Defensible Disposal means never being accused of spoliation for hosting “Shred Days”

U.S District Judge Ronald Whyte in San Jose reversed his own prior ruling from a 2009 case where he issued a judgment against SK Hynix, awarding Rambus Inc. $397 million in a patent infringement case. In his reversal this month, Judge Whyte ruled that Rambus Inc. had spoliated documents in bad faith when it hosted company wide “shred days” in 1998, 1999, and 2000. Judge Whyte found that Rambus could have reasonably foreseen litigation against Hynix as early as 1998, and that therefore Rambus engaged in willful spoliation during the three “shred days” (a finding of spoliation can be based on inadvertent destruction of evidence). Because of this recent spoliation ruling, the Judge reduced the prior Rambus award from $397 million to $215 million, a cost to Rambus of $182 million.

Two questions come to mind in this case; 1) why did Rambus see the need to hold “shred days”?, and 2) did they have an information governance policy and defensible disposal process? As a matter of definition, defensible disposal is the process (manual or automated) of disposing of unneeded or valueless data in a way that will standup in court as reasonable and consistent.

The obvious answer to the second question is probably not or if yes, it wasn’t being followed, otherwise why the need for the shred days? Assuming that Rambus was not destroying evidence knowingly; the term “shred-days” still has a somewhat negative connotation. I would think corporate attorneys would instruct all custodians within their companies that the term “shred” should be used sparingly or not at all in communications because of the questionable implications.

The term “Shred days” reminds many of the Arthur Andersen partner who so famously sent an email message to employees working on the Enron account, reminding them to “comply with the firm’s documentation and retention policy”. The Andersen partner never ordered the destruction or shredding of evidence but because anticipation of future litigation was potentially obvious, the implication in her email was “get rid of suspect stuff”. The timing of the email message was also suspect in that just 21 minutes separated Ms. Temple’s e-mail message to Andersen employees on the Enron account about the importance of complying with the firm’s document retention policy from an entry in a record of her current projects in which she wrote that she was working on a case involving potential violations of federal securities laws.

The Rambus case highlights the need for a true information governance process including a truly defensible disposal strategy. An information governance process would have been capturing, indexing, applying retention policies, protecting content on litigation hold and disposing of content beyond the retention schedule and not on legal hold… automatically, based on documented and approved legally defensible policies. A documented and approved process which is religiously followed, and with proper safeguards goes a long way with the courts to show good faith intent to manage content and protect that content subject to anticipated litigation.


Defensible Disposal and Predictive Coding Reduces (?) eDiscovery by 65%

Following Judge Peck’s decision on predictive coding in February of 2012, yet another Judge has gone in the same direction. In Global Aerospace Inc., et al, v. Landow Aviation, L.P. dba Dulles Jet Center, et al (April 23, 2012), Judge Chamblin, a state judge in the 20th Judicial Circuit of Virginia’s Loudoun Circuit Court, wrote:

“Having heard argument with regard to the Motion of Landow Aviation Limited Partnership, Landow Aviation I, Inc., and Landow & Company Builders, Inc., pursuant to Virginia Rules of Supreme Court 4:1 (b) and (c) and 4:15, it is hereby ordered Defendants shall be allowed to proceed with the use of predictive coding for the purposes of the processing and production of electronically stored information.”

This decision was despite plaintiff’s objections the technology is not as effective as purely human review (their objections can be seen here).

This decision comes on top of a new RAND Institute for Civil Justice report which highlights a couple of important points. First, the report estimated that $0.73 of every dollar spent on eDiscovery can be attributed to the “Review” task. RAND also called out a study showing an 80% time savings in Attorney review hours when predictive coding was utilized.

This suggests that the use of predictive coding could, optimistically, reduce an organization’s eDiscovery costs by 58.4%.

The barriers to the adoption of predictive coding technology are (still):

  • Outside counsel may be slow to adopt this due to the possibility of loosing a large revenue stream
  • Outside and Internal counsel will be hesitant to rely on new technology without a track record of success
  • Additional guidance from Judges

These barriers will be overcome relatively quickly.

Let’s take this cost saving projection further. In my last blog I talked about “Defensible Disposal” or in other words, getting rid of old data not needed by the business. It is estimated the cost of review can be reduced by 50% by simply utilizing an effective Information Governance program. Utilizing the Defensible Disposal strategy brings the $0.73 of every eDiscovery review dollar down to $0.365.

Now, if predictive coding can reduce the remaining 50% of the cost of eDiscovery review by 80% as was suggested in the RAND report, between the two strategies, a total eDiscovery savings of approximately 65.7% could be achieved. To review, lets look at the math.

