Close
Enter your
text here

Preservation

eDiscovery Trends: If You Use Auto-Delete, Know When to Turn It Off
 

Federal Rule of Civil Procedure 37(f), adopted in 2006, is known as the “safe harbor” rule.  It provides that “[a]bsent exceptional circumstances, a court may not impose sanctions under these rules on a party for failing to provide electronically stored information lost as a result of the routine, good-faith operation of an electronic information system.”

Let’s face it, every time we turn on our computers, we overwrite data.  And, the mere opening of files (without changing any data) can change the metadata of a file – for example, simply opening a Microsoft Access® database changes the last modified date of the Access file, even if no records are changed.  If there wasn’t some measure of “safe harbor” protection, an organization facing litigation might find it very difficult to conduct business during the case.

While it’s not always clear to what extent “safe harbor” protection extends, one case from a few years ago, Disability Rights Council of Greater Washington v. Washington Metrop. Trans. Auth., D.D.C. June 2007, seemed to indicate where it does NOT extend – auto-deletion of emails.  In this case, the defendant failed to suspend auto-delete on its email system when their preservation obligation commenced, resulting in emails only being available on back-up tapes.  Their argument that the tapes were “not reasonably accessible” was denied by the court, describing their request as “chutzpah”.

Of course, email, like any other type of ESI, should be subject to document retention and destruction policies and old emails should be purged when they reach the end of the retention period.  Microsoft Outlook® provides an option via its Auto Archive function to delete the emails instead of archiving them.  You can select this setting for all emails (via the Tools, Options menu, Other tab) or for selected folders (by right-clicking on them, selecting Properties and then selecting the AutoArchive tab).  That’s at the client level.

But, most organizations use Outlook through Exchange.  Exchange Manager enables administrators to set auto delete policies for the email user population to manage retention and destruction of emails, thus being able to disable  the auto delete function for users when the duty to preserve arises.  If your organization uses auto-delete, it’s important to have a policy in place for disabling auto-delete for litigation, whether at the Outlook client level, the Exchange level or with any other email system.

So, what do you think?  Does your organization use auto-deletion of emails?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Best Practices: Competency Ethics – It’s Not Just About the Law Anymore
 

A few months ago at LegalTech New York, I conducted a thought leader interview with Tom O’Connor of Gulf Coast Legal Technology Center, who didn’t exactly mince words when talking about the trend for attorneys to “finally tak[e] technology seriously”.  As he noted, “lawyers are finally trying to take some time to try to get up to speed – whining and screaming pitifully all the way about how it’s not fair, and the sanctions are too high and there’s too much data.  Get a life, get a grip.  Use the tools that are out there that have been given to you for years.” 

Strong words, indeed.  The American Bar Association (ABA) Model Rules of Professional Conduct (Model Rules) require that an attorney possess and demonstrate a certain requisite level of knowledge in order to be considered competent to handle a given matter.  Specifically, Model Rule 1.1 states that, "[a] lawyer shall provide competent representation to a client. Competent representation requires the legal knowledge, skill, thoroughness, and preparation reasonably necessary for the representation."

Preparation not only means understanding a specific area of the law (for example, antitrust or patent law, both highly specialized.).  It also means having the technical knowledge and skills necessary to serve the client in the area of discovery.

The ethical responsibilities of counsel these days includes competently directing and managing the identification, preservation, collection, processing, analysis, review and production of electronically stored information (ESI) required to be produced pursuant to lawful discovery requests.  If counsel does not have that level of competency in a particular area, he or she is obligated to either acquire the knowledge or skill necessary to support those needs, or include someone else who does have the requisite skills as part of the representation.

Not too long ago, I met with an attorney and discussed how they handled preservation obligations with their clients.  The attorney indicated that he expected his clients to self-manage their own preservation and collection.  When I asked him why he didn’t try to get more involved to make sure it was being handled properly, he said, “I don’t want to alarm them.  They might decide they need a bigger firm.”

