Know Where Your Email Goes

Posted by Gregg Mayer on Thursday, March 20th, 2008   

If the hyper-secure United States Military can make a mess out of sending email, you can bet everyday companies face the same risks.

A recent article highlighted a huge gaff from the U.S. Air Force and its use of email. The Eastern Daily Press reports that individuals in the Air Force sent hundreds of email messages – including a top secret flight plan for Air Force One – to the wrong email address of factory worker Gary Sinott.

Sinott had set up the Website www.mildenhall.com to promote his hometown. Air Force officials mistakenly sent email to that domain instead of the military site:

What began as a slow trickle of mundane messages soon escalated and hundreds of classified emails were sent from around the world to Mr Sinnott’s website after people mistook www.mildenhall.com for the military website www.mildenhall.af.mil

Mr Sinnott, who is in his mid 40s, said that when he initially reported the problem airbase officials did not appear phased. “At first their attitude was we are not worried, we are American, our security is great.”

But he said that after he informed the base that he had received information detailing the flight path to be used by the plane carrying President Bush on a visit to the region, officials went ‘mental’.

Air Force officials then took steps to block email from going to Sinott’s site. Problems with spam persisted, and eventually Sinott had to close the site down.

Although legal issues revolving around e-Discovery often focus on a company’s archiving of email and how it can be retrieved, this article offers a reminder that companies need to be wary of where email is being sent and who is sending it.

Read the entire article about Sinott and the Air Force here.

CIOs Should Bring IT and Legal Together

Posted by Gregg Mayer on Wednesday, March 19th, 2008   

Lawyers seldom speak the techno-wiz language of a company’s IT staff.  The IT staff seldom speak the stuffy legalese of lawyers.  However, both IT and legal are critically important to comply with today’s e-Discovery obligations under the Federal Rules of Civil Procedure.

That is why a CIO must ensure that the IT staff and legal department work together as an e-Discovery team in order to be prepared for the increasing burdens of disclosing electronically stored information (“ESI”).

As a recent article explained, when litigation looms, the legal and IT department must work together to resolve a series of issues, beginning with what ESI needs to be saved.  Once a company reasonably anticipates litigation, then a duty to preserve relevant ESI is triggered.  The lawyers will need to work with IT to understand what and how ESI is stored.      

Given the requirements of e-discovery and the conversation needed between legal and IT, what’s the bottom line? Each team has expertise required by the other. And each team needs to focus on its core subject matter. Issues of case strategy, negotiation among claimants, and the details of e-discovery rules should lie with the legal time. Issues of information retention policies, appropriate use of automation, and how best to preserve information should lie with IT and security groups. The key steps will be to ask, listen, and continuously work together to ensure proper and cost-effective e-discovery management.

Read the entire article from SearchSecurity.Com here.

From ‘Qwerty’ Email To 170 Billion Email Messages A Day

Posted by Gregg Mayer on Tuesday, March 18th, 2008   

Email was invented in 1971. The first message said something like “Qwerty,” according to Ray Tomlinson, the inventor who never imagined email would grow as rapidly as it has.

One problem he had with the first e-mail program was finding a way to separate the person to whom one was addressing a message from the computer or network they were using – which he solved with the symbol @.

It could just as easily have been a square bracket or even a comma that would come to be typed in every e-mail address, “but they were already being used, and of the characters that were left, @ was best. Plus it conveyed a sense of place, which seemed to suit.”

It took another 20 years – until the advent of the world wide web in the early nineties - before e-mail became widespread, but Mr. Tomlinson said that the basic characteristics of most modern e-mail programs – commands for deleting, replying and forwarding, and folders – were in place back then. “They’ve just become a lot bigger and bulkier nowadays.”

Read the rest of Tomlinson’s recent interview with TimesOnline here.

Costs of Email

Posted by Gregg Mayer on Thursday, March 13th, 2008   

Here’s a great article from the BBC that poses one of the great philosophical questions of our time: is email ruining your life?

A recent study found one-third of office workers suffer from e-mail stress.
And it is expensive, too. One FTSE firm estimated that dealing with pointless e-mails cost it £39m a year.

