Close
Enter your
text here

Production

Facebook’s Policies and Government Request Reports – Social Tech eDiscovery

Two weeks ago, we took a fresh look at Twitter’s Law Enforcement Policies and their latest Transparency Report to show government requests for data, then last week (for the first time), we looked at LinkedIn’s Privacy and Law Enforcement Data Request Guidelines and Transparency Report.  This week, we’ll take a look at Facebook’s policies and Government Request Reports.

We originally looked at Facebook’s law enforcement policies back in 2010 – this policy was updated extensively by the time we looked at it again in 2012.  The good news is that the policy has remain largely unchanged since our last look – the main difference is the option to submit records requests online as well as via email, snail mail or fax (you still have to be a law enforcement officer to submit the request).

Facebook, similar to Twitter and LinkedIn, posts biannual Transparency Reports, however the company uniquely calls them “Global Government Request Reports”.  Facebook began publishing these reports last year, and posted the first one on June 30, 2013 for the first six months of 2013 – the latest report available is for the last six months of 2013.  The main page gives you an interactive map to click on to select a continent, then you can select a country for which get a specific report.  Or, you can download the entire report as a comma-separated values (.CSV) file to review all of the countries at once.

The downloaded entire report covers: 1) The countries that requested information from Facebook about their users, 2) The number of requests received from each of those countries, 3) The number of users/accounts specified in those requests, and 4) The percentage of these requests in which Facebook was required by law to disclose at least some data.  It also includes instances in which Facebook has removed content that governments have identified as illegal (e.g., posts denying the holocaust are illegal in Germany).  If you select the country individually via the interactive map, you also get a breakdown of the first three numbers for the types of requests (e.g., Search Warrant, Subpoena, Emergency Disclosures, Other).

In the latest report, the US had 12,598 requests for user data (44.8% of the total of 28,147 worldwide), referencing 18,715 user accounts (47.6% of the total of 39,320 worldwide) and some data was produced in 81.02% of the requests.  The next highest country was India (3,598 requests involving 4,711 accounts).  We’re number one!

Facebook, like other social media platforms, continues to push the US government to allow more transparency in releasing specific numbers and types of national security-related requests. Colin Stretch, Facebook’s General Counsel, made an all-encompassing comment about the topic: Government transparency and public safety are not mutually exclusive ideals. Each can exist simultaneously in free and open societies, and they help make us stronger. We strongly encourage all governments to provide greater transparency about their efforts aimed at keeping the public safe, and we will continue to be aggressive advocates for greater disclosure.”

You can get more information about the reports here and look at their FAQ page here.

What other sites have reports?  We’ll take a look at that tomorrow.

So, what do you think?  Have you needed to request information from Facebook for litigation purposes?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

LinkedIn’s Transparency Report – Social Tech eDiscovery

Yesterday, we talked about LinkedIn’s Privacy and Law Enforcement Data Request Guidelines.  Like Twitter and other social media companies, LinkedIn also discloses a semi-annual Transparency Report to inform the public of the frequency and type of government requests the company receives regarding member data.  Let’s take a look.

With regards to the reporting, it’s worth noting that LinkedIn and other web-based companies cannot be fully transparent because of restrictions imposed on disclosing the number of national security-related requests received from the U.S. government. In A Letter to the LinkedIn Community, Erika Rottenberg, the Vice President, General Counsel and Secretary of LinkedIn, explains that, “we have been expressly prohibited by the U.S. government from disclosing the number of U.S. national security-related requests we receive, if any. This prohibition, which limits our ability to provide the transparency that we think our members and the public deserve, has been the source of great disappointment and frustration to us.”

In September 2013, LinkedIn filed legal challenges seeking the right to provide greater transparency into the number of national security-related requests they receive from the U.S. government. And last December they released, along with other technology companies, government surveillance reform principles that highlight government request transparency as a key part of necessary reform. In response to the legal challenges and advocacy of LinkedIn and other technology companies, the U.S. government officially changed its policy regarding the reporting of national security-related requests on January 27, 2014, to increase transparency (detailed in the articleGoogle, Yahoo and Linkedin disclose details on US National Security requests).

So, the Transparency Report isn’t as transparent as LinkedIn (and other providers) would like, but it’s better.

