Close
Enter your
text here

Electronic Discovery

Testing Your Search Using Sampling: eDiscovery Throwback Thursdays

Here is the third and final part in our Throwback Thursday series on sampling. Two weeks ago, we talked about how to determine an appropriate sample size to test your search results as well as the items NOT retrieved by the search, using a site that provides a sample size calculator.  Last week, we talked about how to make sure the sample size is randomly selected.  Today, we’ll walk through an example of how you can test and refine a search using sampling.

This post was originally published on April 5, 2011.  It was part of a three-post series that we have revisited over the past couple of weeks.  We have continued to touch on this topic over the years, including our webcast just last month.  One of our best!

The example is a somewhat simplified real-life example of a search scenario I encountered several years ago where I went through these steps for a similar search to get to a search term that provided the right balance of recall and precision.

TEST #1: Let’s say in an oil company we’re looking for documents related to oil rights.  To try to be as inclusive as possible, we will search for “oil” AND “rights”.  Here is the result:

  • Files retrieved with “oil” AND “rights”: 200,000
  • Files NOT retrieved with “oil” AND “rights”: 1,000,000

Using the site to determine an appropriate sample size that we identified before, we determine a sample size of 662 for the retrieved files and 664 for the non-retrieved files to achieve a 99% confidence level with a margin of error of 5%.  We then use this site, to generate random numbers and then proceed to review each item in the retrieved and NOT retrieved items sets to determine responsiveness to the case.  Here are the results:

  • Retrieved Items: 662 reviewed, 24 responsive, 3.6% responsive rate.
  • NOT Retrieved Items: 664 reviewed, 661 non-responsive, 99.5% non-responsive rate.

Nearly every item in the NOT retrieved category was non-responsive, which is good.  But, only 3.6% of the retrieved items were responsive, which means our search was WAY over-inclusive.  At that rate, 192,800 out of 200,000 files retrieved will be NOT responsive and will be a waste of time and resource to review.  Why?  Because, as we determined during the review, almost every published and copyrighted document in our oil company has the phrase “All Rights Reserved” in the document and will be retrieved.

TEST #2: Let’s try again.  This time, we’ll conduct a phrase search for “oil rights” (which requires those words as an exact phrase).  Here is the result:

  • Files retrieved with “oil rights”: 1,500
  • Files NOT retrieved with “oil rights”: 1,198,500

This time, we determine a sample size of 461 for the retrieved files and (again) 664 for the NOT retrieved files to achieve a 99% confidence level with a margin of error of 5%.  Even though, we still have a sample size of 664 for the NOT retrieved files, we generate a new list of random numbers to review those items, as well as the 461 randomly selected retrieved items.  Here are the results:

  • Retrieved Items: 461 reviewed, 435 responsive, 94.4% responsive rate.
  • NOT Retrieved Items: 664 reviewed, 523 non-responsive, 78.8% non-responsive rate.

Nearly every item in the retrieved category was responsive, which is good.  But, only 78.8% of the NOT retrieved items were not responsive, which means over 20% of the NOT retrieved items were actually responsive to the case (we also failed to retrieve 8 of the items identified as responsive in the first iteration).  So, now what?

TEST #3: This time, we’ll conduct a proximity search for “oil within 5 words of rights”.  Here is the result:

  • Files retrieved with “oil w/5 rights”: 5,700
  • Files NOT retrieved with “oil w/5 rights”: 1,194,300

This time, we determine a sample size of 595 for the retrieved files and (once again) 664 for the NOT retrieved files, generating a new list of random numbers for both sets of items.  Here are the results:

  • Retrieved Items: 595 reviewed, 542 responsive, 91.1% responsive rate.
  • NOT Retrieved Items: 664 reviewed, 655 non-responsive, 98.6% non-responsive rate.

Over 90% of the items in the retrieved category were responsive AND nearly every item in the NOT retrieved category was non-responsive, which is GREAT.  Also, all but one of the items previously identified as responsive was retrieved.  So, this is a search that appears to maximize recall and precision.

Had we proceeded with the original search, we would have reviewed 200,000 files – 192,800 of which would have been NOT responsive to the case.  By testing and refining, we only had to review 8,815 files –  3,710 sample files reviewed plus the remaining retrieved items from the third search (5,700595 = 5,105) – most of which ARE responsive to the case.  We saved tens of thousands in review costs while still retrieving most of the responsive files, using a defensible approach.

