Close
Enter your
text here

Electronic Discovery

This Guy Says that Computers Could Eventually Replace Lawyers – In the Courtroom: eDiscovery Trends

Over four years ago, we covered an article in The New York Times that discussed how the use of artificial intelligence could lead to replacing “armies of expensive lawyers” during the eDiscovery process. Now, a new article in The Wall Street Journal online goes a step further, speculating that “computers will eventually pass the legal bar exam and defendants will be given the right to be represented by a computational attorney if they so wish”.

What Big Data Means for the Legal System, written by Robert Plant (not the Led Zeppelin singer, but a professor at the University of Miami, as well as an author and blogger for Harvard Business Review & WSJ Leadership Expert) discusses how artificial intelligence researchers have used the legal domain as an exploratory space to test theories for decades, but with limited success. The advent of big data has changed that, enabling us to analyze not only text but many other data types such as pictures, email, video and voice. As Plant notes, this capability “allows lawyers to look for patterns and correlations across vast data sets previously inaccessible.”

Plant uses analysis of judges’ behavior in cases as an example, suggesting the ability to obtain answers to questions like: “How does the Judge rule on certain types of cases can be studied by date and time? Does the judge dismiss cases for a consistent pattern of reasoning? How do holidays affect decisions? Do they sentence harder at different times of the day?”

Because of big data analytics, Plant predicts that “[m]any of the routine tasks now performed by entry-level lawyers or paralegals will increasingly be undertaken by analytics; case and trial strategies will be developed by legal informatics as will increasingly jury-selection strategies.” As a result, Plant takes the concept to a somewhat controversial conclusion, as follows:

“It is clear that with advances in machine learning, computers will eventually pass the legal bar exam and defendants will be given the right to be represented by a computational attorney if they so wish and thus court rooms could see a truly new form of human computer interaction in which the computer answers the question ‘does the client have a case?’”

Must he “ramble on”? Computers replace lawyers?!? In the courtroom?!? He sure isn’t showing the legal profession a “whole lotta love”, is he? (sorry, I couldn’t resist)

Clearly, we’ve seen the application of artificial intelligence result in significant benefits during the eDiscovery process, with several cases over the past few years endorsing technology assisted review (including this latest case just last month) as well as initiatives to apply technology to information governance (such as the Information Governance Initiative launched last year). Is it that far of a stretch to apply technology to decision making in the courtroom too? Or is the author simply “dazed and confused”? (ok, I really will stop now)

So, what do you think? Will clients someday be represented by computers in the courtroom? Please share any comments you might have or if you’d like to know more about a particular topic.

Clipart from Clipartheaven.com

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

“How Much Will it Cost?” is Not Necessarily the Right Question to Ask: eDiscovery Best Practices

This is a topic we covered last fall, but it has come up again several times with clients (and prospective clients) recently and since we have so many new viewers and subscribers in the past couple of months (thanks to our recently announced education partnership with EDRM and some very kind words from Craig Ball on his excellent Ball in Your Court blog), it bears discussing again.

By far, the most important (and, therefore, the most asked) question asked of eDiscovery providers is “How much will it cost?”. Actually, you should be asking a few questions to get that answer – if they are the right questions, you can actually get the answer you seek.

With these questions, you can hopefully prevent surprises and predict and control costs:

  • What is the Unit Price for Each Service?: It’s important to make sure that you have a clear understanding of every unit price the eDiscovery provider includes in an estimate. Some services may be charged per-page or per-document, while others may be charged per gigabyte, and others may be charged on an hourly basis. It’s important to understand how each service is being charged and ensure that the price model makes sense.
  • Are the Gigabytes Counted as Original or Expanded Gigabytes?: For the per gigabyte services, it’s also important to make sure that you whether they are billed on the original GBs or the expanded GBs. Expanded GBs can be two to three times as large (or more) as the original GBs. Some services are typically billed on the original GBs (or at least the unzipped GBs) while others are typically billed on the expanded GBs. It’s important to know which metric is used; otherwise, your ESI collection may be larger than you think and you may be in for a surprise when the bill comes.
  • Will I Get an Estimate in Advance for Hourly Billed Services?: When you ask for specific hourly billed services from the provider (such as professional consulting or technician services) to complete a specific task, it’s important to get an estimate to complete that task as well as advanced notification if the task will require more time than estimated.
  • What Other Costs are Billed?: It’s not uncommon for other charges to be included in invoices, such as user fees for hosting services (not all hosting providers charge user fees, so it’s important to comparison shop) or project management, which can be an important component to the services provided by the eDiscovery provider. And, don’t forget charges for supplies and shipping. The rates charged for these services can vary widely, from non-existent to exorbitant. Understanding what other costs are being billed and the rates for those services is important to controlling costs.
  • If Prices are Subject to Change, What is the Policy for Those Changes and Notification of Clients?: Let’s face it, prices do change, even in the eDiscovery industry. In ongoing contracts, most eDiscovery providers will retain the right to change prices to reflect the cost of doing business (whether they exercise those rights or not). It’s important to know the terms that your provider has set for the ability to change prices, what the notification policy is for those price changes and what your options are if the provider exercises that right.

With the right questions and a good understanding of your project parameters, you can get to the answer to that elusive question “How much will it cost?”.

So, what do you think? How do you manage costs with your eDiscovery providers? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Denial of Motion for Spoliation Sanctions Leaves Plaintiff Less Than Glad: eDiscovery Case Law

In Gladue v. Saint Francis Medical Center, 1:13-CV-186-CEJ (E.D. Mo. Mar. 24, 2015), Missouri District Judge Carol E. Jackson denied the plaintiff’s motion for evidentiary and monetary sanctions due to spoliation of evidence, finding that the defendant did not have a duty to preserve emails deleted as part of routine IT operations, had diligently attempted to recover deleted emails and that the plaintiff failed to show that any of the unrecovered emails were relevant to her claims.

Case Background

In this employment case, the plaintiff’s employment was terminated in December 2011. As part of the defendant’s routine IT operations, the plaintiff’s email account was purged in March 2012. At that time, plaintiff had not filed either a lawsuit against the defendant or a charge of discrimination with the Equal Employment Opportunity Commission – the defendant was first contacted by the plaintiff’s then-attorney in June 2012 regarding the plaintiff’s employment discrimination claims.

On June 16, 2014, after this lawsuit was filed, the plaintiff submitted a request for production of all of her work emails and her calendar. Because her account had been purged, the defendant undertook several efforts to retrieve the emails, including conducting a search for all emails sent to or received from plaintiff in the accounts of every employee identified in the parties’ Fed. R. Civ. P. 26 disclosures. The defendant ultimately produced over 24,600 pages of emails and related documents to the plaintiff in two productions (nearly three months before the close of discovery), but acknowledged that there were no guarantees that every lost item was retrieved. The plaintiff filed a motion for evidentiary and monetary sanctions due to spoliation of evidence.

Judge’s Opinion

Finding that a “litigation hold was not required at the time plaintiff’s e-mails were deleted”, Judge Jackson ruled that the defendant “has shown that plaintiff’s e-mails were deleted as part of a routine maintenance procedure, rather than in bad faith. Moreover, defendant has diligently attempted to recover the missing documents.”

Judge Jackson also noted that the defendant produced documents to the plaintiff “nearly three months before the close of discovery and almost four months before the deadline for filing dispositive motions. Thus, as to the timing of the productions, no exceptional circumstances justify sanctions.” She also found that “plaintiff has failed to show that any of the unrecovered e-mails are relevant to her claims” and noted that “plaintiff is incorrect in her contention that defendant is at an advantage because it can use the undisclosed e-mails in this litigation” as “Fed. R. Civ. P. 37(c)(1) forbids defendant from using any document that has not been produced to plaintiff at summary judgment or trial.”