With that in mind, in the latest Transparency Report, covering the second half of 2013, there were 72 government requests for member data globally reported, with 56 of those (78%) coming from the US.   Requests actually dropped 13% from the first half of 2013 (from 83 to 72 globally and from 70 to 56 in the US – 20% drop).  Those requests impacted 110 member accounts globally, 90 of which were in the US (82%).  While requests dropped in the second half of 2013, the accounts affected rose from 97 to 110 (13% rise) globally and from 84 to 90 in the US (7%).  LinkedIn provides stats for the last two years on government requests for member data and member accounts impacted (at six month intervals).  In the most recent six months, LinkedIn provided data in response to overall requests 47% of the time (61% of the time to US requests).

Next week, we will take a look at Facebook’s policies and transparency.

So, what do you think?  Have you ever request information from LinkedIn for discovery purposes?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

LinkedIn Has Privacy and Law Enforcement Data Request Guidelines Too – Social Tech eDiscovery

Last week, we discussed recent updates to Twitter’s Law Enforcement policies as well as Twitter’s latest Transparency Report to show government requests for data.  Today, let’s take a look at the Privacy Policy and Law Enforcement Guidelines for LinkedIn.

This is our first time to take a look at LinkedIn, which (as you probably know) is a business-focused social networking site, designed for professional networking.  On March 26th of this year, LinkedIn updated its Terms of Service, which include its Privacy Policy and User Agreement, in part because they acquired Pulse, a mobile app, and SlideShare, a sharing platform for business documents, videos and presentations. As a result, LinkedIn integrated SlideShare and Pulse’s Terms of Service into one unified agreement.

The Privacy Policy is broken into four main sections: 1) What information we collect, 2) How we use your personal information, 3) Your choices & obligations and 4) Other information.  In the “How we use your personal information”, LinkedIn notes that “It is possible that we may need to disclose personal information, profile information, or information about your activities as a Member or Visitor when required by law, subpoena, or other legal process” as well as to investigate potential illegal activities, enforce the User Agreement or exercise the rights of LinkedIn or its members.  With regard to notifying users about these requests, LinkedIn states they “attempt to notify Members about legal demands for their data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency” and they “may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority”.

In the “Your choices & obligations” section, LinkedIn’s policies regarding the access rights and information on closing members’ accounts are similar to those of Facebook andTwitter. If members close their account, their information will be removed within 24 hours, and LinkedIn delete closed account information and de-personalizes logs and other backup information within 30 days (unless required for legal obligations, meeting regulatory requirements, resolving disputes, and preventing fraud and abuse).

LinkedIn’s Law Enforcement Guidelines are kept in a separate PDF document.  The Guidelines answer questions such as the type of data requests you can make, your contact information that you must provide, information being requested, types of data that might be available, whether members will be notified that their information is being requested, non-US requirements, etc.  LinkedIn only accepts Data Requests, such as subpoenas and search warrants; Preservation Requests, in connection with official criminal investigations; and Emergency Requests, using the Emergency Request Form on the last page. You can only submit requests via fax, certified mail, express courier or in person, NOT online.  What, no horse and buggy?

Tomorrow, we will take a look at LinkedIn’s Transparency Report to see how many government requests they receive.  It will be here before you know it!

So, what do you think?  Have you ever had to request data from LinkedIn for a case?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Twitter’s Law Enforcement Policies Revisited Again – Social Tech eDiscovery

It’s time to take another look at the social media platforms to see how they handle private information and law enforcement requests (such as subpoenas).  Let’s start with Twitter.

In 2010 and 2012, we reviewed Twitter’s Privacy Policy and Law Enforcement Guidelines.  Since our last review, despite their efforts to fight it, Twitter was ordered to produce tweets for a New York criminal case (People v. Harris).  At the time, Manhattan Criminal Court Judge Matthew Sciarrino stated that “If you post a tweet, just like if you scream it out the window, there is no reasonable expectation of privacy”, but acknowledged that his decision was “partially based on Twitter’s then terms of service agreement”, which was subsequently modified to add the statement “You Retain Your Right To Any Content You Submit, Post Or Display On Or Through The Service.”  After its appeal was denied, Twitter ultimately complied with the order.

There aren’t a lot of changes to Twitter’s Privacy Policy since our post in 2012, though the page is rearranged.  Most information in Twitter is still publicly shared with everyone, as noted by the tip at the top – “What you say on Twitter may be viewed all around the world instantly” (which former congressman and failed NYC mayor candidate Anthony Weiner famously discovered).  Your privacy settings determine whether some information such as location of tweets, email address and cell phone number is private or not.

