Close
Enter your
text here

Evidence

eDiscovery Case Law: Downloading Confidential Information Leads to Motion to Compel Production

The North Dakota District Court has recently decided in favor of a motion to compel production of electronic evidence, requiring imaging of computer hard drives, in a case involving the possible electronic theft of trade secrets.

In Weatherford U.S., L.P. v. Chase Innis and Noble Casings Inc., No. 4:09-cv-061, 2011 WL 2174045 (D.N.D. June 2, 2011), the court ruled to allow the plaintiff to select and hire a forensic expert at its own expense to conduct imaging of the defendants’ hard drives. The purpose of this investigation was to discern whether or not confidential data that was downloaded from the plaintiff’s computers was, in fact, used in the building of the defendants’ own oil services firm.

Although the judge noted that courts are generally “cautious” in authorizing such hard drive imaging, this motion was substantiated by the defendant, Innis’s, “acknowledgment that he downloaded [plaintiff’s] files to a thumb drive without permission.” The court believed that circumstances of the case warranted further investigation into the defendant’s computer history:

  • The plaintiff, Weatherford US LP, had previously alleged that Chance Innis, a former employee, had downloaded confidential and proprietary information and used it to his advantage in starting his own competing company, Noble Casing Inc.
  • Innis had admitted to returning to Weatherford US offices late in the evening of the day he was terminated and downloading files onto a thumb drive without permission. Two weeks later, he launched his own competing oil services company, the co-defendant in this case, Noble Casing Inc. However, Innis maintains that he did not later access the files stored on his thumb drive and never used them in the process of starting his own company.
  • Contrary to these assertions, forensic examination of the thumb drive showed that the files were later accessed; whether or not they were instrumental in the startup of Noble Casing Inc. remains in question.
  • The plaintiff requested access to the defendant’s computers in the pursuit of previously subpoenaed documents, proposing that they select, hire, and pay for the services of a forensic investigator to image the defendants’ hard drives.
  • The defendants objected, proposing instead that an expert be chosen in agreement by all parties.
  • The court ruled in favor of the plaintiff’s motion in this instance, agreeing that all materials imaged will be shown to the defendant to screen for privilege before being shared with the plaintiff.
  • The court maintained that it is not unusual for imaging of hard drives to be allowed by the court in cases such as this, “particularly in cases where trade secrets and electronic evidence are both involved.”

So, what do you think?  Do you agree that Weatherford should have been allowed to examine images of the defendants’ hard drives, or should Innis’ privacy and that of his company have been protected?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: eDiscovery Malpractice Case Highlights Expectation of Higher Standards
 

Normally, eDiscovery Daily reports on cases related to eDiscovery issues after the decision has been rendered.  In this case, the mere filing of the lawsuit is significant.

Friday, we noted that competency ethics was no longer just about the law and that competency in eDiscovery best practices is expected from the attorneys and any outside providers they retain.  An interesting article from Robert Hilson at the Association of Certified eDiscovery Professionals® (ACEDS™) discusses what may be the first eDiscovery malpractice case ever filed against a law firm (McDermott Will & Emery) for allegedly failing to supervise contract attorneys that were hired to perform the client’s work and to protect privileged client records.  A copy of the article is located here.

J-M Manufacturing Co., Inc., a major manufacturer of PVC piping, had hired McDermott to defend against civil False Claims Act charges concerning the quality and sale of its products to federal and state governments. After the case was filed in January 2006, it remained under seal for nearly three years.  According to the complaint, during that time, a large-scale document review ensued (160 custodians) and McDermott hired Stratify, an outside vendor, to cull through the ESI.

J-M retained Sheppard Mullin Richter & Hampton to replace McDermott in March 2010.  Why?  According to the complaint, McDermott worked directly with the Assistant US Attorney to develop a keyword list for identifying responsive ESI, but, despite this effort, the first production set was returned by the government after they found many privileged documents. The complaint indicates that McDermott and its contract lawyers then produced a second data set again with a large number of privileged documents even though it was filtered through a second keyword list.

