Close
Enter your
text here

Redaction

Court Denies Motion to Redact Portions of eDiscovery Teleconference: eDiscovery Case Law

In Pacific Biosciences of California, Inc. v. Oxford Nanopore Tech., Inc. et al., Nos. 17-275-LPS, 17-1353-LPS (D. Del. Nov. 4, 2019), Delaware Magistrate Judge Jennifer L. Hall denied the defendants’ Motion to Redact Portions of the August 14, 2019 Discovery Teleconference and the related submissions, stating: “The public has an interest in understanding judicial proceedings, even if they have a limited interest in documents submitted in connection with discovery dispute proceedings.”

Judge’s Ruling

In making her ruling, Judge Hall stated that “although there is no presumptive right of public access to discovery motions and supporting documents filed with the court,…the public does have a right of access to hearing transcripts.”  She also quoted Softview LLC v. Apple Inc., No. 10-389, 2012 WL 3061027, at *9 (D. Del. Jul. 26, 2012), which said: “[T]he party seeking the closure of a hearing or the sealing of part of the judicial record bears the burden of showing that the material is the kind of information that courts will protect and that disclosure will work a clearly defined and serious injury to the party seeking closure.”

Ruling on that, Judge Hall stated: “In this case, Defendants have failed to meet their burden to show that disclosure of the unredacted transcript would work a ‘clearly defined and serious injury’ upon them…I have also reviewed each of the proposed redactions, and I think that it is unlikely that the particular information at issue is capable of working the kind of serious injury contemplated by the rule. For example, the proposed redactions do not contain trade secrets, scientific data, strategic plans, or financial information. And merely stating that the proposed redactions contain discussions of documents marked ‘Confidential’ or ‘Highly Confidential’ is insufficient to support a motion to redact a transcript of a judicial proceeding…Finally, any minimal potential harm that disclosure might cause is outweighed by the public interest in having access to judicial proceedings.”

For those reasons, Judge Hall denied the defendants’ motion.

So, what do you think?  Are there situations where parties should be able to have proceedings redacted?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Grants Motion to Compel Production of Telephone Records from Individual Plaintiff: eDiscovery Case Law

In Siemers v. BNSF Railway Co., No. 8:17-cv-360 (D. Neb. Apr. 8, 2019), Nebraska Magistrate Judge Susan M. Bazis finding that the plaintiff’s telephone records are discoverable pursuant to Fed. R. Civ. P. 26, that they are not subject to a privilege claim just because plaintiff’s counsel’s telephone number may appear in the records and that privacy issues are minimal to non-existent (since the at-issue records do not contain the substance of communications), ordered the plaintiff to produce his telephone records within one week of the order.

Case Background

In this case regarding the plaintiff’s suit against his former employer for alleged violations of the Federal Employers Liability Act (“FELA”), the defendant requested production of the plaintiff’s cellular telephone records from November 1, 2016 (the day before the claimed injury incident that is the basis of Plaintiff’s lawsuit) to present. After the plaintiff refused to produce any records in response to the defendant’s request, a discovery dispute conference was held in October 2018, with the Court finding that the plaintiff’s communications with coworkers or others from the defendant and telephone records evidencing the same were relevant and discoverable, and ordered the parties to further confer regarding production of these items.

The plaintiff then issued a subpoena to his cellular telephone provider and received a listing of incoming and outgoing telephone calls and text messages, but not the substance of any communications. Nonetheless, the plaintiff refused to produce to the defendant the telephone records produced to him in response to his subpoena.

In the final pretrial conference, the defendant argued that the records were discoverable because whether and how often plaintiff has communicated with BNSF coworkers or management since his alleged injury could have credibility considerations, that identifying the fact that a communication occurred between the plaintiff and his attorney was not privileged or, alternatively, that it was not unduly burdensome to redact those references and that no privacy interest was implicated in the telephone records because the records do not contain the substance of any communications.  The plaintiff argued that the defendant’s request was “overbroad on its face and therefore not reasonably calculated to lead to the discovery of relevant information” and also contended that the discovery sought by the defendant was “unreasonably cumulative or duplicative and could have been obtained from other sources that is more convenient, less burdensome, or less expensive.”

Judge’s Ruling

Considering the respective arguments, Judge Bazis ruled as follows:

  1. “Plaintiff’s telephone records from November 1, 2016 to present and any other records received by Plaintiff in response to his subpoena to his cellular telephone provider are discoverable pursuant to Fed. R. Civ. P. 26. BNSF is entitled to discover whether and how often Plaintiff has communicated with coworkers or BNSF management since his alleged injury.
  2. The fact that Plaintiff’s counsel’s telephone number may appear in the records does not render them subject to a privilege claim. Plaintiff may redact references to communications between Plaintiff and Plaintiff’s counsel, which the Court finds is not overly burdensome.
  3. Privacy considerations of Plaintiff or third parties not involved in this litigation are minimal to non-existent since the at-issue records do not contain the substance of communications.”

