Welcome to Module 2-F.
Team Organization and Operational Issues.
Self-Organization and Development of Evidence Preservation Protocols
The preservation of discoverable ESI in litigation is a core activity of any e-discovery team. It is also a key component of risk management. Obviously, if you do not preserve electronically stored information, and it is deleted, then you will never be able to find it or collect it, much less review and produce it. Just ask the Bush White House about that; they failed to preserve over five million emails. The whole e-discovery process depends upon proper preservation. So too does risk management. Unless you are the White House, your failure to preserve after notice is a sure road to sanctions. Risk control in e-discovery begins with the routine employment of effective litigation hold procedures. This is the best way to minimize the chance of inadvertent or intentional destruction of relevant electronic records. This module addresses the important issues of preservation and e-discovery team organization and functions.
This is a difficult task in the best of circumstances. Intel’s email preservation losses in the AMD antitrust case demonstrate that. Spoliation was also caused by the simple human error of forgetting to look at a second tab of an Excel spreadsheet listing more key custodians.
Even when no human errors are made, and the system design is near perfect, spoliation can still occur for a variety of reasons. For one thing, even though a suit may already have been filed, you still may not be able to determine what ESI is relevant and should be preserved, and what isn’t. Under today’s liberal notice pleading rules in federal court, it can be difficult, some might say impossible, to know exactly what ESI should be preserved and who should be notified of the preservation obligation. Pleadings can be so vague that the scope of a litigation hold is frequently a guessing game, especially at the beginning of a case when the duty to preserve is triggered.
The typical analysis to determine preservation scope is threefold: (1) what is the subject matter of the discoverable ESI that should be preserved; (2) who are the witnesses and custodians who may possess or control the discoverable ESI; and (3) what is the time frame of the discoverable ESI. In many lawsuits, it is not obvious from the pleadings what the dispute is really all about and what subjects could be relevant. In fact, most disputes usually morph a few times and develop new issues as the facts and law are better understood by the parties and the court.
This kind of subject matter and issue determination must be performed right after a suit has been filed. At this point, the defense lawyers may know little or nothing about the case beyond what is stated in a complaint. Even worse, the preservation duty may be triggered even before a complaint has been filed, when it is reasonably certain that litigation is likely. At that point, it frequently requires a crystal ball to try to guess all of the issues in a case. It is often just as speculative and risk filled to try to determine who the witnesses may be in the case, and what additional employees or third parties may be custodians of discoverable information, even though not direct witness. Even the time component may be vague, and you may not be sure how far back in time you should go, or how far forward.
You could say why not just call opposing counsel and find out, but that presupposes a knowledgeable and cooperative adversary. In reality, it rarely works that way. If and when they do return your call, which may be days or weeks later, and you are in fact given “advice,” it is often deliberately overly burdensome and oppressive, and you are sorry you asked. Gamesmanship is still very much alive and well in the adversary system.
In view of the importance of proper preservation to facilitate justice and avoid sanctions, and the inherent difficulties of guesstimating scope of discoverability at the beginning of a case, the development of good preservation protocols is a prime directive of every e-discovery team. Internal corporate teams must try to set up systems that will mitigate against these inherent uncertainties and risks. But does this mean it is the first thing a new team should focus on? Should the team begin its work by developing final protocols in this area? Should the top priority be development of procedures for rapid response to litigation by preservation notices, suspension of automatic file deletion programs, and the like?
No! The development of formal hold systems is important, but the first task of a team must be to self-organize. You have to have a team before you can play the game, much less win it. This means finding the right team players. It also means having them come together and attain a certain level of training and cohesion. Only then can they take on a play as complicated and important as litigation holds. The team must also secure adequate funding and senior management support for the team mission. It has to be a team of winners with a promising future, not a dead end. Only after these preliminary organizational steps have been taken can the team function effectively. Recruiting the right team members is more difficult than most people think. So too is securing upper management buy-in and budget approvals.
