Know Where Your Email Goes

Posted by Gregg Mayer on Thursday, March 20th, 2008   

If the hyper-secure United States Military can make a mess out of sending email, you can bet everyday companies face the same risks.

A recent article highlighted a huge gaff from the U.S. Air Force and its use of email. The Eastern Daily Press reports that individuals in the Air Force sent hundreds of email messages – including a top secret flight plan for Air Force One – to the wrong email address of factory worker Gary Sinott.

Sinott had set up the Website www.mildenhall.com to promote his hometown. Air Force officials mistakenly sent email to that domain instead of the military site:

What began as a slow trickle of mundane messages soon escalated and hundreds of classified emails were sent from around the world to Mr Sinnott’s website after people mistook www.mildenhall.com for the military website www.mildenhall.af.mil

Mr Sinnott, who is in his mid 40s, said that when he initially reported the problem airbase officials did not appear phased. “At first their attitude was we are not worried, we are American, our security is great.”

But he said that after he informed the base that he had received information detailing the flight path to be used by the plane carrying President Bush on a visit to the region, officials went ‘mental’.

Air Force officials then took steps to block email from going to Sinott’s site. Problems with spam persisted, and eventually Sinott had to close the site down.

Although legal issues revolving around e-Discovery often focus on a company’s archiving of email and how it can be retrieved, this article offers a reminder that companies need to be wary of where email is being sent and who is sending it.

Read the entire article about Sinott and the Air Force here.

Hiding ‘Smoking Gun’ ESI Worsens Impact

Posted by Gregg Mayer on Thursday, March 20th, 2008   

As noted in a previous post , attempting to throw away damaging evidence – including trying to hide email during litigation – is never a good idea. 

For whatever reason, it always seems that evidence finds its way into the courtroom.  When it does, the consequences are worse than if the evidence had just been disclosed in the first place.

A classic example is Qantum Communications Corp. v. Star Broadcasting, Inc, a 2007 case that involved a seller of radio station who tried to hide email messages.

In this case, Quantum, a potential buyer of a radio station, had an agreement with the seller, Star Broadcasting.  This agreement provided that there would be no additional negotiations for the purchase of the station while the agreement was in effect.  This is called a “No Shop” provision.  On April 14, 2005, the seller sent a termination notice to Quantum and then sold the station to another buyer.  Expectantly, Qantum sued. 

In the course of the litigation, Qantum wanted to inspect email from Star Broadcasting.  Particularly, Qantum was looking for communications with other buyers while the “No Shop” provision was in effect. 

Star produced hundreds of documents, but no email before March 2, 2005, which Qantum thought suspicious.  Moreover, Star had produced a relevant email but failed to produce an attachment with it.  

Consequently, Qantum went to a third party to find the missing email messages.  Not only did Qantum get the email, but it found the missing attachment too.  This evidence directly contradicted Star representatives’ testimony and helped prove Qantum’s case.  It revealed apparent negotiations with another buyer.  As the court explained:

[T]his Court concludes that Defendants engaged in an unconscionable scheme calculated to interfere with the judicial system’s ability to impartially adjudicate a matter by unfairly hampering the presentation of the opposing party’s claim…

Consequently, the court sanctioned Star by entering a default judgment.  In litigation, a default judgment is the ultimate sanction because it means a court decides – not a jury – who loses. 

Granted, Star may have lost the case anyway.   The email it tried to hide was damaging to its defense.  But attempting to deceive the court guaranteed Star would lose.  Moreover, it meant Star had to pay the attorney fees for Qantum as well.  In short, the decision to hide the email proved more costly than just being honest about at the outset. 

The court’s opinion has been posted online.

CIOs Should Bring IT and Legal Together

Posted by Gregg Mayer on Wednesday, March 19th, 2008   

Lawyers seldom speak the techno-wiz language of a company’s IT staff.  The IT staff seldom speak the stuffy legalese of lawyers.  However, both IT and legal are critically important to comply with today’s e-Discovery obligations under the Federal Rules of Civil Procedure.