As a result, Judge Bazis ordered (in all caps, no less) the plaintiff “to produce to BNSF all records received in response to Plaintiff’s subpoena to his cellular telephone carrier” within one week of the order, noting that he could “redact references to communications between Plaintiff’s counsel and Plaintiff (but is not required to do so to maintain privilege claims regarding the substance of the communications).”

So, what do you think?  Was that appropriate or was the defendant’s request overbroad?  Please let us know if any comments you might have or if you’d like to know more about a particular topic.

Case opinion link courtesy of eDiscovery Assistant.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Craig Ball’s Wayback Machine and Look at the Mueller Report: eDiscovery Best Practices

Some weeks there is so much to cover in eDiscovery that it’s difficult to get to everything.  This is one of those weeks.  Like me, several of you are fans of Rob Robinson’s quarterly eDiscovery Business Confidence Survey on his Complex Discovery blog and he has just published the results of his Spring 2019 Survey, which are very interesting and I will (hopefully) post my normal analysis on that tomorrow.  But, Craig Ball has posted – not just one, but two – interesting posts on his Ball in Your Court blog this week that definitely need to be covered as well.  “Ball” comes before “Robinson” alphabetically, so I’ll cover his posts first.  ;o)

In Craig’s post Storage Media: Long Past Herman Hollerith, he gives a terrific history lesson on storage media – all the way back to the old punch card storage and tabulation technologies Herman Hollerith used to revolutionize the 1890 U.S. census.  That same punch card technology was adopted by used for close to, if not more than, 100 years.  My first computer programming course (does anybody remember Fortran?) at Baylor in the early 1980s was on an IBM System 3 (link to a picture of that system here) with the old punch card technology that we used to “write” our programs on.  Each card was a single line of code and you had to keep the cards in order for the program to run correctly – you’ll never see a more devastated look on a person than when they drop their punch card deck of several hundred cards and realize there is no way to put them back in order (thankfully, that wasn’t me).

Craig jumped from punch cards to 3.5-inch floppy disks commonly used from the mid-1980s to early 2000s which held 1.44MB (about 13,653 IBM cards worth of data).  In comparison to today’s world, as Tom O’Connor and I discussed in yesterday’s webcast, by next year, about 1.7MB of new information will be created every second for every human being on the planet.

In between were 8-inch and 5 1/4-inch floppy disks (which were truly “floppy”) that held a lot less storage (I know because I used both).  As Craig notes, you can now get a 1-terabyte drive for about $50, which is the equivalent of about ten billion IBM cards.  And, a 30-TB LTO-8 backup tape cartridge is approximately the equivalent of 305 billion IBM cards.  Yikes!

Oh, and by the way, the Georgetown Law Center eDiscovery Training Academy is coming up in less than a month!  More to come on that in an upcoming post.

In Craig’s post, Mueller? Mueller? More E-Discovery Lessons from Bill and Bob (get the 80’s movie reference, there?), he uses the Robert Mueller report just released to compare the common practice of “fixing” the content of a document by printing the file to a static image format like TIFF or PDF to “the way we speak of ‘fixing’ a cat; that is, cutting its balls off.”  Ouch!  And, Craig notes that he’s written about this extensively elsewhere (including his excellent Lawyers’ Guide to Forms of Production).  But, the best part of his post (other than the humor, of course – I won’t steal his thunder here), is his discussion of native redaction and the move a dozen years ago by Microsoft to Open XML (Extensible Markup Language) for Office files (which is why Office file extensions have an “X” at the end – e.g., DOCX, XLSX, etc.).  And, you get to find out where the “PK” in PKZIP came from!  Excellent stuff!

So, why don’t we redact natively instead of sticking to “dumbing down” file formats to TIFF, then OCRing them, then redacting them?  As Craig asks, “Mueller, Mueller?”