So, what do you think?  Do you use sampling to test your search results?   Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Today’s Webcast Will Help Plaintiff’s Attorneys Conquer Their Biggest eDiscovery Challenges: eDiscovery Webcasts

As we learned in Tom O’Connor’s recent five part blog series, it seems as though the eDiscovery deck is stacked against plaintiff’s attorneys.  Defendants seem to have all the resources, the technical know-how and the interest of the major eDiscovery vendors while the plaintiffs often have few resources, technical knowledge or eDiscovery experience.  How do plaintiff’s attorneys bridge that gap?  Today’s webcast that will help put those plaintiff’s attorneys on a more equal footing with their defendant counterparts.

Today at noon CST (1:00pm EST, 10:00am PST), CloudNine will conduct the webcast Conquering the Biggest eDiscovery Challenges Facing Plaintiff’s Attorneys. In this one-hour webcast that’s CLE-approved in selected states, we will discuss the biggest eDiscovery challenges facing plaintiff’s attorneys and provide best practices for addressing those challenges to give plaintiff’s attorneys the best chance to get the evidence they need for their case. Topics include:

  • Biggest eDiscovery Challenges Facing Plaintiff’s Attorneys
  • Ethical Duties and Rules for Understanding Technology
  • Does the eDiscovery Market Care About Plaintiff’s Attorneys?
  • Understanding the Fundamentals of eDiscovery
  • Your Clients May Have More ESI Than You Think
  • How to Request the Right Form of Production from Opposing Counsel
  • Mechanisms and Approaches for Getting the Data to Make Your Case
  • What You Need to Know About Technology Assisted Review
  • Resources You Need to Bridge Your Understanding Gap

As always, I’ll be presenting the webcast, along with Tom O’Connor, whose aforementioned white paper regarding the biggest eDiscovery challenges facing plaintiff’s attorneys was published last month on the blog.  To register for it, click here.  Even if you can’t make it, go ahead and register to get a link to the slides and to the recording of the webcast (if you want to check it out later).  If you’re a plaintiff’s attorney looking to better handle eDiscovery challenges or a defense attorney wondering what “secrets” we’re passing onto those plaintiff’s attorneys, this webcast is for you!

So, what do you think?  Are you a plaintiff’s attorney who feels that the eDiscovery deck is stacked against you?  If so, please join us!  If not, please join us anyway!  And, as always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Rules That Privilege Assertion and Potential Fraud Don’t Mix: eDiscovery Case Law

See what I did there?  ;o)

In Gates Corp. v. CRP Indus., Inc., No. 16-cv-01145-KLM (D. Colo. May 21, 2019), Colorado Magistrate Judge Kristen L. Mix overruled the Defendant’s Objection to Report and Recommendation of Special Master on Gates Corporation’s Motion to Pierce Attorney/Client Privilege and proceeded with the Discovery Master’s recommendation, ordering the defendant to submit for in camera review readable and searchable versions of the documents identified as privileged by the defendant (along with an Excel spreadsheet of the privilege log) to the Special Master for review.

Case Background

This dispute involved whether actions by the defendant (alleged to be “a direct competitor of” the plaintiff) in response to the plaintiff’s inquiry about its former employee’s theft of proprietary information can serve as the basis for invocation of the crime-fraud exception to the attorney-client privilege.  After plaintiff’s counsel notified the defendant of the potential theft of proprietary information by plaintiff’s former and defendant’s then-current employee, Laura Bale (“Bale”), the company eventually commenced an “investigation”, by having a non-lawyer human resources executive perform a keyword search of David Hirschhorn’s (“Hirschhorn”) emails, Bale’s supervisor throughout her employment with the defendant.  That search “did not find any evidence that [Hirschhorn] had received any proprietary information from Bale.”

As noted by Judge Mix in her recount of the facts “it is now undisputed that this conclusion [that Hirschhorn did not “receive” any of Plaintiff’s proprietary information from Bale] was incorrect.”  The defendant acknowledged that Hirschhorn subsequently admitted to the FBI that he received and opened the file containing Plaintiff’s confidential information, and the defendant had made no argument that Hirschhorn lied to the FBI.  Bale subsequently testified under oath that Hirschhorn knew about her possession of the plaintiff’s proprietary database approximately six months after she started working for the defendant, long before the “investigation” began. Despite Bale’s compromised credibility, her testimony in this regard had been amply confirmed by other evidence.

