The duty to preserve potentially relevant evidence – documentary or electronic – arises when a lawsuit is reasonably anticipated.  Although this is a subjective standard,  Parlux Fragrances, LLC et al v. S. Carter Enterprises, LLC et al.  illustrates a recent decision where a court imposed  sanctions and an adverse inference because the defendants failed to preserve information after receipt of a letter warning of a potential litigation.

Factual Background:

On or about April 18, 2012, defendants S. Carter Enterprises (“Carter Enterprises”) and Shawn Carter (“Jay-Z”) (collectively, the “Defendants”) entered a license agreement (“License Agreement”) with Artistic Brands Development, LLC (“ABD”), granting ABD the exclusive right to license and trademark the likeness of Jay-Z for a fragrance line.  The parties also entered a sub-license agreement (“Sub-License Agreement”) with Parlux Fragrances, LLC (“Parlux”) and Perfumania Holdings, Inc. (“Perfumania”) (collectively, the “Plaintiffs”), allowing Parlux and Perfumania the exclusive right to promote and distribute Jay-Z branded fragrances, including the Gold Jay-Z fragrance.

From October 2013 to July 2015, Parlux contended that Carter Enterprises and Jay-Z continuously failed to meet their obligations pursuant to the Sub-License Agreement by: (i) refusing to make personal and/or public appearances in support of the Gold Jay-Z fragrance; and (ii) failing to assist in the development of additional fragrances for the Gold Jay-Z brand.  As a result, on July 31, 2015, Plaintiffs sent Defendants a letter (the “Breach Letter”) detailing Defendants’ breaches under the various agreements, urging Defendants’ compliance with their obligations and advising Defendants should be guided accordingly or Plaintiffs would take all necessary action, including legal action.  Defendants effectively ignored the Breach Letter.  Approximately 6 months later, on January 25, 2016, Plaintiffs commenced a lawsuit against Carter Enterprises and Jay-Z alleging various breaches.

As is relevant here, Plaintiffs had to file a motion for sanctions predicated upon Defendants destruction of Jay-Z’s emails months after receipt of the Breach Letter.  Specifically, Plaintiffs claimed Defendants were on notice of a potential litigation on July 31, 2015, when Plaintiffs sent the Breach Letter.  In response, Defendants claimed the emails were deleted pursuant to a documented deletion policy governing Jay-Z’s emails.  Defendants also argued the emails deleted were not relevant and no deletions occurred after the action was commenced on January 25, 2016.

Analysis:

To prevail on a motion for sanctions for failure to preserve evidence, the Court noted the moving party must establish that: (1) the party having control over the evidence possessed an obligation to preserve it at the time of its destruction, (2) the evidence was destroyed with a “culpable state of mind,” and (3) “the destroyed evidence was relevant to the party’s claim or defense such that the trier of fact could find that the evidence would support that claim or defense” (Pegasus Aviation I, Inc. v Varig Logistica S.A., 26 NY3d 543, 547 [2015], quoting VOOM HD Holdings LLC v EchoStar Satellite L.L.C., 93 AD3d 33, 45 [1st Dept 2012]).  The Court further observed that one’s duty to preserve potentially relevant information occurs “once a party reasonably anticipates litigation, [at which time] it must suspend its routine document retention/destruction policy and put in place a litigation hold” (VOOM, 93 AD3d at 41; quoting Zubulake v UBS Warburg LLC, 220 FRD 212 [SD NY 2003]).

Here, the Court concluded Defendants should have “reasonably anticipated litigation” when it received around July 31, 2015, the Breach Letter, which advised “Parlux intends to take whatever action it deems necessary and appropriate to recover all of the losses it has sustained as a consequence of [Carter Enterprises] and [Jay-Z’s] failure to comply with the terms of the License Agreement.”  According to the Court, Defendants’ failure to implement a litigation hold and the deletion of emails in January 2016 (days before the litigation was filed) “after they reasonably anticipated litigation and had an obligation to preserve evidence” was, at a minimum, grossly negligent.  And so, because Defendants failed to preserve relevant evidence when a litigation was reasonably anticipated, Plaintiffs’ motion for sanctions and to impose an adverse inference against the Defendants at trial was granted.

Conclusion:

This case is an important reminder that preserving evidence as soon as litigation is reasonably anticipated is critical. While the standard is a subjective one, a letter threatening legal action, as here, is sufficiently objective that litigation should have been anticipated, and one’s duty to preserve triggered.  Thus, litigants and potential litigants should consult with an attorney prior to destroying or disposing of any potential evidence.

*Thank you to first year associate, James Maguire in the Firm’s Uniondale office, for his research assistance related to today’s blog.