As a result, Judge Jackson ruled that “plaintiff is not prejudiced and no exceptional circumstances exist to justify sanctions” and denied her motion for sanctions.

So, what do you think? Did the plaintiff’s motion really ever stand a chance? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

How Blue Was My Valley? Not Blue Enough to Cite the Defendant for Discovery Violations: eDiscovery Case Law

In Malone v. Kantner Ingredients, 4:12CV3190 (D. Neb. Mar. 31, 2015), Nebraska Magistrate Judge Cheryl R. Zwart denied the plaintiffs’ motion to show cause, finding that the defendant “the plaintiffs have presented no evidence” that the defendant “destroyed, hid, or purposefully (or even recklessly) failed to produce responsive ESI” in the case.

Case Background

Over two years, the defendants had produced documents from various sources, including 140,000 electronic files located on a computer image of the data stored on the defendant’s file servers. Despite that, multiple conferences were held with the court regarding the parties’ discovery disputes and the plaintiffs filed five motions to compel additional documentation from the defendant.

In October of 2014, the plaintiffs claimed the defendants failed to produce all documents responsive to the plaintiffs’ discovery requests, particularly sent emails and invoices of transactions between Blue Valley Foods and the defendants. In an attempt to quell the plaintiffs’ ongoing distrust of the defendants’ discovery efforts, the defendants were ordered to locate their servers and determine if the server imaging performed by the defendants at the outset of the case was a full and complete imaging, as well as produce responsive invoices and sent mail from those servers.

In response to that order, the servers were received by defense counsel, who confirmed that the data image from the shared server data received by defense counsel at the outset of the case matched the data set and data amount on the servers. The servers were sent to the defendants’ forensic expert, who fully imaged them and provided a full copy of that imaging to the plaintiffs’ forensic expert. After receiving the server imaging, the plaintiffs’ forensic expert performed a word search of the data and located some documents containing the words “Blue Valley” that were not previously disclosed by the defendants in an electronic format. The plaintiffs presented evidence that some of those documents were responsive to production requests served by the plaintiffs, but they were not previously disclosed to the plaintiffs in an electronic format.

The plaintiffs moved for an order to show cause, alleging the defendants, their counsel, and counsel’s paralegal failed to comply with the order, “destroyed or tampered with evidence, and provided untruthful information to the court regarding the existence of discovery requested by the plaintiffs.”

Judge’s Opinion

Judge Zwart noted that, after receiving the actual servers, “the defendants did not repeat their search of the server data for responsive discovery…But the order required the defendants to determine if the server imaging performed by the defendants at the outset of the case was a full and complete imaging: It did not require the defendants to repeat their ESI review and production if the 2012 initial data imaging appeared to be full and complete.”

She continued: “By providing the full image of the servers to Plaintiffs’ expert, the defendants produced the emails, invoices, and associated metadata as required under the court’s order. While the plaintiffs incurred expense for forensic review of that data, the plaintiffs’ use of their own forensic expert was reasonable—and perhaps necessary—to bring some closure to the ongoing ESI discovery battle… The defendants allowed Plaintiffs to ‘see for themselves’ whether any additional documentation was on the Kantner servers. And the court is convinced this was the only means of convincing Plaintiffs that they had received everything. Had the parties discussed how to collect, review and produce ESI at the outset, perhaps the cost of two experts, and other discovery-related fees and costs, could have been avoided. But those discussions never occurred.”

With regard to the missed documents discovered by the plaintiff, Judge Zwart, referencing several sources for best practices for searching, indicated that “At most, the plaintiffs offered evidence of mistakes made during defense counsel’s 2012 manual review of the electronic files. Manual review is still considered by many as the ‘gold standard’ for electronic document review. But human error is common when attorneys are tasked with personally reviewing voluminous electronically stored information.” She also cited Reinsdorf v. Skechers (2013), which stated: “The discovery process relies upon the good faith and professional obligations of counsel to reasonably and diligently search for and produce responsive documents…However, while parties must impose a reasonable construction on discovery requests and conduct a reasonable search when responding to the requests, the Federal Rules do not demand perfection.”

