Guide us in Electronic Discovery, O Guidance
by Kurt Leafstrand on March 23rd, 2009
It’s been a little over a month since the news first broke that Guidance Software was the frog in an electronic discovery kettle whose water had just reached the boiling point, with the arbitrator in an employment case demanding, “I want this game-playing stopped.” We thought that, with a little time between the initial story and now, it would be worth taking a step back and looking at possible lessons learned — not so much for Guidance specifically, but for enterprises who find themselves in similar situations, as well as the electronic discovery community that serves them.
First, a quick summary. Based on published accounts, it seems like a classic discovery situation (that’s just plain old discovery, without the “e”): a party is sued and fails to produce a document that, lo and behold, surfaces via some other source, throwing the integrity of the sued party into question. After all, if one potentially incriminating document wasn’t discovered, then who knows what else could be out there?
Guidance contended that it did everything that was required of it, and that it didn’t have (or couldn’t find, despite good faith efforts) the emails in question. But, of course, that didn’t stop the litigation support community (via forums such as the Litigation Support List) from pouncing on the perceived hypocrisy.
After all, how could a leading, publically-traded electronic discovery company get caught up in such a mess? How could their cutting-edge electronic discovery technology not have saved them? Or their (hopefully) best-in-class internal electronic discovery processes? If the electronic discovery companies don’t have their acts together, what about all the other poor souls who lack their knowledge and expertise?
That last question is a scary one, particularly given today’s environment, and it’s why the situation has stirred up so much chatter out in the electronic discovery blogosphere. Almost without exception, commenters have jumped to one of two conclusions. Either (a) Guidance has not followed proper e-discovery best practices, or (b) Guidance has willfully chosen to hide relevant documents that it could have produced, because they would be detrimental to its case.
Let’s explore each of those conclusions in a little more detail.
First, is there any direct evidence that Guidance did not follow electronic discovery best practices? The answer there is murky. Certainly, from Guidance’s perspective, the answer is a resounding “no”. They continue to claim that the emails that were produced from another source did not exist on the various laptops, desktops, and servers that were part of the initial discovery request, and it is certainly possible that that is true. Perhaps Guidance had a 1-year retention policy for emails, and the emails in question were outside of that policy. Perhaps the individuals involved had legitimately deleted the emails in question prior to receiving a litigation hold notice, without thinking that they would ever be relevant to a legal matter. Certainly an independent observer has grounds for incredulity here, but it does not necessarily follow that Guidance did not follow electronic discovery best practices for a company of their size and resources. Certainly, from the reports, they did not exactly act in a way that earned much confidence from or favor with the arbitrator. However, that’s a completely different issue, and one which may be a legitimate tactical decision by Guidance (to avoid, for example, the high cost of recovering the corrupt backup tapes).
Second, what if Guidance willfully chose to hide relevant documents? At this point, there is no evidence that this is the case. And, you would think that of all of the companies out there, Guidance would be keenly aware of the extremely high level of risk associated with this strategy. A company well-versed in computer forensics understands keenly that the odds of any potentially negative emails not being out there, somewhere, in cyberspace are incredibly small. Thus there is little incentive to intentionally hide documents. If, however, a company did make such a perilous and unethical decision, it has nothing to do with a lack of e-discovery best practices or technology: it simply has to do with a lack of ethics.
So, has the coverage of the Guidance situation been nothing more than an electronic discovery witch hunt? Far from it… even if both of the “conventional wisdom” conclusions are in fact wrong.
Why? Because even if Guidance has its electronic discovery house in order and is acting with complete integrity, if there’s one thing that anyone in the electronic discovery business should have taken away from the last 5 years of court rulings, it’s that perception and transparency in electronic discovery is everything. Electronic discovery is technically complex and fraught with challenges, and companies – particularly those who are perceived as having vast expertise in the space, whether as vendors (i.e. Guidance) or institutions (i.e. pick your favorite TARP recipient) – have to act in such a way as to appear spotless before the court of law and the court of public opinion.
