Ensuring effective preservation for
e-discovery—managing the legal
hold process
Fios, Inc. 921 SW Washington Street 8th Floor Portland, Oregon 97205 (503) 265-0700 (877) 700-3467 Toll Free www.fiosinc.comExecutive summary
Effectively managing legal holds requires the right combination of people, process and technology. It is how an organization protects itself when facing litigation and investigations. In the traditional paper world, the requirements for preserving relevant documents were straightforward. Organizations could not shred, burn or otherwise dispose of potentially relevant documents held in file cabinets, off-site storage warehouses or in the desks of employees. In today’s digital world, carefully and defensibly preserving electronically stored information (ESI) is much more complex—and risky.
For many organizations, the risk and cost lies in being able to quickly identify, track and manage ESI when legal hold obligations arise. Organizations must be able suspend the routine destruction of potentially relevant ESI in a timely manner and issue legal hold notices to all custodians who may possess relevant evidence. Several recent court cases, such as Intel vs. AMD1 and Pontiac-GMC Truck, Inc. v. DaimlerChrysler Motors Co.2, have established that if organizations fail to effectively preserve ESI and document the preservation process, they run the danger of having their e-discovery processes scrutinized and expose themselves to sanctions by the court.
By clearly defining the legal hold process, an organization can put itself in a much more favorable position with the courts and ensure a matter remains focused on the facts of the case instead of e-discovery practices. The organization can also put itself in a better position to negotiate a fair and reasonable scope of discovery during the Federal Rules of Civil Procedure Rule 26(f) “meet and confer” conference because counsel will be able to demonstrate a clear understanding of the ESI relevant to the matter and its potential impact on the organization. This documentation and planning process will also help the organization maintain its “safe harbor” standing under FRCP Rule 37(e), because it will be able to demonstrate “good faith” in its effort to preserve all potentially relevant ESI.
Introduction
An organization’s legal hold process occurs at the crossroads of its people, process and technology. It also intersects the different business units across the organization—legal, IT, records management and compliance. Managing legal holds requires an organization to make the same commitment to quality improvement that it applies to any of its business practices, whether it’s customer care or manufacturing or inventory management. In the context of the electronic discovery reference model (EDRM)3, legal holds are central to the preservation stage.
1 Intel Corp. Microprocessor Antitrust Litig., 2008 WL 2310288 (D. Del. June 4, 2008).
2 Ed Schmidt Pontiac-GMC Truck, Inc. v. DaimlerChrysler Motors Co., LLC, 538 F. Supp. 2d 1032 (N.D. Ohio 2008). 3 www.edrm.net.
Identification Preservation Collection Review Production Information
Governance Processing
Common law and court rulings have established that if organizations fail to effectively preserve ESI and document the preservation process, they run the danger of having their e-discovery processes scrutinized and expose themselves to sanctions by the court.4 In addition, the courts appear unsympathetic toward organizations that
complain that they must commit extensive resources to recover relevant data from inaccessible resources.5
As a result, many midsize and large enterprises are beginning to recognize the need to elevate the legal hold process to mission-critical status. By doing so, enterprises empower key stakeholders from legal, IT, records management and other business units to manage the process as it would any other business function.
With the enormous growth of ESI and the potentially severe consequences of inadequately preserving it, failing to suspend routine destruction policies subjects an organization to:
➞ Increased time and costs associated with e-discovery response
➞ Inability to negotiate fair and reasonable scope of discovery during an FRCP Rule 26(f) “meet and confer” conference because of inadequate knowledge
➞ Increased incentive for opposing counsel to scrutinize discovery missteps rather than litigate on the merits of the case
➞ Increased risk of losing safe harbor protections under FRCP Rule 37(e)
➞ Increased risk of receiving court-imposed sanctions
Precedent-setting cases
Federal court rulings demonstrate the critical importance of legal holds and how the lack of a documented, defensible process and mismanagement that process can put an organization in a hazardous position.
