e-discovery 2.0

Much of the business and personal productivity that comes in the digital world  is from email and its unique abilities. Email allows us to communicate in a way that helps us associate context to our discussions, namely in its ability to be chained into a sequential thread when email users reply to or forward emails they previously received. This accomplishes two important tasks: 1) it allows the person sending the reply or forward to get an understanding of the issues so he/she can craft a meaningful response, and 2) it allows the person receiving the response to understand that response in the context of other on-going discussions. Email programs such as Microsoft Outlook, Eudora, and Gmail help by automatically including content from prior emails, thus producing a long chain of reference.

It is no coincidence that emails thus constitute key evidentiary value in the context of litigation. The inherent value captured in emails is what makes email productions central to pre-trial disclosures and the electronic discovery that precedes it. Courts have long recognized that emails are a business record and subject to discovery. Establishing who said what in the context of a matter in dispute is greatly facilitated by examining the thread of emails recorded in email repositories. With respect to electronic discovery, however, email threading presents several unique challenges. The area of greatest confusion and uncertainty has been the determination of privilege when emails are exchanged with in-house counsel and attorneys and whether such emails are protected by attorney-client privilege or not. A central issue is the composition of privilege logs under these circumstances.

There are several legal opinions on the matter of intermingling privileged and non-privileged communications in an email chain. These opinions have left the matter with little clarity, especially regarding whether the entire email thread is privileged or whether individual emails must be separated out and classified as privileged, with a privilege log listing them. Typically, the most recent email in a thread contains all other emails in that thread. Separating out individual emails (i.e., the contained emails) from the containing email would allow for treatment of just the portions of the email thread that may have privilege. When such separation is permitted, some contained emails may be assessed as privileged while others may not. However, it is entirely possible that the contained email is also present as an independent email under possession of the same custodian or another custodian. When it is present, one could argue that the contained email can just be ignored, and if the corresponding email is responsive, one can ignore the contained email. But rarely does a collection include a complete set of custodians, so the question of whether the privilege log should include the contained item in question still remains. In terms of management of review, and for constructing a privilege log, treating the most recent email and all its contained emails as a single entity is less expensive and cleaner than separating and determining privilege status of each contained email.

Another complicating factor is simply a determination of privilege. Does the mere fact that an attorney was listed as a courtesy CC recipient make the entire email privileged? And, when such emails are then forwarded only to an attorney involved in the case, with a legal strategy discussed in the containing email, is only the new content added to the containing email privileged, or does the privilege determination extend to the other contained emails?  Let’s examine a few opinions for guidance.

With respect to privilege there is a significant body of opinions that would suggest that only communications that explicitly seek legal advice are privileged.

“With respect to internal communications involving in-house counsel, a party “must make a ‘clear showing’ that the ‘speaker’ made the communications for the express purpose of obtaining or providing legal advice”, Chevron Texaco Corp., 241 F. supp 2d) at 1076 (quoting In Re Sealed Case, 737 F.2d 94 (D.C. Cir. 1984)). If the legal and business advice are inextricably intertwined, “the legal advice must predominate over the business advice, and not be merely incidental, for the communications to be protected under attorney client privilege.” Evidently, attempts to include an incidental attorney in a thread would not offer privilege protections. However, the issue is complicated if the most recent containing email is indeed a genuine attempt to seek such guidance. Here again, there are two opinions. In United States v. Chevron Texaco Corp., 241 F. supp. 2d 1065, 1074 n.6 (N.D. Cal. 2002), we note that:

“With respect to each series of emails for which Chevron asserts protection under privilege, Chevron breaks the series into each discrete message. In our view, such a representation of the document is misleading. Each email/communication consists of the text of the sender’s message as well as all of the prior emails attached to it. Therefore, Chevron’s assertion that each separate email stands as an independent communication is inaccurate.”The above would have you prepare a single entity with the most recent containing email and all other quoted emails treated as a single unit. On the other hand, we see the opposite opinion in Universal Service Fund Telephone Billing Practices Litigation, 232 F.R.D. 669, 674 (D. Kan. 2005) where “the court strongly encourages counsel, in the preparation of future privilege logs, to list each email within a strand as a separate entry”. In a related ruling, the court notes: “Obviously, a sufficient (i.e., reasonably detailed) privilege log is vital if litigants and judges are to determine whether documents have been properly withheld from discovery.” As mentioned earlier, this can be much more expensive from a review and production standpoint.

In Chemtech Royalty Assoc., L.P. v. United States, Nos. 05-cv-00944, 06-cv-00258, 07-cv-00405, at (M.D. La. Mar. 30, 2009), we get another perspective: “Asserting privilege for an entire email thread in the privilege log, but only describing the last message in the thread is deficient.”

In Baxter Healthcare Corp. v. Fresenius Med. Care Holding, Inc., No. 07-cv-01359, 2008 BL 229777 at (N.D. Cal. Oct 10, 2008), the defendants are ordered to produce a privilege log that “separately identifies the author, recipient(s), copyee(s), and blind carbon copyee(s) for each logged email communication regardless of whether the communication is part of an email string”. The court directive is: “Each email is a separate communication, for which a privilege may or may not be applicable. Defendants cannot justify aggregating authors and recipients for all emails in a string and then claiming privilege for the aggregated emails.”

