Post Process

Everything to do with E-discovery & ESI

Archive for September, 2010

Case Blurb: Victor Stanley II; The Gang that couldn’t Spoliate Straight

Posted by rjbiii on September 14, 2010

PostProcess-Pappas = defendant and spoliating party; VSI = Plaintiff and Requesting Party Victor Stanley, Inc.

At the end of the day, this is the case of the “gang that couldn’t spoliate straight.” All in all, in addition to the attempted deletions that caused delay but no loss of evidence, there were eight discrete preservation failures: (1) Pappas’s failure to implement a litigation hold; (2) Pappas’s deletions of ESI soon after VSI filed suit; (3) Pappas’s failure to preserve his external hard drive after Plaintiff demanded preservation of ESI; (4) Pappas’s failure to preserve files and emails after Plaintiff demanded their preservation; (5) Pappas’s deletion of ESI after the Court issued its first preservation order; (6) Pappas’s continued deletion of ESI and use of programs to permanently remove files after the Court admonished the parties of their duty to preserve evidence and issued its second preservation order; (7) Pappas’s failure to preserve ESI when he replaced the CPI server; and (8) Pappas’s further use of programs to permanently delete ESI after the Court issued numerous production orders. The reader is forewarned that although organized into separate categories to facilitate comprehension of so vast a violation, many of the events described in the separate categories occurred concurrently. FN7

FN7: As will be discussed in detail later in this memorandum, when a court is evaluating what sanctions are warranted for a failure to preserve ESI, it must evaluate a number of factors including (1) whether there is a duty to preserve; (2) whether the duty has been breached; (3) the level of culpability involved in the failure to preserve; (4) the relevance of the evidence that was not preserved; and (5) the prejudice to the party seeking discovery of the ESI that was not preserved. There is something of a “Catch 22” in this process, however, because after evidence no longer exists, it often is difficult to evaluate its relevance and the prejudice associated with it. With regard to Pappas’s many acts of misconduct, the relevance and prejudice associated with some of his spoliation can be established directly, or indirectly through logical inference. As to others, the relevance and prejudice are less clear. However, his conduct still is highly relevant to his state of mind and to determining the overarching level of his culpability for all of his destructive acts. When the relevance of lost evidence cannot be proven, willful destruction of it nonetheless is relevant in evaluating the level of culpability with regard to other lost evidence that was relevant, as it tends to disprove the possibility of mistake or accident, and prove intentional misconduct. Fed. R. Evid. 404(b).

Victor Stanley, Inc. v. Creative Pipe, Inc., 2010 U.S. Dist. LEXIS 93644 at *11-13 (D. Md. Sept. 9, 2010)

Advertisements

Posted in 4th Circuit, Case Blurbs, D. Md., Duty to Preserve, FRE 404(b), Magistrate Judge Paul W. Grimm, Sanctions, Spoliation | Leave a Comment »

Around the Block for 9/1/10-Technical Articles of Note

Posted by rjbiii on September 1, 2010

On the Mandiant blog, Nick Harbor reflects on the topic of DLL Search Order Hijacking. Using this method, a person can, by placing a DLL file in a directory accessed by the targeted application, execute malicious code. An advisory on the subject, issued by Acros Security, can be found here.

In CSI SQL Server, Jasmin Azemovic discusses collecting evidence from MS SQL Server systems. Most of the article deals with handling and auditing logs, and it’s a nice read.

Attorney and technology consultant Craig Ball weighs in with a discussion of the the mechanics of email communications, in his article, E-Mail Isn’t as Ethereal as You Might Think.

Posted in Articles, email | Tagged: , , , , | Leave a Comment »

Privacy in the Age of Google and Social Media

Posted by rjbiii on September 1, 2010

Jeffrey Evans, CEO and founder of Tiger Text, expresses his concerns about privacy and hopes for a “cyber shredder” that will allow us some control of what information remains in the public domain. From the article:

In that same interview, Schmidt said, “I don’t believe society understands what happens when everything is available, knowable and recorded by everyone all the time.” Sadly, he is right.

I conducted a little experiment the other day. I told an intern at our office to use the internet to find out as much as he could about me in ten minutes. The only data he could use to launch his investigation were my name and the fact that I am the CEO of TigerText.

In about the same amount of time as it takes for me to make my kids’ breakfast on Saturday morning, he discovered my entire work history, dating back to jobs I had almost 20 years ago, and including where I went to college and business school. He even knew my salary at several of those jobs. Not concerned yet? There’s more.

Posted in Articles, Privacy | Tagged: , | Leave a Comment »