By the way, speaking of the Mueller report, our friends at Complete Legal have made it available in a CloudNine Review database.  Can’t believe I haven’t mentioned THAT before now!  You can email them at info@completelegalkc.com to request access to the report and really search and examine it in detail.  Even if the report does represent a cat with no balls.  ;o)

So, what do you think?  Have you ever redacted documents natively?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Why Does Production Have to be Such a Big Production?, Part Two

Editor’s Note: Tom O’Connor is a nationally known consultant, speaker, and writer in the field of computerized litigation support systems.  He has also been a great addition to our webinar program, participating with me on several recent webinars.  Tom has also written several terrific informational overview series for CloudNine, including his most recent one, Understanding Blockchain and its Impact on Legal Technology, which we covered as part of a webcast on March 27.  Now, Tom has written another terrific overview regarding production challenges and what to do about them titled Why Does Production Have to be Such a Big Production? that we’re happy to share on the eDiscovery Daily blog.  Enjoy! – Doug

Tom’s overview is split into four parts, so we’ll cover each part separately.  Part one was Monday, here’s the second part.

Redaction Issues and Confidentiality Considerations

One of the most common technical mistakes lawyers make involve issues with redactions – there are frequent stories that make the news regarding lawyers publishing documents that were improperly redacted.  Redaction issues are also the most common error in document productions in eDiscovery as well.  There are a variety of issues associated with redactions and they have considerable impact on a lawyer’s ethical duty to confidentiality.  Let’s take a look.

Image Redaction Issues

Some of the more common mistakes I see involve redaction issues on images. And they go back years. In 2009, the TSA released a manual on the Internet that had not been redacted properly. In 2013, a Chicago lawyer was reprimanded when he failed to ensure that personal information was redacted in federal student loan collection actions he filed on behalf of the U.S. government.

In 2014, a Kentucky lawyer received a public reprimand for, among other misconduct, failing to redact his client’s social security number in bankruptcy filings he made on her behalf. Also in 2014, The New York Times reportedly failed to properly redact a PDF file of leaked National Security Administration documents and inadvertently released the name of an NSA agent.

In 2018, a reporter investigating an SEC settlement with alleged fraudsters downloaded from the federal PACER database an affidavit from one of the defendants in the matter. The PDF file contained about 100 pages of financial transactions that were blacked out in the PDF file. But when the affidavit was copied and pasted into another application’s text file for uploading, the black redaction boxes vanished, revealing all the private financial information that was supposed to be hidden. A clerk at the federal courthouse where the document in question was filed said that the party filing the document was responsible for ensuring that it was properly redacted.

Also, in 2018, the school district in the Parkland, Florida high school shootings case, apparently didn’t properly redact a document regarding the alleged shooter, which contained confidential information about him.  A Florida newspaper reported that the method used “made it possible for anyone to read the blacked-out portions by copying and pasting them into another file,” which the newspaper did — drawing a contempt threat from the judge presiding over the criminal case.

More recently, lawyers for President Trump’s former campaign chairman, Paul Manafort, apparently failed to redact a federal court document properly, permitting the blacked-out text to be viewed “with a few keystrokes.”

Clearly, redaction issues on images are common. Common mistakes here include:

  1. Failing to “burn-in” the redaction on the image
  2. Not updating or re-OCRing the text files to match
  3. Providing un-redacted native files
  4. Failing to redact certain metadata
  5. Improperly using redaction software

Other Redaction Issues

The last point above involves issues for documents that have been generated in a software and then either converted or printed before redaction.

The most common type of conversion involves saving a word processing document to PDF. How do you best handle redactions in that process? Here’s a few tips:

  1. Edit out sensitive information BEFORE converting.
  2. Be aware of any metadata that may carry into the PDF file. PDF conversion deletes MOST metadata but some may transfer (eg, Comments in Word)
  3. Use non-text PDF … image only
  4. Use the most current version of Adobe

Sometimes redaction involves paper. Hard to believe but true.  Some attorneys still use a dark marker to manually cover over confidential information. Much like the Manafort case mentioned above where a simple color change in an electronic document didn’t completely hide text, using a marker on paper may also fail.

In a 2015 article, “The Perils of Redaction: Simple Steps to Protect Confidential Information,”, Mark Crandley, a partner in the litigation department of Barnes & Thornburg in Indianapolis, wrote that  “many scanners are sensitive enough to perceive covered words even when the naked eye cannot.”

Confidentiality

Lawyers have an ethical duty to preserve clients’ privileges and property. So, aside from risking potential civil liability, lawyers also could face disciplinary action when they fail to properly redact court documents. Lawyers who fail to properly redact information in confidential documents could run afoul of the American Bar Association’s rule on safeguarding client property, which has been adopted by most states.

We’ll publish Part 3 – Load File Failures – on Friday.

So, what do you think?  Have you experienced problems with document productions in eDiscovery?  As always, please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

It’s 2019, So it Must Be Time for Another Redaction Flub: eDiscovery Best Practices

I should probably put in a disclaimer that this is not a political post – I would write about this regarding which political party this involved.  It just so happens that the latest high-profile redaction flub happens to be tied to the Russia investigation and Paul Manafort.  Regardless, it leaves me asking the question: when will they ever learn?

