The U.S. Securities and Exchange Commission (“SEC”) recently identified cyberthreats as an enforcement priority (see 2021 Examination Priorities).  Within months of the Commission’s announcement, the Commission brought three enforcement actions* which resulted in sanctions against eight investment advisory firms who failed to report cyber related attacks, failed to adopt,  or failed to implement proper cybersecurity policies in violation of Rule 30(a) of Regulation S-P (17 C.F.R. § 248.30(a)) (the “Safeguards Rule”).**

In each of the three matters, the various firms had their email accounts compromised causing customer data – including personal identifiable information – to be exposed.  A common thread tying the breaches together was that the firms’ compromised email accounts failed to comply with firm policy (i.e., did not implement multi-factor authentication despite policy requirements or recommendations to implement)*** and the firms’ respective responses to the breaches were insufficient according to the Commission.  In exchange for agreeing to cease and desist from future violations of the charged provisions, the firms paid penalties of between $200,000 to $300,000.

A mid-year report on the state of cybercrime, conducted by a cyber investigation response team, revealed that over 70% of ransomware attacks targeted organizations with over $1 billion in revenue.****  In addition, a recent survey conducted by the U.S. Small Business Administration found that “88% of small business owners felt their business was vulnerable to a cyberattack.”*****  These statistics suggest that cybercriminals more often take a “go big or go home” approach presumably to secure a maximum ransom payment through each cyberattack.  And so, it is crucial that companies focus on having and implementing cybersecurity policies, such as (a) an Incident Response Plan, which outlines instructions on how to respond to and resolve data breaches; and (b) a Cyber Liability Insurance Policy, which covers costs associated with data breaches, including lost income due to a cyberattack.  By doing so, companies can avoid the business, financial, and reputational risks posed if they fall prey to a cyberattack.

*Matter of Cetera Advisor Networks LLC et. al., SEC 1940 Act Release No. 5834 [Aug. 30, 2021]; Matter of Cambridge Investment Research, Inc. et. al., SEC 1940 Act Release No. 5839 [Aug. 30, 2021]; Matter of KMS Financial Services, Inc., SEC 1940 Release Act No. 5840 [Aug. 30, 2021]).

**The Safeguards Rule requires registered broker-dealers and investment companies to adopt written policies and procedures reasonably designed to “(1) insure the security and confidentiality of customer records and information; (2) protect against any anticipated threats or hazards to the security or integrity of customer records and information; and (3) protect against unauthorized access to or use of customer records or information that could result in substantial hardship or inconvenience to any customer.”

***See The Invaluable Benefits of Multi-Factor Authentication

****See First Half of 2021 Sees Triple Digit Rise in Cybercrime

*****See Stay Safe From Cybersecurity Threats

Thank you to second year associate, James Maguire in the Firm’s Uniondale office, for his research assistance related to today’s blog.

Have questions?  Please contact me at

When confronted with an issue of first impression – how to authenticate text messages – the Colorado Court of Appeals chose not to reinvent the wheel.  Rather, it wisely borrowed from the Federal Rule of Evidence (“FRE”) 901.

Factual Background

In People v Heisler, the defendant and victim had been romantically involved.  They remained in touch after they broke up but eventually, the victim began dating another person and requested Heisler stop texting her.

Heisler ignored the victim’s request and continued – with increasing frequency – to text and write letters to the victim, who did not respond or reciprocate.  Approximately nine months later, uninvited and unannounced, Heisler traveled from his home in Florida to the victim’s doorstep in Colorado. The victim called the police and Heisler was charged with felony stalking and harassment.

At trial, the court admitted into evidence Heisler’s text messages to the victim. Ultimately, Heisler was found guilty of harassment but acquitted of the stalking charge. Heisler appealed, arguing the court’s decision to admit his text messages was error as the text messages were not properly authenticated under CRE 901(a).*

The Two-Step Process

In upholding the trial court’s decision to admit into evidence the text messages, the appellate court noted the burden to authenticate evidence is low, and requires a prima facie showing only. Then, after considering a two-leveled approach used to authenticate emails and social media posts,** the appellate court propounded the following two-step process to authenticate text messages:

Step 1: A witness with personal knowledge must testify that printouts of the text messages accurately reflect the content of the text messages; and

Step 2: A witness with personal knowledge must provide testimony establishing the identity of the purported sender of the text message.

