Close
Enter your
text here

Collection

Image Isn’t Everything, Court Says, Denying Plaintiff’s Request for Imaging on Defendant’s Hard Drives – eDiscovery Case Law

In Design Basics, LLC. v. Carhart Lumber Co., 8:13CV125 (D. Neb. Nov. 24, 2014), Nebraska Magistrate Judge Cheryl R. Zwart, after an extensive hearing on the plaintiff’s motion to compel “full disk imaging of Defendant’s hard drives, including Defendant’s POS server, secretaries’ computers, UBS devices. . .”, denied the motion after invoking the mandatory balancing test provided in FRCP Rule 26(b)(2)(C).

In this design misappropriation case, the plaintiff filed the motion to compel, arguing “that it is entitled to a full forensic image of the defendant’s server, and every computer or computer data storage device or location used by the company and any of its employees”.  The plaintiff’s counsel stated that he litigates design misappropriation cases nationwide, and he always (except perhaps in a rare case) is granted the right to image a defendant company’s entire computer system. Judge Zwart noted that, after being afforded an opportunity to brief the issue and submit further evidence, the plaintiff’s counsel cited no cases supporting this argument.

The defendant filed a motion for protective order seeking relief from that request and arguing that it had determined that the secretaries’ computers did not contain relevant information.

In issuing her ruling denying the plaintiff’s motion to compel and granting the defendant’s motion for protective order, Judge Zwart stated:

“Plaintiff’s demand for all of the defendant’s computer data is consistent with the position of its expert, but it is not consistent with the balancing required under Rule 26(b)(2)(C) of the Federal Rules of Civil Procedure.  Based on the arguments of counsel held today and the evidence of record, Defendant’s counsel has provided both electronic and paper copies of all blue prints, has performed Plaintiff’s requested search on the emails copied from the 11 computers, and has already invested many hours reviewing thousands of documents for privilege. Defense counsel offered to produce the nonprivileged emails to Plaintiff’s counsel for his review, and has provided dates for taking the deposition of Defendant’s president. Plaintiff’s counsel has neither reviewed the emails nor deposed anyone. This case is more than 18 months old.

In the end, the plaintiff failed to show good cause why additional computer data must be collected from the defendant. Taking into consideration the factors listed in Fed. R. Civ. P. 26(b)(2)(C), the court is convinced that allowing imaging of every computer or data storage device or location owned or used by the defendant, including all secretaries’ computers, is not reasonable and proportional to the issues raised in this litigation.”

So, what do you think?  Was the plaintiff overreaching in its request?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Simply Deleting a File Doesn’t Mean It’s Gone – eDiscovery Best Practices
 

I seem to have picked up a bit of a bug and I’m on cold medicine, so my writing brain is a bit fuzzy.  As a result, so I’m revisiting a topic that has come up a few times over the years that we covered early on in the blog’s history.  I should be back in the saddle with new posts next week!

Disk drives use an index or table to keep track of where each file begins and ends on the disk.  You may have heard terms such as “FAT” (file allocation table) or NTFS ({Windows} NT File System) – these filing systems enable the file to be retrieved quickly on the drive.  They’re like a “directory” of all of the active files on the disk.  When a file is “deleted” (i.e., actually deleted, not just moved to the Recycle Bin), the data for that file isn’t actually removed from the disk (in most cases).  Instead, the entry pertaining to it is removed from the filing system.  As a result, the area on the disk where the actual data is located becomes unallocated space.

Unallocated space, also known as inactive data or drive free space, is the area of the drive not allocated to active data. On a Windows machine, deleted data is not actually destroyed, but the space on the drive that can be reused to store new information. Until the unallocated space is overwritten with new data, the old data remains.  This data can be retrieved (in most cases) using forensic techniques. On MAC O/S 10.5 and higher, there is an application that overwrites sectors when a file is deleted. This process more securely destroys data, but even then it may be possible to recover data out of unallocated space.

Because the unallocated space on a hard drive or server is that portion of the storage space to which data may be saved, it is also where many applications “temporarily” store files when they are in use. For instance, temporary Internet files are created when a user visits a web page, and these pages may be “cached” or temporarily stored in the unallocated space.  Rebooting a workstation or server can also clear some data from the unallocated space on its drive.

