Post Process

Everything to do with E-discovery & ESI

Archive for the ‘Data Management’ Category

Court tells Artist to Come Clean

Posted by rjbiii on April 6, 2010

A federal court has ordered Shepard Fairey, the man behind the now famous “Hope” poster of Barack Obama to disclose ESI that was deleted, and to reveal the identity of the person behind the destruction of evidence. From the ABA’s story on the matter:

Fairey switched lawyers in the case last November after his then-counsel said in a court document that the artist had deleted electronic files to cover up a mistake about which photo he had used. The document, a motion for new counsel, said the events presented a potential for conflict of interest between Fairey and his then-lawyers.

Fairey is under criminal investigation in connection with the disclosure, according to court filings.

On Monday, [Judge] Hellerstein ordered Fairey and his companies to disclose how computer files were searched for relevant legal records, according to the AP story.

Posted in Articles, Data Management, Search Protocols | Leave a Comment »

Implementing a Litigation Hold

Posted by rjbiii on February 24, 2010 has posted an article discussing trigger events and implementing litigation holds. This is the first of 7 parts on the subject. From the article:

As articulated by Judge Scheindlin in Pension Committee v. Banc of America, courts definitely do not want to wade through stacks of motions papers and days of hearings to determine if preservation efforts were sufficient to prevent the destruction of ESI and other documents. As a result, it is imperative for an organization to have in place a litigation hold policy and adequate procedures necessary to avoid going down the litigation “detour” of discovery sanctions motions.

The goal, on the other hand, is not perfection but rather development of a systematic approach to implementing litigation holds within your organization. Systematic, means repeatable and methodical. The idea is to build credibility. The purpose is to demonstrate reasonable efforts conducted in good faith, to search for ESI containing the truth and preserving it. While no system is foolproof, we developed the “Seven Steps” to help meet the litigation hold duties enumerated in recent litigation hold cases.

Posted in Articles, Data Management, Duty to Preserve, Litigation Hold | Leave a Comment »

Case Summary: Phillip M. Adams & Assocs., On Spoliation and Info. Management

Posted by rjbiii on July 5, 2009

Phillip M. Adams & Assocs., L.L.C. v. Dell, Inc., 2009 U.S. Dist. LEXIS 26964 (D. Utah Mar. 27, 2009)

FACTS: Plaintiffs, and requesting party, Philip M. Adams & Associates, alleged infringement of their patents for technology that detected and resolved defects in the most widely used floppy disk controller, thus preventing data from being destroyed. The patents in question were purportedly assigned to plaintiffs by the original inventor. FDC-related defects gave rise to multiple lawsuits, culminating with the settlement of a class action suit against Toshiba in October of 1999.
Requesting party accused producing party of spoliation, as stated in the opinion:

…first, that ASUS has illegally used Adams’ patented software; and second, that ASUS has destroyed evidence of that use. The first assertion is identical to the liability issue in this case. The second assertion is premised on the first: Assuming ASUS used Adams’ software, ASUS’ failure to produce evidence of that use is sanctionable spoliation. Adams has no direct proof of destruction of evidence but is inferring destruction or withholding of evidence. Since Adams is convinced that ASUS infringed, Adams is also convinced that failure to produce evidence of infringement is sanctionable.

Issues we examine:

  1. When did the producing party’s duty to preserve attach?
  2. How does the Safe Harbor provision (FRCP 37(e)) factor into the determination of sanctions in this case?
  3. What role does producing party’s information management system play in the sanctions calculus?
  4. How does the producing party’s lack of produced data on certain subjects in the aggregate balanced against the absence of specific evidence of wrong-doing by requesting party?

Issue 1: Court’s reasoning:
Producing party acknowledges receiving a letter from requesting party’s counsel asserting infringement on February 23, 2005. It does not acknowledge receiving an earlier letter dated October 4, 2004. Thus, Producing Party dates the beginning of its duty to preserve from the date of the February letter, and states that it has complied with that duty from that time forward. Producing party takes the position that a delay in giving notice and bringing suit by requesting party is the reason for the lack of available data from the years 2000 and 2001.
The court noted that both parties agreed that “a litigant’s duty to preserve evidence arises when ‘he knows or should know [it] is relevant to imminent or ongoing litigation.'” The court acknowledged the producing party’s stance that this trigger occurred upon receiving counsel’s letter, but stated that this was “not the inviolable benchmark.” The court cited 103 Investors I, L.P. v. Square D Co., 470 F.3d 985 (10th Cir. 2006) to buttress its argument.
In 103 Investors, the defendant disposed of 50 to 60 feet of “busway” material after a fire had occurred, destroying all but four feet of the busway, and eliminating any of the busway that should have contained a warning label. The court concluded that in that instance, the defendant should have known that litigation was imminent, although the material had been disposed of long before the complaint was filed.
The court described the history of this defect. In 1999 Toshiba paid a large sum to settle a class action related to the floppy drive error in play in the instant matter. That same year, a class action suit was filed against HP for the same defect. In 2000, producing party was working on correcting the issue. Sony became embroiled in a class action in 2000. The court stated that the industry had (or should have become) “sensitized” to the possibility of litigation on this issue.

