In our last article, we discussed the concept of “litigation readiness” and the benefits of implementing a records-management policy. When a company faces a lawsuit, it must navigate the universe of potentially relevant data. It must identify, preserve and collect relevant electronically stored information (ESI) on its computer system using forensically sound procedures capable of being validated, verified and repeated. The identification and preservation strategies discussed below are designed to protect companies from claims of spoliation and to enable the proper authentication of documents.
Communication between outside counsel and the client is crucial in determining the categories of documents that need to be preserved. In order to facilitate this process, it is helpful if an organization has a data map or server topology (a visual representation of a company’s network systems). Understanding the organization’s network, infrastructure and document-retention policies is an integral part of properly identifying and preserving relevant documents. All counsel involved in the litigation should learn, with assistance from the organization’s IT department, the types of hardware, software, data processing and data-storage devices the company uses. This includes knowledge of the company’s network operating systems, workstations, applications, email servers, off-site archives and policies governing ESI for former employees. The most common sources of data within an organization include email servers, file or document servers, workstations, peripheral devices, personal and business cell phones, websites and social media sites.
Equipped with this institutional knowledge, outside counsel and the client should designate a point person responsible for overseeing the preservation and collection process. In-house counsel may be best suited for this role. The point person, working with outside counsel, should then create a list of custodians who may possess relevant documents and interview them to learn more about their document-storage practices.
The first step in preserving ESI is to implement a litigation hold. As soon as a company has notice that there is a duty to preserve material, it should implement a formal litigation hold by notifying the appropriate personnel within the client’s organization that documents and ESI must be retained. This is typically done by distributing an internal memorandum that outlines the steps that need to be taken to identify and preserve relevant information. There are also a number of legal hold software products on the market that integrate with most email and document-management systems to automate this process.
Outside counsel and in-house counsel should determine at the outset whether any issues might prevent the proper preservation of relevant ESI. Counsel should be mindful of recently implemented policies, network upgrades and system changes that affect older data. Retired computer systems (also called legacy systems) may cause problems because data upgrades or migrations can affect data integrity. Moreover, preservation issues often arise with network backup systems because they are not designed for retrieval in connection with litigation. Because these hiccups can make data retrieval costly and time consuming, it is best to know about them as early as possible.
The second step in preserving ESI is to physically sequester or safeguard data from destruction. In-house counsel should communicate to their IT personnel that backup tape rotation, auto-deletion and overwriting of ESI must be halted with respect to data potentially relevant to the litigation. When paper documents are involved, records-management personnel also should be notified to suspend their document-disposal procedures. Even after the litigation hold is in place, counsel should monitor compliance by periodically sending out reminder notices.
It is critical at the preservation stage of a litigation to identify limiting parameters that will reduce the volume of potential ESI. Data may only need to be preserved for certain key custodians. Counsel may want to limit preservation to a specific date range, target only specific types of data, or focus on specific locations or subject matters. Ideally, the goal is to preserve only the ESI that a company may need for a particular matter.
Finally, and as a precaution, the point person should document the company’s identification and preservation efforts.
Fortunately, full forensic acquisition of a company’s email, file servers and workstations is rarely warranted. Good communication between in-house and outside counsel, and knowledge of an organization’s infrastructure, can be used effectively to limit the scope of discovery at the Federal Rule of Civil Procedure 26(f) “meet and confer” and will help to reduce discovery costs. Using some of the strategies outlined here, counsel should strive to reach consensus on these issues with opposing counsel. Any agreement should be reduced to writing to avoid having to revisit these issues and engage in motion practice with adversaries over the preservation of ESI. Once this process is finished, the collection process can begin.