 

In today’s “e”-dense world, attorneys often look to leverage technology to facilitate production of electronically stored information (“ESI”) during the discovery process.  We do so in an effort to streamline the collection, review and production process whereby containing costs.  However, as recent decisions demonstrate, parties often disagree on what methodology to use and which analytic tools are best.  Livingston v City of Chicago, 16 CV 10156, 2020 WL 5253848 (N.D. Ill. Sept. 3, 2020) provides a good example of this precise issue.

The Livingston litigation involves allegations of discrimination by the City of Chicago (“City”) against female candidates seeking paramedic positions with the City Fire Department.  After two years of settlement negotiations, with only minimal success, the parties proceeded to discovery.  The process, however, resulted in a number of disputes that required judicial intervention, including a motion to compel the adoption of Plaintiffs’ discovery protocol, and a subsequent motion by Plaintiffs’ counsel to compel the City’s compliance with that protocol. The details of these applications, and the parties’ disagreement over analytics and processes, are set forth below.

Part I – The November 2019 Order

In 2019, when discovery began, the parties were unable to reach agreement on either the method for searching and collecting ESI, or the content of what was to be produced. Specifically, regarding production, the parties were at an impasse on the issue of whether, once potentially relevant emails were identified by search terms, those emails should be produced without further review.

The Plaintiffs’ proposed protocol required an outside vendor to export the City’s emails, perform keyword searches on that email, and produce the “hits” of those search terms without further review for responsiveness or privilege.  The City, on the other hand, proposed using its own Microsoft Tool to perform a simple search prior to exporting any data.  The Plaintiffs rejected this proposal out of purported concern that the City’s basic search would not comprehensively identify ESI for collection.  The City conceded that its collection tool was not fool-proof but countered it would miss only a “negligible quantity” of documents.  The court split the difference: requiring the City to retain an outside vendor to export emails and use Plaintiffs’ keywords to identify potentially responsive content.  The Court, however, denied Plaintiffs’ request that the “hits” be produced without further review for privilege or responsiveness (“November 2019 Order”).

The City subsequently reported that the Court-Ordered process resulted in 192,000 unique emails.  Given this volume, the City informed the Court and plaintiffs that it intended to use technology-assisted review (“TAR”) to identify responsive documents for production.* Plaintiffs objected to this process, claiming use of TAR would exclude responsive documents from the review process, and further claiming the City’s use of TAR was inconsistent with the November 2019 Order.  And so, Plaintiffs’ filed a motion seeking the Court order the City to comply with the November 2019 Order or, in the alternative, for entry of a proposed TAR protocol submitted by Plaintiffs that would require the use of TAR on the entire collection.

Part II – The September 2020 Order

In response to Plaintiffs’ second motion, the court found the November 2019 Order addressed the methodology for collecting emails, not the methodology for determining responsiveness. Thus, the November 2019 Order did not preclude TAR, and the issue of the City performing a responsiveness review was outside the scope of the November 2019 Order.

Plaintiffs further argued that since TAR is more effective at identifying responsive documents than traditional manual review, pre-TAR culling would eliminate large amounts of potentially relevant ESI. While the court did not deny that using TAR from the outset may reveal more responsive documents overall, based on the number of documents that were discarded using Plaintiffs’ proposed search terms (only 15% of 9 million pages of documents hit on Plaintiffs’ search terms), pre-TAR culling would achieve the best possible review in this case. The court found this method to satisfy the reasonable inquiry standard under Fed. R. Civ. P. 26.

Plaintiffs also argued that that attorney reviewers would improperly train TAR by making incorrect responsiveness decisions. The court recognized, however, that this concern is present no matter which methodology is employed, and that “uncertainty in determining responsiveness is not unique to TAR.” The court was also satisfied with the variety of quality controls offered by AL.

Ultimately, the court denied Plaintiffs’ motion, finding City, as the responding party, was best situated to decide how to search for and produce responsive documents to Plaintiffs’ requests.** 

Conclusion

This case reminds us of a number of things including the importance of understanding your clients’ ESI, and engaging meaningfully with opposing counsel on issues involving ESI collections and production.  However, when a responding party is fully familiar with its ESI, courts believe it is the responding party who is best situated to decide how to search for and produce responsive documents, and may be permitted to devise custom TAR methodologies to best fit the needs of the case.

 

*Specifically, the City sought to use Relativity’s Active Learning (“AL”), a type of software that uses learning algorithms to prioritize documents for its attorneys to review manually. As described in the decision, AL “merely shuffles the order of the documents being reviewed based on the coding decisions [i.e., responsive or nonresponsive] made by the attorney review team. All documents marked responsive and ultimately produced are done so by human reviewers.” However, as a result of using AL, there is a portion of the ESI collection deemed nonresponsive and not reviewed by attorney reviewers.

