Close
Enter your
text here

eDiscoveryDaily

Houston, Hello! The Decade of Discovery Showing for One Night Only! – eDiscovery Trends

A few months ago, we told you about an intriguing documentary about eDiscovery that premiered in the New York area.  Then, in October, we told you that documentary is making the rounds and may be coming to a theatre near you.  Tonight, that documentary is showing in my hometown of Houston, so if you’re in the area, come check it out!  It’s free, if you register!

The Decade of Discovery was written and directed by Joe Looby, who, according to his LinkedIn profile, served in the U.S. Navy’s Judge Advocate General Corps, practiced as an environmental enforcement attorney for New York state and was a founder of the forensic technology practices at Deloitte and FTI.  His film production company is called 10th Mountain Films, named in honor of his father, who served in the 10th Mountain Division, a U.S. Army ski patrol that fought in World War II.

Described as a “documentary about a government attorney on a quest to find a better way to search White House e-mail, and a teacher who takes a stand for civil justice on the electronic frontier”, Looby notes in a radio interview with the Mid Hudson News that the documentary includes comments by “a government attorney, a teacher, seven judges and two professors”, which includes several well-known names in eDiscovery: U.S. District Judge Shira Scheindlin, of the Southern District of New York, Jason R. Baron, former director of litigation for the U.S. National Archives and Records Administration and now Of Counsel at Drinker Biddle & Reath, and the late Richard Braman, founder of The Sedona Conference, among others.  Looby refers to those who have advanced tremendous progress made over the past decade in eDiscovery practice as “true American heroes”.

The movie addresses the considerable advancements to address problems like this in both the government and litigation arenas.

Tonight’s showing will take place at the Majestic Metro Theater at 911 Preston Street in downtown Houston.  It begins at 6:30pm with a networking reception, followed by the film starting about 7:30 and a panel discussion afterward including Jason R. Baron and The Honorable Lee H. Rosenthal, District Judge for the United States District Court for the Southern District of Texas.

As of yesterday, seats were still available.  So, if you’re in the Houston area and interested in attending (and networking with other eDiscovery professionals), you can register at the Bloomberg BNA site here.

I will be there and if you’re reading this and in the Houston area, I hope to see you there!

So, what do you think?  Have you seen The Decade of Discovery yet?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Finding Defendant’s Destruction of Documents to be “Planned, Repeated and Comprehensive”, Court Awards Judgment to Plaintiff – eDiscovery Case Law

In Regulatory Fundamentals Group v. Governance Risk Management Compliance, 13 Civ. 2493 (KBF) (S.D.N.Y. Aug. 5, 2014), New York District Judge Katherine B. Forrest granted the plaintiff’s motion for sanctions and ordered that judgment be entered for the defendant’s “planned, repeated, and comprehensive” destruction of highly-relevant documents.

Case Background

In this copyright infringement action, after the parties engaged in limited discovery, the defendant informed the plaintiff that it “might be missing certain emails.” The defendant later revealed that he had canceled his email account with a third-party vendor, which had hosted his corporate defendants’ websites and email domains.  After the plaintiff noticed the defendant for a deposition to investigate the cancellation and he failed to appear, the plaintiff filed a motion for sanctions alleging that the defendant had engaged in spoliation.

Judge’s Ruling

Judge Forrest began her ruling this way:

“A party to a lawsuit may not destroy relevant evidence without consequence. The nature and magnitude of the consequence follows from the level of culpability. Was, for instance, the destruction of evidence inadvertent and the result of an oversight? Or was it the product of a plan?

The individual defendant in this lawsuit destroyed a large number of highly relevant documents — preventing plaintiff and any finder of fact from ever knowing the full truth of what occurred. Following discovery, lengthy briefing, and an evidentiary hearing, the Court has found that defendant’s destruction was planned, repeated, and comprehensive. It was malicious. This finding is particularly unfortunate in light of the plain fact that the spoliation has turned what was a straightforward commercial dispute into a far more serious issue.

The spoliator here — defendant Gregory V. Wood — is a graduate of Cornell Law School and a member of the bar of the State of New York. His conduct has resulted in entry of judgment against him.”