Starting with $0.73 of every eDiscovery dollar is attributed to the review process

Calculating a 50% saving due to Defensible Disposal brings the cost of review down to $0.365. (assuming 50% of documents to be reviewed are disposed of)

Calculating the additional 80% review savings using predictive coding we get:

$0.365 * 0.2 (1-.8) = $0.073 (total cost of review after savings from both strategies)

To finish the calculations we need to add back in the cost not related to review (processing and collection) which is $0.27

Total cost of eDiscovery = $0.073 + $0.27 = $0.343 or a savings of: $1.0 – $0.343 = 0.657 or 65.7%.

 As with any estimates…your mileage may vary, but this exercise points out the potential cost savings utilizing just two strategies, Defensible Disposal and Predictive Coding.

With Upcoming Legislation, Cloud Storage is Looking Brighter

Back on December 30, 2009 I blogged about how cloud storage could have a problem catching on with larger enterprises because of a lesser known provision in the Patriot Act called the National Security Letters.

Under the provisions of the Patriot Act, these National Security Letters, a form of administrative subpoena used by the United States Federal Bureau of Investigation and reportedly by other U.S. Government Agencies including the Central Intelligence Agency and the Department of Defense, can be used to require “carriers” to turn over records and data concerning individual customers (corporate customers) if asked to do so by the Federal government. The letters do not require the government to get a court order, so in effect the regulation allows the government to access that information on demand.

So the question was; how many GCs of large corporations will steer their companies away from this potential legal risk?

I have found out that the congress is working on changing how this provision of the Patriot Act can be applied to better protect organization’s data stored in the cloud.

On March 30, 2009 H.R 1800, the National Security Letters reform Act of 2009, was introduced and is currently in committee. The summary of the Bill is below:

Prohibits a national security letter (letter) (a request for information sought by the Federal Bureau of Investigation (FBI) in connection with a criminal investigation) from being issued unless the issuing official certifies specific facts providing reason to believe that the information or records sought pertain to a foreign power or agent thereof. It prohibits a letter from being issued in connection with an investigation of a U.S. person solely upon the basis of activities protected by the First Amendment to the Constitution. It prohibits: (1) a letter from containing unreasonable requirements or requiring privileged matter; or (2) disclosing to a person that the FBI has sought or obtained access to information under a letter for 30 days after receipt of the FBI’s request for such information. It authorizes judicial review for the modification or revocation of a letter. Provides limited uses of information acquired through a letter. It allows persons against whom evidence obtained from a letter is to be used to file a motion to suppress. It provides a civil cause of action for the misuse of letters. It requires the authority to issue letters to revert, five years after the enactment of this Act, to that provided by law on October 25, 2001. It requires the Attorney General to: (1) undertake minimization and destruction procedures with respect to information acquired through letters; and (2) report semiannually on the number and use of letters. It requires the disposal of wrongly acquired information. And it revises requirements relating to claims of emergency in connection with certain letters.

With these new protections (if H.R. 1800 is passed into law eventually) on how the National Security Letters can be used, I believe many of the larger organizations will embrace these new protections and speed up their adoption of cloud storage offerings.

eDiscovery ROI and ESI Archiving

The Cost of Collection:

Medium to large sized organizations are being driven to lower their overall litigation costs by bringing more of the eDiscovery processes in-house. To do this, organizations need to understand and proactively plan for the eDiscovery process. The most cost effective way to quickly lower eDiscovery costs are to prepare for the collection phase by putting in place an ESI archive to capture and manage those ESI silos that are most requested…Email, File System and SharePoint ESI.

The average cost to acquire all potentially responsive ESI from all corporate infrastructure locations including email servers, file shares, SharePoint systems, as well as from all custodian locations including desktop/laptops, local external storage devices, portable media such as USB thumb drives, CDs and DVDs in a defensible manner is between $1000 and $2000 per custodian discovered.

Realistically, the cost of eDiscovery can be reduced dramatically if your organization understands the eDiscovery process and proactively plans for it. Some areas to look at include:

  1. The number one way to reduce e-discovery expense (besides not getting sued/investigated) is having less data to collect/review
  2. Create, follow and enforce an ESI records retention policy to control legacy data including backup retention which should be in sync with the retention ESI retention policies
  3. Eliminate custodian PSTs. These little bombs are the biggest contributor to the cost of collection and review
  4. Develop and implement a litigation hold policy and have all custodians review and signoff on it
  5. For medium to large organizations, the most effective cost and risk reducer, besides reducing the amount of ESI in your organization, is to put a centrally managed ESI archive in place with centrally managed ESI retention policies. If, for example, you have an ESI archive which collects and manages your email data, file system data and your SharePoint data, the most requested ESI data types in discovery, then for those data types, you no longer have to search every custodian’s workstations, removable media, etc. A simple query of the archive will let you find, place legal holds, cull, review and export responsive ESI in a fraction of the time you normally take.