**The court cites to The Sedona Principles, Principle 6, which states, “[r]esponding parties are best situated to evaluate the procedures, methodologies, and technologies appropriate for preserving and producing their own [ESI].”

Generally, the party producing discovery bears the costs of production. But, shifting to the non-producing party the costs of production is sometimes warranted.  This issue was recently tackled by a Kansas District Court in the matter Lawson v. Spirit AeroSystems, 2020 WL 3288058 (D. Kan. June 18, 2020).

Background

Following his retirement from Spirit AeroSystems, Inc.’s (“Spirit”), plaintiff Larry A. Lawson (“Lawson”), the former CEO of Spirit, began consulting for non-party Arconic, Inc. (“Arconic”).  Spirit contended this consulting amounted to a breach of Lawson’s retirement agreement, which contained a non-compete provision.  As a result, Spirit discontinued Lawson’s retirement benefits and demanded he reimburse Spirit the amounts already paid to him.  Lawson brought suit, arguing that Spirit and Arconic are not in the same “business,” and thus the non-compete provision in his retirement agreement was never triggered.

Discovery in the lawsuit was focused largely on the issue of whether Spirit and Arconic are in the same “business.”  In connection with discovery of electronically stored information (“ESI”), Lawson insisted on protocols that led to overbroad results, yielding low percentages of responsive documents, and even lower percentages of relevant documents.*

The parties then conducted a technology assisted review of the more than 300,000 collected documents, which yielded a 3.3% responsiveness rate.  The responsive documents were produced.  Dissatisfied, Lawson filed a motion to compel Spirit to produce the documents reviewed by TAR beyond those already produced.  In response, Spirit sought to shift all costs and attorney’s fees associated with the production to Lawson under Federal Rule 26(c). Spirit argued that it spent months collecting, processing, hosting, and searching millions of documents from custodians selected by Lawson and using search terms selected by Lawson; a process which cost hundreds of thousands of dollars and which resulted only in a small percentage of responsive or relevant documents. In opposition, Lawson argued that cost-shifting is only available for ESI that is not reasonably accessible, pursuant to Rule 26(b)(2)(B). The court did not agree.

Good Cause & Proportionality

The Lawson court instructs that Rule 26(c), “is not limited to non-reasonably accessible discovery,” but rather was “amended in 2015 to make clear that the court may allocate discovery expenses for good cause in order to protect a party from undue burden or expense.” To establish “good cause” the “moving party must make a particularized and specific demonstration of fact, as distinguished from stereotyped and conclusory statements,” and the court has “broad discretion” in whether good cause has been established.

In Lawson, the court, in deciding to shift costs, reviewed Rule 26(b)(1)’s proportionality factors.  Specifically, “the importance of the issues at stake in the action, the amount in controversy, the parties’ relative access to relevant information, the parties’ resources, the importance of the discovery in resolving the issues, and whether the burden or expense of the proposed discovery outweighs its likely benefit.”  Here, the court concluded:

  • the action was a private lawsuit over an executive’s severance package, not a suit with significant public policy implications;
  • although the TAR expenses were not unreasonable compared to the amount in controversy, Spirit had already bore considerable amounts in discovery expenses;
  • both parties had adequate resources to bear their fair share of discovery expenses;
  • apart from the ESI/TAR process, Spirit produced substantial discovery collected the “old-fashioned way” of targeted productions via custodian interviews and collections;
  • Lawson had equal access to that discovery; and
  • Lawson had not articulated how the documents sought via the TAR process were important to resolving the issues above and beyond the discovery Spirit already produced.

Conclusion

The Lawson court reviewed all the factors, and in the end determined that Lawson’s “continued pursuit of the ESI dataset via TAR was not proportional to the needs of the case.” While the court was careful to mention that the 2015 amendment to Rule 26 does not imply that cost-shifting should become common practice, Lawson offers considerable insight into facts which warrant cost-shifting, and the court’s discretion in awarding the same.

 

*Lawson was also expansive in the custodial data he sought and the search terms he insisted upon.  For example, he demanded Spirit search sixty-nine (69) custodians’ ESI plus each custodian’s assistant’s ESI. Lawson also demanded using ninety (90) search terms, many of which containing “OR” connectors, resulting in the effective number of search terms in excess of 100. Of note, 85% of the documents yielded in result of these searches were irrelevant.

**Thank you to first year associate, Jaclyn Ruggirello in the Firm’s Uniondale office, for her research assistance related to today’s blog.