Judge Forrest noted that “to support the imposition of sanctions, ‘the innocent party must prove the following three elements: that the spoliating party (1) had control over the evidence and an obligation to preserve it at the time of destruction or loss; (2) acted with a culpable state of mind upon destroying or losing the evidence; and that (3) the missing evidence is relevant to the innocent party’s claim or defense.’”

Finding that all three elements were satisfied in this case caused Judge Forrest to issue the following analysis:

“RFG has clearly been prejudiced by Wood’s intentional spoliation. The Court has considered whether sanctions less severe than termination are warranted. For example, the Court has considered monetary sanctions or the imposition of an adverse inference. Neither would be sufficient under the circumstances. The lack of emails prevents RFG from proving the full extent or scope of Wood’s conduct.

Wood’s deletion of emails and his attempted cover-up put RFG in an untenable litigation position — the evidence of the scope of defendants’ alleged misconduct is gone forever. Any sanction short of a terminating sanction would fail to account for the prejudice or to sufficiently penalize Wood or deter others from engaging in such misconduct. Accordingly, the Court grants RFG’s request for a terminating sanction.”

So, what do you think?  Did the defendant’s actions justify the ultimate sanction?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

What I’m Thankful for This Thanksgiving – eDiscovery Thanks

As a devoted blog writer and eDiscovery geek, with Thanksgiving coming this Thursday, I thought it would be a good time to talk about what I’m thankful for this holiday season from an eDiscovery standpoint.  Maybe you’re thankful for some of these same things?

So Many Wonderful eDiscovery Resources: In addition to eDiscovery Daily, there are so many wonderful resources for eDiscovery news and trend information.  I’m thankful for that because (among other reasons) it makes it easier to identify blog topics.  Here are some of the best of the bunch:

  • Ball in Your Court: Craig Ball’s always interesting and insightful blog about eDiscovery trends and best practices – Craig’s analogies and no nonsense ways of communicating are unmatched;
  • e-Discovery Team®: Ralph Losey’s blog probably covers topics in more depth than any other;
  • Ride the Lightning: When you want to know the latest trends on data security and the latest data breaches, Sharon Nelson of Sensei Enterprises covers it here;
  • Litigation Support Guru: Amy Bowser-Rollins covers tips and best practices for litigation support professionals (and those aspiring to be lit support professionals);
  • Bow Tie Law’s Blog: Josh Gilliland provides analysis of case law decisions with a unique perspective that is always educational;
  • Complex Discovery: Rob Robinson is the master at compiling stories and statistics related to eDiscovery topics, ranging from industry acquisitions to case law related to predictive coding.

Industry Thought Leaders Sharing their Time: For the past four years, we have published a thought leader interview series with several eDiscovery industry thought leaders that have always been willing to share their time to discuss their thoughts on emerging trends in the industry.  I want to thank all of them, especially Brad Jenkins, Tom Gelbmann, Laura Zubulake, Alon Israely, Adam Losey, George Socha, Tom O’Connor, Ralph Losey and Craig Ball – each of whom have given their time for interviews more than once (some have done it all four years).  Links are to this year’s interviews – now is a great time to catch up!

eDiscovery Professionals: There are numerous eDiscovery professionals with interesting stories to tell – I’m thankful for those that agreed to tell their stories to our blog, including: Duane Lites, Charlotte Riser Harris, Stuart W. Hubbard, Stacia Sanders, Amy Bowser-Rollins, Caroline Sweeney, Kalani Munden, Paul Savoy, Jennifer Williams, Mark Lieb, Dawn Radcliffe, Julie Brown, Angie Gossen, Gordon Moffat and Cheryl Garner.

The Decade of Discovery: I’m also thankful that Joe Looby’s film The Decade of Discovery is currently on tour and coming to Houston next week.  Check here to see when it may be heading to a screening near you.

I’m also thankful for all of you who continue to read and follow this blog.  We couldn’t have made it for over four years and 1,059 posts (and counting) without you!  Thanks!

And, personally, I’m most thankful for my family, particularly my wife Paige and our kids Kiley and Carter.  I love you!

So, what do you think? What are you thankful for in eDiscovery or in general?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Daily will resume with new posts next Monday.  Happy Thanksgiving!