It appears that this extends the duty to preserve, which is already among the more difficult and costly issues in e-discovery today. By extending the duty’s trigger to occur prior to any direct or specific action against defendants, the court is asking too much of any IT department. It may be that the lack of documents produced by the defendants (this is discussed below) puts the court in the position of trying to fashion a rationale for punishment. But taken literally, the effects of the opinion could set a difficult, perhaps impossible, standards for compliance with the duty.

Issue 2: Safe Harbor?

The court, to the dismay of many commentators, dismisses the effects of the safe harbor provision in FRCP 37(e). Ralph Losey claims the court “mines” the rule into oblivion. I think what is in play here is that the court feels that the producing party would use Safe Harbor as a rationale for not producing data that it should have. Nevertheless, Safe Harbor’s reach, already attenuated, appears to weaken further in this opinion.

Issue 3: What role does producing party’s information management system play in the sanctions calculus?

The court comes down hard on the IG practices of the producing party. It stated that the system’s architecture, possessed of questionable reliability, should not be excused, though it evolved, rather than was deliberately designed to operate as it does. The result is that it operated to deprive the requesting party of access to evidence.
Traits of this system are described thusly:
[Producing Party] extensively describes its email management and storage practices, to explain the nearly complete absence of emails related to the subject of this litigation.

First, [Producing Party] says its email servers are not designed for archival purposes, and employees are instructed to locally preserve any emails of long term value.

[Producing Party] employees send and receive email via company email servers.

Storage on [Producing Party’s] email servers is limited, and the company directs employees to download those emails they deem important or necessary to perform their job function from the company email server to their individual company issued computer.

[Producing Party] informs its employees that any email not downloaded to an employee’s computer are automatically overwritten to make room for additional email storage on ASUSTeK ‘s servers.

It is [Producing Party’s] routine practice that its employees download to their individual computer those emails the employee deems important or necessary to perform his or her job function or comply with legal or statutory obligations.

Second, ASUS employee computers are periodically replaced, at which time ASUS places all archiving responsibility for email and other documents on its employees. During the course of their employment, ASUSTeK employees return their individual company issued computers in exchange for newer replacement computers.

40. The hard drives of all computers returned to or exchanged with the company are formatted to erase all electronic information stored on these computers before they are recycled, reused or given to charity.

41. During a computer exchange, it is [Producing Party’s] practice to direct its employees to download those emails and electronic documents from the employee’s individual computer to the employee’s newly issued computer that the employee deems important or necessary to perform his or her job function or comply with legal or statutory obligations.

The court stated that descriptions these data management practices may explain why relevant e-mails were not produced, but it did not establish the Producing Party’s good faith in managing its data. It calls the information management practices of the producing party “questionable” and that although an organization may design its systems to suit its business purposes, the information management practices are still accountable to such third parties as adversaries in litigation. The court opines that: “[a] court – and more importantly, a litigant – is not required to simply accept whatever information management practices a party may have. A practice may be unreasonable, given responsibilities to third parties.

Furthermore, while the court accepts that the Producing Party’s system “evolved” rather than was purposefully designed with the goal of hiding data needed for litigation, it nevertheless quoted the Sedona Conference: “An organization should have reasonable policies and procedures for managing its information and records.”

Finally, the court took aim at the practice of allowing individual users to drive retention practices, when it stated: “[Producing Party’s]’ practices invite the abuse of rights of others, because the practices tend toward loss of data. The practices place operations-level employees in the position of deciding what information is relevant to the enterprise and its data retention needs.”

Issue 4: How does the producing party’s lack of produced data on certain subjects in the aggregate balanced against the absence of specific evidence of wrong-doing by requesting party?