I know next to nothing about currency exchange rates, but my quick Internet-assisted calculation reports that £39m would be about $77 million. Ouch. Not to mention the 52 hours a year we waste on junk email.  Read the rest of the article here. 

Mr./Mrs. President, How Will You Archive?

Posted by Gregg Mayer on Wednesday, March 12th, 2008   

Here’s something you don’t hear a lot of clamoring about in the musty caucus hallways: which candidate will implement a comprehensive email policy?  Maybe we should hear more about it.

A recent article in The Seattle Times took on this very issue:

I know the three remaining candidates are busy addressing the really important questions. But sometime before the fall, they will need to tell us how they will develop a comprehensive e-mail archive and backup system that will allow easy search and retrieval of future public records.
As a bonus, they can tell us they believe in technology’s ability to make tasks easier and are comfortable in its use.

Read the rest of the article here.

CIOs, In-House Counsel Have Lessons To Learn From Qualcomm As Well

Posted by Gregg Mayer on Monday, March 10th, 2008   

Much of the blogosphere and legal discussions about the recent e-Discovery sanctions against Qualcomm focus on the amount of the sanction - $8.5 million – and the problems with six outside lawyers retained by the company.  Just last week, the district court lifted sanctions against those six outside lawyers to allow them the opportunity to fully defend themselves, although the sanctions against Qualcomm and its in-house team stand. 

In fact, the court in sanctioning Qualcomm made a specific point of noting that Qualcomm had an extensive in-house legal staff but the company simply “lacked the desire” to properly conduct e-Discovery.  The court listed the in-house failures:

Qualcomm employees were integral participants in hiding documents and making false statements to the court and jury. Qualcomm’s in-house lawyers were in the unique position of (a) having unlimited access to all Qualcomm employees, as well as the emails and documents maintained, possessed and used by them, (b) knowing or being able to determine all of the computers and databases that were searched and the search terms that were utilized, and (c) having the ability to review all of the pleadings filed on Qualcomm’s behalf which did (or should have) alerted them to the fact that either the document search was inadequate or they were knowingly not producing tens of thousands of relevant and requested documents.

As part of the sanctions, the Qualcomm in-house counsel have to participate in a court-ordered detailed analysis to identify all of the factors that contributed to the discovery problems, as well as evaluating proposals to ensure those problems do not happen again. The analysis program is known as CREDO (“Case Review and Enforcement of Discovery Obligations”).

As Qualcomm illustrates, in-house lawyers have a distinct responsibility to ensure companies comply with e-Discovery, even if outside counsel have been retained. The Qualcomm court explained that in-house lawyers are in the best position to understand a company’s organizational structure, know the extent of archived email and other ESI, and know the employees whose computers should be searched. In-house lawyers are simply better positioned to understand e-Discovery issues than any other lawyers involved in litigation.

Consequently, in-house lawyers should work with IT staff to understand how a company archives email and other ESI. CIOs should help spearhead this effort. Ignoring the e-Discovery implications of improper ESI disclosures is far more costly than investing in detailed e-Discovery management before a lawsuit ever happens.

Missouri Governor Wants $540,000 To Turn Over Email

Posted by Gregg Mayer on Friday, March 7th, 2008   

Taxpayers in the state of Missouri are learning first-hand how costly and time-consuming disputes involving email can be:

Last September, Blunt’s aides set off a furor when they acknowledged they were routinely destroying e-mails and did not consider them to be public records.

But state law says government e-mails can be public records and that some must be preserved for as long as three years. Blunt has since acknowledged that some e-mails are public records.

After Eckersley’s allegations surfaced, Nixon appointed the independent investigative team last November.

In a letter obtained this week by the Post-Dispatch, Holstein told the investigative team that it must pay $540,940 to obtain e-mail records from the governor’s office.

Holstein wrote that the team’s 45 open-records requests for specified e-mail communications in Blunt’s office will require 14,620 hours of staff time.

Moreover, the governor approved hiring outside attorneys – at a cost up to $370 per hour – to defend in him a lawsuit related to the email mess. Read the full story in The St. Louis Post-Dispatch here.