Given that standard, Judge Zwart denied the plaintiffs’ motion to show cause.

This isn’t the first time we’ve covered rulings by Judge Zwart: click here, here, here and here to review previous rulings with eDiscovery impact that we’ve covered.

So, what do you think? Was that the right call or should the defendants have been held to a higher standard? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscoveryDaily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Almost Thirty Percent of Data Security Incidents are Due to Human Error: eDiscovery Trends

Last year, the term “data breach” became part of the broader public vernacular with The New York Times devoting more than 700 articles related to data breaches, versus fewer than 125 the previous year. And, as we’ve discussed recently, data breaches are on the rise. However, according to a new report, almost thirty percent of data security incidents are due to human error.

According to Verizon’s 2015 Data Breach Investigations Report released last week, the single biggest cause of data security incidents in 2014 was “miscellaneous errors”. These “miscellaneous errors” comprised 29.4% of data security incidents in 2014 (up from 25% in 2013), according to the report.

As Verizon notes in its report, if you take the top four causes of data security incidents – two through four respectively are crimeware (25.1%), insider misuse (20.6%) and physical theft/loss (15.3%) – “the common denominator across the top four patterns – accounting for nearly 90% of all incidents – is people. Whether it’s goofing up, getting infected, behaving badly, or losing stuff, most incidents fall in the PEBKAC (problem exists between keyboard and chair) and ID-10T (get it?) über-patterns.” As they somewhat playfully observe, “At this point, take your index finger, place it on your chest, and repeat ‘I am the problem,’ as long as it takes to believe it. Good – the first step to recovery is admitting the problem.”

While some of the errors are due to issues such as a computer malfunction or a misconfigured system, nearly 60% of the time, they’re due to a relatively simple user mistake (especially system administrators who were the “prime actors in over 60% of incidents”). Verizon breaks these down as:

  • “D’oh!”: Sensitive information sent to incorrect recipients (usually via email) comprised 30% of the miscellaneous errors that led to a data breach;
  • “My bad!”: Publishing non-public data to public web servers comprised 17%; and
  • “Oops!”: Insecure disposal of personal and medical data accounted for 12% of miscellaneous errors.

Overall, the report identifies 79,790 reported security incidents (with 2,122 confirmed data breaches) affecting at least 20 industries in 61 countries (not surprisingly, no breakout for legal). In terms of volume, two-thirds of incidents occurred in the U.S., but as Verizon notes, “that’s more reflective of our contributor base (which continues to expand geographically) than a measure of relative threat/vulnerability.”

The 70 page report covers topics ranging from victim demographics and breach trends to specific types of breach causes, including phishing and malware. It also breaks down incident types, including point-of-sale intrusions (the number one cause of confirmed data breaches at 28.5%), denial-of-service attacks and cyber-espionage. It even provides a “year in review” chronology of notable breaches (in case you missed them). The report is very informative and, at times, wryly written, which makes me forget – almost! – that Verizon dinged me for several hundred dollars of roaming charges in Europe during my honeymoon last fall (don’t get me started!).

Anyway, you can get a copy of the report here. You can register and download the report or just choose to download the report (which I did). An interesting read.

So, what do you think? Has your organization experienced any data security incidents due to human error? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Discarding a Relevant Computer Results in Adverse Inference Sanctions, Not Default Judgment: eDiscovery Case Law

In Grady v. Brodersen, No. 13-cv-00752-REB-NYW (D.Colo. Mar. 23, 2015), Colorado Magistrate Judge Nina Y. Wang granted the plaintiff’s motion for sanctions against the defendant in part for failing to produce a computer that the defendant ultimately acknowledged that he discarded, but denied the plaintiff’s request for a default judgment sanction, opting for the less severe adverse inference instruction sanction.