Producing Party turned over executable files of their own invention, but failed to surrender the source code for those executables. They also failed to produce other relevant executables and related source code, or “a single document” relating to the development of the applications under scrutiny. The court expressed concern over the absence of certain types of documents from the production:

[Producing Party’s] only response is that it has produced a large volume of documents. That may be the case; but, it has not produced the most critical documents – those that relate to its misappropriation, its copying, and its willful behavior. The only conclusion after all this time is that [Producing Party] has destroyed critical evidence that it simply cannot show did not exist.

By this expression, the court adopted Requesting Party’s argument that Producing Party had “‘spoliated the most critical evidence in this case, e.g., test programs and related source code’ “[S]ince [Producing Party] has not produced it, the only conclusion is that [they have destroyed it.”

The court also noted, in its analysis of Producing Party’s objection to the admissibility of data produced by third parties on grounds of authentication, that the Producing Party, while claiming “a near total absence of evidence…[sought] to eliminate the only evidence available. The court concluded that such tactics should not prevail to “prevent consideration of the best evidence available.”

Requesting Party listed types of documentation that they would expect Producing Party to possess, but never received during production. Communications and documentation from outside sources contributed to a suspicion that such documentation once existed. Indeed, as the court examines the Producing Party’s duty to preserve, it leads off by stating: “[t]he universe of materials we are missing is very large. Indisputably, we have very little evidence compared to what would be expected.”

In dismissing arguments that destruction of the data in question was covered by the “Safe Harbor” provision under FRCP 37(e), the court stated: “[o]ther than the patent application and the executable file, it does not appear [Producing Party] has produced any significant tangible discovery on the topics where information is conspicuously lacking.”

Ultimately the court found that Producing Party had breached its duty to preserve relevant data. It appears from the information above that the dearth of critical documentation from the Defendant’s productions was a significant contributor to the ruling, but the court does not explain the weight to which it assigned this as an element in its ruling.

Posted in 10th Circuit, Best Practices, Case Summary, D. Utah, Data Custodians, Data Management, Data Retention Practices, Document Retention, Duty to Preserve, FRCP 37(e), Good Faith, Information Governance, Magistrate Judge David Nuffer, Reasonable Anticipation of Litigation, Safe Harbor, Source Code, Spoliation | 1 Comment »

The difference between an archive and a backup

Posted by rjbiii on December 26, 2008

Computer Technology Review has posted an article describing the effect of the FRCP on business and corporate IT departments. The article contains the now familiar refrain to proactively manage your digital resources. One nice blurb, though, discusses the difference between archives and back-ups:

This underscores the difference between an archive and a backup system. An archive in today’s regulatory and litigation preparedness sense is an actively managed set of information kept as a business record when needed and disposed of when not. Backups on the other hand are designed for near term disaster recovery and not long term preservation. But many companies have suspended the rotation of their backup media, sometimes for years, because of a fear of sanctions or even bad press resulting from the improper deletion of this potentially discoverable data. What should have been a disaster recovery mechanism is now functioning as a very inefficient archive of all historical information. This becomes magnified as companies inherit backup media through merger and acquisition. In many instances the current IT staff has no idea what data exists upon those tapes.

Posted in Articles, Back Up Tapes, Best Practices, Compliance, Data Management, Data Retention Practices, FRCP 26, FRCP 34 | Tagged: , , | Leave a Comment »

On a New British Standard for Storing Data to be Used as Evidence

Posted by rjbiii on December 25, 2008

The Register reports that the national standards body of the U.K., the BSI Group, has formulated a new standard for storing data properly for “maximizing” the weight of data presented in court. The standard deals with the manner in which evidence is stored.
From the article:

By complying with BS 10008, “it is anticipated that the evidential weight of electronic information transferred to and/or managed by a corporate body will be maximised,” said national standards body BSI British Standards.

The Standard is called Evidential weight and legal admissibility of electronic information – Specification. It sets out the requirements for the implementation and operation of electronic information management systems, including the storage and transfer of information, and addresses issues relating to authenticity and integrity of information.

Legal admissibility concerns whether or not a piece of evidence would be accepted by a court of law. To ensure admissibility, information must be managed by a secure system throughout its lifetime, which can be for many years. Where doubt can be placed on the information, the evidential weight may be reduced, potentially harming the legal case.

From the BSI Group’s description:

What does the standard include?

* The management of electronic information over long periods, including through technology changes, where information integrity is vital
* How to manage the various risks associated with electronic information
* How to demonstrate the authenticity of electronic information
* The management of quality issues related to document scanning processes
* The provision of a full life history of an electronic object throughout its life
* Electronic transfer of information from one computer system to another
* Covers policies, security issues, procedures, technology requirements and auditability of electronic document management systems (EDMS).

