Category Archives: Law Firms

Is eDiscovery Existing in a Post-Sanctions World?

eDiscovery Sanctions

Is eDiscovery Existing in a Post-Sanctions World?

The short (and obvious) answer is no. Rule 37(e) isn’t going anywhere. But recent case law indicates a trend where sanctions seem to be harder to come by, which may play into what concerns in-house legal teams as they consider the technologies they may need.

A recent infographic, General Counsel: From Lawyers to Strategic Partners (released by Raconteur with data from Walters Kluwer) showed 66% of corporate legal teams saying “Data Breaches and Protection of corporate data” was a top issue keeping them up at night. Sanctions didn’t even make the list.

Recent case law from 2019 supports the lack of sanction fear, as several cases showed that even when evidence was deleted (sometimes knowingly), courts aren’t doling out sanctions in the same way since the 2015 amendments to the Federal Rules of Civil Procedure (FRCP) went into effect.

As a refresher, Rule 37(e) of the FRCP lays out the threshold for sanctions as follows:

If Electronically Stored Information (ESI) was lost because:

A party didn’t take reasonable steps to preserve it when they should have (i.e. because they knew litigation was imminent)

  • and if the lost ESI can’t be restored or replaced by simply doing discovery again
  • and if there was an intent to deprive the party of information by the loss of the ESI
  • and if the lost ESI actually affects the outcome of the case

…then the court may consider sanctions.

The following examples show that consider is a key word, even when they find the threshold has been met, as in case 3.

United States et al. v. Supervalu, Inc. et al. Nov. 18, 2019 (C.D. Ill. 2019)

Three days after a subpoena, a district pharmacy manager for the defendant sent out an email stating, “Throw away all your competitor’s price matching lists and get rid of all signs that say we match prices.”

The plaintiff alleges there are inconsistencies in both the number and timing of the subsequent litigation holds and accordingly asked the Court for an in-camera review of the three litigation holds which were eventually sent. The plaintiff also believes that the defendant failed to preserve price matching materials responsive to the government subpoena from approximately 80% of their pharmacies nationwide.

But the Court denied sanctions, stating, “Upon reviewing the record, the Court is unable to conclude that Defendants acted in bad faith. If the evidence at trial shows otherwise and bad faith on the part of the Defendants is established, the Court can revisit the issue and consider one or both of the sanctions requested by the Relators or another appropriate sanction.”

Mafille v. Kaiser-Francis Oil Co. May 21, 2019 (N.D. Okla. 2019)

In this case, the plaintiff’s computer was wiped after her termination as part of standard retention policy. When the plaintiff filed for spoliation sanctions, the Court found that the plaintiff’s computer contents were uploaded daily onto the defendant’s LAN server as part of a company policy. So even if her computer were destroyed, the contents could potentially be retrieved if discovery were done on the LAN server. Also, the defendant requested which documents were vital for the plaintiff’s case so they could attempt to retrieve them from the LAN server, but the plaintiff never identified any such items.

Univ. Accounting Serv., LLC v. Schulton. June 7, 2019 (D. Or. 2019)

In this case, the defendant admitted, “I recognize fully that was in violation of the subpoena,” and later said of one particular piece of data, “I deleted the file as fast as I could, because I was petrified at its existence, because it’s exactly the type of damning information that UAS wants to catch me with.”

In US District Judge Michael H. Simon’s Ruling, he states that the Rule 37(e) sanction thresholds “have been satisfied.” Yet, even after meeting the threshold conditions, the judge didn’t order case termination sanctions, but instead chose a permissive inference spoliation instruction against the defendant.

No Sanctions, Why Worry?

Without the specter of sanctions haunting the dreams of in-house legal, does this mean they’ll finally get a good night’s sleep?

Only if they have the processes and technology to manage the exponential growth of data sizes and new file types, which continues to be one of the biggest challenges for corporations, particularly for in-house legal teams who are tasked with mitigating risk involved with enterprise data. To do this, the ability to manage data in a flexible and scalable manner is vital.

Sending a legal hold notice is pretty straightforward. Gaining meaningful and speedy insight into petabytes of data from multiple file types for investigations and subpoenas is much more complex, and forward-looking legal teams are putting their technology to work doing just that.