In Bd. of Regents of Univ. of Neb. v. BASF Corp.6 the key witness for the plaintiff testified in deposition he had never
been asked to search for ESI. Instead, due to a change in his organization’s data storage policy, he had deleted information that he deemed unimportant. The court entered “remedial” sanctions, including:
➞ Immediate institution of legal hold
➞ Naming of counsel to file affidavits certifying efforts taken to locate responsive ESI
➞ Ordering the plaintiff to pay the defendants attorneys’ fees and expenses associated with motion to compel Similarly, the court in Broccoli, et al. v. Echo Star Communications Corp., et al.7, found Echo Star’s policy for
automatically deleting e-mail after 21 days “risky” and “extraordinary” and imposed sanctions for an “indefensible” failure to suspend automatic deletion.
4 See Zubulake v. UBS Warburg LLC, 2004 WL 1620866 (S.D.N.Y. July 20, 2004), Broccoli, et al. v. Echo Star Communications Corp., et al., 229 F.R.D. 506 (D. Md. 2005), Miller v Holzmann (11/17/07, District of D.C.) and NTL Inc. Securities Litigation (1/30/07, S.D. New York).
5 In AAB Joint Venture v. United State, 75 Fed. Cl. 432 (Fed. Cl. 2007), the court rejected the government’s argument that recovering email from backup tapes would be too difficult and costly.
6 See Bd. of Regents of Univ. of Neb. v. BASF Corp., 2007 WL 3342423 (D. Neb. Nov. 5, 2007). 7 Broccoli, et al. v. Echo Star Communications Corp., et al., 229 F.R.D. 506 (D. Md. 2005).
Zubulake v. UBS Warburg LLC8 was the most prominent seminal case in which the court found that a party must take
affirmative steps to preserve documents. Those steps include:
➞ Issuing a litigation hold at the outset of the litigation or when litigation is reasonably anticipated
➞ Communicating the litigation hold directly to all key employees
➞ Reiterating the litigation hold instructions regularly and monitoring compliance Emerging themes
From these rulings and others, several common themes emerge for organizations to consider when managing the legal hold process:
➞ Sanctions are real. An organization’s failure to expedite a legal hold on all responsive records and manage the entire process from implementation to release can result in court-ordered sanctions.
➞ Safe harbor is at risk. Failure to implement and document the legal hold process can result in the loss of safe harbor protections under FRCP Rule 37(e).
➞ Costs and time can skyrocket. An organization ill-equipped to implement the legal hold process and manage overlapping holds on multiple matters will likely require significantly more time and money to respond to e-discovery.
Establishing the preservation plan foundation
Information governance and ESI identification precede preservation in the legal hold process. This governance lays the foundation for the entire e-discovery response process and serves as the cornerstone of preparations for responding to preservation obligations.
Governance
The first stage of the EDRM, information governance, specifically addresses how ESI is captured, organized,
accessed, replicated and disposed of during the routine course of business. Typically, a document retention program relies on the systematic review, classification, retention and destruction of both paper and electronic documents. In cases like Arthur Anderson LLP v. United States9 courts have ruled that document retention policies are defensible
when a valid policy is in place and is routinely enforced and managed. However, an organization’s duty to preserve ESI for litigation supersedes its data retention policy.
A strong information governance policy:
➞ Restricts the amount of information retained
➞ Defines schedules and process for data destruction
➞ Controls the replication of data in multiple repositories
➞ Establishes metadata to classify and aid in the retrieval of ESI
➞ Determines the accessibility and security of ESI in its native format
8 Zubulake v. UBS Warburg LLC, 2004 WL 1620866 (S.D.N.Y. July 20, 2004. 9 Arthur Anderson LLP v. United States, 125 S. Cr. 2129, 2135 (2005).