In objecting to the Discovery Master’s report, the defendant contended:

  1. That because Plaintiff’s counsel’s letter about the alleged theft “implicated Bale alone, [Defendant] reasonably focused its investigation on Bale, who worked off of her own laptop and used a personal email address, instead of launching a company-wide investigation”;
  2. That Hirschhorn did not admit any knowledge of wrongdoing at the time of the investigation and that the company only learned several years later that he received and opened the file containing Plaintiff’s confidential information;
  3. That the Discovery Master erroneously recognized mere spoliation as a “crime” or “fraud” which triggers the exception; and
  4. That the Discovery Master took it upon himself to find a basis for application of the crime-fraud exception on grounds not asserted by Plaintiff.

Judge’s Ruling

With regard to the defendant’s contentions, Judge Mix responded as follows:

  1. Noting that Bale “was not a solitary or isolated employee” and that “her work contemplated and required frequent interactions with other company employees”, Judge Mix stated that “I cannot agree that so limiting the investigation was reasonable or prudent.”
  2. Judge Mix noted that “if Defendant were correct, corporate parties to litigation could avoid scrutiny of their attorney-client communications by simply contending that although some employees did bad things, the wrongdoers neither admitted it to select company representatives nor did those representatives otherwise find out about it, so the crime-fraud exception does not apply.” She indicated that “argument flies in the face of long-standing precedent holding that corporate agents’ acts are attributable to the corporate entity.”
  3. Judge Mix observed that “spoliation can occur as a result of mere negligence or intentional destruction of evidence, so to the extent that the Discovery Master concluded that intentional spoliation supports application of the crime-fraud exception, his conclusion is not inconsistent with the intent requirement of the doctrine.” She also stated that “the Court need not decide whether Plaintiff presented sufficient evidence of intentional spoliation to invoke the crime-fraud exception, as the evidence of fraudulent concealment discussed above is a sufficient basis to do so.”
  4. Agreeing with the plaintiff’s contention that it actually did raise the issues discussed in the Discovery Master’s Order, Judge Mix pointed out that “Defendant itself concluded, in responding to Plaintiff’s Motion [#88], that Plaintiff was ‘insinuat[ing] that [Defendant] engaged in spoliation of materials relevant to this action.’”

As a result, Judge Mix overruled the Defendant’s Objection to the Discovery Master’s recommendation, ordering the defendant to submit its identified privileged documents for in camera review.

So, what do you think?  Should the defendant have have been forced to turn over the documents it identified as privileged?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Been Hacked? That May Be Because of an Unpatched Vulnerability in Your Software: Cybersecurity Trends

There are plenty of reasons that organizations experience a data breach, including weak or stolen passwords (despite the availability of two factor authentication technology to thwart those efforts).  Here’s another common cause of data breaches: unpatched vulnerabilities in your software.

According to ZDNet (Cybersecurity: One in three breaches are caused by unpatched vulnerabilities, written by Steve Ranger – hat tip to Sharon Nelson’s excellent Ride the Lightning blog here), more than one in three IT professionals (34 percent) in Europe admitted that their organization had been breached as a result of an unpatched vulnerability according to a survey by security company Tripwire.  The overall average isn’t much better at 27 percent.

Why?  Software vendors are constantly publishing new patches to fix problems in software that they have sold. It’s then up to the users of the software to apply the patches – or else risk leaving themselves open to attack via the backdoors that the vendors failed to spot when building the product in the first place.

But the sheer volume of patches, with many vendors publishing new fixes on a monthly basis, and the need to test those patches to ensure that they don’t cause other unexpected problems, means that there’s often a delay in getting systems secured. That leaves a gap that hackers can exploit.

Finding the stuff that needs patching can be a challenge: 59 percent of respondents said they can detect new hardware and software on their network within hours, but it’s a difficult manual effort for many, with 35 percent saying less than half of their assets are discovered automatically.  As a result, nearly half (42 percent) of respondents take more than a week to deploy security patches in their environment.

