New E-world Replaces Musty Boxes in Basement

Posted by Gregg Mayer on Friday, March 21st, 2008   

“Electrons have replaced ink and paper,” according to an article in The Journal of Legal Technology Risk Management.

Archiving in the past meant “moving around dusty boxes of paper in the basement.”  Today, it means the dynamic world of storing email and other electronically stored information (“ESI”).

Increasingly, regulations and litigation are forcing companies to take stronger and broader strides in ensuring retention programs are up to date and effective. As the article explains:

New regulations, such as Sarbanes-Oxley and the December 2006 revisions to the United States’ Federal Rules of Civil Procedure have made the need for archiving electronic information in a manner that makes the information retrievable without crippling the enterprise more urgent. A fully functional enterprise archiving system is no longer “nice to have,” but should be now a “must have” for all business enterprises, particularly those in highly regulated environments such as the financial or healthcare industries. Unfortunately for business, most enterprises have no such system; those that do often find the employees not following the rules. Without such an implemented system, the enterprise must spend massive amounts of time and money finding documents that may be kept in backup media because the enterprise does not have useful archives, or that may be kept on CDs or DVDs tossed in some employees’ desk drawers.

The article offers 13 tips to consider when developing an archiving system. Here are the first three:

1. Understand that archiving is a long term project that sheds a whole new light on needs and may test all existing technological knowledge and assumptions, requiring constant monitoring and revising;

2. Assess the enterprise’s current electronic policies and define or redefine processes and procedures to account for worldwide regulation affecting the enterprise;

3. Assess the total document repository size in terms of the number of individual documents rather than in storage capacity, which is a misleading metric since the number of documents not their size defines scale;

Read the entire article from The Journal Of Legal Technology Risk Management here. 

AMD v. Intel Part Two: The Mistakes Made And The Data Lost

Posted by Gregg Mayer on Friday, March 21st, 2008   

In Part I, we explored the obstacles Intel faced in implementing a massive legal hold.  In this part, we discuss the mistakes made and the data lost as a result of failing to implement a 100-percent effect legal hold across the company.

In this Part II, we explore the mistakes Intel made in trying to implement its legal hold.  Intel blames various mistakes made by individuals - such as failing to notify specific employees about the hold.  

Humans – not the policy – were the problem when Intel discovered it lost thousands of email messages, according to Intel.

These human errors were “misunderstandings or errors by individual employees, with ongoing day to day business responsibilities, working diligently to carry out the complex and unprecedented scope of preservation obligations in this case,” according to the company. It was not an intentional effort to delete email to prevent AMD from seeing them, according to Intel.

Of course, human errors or not, failing to preserve email when a litigation hold is in place will be costly. The party will either wind up paying to restore backup tapes – as Intel is having to do – or worse, the judge will order an adverse inference instruction, possibly even ordering a default judgment. An adverse instruction or other court-ordered sanction is still possible here.

So how much and what email was lost in Intel’s case?

Here’s a breakdown of what Intel acknowledges:

The first problem: Several custodians identified by Intel failed to properly save email messages as they were supposed to do. Some of those individuals failed to archive “sent” items from their email. Others failed to archive email for the period of time required. Still others failed to archive all of the proper email messages. Adding to the troubles, some of the custodians had computer crashes or other technical problems that caused a loss of data.
Consequently, these individual losses resulted in lost email.

The second problem: Some of the “custodians” were not told about the litigation hold by the company’s in-house counsel. This occurred for “newly selected” custodians as the list of custodians evolved. As a result, about 378 employees did not get word of the notice until February and March of 2007.

The third problem: Departed employees. According to Intel, 73 employees left and Intel only captured the hard drives for 60 of them. Thirteen were missed.

Backup sources exist for some of these lost email messages, but it will cost Intel millions to retrieve. Moreover, it appears at least some of the data may be lost forever.

AMD summarizes Intel’s losses as:

(C)ombined with the reckless decision to leave its auto-delete system running after this litigation began, one of Intel’s most fundamental ‘lapses’ was its failure to notify hundreds of its Custodians of their obligation to preserve evidence. All told, 378 of Intel’s Custodians, or 37% of the individuals on its Custodian List, received no evidence preservation instructions until late February or early March 2007 – twenty-one months after AMD and the Class commenced suit – or, in the case of employees who left Intel in the interim, not at all.