Team staffing requires careful selection of compatible people from three different sectors: law, IT, and management. The three-part nature of the ideal team is shown in the diagram above by IBM, with management referred to as “business.” IBM consultants, like almost everyone else in the field, advocate for internal e-discovery teams. The IBM white paper, “The Impact of Electronically Stored Information on Corporate Legal and Compliance Management,” advises companies to:
“Have a plan and a process for discovery of ESI that you can improve over time. Understand your end-to-end process from discovery to production and the implementation of “holds.” This encompasses methods and practices that make sense for your organization, understanding where technology is needed to facilitate or improve process efficiencies or quality of results, and identifying which specific technology capabilities are required to make your end-to-end process effective. It is best accomplished through a cooperative effort among legal, IT, and the line of business (LOB) organizations (see above figure).”
You can have a team with just lawyers and techs. The first e-discovery team by Cisco in 2001 started that way. But today, most agree you should also have a management/business component in the core team. They can come from one or more of several different departments, including records management, HR, Finance, Risk Management, Compliance or Operations. There are many different variations. It all depends on the particular organization, its structure and corporate culture. IBM explains that the line of business members are needed to assist legal and IT to “set and manage the business priorities; establish the policies and best practices; and, enforce the organizational compliance.”
The culture of business, law and IT are very different. That is why careful selection of candidates from each sector is important. Not all in-house lawyers are cut out to work with computer techs. He or she may be a good lawyer, but computer-phobic. They went to law school precisely because they hated computers, math and science. The same applies to IT personnel. Many dislike lawyers, or are not comfortable with any kind of people activities. They would rather work on code for hours than attend a meeting. That is, after all, why most of them went into that field. Management types drafted into this project may have similar prejudices and see this as a dead-end assignment. They hear that it has something to do with records management, lawyers and IT, and their eyes glaze over.
So, believe me, finding the right people for an e-discovery team is not easy. You should not simply pick the people who appear to have some time right now to work on this. Their aptitude and cultural readiness is more important. Most companies do not have interdepartmental teams, so there will be little precedent for this kind of cooperative endeavor, and high turnover at first is not uncommon. For all of these reasons, significant time has to be spent on education at the beginning of the group’s existence. That is why my involvement in a team is usually front loaded, and my time lessens as the team self-organizes and becomes fully functional.
At the beginning, it is important to be sure everyone has a rudimentary understanding of the e-discovery process and the mission and future tasks of the team, including the need to design and implement good preservation protocols. These protocols and other projects will allow the team to better manage the high risks of litigation. They will also save the company money, as previously noted, from reduced e-discovery costs.
The first members of a team typically consider whether additional team members are needed. There should be at least two representatives from each of the three sectors, and frequently more than that, depending on the size of the organization, its history, and the complexity of the organization. A team needs enough members to accomplish its goals, but not so many as to become cumbersome and unworkable. If a team must have many members due to the complexity of the organization, then it usually breaks down into sub-groups. When that happens, the initial education, communication and cohesion process becomes much more challenging.
After a team is fully formed and operational, and everyone is fully briefed and understands its missions and upcoming activities, one of its first tasks is to address litigation hold and collection procedures. Still, at this point, you are not yet ready to design final preservation and collection procedures. For most teams, that is still a year or so away. Instead you create interim protocols.
Some companies have some kind of identification, preservation and collection system in place, even if it is not in writing. Typically, it involves preserving computer files by telling employees to look through their computers for relevant files, and when found, save a copy onto a central location, usually a server. When there is already some kind of system like this in place, the team begins by studying the current procedures and looking for areas that need improvement. Usually existing systems fail to cover all ESI, fail to preserve metadata, fail to authenticate with hashing, and are otherwise of questionable legal validity. They are also usually not well documented, hard to follow, and fail to address many common contingencies.
