Close
Enter your
text here

Preservation

eDiscovery Case Law: Meet and Confer is Too Late for Preservation Hold

A US District court in Indiana ruled on June 28, 2011 in favor of a motion for an Order to Secure Evidence in an employment discrimination lawsuit.

The defendant in Haraburda v. Arcelor Mittal USA, Inc., No. 2:11 cv 93, 2011 WL 2600756 (N.D. Ind. June 28, 2011) had given the plaintiff reason to believe that emails and other relevant documents might be destroyed prior to Rule 26(f) meeting between the parties or Rule 16(b) discovery conference with the court. As a result, the plaintiff formally requested a litigation hold on all potentially relevant documents, which was approved by US Magistrate Judge Andrew Rodovich.

  • Shortly after filing a complaint of employment discrimination, the plaintiff, Marie A. Haraburda, became concerned that the defendant might destroy evidence that she intended to request in discovery. She emailed Sharon Stillman, a human resources manager of the defendant, Arcelor Mittal, about emails that had previously been deleted from her account and was informed that “files stored on company computers are company property and can be assessed and/or deleted as the company views appropriate”.
  • The defendant refused the plaintiff’s request that the defendant place a litigation hold on evidence or take other measures to protect potentially relevant documents, with the comment that such a request by the plaintiff was “premature”.
  • The plaintiff came to believe that the defendant would destroy relevant evidence before the Rule 26(f) discovery confidence, and, therefore, moved for an Order to Preserve Evidence.

In ruling, the court reminded all parties that they have “a duty to preserve evidence when [they know], or should have known, that litigation was imminent.” “Evidence” includes any materials that are relevant or could be deemed relevant during the litigation, including such emails as the plaintiff had brought to the defendant’s attention via Ms. Stillman. A large corporation, therefore, has a duty to not only create a “comprehensive” data protection plan to ensure that documents are preserved, but to inform its employees of that policy so that it will be scrupulously upheld, said the court.

The court also expressed the belief that given the plaintiff’s potential for difficulty if relevant materials were not protected, and in the absence of additional burden on the defendant to preserve existing evidence, the plaintiff’s motion was reasonable.  Accordingly, the court ordered a litigation hold placed “on any and all documents and information that may reasonably be related to the pending litigation”.

So, what do you think? Given previous case law examples, are you surprised that the defendant tried to delay the litigation hold? Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Case Law: No Sanctions Ordered for Failure to Preserve Backups

A sanctions motion has been dismissed by the U.S. District Court of Texas in a recent case involving electronic backups and email records, on the grounds that there was no duty to preserve backup tapes and no bad faith in overwriting records.

The plaintiffs in Ajay Gaalla, et al v. Citizens Medical Center, et al, No. V-10-14, 2011 WL 2115670 (S.D. Tex. May 27, 2011) had made a motion for sanctions against the defendant for alleged damage to backup tapes, including emails and other electronic documentation. On May 27, the court denied the motion for sanctions against the defendant, although new instructions on maintaining copies of disaster recovery files have been imposed in this case.

  • Plaintiffs presented the argument that the “recycling” or overwriting of disaster recovery backup tapes by the defendant, performed on a 7- or 14-day cycle after the lawsuit was filed, represented spoliation. Accordingly, the plaintiffs requested the maximum sanctions against the defendant for “failure to preserve the backup tapes.”
  • Preservation of backup tapes was not previously been discussed in this case until this motion for sanctions on grounds of data spoliation, but plaintiffs alleged that the failure to preserve backups, coupled with the failure to take snapshots of particular email accounts and “evidence that certain CMC employees had deleted emails from their account at some point in the past”, warranted harsh sanctions.
  • The defendants argued that they had no duty to preserve backups of records, since disaster recovery systems are “rarely” backed up after litigation has begun. They also presented “snapshots” taken of email accounts to demonstrate that there was no intent to destroy information and that attempts had been made to record all relevant evidence.
  • The court referred to the ruling in Zubulake v. UBS Warburg LLC, 220 F.R.D. (S.D.N.Y. 2003), which states: “[A] litigation hold does not apply to inaccessible backup tapes (e.g., those typically maintained solely for the purpose of disaster recovery), which may continue to be recycled on the schedule set forth in the company’s policy.” Under this standard, the court found that the defendant was within its rights to overwrite the existing backups as often as such maintenance was normally scheduled.
  • The court also ruled that, with no prior discussion of the backup tapes and “in the context of this case,” there was no cause for sanctions against the defendant, lacking evidence that the defendant acted in bad faith in recycling the tapes used to make the recovery backups.
  • However, the court did order additional discovery efforts to be undertaken in the form of “disaster recovery first of the month” email files to be preserved in their current state and that plaintiffs’ expert be allowed to search them (at defendant’s expense) as well as a “journaling” process to retain email accounts of key parties in the case.

