, as well as sending other pictures, which have since been identified.  (If you have been living under a rock, you can click here for more on the story).

The irony is that a one-letter typo may turn out to be his undoing.  Weiner intended to send the “tweet” as a direct message to another Twitter user, but used the ‘@’ instead of the ‘d’ (to indicate a direct message) to reference that user.  As a result, the message was published to all his followers, not just the intended party.  In fairness, even if he had sent the direct message correctly, he used a public photo sharing service, yFrog, to share the photo, so anyone that chose to browse through all of his photos would have still seen the controversial photo.

It is easier to communicate than ever, with a myriad of options from which to choose, including voice, video, email, posts, texts and “tweets”.  Perhaps, it’s becoming too easy.  Courthouses are filled with cases where “informal” communications are key evidence in determining the outcome of the case.  The formal typed letter has given way to the informal media of email to the even more informal media of posts, texts and “tweets”.  Now, just as important as the adage “think before you speak” is the adage “think before you hit send”.

We’ve all been there, hopefully with much less disastrous consequences.  If you’ve never selected ‘Reply to All’ by accident instead of ‘Reply’ when intending to reply to only the sender, please call me and let me know your secret.  Or, maybe, you’ve sent an email when upset that you regretted later.  Once released, those mistakes are out there and are difficult (if not impossible) to recall.

If you’re not in the habit of doing so already, it’s a good idea to take a deep breath before each email sent or each post made and review what you’re about to send out into the world.  Think before you hit send.  If you don’t, you just might be the topic on a future ‘eDiscovery Case Law’ post on eDiscoveryDaily!  😉

So, what do you think?  Do you have any cases that are driven by informal communications?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: The Best SaaS Providers are Certifiable
 

The increasing popularity of cloud-based Software-as-a-Service (SaaS) solutions is becoming well documented, with this very blog noting Forrester and Gartner predictions of tremendous growth in cloud computing over the next several years.  We’ve also noted the importance of knowing where your data is stored, as many online poker players learned the hard way when the recent US government crackdown of several gambling sites left them without a way to recover their funds.

If only there were some sort of certification, administered by an impartial third party, to ensure that your SaaS provider has implemented policies and processes that keep your information secure, stable and safe.  There is such a certification.

SAS 70 (the Statement on Auditing Standards No. 70) defines the standards an auditor must employ in order to assess the contracted internal controls of a service provider. Service providers, such as insurance claims processors, credit processing companies and, especially pertinent to eDiscovery, hosted data centers, are evaluated by these standards. The SAS 70 was developed by the American Institute of Certified Public Accountants (AICPA) as a simplification of a set of criteria for auditing standards originally defined in 1988.  Standards such as SAS 70 became critical in the wake of the Sarbanes-Oxley, which created significant legal penalties for publicly traded companies who lacked sufficient control standards for their financial information.

Under SAS 70, auditor reports are classified as either Type I or Type II. In a Type I report, the auditor evaluates the service provider to prevent accounting inconsistencies, errors and misrepresentation. The auditor also evaluates the likelihood that those efforts will produce the desired future results. A Type II report goes a step further.  It includes the same information as that contained in a Type I report; however, the auditor also attempts to determine the effectiveness of agreed-on controls since their implementation. Type II reports also incorporate data compiled during a specific time period, usually a minimum of six months.

SAS 70 reports are either requested by the service provider or a user organization (i.e., clients). The ability for the service provider to provide consistent service auditor's reports builds a client's trust and confidence in the service provider, satisfying potential concerns. A SaaS (2 a’s, as opposed to one for SAS) provider that has received SAS 70 Type II certification has demonstrated to an impartial third party a proven track record of policies and processes to protect its clients’ data.  When it comes to your data, you want a provider that has proven to be certifiable.

So, what do you think?  Is your SaaS provider SAS 70 Type II certified?  Please share any comments you might have or if you’d like to know more about a particular topic.

Full disclosure: I work for Trial Solutions, which provides SaaS-based eDiscovery review applications FirstPass® (for first pass review) and OnDemand® (for linear review and production).  Our clients’ data is hosted in a secured, SAS 70 Type II certified Tier 4 Data Center in Houston, Texas.

Social Tech eDiscovery: Use of Smarsh for Social Media Archiving
 

The online world thrives on social media, but for attorneys who must preserve sensitive social media data for discovery, the widespread growth of social technology presents a laundry list of problems.

Not only is it challenging to trace the communications shared on popular sites like Facebook, LinkedIn and Twitter when privacy settings can be turned on and off at whim, it’s also difficult to know whether the information available at any given time is complete, as content can be edited by users at any time or lost due to technical malfunctions.