Seems simple, right?  Not really.  How, for example, do you establish the “identity of the purported sender?” Fortunately, the appellate court identified four methods and held the proponent must establish at least two of the four methods:

(a) the phone number was assigned to or associated with the purported sender;

(b) the substance of the text message(s) was recognizable as being from the purported sender;

(c) the purported sender responded to an exchange in such a way as to indicate circumstantially that he or she was in fact the author of the communication; and/or

(d) any other corroborative evidence under the circumstances.

In Heisler, the victim satisfied Step 1 when she testified she recognized the pictures of the text messages and that they were a fair and accurate depiction of the texts she personally received.  The victim satisfied Step 2(a) when she testified she recognized the phone number as belonging to Heisler because that was the number she used to communicate with him.  Finally, the victim satisfied Step 2(b) when she testified she recognized the content of the text messages as being from Heisler.

Interestingly, Heisler did not object that the text messages were not his or that the printouts were not accurate. Rather, Heisler objected to the text messages because the victim had deleted her responses to his messages.

The appellate court was unpersuaded, stating that prosecution established the printouts accurately reflected the content of the messages the victim received and that Heisler authored the text messages. The court further reasoned that the text messages were admitted as evidence of texts the victim received from Heisler, not as evidence of a conversation between the two. Thus, the text messages were properly authenticated.


Text messages, like any other evidence, must be authenticated to be properly admitted into evidence.  Now, practitioners in Colorado state court, like those in the federal courts and countless other state courts, can rest soundly knowing that the process of authenticating text messages involves a fairly straightforward two-step process.

* CRE 901(a) requires that the evidence be sufficiently authenticated by the proponent and authentication “is satisfied by evidence sufficient to support a finding that the [evidence] in question is what its proponent claims [it to be].”  FRE 901(a) states the same.

** Under CRE 901, an e-mail and a social media post may be authenticated (1) through the testimony of a witness with personal knowledge that the e-mail is what it is claimed to be or (2) “through consideration of distinctive characteristics shown by an examination of [the] contents and substance” of the e-mail under the circumstances of the case (see People v Bernard, People v Glover).

Thank you to second year associate, Jaclyn Ruggirello in the Firm’s Uniondale office, for her research assistance related to today’s blog.

Have questions?  Please contact me at

It is estimated that more than 100 million people are wearing an Apple Watch* and another approximately 31 million people are using the Fitbit.** It is further predicted that sales and use of these devices will continue to grow. And so, as people increasingly look for wearables that both “make technology more personal” and include a “cool factor”*** we are reminded that wearables are a repository of information (The Document Demand That Seeks Electronically Stored Information) that could be discoverable in a litigation depending on the relevance of the data.  The Bartis case, pending in the Eastern District of Missouri, is an interesting decision on point. (Bartis v. Biomet, Inc., 2021 WL 2092785 [E.D. Mo. May 24, 2021]).

In Bartis, multiple plaintiffs alleged they sustained personal injuries, including permanent mobility issues, as a result of the implantation of an artificial hip manufactured by Biomet, Inc. (“Biomet”).  During discovery, plaintiff Guan Hollins (“Hollins”) advised, in response to an interrogatory, that he wore continuously a Fitbit to track his number of steps, heart rate, and sleep.  As a result, defendants demanded Hollins produce “all data from the Fitbit and any other wearable device or other fitness tracker.”  Hollins objected claiming such data was “unreliable” because he began wearing the Fitbit after revision surgery removing the Biomet artificial hip.

Defendants filed a motion to compel the production of Hollins’ Fitbit data, arguing the data was relevant to Hollins’ alleged permanent, physical injuries resulting from implantation of Biomet’s defective artificial hip.  In opposition, Hollins claimed the request was a “fishing expedition” and reiterated his objection that the data was unreliable.

The Court ordered Hollins to produce the demanded data.  Noting, specifically, that Hollins had provided inconsistent responses as to whether he experienced difficulty or pain walking/ jogging due to the alleged defective hip implant, the Court found Biomet’s demand for Fitbit data was hardly a fishing expedition where, as here, the data was relevant and could reveal whether Hollins was walking or jogging substantial distances.  Further, the Court rejected Hollins argument that the Fitbit data was unreliable, stating that this argument went to the admissibility and weight of the data.