As covered on Sharon Nelson’s terrific Ride the Lightning blog (here and here), defense lawyers for Paul Manafort used court papers that were made public last week to say that prosecutors were overblowing a text message exchange cited as proof that Manafort tried to mislead investigators probing Russia’s interference in the 2016 election.  Unfortunately for them, that portion of the filing that had been submitted under seal was improperly redacted in the public version, allowing the text to be lifted from the document with a few keystrokes.

Oops.

Surely, you can’t be serious! (I am serious and don’t call me Shirley!)

Yep, it’s the dreaded redaction flub.  As Sharon pointed out in her blog (and as we’ve pointed out before), all you have to do is to highlight the portion that is redacted, copy it to the clipboard and then paste it to a blank document anywhere.  Voila!  There’s your redacted text.

It doesn’t take a technical genius (much less a rocket scientist) to figure it out.  As Sharon points out, Adobe provides instructions on how to remove sensitive content from PDF files here.  That’s one of many ways to address the problem – there are others, especially if the document is contained within a litigation review platform where you can leverage the review tool to ensure a proper redaction of the file (i.e., any export burns the redaction into the resulting image, eliminating the ability to copy the redacted text).

Regardless, it seems like we see a high-profile redaction flub every 12 to 18 months. If Manafort’s lawyers want to feel a little better, the last redaction flub we covered was committed by the Department of Justice.  So it seems to happen to lawyers all over the place.  Maybe someday, we will have a redaction flub that is SO high-profile, that every lawyer will be familiar with it and know what to do to avoid it.  Or maybe law schools will start teaching how to avoid it.  One may happen – someday.

If you’re curious, Sharon’s blog post does provide a link to the document with the faulty redactions.  You can check it out for yourself.

Speaking of Sharon, she and her husband John Simek have a wonderful podcast called Digital Detectives.  I’m excited to say that I will be a guest on their podcast for the second time!  Sharon and John will be interviewing me next week and the podcast is targeted to be posted on January 28!  I’ll publish a link when it’s available!

So, what do you think?  Will we have redaction flub stories to cover until the end of time?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

The DOJ is the Latest to Learn that Redactions Aren’t as Straightforward as You Think: eDiscovery Best Practices

I keep thinking that all attorneys, especially those in large corporations, large law firms and federal agencies, understand best practices associated with performing redactions.  Once again, I find that is evidently not the case.

According to Law360 (DOJ Redaction Flub May Undermine Libor Case, written by Jody Godoy, subscription required), U.S. Department of Justice lawyers made a potentially serious error in a Libor-rigging case against a former Deutsche Bank trader Wednesday when they mistakenly revealed the nature of testimony he was compelled to give to U.K. authorities in a separate probe.

According to the author, the DOJ partially redacted a motion to conceal the content of former Deutsche Bank trader Gavin Black’s testimony before the U.K. Financial Conduct Authority out of concern it could taint the DOJ’s Libor-rigging case against him. But the DOJ lawyers failed to properly excise the sensitive information until Law360 inquired about the faulty redactions last week.

The DOJ has since replaced the document — which was publicly available for more than 12 hours — with a properly redacted version, but the mistake had the potential to undermine their case against Black, especially in light of a July Second Circuit ruling in a similar Libor-rigging case, where they held that testimony compelled in the U.K. cannot be used in U.S. criminal cases and reversed two high-profile convictions. The reversal sent a strong warning to U.S. prosecutors working on cross-border cases.

The day the Second Circuit ruled in that case, Black notified U.S. District Judge Colleen McMahon that he would seek a “Kastigar” hearing in which the government would have to show that its case was developed independently from compelled interviews. The DOJ is fighting the request in large part on the basis that prosecutors on the case have been shielded from the material.  The DOJ asked the judge on Aug. 25 for permission to file a response to Black’s hearing request under partial seal. One reason is that compelled testimony is treated as “confidential” under British law and that the FCA had requested it not be publicly filed.  The attorneys at the DOJ’s criminal division who work separately from prosecutors on Black’s case also expressed concerns that a publicly filed document could expose the trial team or potential witnesses to the material.

Protecting the FCA testimony was crucial to the case against Black, particularly after the Second Circuit’s ruling reversing the convictions of Anthony Allen and Anthony Conti. The court found a witness may have been influenced by reading Allen’s and Conti’s statements, which were compelled under the threat of imprisonment.  The Second Circuit said that fact undermined the case entirely, as the statements were not admissible at trial nor in a grand jury proceeding but had potentially tainted a witness who testified at both.

