As you know by now, the Federal Rules of Civil Procedure (FRCP) have finally been amended, with the new Section 37(e) providing greater clarity as to what “reasonable” efforts look like, and what additional steps legal teams should take in preserving information. But, are these additional steps really necessary?
Since the amendments were implemented in December, many have burnt cycles dissecting the meaning behind a Section 37(e) word here, a clause there. For instance, the amended section reads that a court: “may order measures no greater than necessary” – (why not “must” order measures?)
“or, (2) only upon finding that the party acted with intent it may presume the lost information was unfavorable” – (why or and not and? Does this imply that acting with intent can lead to measures greater than necessary?)
Suffice to say, the revisions have created mixed signals that have led many to wait for further guidance from the courts before adjusting practices.
Well, the courts are beginning to chime in. The first case, CAT3, LLC v. Black Lineage Inc., involved the existence of two different versions of an email, which led to questions surrounding potential spoliation. In this case, the magistrate noted that the “inherent authority” of the court was sufficient to conclude that multiple versions of the email were intentionally created because of litigation—regardless of whether all conditions of the revised 37(e) were met. That fact alone was sufficient to order to the plaintiff to pay court and discovery costs.
On the flip side, courts have also begun to speak on the area of sanctions. In fact, in recent decisions of Nuvasive v. Madsen Med., Inc. and Securities and Exchange Commission v. CKB168 Holdings Ltd., the courts backed away from earlier granting of adverse inference rulings for failing to preserve ESI, the former case involving the disposal of text messages.
Unfortunately, these uncertainties occur while a more certain and irreversible trend is happening: Organizations are shifting corporate communications away from email. Employees are now more freely engaging customers, partners and each other over tools like Skype for Business, LinkedIn, Salesforce Chatter and many other channels that legal teams are likely completely unaware of. So, while general counsel need to continue to monitor how they meet new requirements for reasonable preservation, they should also be clear that these obligations will undeniably extend beyond email data to communication data from sources like social media and instant messaging. In fact, the increased presence of non-email content in eDiscovery is already upon us, as witnessed by several recent cases:
What Should Legal Teams Do Now?
So, given what we have learned of “reasonable” steps, what steps do organizations need to take to ensure they meet FRCP regulations? Organizations can the consider the following questions as they prepare for further clarity around 37(e):
Understand How Employees Communicate Today
Clearly, the days of email as the primary communication tool used by employees are numbered. Mapping custodians to the dynamic variety of ways they conduct business can be difficult – if attempting to figure out after the fact. Employee surveys and IT resources should be engaged to ensure that you have a complete and accurate picture of the tools, systems, and devices in use today – as well as visibility into new tools that are being evaluated for use down the road.
Document Methods Used to Collect Emerging Data Types
If data custodians are sanctioned to use non-email channels, such as social media, instant messenger and mobile content, to conduct business, then legal teams and their vendors should have a plan for how they collect and discover potentially relevant data before employees and custodians use those tools. With social media in particular, the challenge of proving authenticity of techniques, such as screen capping, are already causing legal team headaches.
Assess How and Where Data Is Preserved
The FRCP change should lead legal teams to ask themselves “What options are available beyond simply automating hold notifications to manage preservation risk?” Regardless of who carries the responsibility to preserve data (beyond the high-risk option of relying solely on the custodian), firms should place greater emphasis on how information is preserved. Examining the data storage capabilities of internal IT staff and outside service providers should be a priority activity to assess the security, accessibility, privacy and availability of data that requires preservation.
Examine How Preserved Data Is Transferred to Review Tools:
Moving data from preservation to review can be simple if using automated methods, such as standards-based transfer that supports the Electronic Discovery Reference Model, EDRM-XML protocol, and secure file transfer – or complex, time-consuming and risky if relying on manual methods.
Clearly, judges will continue to chime on what specific actions will satisfy the ‘reasonable’ standard. In the meantime, it would be useful for legal teams to touch base with IT staff and discovery vendors to better understand how they can help general counsel be better prepared to meet the new preservation obligations.