That is why a CIO must ensure that the IT staff and legal department work together as an e-Discovery team in order to be prepared for the increasing burdens of disclosing electronically stored information (“ESI”).

As a recent article explained, when litigation looms, the legal and IT department must work together to resolve a series of issues, beginning with what ESI needs to be saved.  Once a company reasonably anticipates litigation, then a duty to preserve relevant ESI is triggered.  The lawyers will need to work with IT to understand what and how ESI is stored.      

Given the requirements of e-discovery and the conversation needed between legal and IT, what’s the bottom line? Each team has expertise required by the other. And each team needs to focus on its core subject matter. Issues of case strategy, negotiation among claimants, and the details of e-discovery rules should lie with the legal time. Issues of information retention policies, appropriate use of automation, and how best to preserve information should lie with IT and security groups. The key steps will be to ask, listen, and continuously work together to ensure proper and cost-effective e-discovery management.

Read the entire article from SearchSecurity.Com here.

How Does A Legal Hold Impact A Document Retention Policy?

Posted by Gregg Mayer on Wednesday, March 19th, 2008   

Companies implement document retention policies to determine how long information should be stored. These policies must include electronically stored information. For example, a company may decide it wants to purge emails after 21 days, like the Maryland company Echostar’s policy. Of course, simply executing the policy is not always enough.

A key caveat to normal retention policies is to make sure they are modified to accommodate “legal holds” – a duty placed on the company to preserve relevant information once litigation is reasonably anticipated. Echostar learned that lesson the hard way.

According the Maryland federal court in Broccoli v. Echostar Communications, Echostar’s email archiving system worked like this:

Under Echostar’s extraordinary email/document retention policy, the email system automatically sends all items in a user’s “sent items” folder over seven days old to the user’s “deleted items” folder, and all items in a user’s “deleted items” folder over 14 days old are then automatically purged from the user’s “deleted items” folder. The user’s purged emails are not recorded or stored in any back up files. Thus, when 21-day-old emails are purged, they are forever unretrievable.

In January 2001, the plaintiff in Broccoli v. Echostar Communications told Echostar about his potential sexual harassment and Title VII claims. More letters and emails additionally notified Echostar of the litigation.

The plaintiff was fired in November 2001. Another letter came in December 2001 threatening litigation, and a lawsuit was filed in February 2002. Echostar did not adjust its retention policy until December 2001. This, it turned out, was wrong.

The judge explained Echostar had actual notice of the claims as early as January 2001. Echostar should have started preserving emails nearly 11 months before it did. As a result, the judge sanctioned Echostar by offering an “adverse spoliation of evidence instruction” – whatever was destroyed may be considered in the worst possible light against Echostar.

Needless to say, Echostar lost the case.

Retention policies are a necessary part of business.  Just as necessary is a company’s ability to modify a retention policy whenever litigation is reasonably anticipated.

Read more about the Echostar case in this news article.

From ‘Qwerty’ Email To 170 Billion Email Messages A Day

Posted by Gregg Mayer on Tuesday, March 18th, 2008   

Email was invented in 1971. The first message said something like “Qwerty,” according to Ray Tomlinson, the inventor who never imagined email would grow as rapidly as it has.

One problem he had with the first e-mail program was finding a way to separate the person to whom one was addressing a message from the computer or network they were using – which he solved with the symbol @.

It could just as easily have been a square bracket or even a comma that would come to be typed in every e-mail address, “but they were already being used, and of the characters that were left, @ was best. Plus it conveyed a sense of place, which seemed to suit.”

It took another 20 years – until the advent of the world wide web in the early nineties - before e-mail became widespread, but Mr. Tomlinson said that the basic characteristics of most modern e-mail programs – commands for deleting, replying and forwarding, and folders – were in place back then. “They’ve just become a lot bigger and bulkier nowadays.”