Intel has started taking steps to retrieve the data that it can. Without question, it will be expensive.

NEXT FRIDAY: Part Three - Intel’s proposed remedial measures and its cost

Know Where Your Email Goes

Posted by Gregg Mayer on Thursday, March 20th, 2008   

If the hyper-secure United States Military can make a mess out of sending email, you can bet everyday companies face the same risks.

A recent article highlighted a huge gaff from the U.S. Air Force and its use of email. The Eastern Daily Press reports that individuals in the Air Force sent hundreds of email messages – including a top secret flight plan for Air Force One – to the wrong email address of factory worker Gary Sinott.

Sinott had set up the Website www.mildenhall.com to promote his hometown. Air Force officials mistakenly sent email to that domain instead of the military site:

What began as a slow trickle of mundane messages soon escalated and hundreds of classified emails were sent from around the world to Mr Sinnott’s website after people mistook www.mildenhall.com for the military website www.mildenhall.af.mil

Mr Sinnott, who is in his mid 40s, said that when he initially reported the problem airbase officials did not appear phased. “At first their attitude was we are not worried, we are American, our security is great.”

But he said that after he informed the base that he had received information detailing the flight path to be used by the plane carrying President Bush on a visit to the region, officials went ‘mental’.

Air Force officials then took steps to block email from going to Sinott’s site. Problems with spam persisted, and eventually Sinott had to close the site down.

Although legal issues revolving around e-Discovery often focus on a company’s archiving of email and how it can be retrieved, this article offers a reminder that companies need to be wary of where email is being sent and who is sending it.

Read the entire article about Sinott and the Air Force here.

Hiding ‘Smoking Gun’ ESI Worsens Impact

Posted by Gregg Mayer on Thursday, March 20th, 2008   

As noted in a previous post , attempting to throw away damaging evidence – including trying to hide email during litigation – is never a good idea. 

For whatever reason, it always seems that evidence finds its way into the courtroom.  When it does, the consequences are worse than if the evidence had just been disclosed in the first place.

A classic example is Qantum Communications Corp. v. Star Broadcasting, Inc, a 2007 case that involved a seller of radio station who tried to hide email messages.

In this case, Quantum, a potential buyer of a radio station, had an agreement with the seller, Star Broadcasting.  This agreement provided that there would be no additional negotiations for the purchase of the station while the agreement was in effect.  This is called a “No Shop” provision.  On April 14, 2005, the seller sent a termination notice to Quantum and then sold the station to another buyer.  Expectantly, Qantum sued. 

In the course of the litigation, Qantum wanted to inspect email from Star Broadcasting.  Particularly, Qantum was looking for communications with other buyers while the “No Shop” provision was in effect. 

Star produced hundreds of documents, but no email before March 2, 2005, which Qantum thought suspicious.  Moreover, Star had produced a relevant email but failed to produce an attachment with it.  

Consequently, Qantum went to a third party to find the missing email messages.  Not only did Qantum get the email, but it found the missing attachment too.  This evidence directly contradicted Star representatives’ testimony and helped prove Qantum’s case.  It revealed apparent negotiations with another buyer.  As the court explained:

[T]his Court concludes that Defendants engaged in an unconscionable scheme calculated to interfere with the judicial system’s ability to impartially adjudicate a matter by unfairly hampering the presentation of the opposing party’s claim…

Consequently, the court sanctioned Star by entering a default judgment.  In litigation, a default judgment is the ultimate sanction because it means a court decides – not a jury – who loses. 

Granted, Star may have lost the case anyway.   The email it tried to hide was damaging to its defense.  But attempting to deceive the court guaranteed Star would lose.  Moreover, it meant Star had to pay the attorney fees for Qantum as well.  In short, the decision to hide the email proved more costly than just being honest about at the outset. 

The court’s opinion has been posted online.