Since computers are dynamic and any computer operation may write data to the drive, it is nearly impossible to preserve data in the unallocated space on the hard drive and that data is not accessible without special software tools. To preserve data from the unallocated space of a hard drive, the data must be forensically collected, which basically copies the entire drive’s contents, including every sector (whether those sectors contain active data or not). Even then, data in the unallocated space may not be complete. Because the unallocated space is used to store new data, writing a new file may overwrite part of a deleted file, leaving only part of that file in the unallocated space.

Nonetheless, “deleted” files have been recovered, collected and produced in numerous lawsuits, despite efforts of some producing parties to destroy that evidence.

So, what do you think?  Have you ever recovered deleted data that was relevant to litigation?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Dealing with the Departed – eDiscovery Best Practices
 

Having addressed this recently with a client, I thought this was a good topic to revisit here on the blog…

When litigation hits, key activities to get a jump on the case include creating a list of key employees most likely to have documents relevant to the litigation and interviewing those key employees, as well as key department representatives, such as IT for information about retention and destruction policies.  These steps are especially important as they may shed light on custodians you might not think about – the departed.

When key employees depart an organization, it’s important for that organization to have a policy in place to preserve their data for a period of time to ensure that any data in their possession that might be critical to company operations is still available if needed.  Preserving that data may occur in a number of ways, including:

  • Saving the employee’s hard drive, either by keeping the drive itself or by backing it up to some other media before wiping it for re-use;
  • Keeping any data in their network store (i.e., folder on the network dedicated to the employee’s files) by backing up that folder or even (in some cases) simply leaving it there for access if needed;
  • Storage and/or archival of eMail from the eMail system;
  • Retention of any portable media in the employee’s possession (including DVDs, portable hard drives, smart phones, etc.).

As part of the early fact finding, it’s essential to determine the organization’s retention policy (and practices, especially if there’s no formal policy) for retaining data (such as the examples listed above) of departed employees.  You need to find out if the organization keeps that data, where they keep it, in what format, and for how long.

When interviewing key employees, one of the typical questions to ask is “Do you know of any other employees that may have responsive data to this litigation?”  The first several interviews with employees often identify other employees that need to be interviewed, so the interview list will often grow to locate potentially responsive electronically stored information (ESI).  It’s important to broaden that question to include employees that are no longer with the organization to identify any that also may have had responsive data and try to gather as much information about each departed employee as possible, including the department in which they worked, who their immediate supervisor was and how long they worked at the company.  Often, this information may need to be gathered from Human Resources.

Once you’ve determined which departed employees might have had responsive data and whether the organization may still be retaining any of that data, you can work with IT or whoever has possession of that data to preserve and collect it for litigation purposes.  Just because they’re departed doesn’t mean they’re not important.

So, what do you think?  Does your approach for identifying and collecting from custodians include departed custodians?  Please share any comments you might have or if you’d like to know more about a particular topic.

Image © Warner Bros.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

How Mature is Your Organization in Handling eDiscovery? – eDiscovery Best Practices

A new self-assessment resource from EDRM helps you answer that question.

A few days ago, EDRM announced the release of the EDRM eDiscovery Maturity Self-Assessment Test (eMSAT-1), the “first self-assessment resource to help organizations measure their eDiscovery maturity” (according to their press release linked here).

As stated in the press release, eMSAT-1 is a downloadable Excel workbook containing 25 worksheets (actually 27 worksheets when you count the Summary sheet and the List sheet of valid choices at the end) organized into seven sections covering various aspects of the e-discovery process. Complete the worksheets and the assessment results are displayed in summary form at the beginning of the spreadsheet.  eMSAT-1 is the first of several resources and tools being developed by the EDRM Metrics group, led by Clark and Dera Nevin, with assistance from a diverse collection of industry professionals, as part of an ambitious Maturity Model project.

The seven sections covered by the workbook are:

  1. General Information Governance: Contains ten questions to answer regarding your organization’s handling of information governance.
  2. Data Identification, Preservation & Collection: Contains five questions to answer regarding your organization’s handling of these “left side” phases.
  3. Data Processing & Hosting: Contains three questions to answer regarding your organization’s handling of processing, early data assessment and hosting.
  4. Data Review & Analysis: Contains two questions to answer regarding your organization’s handling of search and review.
  5. Data Production: Contains two questions to answer regarding your organization’s handling of production and protecting privileged information.
  6. Personnel & Support: Contains two questions to answer regarding your organization’s hiring, training and procurement processes.
  7. Project Conclusion: Contains one question to answer regarding your organization’s processes for managing data once a matter has concluded.

