Cost-Benefit Analysis Adopted by the New York Supreme Court for Determining When a Nonparty Must Undertake the Burden and Expense of Recovering Deleted ESI

Posted on September 27, 2011 by Catherine Hamilton

The production of electronically stored information (“ESI”) that has been deleted is potentially very expensive and time consuming. Often outside computer forensics experts are required to assist with the recovery of the deleted data and the routine business of the party is disrupted while resources are allocated to the recovery process. These are now commonplace burdens of parties involved in litigation. Whether these burdens should be placed on a nonparty with relevant ESI was recently addressed by the Appellate Division of the New York Supreme Court. In Tener, M.D. v. Cremer, M.D., et al., 2011 NY Slip Op. 06543, 2011 N.Y. App. Div. LEXIS 6421 (N.Y. App. Div. Sept. 22, 2011), the court, acknowledging that it was charting new territory, addressed for the first time “the obligation of a nonparty to produce electronically stored information (ESI) deleted through normal business operations.” Id. at 2. 

The nonparty was New York University and the computer at issue was located at Bellevue Medical Center. The plaintiff, a doctor, claimed that someone using the NYU computer posted a comment about her on a website known as Vitals.com. The plaintiff served a subpoena on NYU seeking the identity of all persons who had accessed the internet via the subject IP address on the date that the comment was posted. Id.  NYU did not produce any information in response to the subpoena and the plaintiff moved for contempt. NYU claimed that the “computers that simply access the web through NYU’s portal appear as a text file listing that is automatically written over every 30 days.” Id. According to NYU, it lacked the “technological capability or software, if such exists, to retrieve a text file created more than a year ago and written over at least 12 times.” Id. In response, the plaintiff submitted the affidavit of a computer forensics expert who opined that software with the capability to retrieve the deleted data did exist. 

The lower court denied the plaintiff’s contempt motion. It held that NYU did not have the capability to retrieve the deleted data and incorrectly concluded that “this allegation is unrefuted as a reply affidavit contradicting such allegation has not been supplied.” Id. at 3.

On appeal, the Appellate Division reasoned that “ESI is difficult to destroy permanently.” Id. at 4. Rather, “[d]eletion usually only makes the data more difficult to access.” Id. Thus, the “discovery rules contemplate data recovery.” Id. For instance, guidelines developed by the Commercial Division for Supreme Court, Nassau County (the “Guidelines”) “suggest that the parties be prepared to discuss ‘the need for certified forensic specialists and/or experts to assist with the search for and production of ESI.” Id. The Guidelines further explain that “ESI is not to be deemed inaccessible based solely on its source or type of storage media.”  Id. Rather, “[i]naccessibility is based on the burden and expense of recovering and producing the ESI and the relative need for the data.” Id. Thus, the Guidelines advocate a cost-benefit analysis when discovery of deleted ESI is sought.

Adopting the Guidelines’ cost-benefit analysis, the Appellate Division highlighted their similarity to the Federal Rules. Pursuant to Fed. R. Civ. P. 45(d)(1)(D), a nonparty “need not provide discovery of electronically stored information from sources that the person identifies as not reasonably accessible because of undue burden or cost.”   However, the Federal Rules give the federal courts the power to order the production of such information upon a showing of good cause and subject to the limitations of Rule 26(b)(2)(C), which considers, among other things, the burden and expense of production in relation to its likely benefit. Id. at 5.

The Appellate Division further reasoned that exempting inaccessible data from discovery “might encourage quick deletion as a matter of corporate policy, well before the spectre of litigation is on the horizon and the duty to preserve it attaches.” Id. A cost-benefit analysis eliminates the incentive to permanently delete information as a matter of course to protect it from production. Additionally, a cost-benefit analysis gives “the court the flexibility to determine literally whether the discovery is worth the cost and effort of retrieval.” Id. at 6.

The Appellate Division concluded that the plaintiff had demonstrated “good cause” for production of the deleted ESI, which had the potential to identify the person who posted the comment and potentially defamed the plaintiff. Given the showing of “good cause”, the court concluded that a cost-benefit analysis must be undertaken to determine whether the retrieval of the information was warranted. It therefore remanded the case to the lower court because the record did not provide enough information for a proper analysis. Id.

On remand, the Supreme Court was instructed to hold a hearing to determine “(1) whether the identifying information was written over, as NYU maintains, or whether it is somewhere else, such as in unallocated space as a text file; (2) whether the retrieval software plaintiff suggested can actually obtain the data; (3) whether the data will identify the actual person who used the internet on April 12, 2009 via the IP address plaintiff identified; (4) which of those persons accessed Vitals.com and (5) a budget for the cost of the data retrieval, including line item(s) correlating the cost to NYU for the disruption.” Id. The Appellate Division further instructed that the cost-benefit analysis should take into account the fact that NYU is a nonparty. Finally, in the event the Supreme Court determines that the benefits of production outweigh its costs, the court held that the plaintiff should bear the costs.

