By Robert Cruz of Actiance
On December 1, new amendments to the Federal Rules of Civil Procedure (FRCP) – the rules that govern all “civil actions and proceedings” in U.S. district courts – took effect. The amendments focus on the “proportionality” of eDiscovery, along with setting of uniform sanctions for discovery mishaps. eDiscovery processes have come a long way since 2006, the last timeFRCP amendments took effect. Tales from eDiscovery firms in 2006 involve being lost in a sea of back-up tapes or the myriad problems that arise when creating an image of a hard drive – once, a bonded courier left an encrypted drive at a Ruby’s Taqueria.
(Photo courtesy of Robert Cruz)
The efforts to preserve data – needless to say – were often manual processes, dependent on action from individual custodians, and containing many potential points of failure. But the world has changed, as widely publicized preservation failures have clearly established legal hold activity as the greatest area of eDiscovery risk. Some organizations have responded with a brute force method of simply placing everyone – and all of their data – on hold, which is neither cost effective nor informative for downstream discovery tasks. Others have simply continued to search for guidance on how to streamline data-preservation processes.
Much has been written about the notions of proportionality and uniform sanctions promoted by the new FRCP amendments. But the new FRCP amendments also introduce the notion of “reasonable” preservation effort to preserve data that, failing to do so, will lead courts to the assumption that information not properly preserved is harmful to your defense.
How can organizations demonstrate “reasonable” preservation efforts? While no absolute standard of “reasonable” is being created by the new FRCP guidance, the following practices will help reduce the potential sources of failure in data preservation practices, thereby saving time and lowering costs in the face of litigation.
Ensure A Streamlined Document Notification System Exists
Researchers found that the median cost of a federal case that involves eDiscovery is around $35,000. When you consider there are nearly 19 million civil cases at the state level and more than 300,000 civil cases at the federal level each year, the eDiscovery process becomes an expensive, as well as a cumbersome, task. So, how can enterprises prove they made “reasonable” preservation attempts? While there is no written-in-stone definition of “reasonable” provided by the new FRCPguidance, the following actions will help minimize the risk in data preservation exercises, thereby saving time and reducing costs in legal cases.
The new guidelines require enterprises to proactively notify the appropriate personnel when their organization “reasonably anticipates” litigation to ensure they know to preserve requisite data. Usually, “reasonably anticipate” is defined as “the receipt of notification or other information identifying the possibility of a lawsuit or upon the actual service of a summons and complaint.” Individuals must understand what data is stored. They must also take proactive action to protect it.
Still, however, organizations limit the scope of their storage and eDiscovery methods. Despite the proliferation of data archiving and eDiscovery tools, some companies insist on manual data entry on spreadsheets. To lean fully on individuals to take appropriate actions is to assume those individuals have a comprehensive understanding of the regulatory requirements, as well as the time it takes to manage the data. Intelligent technology that automates processes minimizes the pressure on IT and individuals. A streamlined, condensed document notification process is crucial to protect organizations’ data storage and eDiscovery actions.
Broaden Your Preservation Lens
While eDiscovery continues to be preoccupied with email, it is clear that corporate communication channels are undergoing a fundamental shift toward instant messaging, collaborative, and social media. Channels such as Chatter, Skype for Business, LinkedIn, etc. all have their own unique properties and trade-offs that one must consider when faced with a preservation task – along with challenges that can make proof of their authenticity difficult – so companies are well served to investigate which channels are in use by employees now to save reactive preservation challenges later.
Reduce Manual Data Moves For Preservation
Clearly, the more times data changes hands, the more likely a source of failure is introduced. In exploring where data should live during the preservation process, organizations should explore options to minimize hand-offs versus simple reliance on an existing chain-of-custody document used by a litigation services provider as they prepare data to be hosted in their review platform of choice. Maintaining a full copy of data in place, or utilizing the legal hold features of archiving technologies should be examined as ways to minimize risks occurring during data transfers.
Enable Human Oversight Of Technology Solutions
A few years ago, Apple sued Samsung over smartphone technology patents. Individuals at Samsung were probably aware of the litigation prior to the news being revealed. Yet they did not deactivate the functionality in their email servers that removed data biweekly. Due to Samsung individuals’ lack of action, judges suggested the jury should believe Samsung did not demonstrate reasonable action to archive data relevant to the case. The outcome of the case may have been very different had individuals at Samsung properly overseen their technology. This example highlights that in many litigation cases, automated archiving and eDiscovery technology is not sufficient.
Some archiving systems, for example, provide the ability to preserve copies of data, filtered by custodian, keyword, date range, communication channel, etc., and store that information in a manner that is tamper-proof and inaccessible to custodians. This can produce a significant reduction in the volume of data an organization must maintain under hold, as well as a direct impact on downstream processing cost. Not all systems provide these capabilities – and not all provide provide visibility into the status of data being preserved to ensure that legal teams can monitor what actions have been performed by the system and can attest to those capabilities.
It is in this regard – attestation to the actions taken by automated systems – that firms should sharpen due diligence efforts in selecting tools to automate preservation processes. If opposing council sees that you have an airtight, auditable, and intelligent technology to manage your data preservation they are likely to focus their efforts elsewhere. Ultimately, FRCPguidance on what constitutes reasonable efforts will be further clarified over time with case law. Judges will provide the details in highlighting what an organization did or did not do to make reasonable efforts to preserve relevant data. However, providing training to custodians, documenting processes, and automating key preservation tasks – with human oversight – will put you on the right course to meeting the new ‘reasonableness’ test.
Intelligent Technology And Human Oversight Save Time And Money
Organizations must prepare for the new FRCP standards and implement stringent eDiscovery technology and policies that include regular system tests and audits that confirm solutions function properly. A viable solution notifies the correct people, utilizes automated technology and is supplements intelligent technology with human oversight. This prevents the opposing council from targeting data preservation practices as a way to win their case.
The FRCP’s guidelines describing reasonable efforts will be more clearly defined this year. Judges will give more information describing what an organization successfully developed or failed to do to create reasonable efforts to archive data. Training individuals, documenting procedures, automating key preservation tasks and adding human oversight will provide organizations a forward-looking eDiscovery strategy that ultimately saves time and money.
Robert Cruz is Senior Director of Information Governance at Actiance. He provides subject matter expertise in the areas of eDisovery, regulatory compliance, and information governance via blog posts, white papers, client workshops, and presentations at industry conferences. He brings 20+ years of Silicon Valley-based experience, including previous assignments at Proofpoint, Inc., Electronic Evidence Discovery, Inc., FileNet/IBM, and BroadVision, Inc. He holds an MBA degree from the Stanford University Graduate School of Business.
The views, opinions and positions expressed within this guest post are those of the authors alone and do not represent those of CBS Small Business Pulse or the CBS Corporation. The accuracy, completeness and validity of any statements made within this article are verified solely by the authors.