Posted in Best Practices, Data Management, Data Retention Practices, International Issues, United Kingdom | Tagged: | Leave a Comment »

An Education on ESI and Records Management: Schools need a lesson plan for E-mail

Posted by rjbiii on November 2, 2008

Michael Osteman has posted a story that cites a recent survey showing some interesting numbers:

* 62% of school administrators revealed they do not have a district policy regarding e-mail communications between themselves and teachers.
* 68% of these administrators revealed they do not have a policy regarding e-mail communications between themselves and parents.

And a big one:

The survey also revealed that 90% of schools had not yet created a plan to be in compliance with the new amendments to the Federal Rules of Civil Procedure (FRCP).

Not really all that surprising, but nevertheless, always something of a jolt when see such high numbers in black & white.

Posted in Articles, Data Management, Data Retention Practices, email, Employee Practices | Leave a Comment »

New E-Discovery Strategy: Manage your data before the lawsuit

Posted by rjbiii on September 19, 2008

Businesses have finally become impressed with the need to manage the data residing on their enterprises, and it appears that the straw breaking the camel’s back is…ta da…e-discovery:

But thanks to e-discovery risk and burgeoning data volumes — 20% to 50% compound annual growth rate for some companies — the tide is starting to turn, according to [John] Merryman. The average cost companies incur for electronic data discovery ranges from $1 million to $3 million per terabyte of data, according to Glasshouse. While you need to pay attention to retaining data, at the same time, “all indications are that you need to be keeping less,” Merryman says.

The cost of retrieving content from disorganized data universes existing on IT enterprises hits hard when a suit requires you to sort out the mess. No excuses are allowed, and procrastination is no longer possible. So what’s the answer?

One way to address this problem is to set retention policies that reduce exposure to legal problems. But don’t try to boil the ocean, Merryman advises. Instead, create policies from the application or business level down, rather than looking across the whole data landscape and letting policy bubble up. Also, create black-and-white rules that are easy to deal with.

E-discovery should not be quite the beast that it has turned out to be. Part of the reason for the current predicament is that data management hasn’t been a priority, even in the face of compliance requirements. Lawsuits, and the attendant scrutiny accompanying e-discovery projects, signal that judgment day approaches. Taming the enterprise goes a long way to taming the e-discovery burden.

Posted in Articles, Data Management, Technology, Trends | 1 Comment »

Case Blurb: Morris; Data Retention Policies and Adverse Inferences

Posted by rjbiii on August 10, 2008

In accord with its pretrial ruling, the district court gave the following instruction to the jury during the course of the trial:

You’ve heard evidence that there was an audio tape recording of communications made by railroad employees over their radios, including the communications between the railroad dispatcher and the employees on the train in Waldo. The tape was erased about 90 days after the accident because Union Pacific Click for Enhanced Coverage Linking Searcheshas a policy to reuse it’s [sic] audio voice tapes and it is usual procedure to record over the tapes after 90 days. However, this court found in another hearing or a previous hearing that Union Pacific should not have re-recorded this tape pursuant to its policy but should have saved the tape because it was on notice that a serious injury had occurred and it knew there was a possibility that a lawsuit would follow the injury. Because Union Pacific destroyed the information on the tape when it should have kept the information, you may, you may, infer that there was information in the recorded communications that would have proved damaging to Union Pacific or helpful to John Morris.

Relying on this adverse inference instruction, counsel for Morris argued extensively to the jury that it should infer evidence damaging to Union Pacific from the missing audiotape. Among the inferences suggested were that dispatchers at Union Pacific headquarters in Omaha directed the crew to move the train notwithstanding the crew’s protest that it could not be done safely, that train movement was rushed because dispatchers were concerned about train traffic, and that the train crew made admissions during spontaneous chatter between the crew and dispatchers following the accident. There was no direct evidence of these facts introduced at trial, and members of the train crew disputed them. Counsel also emphasized to the jury that Union Pacific was “destroying evidence,” which it was “not supposed to do.”

An adverse inference instruction is a powerful tool in a jury trial. When giving such an instruction, a federal judge brands one party as a bad actor, guilty of destroying evidence that it should have retained for use by the jury. It necessarily opens the door to a certain degree of speculation by the jury, which is admonished that it may infer the presence of damaging information in the unknown contents of an erased audiotape. As the district court in this case put it colloquially, “it’s like cow crap; the more you step in it, the more it stinks.” One distinguished court years ago cautioned against use of an adverse inference instruction like the one given in this case (there, involving an absent witness rather than missing evidence), because “the jury should not be encouraged to base its verdict on what it speculates the absent witness would have testified to, in the absence of some direct evidence.”