More often than not, there are no protocols at all. Lit-holds have only been dealt with on an ad hoc basis by a number of different people, each with their own ideas on how to go about it, and what the law requires. There you basically start from scratch. But whether you already have written procedures in place, or are designing them for the first time, in either case you are only going to be able to create interim preservation procedures. Final procedures come much later in the work of the e-discovery team.
The procedures, even the interim procedures, must comply with the current laws. For instance, it is probably not legally sufficient to simply send employees an email telling them not to alter or destroy relevant files, and then hope for the best. Much more follow-up is required. Otherwise, if a mistake is made, and ESI is destroyed or altered, the company could face severe sanctions. See Cache La Poudre Feeds, LLC v. Land O’Lakes Farmland Feed, LLC, 2007 WL 684001 (D.Colo. March 2, 2007). For this reason, as a best practice, many companies are now moving to automated systems that supplement employee compliance. Also, as Zubulake V teaches, reasonable lit-hold procedures should include direct interviews with the key players in litigation. Zubulake v. UBS Warburg LLC, 229 F.R.D. 422 (S.D.N.Y.2004).
The hold procedures, even the interim procedures, must also be designed to cover all potentially discoverable information maintained by the organization, even the PST files that some pack-rat employees may have all over the place. Sometimes the preservation obligation may include back-up tapes, sometimes not. It depends on the computer systems and the particular case. Most of the time it will not be required. The hold and collection procedures must also be capable of preserving at least some of the ESI metadata. In some instances, it may not be acceptable to have employees copy files to a centralized repository, as that act in itself will change the file date metadata.
As this work begins, the team will become painfully aware of a number of deficiencies in existing systems, including problems with permitted computer use policies, retention policies, and computer systems. There is usually a lack of information about exactly what information the organization has, and where it is all located. [It is, in effect, a lack of system metadata, data-about-data.] Most companies have only a vague idea of what they know, and who or what knows it. Few have complete, up-to-date knowledge of where all of their electronic information is stored. If you do not know what information you have, nor where it is all located, how can you possibly preserve it, much less produce it as required by law?
This common deficiency must be addressed early on by the team. They must take a complete inventory of existing ESI and map it. Then they need to classify the ESI accessibility according to Rule 26(b)(2)(B). When the team looks, they always find that the organization has far more information stored in its systems than management realized, and that much of it is unneeded and should have been destroyed long ago. So then the team works on rehabilitating the organization’s overall electronic records management, and moves on to destruction of unneeded ESI according to Rule 37(e).
The many deficiencies in existing systems, coupled with the stringent requirements of the law, end up forcing the team to design hold procedures that are difficult to follow, time consuming, expensive, and disruptive. That is because they must work with what they have, and what they know. Frequently it is chaotic. For instance, each employee may or may not have their own email archives, PST files. These files may be located on desktop PCs, laptops, thumb-drives, or CDs kept at home. Some employees may have multiple PST files, all of which now need to be searched and protected from alteration. Some may have none, but they may use their personal email accounts for work from time to time. The process of studying current practices and computer storage systems, and trying to design standard hold procedures that will preserve all discoverable ESI, will inevitably highlight the need to change existing systems so that better, more efficient, hold procedures can apply.
The team will not want the stop-gap procedures to be permanent. They are, after all, the people who must follow these protocols and implement the lit-holds. Most teams will recommend adjusting future IT purchases to include preservation criteria, typically adding or improving archiving and indexing software. It may also mean purchasing new software specifically designed to implement and manage litigation holds. The process usually requires a radical overhaul of existing document retention policies and practices, and a tightening of permitted computer usage.
After the new policies and systems are in place, the team can then design a final protocol for preservation and collection. It will be far better than the patchwork program first developed, and far less likely to fail and expose the company to sanctions as in the Intel case. It will also be far easier for the now matured team to operate, and to realize significant cost savings in the subsequent steps of ESI collection, analysis, review and production.