This decision is noteworthy because it clearly defines the analysis the New York state courts must undertake when determining whether a nonparty is required to expend the time and resources to recover ESI that has been deleted. Upon a showing of good cause, a court will analyze the costs of recovering the information against the need for the deleted information.  The fact that a nonparty is the entity in possession of the deleted data and the one burdened with recovering the data is a factor to be considered by the court.

Under this decision, nonparties served with subpoenas for deleted ESI may not rely on the fact that the data has been deleted in the course of its normal business as a means for avoiding the costs of complying with the subpoena. Instead, the nonparty should undertake an active investigation into whether the data can be retrieved, the difficulty of such retrieval and the concomitant costs.

 

Tags: , , , , , , ,

Ensuring Discovery Compliance: Sanctions Relating to Past, Present, and Future Adverse Parties

Posted on September 22, 2011 by F Brenden Coller

Monetary sanctions, attorneys fees, and adverse inference jury instructions are the more common type of sanctions imposed on litigants for the spoliation of evidence, or not producing relevant documents. Recently, however, a court has increased the severity and impact of sanctions by applying them not only to current litigation, but also to a party’s future litigation, with the effects lingering for years to come.

The Underlying Suit

“Any competent electronic discovery effort would have located this email.” These words were written in an opinion by a United States District Judge in the Eastern District of Texas, filed on March 1, 2011, in Green v. Blitz U.S.A., Inc., No. 2:07-CV-372, 2011 U.S. Dist. LEXIS 20353 (E.D. Tex., Mar. 1, 2011)

Green involved a product liability suit in which the requirement of a flame arrester was in dispute. The jury returned a defense verdict, and the plaintiff collected a low settlement amount as part of a high-low settlement agreement. During discovery in a subsequent case with the same defendant and plaintiff’s counsel, counsel learned of documents that were not produced in Green. The plaintiff then filed a motion for sanctions against the defendant in Green and a motion to re-open the Green case. While the court denied the motion to re-open because the statute of limitations had expired, the court did impose sanctions for the discovery abuse.

The Defendant’s Failure to Conduct Adequate Discovery in Green

After 2004, the defendant had just one employee, Mr. Chrisco, who was responsible for searching for, and collecting, documents relevant to the litigation. Mr. Chrisco would meet with the defendant’s national counsel, go through the claims, and develop an understanding of what he would be searching for. He would then go to various departments, explain what he was looking for, and ask the departments to look for, and collect, documents. As the litigation was about flame arresters, any documents pertaining to that subject were relevant.

This is where Mr. Chrisco’s preservation and collection efforts ended and where his employer’s e-discovery troubles began. The defendant did not “institute a litigation-hold of documents, do any electronic word searches for emails, or talk with the IT department regarding how to search for electronic documents.” As a result an email entitled “FW: Flame Arrester,” of which Mr. Chrisco was a recipient, was never produced. Not disclosing this email showed “the gravity of [the defendant’s] discovery violations for failing to produce relevant documents.”

The court found it even “more shocking” that this email could have been discovered by a simple word search for the “obvious term,” flame arrester. Even worse was that the individual tasked with the defendant’s e-discovery efforts, Mr. Chrisco, admitted to being “about as computer . . . illiterate as they get.” The court concluded that one did not have to look any further than not searching for the phrase, “flame arrester,” to determine that the defendant did not make a reasonable effort to produce relevant documents.

The court also found that the defendant did not properly preserve documents. Instead of issuing a litigation hold, the defendant asked employees to delete electronic documents at least ten times during the two year period that the defendant was in litigation. Moreover, the defendant rotated its backup tapes every two weeks, causing any deleted emails to be permanently deleted.

Imposition of Sanctions

The court imposed three sets of sanctions against the defendant, each seemingly more severe than the previous. First, the court fined the defendant $250,000 to be paid to the plaintiff, the amount by which the court estimated the plaintiff was damaged by not seeing the documents during settlement discussions. Second, the court sanctioned the defendant an additional $500,000, which was to be tolled for thirty days. The court agreed to lift this fine if, in those thirty days, the defendant was able to prove that it issued a copy of the court’s memorandum and opinion to any plaintiff in each lawsuit in which it was involved for the past two years, or in which it is currently involved. Third, the court ordered the defendant to file a copy of the court’s memorandum and order with its “first pleading or filing” in any case in which the defendant was involved, “whether plaintiff, defendant, or in another official capacity,” for the next five years.

No litigant would want an e-discovery violation to be a recurring nightmare, as it was for the defendant in Green. The following are some ways that a party may fulfill its e-discovery obligations and avoid the result in Green.

Put the Right Employees in Charge. Strategically choose the individual or individuals that are in charge of collection efforts in house (for example, do not choose an individual who is not familiar with the company’s technology).

Take Advantage of Counsel’s Expertise. Engage in communications with counsel who has experience and expertise in e-discovery issues. This will ensure that obligations at each stage of the process are complied with and can be defended later.

Issue Litigation Holds. Make sure that a plan is developed to identify triggering events that would give rise to the obligation to issue a litigation hold to your employees and ensure that the litigation holds are promptly issued and include a specific instruction not to delete documents.