Case Background

In this copyright infringement case filed in March 2013 due to publication of disputed images on the defendant’s web site, the District Court of Colorado entered a scheduling order on February 20, 2014, ordering Defendant to preserve all electronically stored information (ESI), including metadata, and to identify his relevant devices. A week later, on February 27, the defendant submitted his initial disclosures to the plaintiff, in which he acknowledged his computer equipment was relevant to this litigation, identified himself as custodian of the equipment, and represented that “a search through computer equipment for any discoverable material has [sic] and is ongoing. Defendant will supplement its response [sic] if necessary.”

But, on August 9, the defendant amended his initial disclosures “after discussion with lawyers regarding the whereabouts of the computer and request for additional information by Plaintiff”, stating that the computer he had owned and used during the relevant time period “died” prior to notice or anticipation of any legal action and was discarded in July 2013 (four months after the case was filed) because it was “broken”. He also stated that he had searched USB/Flash drives owned and controlled by him during the relevant time and found no relevant data. Subsequently, the defendant acknowledged in his deposition that he did not attempt to have the hard drive repaired before discarding the computer. On August 18, the plaintiff moved to compel, and the court granted the motion, ordering the defendant to produce his new computer hard drive for forensic inspection and copying.

Following the court’s order compelling the defendant to produce the new computer, the plaintiff’s forensic experts determined that the defendant began using that computer in November 2013, which was a few months after the defendant discarded the old computer and also discovered that the new computer had received a transfer of 10,091 images on January 19, 2014, nine days after the court recommended denying Defendant’s Motion to Dismiss. The experts noted that the approximately 10,000 images had a range of file modification dates reaching as far as February 2011. The plaintiff filed the motion for sanctions in November 2014.

Citing the four factor test in Ehrenhaus v. Reynolds, 965 F.2d 916, 920 (10th Cir. 1992), the plaintiff argued that:

  1. The discarded computer was the only source of evidence relating to the alteration of his Copyrighted works, so it was “severely prejudicial” to him;
  2. The defendant interfered with the judicial process when he lied under oath on his initial 26(a)(1) disclosures;
  3. The defendant was highly culpable as he discarded the equipment after the commencement of litigation; and
  4. A court-issued warning of dismissal is not necessary where the violation is severe.

Judge’s Opinion

For the most part, Judge Wang agreed with the plaintiff, stating “I find that Mr. Brodersen despoiled relevant evidence that he had an obligation to preserve. I further find that Mr. Brodersen violated Rule 26(g) by not specifying in his Rule 26(a)(1) disclosures dated February 27, 2014 which computer equipment was in his custody and control.” She also ruled that “This court finds sufficient evidence in the record before it to demonstrate that Defendant acted intentionally and with bad faith in discarding the old computer.”

As for the appropriate sanction, however, Judge Wang did not agree with the plaintiff, stating “However, in heeding the direction of the Tenth Circuit to consider the efficacy of lesser sanctions, I find that an entry of default judgment is too severe. The dual objective of protecting a litigant’s right to obtain discoverable evidence and punishing the disobedient party to deter future violative conduct is met by imposing an adverse jury instruction regarding the despoiled evidence.” So, she granted the plaintiff’s motion for sanctions in part ordering the adverse inference instruction sanction as well awarding as the plaintiff’s reasonable attorney fees and costs incurred in pursuing the motion.

So, what do you think? Was the sanction severe enough? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Sometimes You May Need Turn to 34 Year Old Technology to Get the Job Done: eDiscovery Best Practices

If you’ve worked with computers for over three decades like I have, you remember some of the old ways we used computers to support litigation. Our colleague, Jane Gennarelli, covered some of those in her recent “Throwback Thursdays” series (here are the links to last year’s 12-part series: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12). But, a 34 year old software application can still be useful today.