Although Judge Ross aptly observed there was “surprisingly little precedent” involving wearable devices, there can be no doubt that these wearable devices – and the data they store – are here to stay.  Therefore, the next time you issue a litigation hold or craft a document demand, you should consider the various wearable devices that may be repositories for potentially relevant information.

*There are more than 100 million people wearing an Apple Watch, says analyst

**Fitbit Revenue and Usage Statistics (2021)

***There are more than 100 million people wearing an Apple Watch, says analyst

Have questions?  Please contact me at

A prior post (Keyword Searching – What is it? And How Do I Do It (Well)?) offered some tips for crafting effective search terms for use in the e-discovery process. Although those tips still hold true, today’s blog offers ways to utilize an ESI protocol to promote a more seamless electronic search process.*

An ESI protocol is intended to allow parties to agree on, among other things, how data will be accessed and produced in connection with a litigation. As part of the protocol, parties should negotiate the process for crafting search terms, identifying the universe of data to be searched, and validating search term results. Critical to the negotiation process is understanding that the goal is to discover data that will support the party’s arguments at summary judgment or trial.

Tip 1: Let the party with the data determine the best search terms.

It is common practice for the requesting party to propose search terms. However, this often means that the attorney, with more limited facts than the party in possession of the data, is left to guess at search terms that are likely to identify potentially responsive data. And so, it may be valuable to incorporate into one’s ESI protocol a mechanism that allows the responding party to propose initial search terms based on each document request. After all, it is the responding party who has access to the data and the custodians and who, therefore, may be best situated to understand which search terms to use.  Because the process is an iterative one, the parties can meet and confer to discuss refinement and iterations as necessary (see Tip 3).

Tip 2: Tailor your search terms to the type of system and data being searched. 

When formulating an ESI protocol, it is important to identify the data to be searched. For example, are the search terms being run across a party’s entire network? Only e-mail servers? Text messages?

Knowing the data to be searched will also help inform a party’s search terms. For example, communication styles differ between formal work emails and informal messaging applications like Skype for Business. And so, search terms should be tailored to reflect these distinctions.

Tip 3: Detail how the iterative process will work.  

An adversary may contend you have but a single bite at the search term apple.  But, no matter how deliberate the initial bite is, revisions are almost always necessary. And so, to afford your client the greatest protection against an adversary who refuses to permit revisions, be sure to delineate an iterative process in your ESI protocol. This process may include iterative sampling, measurement of results, and validation that the technology worked as expected.

Tip 4: Keep the final product in mind.

Throughout the often tedious process of crafting search terms, be sure not to lose sight of the ultimate goal—how will I use the data at summary judgment or trial? Take into consideration how the data will physically look, fit together to form cohesive evidence, and best support your arguments. Thinking about how discovered data will be presented to a judge or jury should inform your decisions when crafting search terms and your ESI protocol.

*For clarity, today’s blog discusses search terms in connection with processing and reviewing data, not identifying data for preservation.

Thank you to second year associate, Jaclyn Ruggirello in the Firm’s Uniondale office, for her research assistance related to today’s blog.

Have questions?  Please contact me at

The need to input a username and password when logging into a computer is a “single factor” authentication. But, from a security perspective, that single factor authentication only goes so far. Consider, for example, the ramifications if a hacker steals or guesses your username and password. What information could be compromised?

For law firms, cybercrime and data breaches have become a major concern because of the confidential and sensitive information lawyers have access to and often store on their computers.* Recently, the New York City Law Department, a 1,000 lawyer agency responsible for representing the City of New York and guarding the personal information for thousands of city employees, was snakebit by a cyber-attack. The cause of the cyber-attack was a stolen email password from a Law Department employee. The aftermath, however, has been devastating in many respects.  First, attorneys for the Law Department have been unable to access files.  This in turn has necessitated requests for adjournments and compromised counsel’s ability to represent zealously its clients. Second, the security lapse revealed the Law Department was alarmingly disorganized in its handling of confidential information, such as clients’ medical records. Third, as a result of the hack, the Law Department’s Chief Information Technology Officer was reassigned and replaced.