In the Privacy Policy, Twitter now provides some details about Data Retention of account data, which is about 30 days from the date of deactivation, with the data being permanently deleted within a week afterwards.  Although the Data Retention section of the Guidelines for Law Enforcement page still states “Twitter retains different types of information for different time periods”.

One key change to the Guidelines for Law Enforcement page is that Twitter now provides a web form for law enforcement officers to submit general inquiries or emergency disclosure requests (no more sending faxes!).  If you’re not an authorized law enforcement or government representative, you can’t use the form.

Tomorrow, we will take a look at Twitter’s latest Transparency Report to show government requests for data over the last six months of 2013.  See you then!

So, what do you think?  Have you needed to request information from Twitter for litigation purposes?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Rules in Dispute Between Parties Regarding ESI Protocol, Suggests Predictive Coding – eDiscovery Case Law

In a dispute over ESI protocols in FDIC v. Bowden, CV413-245 (S.D. Ga. June 6, 2014), Georgia Magistrate Judge G. R. Smith approved the ESI protocol from the FDIC and suggested the parties consider the use of predictive coding.

After FDIC-insured Darby Bank & Trust Co. failed in November 2010, the FDIC took over as receiver (as FDIC-R) and brought a bank mismanagement case against sixteen of Darby’s former directors and officers.  Thus far, the parties had been unable to agree on a Joint Protocol for Electronically Stored Information (ESI) and the dispute ultimately reached the court.  The FDIC-R had already spent $614,000 to digitally scan about “2.01 terabytes of data or 153.6 million pages” of data at the bank, but the defendants insisted that the FDIC-R shoulder the burden and expense of reviewing the documents and determining their responsiveness to the claims “”[e]ven though the Bank’s documents were created under Defendants’ custody and control”.

The defendants also argued for a protocol which involved the FDIC-R to “repeatedly search, review, and re-review myriad ‘second-run’ (Phase II) documents, then turn over to them the documents relevant to both claims and defenses that arise in this litigation. The FDIC-R argued for a protocol in which it would produce “categories of documents most likely to contain relevant information” which the defendants could then search, claiming that protocol would be the more “correct allocation of discovery burdens between the parties.” The defendants contended that “search terms alone won’t suffice” and the FDIC-R’s proposed protocol does not relieve the receiver of its Rule 34 burden to “locate and produce responsive documents.”

After reviewing the two proposed protocols, Judge Smith ruled that “given the common ground between the dueling protocols here, the FDIC-R’s ESI protocol will be implemented, as modified by the FDIC-R’s ‘briefing concessions’…as well as by the additional guidance set forth in this Order.”  Those briefing concessions included “offering to open ‘all of the Bank’s former documents . . . [so defendants can retrieve them] to the same extent that the FDIC-R can’” and “offering, in ‘Phase II’ of the disclosure process, to ‘meet and confer with Defendants to reach agreement upon a set of reasonable search terms to run across the database of sources of the ESI to identify documents for production’”.  In approving the FDIC-R’s protocol, Judge Smith stated that “the FDIC-R may meaningfully deploy suitable search terms to satisfy its initial disclosure requirements and respond to forthcoming Rule 34 document requests”.

Also, referencing the DaSilva Moore decision of 2012, Judge Smith stated that “the parties shall consider the use of predictive coding” if ESI protocol disagreements persisted noting that it “has emerged as a far more accurate means of producing responsive ESI in discovery”.

So, what do you think? Should organizations bear the bulk of the discovery burden in cases against individual defendants? Or should the burden be balanced between both parties?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Daily will resume posts on Monday, July 7.  Happy Birthday America!

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Plaintiff Ordered to Re-Open Social Media Account for Discovery – eDiscovery Case Law
 

In Chapman v. Hiland Operating, LLC, 2014 U.S. Dist. Case No. 1:13-cv-052 (D.N.D. May 29, 2014), while noting that he was “skeptical” that reactivating the plaintiff’s Facebook account would produce any relevant, noncumulative information, North Dakota Magistrate Judge Charles S. Miller ordered the plaintiff to “make a reasonable, good faith attempt” to reactivate her Facebook account.

The defendant’s requests for production included a request for communications in the form of, “emails, text messages, instant messages, journal updates, Facebook postings, notes, cards, and/or memorandums”.  The plaintiff objected to that request on several grounds, including that it violated the attorney client and work product privileges, was “unintelligible, improperly vague and ambiguous” and overbroad.