Read the rest of Tomlinson’s recent interview with TimesOnline here.

Temporary ESI Automatically Deleted From Cache Files Did Not Result In Spoliation

Posted by Gregg Mayer on Tuesday, March 18th, 2008   

When a law firm was sued and later accused of spoliation of electronically stored information (“ESI”), the question arose as to whether parties had to a duty to preserve  locally stored cache files on recently used Web pages when litigation is reasonably anticipated?

In this case, Healthcare Advocates, Inc. v. Harding, Farley, Follmer & Frailey, the answer was no: the images temporarily stored in the cache files did not have to be preserved.

It helps to have a brief background of the complicated fact scenario to understand how this lawsuit came about.

Initially, Healthcare Advocates, a patient advocacy organization, sued a competitor for trademark infringement. The Harding law firm represented that competitor.

During the discovery of that lawsuit, lawyers with the Harding firm viewed archived screenshots of the Healthcare Advocates Website using an internet tool that allowed them to see prior versions of the Website.

The Harding firm printed copies of the screenshots and used those images in the litigation between Healthcare Advocates and its competitor.

Healthcare Advocates then sued the Harding law firm alleging the firm hacked into the Healthcare Advocates Website to view protected material. Consequently, by allegedly hacking into the Website and printing screenshots, Healthcare Advocates argued the law firm committed copyright infringement.

In response, the law firm claimed it used a publicly available Website that permitted users to search screenshots of archived Websites. In short, there was no copyright infringement.

Specific to e-Discovery, Healthcare Advocates argued for a spoliation sanction against the law firm for failing to save the internet data temporarily stored in cache files. Generally, cache files are a temporary storage area for frequently accessed data. When a computer accesses a web page, it sometimes stores a copy of the page in its cache.

Healthcare Advocates argues that the images were involuntarily saved in temporary files on the Harding firm’s computers. Thus, the firm’s duty to preserve extended to these temporary files. Since the files are lost, [Healthcare Advocates] alleges that the Harding firm failed to fulfill their duty to preserve. Healthcare Advocates believes that if these temporary cache files had been preserved, they would have been able to determine if the Harding firm used the archived images for any purpose other than what has been alleged or admitted.

Without dispute, the law firm made no effort to preserve the temporary ESI in the cache files. However, the court rejected Healthcare Advocates’ argument:

What the Harding firm should have anticipated was that the images they copied would be relevant, which they did and saved accordingly…The Harding firm had no reason to anticipate that using a public website to view images of another public website would subject them to a civil lawsuit containing allegations of hacking.

Moreover, even though Healthcare Advocates’ attorney had sent a letter to the law firm demanding that nothing be deleted or altered on the firm’s computers, the letter “said nothing about preserving the temporary cache files on these computers,” the court wrote.

Ultimately, the cache files were deleted from the Harding firm’s computers. However, no evidence has been presented showing that the Harding firm was responsible for erasing them. The files were deleted automatically…The cache files may have been emptied dozens of times before the request for production was made…The most important fact regarding the lost evidence is that the Harding firm did not affirmatively destroy the evidence…Very little fault can be attributed to the Harding firm for the loss of these temporary cache files.

Consequently, the court refused to impose sanctions, and ultimately dismissed the lawsuit against the law firm.

Although the facts in this case favored the law firm, as technology changes, and as opinions about what should be preserved change with it, then whether temporary cache files may also be included in litigation holds remains open for debate.

New Book Offers Basics For A Retention Policy

Posted by Gregg Mayer on Monday, March 17th, 2008   

With the increasing business use of electronically stored information (“ESI”), coupled with the burdens of regulatory compliance and e-Discovery under the Federal Rules of Civil Procedure, CIOs are tasked with crafting effective retention policies for ESI.

A newly released book – designed for law students and lawyers, but offering some practical information for CIOs as well – addresses a whole host ESI issues, including the drafting of a retention policy.