Amy Bowser-Rollins’ excellent blog Litigation Support Guru is currently running a “Fast Tip Friday” series with videos containing fast tips (and tricks) for handling various litigation support tasks. Last Friday’s post, was titled Fast Tip Friday – Using DOS to Create File Listing.

“DOS” you say? Surely, you don’t mean venerable, old MS-DOS, which was originally introduced by Microsoft in 1981? Is that thing even still around?

Yes, it is. As, Amy demonstrates, even though we’re in the GUI age of Windows software, you can still get to DOS when you need to do so and it can still be useful to help generate file listings.

In the example that Amy walks through, she uses the DOS “dir” command (short for directory – in Windows, those are represented as folders in Windows Explorer) to generate a sample file listing. She uses parameters “/s” (to include all subdirectories within the current directory), /b (to use the “bare” format with no heading information) and “> filelisting.txt” (to write the results to a text file). She then demonstrates how you can load the resulting text file into Excel to work with your file listing.

There are parameters to show hidden or system files and to sort the files by any one of several sort options. You can also select specific files or types of files (e.g., all Excel files as “dir *.xlsx”).

File listings of directories in DOS can be useful for everything from an inventory of files to be processed or perhaps a control listing of files to be produced to perform a Quality Control check.

I have used DOS regularly to generate listing during the discovery process. In one project several years ago, I performed various searches on the corporation’s enterprise-wide document management repositories and downloaded the responsive files, then used DOS to generate control listings of each responsive set for verification and statistical analysis. Despite the fact that MS-DOS is 34 years old, it can still be useful in discovery.

Thanks, Amy, for the terrific “fast tip”!

So, what do you think? Do you use DOS to generate file listings for discovery, or any other purposes? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Rules that Automatically Generated Read Receipt is Not Hearsay: eDiscovery Case Law

In Fox v. Leland Volunteer Fire/Rescue Department Inc., 7:12-CV-354-FL. (E.D.N.C. Mar. 10, 2015), North Carolina District Judge Louise W. Flanagan ruled that a Read Receipt automatically sent from the defendant’s email address to the plaintiff (when the defendant opened an email sent by the plaintiff) was not hearsay.

Case Background

In this wrongful termination case, the court was considering the defendants’ motion for summary judgment, as well as the defendants’ motion to strike certain exhibits attached to plaintiff’s brief in opposition to summary judgment for failure to comply with Federal Rule of Civil Procedure 56(c) & (e). One of the items that the defendants sought to exclude was a read receipt sent from defendant Grimes email address to plaintiff, triggered when an email plaintiff sent defendant Grimes was opened, arguing that the Read Receipt was “unauthenticated hearsay”.

Judge’s Opinion

Judge Flanagan made a swift ruling on this issue when she stated “Defendants’ argument fails. The Read Receipt is not hearsay.”

Explaining her ruling, Judge Flanagan started by questioning whether a Read Receipt email was even a statement, as follows: “As noted, hearsay is a declarant’s out of court statement offered to prove the truth of the matter asserted therein… As an initial matter, it is questionable whether the Read Receipt is a ‘statement’ at all. Federal Rule of Evidence 801(a) defines ‘statement,’ and specifically notes that a ‘statement’ must be ‘intended . . . as an assertion.’ Id. Here, it is questionable that the Read Receipt was intended to be assertive.”

Giving the benefit of the doubt that the Read Receipt qualifies as a statement under Rule 801(a), Judge Flanagan still ruled that “the read receipt is still admissible against both defendants where it is excluded from Rule 801…In particular, the email was generated by defendant Grimes, thus Rule 801(d)(2)(A) allows its admission against him. Rule 801(d)(2)(D), in addition, allows its admission against defendant Leland, because the statement came from defendant Grimes official email address, and defendant Grimes was required, as a function of his job, to investigate and respond to complaints of harassment.”