Each question is a separate sheet, with five answers ranked from 1 to 5 to reflect your organization’s maturity in that area (with descriptions to associate with each level of maturity).  Default value of 1 for each question.  The five answers are:

  • 1: No Process, Reactive
  • 2: Fragmented Process
  • 3: Standardized Process, Not Enforced
  • 4: Standardized Process, Enforced
  • 5: Actively Managed Process, Proactive

Once you answer all the questions, the Summary sheet shows your overall average, as well as your average for each section.  It’s an easy workbook to use with input areas defined by cells in yellow.  The whole workbook is editable, so perhaps the next edition could lock down the calculated only cells.  Nonetheless, the workbook is intuitive and provides a nice exercise for an organization to grade their level of eDiscovery maturity.

You can download a copy of the eMSAT-1 Excel workbook from here, as well as get more information on how to use it (the page also describes how to provide feedback to make the next iterations even better).

The EDRM Maturity Model Self-Assessment Test is the fourth release in recent months by the EDRM Metrics team. In June 2013, the new Metrics Model was released, in November 2013 a supporting glossary of terms for the Metrics Model was published and in November 2013 the EDRM Budget Calculators project kicked off (with four calculators covered by us here, here, here and here).  They’ve been busy.

So, what do you think?  How mature is your organization in handling eDiscovery?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Denies Plaintiff’s Fallback Request for Meet and Confer after Quashing its Subpoena – eDiscovery Case Law
 

In Boston Scientific Corporation v. Lee, 1:13-cv-13156-DJC, (N.D. Cal., Aug 4, 2014), California Magistrate Judge Paul S. Grewal found time to preside over a case other than Apple v. Samsung and granted the motion to quash the plaintiff’s subpoena for the defendant’s laptops, refusing the plaintiff’s fallback position to meet and confer and referencing Leave it to Beaver in the process.

The defendant left the employment of the plaintiff and began working for a competitor, which caused the case to be filed against him, claiming theft of trade secrets and violation of a confidentiality agreement (by downloading confidential information onto a USB thumb drive).  The defendant’s new employer assigned him a laptop when he started his employment, which he used to both perform his job duties and communicate with his attorneys. Several weeks after the lawsuit was filed, the defendant’s employer segregated this laptop with a third party e-discovery vendor, and issued him a second one.

The defendant’s employer also produced forensic information about the contents of the first laptop to the plaintiff in the form of file listing reports, which disclose extensive metadata of the files contained on the laptop, USB reports, and web browsing history reports.  When the plaintiff pressed for more, the defendant’s employer offered to have an independent vendor review a full forensic image of the first laptop to search for pertinent information, including a review of any deleted files.  The plaintiff refused, requesting forensic discovery from both laptops and issued a subpoena, to which the defendant’s employer filed a motion to quash.

Judge Grewal began his order as follows:

“This case illustrates a recurring problem in all civil discovery, especially in intellectual property cases. A party demands the sun, moon and stars in a document request or interrogatory, refusing to give even a little bit. The meet and confer required by a court in advance of a motion is perfunctory at best, with no compromise whatsoever. But when the parties appear before the court, the recalcitrant party possesses newfound flexibility and a willingness to compromise. Think Eddie Haskell singing the Beaver's praises to June Cleaver, only moments after giving him the business in private. Having considered the arguments, the court GRANTS Nevro's motion to quash.”

Explaining his decision, Judge Grewal stated “No doubt there exists discoverable information on the two laptops, but by demanding nothing less than a complete forensic image of not just one but two laptops belonging to a direct competitor, Boston Scientific demands too much. Such imaging will disclose privileged communications related to the litigation as well as irrelevant trade secrets from a nonparty-competitor.  Boston Scientific's subpoena therefore seeks discovery of protected matter, something plainly not permitted under Rule 45, rendering the subpoena overbroad and imposing an undue burden on Nevro.”

Judge Grewal noted that the plaintiff “[a]s a fall back”, proposed what the defendant’s employer had originally proposed: the retention of an independent vendor to “review a full forensic image of the Initial Laptop to search for pertinent information, including a review of any deleted files.”  Judge Grewal closed the door on that request as well, stating “to allow Boston Scientific now to seek shelter from a fallback position that Nevro previously tendered in good faith would make a mockery of both parties' obligation to meet and confer in good faith from the start.  The time to tap flexibility and creativity is during meet and confer, not after.”