According to New Directions: Social Networks, Blogs, Privacy, Mash-Ups, Virtual Worlds and Open Source (PLI, $199), here are some basic foundations that retention policies should take into account:

(1) state the good faith purpose for its implementation;
(2) designate a person responsible for oversight and implementation, usually within each business unit;
(3) ensure that documents necessary to preserve the entity’s organizational knowledge are preserved and categorized so that they can be retried when needed;
(4) divide each type of document for file into categories and then assign a retention period for each;
(5) comply with statutory or regulatory requirements to retain specific categories of documents;
(6) ensure that the documents necessary to support the entity’s legal position in the event of possible litigation are preserved;
(7) avoid improper destruction or alteration of documents if litigation or a governmental investigation ensues; and
(8) provide for procedures to suspend the policy due to potential investigation/litigation

Of course, all retention policies vary depending on the size of a company and the type of work it does. CIOs should work closely with their legal department and IT staff to ensure a retention policy meets all of the company’s needs.

Just as important as drafting a policy is its implementation. CIOs must make sure their companies are fully following the policy or it will prove of little value if legal trouble ensues.

To check out the table of contents for New Directions, and to order one, visit the PLI site here.

Companies Planning To Sue Have Duty To Preserve ESI

Posted by Gregg Mayer on Monday, March 17th, 2008   

Litigation holds , or the duty to preserve, are often discussed in the context of a company that has been sued, triggering a duty to preserve relevant evidence.

However, the duty to preserve evidence applies to both sides of litigation. When a company reasonably anticipates it is about to sue another party, then that company has a duty to preserve relevant electronically stored information (“ESI”) and other evidence. This duty is illustrated by the case of Samsung Electronics Co. v. Rambus Inc., one of several lawsuits involving Rambus.

In this case, Rambus filed a patent infringement lawsuit against Samsung. Samsung quickly filed its own declaratory judgment action against Rambus in a different court. Basically, a declaratory judgment action asks a court to declare a party’s legal rights.  Samsung asked the court to rule that Samsung did not infringe on Rambus’ patents.

As part of the declaratory judgment litigation, Samsung requested the court enter spoliation sanctions against Rambus for destroying ESI and other evidence.

Samsung argued that Rambus’ document retention policy – including so-called “shred days” – destroyed relevant evidence in 1998, 1999 and 2000. Samsung argued that Rambus should have modified its retention policy by 1998 since Rambus reasonably anticipated a lawsuit with Samsung at that time. The court noted Rambus destroyed millions of pages of documents.

The court explained:

[T]he record clearly establishes that Rambus’ document retention policy actually targeted discoverable documents, including email messages, files on individual computers, network servers or floppy disks, corporate databases, backup tapes, system records and logs, and computers and disks.…

A number of Rambus’ witnesses testified that the reason for adopting the document retention policy was to get rid of discoverable documents. Of particular concern were emails which were described as potentially quite harmful in litigation. Accordingly, email backup tapes were eliminated and employees were told to purge their own individual email files unless it was necessary to keep an email for some purpose and then it should be saved to a particular file or reduced to hard copy.

Rambus countered that it destroyed the documents as part of its routine retention policy. As a result, even if the ESI would have been relevant to future litigation with Samsung, at the time it was destroyed there was no pending lawsuit with Samsung.

The court rejected Rambus’ argument. Since Rambus did reasonably anticipate litigation with Samsung, the court said Rambus had a duty to preserve the ESI.

[A] company can modify its policy to preserve documents reasonably thought relevant to the actual or anticipated litigation. To accomplish that, however, the company must inform its officers and employees of the actual or anticipated litigation, and identify for them the kinds of documents that are thought to be relevant to it. Other mechanisms, such as collecting the relevant documents and segregating them, may accomplish the same result.

Consequently, Rambus was found to be a spoliator, generally the worst thing that can happy to a party in a lawsuit. (In this case, Rambus had already dropped its claims against Samsung by the time the spoliation hearing before the court, so all that Samsung could seek were attorney fees, which were denied for reasons unrelated to the spoliation.)