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Opts for Defendant’s Plan of Review including TAR and Manual Review over Plaintiff’s TAR Only Approach – eDiscovery Case Law
 

In Good v. American Water Works, 2:14-01374 (S.D. W. Vir. Oct. 29, 2014), West Virginia District Judge John T. Copenhaver, Jr. granted the defendants' motion for a Rule 502(d) order that merely encouraged the incorporation and employment of time-saving computer-assisted privilege review over the plaintiffs’ proposal disallowing linear privilege review altogether.

Case Background

In this class action litigation involving the Freedom Industries chemical spill, the parties met and conferred, agreeing on all but one discovery issue: privilege review and 502(d) clawbacks.  The defendants proposed that the Rule 502(d) order merely encourage the incorporation and employment of computer-assisted privilege review, while the plaintiffs proposed that the order “limit privilege review to what a computer can accomplish, disallowing linear (aka ‘eyes on’) privilege review altogether”.

The plaintiffs would agree only to a pure quick peek/claw-back arrangement, which would place never-reviewed, never privilege-logged documents in their hands as quickly as physically possible at the expense of any opportunity for care on the part of a producing party to protect a client's privileged and work product protected information.  On the other hand, the defendants did not wish to forego completely the option to manually review documents for privilege and work product protection. 

The plaintiffs argued that if they were to proceed with a manual privilege review, then only 502(b) protection – the inadvertent waiver rule – should apply, and not 502(d) protection, which offers more expansive protection against privilege waivers.

Judge’s Ruling

Judge Copenhaver noted that “[t]he defendants have chosen a course that would allow them the opportunity to conduct some level of human due diligence prior to disclosing vast amounts of information, some portion of which might be privileged. They also appear to desire a more predictable clawback approach without facing the uncertainty inherent in the Rule 502(b) factoring analysis. Nothing in Rule 502 prohibits that course. And the parties need not agree in order for that approach to be adopted”.

Therefore, despite the fact that the plaintiffs were “willing to agree to an order that provides that the privilege or protection will not be waived and that no other harm will come to the Defendants if Plaintiffs are permitted to see privileged or work product protected documents”, Judge Copenhaver ruled that “[i]nasmuch as defendants' cautious approach is not prohibited by the text of Rule 502, and they appear ready to move expeditiously in producing documents in the case, their desired approach is a reasonable one.”  As a result, he entered their proposed Rule 502(d) order, “with the expectation that the defendants will marshal the resources necessary to assure that the delay occasioned by manual review of portions of designated categories will uniformly be minimized so that disclosure of the entirety of even the most sensitive categories is accomplished quickly.”

So, what do you think?  Should the defendants have retained the right to manual review or should the plaintiffs’ proposed approach have been adopted?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Allows Costs for TIFF Conversion and OCR, Likens it to “Making Copies” – eDiscovery Case Law

In Kuznyetsov v. West Penn Allegheny Health Sys., No. 10-948 (W.D. Pa.Oct. 23, 2014), Pennsylvania Senior District Judge Donetta W. Ambrose upheld the Clerk of Courts issuance of Taxation of Costs for $60,890.97 in favor of the defendants and against the named the plaintiffs, including costs for “scanning and conversion of native files to the agreed-upon format for production of ESI”.

Case Background

The plaintiffs filed a collective action pursuant to §216(b) of the Fair Labor Standards Act (“FLSA”) against the defendants, which was ultimately decertified as Judge Ambrose ruled that the 824 opt-in plaintiffs were not similarly situated.  After that, the plaintiffs filed a Motion for Voluntary Dismissal, which Judge Ambrose granted, dismissing the claims of the opt-in Plaintiffs without prejudice and dismissing the claims of the named Plaintiffs with prejudice (the plaintiffs appealed and the Third Circuit dismissed the appeal for lack of jurisdiction).

On October 15, 2013, the defendants filed a Bill of Costs seeking a total of $78,561.77. On October 31, 2013, the Clerk of Courts filed a Letter calling for objections to the Bill of Costs, which was followed in January of this year by objections from the named plaintiffs (to which the Defendants filed a response). On August 1, the Clerk of Courts issued his Taxation of Costs in the amount of $60,890.97 in favor of Defendants and against the named Plaintiffs.