J-M contends in the complaint that McDermott's attorneys “performed limited spot-checking of the contract attorneys' work, [and] did not thoroughly review the categorizations or conduct any further privilege review.”  After Sheppard replaced McDermott on the case, they asked for the privileged documents to be returned, but the “relator” refused, saying that McDermott had already done two privilege reviews before giving those documents to the government and, therefore, J-M had waived the attorney-client privilege. In the complaint, J-M contends that 3,900 privileged documents were erroneously produced by McDermott as part of 250,000 J-M electronic records that were reviewed.  It is unclear from the complaint whether McDermott provided the contract reviewers themselves or used an outside provider.  It will be interesting to see how this case proceeds.

So, what do you think?  Have you experienced inadvertent disclosures of privilege documents in a case?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Case Law: Cut and Paste Makes the Cut as Evidence
 

In United States v. Lanzon, 2011 WL 1662901 (11th Cir. 2011), the defendant in a criminal case appealed his conviction and raised the issue of whether he prosecution properly authenticated instant messages cut-and-pasted into a Microsoft Word document.

Detective George Clifton, a member of the Miami–Dade Police Department's Sexual Crimes Bureau, posing as a male living with his girlfriend and his girlfriend's 14–year–old daughter, conducted instant message (IM) online chats with Keith Lanzon that led to Lanzon being arrested and charged with violating 18 U.S.C. § 2422(b), which provides that:

Whoever, using the mail or any facility or means of interstate or foreign commerce, or within the special maritime and territorial jurisdiction of the United States knowingly persuades, induces, entices, or coerces any individual who has not attained the age of 18 years, to engage in prostitution or any sexual activity for which any person can be charged with a criminal offense, or attempts to do so, shall be fined under this title and imprisoned not less than 10 years or for life.

Detective Clifton saved these conversations by copying the IM communications and pasting them into a Microsoft Word document, saving the Word document to a “floppy” disc, for printing in transcripts. While Detective Clifton did not save any of the IM conversations in their original format, he did compare the actual IM "chat screens" to the Word document he had created to verify that the Word document exactly matched the IM conversations.

At trial, the prosecution introduced the Word document with the cut-and-pasted IMs, and Lanzon was convicted.  Lanzon appealed to the US Eleventh Circuit Court of Appeals, claiming, inter alia, that the document was improperly admitted, and that the admission of the document violated the Due Process Clause and the Best Evidence Rule.  Lanzon also argued the transcripts violated the rule of completeness in FRE 106 claiming that Detective Clifton failed to include the entire chat transcript, including only the edited portion that supported his case.  FInally, Lanzon claimed that the prosecution failed to properly authenticate the Word document.

The Eleventh Circuit found that Lanzon failed to prove bad faith by the government in failing to preserve the original IMs. The court also rejected Lanzon's rule of completeness argument, finding that “There is no indication that additional parts of the conversation exist.”

As for the failure to authenticate claim, the Eleventh Circuit also rejected that claim, finding that “Evidence may be authenticated through the testimony of a witness with knowledge. FRE 901(b)(1). The proponent need only present enough evidence "to make out a prima facie case that the proffered evidence is what it purports to be.”

A copy of the opinion can be found here.

So, what do you think?  Have you dealt with a case involving evidence cut and pasted into a document?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Best Practices: Usefulness of Facebook’s Self Collection Mechanism
 

We’ve written about Facebook a lot on this blog.  Shortly after this blog was launched, we provided information on Facebook’s subpoena policy.  We’ve also talked about the eDiscovery implications associated with the rollout of Facebook’s new email messaging system, dubbed “Facemail”.  And, just last week, we chronicled a case involving Facebook where they were ordered to produce documents instead of just merely providing access to them.  And, we haven’t even mentioned the latest revelations that Facebook may have secretly hired a PR firm to plant negative stories about Google (oops, we just did!).

