The National Attorneys General Training & Research Institute
Electronic Discovery Bulletin March 2017
The following is a compendium of articles and case law that may be of interest to our AG offices that are dealing with electronic discovery issues. Neither the National Association of Attorneys General nor the National Attorneys General Training & Research Institute expresses a view neither as to the accuracy of the articles nor as to the position expounded by the authors of the hyperlinked articles.
The Risks of Legacy Email Archives
If your office has a legacy email archive – one that was designed in the early 2000s – there are some security and legal risks your office should recognize, according to an eDiscovery blog by Bill Tolson of Archive360. As to the security concerns, Tolson notes the concern that “fixes” for known vulnerabilities in aging and end-of-life products are often never introduced. As to the legal risks, Tolson points out that legacy email archives can potentially contain years of old email, suggesting some questions you should be asking:
- What is your office policy for retaining email for former employees? Large amounts of their emails could accumulate in the email archive unnecessarily.
- How much archive email is on legal hold? Have the cases been completed and the legal hold released? Make sure you are not keeping email on legal hold longer than is necessary.
Tolson summarizes by advising us to keep a close eye on email retention and dispose of email that does not need to be retained, while protecting email that must be preserved.
Key Questions for Early Case Assessment
Early case assessment is the process of attempting to quickly obtain the key information to guide case strategy, according to eDiscovery provider Exterro. Some of the key factors to determine are:
- the key issues in the case;
- the keywords and search terms relevant to those issues;
- the amount of potentially relevant data;
- the potential eDiscovery costs related to the case;
- the overall legal liability; and
- the key documents that must be accounted for.
Recap of Panel Discussion: Mobile Data Extraction
Last month eDiscovery provider Kroll Discovery sponsored a panel discussion at LegalTech on extracting the data contained on mobile devices. Panelists were Michael Burg, corporate counsel for DISH Network; Clifford Nichols, senior counsel for Day Pitney; Rich Robinson, eDiscovery and information manager at JCPenney; and Jason Bergerson, director of consulting services at Kroll. The panel focused on the following topics: 1) how mobile phones and applications differ across device types; 2) how to get access to mobile device data; 3) how to collect and extract the data; and 4) how to develop findings from the reporting and information obtained. The panelists’ comments and advice are memorialized in this article, Mobile Data Extraction 101: How to Deal With Complex Mobile Data Structuring, which can be accessed at http://www.law.com/sites/almstaff/2017/02/02/mobile-data-extraction-101-how-to-deal-with-complex-mobile-data-structuring/.
If a third party’s documents are subpoenaed, who pays?
If a third party receives a subpoena for documents in a federal case, it is likely the third party is responsible for the cost of complying with the subpoena, as eDiscovery provider Percipient points out. In federal court, the presumption is that the responding party must bear the expense of complying with discovery requests unless the expense is “significant.” Further, responding parties are not obligated to produce ESI that is not reasonably accessible. Rule 45(d) states that:
“[t]he person responding need not provide discovery of electronically stored information from sources that the person identifies as not reasonably accessible because of undue burden or cost…the court may nonetheless order discovery from such sources if the requesting party shows good cause…”
If the subpoena is issued in a state court, a state statute or court rule may shift the costs of subpoena compliance to the requesting party. As an example, New York Civil Practice Law and Rules sections 3111 and 3122(d) state that [t]he reasonable production expense of a non-party witness shall be defrayed by the party seeking discovery.” However, as Percipient points out, it may not always be clear what is considered to be a reimbursable cost. Thus, unless the subpoena is issued in a state with a cost shifting statute or rule, it may be wise to assume the recipient must bear some or all of the cost to comply.
Case Law: FRCP 34 and Call Log Data
In Mora v. Zeta Interactive Corp., no. 15-00198 (E.D. Cal. Feb. 10, 2017), the plaintiff filed a class action lawsuit against Zeta Interactive Corp. (“Zeta”) for violations of the Telephone Consumer Protection Act (TCPA). Specifically, plaintiff alleged that Zeta made unsolicited calls to him and other class members who had no prior contact with Zeta, had never given their phone number to Zeta and never consented to phone calls from Zeta. During discovery plaintiff sought ESI identifying all phone call recipients who were called by Zeta using dialing equipment, as well as the total number of such calls made during a proscribed time period. Zeta objected, citing overbreadth, undue burden and relevance. The court ordered that the call log information had to be produced, but the parties continued to argue over its method of production. Zeta argued that the call data was stored in proprietary source code and, in order to produce a call list, it would have to access the source code and run commands or scripts to create the list. Zeta offered to permit plaintiff to hire an expert to view the source code and data in a secure location on a secure laptop, but plaintiff found no need to view source code. In accordance with FRCP 34, the court noted that while a responding party is not required to create documents responsive to a request, it must produce, or permit inspection of, ESI that is reasonably accessible. The court found that Zeta did not show that the plaintiff would have to view source code to see the call logs, and ordered Zeta to run the commands itself and produce a log for the plaintiff; if they could not do so, they could request an evidentiary hearing.
Case Law: ESI on File Share Site and Privilege
In Harleysville Insurance Co. v. Holding Funeral Home, Inc., no. 1:15-cv-00057 (W.D. Va. Feb. 9, 2017), plaintiff insurance company sued defendant funeral home seeking a declaratory judgment that it did not owe defendant for their fire loss claim. During discovery, “in an effort to share information electronically,” a senior investigator for plaintiff uploaded video surveillance footage of the fire loss scene onto an Internet-based electronic file sharing service operated by Box, Inc. (the “Box Site”) and then sent an email with a hyperlink to the Box Site so that the National Insurance Crime Bureau (NICB) could access the video. Although the transmittal email contained a notice that the information was privileged and confidential, the information on the box site was not password protected, and plaintiff conceded that anyone could access the site. Months later the investigator uploaded plaintiff’s entire claims file and their investigation file to the site to be accessed by plaintiff’s counsel using the same hyperlink given to the NICB. However, in response to a subpoena, the NICB produced the email containing the link, thus giving defense counsel access to the Box Site and the claims files. Defense counsel accessed the Box Site and reviewed and downloaded the entire claims file, but did not notify plaintiff’s counsel of the potential production of privileged information. When the files were produced in discovery from the defendant, plaintiff moved to disqualify defense counsel, arguing counsel’s access to the claims file was improper, unauthorized access to privileged information. Defense counsel argued that plaintiff had waived privilege by placing the data on the Box Site where anyone could access it. The court considered the reasonableness of the precautions to prevent inadvertent disclosures, the time taken to rectify the error and the extent of the disclosure, determining that the attorney-client privilege and work-product privilege were waived. The court went so far as to characterize plaintiff’s placement of data on the Box Site without a password as equivalent to “leaving its claims file on a bench in the public square and telling its counsel where to find it.” However, although the court found that disqualification was unwarranted, it ordered defense counsel to bear the cost of the parties in obtaining the court’s ruling on the matter for failure to notify plaintiff’s counsel of the disclosure of potentially privileged information.
Hedda Litwin is the Editor of E-Discovery Bulletin and may be reached at 202-326-6022. The E-Discovery Bulletin is a publication of the National Association of Attorneys General. Any use and/or copies of this newsletter in whole or part must include the customary bibliographic citation. NAAG retains copyright and all other intellectual property rights in the material presented in this publication. For content submissions or to contact the editor directly, please e-mail email@example.com.