So, what do you think? Do parties have an obligation to maintain copies of all backup tapes for litigation? Please share any comments you might have, or let us know if you’d like to know more about a particular topic.

eDiscovery Case Law: District Court Judge Affirms $1 Million Sanction to Pappas in Victor Stanley
 

One of the first posts ever published in eDiscovery Daily was this one, where defendant Mark Pappas, President of Creative Pipe, Inc., was ordered by Magistrate Judge Paul W. Grimm to  “be imprisoned for a period not to exceed two years, unless and until he pays to Plaintiff the attorney's fees and costs that will be awarded to Plaintiff as the prevailing party pursuant to Fed. R. Civ. P. 37(b)(2)(C).”.  Judge Grimm found that “Defendants…deleted, destroyed, and otherwise failed to preserve evidence; and repeatedly misrepresented the completeness of their discovery production to opposing counsel and the Court.”

Upon appeal, District Court Judge Marvin J. Garbis declined to adopt the order regarding incarceration, stating: “[T]he court does not find it appropriate to Order Defendant Pappas incarcerated for future possible failure to comply with his obligation to make payment of an amount to be determined in the course of further proceedings.”

Then, in January of this year, Judge Grimm entered an order awarding a total of $1,049,850.04 in “attorney’s fees and costs associated with all discovery that would not have been un[der]taken but for Defendants' spoliation, as well as the briefings and hearings regarding Plaintiff’s Motion for Sanctions.”  As a result, the court awarded $901,553.00 in attorney’s fees and $148,297.04 in costs, including the costs for the Plaintiff’s computer forensic consultant, finding that “Defendants’ first spoliation efforts corresponded with the beginning of litigation” and that “Defendants’ misconduct affected the entire discovery process since the commencement of this case.”

Naturally, the award was appealed.

On Tuesday, June 14, Judge Garbis affirmed Judge Grimm’s prior Report and Recommendation ordering the award.  Judge Garbis noted that “The Court’s stated standard for includible fees and costs is consistent with the purpose of designing a sanction that will ‘restore the prejudiced party to the same position he would have been in absent the wrongful destruction of evidence by the opposing party.’  Judge Garbis discussed and rejected all of Creative Pipe’s objections as to the amount of the award, adopting Judge Grimm’s findings that all of these fees were in fact related to the discovery malfeasance.

With Creative Pipe having already paid a total of $478,409.92, a balance remains under the order of $571,440.12, which concluded with Judge Garbis stating that “Defendants shall, by July 15, 2011, pay Plaintiff…the balance due”.  No mention of Judge Grimm’s original automatic jail sanction for non-payment of the fees, though, Judge Garbis originally said he might impose jail sanctions for non-payment.

So, what do you think?  Will the defendant pay the rest?  Appeal to the Circuit Court?  Could he still go to jail?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Case Law: Downloading Confidential Information Leads to Motion to Compel Production

The North Dakota District Court has recently decided in favor of a motion to compel production of electronic evidence, requiring imaging of computer hard drives, in a case involving the possible electronic theft of trade secrets.

In Weatherford U.S., L.P. v. Chase Innis and Noble Casings Inc., No. 4:09-cv-061, 2011 WL 2174045 (D.N.D. June 2, 2011), the court ruled to allow the plaintiff to select and hire a forensic expert at its own expense to conduct imaging of the defendants’ hard drives. The purpose of this investigation was to discern whether or not confidential data that was downloaded from the plaintiff’s computers was, in fact, used in the building of the defendants’ own oil services firm.