So, what do you think?  Should the plaintiff have been granted its fall back request or was it too late for compromise?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Our 1,000th Post! – eDiscovery Milestones

When we launched nearly four years ago on September 20, 2010, our goal was to be a daily resource for eDiscovery news and analysis.  Now, after doing so each business day (except for one), I’m happy to announce that today is our 1,000th post on eDiscovery Daily!

We’ve covered the gamut in eDiscovery, from case law to industry trends to best practices.  Here are some of the categories that we’ve covered and the number of posts (to date) for each:

We’ve also covered every phase of the EDRM (177) life cycle, including:

Every post we have published is still available on the site for your reference, which has made eDiscovery Daily into quite a knowledgebase!  We’re quite proud of that.

Comparing our first three months of existence to now, we have seen traffic on our site grow an amazing 474%!  Our subscriber base has more than tripled in the last three years!  We want to take this time to thank you, our readers and subcribers, for making that happen.  Thanks for making the eDiscoveryDaily blog a regular resource for your eDiscovery news and analysis!  We really appreciate the support!

We also want to thank the blogs and publications that have linked to our posts and raised our public awareness, including Pinhawk, Ride the Lightning, Litigation Support Guru, Complex Discovery, Bryan University, The Electronic Discovery Reading Room, Litigation Support Today, Alltop, ABA Journal, Litigation Support Blog.com, InfoGovernance Engagement Area, EDD Blog Online, eDiscovery Journal, e-Discovery Team ® and any other publication that has picked up at least one of our posts for reference (sorry if I missed any!).  We really appreciate it!

I also want to extend a special thanks to Jane Gennarelli, who has provided some serial topics, ranging from project management to coordinating review teams to what litigation support and discovery used to be like back in the 80’s (to which some of us “old timers” can relate).  Her contributions are always well received and appreciated by the readers – and also especially by me, since I get a day off!

We always end each post with a request: “Please share any comments you might have or if you’d like to know more about a particular topic.”  And, we mean it.  We want to cover the topics you want to hear about, so please let us know.

Tomorrow, we’ll be back with a new, original post.  In the meantime, feel free to click on any of the links above and peruse some of our 999 previous posts.  Now is your chance to catch up!  😉

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Orders Sharing of Costs for Forensic Examination of Plaintiff’s Emails – eDiscovery Case Law

In Zeller v. So. Central Emergency Med. Servs. Inc., 1:13-CV-2584 (M.D. Pa. May 20, 2014), Pennsylvania Magistrate Judge Karoline Mehalchick used the Zubulake seven factor test to rule that the costs for restoring and searching the plaintiff’s emails should be shared, up to a maximum contribution by $1,500 by the plaintiff.

In this wrongful termination case based on plaintiff’s claims of retaliation by the defendant after the plaintiff took a leave of absence under the Family and Medical Leave Act (FMLA), the parties began the eDiscovery process to recover the plaintiff’s emails and asked the Court to resolve the issue of “first review” of documents identified as a result of an agreed upon search of Plaintiff’s emails, and the matter of cost-sharing.

The plaintiff asserted that he is entitled to a “first review” of all documents to be produced while the defendants asserted that after forensic retrieval of emails from Plaintiff’s email account, all non-potentially privileged documents should be forwarded directly to the defendants to save time.  Noting that “Plaintiff has no obligation to produce emails that are wholly irrelevant to either party’s claim or defense” and that broad search terms such as the plaintiff’s wife’s name was used, Judge Mehalchick ruled that the plaintiff was entitled to a “first review” of the results of the forensic examination of his email account.

Regarding the cost sharing request by the defendants, Judge Mehalchick referenced Fed. R. Civ. P. 26(b)(2)(B) and determined that the data requested was inaccessible without the forensic examination and used the seven factor balance test below for cost-shifting from Zubulake v. UBS Warburg to decide whether forensic examination costs should be shifted.  The factors are:

  1. The extent to which the request is specifically tailored to discover relevant information;
  2. The availability of such information from other sources;
  3. The total cost of production, compared to the amount in controversy;
  4. The total cost of production, compared to the resources available to each party;
  5. The relative ability of each party to control costs and its incentive to do so;
  6. The importance of the issues at stake in the litigation; and
  7. The relative benefits to the parties of obtaining the information.