Recent case law is full of cases where counsel didn’t fully understand their eDiscovery obligations, and got themselves and their clients “burned” in the process.  If your organization gets involved in litigation, make sure to include eDiscovery competence among the factors you consider when determining counsel qualifications to represent you.

So, what do you think?  Is your counsel eDiscovery savvy?  If not, do they use a provider that is?  Please share any comments you might have or if you’d like to know more about a particular topic.

Social Tech eDiscovery: Use of Smarsh for Social Media Archiving
 

The online world thrives on social media, but for attorneys who must preserve sensitive social media data for discovery, the widespread growth of social technology presents a laundry list of problems.

Not only is it challenging to trace the communications shared on popular sites like Facebook, LinkedIn and Twitter when privacy settings can be turned on and off at whim, it’s also difficult to know whether the information available at any given time is complete, as content can be edited by users at any time or lost due to technical malfunctions.

In some cases, like this example, courts have ruled that even locked or private content on Facebook and other social networking sites is not protected from being requested as part of discovery. In other cases, such as this one, they have ruled differently.  You don’t know for sure how courts will rule, so you have to be prepared to preserve all types of social media content, even possibly content that is changed frequently by users, such as Facebook profiles and blog posts.  And, even though Facebook has introduced a self-collection mechanism, it may not capture all of the changes you need.  And, other social media sites have not yet provided a similar mechanism.  If items are changed or lost after the duty to preserve goes into effect, your organization can be sanctioned with steep fines even receive an adverse inference judgment based on the information you are unable to produce.

Fortunately, there are viable solutions that enable you to create a backup of all social networking activity and archive such information in the event it has to be produced in discovery. Portland-based Smarsh has archiving and compliance tools, including social media archiving and compliance that automate the archiving of social media accounts, preserving all necessary data in case you need it later for discovery.

Some of the benefits of Smarsh’s social media archiving tools include:

  • A complete, logged, and quantifiable record of all social media posts and administrator activity
  • The ability to define which social media features your employees have access to and to track all business communications
  • Compliance with SEC and FINRA regulations (including Regulatory Notice 10-06)
  • The tools to identify and minimize risk, saving your business time, effort, and money

Smarsh has been designed to satisfy all regulatory compliance objectives, transforming the data management hazards of social media into a system that automatically updates and archives itself – an attorney’s dream when litigation strikes. This application creates a simple and proactive approach to archival of social media data, enforcing preservation to ensure that the duty to preserve is met.

So, what do you think?  Do you use Smarsh or any other social media archival tool?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: Forecast for More Clouds
 

No, eDiscoveryDaily has not begun providing weather forecasts on our site.  Or stock forecasts.

But, imagine if you could invest in an industry that could nearly sextuple in nine years? (i.e., multiply six-fold).

Well, the cloud computing, or Software-as-a-Service (SaaS), industry may be just the industry for you.  According to a Forrester report from last month, the global cloud computing market will grow from 40.7 billion dollars in 2011 to more than 241 billion dollars by 2020.  That’s a 200 billion dollar increase in nine years.  That’s enough to put anybody “on cloud nine”!

The report titled Sizing The Cloud by Stefan Ried (Principal Analyst, Forrester) and Holger Kisker (Sr. Analyst, Forrester), outlines the different market dynamics for three core layers of cloud computing, as follows:

  • Public Cloud: From 25.5 billion dollars to 159.3 billion dollars by 2020;
  • Virtual Private Cloud: From 7.5 billion dollars to 66.4 billion dollars by 2020;
  • Private Cloud: From 7.8 billion dollars to 159.3 billion dollars by 2020.

Public cloud providers include everything from Facebook and Twitter to Amazon.com and Salesforce.com.  As the name implies, a private cloud is where companies implement their own cloud environment to support its own needs.  A virtual private cloud is simply a private cloud located within a public cloud.