 

Written by Jim Gill
Content Writer, Ipro

A first step in this process is to use Ipro’s Pre-Litigation Data Checklist as a guide to effectively manage enterprise data in order to avoid potential data pitfalls in the middle of a matter.

Download the Ipro Pre-Litigation Data Inventory Checklist

Ipro Pre-Litigation Data Checklist

Should Mobile Devices be Imaged for eDiscovery? Recent Case Law Provides Insight

Mobile Devices Imaged for eDiscovery

Should Mobile Devices be Imaged for eDiscovery? Recent Case Law Provides Insight

Deciding whether mobile devices should be imaged can be difficult when it comes to eDiscovery. They contain a large variety of file-types and data intermingled with a lot of private information, which may be privileged. Extracting specific information can be difficult and imaging an entire device can be costly. So the question remains: To image or not to image? But not really. That’s why we have case law.

On the surface, it seems that imaging an entire device would fall beyond the usual scope of a matter as it’s defined under FRCP Rule 26. Specific relevant data would be the obvious choice over everything on a single device. Which is exactly how a magistrate judge saw it last year in Henson v. Turn (N.D. Cal. Oct. 22, 2018), when the court denied requests by the defendants to inspect personal devices of the plaintiffs, collecting web browsing history and cookies in the process, on the basis that the data sought was neither relevant nor proportional to the needs of the case.

But in a recent ruling by Special Discovery Master Hon. Rebecca Westerfield (Ret.) in the class action suit In re: Apple Inc. Device Performance Litigation (N.D. Cal. Aug. 22, 2019), the court determined that imaging a sample set of the plaintiffs’ mobile devices was proportional to the needs of the case under Rule 26. So what sets this case apart from Henson v. Turn?

The Case:

In re: Apple concerns the plaintiffs’ claim that Apple used operating system updates to “throttle” and hamper device performance regarding certain of its iPhone 6 devices, allegedly impairing “the integrity, condition, quality, and usefulness of the Devices without Plaintiffs’ knowledge or consent.”

Each side brought forward forensic experts. The plaintiffs’ expert, Mary Frantz, Managing Partner of Enterprise Knowledge Partners, LLC, asserts that “Apple’s internal databases such as collected historical diagnostics, support, and potentially archived cloud of backup files would be a preferred and sufficient method to determine historical performance,” and that, “there is no difference between what would be found on any specific Devices and what could be found via iTunes and iCloud analysis (which Apple could test without a forensic inspection).”

Apple’s expert, Paul D. Martin, PhD, Computer Science—who has over a decade of experience in technology and forensics, including with performance testing and benchmarking of computer and other technological programs—explained the word “performance” can have a broad variety of meanings for a device. “To assess performance conditions,” Dr. Martin asserts that “it is important to perform tests on a device that is configured in a way that matches, as closely as possible, the configuration of the user’s device. Configuration depends both on the hardware and on what is installed on the hardware, including operating system, applications, and data.” He also adds that, “each user controls the state of his or her Device to the extent that it deviates from the basic iOS configuration,” which, along with, variations of installed software, specific device usage patterns, and network or Wi-Fi variations, will impact performance. Which is why he concluded, “the best record of what is installed on a particular Device is the Device itself.”

The Ruling:

Special Discovery Master Westerfield ruled against the plaintiff on the issue of imaging, stating that “other types of discovery would not provide sufficient information on the issue at hand,” and that “the defendant’s privacy concerns could be addressed through a robust protective order containing the following:

  • “The plaintiffs would select a neutral forensic expert to produce a mirror image of the computer’s hard drive in a timely fashion
  • “That expert would execute a confidentiality agreement and also abide by the protective order in place in the action
  • “Only that expert would be authorized to inspect or handle the computer or the mirror image (the plaintiffs and their counsel would not inspect or handle the mirror image
  • “The expert would not examine any non-relevant files or data on the computer, or anything designated as privileged or work-product protected information
  • “That expert would produce a report based upon his or her inspection that describes the files found and any relevant file-sharing information
  • “And that expert would disclose his or her report only to the defendant’s counsel, who could then lodge objections to the report based on privilege.”

SDM Westerfield also cited Herskowitz/Juel v. Apple, Inc. (N.D. Cal. Feb. 12, 2014) in which the court ordered the plaintiffs to deposit computers and devices at issue with a third-party vendor for forensic inspection, because the “data contained on Plaintiffs’ computers and devices is likely to be highly relevant, and admissible evidence under Federal Rule of Civil Procedure 26(b)(1).”