CIOs and their e-Discovery teams need to know that if a company is planning a lawsuit, then the same duty to preserve ESI applies. It is improper to destroy relevant ESI once a company reasonably anticipates litigation, regardless of whether the company is being sued or is planning to sue.

AMD v. Intel Part One: A Look At The ‘Largest Electronic Production In History’

Posted by Gregg Mayer on Friday, March 14th, 2008   

Introduction 

AMD v. Intel is one of the best known e-Discovery cases currently underway. Here is a quick summary of the case so far: AMD sued Intel in 2005 for antitrust violations, Intel destroyed or lost email that it was supposed to save under a litigation hold, Intel is going through a remediation plan to restore the email (although it could still face sanctions from the court), and now the New York Attorney General is exploring antitrust violations against Intel.

It’s a nasty case.

From an e-Discovery perspective, AMD v. Intel illustrates how costly it can be for big companies to implement massive legal holds across hundreds – if not thousands – of employees. Millions of email messages pass through large companies every day. Sorting through the email during litigation, preserving email that should be preserved, is a monumental task. The breadth of the ESI is simply staggering.

One of the lawyers involved in the AMD v. Intel litigation in Delaware said the case could involve “the largest electronic production in history or maybe this will be the case that proves you can’t do it,” according to the Remediation Plan filed by Intel in 2007.

In a three-part series of posts, CIOLaw.org, using court filings in this case, will look at the efforts made by Intel to preserve its millions of email messages, what mistakes were made, and how Intel has proposed to remediate the problem.

The court approved Intel’s Remediation Plan on October 22, 2007. However, AMD may still move for sanctions – including a spoliation finding – after the remediation is complete. AMD has already said Intel has not been forthright about the amount of data lost.

It is unlikely Intel can restore every lost message. A spoliation finding – such as an adverse inference instruction to the jury – could be terrible for Intel. Recall Zubulake v. UBS Warburg, a landmark e-Discovery case in which a spoliation finding propelled the jury to award $29 million in damages against UBS. The case forewarns that millions – if not billions – could be lost for spoliation.

Trial in AMD v. Intel is set for April 2009.

Part One: Intel’s Implementation Of Its Litigation Hold

AMD filed its lawsuit June 27, 2005. Intel says it began implementation of its legal hold on June 28.

A litigation hold is a duty placed upon a company to preserve all relevant information, including the all of the email passing in and out of the company.

In 2005, Intel had 100,000 employees working at 124 Intel facilities. They were spread over 57 countries. For IT, Intel maintained 79 IT sites in 27 different countries. Intel employed 9,500 IT professionals.

Intel estimated the company generated as many as 4.6 million email messages per day.

Once a litigation hold was in place, Intel was tasked with retaining all of the email and other ESI related to the litigation.

AMD argues all Intel had to do was turn off its auto-delete policy and the emails would have been retained. On the other hand, Intel argues that it did have a workable retention policy, and the policy was not the problem. Fully implemented, the policy would have worked, according to Intel. The problem was “human error,” according to Intel.

Here’s a list of what the company did to preserve email after the complaint was filed June 27, 2005:

The day after the complaint was filed, Intel began to preserve a company-wide snapshot of email and other electronic documents stored on Intel’s servers as of the week the complaint was filed (“Complaint Freeze Tapes”).

Two days after the complaint was filed, Intel sent a hold notice bulletin to 4,000 Sales and Marketing Group employees with instructions to retain documents related to competition with AMD and competition concerning the sale of CPUs generally.

Four days after the complaint was filed, Intel distributed a more detailed litigation hold notice to 629 employees, and has now provided such notices to approximately 1,500 employees.

Within days of the filing of the complaint, Intel began collecting the electronic and hard copy documents from certain employees – and has now collected materials from hundreds of its employees.