And, there are often several patches to implement per month – 42 percent of respondents indicated that they patch at least 10 vulnerabilities per month, 15 percent said at least 50 per month, 6 percent said more than 100 per month.  Four out of five companies said they had stopped using a product because of a vulnerability disclosure.

The 2017 WannaCry ransomware attack was probably the clearest example of what can go wrong when patches aren’t applied; while a patch for the vulnerability exploited by the ransomware had existed for several months many organizations such as parts of the UK’s National Health Service had failed to use it.  Now, that really makes you wanna cry!

So, what do you think?  Are you aware of a data breach that occurred because of an unpatched vulnerability in the organization’s software?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Simon Says – Once, Twice, Three Times a Spoliator: eDiscovery Case Law

OK, it’s not as catchy as Lionel Ritchie’s hit song, but it’s funny. :o)

In Univ. Accounting Serv., LLC v. Schulton, No. 3:18-cv-1486-SI (D. Or. June 7, 2019), Oregon District Judge Michael H. Simon granted in part the plaintiff’s Motion for Terminating Spoliation Sanctions Against Defendant Ethan Schulton, finding that the defendant “acted with the intent to deprive” the plaintiff of information that he deleted, but granted the plaintiff’s alternative motion for lesser sanctions, choosing to provide the jury with a permissive inference spoliation instruction against the defendant instead of case termination sanctions.

Case Background

In this dispute over a software platform provided to the plaintiff, named defendant Ethan Schulton was the lead software developer and chief architect of the software platform.  According to the plaintiff, in February 2016, named defendant ScholarChip told the plaintiff it would have to pay substantially higher fees if it wanted to continue using the software platform it developed.  In March 2016, Schulton recognized the possibility that the plaintiff might bring a lawsuit by asking ScholarChip’s CEO and CTO about giving the plaintiff the source code to avoid a lawsuit.  The following month, Schulton sent an email to his legal counsel, and copied others within ScholarChip, about forming a new legal entity.  The situation between the parties continued to deteriorate over the next several months, with the parties filing lawsuits against each other.

In July 2018, approximately seven months after Schulton voluntarily left ScholarChip’s employment, Schulton sent an email both to the plaintiff and the CTO of ScholarChip, where he announced his intent to create a loan servicing system that would compete directly with the plaintiff. He further said that he would create the system based on knowledge acquired during his 15 years at ScholarChip and added that he would be communicating with and soliciting business from the plaintiff’s customers that he learned about through his work at ScholarChip for the plaintiff.  The next month, the plaintiff filed this lawsuit.

On March 7, 2018, Schulton accepted service of a deposition and document subpoena to which he responded: “I left ScholarChip with nothing but the knowledge gained over 15 years of employment. To use definitions from my recent document subpoena, I have no ‘CLIENT DATA,’ ‘DELIVERABLES,’ ‘SOFTWARE,’ or ‘WORK PRODUCT.’”

Despite that, as the opinion noted, Schulton had previously acknowledged that he used a “mechanism called Take Out” to export his entire ScholarChip e-mail account, which included all of its contents dating back to 2014, to Schulton’s personal “One Drive” cloud storage account. He also saved a copy of his ScholarChip email account on his personal computer.  He also saved electronic copies of several webinars with the plaintiff’s clients to his personal computer, which he took with him and kept after he left ScholarChip’s employment.  And, the day before a hearing in August 2018, Schulton located and deleted the file known as UAS’s “Private Client List,” which listed the plaintiff’s clients in descending order by ScholarChip revenue.  In the hearing, he stated “I deleted the file as fast as I could, because I was petrified at its existence, because it’s exactly the type of damning information that UAS wants to catch me with.”

Judge’s Ruling

Noting that the information deleted was 1) electronically stored information, 2) that should have been preserved in the anticipation or conduct of litigation, 3) (that) is lost because a party failed to take reasonable steps to preserve it and, 4) cannot be restored or replaced through additional discovery, Judge Simon stated: “These four threshold or predicate conditions have been satisfied” (to impose sanctions).