The SDM noted the potential privacy intrusions in Herskowitz/Juel were not as widespread, because only a small number of devices were imaged. In response, the number of devices available for forensic inspection was limited to much less than the 115 devices Apple had requested.

Meet and Confer:

Cooperation is the name of the game when it comes to determining whether mobile devices should be imaged and other complex eDiscovery cases like this one. And the SDM drove that home by stating the importance of both parties continuing to meet and confer, ensuring the order is carried out as determined by the court.

In her ruling, SDM Westerfield writes, “Given the above direction and following Apple’s designation of specific Devices to be examined, the meet and confer process is likely to be more productive than the parties’ past efforts. In this regard, the parties and their experts are in the best position to meet and confer on a proposal that minimizes exposure of content and private information to Apple, the parties’ experts, and Apple’s outside and inside attorneys and provides an appropriate tailored approach to discovery from these Devices.”

Written by Jim Gill
Content Writer, Ipro

 

Ipro FRCP Cheat SheetNeed to brush up on your Federal Rules of Civil Procedure as they apply to eDiscovery?

Download Ipro’s FRCP Cheat Sheet!

Redaction Errors in Federal Opioid Case Reveal Importance of Legal Technology

legal redaction technology

Redaction Errors in Federal Opioid Case Reveal Importance of Legal Technology

For as long as humans have been writing things down, redactions have been a part of the process. In the beginning, they were used to integrate disparate stories and folktales, but these days, when we hear about redactions, it’s usually in regard to investigations and legal actions.

For the public—especially those who are hungry for conspiracy theories and secrets—redactions are a tantalizing hint at what’s not being said; however, for those in the legal industry, redactions are a part of everyday life. But this doesn’t mean they’re mundane! On the contrary, failure to redact documents or to make sure that redacted content is produced in its redacted format can be case ending (and job ending for the person responsible for the error).

The most common reason this happens, is because law firms are taking the “redact by hand” route instead of using tools that properly manage productions to ensure documents meet the expected production requirements (i.e. making sure the information meant to be kept private is hidden). By not using redaction technology, law firms are flirting with disaster.

Which is exactly where a law firm found itself, after exposing secret grand jury information in a court filing as a result of using Microsoft Word and Adobe Acrobat, instead of specialized redaction technology, which the partner said, “is specifically designed to avoid such issues. The failure to use this software was inadvertent oversight.”

At first glance, the filing appeared redacted, but a member of the press was able to defeat the redaction by simply copying the black-out boxes and pasting the text into a new document.

Ryan Joyce, VP of Strategy at Ipro, commented, “Time and time again we have seen the same headline—a law firm or government agency getting in trouble for not handling their redactions correctly. Why is this still an issue after all these years? Any software can draw a colored box over text, but only the right software will produce it correctly.”

But even when redactions are properly handled, a newly published study by the University of Zurich may make them a moot point. By using a combination of AI and over 120,000 legal records, researchers “were able to identify the participants in confidential legal cases, even though such participants had been anonymized.” And if that doesn’t give pause, they did so with an 84% accuracy rate after mining data for only one hour.

Still, even if anonymized information in legal documents can be defeated—by robots or gross oversight—the requirement to redact documents correctly isn’t going away anytime soon. Which means law firms should ensure they have the technology in place to properly handle redactions, along with the processes in place to ensure that technology is used. If they don’t, it could mean sanctions for the firm and unemployment for the individual who made the error.

How Ipro Can Help with Redactions

Tools like Ipro’s Production Shield (which is included in the enterprise and desktop eDiscovery solutions by Ipro) allow administrators to add another layer of protection for documents that should not be produced. When using Production Shield, such documents are identified during the validation phase of the export process, giving administrators the opportunity to correct conflicts and ensure only appropriate documents are produced.

In addition to Production Shield, Ipro ensures accurate redactions by:

  • Automatically re-OCRing the document to remove any text under the redaction
  • Running validations to ensure redactions are burned in and the text is correct
  • Creating layered redactions, so multiple production sets can be sent to multiple parties
  • Having 30 years’ experience in the legaltech industry – we know our redactions!

 Find Out More About How Ipro Can Ensure Accurate Productions for your Firm!

 

Written by Jim Gill
Content Writer, Ipro