With regard to the defendants’ contentions that proper authentication under Federal Rule of Evidence 901(b)(1) & (4) of the Read Receipt was “impossible, because plaintiff failed to produce information about the email’s origin, including the mechanism by which it was generated” and that “plaintiff should have submitted a technical affidavit explaining how ‘read receipt’ emails are created, to ensure reliability”, Judge Flanagan stated that “the Read Receipt may be properly authenticated under Federal Rule of Evidence 901(b)(1) & (4).” Continuing, she noted that “the reliability of defendant Grimes’ email is not at issue, because the email is being admitted as a statement of a party opponent, which does not require the court to ensure reliability” and that “no technical affidavit is required to authenticate properly the Read Receipt… Here, defendant Grimes acknowledges receipt of plaintiff January 2, 2011, email referenced in the read receipt.” So, Judge Flanagan ruled that “the Read Receipt may properly be admitted.”

Ultimately, that proved to be a hollow victory for the plaintiff as Judge Flanagan granted the defendants’ motion to strike in part and also granted the defendants’ motion for summary judgment, closing the case.

So, what do you think? Was the court right to admit the Read Receipt? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Free Trojans with Your Document Production: eDiscovery Trends

By “trojans”, I mean “malware”, not the other type of “trojans”… 🙂

An Arkansas lawyer representing three Fort Smith police officers in a whistleblower case is seeking sanctions after his computer expert found malware on an external hard drive supplied in response to a discovery request, according to a story by the Northwest Arkansas Democrat Gazette.

According to the story, Attorney Matthew Campbell in North Little Rock has been representing three current and former Fort Smith police officers in the lawsuit since January 2014. He requested emails from the Fort Smith Police Department, and Sebastian County Circuit Judge James O. Cox ordered on May 9, 2014, that they be provided to Campbell as part of discovery in the case. The documents were produced in June 2014. It’s how they were produced that aroused Campbell’s suspicion.

Douglas Carson, the attorney representing Fort Smith and its Police Department, sent Campbell a computer hard drive with the production by Federal Express. According to the story, Campbell said the defendants normally had provided him with requested documents via email, the U.S. Postal Service or through a cloud-based Internet storage service.

So, Campbell decided to have his information technology expert, Geoff Mueller of Austin, Texas, check out the drive first. Guess what he found? Four “Trojans,” one of which was a duplicate.

A “trojan” or “trojan horse” appears to be a legitimate program which unleashes the malware when you are tricked into running it. They can be quite tricky as I reported a few years ago when it happened to me.

“One would have kept my Internet active even if I tried to turn it off, one would have stolen any passwords that I entered in, and the other would have allowed the installation of other malicious software,” Campbell said. “It’s not like these are my only clients, either. I’ve got all my client files in my computer. I don’t know what they were looking for, but just the fact that they would do it is pretty scary.”

In an affidavit filed with the motion Friday, Mueller stated: “Upon informing Mr. Campbell of the presence of these Trojans, he provided me with information that the Fort Smith Police Department claimed to be running a secure system with real-time virus and malware protection. In my experience, if the FSPD system is actually as described, these Trojans would not exist on the system.”

Mueller said the placement of the Trojans in a subfolder named “D:Bales Court Order,” and not in the root directory, “means the Trojans were not already on the external hard drive that was sent to Mr. Campbell and were more likely placed in that folder intentionally with the goal of taking command of Mr. Campbell’s computer while also stealing passwords to his account.”

In addition to the malware found on the drive, Campbell’s motion for sanctions alleges that entire email accounts were deleted, that emails which could have been recovered were purged from the system, and that emails which were previously provided in response to Freedom of Information Act (FOIA) requests had improper deletions. Campbell also states in the motion that the police department’s IT specialist attended a convention ten days after the court granted Campbell’s motion to compel evidence last May. According to Campbell, the expert took classes on secure data deletion, whistleblower investigation and monitoring employee activity, but did not take classes offered on eDiscovery and preservation of evidence.

Campbell is asking for a default judgment for his clients and that the defendants be held in criminal contempt of court, among other sanctions.

So, what do you think? Do you check data produced to you for the presence of malware? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.