eDiscovery ROI and ESI Archiving

The Cost of Collection:

Medium to large sized organizations are being driven to lower their overall litigation costs by bringing more of the eDiscovery processes in-house. To do this, organizations need to understand and proactively plan for the eDiscovery process. The most cost effective way to quickly lower eDiscovery costs are to prepare for the collection phase by putting in place an ESI archive to capture and manage those ESI silos that are most requested…Email, File System and SharePoint ESI.

The average cost to acquire all potentially responsive ESI from all corporate infrastructure locations including email servers, file shares, SharePoint systems, as well as from all custodian locations including desktop/laptops, local external storage devices, portable media such as USB thumb drives, CDs and DVDs in a defensible manner is between $1000 and $2000 per custodian discovered.

Realistically, the cost of eDiscovery can be reduced dramatically if your organization understands the eDiscovery process and proactively plans for it. Some areas to look at include:

  1. The number one way to reduce e-discovery expense (besides not getting sued/investigated) is having less data to collect/review
  2. Create, follow and enforce an ESI records retention policy to control legacy data including backup retention which should be in sync with the retention ESI retention policies
  3. Eliminate custodian PSTs. These little bombs are the biggest contributor to the cost of collection and review
  4. Develop and implement a litigation hold policy and have all custodians review and signoff on it
  5. For medium to large organizations, the most effective cost and risk reducer, besides reducing the amount of ESI in your organization, is to put a centrally managed ESI archive in place with centrally managed ESI retention policies. If, for example, you have an ESI archive which collects and manages your email data, file system data and your SharePoint data, the most requested ESI data types in discovery, then for those data types, you no longer have to search every custodian’s workstations, removable media, etc. A simple query of the archive will let you find, place legal holds, cull, review and export responsive ESI in a fraction of the time you normally take.

Employer’s Email Use Policy an Important Factor in Privilege

In a recent article in Law Technology News written by Anthony E. Davis titled “More Privilege Issues With Employee Email”, an interesting issue was posed: Should an employee expect that emails between themselves and their attorney be privileged when using the company’s email system?

Mr. Davis pointed to a case, Leor Exploration & Production LLC, et al., v. Aguiar, 2009 WL 3097207 (S.D. Fla.)(doc), where the court considered this question. The court cited another case, In Re Asia Global Crossing, Ltd., 322 B.R. 247, 257 (SDNY 2005), where four factors were listed:

  1. does the corporation maintain a policy banning personal or other objectionable use,
  2. does the company monitor the use of the employee’s computer or email,
  3. do third parties have a right of access to the computer or e-mails, and
  4. did the corporation notify the employee, or was the employee aware, of the use and monitoring policies?”

In this case, if the answer was yes, then the employee should have had no reasonable expectation of privacy. This highlights the need to a corporate email use policy with documented processes. If through widely disseminated policies, the company did notify the employee of potential monitoring of email and stated that the corporate email system should not be used for personal use, then attorney client privilege is hard to prove.

Companies in the U.S. need to prepare themselves for the eDiscovery process by proactively collecting ESI including employee email so that they can quickly and effectively place legal holds and query that ESI archive for eDiscovery responce.

What should companies do to better protect themselves? Obviously they should develop email use policies that plainly state the above practices and train their employees on the email use policy.

Can SharePoint be an effective eDiscovery Repository?

Microsoft positions SharePoint as a document and information sharing platform for companies. SharePoint Team Services provides templates for setting up a Web site so that workgroups can share documents, calendars, announcements, postings, host blogs and wikis among other things. SharePoint Portal Server is used to build intranet portals and share documents. The SharePoint system is a very powerful platform that will become a staple for most business entities.

One perceived problem with SharePoint adoption is that because a SharePoint system can contain so much information, some in the legal community aren’t sure if and how easy a SharePoint solution could be “discovered” and an even more important point, how data within the SharePoint system can be secured under a litigation hold.

With a little planning and an addition, a SharePoint solution can be an extremely valuable tool for your company as well as a litigation-ready eDiscovery repository.

The addition of an archive that can capture, index and secure all SharePoint data, not just the documents but everything, would remove the eDiscovery liability with a SharePoint system as well as drive down the costs and risks of eDiscovery.

eDiscovery Abuse and Backup Tapes

The eDiscovery case referenced below is a prime example of the how email server backup tapes are still a major target in Discovery and can be extremely costly to produce. When asked to discover two email server backup tapes, the defendants strongly opposed and indicated that searching the two tapes would cost more than $600,000.

Now I find this to “cost” to be beyond the realm of common sense. There are many federal civil cases that have established the cost of backup tape restoration to be between $2300 and $4500 per tape.

The main points to consider here is that backup tapes are discoverable and therefore subject to a litigation hold and backup tapes are expensive to discover. If you were to have an ESI archive, and applied a backup tape recycling policy that is shorter than your ESI archive retention policy, than your backup tapes would almost never be asked for in discovery.