When allegations of employee misconduct are alleged, companies must respond swiftly.  Indeed, “insider threats” can cause significant damage to a company.  These threats come in many different forms, including:

  • Accounting fraud;
  • Theft of assets;
  • Unauthorized access to or manipulation of data; and
  • Threats, sexual harassment or other inappropriate forms of behavior or communication.

And so, when a threat is perceived or reported, an internal investigation – which aims to assess the validity of the alleged misconduct within the organization – may be necessary.  Although such investigations necessarily involve different steps and goals as the facts require, a typical element of an investigation includes collection and examination of written or recorded evidence, interviews with suspects and witnesses, and computer and network forensics.

McDonald’s Corp. v Stephen J. Easterbrook, (Index No. 2020-0658, [Del. Ch. Aug. 12, 2020] [Complaint]) reminds us that collecting and reviewing electronically stored information (“ESI”) is a critical step in a thorough investigation.

Factual Background:

In October 2019, it was alleged that then-CEO of McDonald’s Corporation (“McDonald’s”) Stephen J. Easterbrook (“Easterbrook”) engaged in sexual conduct with a company employee in violation of McDonald’s standards of business conduct policy.  In response to these allegations, McDonalds’s hired outside independent counsel to perform an internal investigation.  The investigation included interviews of Easterbrook and the company employee, and a review of all images, videos, and text messages stored on Easterbrook’s company-issued cellphone.  The investigation, however, failed to include any collection or review of Easterbrook’s company email.

Because none of the evidence counsel reviewed contradicted Easterbrook’s allegation that the relationship at issue was consensual, McDonald’s and Easterbrook entered into a separation agreement, wherein Easterbrook was terminated “without cause” and pursuant to which he received severance compensation and benefits under his existing compensatory arrangement.

Less than a year later, in July 2020, however, McDonald’s received a complaint from a different company employee that Easterbrook had engaged in sexual conduct with her, in violation of McDonald’s standards of business conduct policy.  This complaint resulted in a second internal investigation, which included the collection of review of Easterbrook’s, now dormant, McDonald’s email account.  It was during this July 2020 investigation that McDonald’s discovered several photographs and emails relevant to both the 2019 and 2020 complaint that had been deleted from Easterbrook’s company cellphone.  Unbeknownst to Easterbrook, although he deleted these emails and photographs from his company cellphone, a copy of the emails and photographs remained accessible on McDonald’s servers.  These emails and photographs provided indisputable evidence that Easterbrook repeatedly violated McDonald’s standards of business conduct policy.

Clearly, had McDonald’s been aware of Easterbrook’s misconduct in 2019 as documented by email communications, it would not have entered the separation agreement with Easterbrook.  And so, McDonald’s was forced to commence an action against Easterbrook, alleging that he breached his fiduciary duty by violating McDonald’s standards of business conduct policy and fraudulently inducing McDonald’s to enter into the separation agreement.

Conclusion:

This lawsuit reminds us that in today’s age of e-everything, an internal investigation of any alleged misconduct must include collecting and reviewing ESI.  While efficiency and cost necessarily inform decisions, collecting and reviewing ESI (even if deemed a costly endeavor) must remain a priority in internal investigations.  Here, review of emails could have prevented subsequent litigation.

*Thank you to first year associate, James Maguire in the Firm’s Uniondale office, for his research assistance related to today’s blog.

Rule 26(b)(5) of the Federal Rules of Civil Procedure provides that, when a party withholds information otherwise discoverable by claiming the information is privileged or subject to protection as trial-preparation material, the party must:

(i) expressly make the claim; and

(ii) describe the nature of the documents, communications, or tangible things not produced or disclosed—and do so in a manner that, without revealing information itself privileged or protected, will enable other parties to assess the claim. 

(id.) (emphasis added).

But what exactly is a sufficient description such that opposing counsel will be able to assess the validity of a claim of privilege?  And, when is an in camera review to determine the validity of a privilege claim appropriate?  Although the sufficiency of a description is necessarily subjective, and in camera review discretionary, a recent decision from the Northern District of Illinois is a worthwhile read for anyone confronting these thorny subjects.*

Background

Washtenaw County Employees’ Retirement System v. Walgreen Co., 2020 WL 3977944 (N.D. Ill. July 14, 2020) is a securities fraud class action lawsuit involving allegations that Walgreens and its former Chief Executive and Chief Financial officers violated Sections 10(b) and 20(a) of the Securities Exchange Act of 1934.  During discovery, lead plaintiff moved for an in camera inspection of 75 documents listed among 5,700 identified on defendants’ log as privileged.  Plaintiffs argued that the Court’s review of the documents was necessary because it would guide the parties’ approach to other privileged claims.  Defendants, however, asserted an in camera review was not necessary as Plaintiffs failed to establish a “well-founded basis for challenging the logs’ privilege descriptions,” which were the result of thousands of attorney hours.