In some cases, like this example, courts have ruled that even locked or private content on Facebook and other social networking sites is not protected from being requested as part of discovery. In other cases, such as this one, they have ruled differently.  You don’t know for sure how courts will rule, so you have to be prepared to preserve all types of social media content, even possibly content that is changed frequently by users, such as Facebook profiles and blog posts.  And, even though Facebook has introduced a self-collection mechanism, it may not capture all of the changes you need.  And, other social media sites have not yet provided a similar mechanism.  If items are changed or lost after the duty to preserve goes into effect, your organization can be sanctioned with steep fines even receive an adverse inference judgment based on the information you are unable to produce.

Fortunately, there are viable solutions that enable you to create a backup of all social networking activity and archive such information in the event it has to be produced in discovery. Portland-based Smarsh has archiving and compliance tools, including social media archiving and compliance that automate the archiving of social media accounts, preserving all necessary data in case you need it later for discovery.

Some of the benefits of Smarsh’s social media archiving tools include:

  • A complete, logged, and quantifiable record of all social media posts and administrator activity
  • The ability to define which social media features your employees have access to and to track all business communications
  • Compliance with SEC and FINRA regulations (including Regulatory Notice 10-06)
  • The tools to identify and minimize risk, saving your business time, effort, and money

Smarsh has been designed to satisfy all regulatory compliance objectives, transforming the data management hazards of social media into a system that automatically updates and archives itself – an attorney’s dream when litigation strikes. This application creates a simple and proactive approach to archival of social media data, enforcing preservation to ensure that the duty to preserve is met.

So, what do you think?  Do you use Smarsh or any other social media archival tool?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Case Law: Completing Production AFTER Trial is Too Late

In DL v. District of Columbia, No. 05-1437 (RCL) (D.D.C. May 9, 2011), repeated, flagrant, and unrepentant failures of the District of Columbia to comply with discovery orders, failure to supplement discovery responses, and eventual production of thousands of e-mails—some more than two years old—after the date of trial resulted in a sanction of waiver of privilege over documents sought by plaintiffs.

Plaintiffs filed an action seeking injunctive and declaratory relief for the failure of the District of Columbia Government to provide them with a free appropriate public education as required under the Individuals with Disabilities and Education Act. On the first day of trial six years later, counsel for the District acknowledged that the District several days earlier had begun a rolling production of thousands of emails per day that was expected to continue through the end of trial. Counsel for the District stated that the court had not been informed of production problems because it had been hoped review of the documents for relevance and privilege and thus production of the documents could have been completed earlier. From the bench, the court ordered the District to produce all of the email without objection and with privilege waived within one week of the end of the trial so that plaintiffs could seek to supplement the trial record if necessary. The District sought reconsideration of the order.

Likening the District’s posture to an airplane with landing gear that deploys only after touchdown, the court denied the District’s motion. Waiver of privilege was an appropriate sanction because it was just and was proportional between offense and sanction, considering the District’s violation of multiple discovery orders and failure to meet its obligation to supplement its discovery responses. The court concluded that its sanction was justified considering prejudice to plaintiffs, prejudice to the judicial system, and the need to deter similar misconduct in the future. Since the District chose not to bring the situation to the court’s attention until the day of trial, the court “had no practical alternative short of entering a default.”

The court held that whether the District had acted in good faith and whether plaintiffs also had committed discovery violations was irrelevant:

Whether the District made a good-faith effort to produce all responsive e-mails before the trial is irrelevant. As explained above, it was not sanctioned for failing to make a good-faith effort. It was sanctioned for openly, continuously, and repeatedly violating multiple Court orders, failing to adhere to or even acknowledge the existence of the Federal Rules’ discovery framework, and committing a discovery abuse so extreme as to be literally unheard of in this Court. The Rules require more than simply making a good-faith effort to produce documents. They require adherence to a very precise framework for navigating the discovery process. Moreover, the duty to adhere to clear Court orders is among a lawyer’s most basic. Were it not for those two directives—the Federal Rules’ discovery framework and Court orders regarding discovery — discovery would devolve into pure bedlam. Disciplined adherence to those Rules and Orders on the part of courts as well as parties is the only tool our system has to wrangle the whirlwind as it were and tame an otherwise unmanageable part of the litigation process. A good-faith effort to produce documents in the absence of adherence to Court orders and the Federal Rules is useless.