Finding Defendants’ Behavior “a Textbook Case of Discovery Abuse,” Court Orders $1,022,700 in Monetary Sanctions

From eDiscoverylaw.com

In this constructive transfer and fraud case arising out of the 2003 bankruptcy of Magnatrax Corporation, plaintiff alleged numerous discovery abuses on the part of defendants and sought sanctions accordingly. Among the abuses described were several allegations related to defendants’ failure to produce information stored on backup tapes, even upon being ordered to do so, and other various and related misdeeds. Calling defendants actions a “textbook case of discovery abuse,” the court found in favor of plaintiff but declined to strike defendants’ answer, as requested, and ordered defendants to pay plaintiff $1,022,700 in monetary sanctions.

In his motion for sanctions, the plaintiff established six categories of alleged discovery abuses, including the category “electronic or email discovery.” Details of the alleged discovery abuses in this category revolved around the question of defendants’ obligation to restore and produce responsive information stored on backup tapes. The question arose in light of the notable lack of email identified as responsive following defendants’ initial search of their electronic systems and in light of another party’s production of emails that should also have been produced by defendants, but were not. Defendants explained that the emails were likely stored on email backup tapes. Defendants further indicated their belief that they were not required to bear the burden and expense of restoring and searching the tapes but agreed to consider such action if plaintiff would pay.

Addressing plaintiff’s allegations surrounding the backup tapes, the court indicated its understanding of defendants’ initial refusal to produce electronic discovery from its backup tapes, but went on to condemn defendants’ subsequent behavior including their “blatant misrepresentations about the value of e-mail discovery in this case in an effort to influence the court’s ruling…and for behaving as if they, and not the court, got to decide what…was relevant…and what was not.”

Read the entire case description at eDiscoverylaw.com

Courts Smack Down Lack of Coherent Retention Policy

An interesting court decision just appeared that highlights several eDiscovery questions that I have heard in the past raised by corporate counsel. The case in question is Phillip M. Adams & Assoc., LLC v. Dell, Inc., 2009 WL 910801 (D. Utah Mar. 30, 2009) and highlights several points having to do with when notice of litigation is received, litigation hold responsibilities and records retention policies.

The first question addressed by the court was when was the defendants responsibility to start securing potentially responsive records triggered. The defendant argued that their duty to preserve started in 2005 when they received notice of litigation.  Instead, the court determined that the duty to preserve arose “in the 1999-2000 environment” in which multiple lawsuits related to the technology were ongoing. A notice of litigation does not have to be received to trigger your responsibility to preserve.

The second question that the court addressed was that of “Safe Harbor”. The defendant argued that it should find safe harbor against sanctions because of the rule providing protection against sanctions where electronically stored information is lost as the result of the “routine, good faith operation of an electronic information system.” The court disagreed, noting the absence of evidence supporting the assertion of reasonableness or good faith in ASUS’ document management and highlighting the reliance on individual employees.

The court noted: [U]tilizing a system of record-keeping which conceals rather than discloses relevant records, or makes it unduly difficult to identify or locate them, [renders] the production of the documents an excessively burdensome and costly expedition. To allow a defendant whose business generates massive records to frustrate discovery by creating an inadequate filing system, and then claiming undue burden, would defeat the purposes of the discovery rules.

Relying on employees “good faith” to do the right thing with records usually will not meet the “Safe Harbor” requirement. Many judges and attorneys now believe an archiving system that meets these requirements is a requirement for the “Safe Harbor” defense.

The third question addressed by the court was that of the defendant’s retention policies. The court noted: “An organization should have reasonable policies and procedures for managing its information and records.” [Citation omitted.] “The absence of a coherent document retention policy” is a pertinent factor to consider when evaluating sanctions. [Citation omitted.] Information management policies are not a dark or novel art. Numerous authoritative organizations have long promulgated policy guidelines for document retention and destruction.

These days there is an expectation that an organization will have a well thought out records retention policy that is put into effect to manage the information resources of the organization, not put in place to hide or destroy information.

The lessons learned from this very important case are:

1.      The litigation hold requirement can be triggered, not just by a notice of litigation but also by actions, news stories, precedent etc.

2.      Relying on a “Good Faith” manual process for ESI records retention can be a risky practice. The expectation of automation to assist or manage the records retention process  is becoming real.

3.      An organization needs to create and enforce records retention policies that make sense for the business as well as allows them to meet their legal requirements.

This case decision can be viewed at eDiscoverylaw.com: http://www.ediscoverylaw.com/2009/04/articles/case-summaries/reliance-on-employees-judgment-in-document-retention-policy-results-in-finding-of-culpability-for-spoliation-where-documents-were-not-preserved/