Judge Simon summed up the spoliation, as follows:

“The Private Client List, the ScholarChip emails, and the webinar recordings are all electronically stored information. In March 2016, Shulton anticipated the possibility of litigation. By June 2017, litigation between UAS and ScholarChip had begun. In the fall of 2017, Schulton downloaded to his personal computer and personal cloud account the electronically stored information at issue. On March 7, 2018, with litigation pending between ScholarChip and UAS in federal court in New York, Schulton received a document subpoena, and his first act of spoliation occurred four days later, on March 11, 2018. Schulton’s second act of spoliation occurred on April 9, 2018. In August 2018, UAS commenced this lawsuit in federal court in Oregon and requested a TRO, which was scheduled for August 22, 2018. The day before the TRO, Schulton committed his third act of spoliation. The Private Client List, the ScholarChip emails, and the webinar recordings all appear to be relevant to the several lawsuits. Accordingly, they should have been preserved in the anticipation or conduct of litigation. Further, intentionally destroying evidence satisfies the standard for failing to take reasonable steps to preserve that evidence. Finally, UAS has attempted to restore or replace through additional discovery the deleted information but has been unsuccessful. Thus, UAS has satisfied the four threshold elements under Rule 37(e).”

As a result, Judge Simon granted in part the plaintiff’s motion, choosing to provide the jury with a permissive inference spoliation instruction against the defendant instead of case termination sanctions.

So, what do you think?  Should the defendant have received case termination sanctions?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

This Blog Post Will Not Be Automatically Deleted, But Your Instant Message Might Be: eDiscovery Trends

The sources of electronically stored information (ESI) are more varied than ever.  Now, they routinely include text messages and messages from instant messaging apps.  But, depending on the instant message app – or the archive option for any messaging app, that ESI might not be available at litigation time.

In LegalTech® News (This Article Will Self-Destruct: Behind Ephemeral Messaging’s In-House Rise, written by Rhys Dipshan), the author notes that the rise of ephemeral messaging, self-erasing communications “have gone from spy movie lore to everyday consumer technology.”  That technology may be welcomed by privacy advocates, but not so much by those responsible for compliance, investigations and litigation efforts.  And, while ephemeral messaging was once only the focus of a handful of messaging apps, they’re now being offered by widely used services like Gmail and Facebook.

Remember the Waymo v. Uber case?  In that case, Waymo sought sanctions for Uber’s use of the ephemeral messaging app Wickr for communications, but California District Judge William Alsup ruled that Waymo could inform the jury of the situation and have them reach their own conclusions – in part, because Waymo also disclosed it used ephemeral messaging apps in-house as well.

Ephemeral messaging apps are becoming more prevalent – and they’re even becoming more accepted from a regulatory standpoint.  In April 2019, for example, the Department of Justice (DOJ) rescinded a policy requiring companies to restrict their employees’ use of ephemeral messaging apps if they wanted credit for cooperating with DOJ enforcement actions under the Foreign Corrupt Practices Act. The new DOJ policy now only requires companies to implement “appropriate guidance and controls on the use of personal communications and ephemeral messaging platforms.”

Gareth Evans, eDiscovery expert and partner at Redgrave, noted that one of the most fundamental uses for ephemeral messaging is to help organizations more easily delete data they shouldn’t be keeping in the first place.

“Simply, if there is no business purpose or business need for retaining the messaging, if there is no legal requirement to keep it, that in itself is a good reason not to be keeping it. And by keeping communications [you don’t need], you run certain risks.”

That’s great when there isn’t a duty to preserve (i.e., when you anticipate litigation).  But, what about when that duty exists?

For years, we’ve discussed the importance of suspending auto delete programs when anticipating litigation and we’ve discussed cases where failure to do so can lead to sanctions (like this one and this one).  Historically, those auto delete programs have been associated with email, but they are becoming more associated with text and other messaging apps, as well.  And, it’s important to note that while some messaging apps are ephemeral by default, most (if not all) messaging apps can be set to automatically delete messages after a period of time – including text messaging apps like the text message app for iPhones, which is set to retain messages “forever” by default, but can be changed to a 1 year or even 30 day retention period.  That’s why it’s become more important than ever to address automatic deletion for text and other messaging apps when litigation is anticipated to avoid potential spoliation.