But perhaps our most popular post regarding Facebook was regarding the self collection mechanism that they rolled out last October, which we found out about via our LegalTech interview with Craig Ball published back in March after our February interview (Craig also wrote an article about the feature in Law Technology News in February).

Now, another article has been written about the usefulness of Facebook’s self collection mechanism (called “Download Your Information”) in the blog E-Discovery Law Alert, entitled How Useful is Facebook's "Download Your Information" Feature in E-Discovery?, written by Patrick V. DiDomenico.

The author of this article conducted a test by downloading his information via the utility, deleting some information from his Facebook profile – “an email message, some wall posts, comments, photos, and even a friend (not a close friend)” – hopefully, he added the friend back.  Then, he downloaded his information again, every day for four days, with no change for the first three days.  On the fourth day, most of the deleted information disappeared from the download, except the email message (which disappeared when he ran the utility one more time).

The conclusion was that the mechanism “does not appear to ‘look back’ and recover deleted information in the user’s account”.  Thoughts:

  • With no change in the download in the first three days, the author notes that “Facebook did not take a fresh snapshot of my account every day – it just re-downloaded the same file three days in a row”.  He doesn’t mention whether he added any content during this time.  It would be interesting to see if that would force a change.
  • I don’t believe that there is any specific documentation from Facebook as to how it handles additions and deletions and how often the snapshot is updated.  If not, it might behoove them to create some, it might save them some subpoena requests.
  • The author notes that “it is inadvisable for lawyers to rely solely on the Download Your Information feature for discovery of an adversary’s Facebook information” as it “gives no assurance that a litigant’s attempt to delete evidence will be revealed”.  On the other hand, it may be still an appropriate mechanism to use for your own discovery to preserve your own information.  Facebook may also store deleted information on backup tapes, so a subpoena could catch your opponent red-handed if you can justify the discovery of those tapes.  Food for thought.

So, what do you think?  Have you had any Facebook discovery requests in your eDiscovery projects?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Case Law: Destroy Data, Pay $1 Million, Lose Case

A federal judge in Chicago has levied sanctions against Rosenthal Collins Group LLC and granted a default judgment to the defendant for misconduct in a patent infringement case, also ordering the Chicago-based futures broker’s counsel to pay “the costs and attorneys fees incurred in litigating this motion” where plaintiff’s agent modified metadata related to relevant source code and wiped several relevant disks and devices prior to their production and where the court found counsel participated in “presenting misleading, false information, materially altered evidence and willful non-compliance with the Court’s orders.”

In Rosenthal Collins Group, LLC v. Trading Techs. Int’l, No. 05 C 4088, 2011 WL 722467 (N.D. Ill. Feb. 23, 2011), U.S. District Judge Sharon Johnson Coleman assessed a sanction of $1 million to Rosenthal Collins (RCG) and granted defendant/counter-plaintiff Trading Technologies’ (TT) motion for evidentiary sanctions and default judgment.  Much of the reason was due to the actions of RCG’s agent, Walter Buist.  Here’s why:

  • During Buist’s deposition, he admitted to “turning back the clock” to change the “last modified” date on the previously modified source code to make it appear that the modifications had occurred much earlier.  Despite clear evidence of these facts, RCG continued to deny them, even calling the claims “libelous,” “audacious,” and “Oliver Stone-esque.”
  • Buist also later admitted “wiping” six of seven zip disks that originally contained the relevant source code.  While he did not admit wiping the seventh disk, it was also wiped, and the Court found that it was “impossible to believe that it is merely coincidence that the seventh disk happened to be wiped on May 2, 2006, which just happened to be the same day that TT was scheduled to inspect it.”
  • The Court found that here was evidence that “virtually every piece of media ordered produced by the Court in May 2007 and July 2008 was wiped, altered, or destroyed.”
  • Despite RCG’s (and its counsel’s) attempts to distance itself from “its own agent, employed for the purposes of pursuing this litigation” and disavowing any “actual knowledge” of wrongdoing, Buist was RCG’s agent and, therefore, RCG was bound by Buist’s behavior and actions.
  • Even if RCG and its counsel had no knowledge of the destruction of the evidence, the destruction might have been avoided if RCG had complied with the Court’s orders in a timely manner to produce the materials and/or preserved the evidence by taking custody of it.