Employee Who Refused To Destroy ESI May Proceed With Lawsuit Against Wal-Mart

Posted by Gregg Mayer on Friday, March 7th, 2008   

In a whistle-blower lawsuit in Arkansas, a former employee of Wal-Mart who refused to destroy paper copies of digitized documents – hard copies of electronically stored information (“ESI”) – recently received court approval to go forward with her lawsuit.

The plaintiff, Rita Miles, alleges Wal-Mart bosses and co-workers retaliated against her when she refused to destroy ESI-related documents after Wal-Mart was served with a subpoena in a criminal investigation.

According to the January 25, 2008 court opinion:

On May 24, 2005, Wal-Mart attorney Robert DeMoss sent an email to each member of the Wal-Mart Labor Relations Department instructing them to preserve all documents responsive to the grand jury subpoena. However, some 15 minutes later, a meeting was called in the library, where Plaintiff’s project team was instructed to place paper copies of digitized documents in a tub for shredding. Plaintiff refused to destroy documents that might be subject to the subpoena.

Rita Miles alleges she was treated with hostility by her supervisors and co-workers after she refused to destroy the documents. The court agreed to let her lawsuit move ahead despite Wal-Mart’s arguments that no genuine issue of material fact exists.

This lawsuit is far from over, but it offers an easy lesson: do not instruct employees to destroy documents – including ESI – when subpoenaed for that information. Moreoever, destroying ESI can lead to spoliation sanctions during litigation, or even a default judgment.

If you are curious about the related criminal investigation into Wal-Mart, read about the Wal-Mart executive who pleaded guilty in the case, as well as more about Rita Miles, here.

ESI Disclosures May Include Cell Phone Images

Posted by Gregg Mayer on Thursday, March 6th, 2008   

In an employment harassment lawsuit in Washington D.C., the court ordered the photographic images on an employee’s cell phone be preserved so the opposing attorney could inspect them.

As this case demonstrates, disclosures in the world of e-Discovery may reach beyond just desktop and laptop computers.

The case, Smith v. Café Asia, involved an employee suing the company for harassment based on the employee’s sexual orientation. The employee alleged he was taunted by kitchen staff, physically harassed, and that management was complicit in the harassment.

The restaurant countered that the employee instigated and invited the attention. Specifically, the restaurant argued the employee showed the staff explicit photographs of himself on his cell phone.

The employee conceded his phone had personal photos, but denied sharing them with the staff.

The judge ordered the photographs preserved. Moreover, the judge ordered that one of the restaurant’s attorney’s be allowed to inspect those photographs to prepare for arguments over admissibility of photographs at trial.

Although this case’s holding is limited to its facts, it demonstrates that ESI may find its way into the most unlikely places, including employee cell phones. Consequently, if the ESI may be relevant to the litigation, no matter where it is, a court may order it preserved.

Read another analysis, along with the court opinion, here.

Choosing Keywords For ESI Disclosures

Posted by Gregg Mayer on Wednesday, March 5th, 2008   

When retrieving electronically stored information (“ESI”) for litigation, parties often rely on keyword searches to identify relevant email and other ESI needed to be disclosed. Choosing just the right words can be tricky, as a recent article explains:

Lawyers, and their clients, may have different goals in mind when developing keyword searches. A requesting party may want to force the opponent to produce a massive amount of data, making the litigation more expensive and increasing the likelihood of settlement. Conversely, a producing party may want to produce massive amounts of data in a difficult form to review, so that the opponent may overlook damaging evidence.

Alternatively, one or both parties may want to locate and produce only the most relevant information, avoiding the need to review large quantities of irrelevant data for privilege, relevancy, and etcetera. Or the parties may not think much about it, with the requesting party asking for search terms developed in an informal brainstorming session and the responding party just looking for whatever the opponent seeks. When the parties disagree about whether a search is sufficiently broad, too narrow, or too expensive to implement, a Magistrate or Judge must decide.

The article notes that the recent decision of United States v. O’Keefe (discussed earlier on CIOLaw.org here ) explains that expert testimony may be needed in the future to determine whether adequate keyword search terms were used in finding ESI to disclose.

Read the rest of the article from Wisconsin Technology Network here.

« Previous Entries Next Entries »