The Proposed Federal E-Discovery Rules:
By ANITA RAMASASTRY
|Wednesday, Sep. 15, 2004|
In recent lawsuits, the proverbial smoking gun may not be an interoffice memorandum found in a locked file cabinet. Instead, it may be an e-mail message stored and forgotten on someone's hard drive
This reality has significantly altered discovery - the process by which parties to a litigation request documents from each other; produce documents to each other; and serve and answer each other's interrogatories and requests for admission.
Accordingly, on August 15, the federal judiciary disseminated a proposed set of rules to govern "e-discovery" - that is, the exchange of electronic information in litigation proceedings.
At present, at least four federal district courts have adopted local rules to address e-discovery. Two states have also court rules that specifically address e-discovery. The proposed federal amendments would be the first attempt to create a coherent set of rules for the entire federal judiciary.
The proposal, if adopted, would amend the Federal Rules of Civil Procedure (FRCP), which govern all federal civil litigation -- and would take effect by December 1, 2006. Currently, we are within the six-month period during which comments on the rules can be made to the Advisory Committee on Federal Rules.
In this column, I will comment on the strengths and weaknesses of the draft e-discovery rules. The new rules correctly advise discussion of e-discovery at parties' initial conference - and laudably would set rules for when privileged e-material is inadvertently disclosed.
But the rules' proposals as to when sanctions can be imposed for deletion of electronic information, and as to how hard companies must look for backup data and the idea, leave something to be desired. Both employ vague reasonableness standards that are open to interpretation.
E-Discovery: How the FRCP Currently Address It, and Why It's Different
Electronic data and records are certainly not new - nor is e-discovery. In 1970, the FRCP's definition of "documents" was amended to include "data compilations from which information can be obtained." And in 1993, a new Rule - Rule 26(a)(1)(B) - required that parties initial disclosures to each other encompass not only relevant documents and "tangible things," but also relevant "data compilations."
Still, the FRCP do not entirely account for the important differences between regular discovery, and discover of electronic data. For one thing, electronic data may be harder to review - requiring the examination of volumes of data and records contained on hard drives, servers, back-up tapes, and other data storage devices. In part, that's because it may be more voluminous: With electronic storage, we now have an exponentially greater amount of data that can be stored and hence retrieved.
For another thing, the lifespan of electronic data differs in important ways from that of paper data. On one hand, computer data can be destroyed or lost due to problems with hardware and software - or intentionally deleted. If there are no paper backups, the data may be lost forever. On the other hand, though, electronic data can have a longer lifespan, in a sense: Electronic documents often continue to exist (either as backups or originals) despite an author's intention to destroy them.
The content of e-documents also tends to differ: They can be more revealing than paper documents, in two ways.
First, they are often automatically saved and encoded with "metadata" - which states when they were created, modified, and accessed, and potentially, by whom they were accessed. Thus, those who create, access, or modify such a document may leave a more specific trail than they realize.
Second, because of their informality, e-documents such as e-mails may contain more off-the-cuff, candid remarks - the kind of remarks that, due to their candor, may be the "smoking gun."
Calling for Early Attention to Electronic Discovery Is a Good Idea
Under the proposed new rules, at their initial conference, parties would be required to discuss "any issues relating to disclosure or discovery of electronically stored information." The commentary notes that the parties should balance the need to preserve electronic information, against the parties' needs to continue the ordinary operations of computer systems.
The ABA's E-Discovery Task Force has suggested, in particular, what parties ought to discuss. The Task Force reminds lawyers to consider databases, networks, computer systems, servers, archives, backup or disaster recovery systems, laptops, personal digital assistants, mobile phones and pagers as possible e-discovery sources.
In addition, it notes that lawyers may want to discuss - among other things - the subject matter of the e-discovery, the time necessary to produce it, whether the data exists in a "searchable form," whether the data will be produced in electronic form or hard copy, relevant data retention policies and the allocation of costs.
Inadvertent Disclosure of E-Discovery: The New Rules' Sensible Procedure
Inadvertent disclosure has always been a problem in discovery: What if attorney-client privileged information or attorney work product, for instance, is inadvertently sent to the other side? A privileged memo from an attorney can easily be missed among a pile of other, non-privileged memos.
Electronic discovery may raise the risk of inadvertent disclosure - for the information stored can be voluminous, and hard to review. Accordingly, the proposed rules state that if a party notifies his opponent of inadvertent disclosure "within a reasonable time," the opponent must "promptly return, sequester, or destroy the specified information and any copies." (As it is, parties sometimes enter into agreements that allow for essentially the same procedure -- known as "quick peek" and "claw back" agreements.)
Beyond this, current rules would not change when e-discovery is at issue: Ethics rules would continue to require an attorney to stop reading if he realizes he is reading an inadvertently produced document. The producing party would still have to prepare a privilege log - matching document numbers with claimed privileges - so assertions of privilege could be challenged in court. Finally, issues of privilege waiver - that is, whether a party can no longer claim privilege on a given e-document due to its own conduct - would still be left to the court.
The Recurring Issue of E-Mail Deletion: The New Rules Are Right to Address It
The proposed new rules would also take on the recurring issue of e-mail deletion - and resulting sanctions. As recently as this year, several cases raising this issue have cropped up - as I discuss below. It is certainly time to confront the issue head on.