However, in the plaintiff’s deposition, she stated that her attorney advised her to deactivate her Facebook account, which occurred prior to the production request by the defendants. She also stated that stated that she attempted to reactivate her account to respond to discovery requests but was unable to remember her password, but had not attempted to change her password or contacted Facebook regarding reactivating her account. She claimed that she rarely used the account, and when she did it was primarily to communicate with her nieces and nephews. 

Judge Miller noted that although the court was “skeptical” that the plaintiff’s Facebook account “will contain any relevant, noncumulative information, especially given the amount of discovery already completed in this case”, he granted in part the defendant’s motion to compel and ordered the plaintiff and attorney to “make a reasonable, good faith attempt” to reactivate the Facebook account.   He instructed that the plaintiffs do not have to permit defense counsel to be present during the attempt to reactivate the account, and if the account is reactivated, plaintiffs do not have to provide defense counsel the account login and password or full access to the account.

If the Facebook account is reactivated, Judge Miller ordered the plaintiffs to produce in the form of a screen shot other similar format all information from the account referencing a co-plaintiff’s health and his relationship with the other plaintiff since October 19, 2008, and ordered the plaintiff to complete the items by June 27th (last Friday).

So, what do you think? Was the plaintiff’s attorney out of line in ordering the plaintiff to deactivate her Facebook account?  Are screen shots the best way to produce social media data?Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Refuses to Dismiss Spoliation Claim Due to Defendant’s Failure to Produce Key Native File with Metadata – eDiscovery Case Law

In Raines v. College Now Greater Cleveland, Inc., 1:14-CV-00003 (N.D. Ohio June 3, 2014), Ohio District Judge James S. Gwin refused to dismiss the plaintiff’s claim of tortious spoliation of evidence due to the defendant’s failure to produce the metadata associated with a key report authored by the plaintiff.

In 2012, the defendant hired the plaintiff as Executive Director of the Higher Education Compact of Greater Cleveland. As part of her role, the plaintiff produced a Student Privacy Report, entitled Higher Education Compact of Greater Cleveland; Strategic Issues Paper: Student Information Access (the Student Privacy Report). The Student Privacy Report focused on potential violations of student privacy rights and the plaintiff identified concerns to her defendant employer that student privacy rights might be violated because the defendant allowed access to student information. The plaintiff filed a complaint after she was fired the next year by the defendant (and replaced with a substantially younger individual).

The plaintiff claimed spoliation of evidence when the defendants only produced the Student Privacy Report in physical form, without the native file and related metadata. The defendant claimed that the plaintiff could not make that claim because she was not able to show that this production disrupted the case and brought a motion to dismiss the claim of tortious spoliation of evidence (as well as the overall claim).

Judge Gwin noted that, “to state a claim for spoliation of evidence, a plaintiff must establish the following:

(1) A pending or probable litigation involving the plaintiff;

(2) Knowledge on the part of defendant that litigation exists or is probable;

(3) Willful destruction of evidence by defendant designed to disrupt the plaintiff’s case;

(4) Disruption of the plaintiff’s case; and

(5) Damages proximately caused by the defendant’s acts.”

The plaintiff alleged that the defendants knew litigation was likely, and “willfully” destroyed their electronic copy of her Student Privacy Report, claiming that the “metadata associated with the report has independent importance”.

While noting that the plaintiff’s spoliation claim “is not clear regarding damages”, Judge Gwin stated that the plaintiff “sufficiently alleges a claim to survive a motion to dismiss”. Therefore, the motion to dismiss the spoliation claim was denied and Judge Gwin stated, “We will later sort through whether any loss of metadata has caused damage”.

So, what do you think? Should metadata be required to be included in production of key documents? Or is production of a physical document sufficient? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Order for Financial Records and Facebook Conversations Modified Due to Privacy Rights – eDiscovery Case Law
 

In Stallings v. City of Johnston City, No. 13-cv-422-DRH-SCW, 2014 U.S. Dist. (S.D. III. May 19, 2014), Illinois Chief District Judge David R. Herndon modified an earlier order by a magistrate judge in response to the plaintiff’s appeal, claiming that the order violated the privacy rights of the plaintiff, and of minor children with whom the plaintiff had held conversations on Facebook.