CIOs Should Bring IT and Legal Together

Posted by Gregg Mayer on Wednesday, March 19th, 2008   

Lawyers seldom speak the techno-wiz language of a company’s IT staff.  The IT staff seldom speak the stuffy legalese of lawyers.  However, both IT and legal are critically important to comply with today’s e-Discovery obligations under the Federal Rules of Civil Procedure.

That is why a CIO must ensure that the IT staff and legal department work together as an e-Discovery team in order to be prepared for the increasing burdens of disclosing electronically stored information (“ESI”).

As a recent article explained, when litigation looms, the legal and IT department must work together to resolve a series of issues, beginning with what ESI needs to be saved.  Once a company reasonably anticipates litigation, then a duty to preserve relevant ESI is triggered.  The lawyers will need to work with IT to understand what and how ESI is stored.      

Given the requirements of e-discovery and the conversation needed between legal and IT, what’s the bottom line? Each team has expertise required by the other. And each team needs to focus on its core subject matter. Issues of case strategy, negotiation among claimants, and the details of e-discovery rules should lie with the legal time. Issues of information retention policies, appropriate use of automation, and how best to preserve information should lie with IT and security groups. The key steps will be to ask, listen, and continuously work together to ensure proper and cost-effective e-discovery management.

Read the entire article from SearchSecurity.Com here.

How Does A Legal Hold Impact A Document Retention Policy?

Posted by Gregg Mayer on Wednesday, March 19th, 2008   

Companies implement document retention policies to determine how long information should be stored. These policies must include electronically stored information. For example, a company may decide it wants to purge emails after 21 days, like the Maryland company Echostar’s policy. Of course, simply executing the policy is not always enough.

A key caveat to normal retention policies is to make sure they are modified to accommodate “legal holds” – a duty placed on the company to preserve relevant information once litigation is reasonably anticipated. Echostar learned that lesson the hard way.

According the Maryland federal court in Broccoli v. Echostar Communications, Echostar’s email archiving system worked like this:

Under Echostar’s extraordinary email/document retention policy, the email system automatically sends all items in a user’s “sent items” folder over seven days old to the user’s “deleted items” folder, and all items in a user’s “deleted items” folder over 14 days old are then automatically purged from the user’s “deleted items” folder. The user’s purged emails are not recorded or stored in any back up files. Thus, when 21-day-old emails are purged, they are forever unretrievable.

In January 2001, the plaintiff in Broccoli v. Echostar Communications told Echostar about his potential sexual harassment and Title VII claims. More letters and emails additionally notified Echostar of the litigation.

The plaintiff was fired in November 2001. Another letter came in December 2001 threatening litigation, and a lawsuit was filed in February 2002. Echostar did not adjust its retention policy until December 2001. This, it turned out, was wrong.

The judge explained Echostar had actual notice of the claims as early as January 2001. Echostar should have started preserving emails nearly 11 months before it did. As a result, the judge sanctioned Echostar by offering an “adverse spoliation of evidence instruction” – whatever was destroyed may be considered in the worst possible light against Echostar.

Needless to say, Echostar lost the case.

Retention policies are a necessary part of business.  Just as necessary is a company’s ability to modify a retention policy whenever litigation is reasonably anticipated.

Read more about the Echostar case in this news article.

From ‘Qwerty’ Email To 170 Billion Email Messages A Day

Posted by Gregg Mayer on Tuesday, March 18th, 2008   

Email was invented in 1971. The first message said something like “Qwerty,” according to Ray Tomlinson, the inventor who never imagined email would grow as rapidly as it has.

One problem he had with the first e-mail program was finding a way to separate the person to whom one was addressing a message from the computer or network they were using – which he solved with the symbol @.

It could just as easily have been a square bracket or even a comma that would come to be typed in every e-mail address, “but they were already being used, and of the characters that were left, @ was best. Plus it conveyed a sense of place, which seemed to suit.”

It took another 20 years – until the advent of the world wide web in the early nineties - before e-mail became widespread, but Mr. Tomlinson said that the basic characteristics of most modern e-mail programs – commands for deleting, replying and forwarding, and folders – were in place back then. “They’ve just become a lot bigger and bulkier nowadays.”