Judge Mehalchick stated that “the parties were unable to identify the total cost of production of the search, compared to the amount in controversy and the resources to each party”.  However, with regard to the other five factors, she ruled that “the request is specifically tailored to discovery relevant information”, that “there is no other source which could possibly be available”, that since the parties have agreed on a forensic examiner “neither party has any more ability than the other to control the cost”, that “the information sought is important to the issues at stake in the litigation” and that “it is to the benefit of both parties to obtain the information sought”.

As a result, Judge Mehalchick found “that some cost-shifting is appropriate” and ruled “Plaintiff and Defendant should share equally in the cost of restoring and searching Plaintiff’s emails, up to a maximum contribution by Plaintiff of One Thousand Five Hundred Dollars ($1500.00).”

So, what do you think?  Was the Zubulake test applied appropriately?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

The Pitfalls of Self-Culling and Image Files – eDiscovery Best Practices

This topic came up with a recent client, so I thought I would revisit it here on this blog.

There’s a common mistake that organizations make when collecting their own files to turn over for discovery purposes.  Many attorneys turn over the collection of potentially responsive files to the individual custodians of those files, or to someone in the organization responsible for collecting those files (typically, an IT person) and the self-collection involves “self-culling” through the use of search terms.  When this happens, important files can be missed.

Self-culling by custodians, unless managed closely, can be a wildly inconsistent process (at best).  You’re expecting each custodian to apply the same search terms consistently and, even if IT performs the self-culling, the process may have to be repeated if additional search terms are identified later on.  Even worse, potentially responsive image-only files will be missed with self-culling.

It’s common to have a number of image-only files within any collection, especially if the custodians frequently scan executed documents or use fax software to receive documents from other parties.  In those cases, image-only PDF or TIFF files can often make up as much as 20% of the collection.  When custodians are asked to perform “self-culling” by performing their own searches of their data, these files, which could contain information responsive to the case, will certainly be missed.

With the possibility of inconsistent self-culling, the possibility of additional search terms identified later and the (almost certain) presence of image-only files, I usually advise against self-culling by custodians.  I also don’t recommend that IT perform culling on behalf of the custodians, unless they have the ability to process that data to identify image-only files and perform Optical Character Recognition (OCR) to capture text from them.  If your IT department has the capabilities and experience to do so (and the process and chain of custody is well documented), then that’s great.  However, most internal IT departments either don’t have the capabilities or expertise (or both), in which case it’s best to collect all potentially responsive files from the custodians and turn them over to a qualified eDiscovery provider to perform the culling (performing OCR as needed to include responsive image-only files in the resulting responsive document set).  Unless the case requires supplemental productions, there is also no need to go back to the custodians to collect additional data with the full data set available.

So, what do you think?  Do you self-collect data for discovery purposes?  If so, how do you account for image-only files?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Ruling on ESI Discovery Dispute Delayed as Court Requests Specific Information – eDiscovery Case Law
 

In Worley v. Avanquest North America Inc., No. C 12-04391 WHO (LB), 2013 U.S. Dist. (N.D. Cal. Dec. 13, 2013), a putative class action involving PC security software, California Magistrate Judge Laurel Beeler required the defendant to produce further information related to discovery disputes before a ruling would be issued.

Various discovery disputes arose in this case after the parties failed to agree on a discovery period. The applicable statute of limitations for this lawsuit was five years, and the defendant offered to preserve as evidence Electronically Stored Information (ESI) created during that five-year period. However, the plaintiffs requested an additional ten years added to the discovery period, as this would preserve “all relevant and discoverable information from the time the original versions of the software were developed to the present.”

According to the legal standard set by Rule 26, subsection (b)(1), parties may “obtain discovery regarding any nonprivileged matter that is relevant to any party’s claim or defense…” and relevant information “need not be admissible at the trial if the discovery appears reasonably calculated to lead to the discovery of admissible evidence.” Therefore, Judge Beeler sided with the plaintiffs regarding an extended discovery period, stating that relevant information “such as documents relating to the software’s design and purpose, could have pre-dated the statutory period.”