In reaching its decision not to review in camera the documents at issue, the Court devoted significant effort to the history of the attorney-client privilege and the obligation to log privileged communications withheld from production.  The Court then observed that the sufficiency of a log description is a delicate balance.  Indeed, it is difficult to describe “the basis for the privilege with sufficient detail yet without disclosing what the legal advice was.  Preserving the privilege requires recognizing that there are limits to the specificity that courts ought to require in a privilege log.”  The Court went on to hold that entries on a log that use the word privilege without any description of what the communication was about, is “unacceptable.”  However, descriptions that describe, at least, the subject matter to which the legal advice was directed “come closer to being sufficient, and in many cases will be sufficient.”  In sum, a privilege log “need only provide a form of penultimate proof, by way of a short summary statement that conveys at least a basis for the Court to believe that the content of the communication is privileged.”

The Court further observed that while it is within its discretion to engage in an in camera review, this, too, is fraught with challenges.  For example, courts deciding issues concerning privilege log descriptions “can reach two correct yet contrary conclusions based on identical fact patterns.”  (Walgreens, 2020 WL 3977944 at *3 (citing Surgery Ctr. at 900 N. Michigan Ave., LLC v Am. Physicians Assurance Corp., 317 F.R.D. 620, 629 (N.D. Ill. 2017).

Analysis

Here, the Court was tasked specifically with determining whether to perform an in camera review of six categories of communications: (i) those between non-attorney employees; (ii) those copying in-house counsel; (iii) those disseminated “widely” within the company and through distribution lists; (iv) those “reflecting,” “circulating” or “discussing” legal advice; (v) those Plaintiffs claim are simply not privileged; and (vi) attachments that were withheld.

The Court declined to exercise its discretion to review in camera the 75 documents at issue, but examined the categories of log entries included in the motion.  In assessing the privilege log descriptions for the first five categories, the Court determined that the Defendants’ privilege log entries sufficiently established the documents and communications concerned legal advice or legal issues relevant to the matter and were properly logged.  With respect to the “withheld attachments” category, the Court found that Defendants’ failed to include in the log a separate description providing the legal basis for withholding the attachments.  And so, because attachments need to have their own privilege bases in order for them to be properly withheld under a claim of privilege, the Court directed the parties to meet and confer to determine an approach that supplies Plaintiffs with the information necessary about the withheld attachments.

Conclusion

The attorneyclient privilege is a deeply rooted doctrine that protects from disclosure privileged communications.  And, the importance of creating a privilege log with sufficient particularity such that opposing counsel can assess the validity of the asserted privilege cannot be overstated.  This case is an important reminder that inadequate, vague or generic privilege log descriptions can put the privilege in peril and practitioners must take an organized and methodical approach in formatting specific descriptions for withholding privileged documents.  By doing so, one may avoid defending against a motion to compel for in camera review.

*It is important to consult the local rules of the Court in which you are appearing.  For example, in the Southern and Eastern Districts of New York, Local Civil Rule 26.2, Assertion of Claim of Privilege, is applicable.

The Honorable Shira Scheindlin once opined against allowing custodians of ESI to collect their data stating “[s]earching for an answer on Google (or Westlaw or Lexis) is very different from searching for all responsive documents in the FOIA or e-discovery context…” and “most custodians cannot be ‘trusted’” to effectuate a legally sufficient collection.  National Day Laborer Org. Network v US Immigration and Customs Enf. Agency, (10 Civ. 3488 [SAS] [SDNY 2012]) (See The Perils of Self-Collection).  Recently, another federal Court also cautioned counsel about the dangers of self-collecting albeit this caution was predicated upon the substantial risks attorneys may face when clients self-collect data. Equal Employment Opportunity Commission v. M1 5100 Corp., 2020 WL 3581372 (S.D. Fla. July 2, 2020).  These two cases, coupled with counsel’s obligation to be technologically competent,* serve as good reminders of what not to allow.   

Background

In M1 5100 Corp., Plaintiff filed a motion to compel “better discovery responses.”  In connection with that motion, Plaintiff sought the opportunity to inspect how Defendant’s electronically stored information (“ESI”) was searched, collected and produced based upon (1) a mere 22 page production; and (2) defense counsel’s concession that he did not manage or oversee his clients’ collection efforts.  Critically, the individuals responsible for collecting the potentially relevant data were two self-interested employees of the Defendant, who operated without any supervision by, or involvement of, Defendant’s counsel.