In the unredacted portions of the brief, the DOJ argued Black is not entitled to a hearing for several reasons. One of them was that the DOJ had taken great pains not to expose its prosecution team to inadmissible material, including asking that the U.K. prosecutors not share any compelled statements with the team as the two countries’ authorities pursued parallel investigations.

In the inadequately redacted portions of the brief, the prosecutors described the content of Black’s interview with the FCA. One sentence was highlighted in black and written in a gray font that was clearly legible. Other portions of the brief were blocked out with what appeared to be black highlighting but were easily read by copying and pasting the contents of the brief into another text document. Word searches of the document returned text that was barely hidden behind the faulty redactions.

A DOJ spokesperson attributed the exposure of the information to “a technical error in the electronic redaction process” that allowed for “manipulation” of the file’s “metadata.”

While I don’t know the specifics, it sounds like the DOJ experienced the first redaction “failure” that I described in this blog post here.  Apparently, it still happens.

So, what do you think?  Are you aware of any other recent redaction “fails” that have become public knowledge?  (other than this one, of course).  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Lessons to Be Learned from the Wells Fargo eDiscovery Inadvertent Disclosure: eDiscovery Best Practices

When you’re a lawyer and you find out that you’ve inadvertently produced client confidential information in litigation, it’s a bad day.  When you find out that confidential information is personal information on thousands of the most wealthy investors in your client’s portfolio, it’s an even worse day.  And, when you find out that disclosure is being covered by The New York Times, it’s a lawyer’s worst nightmare.

Such is the story of Angela A. Turiano, a lawyer with Bressler, Amery & Ross, an outside law firm of Wells Fargo based in New Jersey.  In response to a New Jersey court case involving a dispute between ex-Wells Fargo employee Gary Sinderbrand and his brother who also worked there, Turiano inadvertently produced tens of thousands of client names, Social Security numbers, account balances and more.  This was on behalf of Wells Fargo as a third party to the New Jersey court case.

The documents and spreadsheets containing client information were originally provided to Aaron Miller, Sinderbrand’s lawyer in the New Jersey case on July 8 (according to the New York Times article linked below).  Miller later shared knowledge of what the documents contained to Aaron Zeisler, who is representing Sinderbrand in a New York case against Wells Fargo Advisors.  Miller notified Turiano of the disclosure of confidential information on July 20 (according to her affirmation filed with the New York Supreme Court on July 24).  The following day, the Times article was published with quotes from both Zeisler and Gary Sinderbrand, detailing the disclosure.  After Wells Fargo asked the NY and NJ courts to intervene, lawyers for Gary Sinderbrand were ordered to hand back over the data on July 26.

In Turiano’s affirmation, she described how the inadvertent disclosure evidently happened.  It’s based on this description of events that I offer up some suggestions about ways to avoid the scenario.  Here is the description provided by Turiano in paragraph 3 from the affirmation as to how the disclosure happened (I have put in bold a few key points that I reference below):

“Based upon my discussion with Mr. Miller, Wells Fargo agreed to conduct a search of four custodians’ email boxes using designated search terms.  Wells Fargo, like many large corporations, uses an outside e-discovery service to conduct e-mail searches.  The vendor conducted the search and, upon completion, I personally conducted a review of the voluminous search results to exclude from production any e-mails containing confidential or privileged information.  Specifically, using the vendor’s e-discovery software, I reviewed what I thought was the complete search results and for documents that contained confidential or privileged information, I thought I marked them as confidential or privileged.  I then coordinated with the vendor with both written instructions and by telephone and instructed the vendor to produce the emails in the database that I had marked, but that the vendor should withhold from the production anything that I tagged privileged-withhold and confidential and client-information withhold.  What I did not realize, was that there were documents that I had not reviewed.  Unbeknownst to me, the view I was using to conduct the review had a set limit of documents that it showed at one time.  Thus, I thought I was reviewing a complete set, when in fact, I only reviewed the first thousand documents.  I thus inadvertently provided documents that had not been reviewed by me for confidentiality and privilege.  In addition, it was my understanding that the vendor was going to apply redactions for documents I flagged as needing redactions.  Thus, I thought that responsive documents that contained confidential information would be redacted prior to production.  The documents, however, were not redacted prior to production.  I realize now that I misunderstood the role of the vendor.  Finally, I now understand that I may have miscoded some documents during my review.”