Read the rest of Tomlinson’s recent interview with TimesOnline here.

Temporary ESI Automatically Deleted From Cache Files Did Not Result In Spoliation

Posted by Gregg Mayer on Tuesday, March 18th, 2008   

When a law firm was sued and later accused of spoliation of electronically stored information (“ESI”), the question arose as to whether parties had to a duty to preserve  locally stored cache files on recently used Web pages when litigation is reasonably anticipated?

In this case, Healthcare Advocates, Inc. v. Harding, Farley, Follmer & Frailey, the answer was no: the images temporarily stored in the cache files did not have to be preserved.

It helps to have a brief background of the complicated fact scenario to understand how this lawsuit came about.

Initially, Healthcare Advocates, a patient advocacy organization, sued a competitor for trademark infringement. The Harding law firm represented that competitor.

During the discovery of that lawsuit, lawyers with the Harding firm viewed archived screenshots of the Healthcare Advocates Website using an internet tool that allowed them to see prior versions of the Website.

The Harding firm printed copies of the screenshots and used those images in the litigation between Healthcare Advocates and its competitor.

Healthcare Advocates then sued the Harding law firm alleging the firm hacked into the Healthcare Advocates Website to view protected material. Consequently, by allegedly hacking into the Website and printing screenshots, Healthcare Advocates argued the law firm committed copyright infringement.

In response, the law firm claimed it used a publicly available Website that permitted users to search screenshots of archived Websites. In short, there was no copyright infringement.

Specific to e-Discovery, Healthcare Advocates argued for a spoliation sanction against the law firm for failing to save the internet data temporarily stored in cache files. Generally, cache files are a temporary storage area for frequently accessed data. When a computer accesses a web page, it sometimes stores a copy of the page in its cache.

Healthcare Advocates argues that the images were involuntarily saved in temporary files on the Harding firm’s computers. Thus, the firm’s duty to preserve extended to these temporary files. Since the files are lost, [Healthcare Advocates] alleges that the Harding firm failed to fulfill their duty to preserve. Healthcare Advocates believes that if these temporary cache files had been preserved, they would have been able to determine if the Harding firm used the archived images for any purpose other than what has been alleged or admitted.

Without dispute, the law firm made no effort to preserve the temporary ESI in the cache files. However, the court rejected Healthcare Advocates’ argument:

What the Harding firm should have anticipated was that the images they copied would be relevant, which they did and saved accordingly…The Harding firm had no reason to anticipate that using a public website to view images of another public website would subject them to a civil lawsuit containing allegations of hacking.

Moreover, even though Healthcare Advocates’ attorney had sent a letter to the law firm demanding that nothing be deleted or altered on the firm’s computers, the letter “said nothing about preserving the temporary cache files on these computers,” the court wrote.

Ultimately, the cache files were deleted from the Harding firm’s computers. However, no evidence has been presented showing that the Harding firm was responsible for erasing them. The files were deleted automatically…The cache files may have been emptied dozens of times before the request for production was made…The most important fact regarding the lost evidence is that the Harding firm did not affirmatively destroy the evidence…Very little fault can be attributed to the Harding firm for the loss of these temporary cache files.

Consequently, the court refused to impose sanctions, and ultimately dismissed the lawsuit against the law firm.

Although the facts in this case favored the law firm, as technology changes, and as opinions about what should be preserved change with it, then whether temporary cache files may also be included in litigation holds remains open for debate.

New Book Offers Basics For A Retention Policy

Posted by Gregg Mayer on Monday, March 17th, 2008   

With the increasing business use of electronically stored information (“ESI”), coupled with the burdens of regulatory compliance and e-Discovery under the Federal Rules of Civil Procedure, CIOs are tasked with crafting effective retention policies for ESI.

A newly released book – designed for law students and lawyers, but offering some practical information for CIOs as well – addresses a whole host ESI issues, including the drafting of a retention policy.

