Because the duty to preserve is one that hinges on the timing of its attachment, it is of vital importance to be proactive in preparing an environment in which compliant preservation will be possible. It is the position of this body that an ounce of prevention is worth a pound of cure in this area. Having a previously established process for preserving potentially relevant information will greatly reduce the cost and effort associated with preservation, particularly for larger companies that are regularly involved in litigation. Pre-preservation steps are essential to fostering a cost-and-disruption-minimizing approach.
Understanding Records Retention Policies
It is critical to understand the party's record retention, and thus record destruction policies. Care must be taken in proactively designing procedures to interrupt, suspend or "put on hold" the periodic destruction of information, especially if this is an automated process. For example, many corporate email systems have rolling time periods in which the system is triggered to delete information. This may take the shape of a policy and a procedure that delete all e-mail after 30 days. It is also of great import that any rolling recycling of backup tapes be considered as a procedure that may or may not have to be suspended. Special attention must be paid to attempting to reconcile a company's document retention policy with the actual practices employed by IT personnel and equipment to avoid any gaps in implementation of preservation steps. See e.g., Broccoli v. Echostar Communications, 229 F.R.D. 506 (D.Md. 2005), where a large, sophisticated high-tech company was deemed "guilty of gross spoliation of evidence" when it failed to suspend its 21-day email and data destruction policy after being on notice of the plaintiff's employment discrimination claims for months. The court granted a motion for sanctions, including an adverse inference instruction to the jury.
Worse yet, see Arista Records v. Sakfield Holding Company, 314 F.Supp. 2d 27, 34 (D.D.C. 2004), where the court determined the defendant had intentionally destroyed substantial evidence in response to the threat of imminent patent litigation. This finding effectively torpedoed Defendant's motion to dismiss on jurisdictional grounds, by allowing the plaintiff to infer the existence of evidence (mostly destroyed) demonstrating Defendant's sufficient systematic contact with District of Columbia residents, thereby justifying plaintiff's choice of venue.
Identify the IT "Gurus"
FRCP 30(b)(6) provides that a party responding to a discovery request must, in essence, designate a person who can help the requesting party understand where information is stored, to be deposed as part of the discovery process. 30(b)(6) notices of "the person most knowledgeable regarding the parties' IT systems and processes" are becoming increasingly common. Care should be taken to proactively identify candidates for this type of inquiry, and work closely with them to understand any potential preservation issues before a legal duty to preserve attaches.
In other words, find your 30(b)(6) witness and start preparing them for deposition in advance of the filing of a law suit either against, or on behalf of, your client. If there is any foreseeable issue with this person being able to testify effectively, consider training and designation of another. Also consider the formation of a cross-functional task force with members of IT and legal, such that both functions can educate the others as to the legal and technological implications of each other's work.
Proactive Contingency Planning
Develop a plan/process for preservation in the event of litigation. Include in this a specific statement about each individual's roles and responsibilities to implement and execute a litigation hold. Have a team that is the Litigation Response or Readiness Team comprised of attorneys (inside or outside counsel), paralegals, IT and administration staffers (or litigation support staff). Include the Records Management group in this process also, as paper is still an issue, even in these days where most (but not all) information is stored electronically. This team will be responsible for maintaining IT documentation and keeping it updated, lists for asset tracking, what information is stored in software systems, list of current employees (org charts), etc.
Litigation Hold Memos Tailored to IT Personnel
Consider whether it would be appropriate to prepare a specialized litigation hold memo (discussed below) for the IT department. For example, many corporations store documents by employee ID rather than name. As a result, simply copying the IT department on a litigation hold memo with a lengthy distribution list may not be an effective way to communicate to the IT group on whose information should be preserved. Know what is needed by the IT department in order to effectively implement the litigation hold and assist them in achieving those goals but including it in a concrete instruction memo. Of course, IT must participate in the creation of this memo so that it harmonizes with the systems currently in use by the company.
Executive Endorsement of Preservation Efforts
The importance of adhering to a litigation hold memo may be enhanced by showing employees that the hold process has the support of management at the top echelons of the company. Actively involve senior management, including officers of the corporation, in the process of issuing litigation holds, even if it is simply a follow-up memo emphasizing the need to cooperate in the litigation hold.
More effective may be having personnel from the office of general counsel or outside counsel meet with key players or other employees on an ongoing basis. This will also satisfy the requirements for "compliance monitoring" per Zubulake v. UBS Warburg, 229 F.R.D. 422 (S.D.N.Y. July 20, 2004) (Zubulake V) (general counsel or outside counsel meeting with IT department and making site visits to understand the infrastructure and ensure preservation is occurring).
Knowing and Understanding the IT Architecture
In order to preserve documents, it is important to know where they reside. Work with the IT group to develop a map of the locations of various types of data which might be relevant to litigation or a regulatory investigation. While this may take a significant investment in time both by the IT and the legal groups, it should improve efficiency and assist in quickly locating relevant information when the company receives notice of litigation - and for other litigations in the future. Keep it current as the IT structure changes and develops. A good starting point for basic IT infrastructure is the diagram Microsoft submitted to the Advisory Committee on the federal rules.
Interview end-users as well as IT personnel to see if policies are being followed.