Regrettably, the incident may have been avoidable.  Indeed, the Law Department was sluggish in maintaining its network’s systems and failed to comply with a 2019 directive from New York City’s Cyber Command Division to implement multi-factor authentication on all systems. Specifically, multi-factor authentication requires a user to enter multiple credentials to verify their identity within a system. Multiple factors may include confirmation of (a) something known to the user (password); (b) something a user possesses (phone or code); or (c) other personal identifiers (biometrics or voice recognition).  The benefits of implementing multi-factor authentication is rudimentary in nature, as increasing the amount of layers of security will decrease the likelihood of cyberattacks.  For example, had the Law Department implemented multi-factor authentication prior to the breach, the cyber-criminal would have needed the employee’s password and cell phone to access the network.  Further, multi-factor authentication can protect a law firm’s network from more sophisticated cyberattacks such as phishing.**

In sum, with many law firms still working remotely, improving the security of a firm’s network may feel like a moving target.  Nevertheless, as the title of this blog post suggests, implementing multi-factor authentication will not only help law firms protect clients’ interests, but also save them the embarrassment of spending a significant amount of money and time to resolve a preventable disruption.

*An October 2020 American Bar Association report found 29% of law firms reported a security breach, with 36% reporting past malware infections to their systems  (

** See Rise of Mobile Phishing Scams ; Phishing Risks Associated with Social Media

Thank you to second year associate, James Maguire in the Firm’s Uniondale office, for his research assistance related to today’s blog.

Have questions?  Please contact me at



We have heard it many times before – document review in today’s e-ubiquitous world is expensive.  But imagine a client’s surprise when it learns an already expensive litigation task was plagued by associate over-billing.

According to a recent complaint filed with the Illinois Attorney Registration and Disciplinary Commission (“IADRC”) (see In the Matter of Stephanie Alexandra Gerstetter), an associate litigation attorney at Reed Smith, LLP, Stephanie Gerstetter (“Gerstetter”), was assisting a more senior associate with two separate document review projects.  Specifically, Gerstetter was tasked with using the software program Relativity to analyze and code for production digitally stored documents.  Unbeknownst to Gerstetter, Relativity was tracking and logging the time she spent reviewing documents.

In June 2020, Reed Smith performed an internal inquiry into Gerstetter’s billing practices, and learned Gerstetter billed materially more time to the two document review projects than Relativity indicated she invested in conducting the review.  Specifically, the complaint alleges that for a document review in August 2019, Gerstetter billed 29.2 hours despite logging only 23.5 hours in Relativity; and for a second project in March 2020 Gerstetter “recorded billing entries on 49 separate days totaling 197.7 hours of purported time that she claimed to have spent reviewing and coding documents” but “only worked 33 separate days totaling 113.1 hours.”*  As a result of Gerstetter’s overbilling, Reed Smith billed its client for approximately $42,000 of legal services Gerstetter never performed.*


While the need for accurate time keeping cannot be overstated, this case is an interesting reminder of that obligation.  Moreover, in a world where attorney compensation and success are often judged by productivity and the billable hour, it is critically important that firms, too, comply with their responsibility to monitor attorney billing practices to avoid ethical pitfalls and malpractice issues, obligations attendant to time keeping and billing entries.

*The complaint asserts one claim against Gerstetter for “Creation of False Billing Entries, Charging and Collecting Unreasonable Fees” and cites violations of Rules 1.5(a) (Fees) and 8.4(c) (Misconduct) of the Illinois Rules of Professional Conduct.

**Reed Smith offered a refund or a credit to its client.

Have questions?  Please contact me at

Bursztein v Best Buy Stores, L.P., (2021 WL 1961645 [SD NY 2021]) involves a personal injury lawsuit arising from plaintiff Perla Bursztein’s slip and fall accident in a New York City Best Buy store.

During discovery, Bursztein requested: (i) video surveillance footage of the accident; (ii) maintenance, and repair records for the location of the accident; and (iii) Best Buy’s customer safety policy. In response, Best Buy produced two documents, interposed boilerplate specific objections to Plaintiff’s requests and claimed it did not maintain surveillance footage of the accident and other critical records.

However, this claim was at odds with deposition testimony provided by Spencer Stanfield (“Stanfield”), the general manager of the store where the accident occurred, who testified repair and maintenance requests were logged on a Facilities’ Request System and surveillance footage of the incident had been preserved by him. And so, Plaintiff served post-deposition demands seeking the surveillance footage and the relevant entries on the Facilities’ Request System.  Best Buy, however, responded with the same boilerplate objections as previously interposed and further stated it no longer had possession of the requested materials.