Although the judge noted that courts are generally “cautious” in authorizing such hard drive imaging, this motion was substantiated by the defendant, Innis’s, “acknowledgment that he downloaded [plaintiff’s] files to a thumb drive without permission.” The court believed that circumstances of the case warranted further investigation into the defendant’s computer history:

  • The plaintiff, Weatherford US LP, had previously alleged that Chance Innis, a former employee, had downloaded confidential and proprietary information and used it to his advantage in starting his own competing company, Noble Casing Inc.
  • Innis had admitted to returning to Weatherford US offices late in the evening of the day he was terminated and downloading files onto a thumb drive without permission. Two weeks later, he launched his own competing oil services company, the co-defendant in this case, Noble Casing Inc. However, Innis maintains that he did not later access the files stored on his thumb drive and never used them in the process of starting his own company.
  • Contrary to these assertions, forensic examination of the thumb drive showed that the files were later accessed; whether or not they were instrumental in the startup of Noble Casing Inc. remains in question.
  • The plaintiff requested access to the defendant’s computers in the pursuit of previously subpoenaed documents, proposing that they select, hire, and pay for the services of a forensic investigator to image the defendants’ hard drives.
  • The defendants objected, proposing instead that an expert be chosen in agreement by all parties.
  • The court ruled in favor of the plaintiff’s motion in this instance, agreeing that all materials imaged will be shown to the defendant to screen for privilege before being shared with the plaintiff.
  • The court maintained that it is not unusual for imaging of hard drives to be allowed by the court in cases such as this, “particularly in cases where trade secrets and electronic evidence are both involved.”

So, what do you think?  Do you agree that Weatherford should have been allowed to examine images of the defendants’ hard drives, or should Innis’ privacy and that of his company have been protected?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Best Practices: Avoiding eDiscovery Nightmares: 10 Ways CEOs Can Sleep Easier
 

I found this article in the CIO Central blog on Forbes.com from Robert D. Brownstone – it’s a good summary of issues for organizations to consider so that they can avoid major eDiscovery nightmares.  The author counts down his top ten list David Letterman style (clever!) to provide a nice easy to follow summary of the issues.  Here’s a summary recap, with my ‘two cents’ on each item:

10. Less is more: The U.S. Supreme Court ruled unanimously in 2005 in the Arthur Andersen case that a “retention” policy is actually a destruction policy.  It’s important to routinely dispose of old data that is no longer needed to have less data subject to discovery and just as important to know where that data resides.  My two cents: A data map is a great way to keep track of where the data resides.

9. Sing Kumbaya: They may speak different languages, but you need to find a way to bridge the communication gap between Legal and IT to develop an effective litigation-preparedness program.  My two cents: Require cross-training so that each department can understand the terms and concepts important to the other.  And, don’t forget the records management folks!

8. Preserve or Perish: Assign the litigation hold protocol to one key person, either a lawyer or a C-level executive to decide when a litigation hold must be issued.  Ensure an adequate process and memorialize steps taken – and not taken.  My two cents: Memorialize is underlined because an organization that has a defined process and the documentation to back it up is much more likely to be given leeway in the courts than a company that doesn’t document its decisions.

7. Build the Three-Legged Stool: A successful eDiscovery approach involves knowledgeable people, great technology, and up-to-date written protocols.  My two cents: Up-to-date written protocols are the first thing to slide when people get busy – don’t let it happen.

6. Preserve, Protect, Defend: Your techs need the knowledge to avoid altering metadata, maintain chain-of-custody information and limit access to a working copy for processing and review.  My two cents: A good review platform will assist greatly in all three areas.

5. Natives Need Not Make You Restless: Consider exchanging files to be produced in their original/”native” formats to avoid huge out-of-pocket costs of converting thousands of files to image format.  My two cents: Be sure to address how redactions will be handled as some parties prefer to image those while others prefer to agree to alter the natives to obscure that information.