Judge’s Ruling

Stating that “Rule 54(d)(1) creates a strong presumption that costs are to be awarded to the prevailing party”, Judge Ambrose analyzed the costs as defined in 28 U.S.C. § 1920, including §1920(4), which covers “Fees for exemplification and the costs of making copies of any material where the copies are necessarily obtained for use in the case”.

Addressing the plaintiff’s contention that the costs awarded were for eDiscovery costs were not necessary and were awarded at unreasonably high rates and referencing the Race Tires case in her ruling, Judge Ambrose stated:

“With regard to unnecessary e-discovery costs and unreasonably high rates, Plaintiffs first argue that the costs associated with Optical Character Recognition (‘OCR’) were unnecessary…As Defendants point out, however, Plaintiffs requested the information be produced in, inter alia, OCR format…The ‘scanning and conversion of native files to the agreed-upon format for production of ESI constitutes `making copies of materials’ as pursuant to §1920(4)…Accordingly, I find the costs associated with OCR conversion are taxable.

Furthermore, I do not find the cost of 5 cents per page for TIFF services to be unreasonably high, nor do I find 24 cents per page for scanning paper documents to be unreasonably high…Consequently, I find not merit to this argument either.”

Rejecting the plaintiff’s arguments that “1) Defendants have unclean hands; 2) Plaintiffs are unable to pay the costs; and 3) it would be inequitable to force the three named Plaintiffs to pay the entire costs of defending against the claims of the opt-in Plaintiffs”, Judge Ambrose affirmed the amount of $60,890.97 in favor of Defendants.

So, what do you think?  Should the costs have been allowed for conversion of native files when they may have already been usable as is?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Twitter Might “Bug” You if You Want to Retrieve Archive Data – eDiscovery Best Practices
 

Thanks to the Google Alerts that I set up to send me new stories related to eDiscovery, I found an interesting blog post from an attorney that appears to shed light on an archival bug within Twitter that could affect people who may want to retrieve Twitter archival data for eDiscovery purposes.

In Erik J. Heels’ blog, his latest post (Twitter Bug Makes Tweet Archives Unreliable For eDiscovery), he starts by noting that his very first tweet of October 30, 2008 is no longer active on his site – his earliest tweet was dated September 5, 2010.  All attempts to try to locate the tweets were unsuccessful and customer service was no help.

After some digging, Erik found out that, on October 13, 2010, Twitter announced the “new Twitter” which included a new user interface.  As part of that revamping, Twitter changed the format for its status URLs (Tweets) so that the sequential number at the end of each Tweet (the Tweet ID) changed length, eventually doubling from nine digits in 2008 to 18 digits today (which supports up to one quintillion tweets).

Then, on December 12, 2012, Twitter announced that users could export archives of their Tweets (via your account’s Settings page).  The result is a nine field comma-separated values (CSV) file with information, including the tweet ID.  So, now you could retrieve your old tweets that were no longer actively stored, right?  Not necessarily.

As Erik found out, when he exported the file and went to retrieve old tweets, some of his tweet IDs actually pointed to other people’s tweets!  You can see the details of his tests in his blog post or via his 60 second YouTube video here.

Obviously, if you need to retrieve archived tweets for eDiscovery purposes, that’s not a good thing.

As it happens, CloudNine Discovery has our own Twitter account (@Cloud9Discovery) and has since August of 2009 (we were known as Trial Solutions back then), so I decided to run my own test and exported our archive.  Here’s what I found:

  • Our very first tweet was August 17, 2009 (Trial Solutions Ranks 2,830 on the Exclusive 2009 Inc. 5000).  It retrieved correctly.  The bit.ly link within the tweet isn’t hyperlinked, but if you copy and paste it into the browser address, it correctly retrieves (obviously, this will only be the case if the referenced web page still exists).
  • In fact, all of the early tweets that I tested retrieved with no problem.
  • Then, on December 1, 2010, I encountered the first tweet that didn’t retrieve correctly (one of our blog posts titled eDiscovery Project Management:  Effectively Manage Your Staff) with a tweet ID of 9924696560635900 (Full URL: https://twitter.com/Cloud9Discovery/status/9924696560635900).  It didn’t point to a different person’s tweet, it simply said “Sorry, that page doesn’t exist!”
  • From that point on, none of the tweets that I tried to retrieve would retrieve – all gave me the “page doesn’t exist” message.
  • I even tried to retrieve our tweet of yesterday’s blog post (Defendant Ordered to Produce Archived Emails Even Though Plaintiff Failed to Produce Theirs – eDiscovery Case Law) via the tweet ID provided in the archive file (535098008715538000).  Even it wouldn’t retrieve.  Wait a minute, what’s going on here!