So, what do you think?  Does your organization use ephemeral messaging apps?  If so, how does it handle the use of those apps during litigation?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Image Copyright © CBS Television Distribution.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Rejects Plaintiff’s Timeliness and Form Served Arguments; Grants Defendant’s Motion to Compel: eDiscovery Case Law

In Frey v. Minter, No. 4:18-CV-191 (CDL) (M.D. Ga. June 12, 2019), Georgia Chief U.S. District Court Judge Clay D. Land rejected the plaintiff’s arguments that the defendant’s discovery requests were untimely and were not properly served and granted the defendant’s motion to compel against the plaintiff.  With regard to the defendant’s motion to compel against a non-party law firm, Judge Clay ordered that firm to provide the defendant with an estimated cost for responding to the requests, and upon payment of those costs, to produce the documents within twenty-one days.

Case Background

In this defamation case filed by one attorney against another attorney and his client regarding their claims of alleged fraudulent and unethical conduct by the plaintiff as a creditor against a former client, the parties filed a joint case management report, proposing a discovery deadline of January 26, 2019 and agreeing that “all discovery must be commenced in time to be completed before this date.”  The parties also agreed that each party would “timely serve discovery requests so that the rules allow for a response prior to the discovery deadline.”  After the plaintiff appealed several of the Court’s rulings in January 2019 and the appeal was dismissed for lack of jurisdiction, the Court found good cause for an amended scheduling order and instructed the parties to submit a joint proposed scheduling order that included an updated discovery deadline.

The parties agreed to a deadline for motions to compel previously issued discovery requests and the Court initially entered an amended scheduling order that provided for no motions to compel, noting that any discovery motions should have been filed during discovery. However, the defendant sought reconsideration, asserting that the parties had agreed that “no new discovery requests would be issued, but that they could seek Court action on requests that had already been issued.”  The plaintiff opposed the motion for reconsideration, anticipating that the defendant might seek to compel responses to discovery requests that were made on the eve of the discovery deadline.

The Court granted the motion for reconsideration and adopted the deadlines that the parties originally proposed, knowing that any motion to compel would likely relate to discovery requests that were served during discovery, even those that were technically untimely under the Case Management and Scheduling Order.

Judge’s Ruling

Judge Clay stated: “Given that the Court had found good cause for an amendment of the scheduling order and had invited the parties to extend all of the deadlines, including the discovery deadline, the Court’s ruling that permitted post-discovery motions to compel likewise included the right to compel responses to any discovery that had been propounded prior to the expiration of the discovery deadline, even if responses to that discovery could not have been made prior to the previous discovery deadline. To hold otherwise would make the Court’s order extending the motion to compel deadline meaningless because there would be no discovery requests that could be compelled. Accordingly, the Court finds that Minter’s motion to compel shall not be denied based upon his failure to serve his discovery requests within the deadline established by the earlier case management order.”

Judge Clay also rejected the plaintiff’s other objection to the motion – that he was not properly served with the requests because he did not consent in writing to service of discovery requests via email.  Noting that the plaintiff had responded to the defendant’s former attorney’s question regarding whether email service to his email address is sufficient for the federal court filings by stating “Yes, this email is good”, Judge Clay stated: “Minter was justified in believing that Frey had consented to service of discovery requests by email. Even if Frey had not so consented, any deficiency in Minter’s service was harmless because it is clear that Frey received the document requests. The Court declines to deny the motion to compel on this ground.”  As a result, the defendant’s motion to compel was granted and the plaintiff was ordered to respond within twenty-one days.

Judge Clay also observed that “Minter also filed a motion to compel against non-party law firm Hunton, contending that the firm failed to respond adequately to his subpoena.”  Noting that “[t]he Court is sensitive about imposing unnecessary costs upon a non-party”, Judge Clay stated that “[t]hat concern can be addressed, however, by requiring Minter to pay for Hunton’s expenses associated with responding to the request.”  As a result, Judge Clay ordered that firm to provide the defendant with an estimated cost for responding to the requests, and upon payment of those costs, to produce the documents within twenty-one days.

So, what do you think?  Should the motion have been denied if they were untimely in the Case Management and Scheduling Order?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Got Data Across Borders? The Sedona Conference Has a Commentary for You: eDiscovery Best Practices

Lately, it seems like we have a new publication from The Sedona Conference® (TSC) every couple of months or so.  This latest publication provides guidance to those that are transferring data across borders.

Last week, TSC and its Working Group 6 on International Electronic Information Management, Discovery, and Disclosure (WG6) announced that The Sedona Conference Commentary and Principles on Jurisdictional Conflicts over Transfers of Personal Data Across Borders (“Commentary”) has been published for public comment.