Cheerleading the Teams
In early 2008 journalist Dale Buss of Corporate Counsel magazine wrote a cheerleader type of article on e-discovery teams. He quoted many in-house counsel who were pleased with their Team efforts. Dave Buss’ article was entitled Keeping Your Firm’s E-Discovery In-House, but is no longer online. It was an informal report based on interviews with in-house attorneys and paralegals already involved with e-Discovery Teams. It highlighted a truth already known by everyone in the e-discovery world, that the legal profession is entering a Revenge of the Nerds phase of litigation. Buss reviewed a few of the benefits of managing e-discovery in-house, as opposed to the more traditional solution of outsourcing everything to law firms and vendors.
Buss began his article by noting that most corporations are just starting to realize the magnitude of the e-discovery problems they face from runaway electronic records mismanagement. This presents in-house counsel with a question of how to go about solving that problem:
Corporate counsel first must decide whether to deal with these growing demands in-house, to outsource the function — or to use some combination of internal and external resources.
Many companies still outsource everything, but a few are now doing at least some of the work themselves. They refer out less and less to outside vendors by building a strong, internal e-discovery team to do the work.
The article quoted Thomas Avery, with the e-Discovery Team of Aon Corp., as recommending that “legal departments establish as much as possible of the ESI-management function in-house as swiftly as they can.” The senior manager of legal operations for Raytheon Co., Woods Abbott, was said to strongly agree. So too dis Patrick Oot, then director of electronic discovery and senior litigation counsel for Verizon Communications (he is now with the SEC). Patrick was quoted as saying, “it’s difficult to trust a third party with your mission-critical case information.” That is one reason Verizon was moving more of its e-discovery process in-house, even including many ESI review tasks. Another factor was the company’s projected savings of several million dollars a year.
Another blogger, Jerry Bull, a young e-discovery specialist and consultant in Los Angeles with an IT background, has already written about Buss’ article in his tech oriented blog E-Discovery in the Trenches. Bull notes the trend to taking it in-house, but also correctly points out a few of the dangers and difficulties in this path:
IT departments aren’t equipped to deal with the high stakes nature of e-discovery work; and the personnel aren’t suited at all to deal with attorneys and attorney requests. I used to be an IT guy and I can tell you that we are bred with a troubleshooting mindset. Everything is up for experimentation and subject to trial and error (we deal primarily with Microsoft tools, after all). This approach simply doesn’t work in litigation.
Still, Bull appears to think it can be done with sufficient support, including full funding and staffing. As he puts it:
Planning for an in-house staff of e-discovery professionals and a handful of reliable, independent consultants will go a long way in easing the transition.
I completely agree. An e-Discovery Team needs dedicated, trained players, and plenty of time to practice. This is the only way to play competitively in the professional litigation leagues.
An Article with a More Thoughtful Analysis
Another article written by Eric Friedberg in March 2008, entitled New Electronic Discovery Teams, Roles, and Functions, (no longer online), has the opposite style to Ross’ work. It is based on experience and analysis, rather than interviews. Although I disagree with one minor legal statement in the article concerning preservation of “not reasonably accessible” ESI, I agree with everything else, including the meat of the article, his analysis, and insights into e-Discovery Teams.
The article starts with the observation that many of the mistakes made in e-discovery originate from problems in communication between IT and Legal. I call this the “Who’s On First” phenomena of lawyer/tech miscommunication. Friedberg refers to Judge Scheindlin’s famous quote of the Cool Hand Luke movie in Zubulake: “What we’ve got here is a failure to communicate.” Zubulake v. U.B.S., 229 F.R.D. 422, 424 (S.D.N.Y. 2004).