Thus, the contained emails must be treated as separate privilege log entries.

In Vioxx Products Liability Litigation, 501 F. Supp. 2d 789, 812 (E.D. La 2007) the court notes:

“Email threads in which attorneys are ultimately involved were usually listed on the privilege log as one message.”  Further, “Simply because technology has made it possible to physically link these separate communications (which in the past would have been separate memoranda) does not justify treating them as one communication and denying party a fair opportunity to evaluate privilege claims raised by the producing party.”

Again, the preference has been to separate out individual contained emails as independent emails with corresponding privilege log.

In C.T.  v.  Liberal School District, Nos. 06-cv-02093, 06-cv-02360, 06-cv-02359, 2007 BL 21826 at (D. Kan. May 24, 2007), the court orders the plaintiff to submit an amended privilege log that listed email in a string as a separate entry.

In Se. Pa. Transport Authority v. Caremark PCS Health, L.P., 254 F.R.D., 253, 264-65 (E.D., Pa 2008) court recommends “analyzing emails in chain separately to rule on defendant’s privilege claims”.

Another significant opinion is found in Muro v. Target Corp., 250 F.R.D. 350 (N.D. Ill. 2007). In addition to at least four motions, an in camera review  was requested for identifying the privilege status of eighty nine documents. Here, the court ruled that FRCP Rule 26(b)(5)(A)  does not require that all contained emails be separated out. However, the court sustains Target’s objection to the Magistrate Judge’s ruling that its privilege log was inadequate for failure to separately itemize each individual email quoted in an email string. In Muro, though, you are allowed to treat an entire email as a single entity only if the non-privileged communications in that chain are otherwise disclosed. Hence, if you wish to treat an email as a single unit, you are required to either disclose the individual contained emails from other custodians, or to list them as Derived Emails (see below).

Another important case is the Rhoads Industries Inc. v. Building Materials Corp. of America et al 2008, WL 5082993 (E.D. Pa Nov. 26, 2008), where the court rendered the opposite opinion:

“Each version of an email string (i.e., a forward or reply of a previous email message) must be considered a separate, unique document, and therefore each message of the string which is privileged must be separately logged in order to claim privilege in that particular document.”

Of course, the context of the Rhoades opinion is the statement: “In the world of electronic communications, a series of email messages, among people employed by the client, but working in different locations, can replace the meeting with an attorney and subsequent letter.” However, this opinion is very debatable.

An entirely different approach is suggested in Apsley v. Boeing Co., No. 05-cv-01368, 2008 BL 12035 at (D. Kan. Jan 22, 2008), with the opinion “Although Boeing listed on its privilege log entire email strings, it redacted only the portion of the string that contained legal communications.” While this seems to be a perfectly reasonable approach, wouldn’t this compromise case strategy since the very fact that certain portions of the non-privileged, unredacted emails were being exchanged with in-house counsel and is therefore part of an attorney communication can be damaging?

Suffice it to say, the courts differ in their opinions on how to handle email threads and their privileged logs. It is in this context that the Clearwell E-Discovery Platform’s treatment of email threads is extremely helpful for preparing your litigation response. In fact, Clearwell has received two patents related to email threading, one for constructing email threads and its ranking and another for determining derived emails from other containing emails and de-duplication in the context of original emails. Clearwell has advanced email meta-data and content analytics to piece together all emails of a thread. Furthermore, its Derived Email feature separates out contained emails as complete emails, which are then de-duplicated against other emails that are not derived from a contained email. In situations where such a duplicate is not identified, the derived email is maintained in a special state. Also, the containing email’s thread is separated out in such a way that each individual email’s privilege status can be determined. One can apply either a single- or multiple-record policy satisfying whatever the prevailing opinion is from the bench. Also, Clearwell’s redaction capabilities and its ability to produce the same set of documents for multiple parties allow the case team to provide a quick turnaround if there is a motion to produce either a privilege log or the non-privileged snippets of emails. Such technology can be a lifesaver when it comes to meeting electronic discovery obligations.

I was at the Sedona Conference Working Group’s Mid Year meeting last week where 80 or so electronic discovery practitioners and judges met to discuss hot topics in bucolic Denver, Colorado.  Without getting into the particulars of any discussion, several themes continue to stay on the front burner, including the progress of the cooperation proclamation and the relatively newer issue of proportionality (as highlighted recently by The American College of Trial Lawyers Task Force on Discovery).

Aside from those overarching themes I was struck by how polarizing the discussion was around one recent case in particular.  While many notable commentators have already made this the most talked about cases of the year, Phillip M. Adams & Assoc., LLC v. Dell, Inc., 2009 WL 910801 (D. Utah Mar. 30, 2009) continues to stimulate discussion.   Adams v. Dell is a patent infringement case where the plaintiff, alleged that one of the defendants (ASUS) destroyed critical pieces of evidence and should be sanctioned accordingly.