In reaching its decision to grant, in part, Plaintiff’s motion, the Court devoted significant effort to the importance and effect under Federal Rule of Civil Procedure 26 (g), of an attorney’s signature on a discovery response.  Specifically:

A party’s discovery obligations also include the duty to use reasonable efforts to locate and produce ESI responsive to the opposing party’s requests and within the scope of discovery.  To enforce these responsibilities, the attorney’s signature on a discovery response certifies that the lawyer has made a reasonable effort to assure that the client has provided all the information…responsive to the discovery demand and has made reasonable inquiry into the factual basis of his response.

Id.

According to the Court, because counsel cloaked Defendant and its employees with unfettered discretion in determining (i) custodians, (ii) search terms, (iii) ESI sources, and (iv) what documents to collect, counsel failed to exercise the requisite supervision.  The Court further identified as “very problematic” counsel “sign[ing] off on the completeness and correctness of his client’s discovery responses” when, in actuality, the attorney exercised neither supervision nor involvement in the process.  According to the Court, such discovery practices are rife with concerns including incomplete discovery productions and the destruction of responsive information.

In spite of these discovery failures, the Court acknowledged that “[i]inspection of an opposing party’s computer system under [FRCP] Rule 34 and state equivalents is the exception and not the rule for discovery of ESI.”  Therefore, and in part due to the parties being ahead of the discovery deadlines, the Court gave Defendant’s counsel an opportunity to comply with its discovery obligations and directed “Defendant’s attorneys [to] counsel and supervise Defendant and Defendant’s employees during the discovery search, collection, and production process and become knowledgeable of that process.”  In conclusion, the Court advised that it “intend[ed] to closely supervise the discovery process” to ensure counsel complies with all discovery obligations.

Conclusion

This case is a good reminder to counsel that we cannot simply delegate discovery to clients.  Rather, we must actively participate in and supervise all aspects of discovery.  Moreover, a counsel who delegates discovery as here likely cannot comply with his/her obligations to participate meaningfully in a 26(f) conference, which should be embraced as an opportunity to reach agreement and engage in a cooperative discovery process that will promote proportionality.**

 

*See previous blog post series discussing counsel’s obligation to be technologically competent below:

A Lawyer’s Obligation to be Technologically Competent – Part I

A Lawyer’s Obligation to be Technologically Competent – Part 2

A Lawyer’s Obligation to be Technologically Competent – Part 3

A Lawyer’s Obligation to be Technologically Competent – Part 4

**See previous blog post discussing FRCP 26(f) below:

Rule 26 and How It Applies to Electronically Stored Information

***Thank you to first year associate, James Maguire in the Firm’s Uniondale office, for his research assistance related to today’s blog.

 

In New York, it is widely recognized that the duty to preserve documents arises once a party “reasonably anticipates litigation” (see Voom HD Holdings LLC v EchoStar Satellite, 93 AD3d 33, 41-42 [1st Dept 2012]).  And so, issuing timely a litigation hold notice is critical for preserving information relevant or potentially relevant to an actual or threatened litigation.

But, what happens to that litigation hold notice during discovery?  Is it a document that one produces?  Is it privileged?  Ordinarily, hold notices are protected from disclosure by the attorney-client privilege and the attorney work product doctrine.  However, a recent New York case illustrates that when there are allegations of spoliation, the privilege a litigation hold normally enjoys may be undermined.

In Radiation Oncology Services of Central New York, P.C., v Our Lady of Lourdes Memorial Hospital, Inc., 2020 WL 3246747 (Sup Ct, Cortland County 2020), involving a contentious contract dispute, the parties engaged in nearly five years of discovery, including countless discovery disputes.  In one instance, Plaintiffs identified two emails that Defendants produced in hardcopy but failed to produce electronically. These emails were sent after Plaintiffs informed Defendants that it intended to pursue litigation; and thus, after a litigation hold should have been issued.  Believing Defendants spoliated evidence, Plaintiffs filed a motion to compel the production of Defendants’ litigation hold, including all related electronically stored information (“ESI”).  In response, Defendants contended there was no spoliation of evidence in either instance because they were able to produce the hard copies of the emails.

The Court was not persuaded by Defendants’ paper production of the emails.  Rather, the Court found that “printing paper copies of the emails and permanently deleting the associated ESI potentially deprived the emails of significant evidentiary value.”  Moreover, the Court held that Defendants failed to prove, as a matter of law, that its litigation hold should be protected from disclosure.  Specifically, (i) Defendants did not dispute its duty to preserve the emails at the time they were destroyed; (ii) Defendants failed to show there was no culpable conduct involved in the deletion of the emails; and (iii) the emails were potentially related to claims in the matter.  And so, the Court granted Plaintiffs’ motion to compel.*

This decision reminds us of a few lessons.  First, preserving paper copies of ESI that has been deleted will not necessarily defeat a claim of spoliation.  Second, within one’s hold notice it is advisable to include a provision outlining the consequences of failing to preserve documents related to the matter and, language that the obligation to preserve includes documents in existence and yet to be created.