The initial order concerned discovery production of the plaintiff’s financial records through a previously issued subpoena. The plaintiff had objected to this production, on the grounds that the defendant had not specified the information sought from the records, namely an unidentified amount of money missing from the defendant’s accounts. In the objection, the plaintiff stated a belief that “seeking the financial records is a fishing expedition on the [defendant’s] part.” However, the magistrate judge ordered the production of the records and found upon review several cash deposits that were deemed potentially relevant, and then directed that the production of the plaintiff’s financial records would be subject to a protective order.

On the matter of the Facebook conversations, the plaintiff had produced approximately 466 pages of printed documents from the relevant account, with the names redacted, in response to the defendant’s discovery request for “[e]ach and every social media posting by [plaintiff] from 2011 to the present concerning her employment” at the defendant, “allegations of wronging against her, her suspension or termination, the investigation into missing money or wrongdoing … her lawsuit, her emotional or physical well-being, or any other matter identified in her Amended Complaint.” The defendant objected to the redaction of names, to which the plaintiff responded that they did not have an unredacted hard copy of the pages due to technical difficulties involving Facebook’s policies. The magistrate judge directed the plaintiff to produce either an electronic version of the Facebook pages, or a hard copy of unredacted pages.

The plaintiff then appealed on these orders, arguing that “defendants have presented no basis to override her right to privacy in her bank records afforded under the Illinois Constitution” and further that the request for unredacted Facebook data “violates her privacy, as well as the privacy of minors and other individuals not involved in this litigation.” At issue regarding the Facebook pages was that Facebook only allows users to download the contents of their entire account, which would require the plaintiff to produce all of her Facebook conversations since 2007 if submitted as discovery, when the defendant requested only documents from 2011 onward.

Upon reviewing the issue of the financial records, Judge Herndon found that any evidence of cash deposits made to the plaintiff’s account during the specified time period were relevant to the defendant, but agreed that the plaintiff has a right to privacy of bank records. Therefore, it was ordered that discovery of evidence would be limited to only those deposits made in cash, “demonstrating that they were made in cash and on what date.”

With regard to the discovery issues concerning Facebook pages, Judge Herndon noted that while the plaintiff states potential violation of privacy for minors, the plaintiff had not indicated clearly whether any of the conversation relevant to the litigation had taken place with minors. Further, it was noted that some of the redacted pages did contain relevant conversations, or conversations that could be deemed relevant at a later date, such as potential admissions against interest or inconsistent testimony. Therefore, the plaintiff was ordered to produce “a redacted hard copy of all relevant Facebook pages from 2011 to the present” as well as “the names and towns of residence of the individuals with whom [plaintiff] had relevant conversations.” Further, “[i]f any of the relevant conversations are between individuals who are currently minors, [plaintiff] is not to provide defendants with the minor’s name or town of residence unless Ordered by the Court at a later date.”

So, what do you think? Are sufficient steps being taken to protect individual rights to privacy concerning discovery? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Want My Production? Here’s my Database! – eDiscovery Trends

A couple of weeks ago, we covered a case where the US Government was ordered to continue providing access to an eDiscovery database to a defendant in a criminal case.  That case shed light on a growing trend in the industry that I have also observed personally – “producing” documents to opposing counsel by providing access to the documents via a hosted eDiscovery solution.

In Craig Ball’s Lawyer’s Guide to Forms of Production (that we recently covered here), Craig identified hosted production as one of the options for forms of production that can be requested.  However, as Craig notes, “More commonly, hosted data and online review tools are used internally by a producing party’s counsel to search the data for privileged and responsive items rather than as a means to afford access to the requesting party. The items identified are then duplicated onto transfer media (e.g., optical disks or a hard drive) and produced in one or more of the formats described above.”

That is certainly true, though more parties in litigation are choosing to provide access to the online database as a means of production (“production without production” as Craig calls it).  While I don’t have any statistics to point to, that has at least been my recent experience as platform manager for OnDemand®, CloudNine Discovery’s own hosted eDiscovery platform.

Typically, there are two options for producing documents by providing online access: 1) provide access to the existing database, or 2) create a new database of produced documents.  Here are the pros and cons of each:

  • Existing Database: Many parties provide access to portions of their existing eDiscovery database.  This reduces costs because the data is already hosted and may be a way for both parties to share hosting costs.  In those instances, security becomes paramount.  As attorneys need to exclude access to non-responsive or privileged documents and other work product, the eDiscovery application needs to provide the ability to limit the documents that users can see as well as limit the fields that users can see.  In addition, it’s important to have a well-documented plan for the database administrator to follow to ensure that the correct rights are assigned.  If not, inadvertent disclosures of documents or data fields used during review and production can occur.
  • New Database: While it may cost more to create a new database of produced documents (essentially doubling the storage of those documents into a new database), it is much easier to secure privileged information and attorney work product because those documents and data fields simply aren’t there, essentially eliminating the possibility of an inadvertent disclosure due to incorrect rights assignments.  In these cases, the receiving party often agrees to bear the costs of hosting their portion of the data.