He sees the best solution to this problem, as do I, in the formation of interdisciplinary corporate e-Discovery Teams:
Compliance with emerging electronic discovery obligations, and conducting electronic discovery in a consistent and efficient manner, requires new cross-disciplinary teams (hereinafter “New Teams”), with updated organizational roles (hereinafter “New Roles”) and functions (hereinafter “New Functions”). These New Teams often draw representatives from an organization’s in-house legal, IT, compliance, records management, and human resources departments at the corporate and business unit levels, as well as from the outside counsel and the forensic/electronic discovery vendor to whom the company looks for strategic advice.
The article points out a fundamental problem that sometimes dooms new Teams to amateur status, insufficient buy-in and funding by upper management. The article points out that differing levels of support by Team owners can have a dramatic impact on Team effectiveness and morale:
At one end of the spectrum, senior management and the board back and fund a broad mandate to improve records management and electronic discovery processes, and support the requisite change management. In other cases, the New Team members do what they can to coordinate their respective functions but have little budget and less staffing, and struggle in tackling larger initiatives. In such cases, senior management seems to have little understanding of how records management and electronic discovery are increasingly interwoven with corporate governance, ethics, and compliance. While senior management is ultimately responsible for the increased risk inherent in failing robustly to support New Teams, the individual team members on the front lines often feel exposed in attempting to do more with less in an era of rising obligations and multimillion dollar sanctions.
The above quote demonstrates one of the strong points of this article, which I recommend you read in full; it combines strong theoretical insights with good practical observations.
The article goes on to describe the work of the Team, but without the sports analogies I often employ. Friedberg focuses on the Team work needed to create effective litigation hold procedures, new ESI archiving platforms, consistent positions in court, data mapping, and the collection and search of ESI. On these last key functions, which my article refers to as finding and picking up the ball, Friedberg points out a valid issue, or problem, which all Teams must face, when and at what point to outsource:
The key consideration in establishing these New Functions is to determine where the internal IT function leaves off and when outside vendors should be utilized. Even highly-competent in-house forensic teams can not handle spikes in collections required by large civil or regulatory matters, short deadlines, or a confluence of cases. In addition, it is much more difficult to search data effectively than to collect it. There is less external training available for electronic discovery search technologies and methodologies. As a result, in-house personnel typically rely on off-the-shelf software, which may fail to properly search data or to convert data to searchable form. . . . .
Many in-house IT personnel, for example, use the Outlook client to search Outlook mail. That client, however, does not search attachments or flag items that it can not search. New Teams can address these risks by receiving outside consulting advice on acceptable protocols for searching electronic data. Determining where to draw the line between in-house and external resources is not only a technical issue. Cases that are high-profile or in which the prior role of IT has already been criticized may call for the use of independent resources.
True, true. For a good example of this, see Louis Vuitton Malletier v. Dooney & Bourke, Inc., 2006 U.S. Dist. LEXIS 87096 (S.D.N.Y. Nov. 30, 2006).
Friedberg’s article concludes with a discussion of outside electronic discovery counsel, whom he calls “one of the most important New Team members.” Not surprisingly, I agree with that. I think all e-Discovery Teams, even experienced, well established ones, should include an outside attorney on the Team. Since experienced outside counsel typically associates with and represents a number of different corporate Teams, they can provide unique perspective and advice to each Team they represent. Their independence can also serve an important function. It not only allows them to appear in court to represent the Team, but also puts them in the best position to steer the Team away from any Qualcomm-like disasters. Good outside counsel can make sure the Team plays by the rules, even in the big ticket, high pressure games where employee players may come under a lot of pressure to win, no matter what the cost.
An outside attorney on the Team can help keep the games clean, and steer Team members away from the kind of temptations that cost Qualcomm its patent, and its GC his job. Further, this kind of high-road Team participation puts outside counsel in a strong position to protest any questionable calls made by the umpire.
The article also points out the many ways outside counsel can assist a Team, including important training functions:
The right counsel can facilitate the entire New Teams process, providing stewardship and key strategic advice to achieve compliance and help avoid sanctions. Indeed, New Teams are using outside counsel to train in-house Team members on emerging case law and the obligations under the New Rules. Not only does the substantive advice help the New Team, but in the event of an electronic discovery mishap, the training itself demonstrates the organization’s good faith, which is a key to avoiding sanctions.