4. Get M.A.D.?  Then Get Even: Apply the Mutually Assured Destruction (M.A.D.) principle to agree with the other side to take off the table costly volumes of data, such as digital voicemails and back-up data created down the road.  My two cents: That’s assuming, of course, you have the same levels of data.  If one party has a lot more data than the other party, there may be no incentive for that party to agree to concessions.

3. Cooperate to Cull Aggressively and to Preserve Clawback Rights: Setting expectations regarding culling efforts and reaching a clawback agreement with opposing counsel enables each side to cull more aggressively to reduce eDiscovery costs.  My two cents: Some parties will agree on search terms up front while others will feel that gives away case strategy, so the level of cooperation may vary from case to case.

2. QA/QC: Employ Quality Assurance (QA) tests throughout review to ensure a high accuracy rate, then perform Quality Control (QC) testing before the data goes out the door, building time in the schedule for that QC testing.  Also, consider involving a search-methodology expert.  My two cents: I cannot stress that last point enough – the ability to illustrate how you got from the large collection set to the smaller production set will be imperative to responding to any objections you may encounter to the produced set.

1. Never Drop Your Laptop Bag and Run: Dig in, learn as much as you can and start building repeatable, efficient approaches.  My two cents: It’s the duty of your attorneys and providers to demonstrate competency in eDiscovery best practices.  How will you know whether they have or not unless you develop that competency yourself?

So, what do you think?  Are there other ways for CEOs to avoid eDiscovery nightmares?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: If You Use Auto-Delete, Know When to Turn It Off
 

Federal Rule of Civil Procedure 37(f), adopted in 2006, is known as the “safe harbor” rule.  It provides that “[a]bsent exceptional circumstances, a court may not impose sanctions under these rules on a party for failing to provide electronically stored information lost as a result of the routine, good-faith operation of an electronic information system.”

Let’s face it, every time we turn on our computers, we overwrite data.  And, the mere opening of files (without changing any data) can change the metadata of a file – for example, simply opening a Microsoft Access® database changes the last modified date of the Access file, even if no records are changed.  If there wasn’t some measure of “safe harbor” protection, an organization facing litigation might find it very difficult to conduct business during the case.

While it’s not always clear to what extent “safe harbor” protection extends, one case from a few years ago, Disability Rights Council of Greater Washington v. Washington Metrop. Trans. Auth., D.D.C. June 2007, seemed to indicate where it does NOT extend – auto-deletion of emails.  In this case, the defendant failed to suspend auto-delete on its email system when their preservation obligation commenced, resulting in emails only being available on back-up tapes.  Their argument that the tapes were “not reasonably accessible” was denied by the court, describing their request as “chutzpah”.

Of course, email, like any other type of ESI, should be subject to document retention and destruction policies and old emails should be purged when they reach the end of the retention period.  Microsoft Outlook® provides an option via its Auto Archive function to delete the emails instead of archiving them.  You can select this setting for all emails (via the Tools, Options menu, Other tab) or for selected folders (by right-clicking on them, selecting Properties and then selecting the AutoArchive tab).  That’s at the client level.

But, most organizations use Outlook through Exchange.  Exchange Manager enables administrators to set auto delete policies for the email user population to manage retention and destruction of emails, thus being able to disable  the auto delete function for users when the duty to preserve arises.  If your organization uses auto-delete, it’s important to have a policy in place for disabling auto-delete for litigation, whether at the Outlook client level, the Exchange level or with any other email system.

So, what do you think?  Does your organization use auto-deletion of emails?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Best Practices: Competency Ethics – It’s Not Just About the Law Anymore
 

A few months ago at LegalTech New York, I conducted a thought leader interview with Tom O’Connor of Gulf Coast Legal Technology Center, who didn’t exactly mince words when talking about the trend for attorneys to “finally tak[e] technology seriously”.  As he noted, “lawyers are finally trying to take some time to try to get up to speed – whining and screaming pitifully all the way about how it’s not fair, and the sanctions are too high and there’s too much data.  Get a life, get a grip.  Use the tools that are out there that have been given to you for years.” 