The court’s sanctions are becoming increasingly harsh. The sanctions in Green had the same effect as publishing the defendant’s e-discovery violations in a newspaper. The above guidelines can help you avoid becoming the next headline.
 

Tags: , , , , ,

When an Employee Tweets

Posted on September 7, 2011 by David J. Walton

 Another day. Another TWITTER event. This time it involves the National Football League. Last week, star running back Arian Foster sent a copy of a MRI image showing his severely injured hamstring to all of his followers by TWITTER. His “tweet” included an explanation of where his hamstring was specifically damaged.  

The problem is that NFL teams fight hard to keep this type of information private. Foster is one of the top running backs in the league and his availability for the first week of the season, which starts next weekend, was in question. NFL teams often guard this information zealously. They do not want the opposition to find out how injured their players are. Even if a player is not going to play, NFL teams want their opponents to have to prepare as if Foster or another star player would be available.

There is also the gambling angle. The league administration has strong and very specific rules about the disclosure of injury information. Teams must be accurate in the disclosure of their information so that other teams aren’t prejudiced. This, of course, is used by the gambling industry to make sure that the betting lines are accurate. One can only image how quickly the betting line moved before the Houston Texas operator after Foster sent his MRI to the world. Once can also imagine that his MRI was viewed by the team physicians for the other 31 other teams in the league, including the Texans first opponent, just to determine the likelihood that Foster was going to be able to play. On the way to work this morning I was listening to sport talk radio show, were one of the commentators,  an ex-NFL player said that Foster’s MRI showed his opposition exactly where they needed to hit him to do the most damage. 

On the same show, they interviewed Brian Kelly, the head coach of the Notre Dame Fighting Irish football team, about his players’ use of TWITTER. During his interview, he made a great point. He said that TWITTER and Facebook and other forms of social media are here to stay. You cannot tell players, even college ones, that they can’t use it. So, instead, he teaches them how to manage it. 

Employers should use the same approach. Don’t try to prohibit outright use of TWITTER by your employees. Social media is here to stay. I recently read an article that predicted  that -- in three to five years -- e-mail accounts run by social media sites will be used for 80% of the business e-mail in the world. This is stunning. One can only imagine the implications.

Social media isn’t going any where and TWITTER, much to the chagrin of many, isn’t going anywhere either. Employers should assume that their employees will use TWITTER an outright prohibition on TWITTER and social media is doomed to fail.

Players must also adopt a specific policy. This policy must specifically identify the company that should not be disclosed by employees by either via TWITTER or other forms of social media. The policy is important because it gives fair notice to employees that their conduct may result in termination. 

If you ever tried a case in front of a jury, you quickly realize the jurors are not interested in applying the technicalities of the law. Juries are interested in fairness. After they issue a verdict and they walk out of the courtroom, they want to feel like they spent their time dispensing justice, not legal technicalities. 

This is why a policy is so important. It is inherently fair to fire an employee for using TWITTER after they have been advised in writing that doing so could result in their termination. Fair notice is an essential element of the fairness that juries look for when they are deciding cases. This is why a policy is so important. 

Like Coach Kelly, employers should train their employees on the right way to use TWITTER and other forms of social media. Just like with email, employees must assume that every “tweet” will end up on the front page of The New York Times. As everyone knows, “tweets” are potentially discoverable. “Tweets” could be saved for several months or even longer on Blackberries, iPhones and iPads. During this training, employees must also be told that they need to avoid the impulse to TWITTER right away about a work event. You can’t take a tweet back; there is no “pullback” button. Once a tweets is on the internet, its there forever. Employees should be encouraged to be very judicious in their work-related “tweets”, to the extent they are even authorized to do them. And before pushing the send button, employees should to think about the way a potential “tweet” could be used against them or use of other competition.

To protect their confidential information, employers should also monitor the use of TWITTER and other forms of social media. To protect confidential information in the courts, employers must prove that they took reasonable efforts to protect the secrecy of that information. For certain types of employers who know that their employees essentially engage in social  media and are authorized to do it for some business purposes, these employers should actively monitor the internet to make sure that their confidential information and trade secrets are not being disclosed by their employees to the rest of the world.

In the same vein, employers must be very careful to limit access to the most secret information to a small group of employees. As Mark Zuckerberg, Facebook’s founder and CEO stated, privacy in the world is essentially dead. Keeping this in mind, employers should work their IT departments to make sure that their most confidential information is protected by limiting internal and external access; by setting up the data so that it cannot be transferred, copied, and/or printed; and by using software that easily tracks who accesses the document, when and what has been done with it.

So, once again, though the world of TWITTER can provide valuable insight for employers. The NFL literally spends millions of dollars trying to protect information regarding players injuries. Players are often told not even to tell their family about their injuries because teams will fear that this information will be divulged. Now, because of an iPhone and TWITTER, the world can see a very clear picture of Arian Foster’s MRI showing a significant injury to his hamstring.  And there is no way for him to pull it back. This is the kind of story that keeps most employers up at night, and it’s an important lesson for us all.

Tags: , , , , , , , , , , , , ,