Fatigued by Best Buy’s discovery games, Plaintiff filed a Rule 37 motion seeking sanctions against defendants for failure to comply with discovery obligations and spoliation of evidence. In opposition, Best Buy submitted an affidavit from Stanfield, claiming he misunderstood at deposition the question concerning the video footage.

Finding Rule 37 (e) the “sole source” to address the loss of relevant ESI, the Court observed sanctions are appropriate when (a) there was anticipated or actual litigation triggering the duty to preserve ESI; (b) the relevant ESI should have been preserved at the time the litigation was anticipated or ongoing; (c) the ESI must have been lost because a party failed to take reasonable steps to preserve it; and (d) the lost ESI cannot be replaced through other discovery.

Ultimately, the Court granted Plaintiff’s motion and held she was entitled to the fees and costs associated with the motion and “permitted to present evidence at an eventual trial regarding the spoliation of liability-related ESI.”  In concluding sanctions were appropriate, the Court noted that Best Buy: “thwarted and disrupted discovery throughout the life of this case” by using dilatory and obstructive tactics; “repeatedly flouted their discovery obligations, failed to promptly communicate with opposing counsel, and repeatedly lodged baseless boilerplate objections to Plaintiff’s discovery requests;” and engaged in nothing short of a “paradigm of discovery abuse.”  Further, given the conflict between Stanfield’s deposition testimony and his affidavit, the Court concluded that video surveillance of the incident likely existed at one point and that Best Buy failed to preserve relevant ESI.

This decision serves as an important reminder that preservation obligations and discovery obligations must be taken seriously.  Indeed, as more and more decisions are demonstrating, there is no room for boilerplate objections, discovery games, or negligent/willful failures to preserve potentially relevant ESI.

Thank you to second year associate, James Maguire in the Firm’s Uniondale office, for his research assistance related to today’s blog.

Have questions?  Please contact me at

Riddle me this:  Is a document that resides on your network and which you embed in an email via a hyperlink the functional equivalent of an attachment to that email?

Magistrate Judge Katherine H. Parker, in a recent decision out of the Southern District of New York (Nichols v. Noom, Inc., No. 20-CV-3677 (LGS) (KHP) (S.D.N.Y. Mar. 11, 2021), holds hyperlinked documents are not attachments.


The Nichols case is a class action lawsuit involving allegations of a “deceptive and illegal automatic renewal scheme” for Noom’s weight-loss service.  As part of the discovery process, the parties agreed to an ESI protocol that authorized Noom to use Google Vault as the mechanism for collecting documents and emails from its Google Drive and Google Mail accounts.

In reviewing documents, plaintiffs realized Noom employees used hyperlinks to reference internal documents rather than downloading a copy of that document and attaching it to their email.  According to Plaintiffs, this practice precluded them from understanding the family association among produced documents (i.e., the production lacked metadata associating the hyperlinked documents with the transmittal email).  And so, notwithstanding the ESI protocol in place, plaintiffs requested the Court direct Noom to re-collect the potentially responsive data using a different vendor so that “hyperlinked documents [were] pulled as part of the document ‘family.’”

In opposition Noom claimed “hyperlinks are not attachments.”   Noom further argued it was producing all of the linked documents and a re-collection, which carried a $180,000 cost, would be disproportional.

Hyperlinked Documents Are Not Attachments

The Court ruled in Noom’s favor and held that hyperlinked documents are not the same as attachments.  Specifically, the Court opined that an attachment, unlike a hyperlinked document, is “a necessary part of” the email.  In support of this conclusion, the Court cited to various illustrative examples when a hyperlink would not be relevant (i.e., a phone number, another part of the document). The Court went on to conclude that because hyperlinked documents are not the equivalent of an attachment, family associations among emails and hyperlinks are not critical.  The Court further found that the existing procedure – which involved the production of all hyperlinked documents with plaintiff reserving the right to request any hyperlinked documents they could not locate in the production – was sufficient.

This decision is interesting.  Many businesses – like Noom – link to internal documents rather than downloading and attaching that document to the email communication at issue.  And so, there is an argument that a hyperlinked document is the functional equivalent of an attachment and is, therefore, a necessary part of the communication.  If you accept that premise, then one would presumably want to understand the relationship between the transmittal email and the hyperlinked document.  Given the increasing use of hyperlinks, it is only a matter of time until other Courts weigh in on this issue.