However, the defendant stated that adding ten years to the discovery period would result in an unduly burdensome obligation for preservation, and would be disproportionate to the litigation. This is also addressed in subsection (b)(2)(C) under Rule 26, which states that “the court must limit the frequency or extent of discovery otherwise allowed by these rules…” if it is determined that the discovery would be “unreasonably cumulative or duplicative,” or that “the burden or expense of the proposed discovery outweighs its likely benefit” to the case.

Judge Beeler noted that the argument could not be addressed without further information, specifically that the parties had identified neither potential custodians, nor the amount of information the defendant actually had in its possession, since the defendant’s company acquired the software at issue in 2005. These details would be required in order for the defendant’s technical expert “to specify the burdens associated with preserving relevant information (particularly of electronically-stored information).”

Therefore, the defendant was ordered to identify custodians who would be likely to hold relevant information with regard to the plaintiff’s discovery requests, and further to “consult a person with expertise (such as an IT employee) and specify any undue burden associated with preservation, and produce non-burdensome, relevant information” before a ruling would be given. If the technical expert identified any issues that would make production of documents unduly burdensome, both parties were to “comply with the court’s discovery procedures and submit a joint discovery letter that provides details about the problems and puts their dispute in context.” Meanwhile, Judge Beeler ordered the defendant to produce the agreed documents covered by the five-year statute of limitations, noting that further “discovery can be iterative.”

The final discovery dispute concerned the defendant’s request for the plaintiffs to produce mirror image copies of hard drives belonging to the plaintiffs and their experts, in order to test the software at issue. The plaintiffs argued against this, as the hard drives contained both personal and privileged information, including financial data, family photos, and private communications. They instead proposed allowing the defendant to choose a forensic expert, who would image the hard drives and provide the defendant with specifically requested data, including “recreate[d] computing environments.”

Judge Beeler deemed the proposal “not workable,” and permitted the imaging of the drives with the allowance that the plaintiffs could use a protective order to protect any private information, and would be able to review and remove any privileged information prior to remanding the images to the defendant.

So, what do you think? Should discovery periods be limited to the statute of limitations applicable to a given case? Are protective orders sufficient to protect private information when personal-use computers are involved in litigation? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Craig Ball of Craig D. Ball, P.C. – eDiscovery Trends, Part 2

This is the eleventh (and final) of the 2014 LegalTech New York (LTNY) Thought Leader Interview series.  eDiscoveryDaily interviewed several thought leaders after LTNY this year (don’t get us started) and generally asked each of them the following questions:

  1. What significant eDiscovery trends did you see at LTNY this year and what do you see for 2014?
  2. With new amendments to discovery provisions of the Federal Rules of Civil Procedure now in the comment phase, do you see those being approved this year and what do you see as the impact of those Rules changes?
  3. It seems despite numerous resources in the industry, most attorneys still don’t know a lot about eDiscovery?  Do you agree with that and, if so, what do you think can be done to improve the situation?
  4. What are you working on that you’d like our readers to know about?

Today’s thought leader is Craig Ball.  A frequent court appointed special master in electronic evidence, Craig is a prolific contributor to continuing legal and professional education programs throughout the United States, having delivered over 1,500 presentations and papers. Craig’s articles on forensic technology and electronic discovery frequently appear in the national media, and just ended nine years writing a monthly column on computer forensics and eDiscovery for Law Technology News called Ball in your Court.  He currentlyblogs on those topics at ballinyourcourt.com.

As usual, Craig gave us so much useful information that we decided to spread it out, yesterday was Part 1 of the interview and here is the rest!

It seems despite numerous resources in the industry, most attorneys still don’t know a lot about eDiscovery?  Do you agree with that and, if so, what do you think can be done to improve the situation?

I have to marvel at the ingenuity of my colleagues who have so effectively deflected the obligation to learn much of the nuts and bolts of eDiscovery.  A mastery of buzzwords and buzz concepts is not the same thing.  You can almost see the eagerness of some to deploy certain ideas that they have picked up as though simply encanting a buzz word is the same as applying it in a practical fashion.  Lawyers focus on the work product privilege as a means to avoid transparency in essential applications.  They trot out something that they’ve distilled from Zubulake, now ten years old.  Again, they are fighting the last war.  They are still over-preserving in shocking ways and still issuing legal holds that are boilerplate.  They’re still failing to give useful information in legal hold notices (as they can’t tell people to do what they themselves don’t know how to do).  We’re seeing little creativity and a copious quantity of uninspired mimicry.  It isn’t working.