The underlying facts and timelines are fairly complex, but in summary the dispute centered around the alleged infringement of several patents developed to resolve defects in floppy disks during in the late 80’s.  What makes this decision so vexing is that it starts out as a preservation case, but quickly confuses that concept with data retention and information management practices/policies.

So, starting with the preservation angle…  Both sides fortunately agreed about the definition for the duty to preserve evidence, which in the 10^th circuit begins when a party “knows or should know [it] is relevant to imminent or ongoing litigation.”  The triggering of the preservation duty was not surprisingly much more complicated and ASUS (the responding party) claimed that its duty to preserve wasn’t triggered until early 2005, when they received a letter warning it of potential litigation because of the alleged patent infringement.  But, the Magistrate held that “counsel’s letter is not the inviolable benchmark” and the duty to preserve was triggered much earlier (in the 1999-2000 time frame) because similar litigation was rampant in the industry, highlighted by a late 1999 suit where Toshiba paid billions of dollars in a class action settlement related to similar floppy disk issues.

Leaving the murky preservation issue by the wayside for a bit, the Magistrate then moved into ASUS’ claims that FRCP 37(e) provided a safe harbor for its alleged destruction.

“ASUS claims it can find a safe harbor against sanctions because of the recently adopted rule that sanctions may not be generally imposed for ‘failing to provide electronically stored information lost’ if a party can show the loss was ‘a result of the routine, good-faith operation of an electronic information system.’”

Nice try, but strike two for ASUS…

“ASUS provided an extensive declaration from an experienced consultant in e-discovery. While he stated the reasons for and history of ASUS’ ‘distributed information architecture,’ he did not state any opinion as to the reasonableness or good-faith in the system’s operation. And while he says ‘ASUSTeK’s data architecture relies predominantly on storage on individual user’s workstations,’ his 31-page declaration does not show he is familiar with the precise practices pointed out in the declarations of employees. Those employees’ declarations describe the practice of ASUS’ email system to overwrite old data regardless of its significance; ASUS’ reliance on employees for all email and data archiving; and the process of replacement of computers, which also relies on employees to transfer data from their old to their new computers. Neither the expert nor ASUS speak of archiving ‘policies;’ they speak of archiving ‘practices.’

The court’s distinction between “policies” and “practices” seems like a convenient (perhaps “Deus ex machina”) way to discount ASUS’ data retention activities and prevent the use of the FRCP 37(e) safe harbor.  Since in most instances, “bona fide, consistent and reasonable” document retention “policies” have been found to be presumptively valid by everyone ranging from Sedona (Guideline 3) to Carlucci v. Piper Aircraft Corp. and Arthur Andersen LLP v. United States, 125 S.Ct. 2129 (2005).  It’s not clear how he draws the important “practices” distinction and why said practices are exponentially different from presumptively valid “policies.”

It’s precisely this line of thinking that confuses the alleged failure of the duty to preserve (discussed at the outset of the opinion) with the duty to retain information.  The court seems to think it’s an “unreasonable” practice to have custodians responsible for compliance with data retention and this deficiency made the safe harbor unavailable.

“ASUS has explained that it has no centralized storage of electronic documents, email or otherwise, and relies on individual employees to archive email (which will be deleted if left on the server) and electronic documents (which reside only on individual workstations).”

Not only is this custodian-based retention practice, in and of itself, reasonable; it’s probably the most common form of data retention practices seen at corporations today.  While a number of vendors have promised intelligent retention systems that work without any significant human intervention, for the most part those solutions are still in their infancy.  Additionally, there are significant technical challenges to have an application manage *all* ESI (Electronically Stored Information) that exist for a given custodian (including desktop files, instant messaging, text messaging, social media, etc.) As such, most companies must inherently rely upon their custodians to both retain and preserve data pursuant to company policies.  The court not only seems to miss this point, but also attempts to impose an obligation that corporations must prevent the “loss of data” above and beyond specific preservation obligations.

“ASUS’ practices invite the abuse of rights of others, because the practices tend toward loss of data. The practices place operations-level employees in the position of deciding what information is relevant to the enterprise and its data retention needs. ASUS alone bears responsibility for the absence of evidence it would be expected to possess. While Adams has not shown ASUS mounted a destructive effort aimed at evidence affecting Adams or at evidence of ASUS’ wrongful use of intellectual property, it is clear that ASUS’ lack of a retention policy and irresponsible data retention practices are responsible for the loss of significant data.”

Although the exact rationale was unclear, the court held that ASUS violated their duty to preserve and that the loss of evidence could not be excused as a “routine, good faith operation of electronic information systems.” While the court ruled that sanctions were appropriate, it reserved final sanctions pending the close of discovery.   Depending on what those ultimate sanctions look like, it seems pretty likely that this decision will be subject to appellate review.  Until then, it’s probably too soon to treat this questionable holding as gospel.  Wary corporations however should continue to bolster the “reasonableness” of their information management/retention/destruction policies and practices so that in hindsight a court won’t be able to take away the FRCP 37(e) safe harbor by casting those “practices” as being unreasonable.