As a vendor, here are some of the things I would be doing to avoid the situation:

Communicate Search Results Completely and Clearly: I’m frequently asked to perform searches on behalf of clients and I always document the search results clearly in a spreadsheet with total documents retrieved for each term and a grand total of documents retrieved from all of the terms.  I also communicate that to the client clearly in an email, reiterating (in the email) the total count of documents retrieved via the searches (and usually follow up via phone as well).  I can’t say that the vendor didn’t do that here (maybe they did and the attorney glossed over – or forgot – the info), but a clear communication of search results may have helped ensure that Turiano had the correct count of documents and led her to realize that there were more documents than displayed on the first page of the eDiscovery software program.  It’s also important to realize that most (if not all) eDiscovery software applications deliver result sets in manageable batches of documents for efficiency sake – nobody wants to wait for all the data to load for 100,000 documents retrieved in a large search result – so the applications deliver the results in pages or batches.

Track Documents Reviewed and Report Anomalies: In a project where you know that the attorney is reviewing all retrieved documents for confidentiality and privilege, it’s good to track the documents actually reviewed and be able to report if there is an anomaly.  This could be done either by setting a specific field to mark a document as “Reviewed”.  Or it could be done via audit log tracking within the software.  Regardless, if either was done here, the vendor could have then informed the attorney that there were documents not reviewed and the mistake could have been discovered.

Confirm Documents Tagged for Redaction Were Actually Redacted: The workflow when dealing with native ESI is typically to flag documents that need redaction (which the attorney apparently did, at least for the documents she reviewed), then for the vendor to convert those native files to image format, then for the attorney to apply the redactions.  It doesn’t appear that the last two steps actually happened.  I’m not sure how the attorney expected the vendor to apply redactions simply based on a tag of “needs redactions” unless there was also a description field with a detailed description of where – even then, most vendors would still expect the attorney to ultimately apply them.  One check that should always be made before ESI is produced is to confirm that redactions were properly applied and if documents were tagged for redaction, there should be a step to make sure that they were actually redacted.  That’s a production QC step that should always be done before signing off on the production (by both vendor and attorney).

Perform a Pattern Search for Personally Identifiable Information (PII): With data privacy becoming more important than ever and GDPR looming, it’s becoming necessary to do more than just manual review to identify potential personal data – after all, people make mistakes.  Pattern searches are specialized searches, looking for specific types of information, such as 3 digits, then 2 digits, then 4 digits (i.e., the pattern for a social security number).  Searches for other patterns, like client account numbers or credit card numbers, could also be performed to determine whether personal data exists in the production set, which may need to be redacted or removed altogether.

Recognize When Your Client Needs More Hand Holding: Some attorneys are experienced and tech-savvy with regards to eDiscovery and want to drive the process, others are not.  Based on the description of events, I would suggest that this attorney was not very experienced in eDiscovery matters or in using eDiscovery software.  When that’s the case, it’s important for the vendor to be prepared to take more of a lead in driving the production QC and raising issues like those I discussed above.  As Turiano stated, “I realize now that I misunderstood the role of the vendor.”  Evidently, there was certainly a lack of communication on who was “driving the bus” on this production – when that’s the case, “the bus” tends to end up in a ditch.

So, what do you think?  What steps do you take to avoid inadvertent disclosures?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Denies Defendant’s Motion to Overrule Plaintiff’s Objections to Discovery Requests

Court Approves Defendant’s Proposed Random Sampling Production Plan: eDiscovery Case Law

In Duffy v. Lawrence Memorial Hospital, No. 14-2256 (D. Kansas, Mar. 31, 2017), Kansas Magistrate Judge Teresa J. James granted the Motion to Modify Discovery Order from the defendant (and counterclaimant), where it asked the Court to enter a protective order directing it to produce a random sampling of 252 patient records, along with five spares, in order to respond to the plaintiff/relator’s document requests.

Case Background

In this case, the plaintiff alleged that the defendant submitted false information to the government to maximize reimbursement for federal medical care programs; in turn, the defendant counterclaimed for breach of contract and fraud.  In a February 2017 order, the Court ordered the defendant to produce documents responsive to certain plaintiff requests in her Second Request for Production of Documents within 14 days.  Defendant produced the most of the requested documents, except for those associated with four requests that were the subject of an instant motion.

As the defendant conducted searches for documents responsive to these requests, it determined that 15,574 unique patient records would have to be located and gathered.  In an effort to calculate the time necessary to locate and produce the relevant patient records, the defendant’s Medical Records department obtained a sample of ten patient records and determined that it would take 30 minutes per record to process and review the records to respond to the four RFP requests.  As a result, the defendant estimated that it would take 7,787 worker hours to locate and produce responsive information for 15,574 patient records, at a cost of $196,933.23.  Redaction of patients’ personal confidential information would take another ten reviewers and one quality control attorney fourteen days at a cost of $37,259.50.  So, the total cost to produce information relevant to the RFPs was estimated to be over $230,000.