Have questions? Please contact me at


Generally, a litigation hold letter* will issue to preserve documents and information potentially relevant to a reasonably anticipated lawsuit. However, when does one’s duty to preserve potentially relevant documents end?  Unfortunately, the answer is not necessarily when the litigation ends.  Indeed, a recent decision out of California reminds us there may be instances when one’s preservation obligations are ongoing, even after a litigation is dismissed (Thomas v. Cricket Wireless, LLC, 2021 WL 1017114 [N.D. Cal. Mar 16, 2021]).

Factual Background:

In 2015, a false-advertising lawsuit was filed against Cricket Wireless LLC (“Defendant”) alleged Defendant marketed unlimited 4G/LTE services, but did not have the capability to provide these services (see Barraza v. Cricket Wireless LLC, 2015 WL 6689396 [N.D. Cal. Nov. 3, 2015]).  Defendant moved to compel arbitration, which was denied.  Ultimately, Defendant made a Rule 68 offer of judgment, which plaintiff accepted.

At a hearing before dismissal of the case, the Court inquired “if there was any scenario under which the merits of the case could come back to life?”  Plaintiffs’ counsel responded there was not.**  Critically, however, at the time Barraza was voluntarily dismissed with prejudice, “the statute of limitations had not run on the hundreds of thousands of other putative class members’ claims against [the Defendant].”  And so, there was very much a chance that the merits of the case could “come back to life,” albeit with different plaintiffs.

And, come back to life it did.  Approximately one year later, a second lawsuit was filed against Defendant in Missouri, based on the same allegations as those in Barraza (see Thomas v. Cricket Wireless, LLC, No. 16-cv-1065 (W.D. Mo. Apr. 7, 2017) (“Thomas I”).  Defendant again moved to compel arbitration, but the parties stipulated to a dismissal before a decision on the motion.  The voluntary dismissal, which was without prejudice, was subject to a tolling agreement that expired on November 4, 2019.

And, like a cat with nine lives, the merits of the case came back to life a third time.  In fact, after the tolling agreement expired, a putative class action lawsuit was filed (“Thomas II ”), in which the class (the “Plaintiffs”) alleged that Defendant engaged in a fraudulent marketing scheme surrounding the 4G/LTE devices.

These various iterations of the merits are worth mention because during discovery in Thomas II, Plaintiffs learned Defendant had discarded after Barraza several key documents and accounts.  Specifically, Defendant (i) deleted the custodial accounts of key decision makers; (ii) failed to preserve any custodial accounts from the Sales & Operations Planning Committee; (iii) failed to preserve critical sales data related to 4G phone sales; and (iv) failed to preserve any 4G advertisements from the relevant time.  Defendant was unapologetic because “it was entitled to stop preserving documents after Barraza” and had “been transparent about what documents were not retained.”

And so, Plaintiffs noticed a deposition regarding Defendant’s document retention.  Just prior to that deposition, Plaintiffs moved to compel production of Defendant’s litigation hold letters from related lawsuits, including Barraza, arguing any presumptive privilege had been overcome by Plaintiff’s preliminary showing of spoliation.  Defendant responded that compelled production prior to the depositions was premature.  The Court denied Plaintiffs’ motion without prejudice to renew “if warranted after [the] completion of the upcoming deposition[s] … on document retention.”

The depositions were unhelpful substantively.  Indeed, they demonstrated that Defendant’s witnesses either did not know or were counseled not to answer questions regarding the content of the litigation hold letters.  And so, according to Plaintiffs, the only remaining mechanism to obtain the necessary information was to renew their motions to compel, which Defendant opposed on the ground “it had every right to dispose of the disputed documents and databases” and therefore no basis to compel the production of privileged hold letters.

The Court granted Plaintiffs’ motion to compel the production of Defendant’s litigation hold letters in Barraza and Thomas II, finding Defendant’s admissions about what it had destroyed or failed to preserve raised enough questions about its document retention and preservation efforts to allow Plaintiffs to take the initial step of discovering the content of Defendant’s litigation hold notices as necessary to investigate spoliation.  In reaching its decision, the Court acknowledged several instances during the two depositions where the witnesses either “could not or would not answer questions specifically seeking information about basic details” surrounding the litigation hold letters.


The Thomas II decision reminds us that the duty to preserve relevant documents may continue following the dismissal, settlement, and/or final judgment of a case depending on the facts and circumstances at issue.  Where, as here, for example, it could be reasonably anticipated that additional plaintiffs would file suit, one’s obligation to preserve documents may be continuing. In addition, while a litigation hold letter is considered generally a privileged document, it is not immune from discovery, even in a subsequent lawsuit.