So, what do you think?  Should parties and their counsel be liable for the actions of an agent on their behalf?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Case Law: Spoliate Evidence, Don’t Go to Jail, but Pay a Million Dollars
 

As previously referenced in eDiscovery Daily, defendant Mark Pappas, President of Creative Pipe, Inc., was ordered by Magistrate Judge Paul W. Grimm to  “be imprisoned for a period not to exceed two years, unless and until he pays to Plaintiff the attorney's fees and costs that will be awarded to Plaintiff as the prevailing party pursuant to Fed. R. Civ. P. 37(b)(2)(C).”.  Judge Grimm found that “Defendants…deleted, destroyed, and otherwise failed to preserve evidence; and repeatedly misrepresented the completeness of their discovery production to opposing counsel and the Court.”

However, ruling on the defendants’ appeal, District Court Judge Marvin J. Garbis declined to adopt the order regarding incarceration, stating: “[T]he court does not find it appropriate to Order Defendant Pappas incarcerated for future possible failure to comply with his obligation to make payment of an amount to be determined in the course of further proceedings.”

So, how much is he ordered to pay?  Now we know.

On January 24, 2011, Judge Grimm entered an order awarding a total of $1,049,850.04 in “attorney’s fees and costs associated with all discovery that would not have been un[der]taken but for Defendants' spoliation, as well as the briefings and hearings regarding Plaintiff’s Motion for Sanctions.”  Judge Grimm explained, “the willful loss or destruction of relevant evidence taints the entire discovery and motions practice.” So, the court found that “Defendants’ first spoliation efforts corresponded with the beginning of litigation” and that “Defendants’ misconduct affected the entire discovery process since the commencement of this case.”

As a result, the court awarded $901,553.00 in attorney’s fees and $148,297.04 in costs.  Those costs included $95,969.04 for the Plaintiff’s computer forensic consultant that was “initially hired . . . to address the early evidence of spoliation by Defendants and to prevent further destruction of data”.  The Plaintiff’s forensic consultant also provided processing services and participated in the preparation of plaintiff’s search and collection protocol, which the court found “pertained to Defendants’ spoliation efforts.”

So, what do you think?  Will the defendant pay?  Or will he be subject to possible jail time yet again?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Case Law: When is Attorney-Client Communication NOT Privileged?

One answer: When it’s from your work email account, and your employer has a written policy that company email is not private and subject to audit.  Oh, and you’re suing your employer.

In Holmes v. Petrovich Dev. Co., LLC, 2011 WL 117230 (Cal. Ct. App. Jan. 13, 2011), a California court of appeals upheld a trial court ruling that emails from a plaintiff to her attorney via her company’s computer “did not constitute ‘confidential communication between client and lawyer’ within the meaning of Evidence Code section 952” and thus were not privileged.

The plaintiff, Gina Holmes worked as an executive assistant at Petrovich Development of Sacramento, California.  When hired, she read and signed the company’s policies regarding use of computers, which informed employees that they had no right of privacy to any personal information created or maintained on company computers, and that such information was subject to monitoring.

Holmes claimed Petrovich Development became hostile when it found out she was pregnant shortly after being hired in 2004 and used her company’s computer to communicate with an attorney, eventually quitting her job and suing her employer.  During the case, emails between her and her attorney were introduced at trial “to show Holmes did not suffer severe emotional distress, was only frustrated and annoyed, and filed the action at the urging of her attorney”.  Despite plaintiff’s protests that the emails were privileged, they were not excluded from evidence at trial.  Rather, the trial court ruled that the emails “were not protected … because they were not private.”  Because the plaintiff did not prevail on any of her claims, she appealed, claiming the court erred in failing to exclude the emails.