The problem I have with this is that it is that eDiscovery isn’t that hard.  We make it hard.  We sit down in a room and start talking about the moving parts and everyone starts getting very depressed.  They’re desperate to seize upon a one-dimensional solution – they want to find a hammer that they can bang against everything.  It isn’t that hard.  Though there are strategies that you need for different kinds of evidence, there are recognitions you must make that there are different users that use data in different ways.  Different levels of fragility.  But, we’re not talking about learning Chinese pictographs here, we’re talking about a small handful of common productivity file types and a tiny handful of mechanisms for communication.  In any other industry, they would be so happy to have so little complexity to deal with; but in our industry, any complexity at all seems to be overwhelming.  And, it frustrates me because, if lawyers would devote a bit of of genuine energy and time to this, and if we made more resources available to them, we could really make not just incremental strides, but great leaps in reducing the cost and anguish associated with electronic discovery.  It’s not that hard, it doesn’t have to be that expensive.  But, it does require a certain minimal fluency to understand what you’re dealing with.

We all work with digital information, all day, every day.  Right now you are taping me on a digital recorder, we’re having a conversation on digital phones where the conversation is being converted into packets and it’s moving back and forth.  I’m staring at two screens now with my email on the left screen and the internet on the right screen with my smart phone and my tablet close by.  That’s modern life.  If we don’t approach electronic discovery with the same engagement that we do with digital tools in other aspects of our lives, we’re doomed to continue to commit malpractice in both how we approach eDiscovery and how we spend our client’s money on eDiscovery.  And, it’s just sad, it remains deeply sad.

We aren’t deploying the right tools.  Soon, our opponents and courts will realize that we’re fighting the last war and that it’s very easy to step around our defenses.  We haven’t put the tools–the weapons in the hands of the infantry – the working stiff lawyer – to allow them to begin to deal with electronic discovery.

How is it going to get better?  Right now, the only path I see is going to be the enthusiast, the individual lawyer who – out of boredom, ambition or aversion unemployment – decides that they’re going to craft a new career path for themselves.  I hear from one of those lawyers nearly every day, so that means that I hear from 150-200 lawyers each year who tell me that they want to do what I do.  That’s great, but the resources for them to achieve that, to get the information they need, are still sparse in the context of law practice.  You can go out there and learn forensics and information systems and IT.  But, to integrate the parts of those disciplines that are attendant to eDiscovery, it’s difficult.  We’re still having electronic discovery taught, by and large, by people who consider it a body of law and who shun its technology aspect.

What are you working on that you’d like our readers to know about?

My mission for 2014 is wake our readers up on the issue of form of production.  That’s a little silly because your readers are among the most enlightened of consumers of electronic discovery.  But, helping requesting parties change the archaic way they ask for ESI has been a big part of what I want to accomplish in 2014.  And, helping them to make sensible choices about forms of production so that they can get complete and utile forms, That’s not always a native form, but it’s rarely static images.  I know that is something that I’ve jawed about for a long time and I imagine there are quite a few people that are tired of hearing me speak about it, but I’m finally starting to get some traction.

Judges are starting to listen and understand.  As we chip away at this absurd practice to turn everything into electronic paper, what becomes clear is that the processes that we’ve developed to produce spreadsheets and PowerPoints in native forms apply with equal force and success to Word documents, and now you realize that you’ve covered the Microsoft Office complement of data.  Those are the files that tend to make up the most common attachments to emails and, oh, by the way, emails can be provided in functional formats that are also complete.  Everyone technologist knows what’s in an email.  It has to have a certain complement of features to be called an email and traverse the internet.  Why don’t we just start providing emails in forms that function?  Helping parties to exchange forms that function is my mission for 2014.

I don’t expect that by next year that I will tell you that everyone has awakened to the fact that native and near-native productions are cheaper and better.  Let’s face it, there are a lot of people conserving very old tools and workflows who will not give them up until they are forced to give them up.  There are all sorts of changes for the greater good that decent, intelligent people resist too long, just as they did with women’s suffrage and civil rights.  I don’t mean to trivialize civil rights by comparing them to litigants’ rights, but changes must and shall come to pass.  We must evolve to become Juris Doctor Electronicus: modern, digitally-capable counsel.

Thanks, Craig, for participating in the interview!

And to the readers, as always, please share any comments you might have or if you’d like to know more about a particular topic!

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.