*See prior litigation hold blogs

**A statement that the Thomas II court later deemed specific to the two plaintiffs in the Barraza case – not the hundreds of prospective other class members.

Thank you to second year associate, James Maguire in the Firm’s Uniondale office, for his research assistance related to today’s blog.

Have questions?  Please contact me at

My February 17th blog, “Judges Make the Case for TAR” discussed the widespread acceptance by federal courts of technology assisted review (“TAR”), which is acknowledged as cost effective, efficient, and likely superior to the tried and true keyword searching methodology.  Continuing with the theme of TAR, the District Court of New Jersey recently addressed the critical importance of the meet and confer process (ideally steeped in cooperation and collaboration) when parties decide to implement TAR.

In the In Re: Valsartan, Losartan, and Irbesartan Products Liability Litigation, Judge Schneider of the District of New Jersey addressed several issues unique to the discovery of Electronically Stored Information (“ESI”) (2020 WL 7054283 [D.N.J. Dec. 2, 2020]).  Valsartan is a complex litigation involving allegations that the prescription medication, Valsartan, contained cancer causing chemicals.  Given the complexity and scope of the litigation, the Court and parties were well aware that the costs of ESI discovery would be significant and, as such, TAR should have been contemplated at the outset of the litigation.

And so, on June 18, 2019, the Court ordered the parties’ stipulated ESI protocol which required that the parties “cooperate in good faith regarding the disclosure and formulation of appropriate search methodology, search terms and protocols, and any TAR/predictive coding prior to using any such technology to narrow the pool of collected documents to a set to undergo review for possible production” (Id. at 2).  Subsequently, the parties negotiated custodians and search terms, which the Court ordered on December 23, 2019 (the “ESI Protocol Order”).  Prior to the ESI Protocol Order,  defendant Teva refused to sample the hits generated by the agreed upon search terms.  Despite their refusal, Teva later complained the search terms were unduly burdensome.  Over the objection of Plaintiffs, on June 24, 2020, the Court ordered the use of narrower search terms, with the first production to be made on July 15, 2020 and all productions to be complete by November of 2020.

One year after negotiating custodians and search terms, six months after those terms were originally So Ordered by the Court, and two weeks after the Court narrowed the search terms, Teva declared, for the first time, that it planned to incorporate Continuous Multi-Modal Learning (“CMML”), a form of TAR using little human input, for its review.

As Teva’s declaration was contrary to the ESI Protocol Order, it did not sit well with either Plaintiffs or the Court.

Upon Teva’s unilateral declaration, Plaintiffs objected on the grounds that had they known Teva intended to use TAR all along, the past year of negotiations and concessions on their part would have been handled much differently.   Additionally, Plaintiffs requested that they be allowed to review 5,000 of Teva’s potentially non-responsive documents manually to validate Teva’s CMML review results.  Teva refused to cooperate.

In his decision, Judge Schneider, relying on Hyles v New York City, agreed that the use of TAR is acceptable so long as a party is transparent and timely in disclosing its use.  The Judge further observed these technologies work and layering them onto search terms is acceptable (10 CIV 3119ATAJP, 2016 WL 4077114 [SDNY Aug. 1, 2016]).  The Court disagreed, however, with Teva’s contentions that it had complied with meet and confer obligations identified in the ESI Protocol and had disclosed timely and cooperatively its intention to use TAR.  Importantly, the Court noted that given the volume of ESI at issue, Teva, who was already consulting with its ESI vendor regarding the use of TAR prior to the ESI Protocol Order, should have disclosed its intended use of TAR during the meet and confer process.  Ultimately, while Judge Schneider allowed Teva’s use of TAR, he granted Plaintiffs’ request to validate a set of 5,000 purportedly non-responsive documents.

In re Valsartan offers us two important reminders.  First, litigants are free to choose their ESI production methodologies. Relatedly, a party has an obligation to participate in the meet and confer process and to be cooperative and collaborative during the process.  Adversaries – and courts alike – have little patience for delay tactics and failures to disclose timely information relevant to discovery.

A special thanks to Jay Sawczak, an associate in our Commercial Litigation Department, for his contributions to today’s blog.

Have questions?  Please contact me at