The successful management of an organization’s legal hold process depends on its records management and retention guidelines, as well as the continuity of its business systems and the structure of its information network. Typically, an organization’s IT department manages this information governance process. However, if an organization also wants to develop a defensible e-discovery process, it must take an interdepartmental approach to encourage interaction among the IT, records management and legal departments, and it must establish consistent and reproducible communication protocols across all lines of business throughout the organization.
Identification
The second stage of the EDRM, identification, establishes a deeper foundation for managing legal holds. As part of its e-discovery process, an organization needs to understand where ESI is located throughout the organization and how to retrieve it—preferably before receiving a legal hold demand. To develop a preservation plan, an organization must be able understand:
➞ Who are the key ESI custodians? Where do they work and how is their ESI stored? Do they work with non-party custodians who may also possess relevant evidence?
➞ What ESI systems are involved? Where are the user systems, communication systems, data storage systems, backup systems, archiving systems and information management systems located, and how are they accessed?
➞ What formats of ESI media are likely to be relevant to the matter? Are they email communications, office files, structured data, graphics files, audio files, video files, scanned documents or other system-generated data?
➞ What is the status of the ESI, and how accessible is it? Is it online and active, stored on near-line systems or archived on backup tapes and offline servers?
➞ What are the organization’s current processes for responding to legal hold notifications? Who manages the process? What systems are used for tracking the legal holds? What documentation exists?
Developing a preservation plan
Legal hold management is not a policy; it’s a process. This process seems simple – at least for handling a single legal hold event. However, organizations facing multiple legal actions or regulatory investigations may see this “simple” process quickly evolve into an increasingly complex management nightmare as custodians, system processes, legal holds and case requirements overlap, layer on layer.
No matter the number of legal holds, or the complexity of the process, organizations need to follow four basic steps when developing a preservation plan:
➞ Determine the trigger for a legal hold
➞ Identify what to preserve
➞ Establish a preservation plan
These steps are key components of the guidelines recommended by the Sedona Conference10, a group of leading
jurists, lawyers, experts, academics and others, at the forefront of legal issues who work together to move the law forward thoughtfully.
Step 1: Determine the trigger
The first step in developing a reasonable and defensible preservation plan is to recognize a duty to preserve potentially relevant information, whether in response to an anticipated lawsuit, investigation or audit. Knowing what triggers such a duty, recognizing when an event occurs and establishing criteria for determining what preservation actions need to be taken in response are critical considerations.
Preservation triggers affect both plaintiffs and defendants. Some are obvious, others are not. An organization’s duty to preserve relevant ESI arises when either a plaintiff or defendant reasonably anticipates litigation. Obvious triggers include the establishment or receipt of a complaint, the delivery of a subpoena or the initiation of a governmental proceeding. In some cases, however, the duty to preserve may arise before any litigation event.
The key phrase is “reasonably anticipates,” according to Sedona Guideline 1. Making the decision to preserve is unique to every situation, circumstance and organization. While a mere “I’m filing a lawsuit” threat may not be sufficient to trigger a preservation obligation, an organization must consider the following factors to determine whether there is reasonable potential for litigation:
➞ The depth of knowledge within the company about the claim
➞ The claim’s risk to the company (cost-benefit analysis)
➞ The risk of losing relevant ESI without a legal hold in place
➞ The number of custodians and data sources that might be potentially relevant
While this list is hardly comprehensive, only by weighing these and similar factors can an organization determine if it is obligated to preserve relevant ESI and take appropriate action.