*The Court permitted further submissions on the issue of whether Defendants’ conduct warranted sanctions.

**Thank you to first year associate, James Maguire in the Firm’s Uniondale office, for his research assistance related to today’s blog.

***See previous blog posts discussing legal holds below:

Failure to Implement a Proper and Timely Legal Hold Notice Results in Plaintiff Being Sanctioned

Practical Tips for an Effective Litigation Hold Notice 

Your Litigation Hold Must be Generally Broad and Specifically Tailored

E-Discovery Best Practices to Avoid Discovery Sanctions

Sanctions in Two New York Courts for Party’s Failures to Preserve

Aldinger v. Alden State Bank is a good reminder of counsel’s obligation to be cooperative in the discovery process.

Aldinger, an employment discrimination case pending in the United States District Court for the Western District of New York, involved a series of discovery disputes including Plaintiff’s motion to compel Defendant to respond to her First Request for the Production of Documents and First Set of Interrogatories (Docket 21).  A second similar motion was filed four months later (Docket 31), which the Court eventually granted, directing Defendant to fully respond to Plaintiff’s interrogatories and requests for production (“Order”) (Docket 32).  Thereafter, Defendant sought to depose Plaintiff and sent her several letters requesting dates for a deposition.

Plaintiff, however, unsatisfied with Defendant’s disclosure pursuant to the Court’s Order, refused to schedule depositions until Defendant fully complied with its discovery obligations.  Frustrated with Plaintiff’s refusal, Defendant moved for an order compelling Plaintiff’s deposition.  And, Plaintiff cross-moved to compel Defendant to comply with the Court’s prior Order.

The Motions to Compel:

In deciding the two motions to compel, the Court reminded counsel of their obligation to engage one another in good faith and to act cooperatively during discovery.  First, the Court directed the parties had thirty days to agree on a date certain for Plaintiff’s deposition and concluded that even if Plaintiff was correct in alleging Defendant failed to comply with the Order, Plaintiff “cannot unilaterally refuse to fulfill its discovery obligations as retaliation for another party’s discovery violations.” (quoting John Wiley & Sons, Inc. v. Book Dog Books, LLC, 298 F.R.D. 145, 148 [S.D.N.Y. 2014]).

Second, in resolving Plaintiff’s cross-motion to compel the Court was guided by the principles set forth in Federal Rule of Civil Procedure 26(b)(1) regarding relevance and one’s obligation to produce not only documents in their physical possession, but also documents the party has the “right, authority, or practical ability to obtain,…including from…former outside counsel” (quoting  Woodward v Holtzman, 16 cv 1023A(F), 2018, WL 5112406, at *8 [WDNY October 18, 2018]).  The Court further concluded that if any documents requested by Plaintiff do not exist, then Defendant is required to make “a direct, individualized response” stating that to be the case.

Having granted both motions, the Court refused to grant either party’s request for attorneys’ fees.  Although the Court observed that Rule 37 obligated the Court to require a party who failed to provide information in discovery to “pay the reasonable expenses, including attorney’s fees, caused by the failure…” the Court concluded “[b]oth attorneys in this case have failed to be cooperative in the discovery process.”  The Court went on to conclude it was their collective “absence of good faith and collegial understanding of one another’s discovery needs” that has greatly increased  “the duration and expense of this litigation.”  In conclusion, the Court “warned” the parties that the “next discovery dispute will be resolved in a court hearing at which both parties and their attorneys will be present.”

Conclusion:

This decision serves as a good reminder that courts expect parties and counsel to proceed cooperatively and professionally during discovery, with an emphasis on good faith and efficiency.  As attorneys, we should strive to be known as one who resolves discovery issues rather than one who creates unnecessarily discovery issues.

In the span of a few short months, the number of phishing attacks targeting smartphones as the entry point to enterprise networks has risen by more than a third.  Indeed, one cybersecurity company found a 37% increase in mobile phishing attacks worldwide between November 2019 and early 2020.*

As previous blog posts have observed,** phishing emails have long been an issue for desktop/laptop users.   Typically, these attacks – to the extent they target desktop/laptop email applications – can be avoided because they often come with observable indicia that something may not be right.  For example, the email purportedly from “Katy Cole,” originates from an email address that is noticeably not one belonging to Katy Cole or the URL is palpably suspicious.