Strong words, indeed.  The American Bar Association (ABA) Model Rules of Professional Conduct (Model Rules) require that an attorney possess and demonstrate a certain requisite level of knowledge in order to be considered competent to handle a given matter.  Specifically, Model Rule 1.1 states that, "[a] lawyer shall provide competent representation to a client. Competent representation requires the legal knowledge, skill, thoroughness, and preparation reasonably necessary for the representation."

Preparation not only means understanding a specific area of the law (for example, antitrust or patent law, both highly specialized.).  It also means having the technical knowledge and skills necessary to serve the client in the area of discovery.

The ethical responsibilities of counsel these days includes competently directing and managing the identification, preservation, collection, processing, analysis, review and production of electronically stored information (ESI) required to be produced pursuant to lawful discovery requests.  If counsel does not have that level of competency in a particular area, he or she is obligated to either acquire the knowledge or skill necessary to support those needs, or include someone else who does have the requisite skills as part of the representation.

Not too long ago, I met with an attorney and discussed how they handled preservation obligations with their clients.  The attorney indicated that he expected his clients to self-manage their own preservation and collection.  When I asked him why he didn’t try to get more involved to make sure it was being handled properly, he said, “I don’t want to alarm them.  They might decide they need a bigger firm.”

Recent case law is full of cases where counsel didn’t fully understand their eDiscovery obligations, and got themselves and their clients “burned” in the process.  If your organization gets involved in litigation, make sure to include eDiscovery competence among the factors you consider when determining counsel qualifications to represent you.

So, what do you think?  Is your counsel eDiscovery savvy?  If not, do they use a provider that is?  Please share any comments you might have or if you’d like to know more about a particular topic.

Social Tech eDiscovery: Use of Smarsh for Social Media Archiving
 

The online world thrives on social media, but for attorneys who must preserve sensitive social media data for discovery, the widespread growth of social technology presents a laundry list of problems.

Not only is it challenging to trace the communications shared on popular sites like Facebook, LinkedIn and Twitter when privacy settings can be turned on and off at whim, it’s also difficult to know whether the information available at any given time is complete, as content can be edited by users at any time or lost due to technical malfunctions.

In some cases, like this example, courts have ruled that even locked or private content on Facebook and other social networking sites is not protected from being requested as part of discovery. In other cases, such as this one, they have ruled differently.  You don’t know for sure how courts will rule, so you have to be prepared to preserve all types of social media content, even possibly content that is changed frequently by users, such as Facebook profiles and blog posts.  And, even though Facebook has introduced a self-collection mechanism, it may not capture all of the changes you need.  And, other social media sites have not yet provided a similar mechanism.  If items are changed or lost after the duty to preserve goes into effect, your organization can be sanctioned with steep fines even receive an adverse inference judgment based on the information you are unable to produce.

Fortunately, there are viable solutions that enable you to create a backup of all social networking activity and archive such information in the event it has to be produced in discovery. Portland-based Smarsh has archiving and compliance tools, including social media archiving and compliance that automate the archiving of social media accounts, preserving all necessary data in case you need it later for discovery.

Some of the benefits of Smarsh’s social media archiving tools include:

  • A complete, logged, and quantifiable record of all social media posts and administrator activity
  • The ability to define which social media features your employees have access to and to track all business communications
  • Compliance with SEC and FINRA regulations (including Regulatory Notice 10-06)
  • The tools to identify and minimize risk, saving your business time, effort, and money

Smarsh has been designed to satisfy all regulatory compliance objectives, transforming the data management hazards of social media into a system that automatically updates and archives itself – an attorney’s dream when litigation strikes. This application creates a simple and proactive approach to archival of social media data, enforcing preservation to ensure that the duty to preserve is met.

So, what do you think?  Do you use Smarsh or any other social media archival tool?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: Forecast for More Clouds
 

No, eDiscoveryDaily has not begun providing weather forecasts on our site.  Or stock forecasts.

But, imagine if you could invest in an industry that could nearly sextuple in nine years? (i.e., multiply six-fold).

Well, the cloud computing, or Software-as-a-Service (SaaS), industry may be just the industry for you.  According to a Forrester report from last month, the global cloud computing market will grow from 40.7 billion dollars in 2011 to more than 241 billion dollars by 2020.  That’s a 200 billion dollar increase in nine years.  That’s enough to put anybody “on cloud nine”!