10 The Sedona Conference Commentary on Legal Holds—The Trigger and the Process. Aug. 2007 Public Comment Version.
Sidebar: Five critical steps for defensibly managing legal holds
For organizations just starting to implement legal hold processes, there are five critical steps to consider: 1. Form a cross-functional e-discovery response team made up of key representatives from legal, IT,
compliance and records management
2. Map the data repositories (ESI content mapping)
3. Develop and document a preservation process to ensure good faith based on a reasonably designed legal hold process suitable to the company’s litigation profile, discovery intensity and risk tolerance
4. Implement a system for tracking legal holds and documenting the process so that the organization can readily defend its compliance with the process for the court
5. Develop and implement an ongoing training program to educate employees on the process, define expectations and explain the risks of non-compliance
The courts recognize that organizations face a challenge when deciding whether ESI preservation is required. In Cache La Poudre Feeds, LLC v. Land O’Lakes Inc.11244 FRD 614 (D. Colo. 2007), the plaintiff complained that
during the year prior to the filing of the lawsuit, while the two organizations were exchanging letters about trademark infringement, Land O’Lakes failed to place a hold on relevant evidence. Although the plaintiff requested sanctions, the court held that the defendant’s duty to preserve was not triggered by “back and forth equivocal letters about a dispute.” According to the court, without a clear threat, Land O’Lakes had no reason to assume litigation and, therefore, had no duty to preserve until the plaintiff filled a lawsuit.
Step 2: Identify what to preserve
The second step in developing a preservation plan is determining what needs to be preserved, including:
➞ Who are the key players (custodians, data stewards, persons of special knowledge) associated with the matter?
➞ What are the relevant data attributes?
➞ Where does ESI reside within the “custody, ownership and control” of the enterprise?
In determining what ESI needs to be preserved, the organization should exercise a thoughtful process to identify potential issues relevant to a matter, what business records or players may be responsive to such issues and where such information resides within the enterprise.
Having an effective “content map” that describes attributes of data repositories within the organization, including the types of data, how such information is being governed (e.g., is data being routinely purged by the application or content owner?) and where related information may be copied is extremely valuable.
Guideline 7 from Sedona also provides some useful insight for this task: “In determining the scope of information that should be preserved, the nature of the issues raised in the matter, experience in similar circumstances and the amount in controversy are factors that may be considered.”12
Step 3: Establish a preservation plan
Once the organization has identified what ESI must be preserved, where it resides and who has ownership or custody, the next step is to develop an effective preservation plan. This plan must clearly articulate the “how”: How will the organization preserve potentially relevant ESI? What actions are required, and by whom? When do such actions need to be taken, and how will compliance be reasonably assured?
A preservation plan needs to articulate how data will be preserved, typically either by preserving in place or collecting to preserve. The recommended preservation protocols will depend on the capabilities of the organization to implement a legal hold, the attributes of relevant data repositories and the characteristics of the ESI. For instance, it may be sufficient to simply suspend the routine destruction of the ESI; on the other hand, the ESI may need to be quarantined to eliminate any risk of spoliation.
As explained in Sedona Guideline 6, the organization “should consider all sources of information within its
‘possession, custody, and control,’ as defined by Fed. R. Civ. P. 34 and its state equivalents, that is likely to include relevant, unique information.”13 A well-documented preservation plan assures compliance with the legal hold notice
and helps establish a reasonable and good faith effort to do so.
11 Cache La Poudre Feeds, LLC v. Land O’Lakes Inc. 244 FRD 614 (D. Colo. 2007).
12 See The Sedona Conference® Commentary on Legal Holds—The Trigger and the Process. Aug. 2007 Public Comment Version. p. 14. 13 See The Sedona Conference® Commentary on Legal Holds—The Trigger and the Process. Aug. 2007 Public Comment Version. p. 12.
Step 4: Implement and manage the preservation process
Once the plan is developed, the final step is to implement and manage the preservation process. This includes properly executing, monitoring and documenting the legal hold process in order to establish good faith and demonstrate that reasonable actions have been taken. Legal hold management typically involves overseeing the entire legal hold notice life cycle, from the day it is issued until the day it is released.
Once a decision to execute a legal hold notification has been made, the following steps should be implemented:
➞ Draft the notice. Articulate, in writing, the scope of the legal hold and the specific actions and instructions that custodial recipients need to take (see Sedona Guideline 8)14
➞ Distribute the notice. Send the legal hold notice to recipients instructing them on how ESI is to be preserved.