So, what do you think?  Have you ever had opposing counsel try to produce documents at the beginning of trial – or even after?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case Summary Source: Applied Discovery (free subscription required).  For eDiscovery news and best practices, check out the Applied Discovery Blog here.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Trends: Email Footers Give Privilege Searches the Boot
 

This communication (including any attachments) is intended for the use of the intended recipient(s) only and may contain information that is confidential, privileged or legally protected.  Any unauthorized use or dissemination of this communication is strictly prohibited.  If you have received this communication in error, please immediately notify the sender by return e-mail message and delete all copies of the original communication. Thank you for your cooperation.

This is an example of a standard email disclaimer often automated to appear in the footer of outgoing emails to disclaim liability.  Many organizations choose to add disclaimers to their emails for legal protection to attempt to protect themselves from legal threats such as breach of confidentiality or accidental breach of privilege.

However, when it comes time to collect and search email collections for confidentiality and privilege, these email footers can wreak havoc with those searches.  Searches for the words “confidential” or “privileged” will essentially be rendered useless as they will literally retrieve every email with the email disclaimer footer in it.

So, what to do?

One way to address the issue is to identify any other variations of words and phrases that might imply privilege.  Searching for phrases like “attorney client” or “attorney work product” – provided those phrases are not in the footer – may identify many of the privileged files.

Another way is to shift your search focus to names of individuals likely to conduct privileged communications, such as the names of the attorneys communicating with the organization.  Sometimes you may not know the names of all of the attorneys, so a search for domains associated with the outside counsel firms should identify the names of the individuals sending from or receiving to those domains.

If searching for the term "privileged" is still the best way to ensure that you find all of the potentially privileged files, one of our readers, Mark Lyon, actually identified a better way to search for the term “privileged” that I sheepishly admit I did not think of late last night when I wrote this, so I had to amend this post to include it (a first!).   Identifying the various footers at use within at least the main companies included in the collection, then excluding those entire footers from the index will remove those footers from filling up your search results.  Another reader, Joe Howie, has discussed in more detail an approach for removing those footers from the index.  Thanks to both Mark and Joe for keeping me on my toes!  🙂

So, what do you think?  Are email disclaimer footers making your privileged searches more complicated?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Case Law: Sue Me and Lose? Pay My Costs.

In a ruling that may give some plaintiffs’ lawyers pause, a federal judge in Pittsburgh has ruled that the winning defendants in an antitrust case are entitled to reimbursement of more than $367,000 in eDiscovery costs.

In Race Tires Amer., Inc. v. Hoosier Racing Tire, Corp., No. 2:07-cv-1294, 2011 WL 1748620 (W.D. Pa. May 6, 2011), U.S. District Judge Terrence F. McVerry issued a 25 page opinion, finding that courts are increasingly approving awards of eDiscovery costs, noting that one judge described them as “the 21st century equivalent of making copies.”

In the suit, Race Tires America claimed that its competitor, Hoosier Racing Tire Corp., violated Sections 1 and 2 of the Sherman Act by entering into exclusive dealing contracts with motorsport sanctioning body Dirt Motor Sports Inc. that included a “single tire rule.”  Under the single tire rule, Dirt Motor Sports required that drivers and racers participating in its races use a specific brand of tire for a series of races or for the entire racing season, which Race Tires America argued shut it out of the market.

But Judge McVerry dismissed the suit on summary judgment, holding that such exclusive contracts are permissible in instances when a sports-related organization has freely decided that it wants exclusivity and has good-faith, pro-competitive or business justifications for doing so.  The decision was appealed to the 3rd Circuit, where the defendants won again and, after winning the appeal, the defendants filed their bills of costs in the district court.

The plaintiff argued that the costs should be disallowed because “electronic document collection, hard drive imaging and indexing and searching, commonly referred to as ‘eDiscovery charges,’ are not enumerated under Section 1920(4), and thus are not properly deemed recoverable costs.”  But Judge McVerry found that Congress, in the Judicial Administration and Technical Amendments Act of 2008, modified the wording of Section 1920(4), changing the phrase “fees for exemplifications and copies of papers” to read “fees for exemplification and the costs of making copies of any materials.”  Since that amendment, Judge McVerry said, “no court has categorically excluded eDiscovery costs from allowable costs.”  For example, in an Idaho case, Judge McVerry noted, the court awarded $4.6 million for the costs incurred for “the creation of a litigation database.”

Given the extent of the defendant’s eDiscovery activities, including copying nearly 500 gigabytes of data in response to over 400 search terms and creation of a litigation database, the court awarded $367,000 of the $389,000 eDiscovery costs requested by the defendants.

So, what do you think?  Should plaintiffs have to reimburse eDiscovery costs to defendants if they lose?  Please share any comments you might have or if you’d like to know more about a particular topic.