I then retrieved our tweet of yesterday’s blog post by clicking on it directly within Twitter.  Here is the URL to the tweet with the ID at the end: https://twitter.com/Cloud9Discovery/status/535098008715538434.

See the problem?  The tweet IDs don’t match.

I ultimately determined that all of the tweet IDs provided in the archive file starting on December 1, 2010 end with two or more zeroes.  Starting on November 5, 2010, they all end with at least one zero.  When I started testing those, I re-created Erik’s problem:

Our tweet on November 29, 2010 titled eDiscovery Trends: Sanctions at an All-Time High, (tweet ID: 9199940811100160) actually retrieves a tweet by @aalyce titled @StylesFever snog liam marry louis and niall can take me out 😉 hehe.  Whoops!

It appears as though the archive file provided by Twitter is dropping all digits of the tweet ID after the fifteenth digit and replacing them with zeroes, effectively pointing to either an invalid or incorrect page and rendering the export effectively useless.  Hopefully, Twitter can fix it – we’ll see.  In the meantime, don’t rely on it and be prepared to address the issue if your case needs to retrieve archived data from Twitter.  Thanks, Erik, for the heads up!

So, what do you think?  Have you ever had to preserve or produce data from Twitter in litigation?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Defendant Ordered to Produce Archived Emails Even Though Plaintiff Failed to Produce Theirs – eDiscovery Case Law

In Finjan, Inc. v. Blue Coat Systems., 5:13-cv-03999-BLF (N.D. Cal. Oct. 17, 2014), California Magistrate Judge Paul S. Grewal granted the plaintiff’s motion ordering the defendant to produce relevant emails from its eight custodians, even though the plaintiff was unable to provide its own archival emails.

Case Background

As Judge Grewal stated “[t]o cut to the chase in this dispute over the scope and pace of Defendant Bluecoat Systems, Inc.’s document production in this patent infringement case”, the plaintiff moved to compel the defendant to produce email from eight custodians related to both technical documents and damages documents as well as damages testimony.  The defendant did not object to producing any of the technical discovery requested and raised only limited issues concerning the documents on damages, mostly objecting to producing custodial email from archival systems when the plaintiff was not able to do the same in return.

Each party agreed to identify eight custodians and ten terms per custodian for the other to search. The defendant did not dispute the relevance of either the custodians or search terms the plaintiff selected. But when the defendant learned that the plaintiff did not have former employees’ emails — except as produced in other litigations — the defendant balked at the idea that its custodians should have to turn over any email other than from active systems.

Judge’s Ruling

“Reduced to its essence, Rule 26(b)(2)(iii) requires this court to decide: have Blue Coat’s discovery responses been fair? Blue Coat’s discovery responses so far have largely been fair, but not entirely”, stated Judge Grewal.

Judge Grewal found that, with the exception of one document repository recently discovered (as acknowledged by defendant’s counsel), the defendant had completed its obligation regarding the technical document production.  Judge Grewal also ruled that the plaintiff “has identified no legitimate reason why it should be provided discovery on Blue Coat’s foreign sales or valuation on the whole”.  He also stated that the defendant “might reasonably be required to at least tell Finjan what the [third party] agreements are and the status of its efforts to secure consent.”

However, with regard to the archival email, Judge Grewal ruled as follows:

“Where Blue Coat has been less than fair is with respect to archival email for its eight custodians. Blue Coat may largely be in the right that it should not have to dig through legacy systems when Finjan is unable to the same for its custodians. But one party’s discovery shortcomings are rarely enough to justify another’s. And here, at least with respect to documents mentioning Finjan — the one specific category of documents Finjan could identify that it needed from archived email — Finjan’s request is reasonable.”