➞ Track and audit responses. Take appropriate steps to ensure acknowledgement and compliance, as well as addressing any issues raised (e.g., following up on any lack of acknowledgement with a phone call or even an in-person meeting).
➞ Monitor and maintain the notice. Review and revise the legal hold periodically as needed. Throughout the legal hold life cycle, an organization should monitor any changes. If the hold is revised, the notice must be reissued citing the new information. Even if it is not revised, reminders should be sent periodically. In both cases, compliance audits should be conducted to make sure the process is defensible from start to finish.
➞ Release the hold. Organizations must communicate with all employees when an obligation for preservation has been lifted and the company or its custodians no longer need to preserve the information. (See Sedona Guideline 11)15
A well-documented and well-managed preservation plan assures compliance with the legal hold notice and helps establish a reasonable and good faith effort to do so.
14 Sedona Principle 8: “A legal hold is most effective when…,” http://www.thesedonaconference.org/content/miscFiles/Legal_holds.pdf 15 Sedona Principle 11: “The legal hold process should include provisions for the release of the hold upon the termination of the matter at issue.,”
http://www.thesedonaconference.org/content/miscFiles/Legal_holds.pdf
Figure 2.The legal hold notice management flow chart shows the steps of a well-managed process. New Input Trigger Event Develop legal hold plan Draft legal
hold notice Distributenotice
Monitor and manage hold acceptance Recipient accepts Remind/ refresh Release Escalate
www.fiosinc.com
Ensuring effective preservation for e-discovery
(continued)Preservation approaches
Common law and courts have made it clear that an organization must demonstrate it has taken steps to ensure the integrity of any information under a legal hold. However, there is no single standard governing how the preservation obligation should be implemented. There are three strategies that organizations may want to consider:
Preserve in place
This strategy preserves ESI in its native (“routine course of business”) data repository. It “locks” the data from user modification (e.g., changing a file to “read-only”) or suspends routine destruction protocols, such as an auto-purge cycle or retention disposition process. The benefit of “preserve in place” is that it does not require making copies. Copying files can increase storage costs and information management complexity. On the flip side, preserving files in place may interfere with an organization’s day-to-day business operations and may not be practical if the litigation is expected to be long term, requiring files to be in lockdown for years.
Quarantining files
An organization may choose to collect the ESI by confiscating the physical media where files are stored. It may impound hard drives, servers, workstations, laptops and any other media containing the ESI targeted for preservation in response to the litigation or investigation. Once the company has physical possession of media, however, it still must find a place to store it. Quarantining such media also takes it out of productive use, and typically results in the need to purchase replacement media in order to avoid disrupting routine business processes.
Copying files
An organization can also choose to “collect to preserve” ESI to create defensible copies of the evidence. Legal, or an outside service provider, can work with IT to make copies of the files or image entire disk drives. Once that’s completed, the company can then segregate and store the files in a protected repository while preserving the metadata carefully. Storage costs can also be an issue, but this is the most common method used in today’s litigation response strategies.
Legal hold management system and capabilities
Once the preservation approach has been determined, an organization then needs to look at the technology it will use to manage the legal hold process. Among the technology-based systems on the market, there are two types: systems that manage the legal hold notification process and systems that are capable of applying a legal hold on the data stored within a given repository. While email archiving and content management systems do have capabilities for suspending routine destruction and can be helpful in keeping the legal hold in place, the litigation workflow and management process need to be addressed first and are being addressed in this paper.
Today, there are myriad software solutions available for managing the legal hold process. The spectrum runs from simplistic and inexpensive spreadsheet applications to more complex third-party applications dedicated to the legal hold workflow.