The goal of this Commentary is to provide: (1) a practical guide to corporations and others who must make day-to-day operational decisions regarding the transfer of data across borders; and (2) to provide a framework for the analysis of questions regarding the laws applicable to cross-border transfers of personal data.

This 48-page (PDF) Commentary lists six choice-of-law principles, then provides an Introduction that discusses the underlying tension, comity (not comedy) and legal and practical complexity associated with the transfer of data.  It ends with a 19 page Appendix on Data Privacy Complexity and Background.  In between, the Commentary goes much more into depth on the six choice of law principles, which are as follows:

Principle 1: A nation has nonexclusive jurisdiction over, and may apply its privacy and data protection laws to, natural persons and organizations in or doing business in its territory, regardless of whether the processing of the relevant personal data takes place within its territory.

Principle 2: A nation usually has nonexclusive jurisdiction over, and may apply its privacy and data protection laws to, the processing of personal data inextricably linked to its territory.

Principle 3: In commercial transactions in which the contracting parties have comparable bargaining power, the informed choice of the parties to a contract should determine the jurisdiction or applicable law with respect to the processing of personal data in connection with the respective commercial transaction, and such choice should be respected so long as it bears a reasonable nexus to the parties and the transaction.

Principle 4: Outside of commercial transactions, where the natural person freely makes a choice, that person’s choice of jurisdiction or law should not deprive him or her of protections that would otherwise be applicable to his or her data.

Principle 5: Data in transit (“Data in Transit”) from one sovereign nation to another should be subject to the jurisdiction and the laws of the sovereign nation from which the data originated, such that, absent extraordinary circumstances, the data should be treated as if it were still located in its place of origin.

Principle 6: Where personal data located within, or otherwise subject to, the jurisdiction or the laws of a sovereign nation is material to a litigation, investigation, or other legal proceeding within another sovereign nation, such data shall be provided when it is subject to appropriate safeguards that regulate the use, dissemination, and disposition of the data.

You can download a copy of the Commentary here (login required, which is free).  The Commentary is open for public comment through August 10, 2019. Questions and comments on the Commentary are welcome through August 10, and may be sent to comments@sedonaconference.org.

As always, the drafting team will carefully consider all comments received, and determine what edits are appropriate for the final version.  Also, a webinar on the Commentary will be scheduled in the coming weeks, and will be announced by email and on The Sedona Conference website to give you the opportunity to ask questions and gain additional insight on this important topic.

So, what do you think?  How does your organization address transfer of personal data across borders?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Discovery “Cautionary Tale” Leads to Recommendations of Default Judgment Against Defendants: eDiscovery Case Law

In Abbott Laboratories, et al. v. Adelphia Supply USA, et al., No. 15 CV 5826 (CBA) (LB) (E.D.N.Y. May 2, 2019), New York Magistrate Judge Lois Bloom, noting that the plaintiff’s motion for case ending sanctions against H&H Wholesale Services, Inc., its principal, Howard Goldman, and its marketing manager and Mr. Goldman’s wife, Lori Goldman (“H&H Defendants”) for wide-scale discovery misconduct “presents a cautionary tale about how not to conduct discovery in federal court” recommended that the plaintiffs’ motion be granted, and that the Court should enter a default judgment against the H&H Defendants.

This case (covered here by Law360, subscription required; report and recommendation linked here) involves trademark and trade dress infringement, unfair competition, trademark dilution and other claims associated with the illegal sale of Abbott’s FreeStyle blood glucose test strips in the US.  Judge Bloom began the report and recommendations document with this statement:

“This motion presents a cautionary tale about how not to conduct discovery in federal court.”

Among the discovery issues according to Judge Bloom (and plaintiff allegations):

  • The documents the H&H defendants originally produced were printed “in hard copy, scanning them all together, and producing them as a single, 1941-page PDF file”;
  • H&H used search terms it knew wouldn’t turn up results (“such as ‘International’ and ‘FreeStyle,’ whereas H&H’s internal systems used item numbers and other abbreviations such as ‘INT’ and ‘INTE’ for International and ‘FRL’ and ‘FSL’ for FreeStyle”) and specifically removed other damning documents – particularly those involving Howard Goldman and Lori Goldman – and provided numerous false excuses for these omissions;
  • The testimony from H&H’s general manager regarding the discovery woes was “clearly inconsistent if not perjured from his deposition” opposing the sanctions motion, Howard Goldman’s testimony was “evasive and self-serving at best” and H&H’s corporate representative’s testimony was “clearly perjured”;
  • “H&H would have gotten away” with its fraud if not for Abbott being allowed to seize H&H’s computers as part of a related counterfeiting case, which allowed previously withheld documents to come to light.