Identify an IT liaison - this individual can be the main contact and should participate in meetings between the collection vendor/outside consultant/internal litigation readiness team and GC or outside counsel. Provide IT liaison with questionnaire that, when completed, will assist with identification of systems, network layout, practices, backup and retention schedules. Not only understanding the infrastructure/architecture but the applications and how they work is important too.
Find out from the IT department what happens to users' data when they are no longer working at the organization but that may be relevant in the litigation - what happens to their shared drives, e-mail stores, computers.
Ask IT for an asset tracking list/database. Many times older computers go to admin staffers or individuals lower on the org chart. So, an old PC owned by a VP in human resources might now be in the hands of secretary in marketing.
Consider including the litigation hold process in the procedures for company employees so that a departing employee who is the subject of a litigation hold is identified and the employee's data can be preserved and retained as appropriate.
Understanding the Backup Systems
Determine the location and scope of backup or disaster recovery tapes or SAN and what software was used to make the backups. Know whether the company uses document management systems such as Tivoli or Legato, and what processes are necessary for preventing data disposal from these systems. When tapes are pulled for preservation, verify that the labels are correct and the tapes contain what they say they do.
Train employees on the proper processes for responding to litigation holds. Consider online training modules, classes, and new hire orientation as opportunities to train. Also, once the preservation duty has arisen, counsel each custodian about their preservation obligations and the consequences for noncompliance. Electronic reminders in the form of emails or "pop ups" can be an important part of the process.
Preparing Internal "Litigation Hold Memo" Template and Witness Interview Form
The litigation hold memo should provide a detailed description of the litigation and specific instructions for dealing with electronic data.
Interview the "key players" regarding their document management habits. Document the interview and include warnings about the consequences of destroying or deleting information, as well as alteration (inadvertent or otherwise) of metadata. Follow up on the interview.
Include a certification on the litigation hold memo which each litigation hold recipient is required to sign reflecting that he or she has read the litigation hold, understands it and has complied.
Key players need to be visited personally and re-visited throughout the litigation to ensure they are preserving data.
If possible, interview all custodians that data is being collected from to ensure all relevant data is being collected. Many times custodians have no idea that they have relevant documents on their computers. Most computer users have no idea where data is stored - and cannot distinguish between network and local drive or where e-mail attachments are downloaded and stored.
Identifying Potential Sources of Information
Relying on the overall document management system is potentially dangerous, as it is inevitably an incomplete source of data. It is important to understand the culture of the organization and to investigate potential information stores that are "not on the map" or are "offline." For example, this list includes, but is not limited to:
Addressing Retired Systems
Many times a large organization has gone through numerous hardware and software upgrades in a relatively short time. Often data can still exist in a company's storage devices or network space that no longer has the original software program (needed to "read" the data) installed on it. A contingency plan should be in place to handle this data if it one day becomes necessary to produce it. It is often useful to work backwards chronologically with the IT staff to determine what systems might contain data relevant to a case where the facts arose at some point in time in the past.
The Problem of Special Backups
It is often the case that IT departments perform special one-time backups of the network, or a portion of the network such as a server, immediately prior to upgrading software or hardware (operating systems, email systems, servers, etc.). This is certainly prudent from a IT standpoint in case there is any unforeseen problem with the upgrade, but often these tapes or other storage devices are not accounted for in the typical document retention policies. However, if the duty to preserve kicks in, then these tapes are "fair game" as well and can present difficulty, since by definition they contain "legacy" software.
Preferred Vendor Arrangements
Consider whether it is prudent to proactively engage preferred providers to collect data on a rush or emergency basis. The time saved by not having to negotiate terms and conditions can be very helpful in preserving data such as forensic imaging of hard drives or processing of backup tapes. When interviewing vendors, it may be useful to use The Sedona Conference's "Best Practices for the Selection of Electronic Discovery Vendors" as a guide.
Discovery Software to Assist in Preservation
As a result of the problems larger entities often have with preservation, an entire software industry has evolved to meet these needs. Consider purchase of one or several of these software programs to assist in meeting preservation needs. For example, now there are programs that integrate with a network and allow for remote, forensically sound, capturing of data from hard drives and servers.
Proactive Email Archiving Systems
Perhaps one of the most promising developing trends is the advent of email archiving software. These programs allow entities to apply document retention periods to electronic documents, including emails, as they are created based on tailored taxonomies and other tools. The user interfaces for these programs also allow a legal or IT designee to "quarantine" data that needs to be shielded from document destruction protocols, and help organizations to avoid processing of backup tapes as well.
Data That is Changed on an Ongoing Basis
In disputes or investigations that involve ongoing issues, preserving historical data is only half of the obligation. Data that is created contemporaneously with the hold or in the future must also be preserved as well. Software programs such as those listed above can be employed to do so on an automated basis, or users can be designated to do so themselves. In some ways this is less difficult, because the users can be told ahead of time what they must preserve, and can be given instructions for how to preserve the data. See, for example, the Order for Preservation of Documents signed by Judge Scheindlin in In re: Methyl Tertriary Butyl Ether ("MTBE" Products Liability Litigation, MDL 1358 (SAS) M21-88 (March 15, 2005).
Source: EDRM (edrm.net)