In a 3-0 decision by the Sacramento Third Appellate District, they affirmed the findings of the trial court, stating that the plaintiff’s use of the company computer after being expressly advised that her messages were not private was “akin to consulting her attorney in one of defendants’ conference rooms, in a loud voice, with the door open, yet unreasonably expecting that the conversation overheard … would be privileged.”.  The court also noted that “communication under these circumstances is not a “‘confidential communication between client and lawyer’ “ within the meaning of section 952 because it is not transmitted “by a means which, so far as the client is aware, discloses the information to no third persons other than those who are present to further the interest of the client in the consultation….”.

So, what do you think?  Was justice served?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case Law: Spoliate Evidence and Go to Jail–OR NOT?!?

As previously referenced in eDiscovery Daily, defendant Mark Pappas, President of Creative Pipe, Inc., was ordered by Judge Paul W. Grimm to  “be imprisoned for a period not to exceed two years, unless and until he pays to Plaintiff the attorney’s fees and costs that will be awarded to Plaintiff as the prevailing party pursuant to Fed. R. Civ. P. 37(b)(2)(C).”.

Judge Grimm found that “Defendants…deleted, destroyed, and otherwise failed to preserve evidence; and repeatedly misrepresented the completeness of their discovery production to opposing counsel and the Court.”  As a result, he ordered “that Pappas’s pervasive and willful violation of serial Court orders to preserve and produce ESI evidence be treated as contempt of court”, resulting in the severe sanction.

Pursuant to Magistrate Judge Grimm’s September 9 decision and order and the relevant local rule, however, defendants were allowed to object to the same order. In that briefing, Mr. Pappas’ counsel argued that “[t]his Court’s power to impose a coercive civil contempt sanction … is limited by a party’s ability to comply with the order,” and further that, “[i]f the fee awarded is so large that Mr. Pappas is unable to pay it, the ordered confinement would not be coercive, but punitive, and could not be imposed without criminal due process protections.” Defendants thus requested that Magistrate Judge Grimm’s order be modified such that, following the quantification of the fee award, Mr. Pappas be permitted to demonstrate his inability to pay it, and further to provide that Mr. Pappas would only be confined if he is able to pay but refuses to do so. The District Court agreed with Mr. Pappas’ counsel and, on November 1, 2010, issued a Memorandum and Order holding as follows: “[T]he Court does not find it appropriate to Order Defendant Pappas incarcerated for a future possible failure to comply with his obligation to make payment of an amount to be determined in the course of further proceedings. Certainly, if Defendant Pappas should fail to comply with a specific payment order, the Court may issue an order requiring him to show cause why he should not be held in civil contempt for failure to comply with that payment order. Also, under appropriate circumstances, criminal contempt proceedings might be considered.”

That same day, the Court further ordered that defendants must pay plaintiff the amount of $337,796.37 by November 5 and, if such payment is not made, defendants must appear on November 8 for a civil contempt hearing. Moreover, if defendants failed to pay and Mr. Pappas failed to appear at the civil contempt hearing, “a warrant may be issued for his arrest so that he shall be brought before the Court as soon as may be practicable.” From the docket it appears that ultimately the parties resolved the issue between them without the need for a further contempt proceeding.

So, what do you think?  What will happen next?  Please share any comments you might have (including examples of other cases where sanctions included jail time) or if you’d like to know more about a particular topic.

Case Summary Source: E-Discovery Law Alert, by Gibbons P.C.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Thought Leader Q&A: Jim McGann of Index Engines
 

Tell me about your company and the products you represent.  Businesses today face a significant challenge organizing their files and email to ensure timely and cost efficient access, while also maintaining compliance to regulations governing electronic data. Founded in 2003, Index Engines’ mission is to organize enterprise data assets, and make them immediately accessible, searchable and easy to manage. 

Index Engines’ discovery platform is the only solution on the market to offer a complete view of electronic data assets. Online data is indexed in-stream at wire speed in native enterprise storage protocols, enabling high-speed, efficient indexing of proprietary backup and transfer formats. Our unique approach to offline records scans backup tapes, indexes the contents and extracts relevant data, eliminating the time-consuming restoration process. Index Engines provides the only comprehensive discovery platform across both online and offline data, saving time and money when managing enterprise information.