As a result, the defendant was ordered to “identify all license agreements whose production is awaiting third-party consent and the status of its efforts to secure that consent” within seven days and “produce all archival email from its eight designated custodians that mention Finjan and supplemental Interrogatories 5 and 6” within 21 days.

So, what do you think?  Should the defendant have to produce email when the plaintiff can’t do the same?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

More Organizations Have Data Breach Plans in Place, But More Are Reporting Data Breaches – eDiscovery Trends
 

You cannot talk about eDiscovery these days without talking about data security and breaches.  Bank of America, Home Depot and Target are just three examples of big name companies that have been hit by data breaches.  A recent study, conducted by the Ponemon Institute, shows that more organizations have data breach response plans and teams in place, yet more organizations are reporting at least one data breach in the past two years.

In this second annual study (Is Your Company Ready for a Big Data Breach?  The Second Annual Study on Data Breach Preparedness), sponsored by Experian® Data Breach Resolution, Ponemon Institute surveyed 567 executives in the United States about how prepared they think their companies are to respond to a data breach.  Here is a sampling of their key findings:

  • More companies have data breach response plans and teams in place. In 2014, 73% of companies had such a plan in place, up from 61% in last year’s study.  Also, more companies have teams to lead data breach response efforts – 72% of respondents, up from 67% last year.
  • Yet, data breaches have increased in frequency.  Last year, 33% of respondents said their company had a data breach involving the loss or theft of more than 1,000 records in the past two years. This year, the percentage has increased to 43%. Of those that experienced data breaches, 60% reported their company experienced more than one data breach in the past two years – up from 52% of respondents in 2013.
  • More companies have data breach response plans but they are not considered effective.  Despite the majority of companies having data breach plans, only 30% of respondents said their organizations are effective or very effective in developing and executing a data breach plan.
  • Maybe part of the reason is they don’t review their plans regularly.  Only 22% of respondents with data breach plans said their organizations review and update their plans at least yearly, with 41% of those respondents indicating no set time period for reviewing and updating the plan and 37% of those respondents having not reviewed or updated since the plan was put in place.

It’s also interesting to note that 17% of respondents were unsure whether their organization had a data breach in the past two years.  Really?  Well, at least that’s down from 22% in last year’s survey.

The 24 page report is chock-full of statistics and survey results and available here.  Thanks to Sharon Nelson and her always excellent Ride the Lightning blog for the tip.

So, what do you think? Does your organization have a plan for responding to data breaches?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

The Watergate 18 Minute Gap in Audio Recordings Has Nothing on This Case – eDiscovery Case Law

Anybody who remembers Watergate remembers the big deal made about an 18 1/2 minute gap in audio recordings reported by President Nixon’s secretary, Rose Mary Woods.  This case involves a gap in audio recordings much longer than that.

In Novick v. AXA Network, LLC, 07-CV-7767 (AKH) (KNF) (S.D.N.Y.Oct. 22, 2014), New York Magistrate Judge Kevin Nathaniel Fox granted the plaintiff’s request for sanctions against the defendant, awarding an adverse inference jury instruction for several weeks of spoliated audio recordings and also awarding “reasonable attorney’s fees and costs” associated with the motion as well as retaking several depositions.

Case Background

In this wrongful termination case, the plaintiff contended that the defendants committed several “strikes” justifying his request for sanctions, including spoliating audio recordings because “audio recordings from the time period August 28, 2006 through November 5, 2006 (approximately one-third of the entire time period ordered) are missing,” and “Defendants admit that they were likely erased and taped over” (per defendants letter to the plaintiff on October 25, 2013).  According to the plaintiff, “these recordings are from the most important time period of all – directly before and directly after Mr. Novick’s termination.”  The plaintiff also contended that the defendant had numerous deficiencies in their email production, where the defendant again made several promises to rectify the mistakes.

The defendants contended that “no responsive emails have been withheld and there is no evidence that any emails are missing.”  They did, however, “acknowledge that there are approximately eight weeks of audio recordings, within the period of time for which production of audio recordings was eventually ordered, that cannot be located or produced,” but “[t]his is not a new issue,” and the defendants advised plaintiff of it, on October 17, 2013, when the majority of the recordings were produced to him, and “[t]he fact that these weeks of recordings are missing constitutes the only real issue in plaintiff’s sanctions motion.”  The defendant also acknowledged that they “cannot now explain the absence of these recordings”.

