e-Commerce Changes Everything ' Again

e-Commerce Web sites' only constant is change. They must nimbly adjust prices and offerings on the fly to meet market conditions and customer profiles. And those aren't all of these sites' ongoing change requirements.

One thing that doesn't change, however, is their reliance on data ' customer preferences as well as transaction information. Although e-commerce Web sites are an inherently transient medium, that data is as worthy of preservation as a treasure map or share certificate of old, because, in many ways, it is worth more than money.

For these firms, a record-keeping and record-retention policy seem to be electronic oxymorons, as much as an 'inexpensive lawyer' or 'friendly litigation' may seem to many people The controlled destruction of records typically associated with such policies in the post-Enron and Arthur Andersen era appears to fly in the face of the needs and realities of e-commerce, as much as do traditional notions of photocopying and saving every paper business record.

Yet another constant in the commercial realm in the last few years has been the message to businesses about the risk of improperly destroying documents, or simply failing to preserve them. As a result of cases decided on the evidence of e-mails and letters that never should have been sent or saved, mundane record-keeping policies have entered the boardroom.

The He Said, She Said Of It

According to today's common wisdom, businesses should simply throw out the records they don't need. Not only will they find what they really do need more easily, without tearing up the office, but they will also eliminate documents that could harm them if viewed in the wrong light.

But instead of haphazard deletion when computer or mobile-storage memories or file cabinets fill up, a true policy establishes a controlled pruning of records, year in, year out, according to pre-established criteria. The document removal must be consistent ' a policy that isn't followed isn't a 'policy,' but a philosophy or principle.

Of course, a well designed and consistently well implemented policy must have exceptions. When a matter is in litigation, or close to it, records shouldn't be touched, so that the appearance of impropriety or manipulation of evidence is avoided.

Nonetheless, some legal documents are worth keeping for as long as possible. Original promissory notes, releases and contracts, for instance, may be needed in court. Old insurance policies often pay for a defense lawyer and coverage for losses, many decades after the fact.

The policy must also satisfy regulatory and privacy requirements. For example, securities firms must preserve communications with customers, even instant messages. And the policy should protect personal information obtained in normal business transactions against disclosure or improper use, and it should also warn customers that it will be saved.

What Should You Do? Well, Um '

Balancing these competing and expensive needs makes records-retention difficult for any firm ' and has spawned a cottage industry of consultants that is growing all the time. Of course, the consultants will be glad to bill you for creating even more records of advice on what not to do (which could look very bad in your files, if you don't follow the advice!).

In fact, the rules have become so muddied that the courts themselves sometimes cannot agree on when a firm can destroy documents. For example, a federal appellate court recently reversed the conviction of a prominent dot-com investment banker. Two separate trials had previously come to conflicting results about whether his forwarded e-mail, 'strongly advising' recipients to follow a colleague's instruction to 'catch up on file cleanup,' had criminal intent. (See, www.law.com/jsp/article.jsp?id=1142862090894.)

Yet modern records policies may be more challenging for e-commerce firms than for their bricks-and-mortar counterparts ' and may paradoxically change firms' focus to record retention, and away from destruction. For instance, although Web sites are ephemeral, e-commerce businesses still must keep the same permanent records as any bricks-and-mortar business ' because they face the same legal duties and business needs as the lowest-tech firm does, from tax and accounting data to proof of regulatory compliance to the handling of normal business correspondence. In addition, the constantly changing Web sites and round-the-clock transactions at the core of any e-commerce business have dramatically expanded the number of 'records' that must be managed. As the court stated in the recent and widely reported decision in a dispute between two industry leaders, ToysRUs.com, LLC v. Amazon.com, Docket No. C-96-04 (NJ Superior March 1, 2006 ' also at www.judiciary.state.nj.us/toysrus/index.htm), 'The volume of data in this case is overwhelming. ' Everyday the volume of documents maintained in electronic format multiplies exponentially.'