“H&H only complied with the court’s orders and their discovery obligations when their backs were against the wall,” Judge Bloom wrote. “Their email server had been seized. There was no longer an escape from responsibility for their bad faith conduct … But for being caught in a web of irrefutable evidence, H&H would have profited from their misconduct.”

She added that the lies were part of a “calculated pattern of pervasive misconduct that started early on and continued even after defendants were caught red handed,” meaning the case must be ended with a victory handed to Abbott.

H&H had previously been sanctioned for its discovery misconduct, with Judge Bloom in 2018 blocking the supplier from raising attorney-client or work-product privilege defenses for a certain set of discovery production.

Even other companies that Abbott had also sued had gone after H&H and Kerr Russell for letting Goldman listen to remote depositions of other parties, in violation of a protective order.

In recommending that the plaintiffs’ motion for sanctions be granted and a default judgment being issued against the H&H defendants, Judge Bloom stated:

“The Court finds that the H&H defendants have committed a fraud upon the court, and that the harshest sanction is warranted. Therefore, plaintiffs’ motion for sanctions should be granted and a default judgment should be entered against H&H Wholesale Services, Inc., Howard Goldman, and Lori Goldman.”

So, what do you think?  Do you agree with the harsh sanction recommendations?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Determining Appropriate Sample Size to Test Your Search: eDiscovery Throwback Thursdays

If you missed it last week, we started a new series – Throwback Thursdays – here on the blog, where we are revisiting some of the eDiscovery best practice posts we have covered over the years and discuss whether any of those recommended best practices have changed since we originally covered them.

This post was originally published on April 1, 2011 – no fooling!  It was part of a three-post series that we will revisit over the next three weeks – we have continued to touch on this topic over the years, including our webcast just last month.  One of our best!

One part of searching best practices is to test your search results (both the result set and the files not retrieved) to determine whether the search you performed is effective at maximizing both precision and recall to the extent possible, so that you retrieve as many responsive files as possible without having to review too many non-responsive files.  One question I often get is: how many files do you need to review to test the search?

If you remember from statistics class in high school or college, statistical sampling is choosing a percentage of the results population at random for inspection to gather information about the population as a whole.  This saves considerable time, effort and cost over reviewing every item in the results population and enables you to obtain a “confidence level” that the characteristics of the population reflect your sample.  Statistical sampling is a method used for everything from exit polls to predict elections to marketing surveys to poll customers on brand popularity and is a generally accepted method of drawing conclusions for an overall results population.  You can sample a small portion of a large set to obtain a 95% or 99% confidence level in your findings (with a margin of error, of course).

So, does that mean you have to find your old statistics book and dust off your calculator or (gasp!) slide rule?  Thankfully, no.

There are several sites that provide sample size calculators to help you determine an appropriate sample size, including this one.  Many eDiscovery platforms do so as well.  You’ll simply need to identify a desired confidence level (typically 95% to 99%), an acceptable margin of error (typically 5% or less) and the population size.

So, if you perform a search that retrieves 100,000 files and you want a sample size that provides a 99% confidence level with a margin of error of 5%, you’ll need to review 660 of the retrieved files to achieve that level of confidence in your sample (only 383 files if a 95% confidence level will do).  Here’s an illustration of that using the site referenced above.

If 1,000,000 files were not retrieved, you would only need to review 664 of the not retrieved files to achieve that same level of confidence (99%, with a 5% margin of error) in your sample – only four more files to review than the previous sample, even though the collection is 900,000 files larger!  Don’t believe me?  See for yourself here.

As you can see, the sample size doesn’t need to increase much when the population gets really large and you can review a relatively small subset to understand your collection and defend your search methodology to the court.

Next week, we will talk about how to randomly select the files to review for your sample.

So, what do you think?  Do you use sampling to test your search results?   Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.