The market for legal hold management software is still emerging and changing quickly. Today’s systems fall into one of four categories for collecting and preserving pertinent data:
Approach Pros Cons
Ad Hoc • Can be tailored to meet the needs of a particular matter (e.g., exposure, venue)
• Ad hoc in nature (execution dependent on skills and resources involved)
• Typically more difficult to defend (e.g., lack of reasonable design, repeatability, transparency or predictability)
• Typically more time-consuming (requiring creation of new processes on the fly)
Homegrown • Relatively inexpensive to develop • Quick to deploy
• Minimal training needed
• Requires investment of time and resources to maintain
• Typically lacks scalability and/or automation as volume grows
• Often lacks integration with related systems and applications (e.g., email, web-based, human resources systems)
Dedicated
Systems • Commercially built and maintained (including user support, upgrades) • Typically more scalable, including use of
automation (e.g., automated workflows, use of templates)
• Greater flexibility and accessibility (e.g., user portals)
• Greater integration (e.g., with HR systems, email systems, matter management systems, etc.)
• Typically more robust reporting and management controls
• Perceived cost (return on investment) • Perceived complexity
Auxiliary
Systems • Tight integration with primary system (e.g., user interface, reporting)
• Limited functionality (vis-à-vis dedicated systems)
• Lack of integration with other applications or systems
Legal hold management technology considerations
To decide which approach or technology is most suitable to its business processes and culture, an organization should consider the following:
➞ Probable volume of notices (including initial notifications, revisions and reminders)
➞ Anticipated scope of notices (e.g., number of recipients, number of data sources)
➞ Predicted complexity of notices (e.g., typical duration, number of overlapping holds)
➞ Organizational culture and maturity (e.g., process control and adherence)
Conclusion
An organization that faces pressures to reduce the costs and risks of e-discovery and wishes to focus on the merits of a case instead of e-discovery technicalities should view legal hold management as a mission-critical process. As such, it should be managed like any other quality business process within the organization and be clearly defined and documented.
When an organization thoroughly understands its legal hold obligations and develops a repeatable, documented process, it places itself in a much better position to preserve its safe harbor protections under FRCP Rule 37(e). These actions also decrease the risk of exposing legal hold missteps to opposing council and opening the opportunity for court-imposed sanctions, by demonstrating a reasonable and good faith effort to preserve ESI relevant to the legal action.
Sidebar: A 10-point legal hold notice checklist
Sedona Guideline 8 explains an organization’s need to ensure legal hold recipients receive “actual,
comprehensible and effective notice of the requirement to preserve information.” A legal hold is most effective and shows a good faith effort when it:
1. Is issued in writing by a person of authority who commands attention 2. Is worded with appropriate urgency and sensitivity
3. Clearly describes the scope of the hold (e.g., type of content, data repositories, and time frame) 4. Clearly articulates what actions are to be taken (instructions to recipient)
5. Clearly delineates how long the hold remains in effect (and if it is an ongoing duty) 6. Clearly defines any terminology (e.g., “ESI” or “record”)
7. Requests acknowledgment (i.e., that the hold has been received, is applicable to the recipient, that the recipient understands and agrees to comply with the notice)
8. Requests notification about other employees, departments or systems that may be responsive 9. Includes contact information regarding questions or concerns (now or in the future)
Fios, Inc. 921 SW Washington Street 8th Floor Portland, Oregon 97205 (503) 265-0700 (877) 700-3467 Toll Free www.fiosinc.com
About Fios, Inc.
For over a decade, Fios has helped corporations and their outside counsel reduce risk, control costs and gain management control over the entire spectrum of e-discovery. We are dedicated exclusively to delivering comprehensive services and expert guidance that transform the burdensome nature of electronic discovery into a streamlined, legally defensible business process. Our proven services and methodologies are based on an integrated, in-depth knowledge of technology, legal and human resource requirements to meet the ever-changing demands of complex e-discovery. For more information about the company and its services, visit http://www.fiosinc.com.