Employer’s Email Use Policy an Important Factor in Privilege

In a recent article in Law Technology News written by Anthony E. Davis titled “More Privilege Issues With Employee Email”, an interesting issue was posed: Should an employee expect that emails between themselves and their attorney be privileged when using the company’s email system?

Mr. Davis pointed to a case, Leor Exploration & Production LLC, et al., v. Aguiar, 2009 WL 3097207 (S.D. Fla.)(doc), where the court considered this question. The court cited another case, In Re Asia Global Crossing, Ltd., 322 B.R. 247, 257 (SDNY 2005), where four factors were listed:

  1. does the corporation maintain a policy banning personal or other objectionable use,
  2. does the company monitor the use of the employee’s computer or email,
  3. do third parties have a right of access to the computer or e-mails, and
  4. did the corporation notify the employee, or was the employee aware, of the use and monitoring policies?”

In this case, if the answer was yes, then the employee should have had no reasonable expectation of privacy. This highlights the need to a corporate email use policy with documented processes. If through widely disseminated policies, the company did notify the employee of potential monitoring of email and stated that the corporate email system should not be used for personal use, then attorney client privilege is hard to prove.

Companies in the U.S. need to prepare themselves for the eDiscovery process by proactively collecting ESI including employee email so that they can quickly and effectively place legal holds and query that ESI archive for eDiscovery responce.

What should companies do to better protect themselves? Obviously they should develop email use policies that plainly state the above practices and train their employees on the email use policy.

Can SharePoint be an effective eDiscovery Repository?

Microsoft positions SharePoint as a document and information sharing platform for companies. SharePoint Team Services provides templates for setting up a Web site so that workgroups can share documents, calendars, announcements, postings, host blogs and wikis among other things. SharePoint Portal Server is used to build intranet portals and share documents. The SharePoint system is a very powerful platform that will become a staple for most business entities.

One perceived problem with SharePoint adoption is that because a SharePoint system can contain so much information, some in the legal community aren’t sure if and how easy a SharePoint solution could be “discovered” and an even more important point, how data within the SharePoint system can be secured under a litigation hold.

With a little planning and an addition, a SharePoint solution can be an extremely valuable tool for your company as well as a litigation-ready eDiscovery repository.

The addition of an archive that can capture, index and secure all SharePoint data, not just the documents but everything, would remove the eDiscovery liability with a SharePoint system as well as drive down the costs and risks of eDiscovery.

eDiscovery Abuse and Backup Tapes

The eDiscovery case referenced below is a prime example of the how email server backup tapes are still a major target in Discovery and can be extremely costly to produce. When asked to discover two email server backup tapes, the defendants strongly opposed and indicated that searching the two tapes would cost more than $600,000.

Now I find this to “cost” to be beyond the realm of common sense. There are many federal civil cases that have established the cost of backup tape restoration to be between $2300 and $4500 per tape.

The main points to consider here is that backup tapes are discoverable and therefore subject to a litigation hold and backup tapes are expensive to discover. If you were to have an ESI archive, and applied a backup tape recycling policy that is shorter than your ESI archive retention policy, than your backup tapes would almost never be asked for in discovery.

Finding Defendants’ Behavior “a Textbook Case of Discovery Abuse,” Court Orders $1,022,700 in Monetary Sanctions


In this constructive transfer and fraud case arising out of the 2003 bankruptcy of Magnatrax Corporation, plaintiff alleged numerous discovery abuses on the part of defendants and sought sanctions accordingly. Among the abuses described were several allegations related to defendants’ failure to produce information stored on backup tapes, even upon being ordered to do so, and other various and related misdeeds. Calling defendants actions a “textbook case of discovery abuse,” the court found in favor of plaintiff but declined to strike defendants’ answer, as requested, and ordered defendants to pay plaintiff $1,022,700 in monetary sanctions.

In his motion for sanctions, the plaintiff established six categories of alleged discovery abuses, including the category “electronic or email discovery.” Details of the alleged discovery abuses in this category revolved around the question of defendants’ obligation to restore and produce responsive information stored on backup tapes. The question arose in light of the notable lack of email identified as responsive following defendants’ initial search of their electronic systems and in light of another party’s production of emails that should also have been produced by defendants, but were not. Defendants explained that the emails were likely stored on email backup tapes. Defendants further indicated their belief that they were not required to bear the burden and expense of restoring and searching the tapes but agreed to consider such action if plaintiff would pay.

Addressing plaintiff’s allegations surrounding the backup tapes, the court indicated its understanding of defendants’ initial refusal to produce electronic discovery from its backup tapes, but went on to condemn defendants’ subsequent behavior including their “blatant misrepresentations about the value of e-mail discovery in this case in an effort to influence the court’s ruling…and for behaving as if they, and not the court, got to decide what…was relevant…and what was not.”

Read the entire case description at