Given these costs, the defendant asked the Court to modify its order by limiting the required production to a random sampling of 252 patient records plus five spares, using a statistical tool known at RAT-STATS used by the Department of Health and Human Services Office of Inspector General to randomly select the patient records.  The plaintiff objected, claiming that the defendant did not attempt to meet and confer and also because the Court had already rejected the defendant’s previous contention of undue burden.  The plaintiff also argued that redaction was unnecessary because a protective order was in place to designate the patient info as confidential information.

Judge’s Ruling

With regard to the previous rejection of undue burden, Judge James stated: “Had Defendant presented such evidence in response to Plaintiff’s Motion to Compel, the Court may have found the requests at issue unduly burdensome and disproportional to the needs of the case. Contrary to Plaintiff’s assertion, Defendant did not waive its right to seek protection once the enormity of the task became apparent.”  As for the plaintiff’s objection that the defendant did not meet and confer beforehand, Judge James noted that the “parties conferred following Defendant’s objections to the discovery requests, and that was the point at which some meeting of the minds could have produced a different response by Defendant or an alteration of the discovery request by Plaintiff. At this point, however, Defendant is seeking relief from this Court’s order rather than from a party’s discovery request.”

As a result, Judge James stated: “The Court will modify its order (ECF No. 133) to direct Defendant to utilize RAT-STATS and produce a random sampling of 252 patient records, along with five spares, to respond to RFP Nos. 40, 41, 43 and 58.”  She also directed the defendant to use RAT-STATS (as requested) to randomly select the patient records to be produced and sided with the defendant to redact personal confidential information from the patient records that “Defendant has a legal duty to safeguard.”

So, what do you think?  Is random sampling an appropriate option for cases where production of a larger set may be an undue burden?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Redactions Aren’t Always as Straightforward as You Think: eDiscovery Best Practices

We were helping a recent client who had a lot of redactions in their production set, so I thought it made sense to revisit the topic here on this blog.

On the surface, it may seem easy enough to redact a document during eDiscovery review to obscure confidential or privileged information.  You may think that all you need to do is draw a black box over the affected text, but there’s actually a lot more to consider in order to ensure that you don’t inadvertently produce information that was intended to be redacted.  Here are a some redaction failures and how to avoid them.

Failure to “Burn” the Redaction into the Image

If the redaction isn’t “burned” into the image so that it cannot be removed, the redacted data can still be viewed.  Especially when your images are Adobe Acrobat PDF files, the most common mistake is to redact by obscuring the text by drawing a black box over the text or images you want redacted.  A simple “cut and paste” can remove the black box, revealing the redacted text.  Acrobat provides a redaction tool (for those editing the PDF there) to properly apply a redaction – it’s best to save the file to a new name after the redaction has been applied.

If you’re using a review application to manage the review, the application should ensure a “burned in” redaction for anything exported or printed, regardless of whether it lets you look at the redacted data within the application itself.  For example, CloudNine’s review platform provides a tool to enable the reviewer to draw a gray box over the text to be redacted so that text can still be viewed within the application.  However, if the file is exported or printed, that box gets “burned” in as a black or white box to completely obscure the redacted text.

Failing to Update Corresponding Text Files to Remove Redacted Text

Even if the image is handled properly, you can still disclose redacted text if you don’t make sure that the corresponding text file, whether extracted from the native file or generated via Optical Character Recognition (OCR), isn’t updated to remove the redacted text.  If you don’t update the corresponding text files, you’re allowing redacted text to slip through the production “back door”.  This happens more often than you might think.

Producing Un-Redacted Native Files

If you’re producing native files, you’ve hopefully discussed with opposing counsel how to handle native files that require redaction.  Typically, the approach is to convert those to an image format and redact the image.  Sometimes the parties agree to “redact” the native files themselves and produce those.  If so, as is the case with Adobe PDF files, there’s a right way and wrong way to redact native files.  Changing the text to white or the background to match the text color is not the same as redacting the text.  All you have to do is to revert back to the original formatting or simply highlight the affected area to see the redacted text.  Instead, you’ll want to agree on a procedure where the text is deleted or replaced with an equal amount of meaningless content (e.g., all “X”s) to preserve text flow and pagination (make sure track changes is off before redacting).  You may even want to agree to copy the entire content of a redacted document to a new file (to remove residual document composition information that might remain).  To see what I “redacted” up above, highlight it with your cursor.  :o)

Failing to Redact Metadata

You may redact content on the document that you produce separately as metadata, via a load or data file.  Failing to check the produced metadata for redacted content could enable that redacted content to slip through.  So, don’t forget to check and remove any sensitive data here, as well.