The report titled Sizing The Cloud by Stefan Ried (Principal Analyst, Forrester) and Holger Kisker (Sr. Analyst, Forrester), outlines the different market dynamics for three core layers of cloud computing, as follows:

  • Public Cloud: From 25.5 billion dollars to 159.3 billion dollars by 2020;
  • Virtual Private Cloud: From 7.5 billion dollars to 66.4 billion dollars by 2020;
  • Private Cloud: From 7.8 billion dollars to 159.3 billion dollars by 2020.

Public cloud providers include everything from Facebook and Twitter to Amazon.com and Salesforce.com.  As the name implies, a private cloud is where companies implement their own cloud environment to support its own needs.  A virtual private cloud is simply a private cloud located within a public cloud.

Forrester is not the only analyst firm that expects big things for cloud computing.  The Gartner Group projected that the cloud computing industry will have revenue of 148.8 billion dollars by 2014, even higher than Forrester’s forecast of 118.7 billion dollars for the same year.  Clearly, the benefits of the cloud are causing many organizations to consider it as a viable option for storing and managing critical data.

What does that mean from an eDiscovery perspective?  That means a forecast for more clouds.  If your organization doesn’t have a plan in place for managing, identifying, preserving and collecting data from its cloud solutions, things could get stormy!

So, what do you think?  Is your organization storing more data in the cloud?  Does your organization have an effective plan in place for getting to the data when litigation strikes?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Best Practices: Usefulness of Facebook’s Self Collection Mechanism
 

We’ve written about Facebook a lot on this blog.  Shortly after this blog was launched, we provided information on Facebook’s subpoena policy.  We’ve also talked about the eDiscovery implications associated with the rollout of Facebook’s new email messaging system, dubbed “Facemail”.  And, just last week, we chronicled a case involving Facebook where they were ordered to produce documents instead of just merely providing access to them.  And, we haven’t even mentioned the latest revelations that Facebook may have secretly hired a PR firm to plant negative stories about Google (oops, we just did!).

But perhaps our most popular post regarding Facebook was regarding the self collection mechanism that they rolled out last October, which we found out about via our LegalTech interview with Craig Ball published back in March after our February interview (Craig also wrote an article about the feature in Law Technology News in February).

Now, another article has been written about the usefulness of Facebook’s self collection mechanism (called “Download Your Information”) in the blog E-Discovery Law Alert, entitled How Useful is Facebook's "Download Your Information" Feature in E-Discovery?, written by Patrick V. DiDomenico.

The author of this article conducted a test by downloading his information via the utility, deleting some information from his Facebook profile – “an email message, some wall posts, comments, photos, and even a friend (not a close friend)” – hopefully, he added the friend back.  Then, he downloaded his information again, every day for four days, with no change for the first three days.  On the fourth day, most of the deleted information disappeared from the download, except the email message (which disappeared when he ran the utility one more time).

The conclusion was that the mechanism “does not appear to ‘look back’ and recover deleted information in the user’s account”.  Thoughts:

  • With no change in the download in the first three days, the author notes that “Facebook did not take a fresh snapshot of my account every day – it just re-downloaded the same file three days in a row”.  He doesn’t mention whether he added any content during this time.  It would be interesting to see if that would force a change.
  • I don’t believe that there is any specific documentation from Facebook as to how it handles additions and deletions and how often the snapshot is updated.  If not, it might behoove them to create some, it might save them some subpoena requests.
  • The author notes that “it is inadvisable for lawyers to rely solely on the Download Your Information feature for discovery of an adversary’s Facebook information” as it “gives no assurance that a litigant’s attempt to delete evidence will be revealed”.  On the other hand, it may be still an appropriate mechanism to use for your own discovery to preserve your own information.  Facebook may also store deleted information on backup tapes, so a subpoena could catch your opponent red-handed if you can justify the discovery of those tapes.  Food for thought.

So, what do you think?  Have you had any Facebook discovery requests in your eDiscovery projects?   Please share any comments you might have or if you’d like to know more about a particular topic.