In the Fall of 2005, Intel began a process of preserving, on a weekly basis, the backup tapes containing emails of employees identified as having potential relevance to the lawsuit (“Weekly Backup Tapes”). These tapes were not the primary preservation method, but as a mechanism to fall back on in the event documents could not be obtained directly from the individual employees who originally generated or received the emails.

More recently, as an additional layer of backup, Intel purchased and implemented a new email archive system designed to capture and preserve automatically all incoming and outgoing email messages of currently employed custodians who have been identified on Intel’s Custodian List.

As noted in Intel’s court filing, the company sent a “detailed litigation hold notice” on July 1, 2005 to 629 employees. These employees were determined to have specific information that could be relevant to the litigation.

By August 2005, approximately 848 individuals had received retention notices. Over the next two years, Intel continued to send more retention notices and the list grew to approximately 1,500 employees. Paralegals were dispatched to offices in foreign countries to help retain email.

As a result, Intel claimed its efforts preserved “hundreds of millions of pages of e-mails and other electronic materials.”

On the flip side, Intel’s “lapse” in its retention policy, as the company calls it, resulted in Intel’s acknowledgment in March 2007 that email messages were lost. AMD called it a “stunning public admission.” AMD argues:

By any measure, Intel has allowed an immense loss of relevant evidence to occur during the course of this litigation…These were not the common accidental and inconsequential losses of electronic evidence that often occur in litigation…Rather, they are losses of a nature and scope as to call into question Intel’s entire document preservation scheme.”

No dispute exists that Intel’s efforts failed to preserve all of the email. According to Intel, here are some of the hurdles they faced from the outset:

Intel not only had to save relevant historical information relating to AMD’s allegations (which it did with the Complaint Freeze Tapes and the prompt hard drive harvesting), but it had to retain an enormous volume of electronic material generated by hundreds of Intel employees on a forward-going basis;

The number of custodians required to retain documents on a going forward basis was enormous, the relevant document requests numbered in the hundreds, and it was clear from the outset that most of the those custodians would never have to produce documents for the case;

Intel had to keep documents for custodians spread across six different continents;

Shortly after this litigation began, Intel, in an effort to cut costs as a result of the fierce competition in the semiconductor market, carried out a significant reduction in work force; many of its layoffs hit sales, marketing and information technology, and that made the job of document retention more complex;

This was a case of unprecedented proportions, for which Intel had to develop practical solutions as it went along; and

This effort had to be made in the context of rapidly evolving legal and technical standards and solutions

Intel was unable to implement a 100-percent effective litigation hold. Significant email was destroyed or lost.

Although nothing is certain, spoliation sanctions are still possible at a future point in the litigation.

NEXT FRIDAY: Part Two - What Mistakes Were Made And How Much Was Lost

Lacking Ability To Search ESI Does Not Preclude Court Requiring Disclosure

Posted by Gregg Mayer on Friday, March 14th, 2008   

Regardless of a company’s in-house capabilities, courts expect parties in litigation to have the ability to retrieve and disclose electronically stored information (”ESI”) when it is needed for litigation.  

In Kelly v. Montgomery Lynch & Associates, Inc., a lawsuit in Ohio, James Kelly sued Montgomery Lynch under various debt collection acts.

As part of the lawsuit, Kelly requested that Montgomery Lynch search its ESI and determine how many other individuals received the same letter of collection sent to Kelly.

Montgomery Lynch argued it lacked the technological capabilities for a search of that size:

Defendant claims that the discovery request is unduly burdensome because the Defendant’s filing system is not maintained in a searchable way and the information sought would require “manually searching through hundreds of thousands of records.”

Dismissing this argument, the court concluded in its December 2007 opinion that Montgomery Lynch had to retrieve the ESI regardless of its in-house search capabilities:

Even if [Kelly’s] discovery requests pose a burden on the Defendant, this Court finds that the importance of the issues involved outweighs any claim of inconvenience or cost.

Consequently, Montgomery Lynch would have to pay the added costs for a manual search.

« Previous Entries Next Entries »