Forrester is not the only analyst firm that expects big things for cloud computing.  The Gartner Group projected that the cloud computing industry will have revenue of 148.8 billion dollars by 2014, even higher than Forrester’s forecast of 118.7 billion dollars for the same year.  Clearly, the benefits of the cloud are causing many organizations to consider it as a viable option for storing and managing critical data.

What does that mean from an eDiscovery perspective?  That means a forecast for more clouds.  If your organization doesn’t have a plan in place for managing, identifying, preserving and collecting data from its cloud solutions, things could get stormy!

So, what do you think?  Is your organization storing more data in the cloud?  Does your organization have an effective plan in place for getting to the data when litigation strikes?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Best Practices: Usefulness of Facebook’s Self Collection Mechanism
 

We’ve written about Facebook a lot on this blog.  Shortly after this blog was launched, we provided information on Facebook’s subpoena policy.  We’ve also talked about the eDiscovery implications associated with the rollout of Facebook’s new email messaging system, dubbed “Facemail”.  And, just last week, we chronicled a case involving Facebook where they were ordered to produce documents instead of just merely providing access to them.  And, we haven’t even mentioned the latest revelations that Facebook may have secretly hired a PR firm to plant negative stories about Google (oops, we just did!).

But perhaps our most popular post regarding Facebook was regarding the self collection mechanism that they rolled out last October, which we found out about via our LegalTech interview with Craig Ball published back in March after our February interview (Craig also wrote an article about the feature in Law Technology News in February).

Now, another article has been written about the usefulness of Facebook’s self collection mechanism (called “Download Your Information”) in the blog E-Discovery Law Alert, entitled How Useful is Facebook's "Download Your Information" Feature in E-Discovery?, written by Patrick V. DiDomenico.

The author of this article conducted a test by downloading his information via the utility, deleting some information from his Facebook profile – “an email message, some wall posts, comments, photos, and even a friend (not a close friend)” – hopefully, he added the friend back.  Then, he downloaded his information again, every day for four days, with no change for the first three days.  On the fourth day, most of the deleted information disappeared from the download, except the email message (which disappeared when he ran the utility one more time).

The conclusion was that the mechanism “does not appear to ‘look back’ and recover deleted information in the user’s account”.  Thoughts:

  • With no change in the download in the first three days, the author notes that “Facebook did not take a fresh snapshot of my account every day – it just re-downloaded the same file three days in a row”.  He doesn’t mention whether he added any content during this time.  It would be interesting to see if that would force a change.
  • I don’t believe that there is any specific documentation from Facebook as to how it handles additions and deletions and how often the snapshot is updated.  If not, it might behoove them to create some, it might save them some subpoena requests.
  • The author notes that “it is inadvisable for lawyers to rely solely on the Download Your Information feature for discovery of an adversary’s Facebook information” as it “gives no assurance that a litigant’s attempt to delete evidence will be revealed”.  On the other hand, it may be still an appropriate mechanism to use for your own discovery to preserve your own information.  Facebook may also store deleted information on backup tapes, so a subpoena could catch your opponent red-handed if you can justify the discovery of those tapes.  Food for thought.

So, what do you think?  Have you had any Facebook discovery requests in your eDiscovery projects?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Case Law: Written Litigation Hold Notice Not Required

The Pension Committee case was one of the most important cases of 2010 (or any year, for that matter).  So, perhaps it’s not surprising that it is starting to become frequently cited by those looking for sanction for failure to issue a written litigation hold.

In Steuben Foods, Inc. v. Country Gourmet Foods, LLC, No. 08-CV-561S(F), (W.D.N.Y. Apr. 21, 2011), a U.S. District Court in the Western District of New York declined to follow the Pension Committee decision in the Southern District of New York to the extent that the Pension Committee decision held “that implementation of a written litigation hold notice is required in order to avoid an inference that relevant evidence has been presumptively destroyed by the party failing to implement such written litigation hold.”