Presumably cognizant of these factors, our court in Stevenson v. Union Pac. R.R. Co., 354 F.3d 739 (8th Cir. 2004), recently clarified what circumstances justify the sanction of an adverse inference instruction. Stevenson specifically addressed the pre-litigation destruction of documents pursuant to Union Pacific document retention policy. While acknowledging that dicta in Lewy had articulated a “knew or should have known” negligence standard for imposition of the sanction, we ultimately rejected that approach, and held that “there must be a finding of intentional destruction indicating a desire to suppress the truth” before an adverse inference instruction is justified. Id. at 746. Though observing that the case before it “tested the limits of what we are able to uphold as a bad faith determination,” the Stevenson court held that the district court did not abuse its discretion in finding that Union Pacific acted with the requisite intent to destroy evidence for the purpose of suppressing evidence. Id. at 747-48.

The district court in this case did not have the benefit of the clarification in Stevenson that a finding of intent is required to impose the sanction of an adverse inference instruction. In light of Stevenson, we conclude that the adverse instruction was not proper in this case.

The most important consideration in our analysis is the district court’s own finding regarding Union Pacific’s intent. The district court specifically concluded that Union Pacific “did not intentionally destroy the tape.” (Addendum at 12). This does not strike us as a casual or off-handed finding. The district court acknowledged that “historically, spoliation only arose from the intentional destruction of evidence, and therefore a finding that the spoliator intentionally destroyed the evidence was a prerequisite to prevail in a motion for sanctions for spoliation.” (emphasis in original). Only after reaching the understandable conclusion, based on our court’s opinion in Lewy, that “a finding of no intent is no longer dispositive of the issue” did the district court rule that Union Pacific should be sanctioned for destroying the audiotape.

Morris v. Union Pac. R.R., 373 F.3d 896, 900-901 (8th Cir. Ark. 2004).

Posted in 8th Circuit, Adverse Inference, Case Blurbs, Data Management, Judge Steven M. Colloton, Sanctions | Leave a Comment »

Case Blurb: Lewy; On Remand, Court should examine validity of party’s document retention policy

Posted by rjbiii on August 10, 2008

On remand, if the trial court is called upon to again instruct the jury regarding failure to produce evidence, the court should consider the following factors before deciding whether to give the instruction to the jury. First, the court should determine whether [Producing Party’s] record retention policy is reasonable considering the facts and circumstances surrounding the relevant documents. For example, the court should determine whether a three year retention policy is reasonable given the particular document. A three year retention policy may be sufficient for documents such as appointment books or telephone messages, but inadequate for documents such as customer complaints. Second, in making this determination the court may also consider whether lawsuits concerning the complaint or related complaints have been filed, the frequency of such complaints, and the magnitude of the complaints.

Finally, the court should determine whether the document retention policy was instituted in bad faith.

Lewy v. Remington Arms Co., 836 F.2d 1104, 1112 (8th Cir. Mo. 1988 )

Posted in 8th Circuit, Case Blurbs, Data Management, Judge Floyd R. Gibson | Leave a Comment »

California’s Search for a Legacy System Archaeologist

Posted by rjbiii on August 7, 2008

Pay cuts for some California state workers has been met with resistance. Not a wholly unpredictable problem, at least with respect to the political maneuvering that’s currently going on. However, there is another facet to the situation making it difficult to implement the pay cuts: the system used by the state is a legacy system that will require the assistance of a COBOL programmer:

COBOL programmers are increasingly hard to come by — find me a college that teaches it — and InfoWorld recently ranked “legacy systems archaeologist” as the seventh dirtiest job in IT. Maybe it’s time for California to ditch the existing system altogether and start over afresh?

As it turns out, there is such a plan in place. Aptly named the 21st Century Project, the modernization effort is scheduled to kick off next year. Unfortunately, the estimated cost of the project has ballooned to $177 million — not an easy pill to swallow for a state without a budget.

But hold on. Is this trip really necessary? If we read between the lines of a recent IDC study, sometimes “duct tape” can have advantages.

Click on the link above to read the entire article.

Posted in Articles, Data Management, Legacy Systems | Tagged: | Leave a Comment »