Friedberg also notes a danger in the use of outside counsel that are also trial counsel. Personally, I do not serve as trial counsel anymore. If I appear of record in a case, it is solely to handle electronic discovery related issues. Apparently some attorneys still do both, and I admire their genius, but frankly I do not have enough time or talent for both roles. This limitation removes me from conflicts inherent in the dual role, and allows me to provide independent advice in the area of my core competency. Friedberg correctly advises a company who uses the same attorney as trial counsel and e-discovery lawyer to beware of possible conflicts of interest inherent in such a dual role:
First and foremost, a company’s outside counsel must have deep expertise in electronic discovery law and strategy. When outside electronic discovery counsel is also trial counsel, the in-house team members should closely consider whether outside counsel’s electronic discovery advice will be adversely affected by its role as trial counsel. Such an affect can take the form of over-preserving data so as to avoid any arguments that might, in trial counsel’s view, “distract” from the merits of the case. This might be the right strategy in a particular case, but it can also cost the company substantial sums of money and create stockpiles of data that are difficult to manage thereafter.
The article also points out that the e-discovery lawyer may sometimes be called upon to testify in court, and explain to a judge what happened when the Team’s procedures are challenged. Here the credibility of your e-discovery lawyer becomes very important. Moreover, if a waiver of privilege is required to defend the Team, it is easier to limit the scope of the waiver if the e-discovery lawyer played only a limited role in the case.
This is a balanced and well thought out article, and not simply a white paper pitch for services. Eric Friedberg also points out a problem with separate e-discovery counsel.
On the other hand, there are clearly inefficiencies in having multiple counsel, and separate electronic discovery counsel can struggle to become fully integrated in the matter so as to render their best advice.
This is very true, which is why it is important to have experienced counsel, capable of working closely with trial counsel to quickly understand the issues in the case.
Another problem which the article does not point out, is the simple fact that using multiple counsel can be very costly, and may not be practical in smaller or even mid-size cases. The services of specialty e-discovery attorneys, especially ones with sufficient knowledge and skills to serve on an internal corporate e-discovery Team, can be expensive. There are not that many attorneys with these specialty skills, and all the ones I know carry a high hourly rate. Some cases are simply not worth the expense. Unfortunately, these smaller dollar value cases can still have very complex ESI collection and e-discovery issues. The proportionality limits of Rule 26(b)(2)(C) can help, but even so, costly mistakes leading to sanctions can still be made.
Here a company could help itself with retainer agreements and other alternative billing arrangements. See Eg. the Law.com Article on Mark Chandler, General Counsel for Cisco, who champions alternative fee arrangements. That way a company could always get good “off the clock” advice on complex issues whenever it is needed, regardless of the size or economics of the case. Otherwise, it is all too easy for a stupid, nothing case to explode into a nightmare, and, if your company is the defendant, force a settlement for far more money than a case is worth. We have all seen it happen, even with pro se cases, where the courts tend to lean over backwards to allow a case to go forward. Having a technology attorney on call with some kind of creative retainer agreement as Mark Chandler recommends might be a good way to avoid that trap.
SUPPLEMENTAL READING: Read one or more of the many articles and cases linked or cited in this module that you have not already read. (As mentioned, some now appear to be online.) Find at least one fact or opinion expressed here that seems inconsistent with what you have learned so far in this course.
EXERCISE AND MORE SUPPLEMENTAL READING: Search the web and find an employee computer use policy and an electronic records retention policy, read them, and find at least one provision in each that you think might cause problems for the employer. Do you think most companies are likely to save emails for too long, or not long enough?
Students are invited to leave a public comment below. Insights that might help other students are especially welcome. Let’s collaborate!
Copyright Ralph Losey 2015