Steuben Foods alleged that Country Gourmet breached its exclusive supply contract with Steuben when County Gourmet sold all its assets except the supply contract to Campbell Soup. Campbell sought sanctions against Steuben when several emails were not produced by Steuben and Steuben conceded that its litigation hold procedure had not included a written notice. Steuben’s corporate counsel had orally directed each of eight managers and corporate officers to identify all electronically stored information, including paper documents and email communications, pertaining to Country Gourmet or Campbell and not to discard or delete or otherwise destroy such documents pending the litigation.

Campbell pointed to the Pension Committee decision, Pension Committee of the University of Montreal Pension Plan v. Banc of America Securities, LLC, 685 F. Supp. 2d 456, 476 (S.D.N.Y. 2010), “in which the court found that the absence of a written litigation hold notice supported its conclusion that plaintiffs had been grossly negligent in their obligations to preserve relevant electronically stored documents and that plaintiffs’ document production failures, coupled with the absence of a timely written litigation hold, permitted the inference that relevant documents were culpably destroyed or lost as a result.”

The court declined to infer from the absence of a written litigation hold, as the Pension Committee court did, that relevant documents were culpably destroyed or lost:

“Accordingly, the court in this case declines to hold that implementation of a written litigation hold notice is required in order to avoid an inference that relevant evidence has been presumptively destroyed by the party failing to implement such written litigation hold.”

The court noted that the relatively small size of Steuben with 400 employees “lends itself to a direct oral communication of the need to preserve documents relevant to Plaintiff’s case” and was a reason “why a written litigation hold is not essential to avoid potential sanctions for spoliation.” In any event, according to the court, Campbell was not prejudiced by any failure of Steuben to produce email because Country Gourmet provided copies of the email to Campbell and Campbell could show no prejudice resulting from any claimed negligence of Steuben in not having a written litigation hold.

So, what do you think?  Should a written litigation hold be required in every case?  Would that have made a difference in this one?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case Summary Source: Applied Discovery (free subscription required).  For eDiscovery news and best practices, check out the Applied Discovery Blog here.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Best Practices: What Are the Skeletons in Your ESI Closet?
 

At eDiscoveryDaily, we try not to re-post articles or blog posts from other sources.  We may reference them, but we usually try to add some commentary or analysis to provide a unique spin on the topic.  However, I read a post Thursday on one of the better legal blogs out there – Ride the Lightning from Sharon Nelson – that was a guest post by Jim McGann, VP of Information Discovery at Index Engines that I thought was well done and good information for our readers.  Jim has been interviewed by eDiscoveryDaily here and here and always has terrific insight on ESI issues.  You can click here to read the post directly on Ride the Lightning or simply read below.

Law firms and corporations alike tend to keep data storage devices well beyond what their compliance requirements or business needs actually dictate.  These so-called “skeletons in the closet” pose a major problem when the entity gets sued or subpoenaed. All that dusty data is suddenly potentially discoverable. Legal counsel can be proactive and initiate responsible handling of this legacy data by defining a new, defensible information governance process.

  1. Understand all data sources. The first choice when faced with an ESI collection is to look at current online network data. However, many other sources of email and files exist on corporate networks, sources that may be more defensible and even cost effective to collect from, including offsite storage typically residing on backup tapes. Tape as a collection source has been overlooked because it was historically difficult and expensive to collect from legacy backup tapes.
  2. Get proactive with legal requirements. Defining what ESI data should be kept and placed on litigation hold and what can be purged are the first steps in a proactive strategy. These legal requirements will allow clients to put a policy in place to save specific content, certain custodians and intellectual property so that it is identifiable and ready for on demand discovery.
  3. Understand technology limitations. Only use tools that index all the content, and don’t change any of the metadata. Some older search solutions compromise the indexing process, and this may come to haunt you in the end.
  4. Become a policy expert. As new technology comes on the market, it tends to improve and strengthen the discovery process. Taking the time to understand technology trends allows you to stay one step ahead of the game and create a current defensible collection process and apply policy to it.