Assuming you already have your electronic discovery house in relative order (a baseline, fundamental requirement for doing business today), perhaps the most important take-away from Guidance is how carefully you need to consider how minor electronic discovery slip-ups, whether real or perceived, can bite, big time. The legal and media environment is primed to pounce on any hint of a cover-up or conspiracy, and enterprises must go the extra mile (or two, or three…) to ensure that their e-discovery efforts are, and will be perceived, as upright, ethical, and above reproach – or be ready and willing to pay the price in sanctions or loss of public confidence.
Loading ...
June 20th, 2009 at 2:18 pm
I have spent many years in the IT industry serving attorneys, retail businesses, and financial services businesses. What I have observed is that IT people are not reliable when it comes to ensuring that there is an unbroken chain of custody of electronic documents. Let me explain why.
One of the primary attributes of IT employees, the very people who carry out the responsibilities for document preservation and categorization, is their obsession with minutia. This is what makes a programmer a programmer. Without that all consuming zeal for detail, it would not be possible to come up with even the simplest form of software that would be broadly usable by business people.
So, IT managers tend to hire people who (and I am lifting direct quotes from the various Internet job sites to illustrate my point) “can work with limited direction,” “are challenged by cutting edge technology,” “are team players” (read that as a person who will takes orders), and “can handle multiple projects in a fast-paced, fun environment.” Be honest, would you want to entrust the implied e-discovery costs to a post-adolescent twenty-something who is hired to work on multiple projects in a “fast-paced, fun environment?”
It is this very minutia-orientation that is the kiss of death for litigation that looks at HOW data was preserved up to the time of litigation. Often IT employees simply don’t see the forest for the trees. Since litigation anticipation is not part of the IT manager’s job description, he or she usually doesn’t plan for it. In the absence of written policies and procedures that address the requirement for preservation and categorization of electronic documents and media, the haphazard method of handling backups can result in crippling e-discovery expenses that may preclude being able to proceed to trial, the inadmissibility of evidence, accusations of spoliation, sanctions designed to impugn the case of and in certain cases to punish the spoliator, and in the end a catastrophic loss of a case.
In instances where written policies and procedures exist that define best practices for the preservation of e-documents, IT personnel behave the same way that they do in most every other area of life, i.e. they do the task, but they often don’t document the fact that they did it. If anyone doubts this is true, ask any programmer when was the last time he wrote documentation for a program he created. Often the answer will be, “Never.” In the cases where that is not the answer, it might be something on the order of, “After it was released.” The urge to document actions contemporaneously is not part of the programmer’s DNA, and it is the absence of contemporaneous attestations of having completed the requisite procedures that can break the chain of custody from a legal perspective.
I cannot say anything about Guidance Software as a company because I don’t know anything about it, and I cannot say anything about its leadership because I would be speaking out of ignorance. What I can say is that if that company hired its employees in the same manner as that of other software companies and even if it had written policies and procedures, it is altogether possible that it would not have found the missing e-mail messages.
Companies in general need to start crawling out from beneath the rocks to see the light of day. Since the year 2000, UETA and E-SIGN have been in effect, making electronic documents the legal equivalents of paper documents for domestic and international business transactions. The Federal Rules of Civil Procedure as amended in December, 2006, plus later case law directly address what is expected with respect to disclosure and preservation of electronic documents. There is no magic bullet that will allow businesses to ignore these factors and still be regarded as living in the real world.
Similarly, attorneys should give some attention to educating their clients about the need for instituting best practices with respect to electronic document preservation. Not to do so contributes to the expense of e-discovery when litigation does occur. The legal industry’s focus on digging up the evidence after the crime has been committed instead of preparing non-litigating clients to handle and manage its documents in a court-friendly fashion is comparable to the practice of medicine in which doctors primarily focus on people who are already sick instead of educating them to increase the likelihood of their staying healthy. Clearly, operating in a crisis mode ensures that clients will pay what is required simply to have a defense, but is such a non-preventative practice defensible when it is known by those in the practice of law that the field of e-discovery is a minefield of hazards not easily anticipated by the uninitiated?