What has caused backup tapes to become so relevant in eDiscovery?  Tape discovery actually appeared on the map after the renowned Zubulake case in 2003, and was reinforced by the FRCP amendments in 2006 and then again last year with the adoption of California’s eDiscovery act AB-5. Each of these milestones propelled tape discovery further into the eDiscovery market. These days, tapes are as common as any other container to discover relevant electronically stored information (ESI).

What can companies proactively do to address tape storage?  Needlessly storing old backup tapes is both a potential liability and a wasted expense. The liability comes from not knowing what information the tapes contain. The cost of offsite tape storage –  even if it is only a few dollars a month per tape –  quickly adds up. Tape remediation is the process of proactively discovering data contained on legacy backup tapes, and then applying a corporate retention policy to this tape data. Once the relevant data has been identified and archived accordingly, the tapes can be destroyed or recycled. 

How can a legal or litigation support professional substantiate claims of processing speed made by eDiscovery vendors?  Without an industry standard vendor-neutral benchmarking process, this is a difficult challenge. I would recommend performing a proof of concept to actually see the performance in action. Another idea would be to question the components of the technology. Is the technology simply off-the-shelf freeware that has been repackaged, or is it something more powerful?

You have recently had patents approved for your technology. Can you explain this in greater detail?  Index Engines has engineered a platform that performs sequential processing of data. We received both US and European patents for this unique approach towards the processing of enterprise data, which makes the data searchable and discoverable across both primary and secondary (backup) storage. Our patented approach enables the indexing of electronic data as it flows to backup, as well as documented high speed indexing of network data at 1TB per hour per node.

About Jim McGann
Jim is Vice President of Information Discovery for Index Engines. Jim has extensive experience with the eDiscovery and Information Management. He is currently contributing to the Sedona working group addressing electronic document retention and production. Jim is also a frequent speaker for industry organizations such as ARMA and ILTA, and has authored multiple articles for legal technology and information management publications.  In recent years, Jim has worked for technology based start-ups that provided financial services and information management solutions. Prior to Index Engines, he worked for leading software firms, including Information Builders and the French based engineering software provider Dassault Systemes. Jim was responsible for the Business Development of Scopeware at Mirror Worlds Technologies, the knowledge management software firm founded by Dr. David Gelernter of Yale University. Jim graduated from Villanova University with a degree in Mechanical Engineering.

First Pass Review: Synonym Searching Your Opponent’s Data

Yesterday, we talked about the use of First Pass Review (FPR) applications (such as FirstPass™, powered by Venio FPR™) to not only conduct first pass review of your own collection, but also to analyze your opponent’s ESI production. One way to analyze that data is through email analytics to see the communication patterns graphically to identify key parties for deposition purposes and look for potential production omissions.

Synonym Searching

Another type of analysis is the use of synonym searching. Attorneys understand the key terminology their client uses, but they often don’t know the terminology their client’s opposition uses because they haven’t interviewed the opposition’s custodians. In a product defect case, the opposition may refer to admitted design or construction “mistakes” in their product or process as “flaws”, “errors”, “goofs” or even “flubs”. With FirstPass, you can enter your search term into the synonym searching section of the application and it will provide a list of synonyms (with hit counts of each, if selected). Then, you can simply select the synonyms you wish to include in the search. As a result, FirstPass identifies synonyms of your search terms to broaden the scope and catch key “hits” that could be the “smoking gun” in the case.

Tomorrow, I’ll talk about the use of fuzzy searching to find misspellings that may be commonly used by your opponent or errors resulting from Optical Character Recognition (OCR) of any image-only files that they produce. Stay tuned! 🙂

In the meantime, what do you think? Have you used synonym searching to identify variations on terms in an opponent’s produced ESI? Please share any comments you might have or if you’d like to know more about a particular topic.