So, what do you think?  Do you have “skeletons” in your ESI closet?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: Sedona Conference Database Principles
 

A few months ago, eDiscovery Daily posted about discovery of databases and how few legal teams understand database discovery and know how to handle it.  We provided a little pop quiz to test your knowledge of databases, with the answers here.

Last month, The Sedona Conference® Working Group on Electronic Document Retention & Production (WG1) published the Public Comment Version of The Sedona Conference® Database Principles – Addressing the Preservation & Production of Databases &Database Information in Civil Litigation to provide guidance and recommendations to both requesting and producing parties to simplify discovery of databases and information derived from databases.  You can download the publication here.

As noted in the Executive Overview of the publication, some of the issues that make database discovery so challenging include:

  • More enterprise-level information is being stored in searchable data repositories, rather than in discrete electronic files,
  • The diverse and complicated ways in which database information can be stored has made it difficult to develop universal “best-practice” approaches to requesting and producing information stored in databases,
  • Retention guidelines that make sense for archival databases (databases that add new information without deleting past records) rapidly break down when applied to transactional databases where much of the system’s data may be retained for a limited time – as short as thirty days or even thirty seconds.

The commentary is broken into three primary sections:

  • Section I: Introduction to databases and database theory,
  • Section II: Application of The Sedona Principles, designed for all forms of ESI, to discovery of databases,
  • Section III: Proposal of six new Principles that pertain specifically to databases with commentary to support the Working Group’s recommendations.  The principles are stated as follows:
    • Absent a specific showing of need or relevance, a requesting party is entitled only to database fields that contain relevant information, not the entire database in which the information resides or the underlying database application or database engine.
    • Due to differences in the way that information is stored or programmed into a database, not all information in a database may be equally accessible, and a party’s request for such information must be analyzed for relevance and proportionality.
    • Requesting and responding parties should use empirical information, such as that generated from test queries and pilot projects, to ascertain the burden to produce information stored in databases and to reach consensus on the scope of discovery.
    • A responding party must use reasonable measures to validate ESI collected from database systems to ensure completeness and accuracy of the data acquisition.
    • Verifying information that has been correctly exported from a larger database or repository is a separate analysis from establishing the accuracy, authenticity, or admissibility of the substantive information contained within the data.
    • The way in which a requesting party intends to use database information is an important factor in determining an appropriate format of production.

To submit a public comment, you can download a public comment form here, complete it and fax (yes, fax) it to The Sedona Conference® at 928-284-4240.  You can also email a general comment to them at tsc@sedona.net.

eDiscovery Daily will be delving into this document in more detail in future posts.  Stay tuned!

So, what do you think?  Do you have a need for guidelines for database discovery?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Case Law: Conclusion of Case Does Not Preclude Later Sanctions

In Green v. Blitz U.S.A., Inc., (E.D. Tex. Mar. 1, 2011), the defendant in a product liability action that had been settled over a year earlier was sanctioned for “blatant discovery abuses” prior to the settlement. Defendant was ordered to add $250,000 to its settlement with plaintiff, to provide a copy of the court’s order to every plaintiff in every lawsuit against defendant for the past two years or else forfeit an additional $500,000 “purging” sanction, and to include the order in its first responsive pleading in every lawsuit for the next five years in which defendant became involved.

Defendant, a manufacturer of gasoline containers, was named in several product liability lawsuits, including this case in which plaintiff alleged that her husband’s death was caused in part by the lack of a flame arrestor on defendant’s gas cans. The jury in plaintiff’s case returned a verdict for defendant after counsel for defendant argued that “science shows” that flame arrestors did not work. The case was settled after the jury verdict for an undisclosed amount, but two years later, counsel for plaintiff sought sanctions and to have the case reopened after learning in another case against defendant that while the gas can lawsuits were underway, defendant had been instructing its employees to destroy email.

The court described defendant’s failure to implement a litigation hold as gas can cases were filed. A single employee met with other employees to ask them to look for documents, but he did not have any electronic searches made for documents and he did not consult with defendant’s information technology department on how to retrieve electronic documents.