Now, however, people are using with increased frequency their mobile devices to respond to emails where the tell-tale signs of a phishing scam are harder to spot due, in part, to smaller screens. That smaller screen, coupled with a growing trend of cybercriminals to replicate login pages so as to resemble one’s organization (especially with so many businesses relying on cloud platforms like Office 365), is cause for concern.  If, under such circumstances, a user enters their username and password into a phishing page, the device user effectively gives the attacker potential access to their corporate accounts.  And so, as we all multitask, work remotely, and rely more upon our mobile devises, we must be mindful of these risks when accessing content from our mobile devices.

*https://www.lookout.com/phishing-spotlight-report-lp

**See previous blog posts discussing phishing below:

Phishing Risks Associated with Social Media

What do Lady Gaga, LeBron James and the Texas Courts Have in Common?

Industry Forecast for Data Breaches 2020: What All Smartphone Users Should Know

The Department of Homeland Security Reminds us of the Importance of Cybersecurity

Some Cyber-Musts for Maximizing Security

 

Smart speakers – like Google Home and Amazon Echo – have changed the way our homes/offices function.  Indeed, these voice-activated speakers execute simple commands provided by voice or smartphone application.  With nothing more than a question, one can direct the smart speaker to, among other things, play music and podcasts, provide a weather forecast, or set an alarm.

The technology is straight forward.  For example, Google Assistant—the voice-activated software associated with the Google Home—“listens” for a hotword. When the smart speaker hears the hotword, the device switches to “active listening” mode, records and analyzes the provided audio, and executes the command provided.  While the audio is used to effectuate the user’s commands, the recorded data is also used to (1) target personalized advertising to end-users, and (2) improve the voice recognition capabilities of the device.

Given these competing uses, it should come as no surprise that privacy concerns may be implicated by the use of smart speakers.  Recently, certain privacy concerns received attention in a class action lawsuit filed in California.** At issue in that lawsuit was the smart speakers’ recording and storing of users’ private conversations without the knowledge or consent of the specific user, potentially violating privacy rights and expectations.***

Smart speakers, while fun and convenient, are not without risk.  Users should consider the following:

Devices with Cameras – Certain smart speakers include cameras that can be used to video-conference or chat with friends and family.  Just as the device can listen without one’s knowledge or consent, with a camera, it may secure visual recordings as well.  And so, to avoid unintended data collection, it may be a good practice to deactivate the camera when not in use.

Vulnerability to Hackers – Like any other computer/smart device, smart speakers and their software are susceptible to hackers.  Deactivating the camera and microphone when not in use is good practice to minimize vulnerability to hackers.  For those who desire additional safeguards, consider covering the camera or unplugging the device when not in use.  Although these protective measures take away from the convenience of the technology, it may be a precaution worth considering.

Personal Information – Some smart speakers and voice activated software can be used to pay bills, transfer money, check balances, etc.  However, this functionality requires users to provide the smart speaker access to their confidential banking information.  Due to the various privacy issues mentioned above and discussed in the California class action, using the speakers for banking and similar tasks introduced an additional layer of potential risk because now, your financial information (not just your kitchen conversations) may be accessible to hackers who infiltrate the software on the device.

Many of us welcome new technology to make our daily lives more convenient.  In seeking this convenience, however, we must also be mindful of the attendant privacy risks.  And so, before you enter your kitchen and ask, “Hey Google, what time is it?” understand people may be watching and listening.

* The “hotwords” or “wake words” that call Google Assistant to attention are commonly “Okay Google” or “Hey Google.” And, for the Amazon Echo, the wake word is usually, “Alexa.”

** In In re Google Assistant Privacy Litigation, the class, consisting of purchasers of any Google Assistant-enabled device, brought various privacy violation claims under both federal and California state law.

*** For a full recitation of the facts at issue in the lawsuit, consult In re Google Assistant Privacy Litigation,  Briefly stated, however, the class brought suit because the various smart speakers were recording and storing audio when it “heard” what it thought was (but actually was not) a “hotword” or “wake word.”  And so, unintended activations, known as “false accepts,” were resulting in recordings and transcripts that the end-user never intended to be recorded.  And, rather than delete the recordings and transcripts generated by “false accept” activations, Google used them for its own purposes, as if it were an authorized recording.  Additionally, plaintiffs alleged that many of the recordings obtained by Google contained conversations of children who could not consent to being recorded.  Amazon has been the subject of similar lawsuits concerning its Amazon Echo device (see https://nypost.com/2019/06/13/amazon-sued-for-recording-childrens-voices-via-alexa/).