According to New Directions: Social Networks, Blogs, Privacy, Mash-Ups, Virtual Worlds and Open Source (PLI, $199), here are some basic foundations that retention policies should take into account:

(1) state the good faith purpose for its implementation;
(2) designate a person responsible for oversight and implementation, usually within each business unit;
(3) ensure that documents necessary to preserve the entity’s organizational knowledge are preserved and categorized so that they can be retried when needed;
(4) divide each type of document for file into categories and then assign a retention period for each;
(5) comply with statutory or regulatory requirements to retain specific categories of documents;
(6) ensure that the documents necessary to support the entity’s legal position in the event of possible litigation are preserved;
(7) avoid improper destruction or alteration of documents if litigation or a governmental investigation ensues; and
(8) provide for procedures to suspend the policy due to potential investigation/litigation

Of course, all retention policies vary depending on the size of a company and the type of work it does. CIOs should work closely with their legal department and IT staff to ensure a retention policy meets all of the company’s needs.

Just as important as drafting a policy is its implementation. CIOs must make sure their companies are fully following the policy or it will prove of little value if legal trouble ensues.

To check out the table of contents for New Directions, and to order one, visit the PLI site here.

Companies Planning To Sue Have Duty To Preserve ESI

Posted by Gregg Mayer on Monday, March 17th, 2008   

Litigation holds , or the duty to preserve, are often discussed in the context of a company that has been sued, triggering a duty to preserve relevant evidence.

However, the duty to preserve evidence applies to both sides of litigation. When a company reasonably anticipates it is about to sue another party, then that company has a duty to preserve relevant electronically stored information (“ESI”) and other evidence. This duty is illustrated by the case of Samsung Electronics Co. v. Rambus Inc., one of several lawsuits involving Rambus.

In this case, Rambus filed a patent infringement lawsuit against Samsung. Samsung quickly filed its own declaratory judgment action against Rambus in a different court. Basically, a declaratory judgment action asks a court to declare a party’s legal rights.  Samsung asked the court to rule that Samsung did not infringe on Rambus’ patents.

As part of the declaratory judgment litigation, Samsung requested the court enter spoliation sanctions against Rambus for destroying ESI and other evidence.

Samsung argued that Rambus’ document retention policy – including so-called “shred days” – destroyed relevant evidence in 1998, 1999 and 2000. Samsung argued that Rambus should have modified its retention policy by 1998 since Rambus reasonably anticipated a lawsuit with Samsung at that time. The court noted Rambus destroyed millions of pages of documents.

The court explained:

[T]he record clearly establishes that Rambus’ document retention policy actually targeted discoverable documents, including email messages, files on individual computers, network servers or floppy disks, corporate databases, backup tapes, system records and logs, and computers and disks.…

A number of Rambus’ witnesses testified that the reason for adopting the document retention policy was to get rid of discoverable documents. Of particular concern were emails which were described as potentially quite harmful in litigation. Accordingly, email backup tapes were eliminated and employees were told to purge their own individual email files unless it was necessary to keep an email for some purpose and then it should be saved to a particular file or reduced to hard copy.

Rambus countered that it destroyed the documents as part of its routine retention policy. As a result, even if the ESI would have been relevant to future litigation with Samsung, at the time it was destroyed there was no pending lawsuit with Samsung.

The court rejected Rambus’ argument. Since Rambus did reasonably anticipate litigation with Samsung, the court said Rambus had a duty to preserve the ESI.

[A] company can modify its policy to preserve documents reasonably thought relevant to the actual or anticipated litigation. To accomplish that, however, the company must inform its officers and employees of the actual or anticipated litigation, and identify for them the kinds of documents that are thought to be relevant to it. Other mechanisms, such as collecting the relevant documents and segregating them, may accomplish the same result.

Consequently, Rambus was found to be a spoliator, generally the worst thing that can happy to a party in a lawsuit. (In this case, Rambus had already dropped its claims against Samsung by the time the spoliation hearing before the court, so all that Samsung could seek were attorney fees, which were denied for reasons unrelated to the spoliation.)

CIOs and their e-Discovery teams need to know that if a company is planning a lawsuit, then the same duty to preserve ESI applies. It is improper to destroy relevant ESI once a company reasonably anticipates litigation, regardless of whether the company is being sued or is planning to sue.

« Previous Entries Next Entries »