The court held that defendant willfully violated the discovery order in the case by not producing key documents such as a handwritten note indicating a desire to install flame arrestors on gas cans and an email noting that the technology for flame arrestors existed given the common use of flame arrestors in the marine industry. “Any competent electronic discovery effort would have located this email,” according to the court, through a key word search. Defendant’s employee in charge of discovery did not conduct a key word search and, despite acknowledging that he was as computer “illiterate as they get,” did not seek help from defendant’s information technology department, which was routinely sending out instructions to employees to delete email and rotating backup tapes every two weeks while the litigation was underway.

The court declined to reopen the case since it had been closed for a year. However, based on its knowledge of the confidential settlement of the parties, the court ordered defendant to pay plaintiff an additional $250,000 as a civil contempt sanction to match the minimum amount that the settlement would have been if plaintiff had been provided documents withheld by defendant. The court also ordered a “civil purging sanction” of $500,000 which defendant could avoid upon showing proof that a copy of the court’s decision had been provided to every plaintiff in a lawsuit against defendant for the past two years. The court added a requirement that defendant include a copy of the court’s opinion in its first pleading in any lawsuit for the next five years in which defendant became a party.

As Yogi Berra would say, “It ain’t over ‘til it’s over”.

So, what do you think?  Should cases be re-opened after they’re concluded for discovery violations?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case Summary Source: Applied Discovery (free subscription required).  For eDiscovery news and best practices, check out the Applied Discovery Blog here.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Case Law: Destroy Data, Pay $1 Million, Lose Case

A federal judge in Chicago has levied sanctions against Rosenthal Collins Group LLC and granted a default judgment to the defendant for misconduct in a patent infringement case, also ordering the Chicago-based futures broker’s counsel to pay “the costs and attorneys fees incurred in litigating this motion” where plaintiff’s agent modified metadata related to relevant source code and wiped several relevant disks and devices prior to their production and where the court found counsel participated in “presenting misleading, false information, materially altered evidence and willful non-compliance with the Court’s orders.”

In Rosenthal Collins Group, LLC v. Trading Techs. Int’l, No. 05 C 4088, 2011 WL 722467 (N.D. Ill. Feb. 23, 2011), U.S. District Judge Sharon Johnson Coleman assessed a sanction of $1 million to Rosenthal Collins (RCG) and granted defendant/counter-plaintiff Trading Technologies’ (TT) motion for evidentiary sanctions and default judgment.  Much of the reason was due to the actions of RCG’s agent, Walter Buist.  Here’s why:

  • During Buist’s deposition, he admitted to “turning back the clock” to change the “last modified” date on the previously modified source code to make it appear that the modifications had occurred much earlier.  Despite clear evidence of these facts, RCG continued to deny them, even calling the claims “libelous,” “audacious,” and “Oliver Stone-esque.”
  • Buist also later admitted “wiping” six of seven zip disks that originally contained the relevant source code.  While he did not admit wiping the seventh disk, it was also wiped, and the Court found that it was “impossible to believe that it is merely coincidence that the seventh disk happened to be wiped on May 2, 2006, which just happened to be the same day that TT was scheduled to inspect it.”
  • The Court found that here was evidence that “virtually every piece of media ordered produced by the Court in May 2007 and July 2008 was wiped, altered, or destroyed.”
  • Despite RCG’s (and its counsel’s) attempts to distance itself from “its own agent, employed for the purposes of pursuing this litigation” and disavowing any “actual knowledge” of wrongdoing, Buist was RCG’s agent and, therefore, RCG was bound by Buist’s behavior and actions.
  • Even if RCG and its counsel had no knowledge of the destruction of the evidence, the destruction might have been avoided if RCG had complied with the Court’s orders in a timely manner to produce the materials and/or preserved the evidence by taking custody of it.

So, what do you think?  Should parties and their counsel be liable for the actions of an agent on their behalf?  Please share any comments you might have or if you’d like to know more about a particular topic.