In both cases, the advantages to the receiving party include access to the same produced documents in the same format in which they were reviewed using the same search and analytical tools that the producing party used to produce the documents, putting both parties on equal footing.

So, what do you think?  Have you been part of a hosted production?  If so, how did it go?  Were you on the producing or receiving end?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Rules that Unilateral Predictive Coding is Not Progressive – eDiscovery Case Law

In Progressive Cas. Ins. Co. v. Delaney, No. 2:11-cv-00678-LRH-PAL (D. Nev. May 19, 2014), Nevada Magistrate Judge Peggy A. Leen determined that the plaintiff’s unannounced shift from the agreed upon discovery methodology, to a predictive coding methodology for privilege review was not cooperative.  Therefore, the plaintiff was ordered to produce documents that met agreed-upon search terms without conducting a privilege review first.

This declaratory relief action had been plagued by delays in discovery production, which led to the defendants filing a Motion to Compel the plaintiffs to produce discovery in a timely fashion. Following a hearing, both sides were ordered to meet and confer, and hold meaningful discussions about resolving outstanding ESI issues pursuant to discovery. The plaintiff contended that the defendant’s discovery requests, as standing, would require them to produce approximately 1.8 million documents, which would be unduly burdensome. Both parties agreed to search terms that would reduce the number of potentially responsive documents to around 565,000, which the plaintiff would manually review for privileged documents before producing discovery to the defendant.

Shortly thereafter, the plaintiff determined that manual review would be too expensive and time-consuming, and therefore after consulting with a “nationally-recognized authority on eDiscovery,” elected to apply predictive coding to the identified 565,000 documents. Plaintiff selected a software program that they began using to identify relevant documents with the intention of applying a further predictive coding layer in order to determine which documents were “more likely privileged” and which were “less likely privileged.”

However, the plaintiff did not consult with either the court or the requesting party regarding their intentions to change review methodology. As a result, the defendant objected to the use of predictive coding in this case for several reasons, including the plaintiff’s lack of transparency surrounding its predictive coding methodology and its failure to cooperate, as well as the plaintiff’s failure to adhere to the best practices for the chosen software program which were recommended to them by the authority they chose. Finally, the defendants cited a likelihood of satellite disputes revolving around discovery, should the plaintiff proceed with the current predictive coding, which would further delay production discovery that had already been “stalled for many months.”

The defendant requested that either the plaintiff be required to proceed with predictive coding according to the defendant’s suggested protocol, which would include applying the predictive methodology to all of the originally collected 1.8 million documents, or that the plaintiff produce the non-privileged keyword hits without any review, but allowing them to be subject to a clawback order—which was a second option included in the originally stipulated ESI protocol that both parties had agreed to. Although this option would shift the burden of discovery to the defendant, it was noted that the defendant was “committed to devot[ing] the resources required to review the documents as expeditiously as possible” in order to allow discovery to move forward.

Judge Leen acknowledged potential support for the general methodology of predictive coding in eDiscovery, and stated that a “transparent mutually agreed upon” protocol for such a method would likely have been approved. However, Judge Leen took issue that the plaintiff had refused to “engage in the type of cooperation and transparency that its own eDiscovery consultant has so comprehensibly and persuasively explained is needed for a predictive coding protocol to be accepted by the court or opposing counsel” and instead had “elected and then abandoned the second option—to manually review and produce responsive ESI documents. It abandoned the option it selected unilaterally, without the [defendant’s] acquiescence or the court’s approval and modification of the parties’ stipulated ESI protocol.”

Therefore, Judge Leen elected to enforce the second option described in the agreed-upon ESI protocol, and required the plaintiff to produce all 565,000 documents that matched the stipulated search terms without review, with a clawback option in place for privileged documents as well as permission to apply privilege filters to the documents at issue, and withhold those documents that returned as “most likely privileged.”

So, what do you think? Should parties need to obtain approval regarding the review methodology that they plan to use?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.