Judge’s Ruling

Judge Fox stated that the court “determined that ‘[t]he defendants’ duty to preserve evidence arose when the plaintiff’s counsel notified the defendants, in the October 16, 2006 letter, that the audio recordings should be preserved because they may be relevant to future litigation’” and that the defendants conceded that “‘there are approximately eight weeks of audio recordings that are missing within the period for which defendants have been ordered to produce audio recordings,’ namely the period of August 28-31, 2006, and September 8-November 5, 2006, and they ‘have not been able to determine when, why or how these audio recordings came to be missing from the group of other audio recordings that were stored on DVDs and have been produced.’”  As a result, Judge Fox ruled that “the Court finds that the defendants spoliated relevant evidence, namely, audio recordings for the period August 28-31, 2006, and September 8-November 5, 2006”.

Judge Fox also noted that “Moreover, the defendants’ misconduct respecting the audio recordings was compounded by their deliberate and unjustified failure to search for and locate e-mail messages, as directed by the September 25, 2013 order. The defendants now admit that it was not until March 2014, that they realized that the Frontbridge archive was not searched for responsive documents, but contend this delay was ‘due to human error,’ without explaining what that error was or why they waited until March 2014 to conduct the investigation concerning the production of e-mail messages.”

As a result, Judge Fox Fox granted the plaintiff’s request for sanctions against the defendant, awarding an adverse inference jury instruction for the defendant’s actions and also awarding “reasonable attorney’s fees and costs” associated with the motion as well as retaking several depositions.

So, what do you think?  Did defense counsel’s quick reaction to the disclosure save the email’s privileged status?  Please share any comments you might have or if you’d like to know more about a particular topic.

BTW, we also covered a ruling on this case last year here.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Simply Deleting a File Doesn’t Mean It’s Gone – eDiscovery Best Practices
 

I seem to have picked up a bit of a bug and I’m on cold medicine, so my writing brain is a bit fuzzy.  As a result, so I’m revisiting a topic that has come up a few times over the years that we covered early on in the blog’s history.  I should be back in the saddle with new posts next week!

Disk drives use an index or table to keep track of where each file begins and ends on the disk.  You may have heard terms such as “FAT” (file allocation table) or NTFS ({Windows} NT File System) – these filing systems enable the file to be retrieved quickly on the drive.  They’re like a “directory” of all of the active files on the disk.  When a file is “deleted” (i.e., actually deleted, not just moved to the Recycle Bin), the data for that file isn’t actually removed from the disk (in most cases).  Instead, the entry pertaining to it is removed from the filing system.  As a result, the area on the disk where the actual data is located becomes unallocated space.

Unallocated space, also known as inactive data or drive free space, is the area of the drive not allocated to active data. On a Windows machine, deleted data is not actually destroyed, but the space on the drive that can be reused to store new information. Until the unallocated space is overwritten with new data, the old data remains.  This data can be retrieved (in most cases) using forensic techniques. On MAC O/S 10.5 and higher, there is an application that overwrites sectors when a file is deleted. This process more securely destroys data, but even then it may be possible to recover data out of unallocated space.

Because the unallocated space on a hard drive or server is that portion of the storage space to which data may be saved, it is also where many applications “temporarily” store files when they are in use. For instance, temporary Internet files are created when a user visits a web page, and these pages may be “cached” or temporarily stored in the unallocated space.  Rebooting a workstation or server can also clear some data from the unallocated space on its drive.

Since computers are dynamic and any computer operation may write data to the drive, it is nearly impossible to preserve data in the unallocated space on the hard drive and that data is not accessible without special software tools. To preserve data from the unallocated space of a hard drive, the data must be forensically collected, which basically copies the entire drive’s contents, including every sector (whether those sectors contain active data or not). Even then, data in the unallocated space may not be complete. Because the unallocated space is used to store new data, writing a new file may overwrite part of a deleted file, leaving only part of that file in the unallocated space.

Nonetheless, “deleted” files have been recovered, collected and produced in numerous lawsuits, despite efforts of some producing parties to destroy that evidence.

So, what do you think?  Have you ever recovered deleted data that was relevant to litigation?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.