Currently, a number of questions remained unanswered by the FRCP, including these: For how long do companies have to retain electronic data? What duty do they have to retrieve and provide such data when they are sued? Do they have to keep backups forever?
To some extent, court discovery orders have filled the gap in the rules. And e-mail deletions that have violated those orders have led to sanctions. In July 2004, for instance, a federal district court in New York City ordered such sanctions against a company in an employment discrimination dispute, Zubulake v. USB Warburg.
Judge Shira Scheindlin's sanctions for employees' deletions of e-mails pertinent to discovery requests included the sanction of an "adverse inference." (That is, the judge allowed the judge to infer that the deleted emails would have been adverse to the company's position in the litigation.) The judge made clear that she thought the company ought to have warned employees not to delete relevant email from the start of the litigation - and when the email deletions were revealed, she ordered that the company immediately inform all employees not to delete anything further.
Only one day after the Zubulake decision was released, the U.S. District Court for the District of Columbia issued similar sanctions. U.S. District Judge Gladys Kessler noted that tobacco giant Philip Morris had failed to retain e-mail messages despite an October 1999 court order, and the company's own electronic discovery retention policy.
Worse, this failure was not the fault of new or low-level employees: To the contrary Judge Kessler found it "astounding that employees at the highest corporate level in Philip Morris, with significant responsibilities pertaining to issues in this lawsuit" were among those who failed to follow the order and the internal policy.
Judge Kessler ordered Philip Morris and its parent company to pay $2.75 million for e-discovery violations. In addition, she precluded several witnesses from testifying at trial.
The Controversial Safe Harbor the Rules Would Create for Routine Deletions
In light of cases like these, companies have complained that deletions, at times, may not be intentional - but rather, automatic. To respond to this complaint, the proposed new e-discovery rules would create a "safe harbor" for certain types of deletions, ensuring they could not be sanctioned. (This "safe harbor" would not apply, however, when a specific court order requiring preservation is in place.)
Two conditions would have to be satisfied for the safe harbor to apply. First, the electronic information must have been lost or destroyed as a result of the routine operation of the party's computer system--such as information lost when back-up tapes are recycled, or deleted information is automatically overwritten.
Second, the party must have taken reasonable steps to preserve the information after it knew the information to be relevant. (In addition, the report notes that in assessing the reasonableness of the steps taken by the party, the court should bear in mind what the party "knew or reasonably should have known when it took steps to preserve electronically sated information.")
Is the Safe Harbor's "Reasonableness" Standard the Correct One?
Is the safe harbor's "reasonableness" standard the correct one? Or should sanctions require intentional or willful conduct? The Committee is asking for feedback on this very issue.
In my view, the negligence standard is far preferable. If the level of culpability is raised to intentional or willful conduct, parties may be incentivized to have lax standards for preservation of electronic records. After all, the more quickly and completely automatic deletion works at a given company, the less the risk of intentional, willful deletion by a person would even be raised.
With the negligence standard, however, some vagueness does remain: What is "reasonable" when it comes to preserving electronic information?
One suggestion made to the committee, in particular, is a smart one: If a party took reasonable steps to notify the custodian of electronic information at the company of the need to preserve certain information, it should be deemed to have made out a prima facie - that is, an initial, though rebuttable - case that it fits within the safe harbor.
The Committee should also be open to a different approach: Setting a "safe harbor" here that stipulates for how many years - and with what kind of safeguards -- companies must preserve data in order to take advantage of the reasonableness standard. Clear limits and rules would be helpful here; reasonableness is not enough.
Without clearer rules, a "reasonableness" standard may end up punishing the innocent - companies whose good faith e-preservation methods weren't up-to-the-the-minute. It may also end up letting the guilty free - if companies' quick deletion systems are deemed acceptable (because common), even though they leave plaintiffs with scant discovery to review.
Must Hard-To-Access Data Be Produced? The Rules Ask For "Reasonableness"
A final major question addressed by the proposed rules is this one: How should the FRCP deal with discovery of e-data that is not readily accessible? For instance, must companies search "legacy data" that is currently unused and stored on an obsolete system, or inactive data stored for disaster recovery purposes?
Again, the rules take refuge in "reasonableness" - at the expense of clarity. Among the proposed amendments is one that would relieve a party from the obligation to retrieve and produce e-discovery that is "not reasonably accessible." The court could require disclosure of such information only for good cause and on specified terms and conditions.
A typical example of hard-to-get information would be information wiped from a computer hard drive on an employee's termination. The data can be recovered, but it takes time and money. Still, in an employment case that directly raises the reasons for the employee's being fired or quitting, the data may be central to the plaintiff's case.
Without more guidance - including concrete examples in the Commentary -- as to what "reasonably accessible" means, this rule should not be adopted. It threatens to give companies too much of an "easy out" - an excuse not to offer the plaintiff all relevant records.
In sum, the proposed new e-discovery rules show that we are still adjusting to the realities of such discovery. We should resist the urge to simply pass the ball to courts, with reasonableness standards that have little content until a judge applies them, and offer litigants more specifics as to what, practically speaking, they must, and must not, do.