Quality Control (QC) Check before Producing

Generally, when producing documents with redactions, you should have a checklist that ensures that image redactions are “burned” in, that redacted native files (if produced natively) are properly redacted, and that corresponding text files and metadata have been checked to ensure that redacted data has been removed from those as well.  Otherwise, you could inadvertently produce privileged or confidential information via an inadequate process.

So, what do you think?  How do you handle redactions within your productions?  Do you have a process to QC check redactions before producing?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Rejects Defendants Motion Seeking Limitless Access to Plaintiff’s Facebook Account: eDiscovery Case Law

We haven’t had a good social media request case in a while – here’s one that compares to other cases we’ve covered in the past…

In the class action In re Milo’s Kitchen Dog Treats Consolidated Cases, Civil Action No. 12-1011 (W.D. Penn. April 14, 2015), Pennsylvania Magistrate Judge Maureen P. Kelly denied the defendants’ Motion to Compel Unredacted Facebook Data File and Production of Username and Password, disagreeing that the discovery of one highly relevant Facebook entry justified the defendants to be “somehow entitled to limitless access to her Facebook account”. Judge Kelly did order the plaintiff to produce previously produced redacted Facebook pages to the Court unredacted so that an in camera inspection could be conducted to confirm that the redacted information was truly privileged.

Case Background

In this case, based on the discovery of the posting on the plaintiff’s Facebook page in which she indicated that another brand of chicken jerky dog treats caused the harm to her dog, the defendants were of the belief that there could be other relevant information on her Facebook account. The defendants sought that information in their Second Request for production, asking the plaintiff to produce “the Facebook Data and Facebook Data File of Lisa Mazur and/or Lisa Pierwsza Mazur.” Despite the fact that the defendants’ request was unlimited and objected to by the plaintiff as inherently overbroad, she nevertheless responded to the request and provided 648 pages of Facebook data, albeit redacted. The Facebook data provided contained information indicating that Plaintiff purchased dog treats other than Defendant’s brand, as well as conversations the plaintiff had with others about the dog treat brand and the case.

The defendants argued that it was improper for the plaintiff to unilaterally decide what should be redacted complaining that the location of certain redactions were “suspect” and contended that they were entitled to unfettered access to Plaintiff’s Facebook account including her username and password. Citing Largent v. Reed, 2011 WL 5632688, (Pa. C.P. Franklin Co. Nov. 8, 2011), Zimmerman v. Weis Markets, Inc., No. CV-09-1535, 2011 WL 2065410 (Pa. Comm. Pl. May 19, 2011) and McMillen v. Hummingbird Speedway, Inc., No. 113-2010 CD (C.P. Jefferson, Sept. 9, 2010), suggesting that “these cases stand for the proposition that Facebook accounts are always subject to unrestricted access once a threshold showing of relevance has been made”.

Judge’s Ruling

Referencing Fed.R.Civ.P. 26(b)(1), Judge Kelly stated that “Rulings regarding the proper scope of discovery, and the extent to which discovery may be compelled, are matters consigned to the Court’s discretion and judgment. A party moving to compel discovery bears the initial burden of proving the relevance of the requested information.”

With regard to the three cases cited by the defendants, Judge Kelly noted that they were “factually distinguishable from the instant case and, in this Court’s view, do not require the limitless access to Plaintiff’s Facebook account data advocated by Defendants.” In Largent v. Reed, for example, the plaintiff had refused to provide any Facebook data, whereas the plaintiff here produced 648 pages from her Facebook account. Judge Kelly also observed that pictures of the plaintiff “enjoying life with her family” in Facebook would not near as relevant as they would be in a personal injury litigation like Largent.

Agreeing with the plaintiff’s argument, Judge Kelly stated that “having already provided Defendants with Facebook data relevant to the case, Defendants have failed to make any showing that further production of her Facebook records would result in the dissemination of any more relevant information than has already been provided.” She therefore denied the defendants motion to compel.

With regard to the redactions, the plaintiff had redacted a conversation with another purported class member in the case because their conversation revolved around “specific advice given by class counsel as to the litigation and its progress”. Because of the dispute over the validity of the redactions, Judge Kelly decided “out of an abundance of caution”, “that the best course is to have Plaintiff produce the claimed privileged documents to the Court so that an in camera inspection can be conducted. In this manner, any truly privileged information will remain protected and Defendants can proceed confident that they have received all the relevant and non-privileged information from Plaintiff’s Facebook data.”

So, what do you think? Was that the correct decision or should the judge have treated this case like the three cases cited by the defendant? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.