Staggering Volume Must Be Managed

Consider some of the special burdens posed by the sheer quantity of e-commerce records. e-Commerce firms' primary method of communication is by e-mail. The Zubulake cases have certainly made indisputable the assertion that electronic correspondence is as much of a business record subject to normal discovery as traditional paper-based communication. But clearer rules haven't eased the burden of dealing with the massive quantities of e-mail produced by even the smallest firm, much less those that do business only through e-mail and other electronic communications. Moreover, although records policies have been common for many years, today's digital technology and paperless offices pose great legal and practical problems. Electronic records ' from spreadsheet and word-processing files to e-mail ' can easily be copied and stored, cheaply and, seemingly, indefinitely.

Consider the rabbit-like, automatic propagation of records, without human activity, when an order acknowledgement is e-mailed to a customer. Each server from which that message is downloaded has a copy, as well as does each computer hard drive used to retrieve it; so does the computer on which the form was created, as well as any firm networks on which it traveled. Backup tapes and servers will also preserve the data, including those at Internet service providers that handled the data along the way. And so may employees who worked on the matter (including from a home office), or who kept a personal copy 'to be safe.'

The e-commerce Web site itself faces the same practical problems. The site may be hosted on multiple servers to accommodate traffic surges, as well as to provide redundancy. Copies may be cached throughout the world to speed response times. The site also may have partners that handle specific tasks, each with its own copy of the site, and records of particular transactions. As a result, today's records manager must include all of these places in the retention plan ' because a creative plaintiff's lawyer will look in all of them for the 'smoking gun.' If a record that should exist can't be found after litigation has begun, and a records policy doesn't exist to explain its absence, then a court may presume that the record contained unfavorable information ' and was improperly deleted. Also, low-tech paper records can always resurface at the most inopportune moment, despite the best efforts at electronic housekeeping.

Briefs From The Field

The ToysRUs.com opinion poignantly highlighted many of these special challenges of e-commerce record keeping. In that case, many legal issues turned on the factual questions of what screens customers saw, and in response to what queries ' all of which the parties had tried to retain in records. That case very well illustrated the importance of a retention-oriented records policy for an e-commerce firm, because the availability of comprehensive business records was critical in litigation.

'The evidence issue highlighted one of the other unique problems associated with this case,' the decision said. 'In a breach of contract agreement involving brick and mortar stores, the customers coming through the door of those brick and mortar stores are tangible. The shelves for products are physically present in a way that a witness can touch, feel, locate and capture the product itself, how many sales there are, and how many people come through the door. There is a different sense with e-commerce. The site navigation and search results on the Internet rarely, if ever, repeat the same pattern. In fact, during the course of this trial, just simply checking a different icon on the Court's own lap top computer resulted in a different screen shot than was being presented to this Court by counsel as evidence. In analyzing the evidence presented to this Court and its impact on the Court's decisions I cannot emphasize strongly enough the complexity of the problems presented.' (Emphasis added.)

The court even remarked on how difficult it had been to assemble records for it.

'Clearly, data gathering for this analysis and any data gathering from the Amazon site is Herculean task. The data on product offering and product sales ' was between fifty to sixty million records of information.'

Presumably, any firm would face the same problems in trying to apply a typical records policy to an e-commerce business.

Yet despite all these problems, the parties and court were able to manage these records, and effectively deploy them in court (albeit with two retailing behemoths footing the bill). But not all e-commerce firms may have the resources to maintain this volume of records in case they would be needed in a dispute, much less manage them in a practical way. That makes it clear that a good policy should also specify the topic of records management to allow information to be located when needed in a timely and efficient manner. Without those provisions, e-commerce firms could quickly have the proverbial messy desk replicated over many megabytes of storage, given the speed and quantity with which they create records.

Don't Forget Technology

Today's record-keeping policies must also address the constant of technological change and progress. Will tomorrow's technology even be able to read today's storage formats? As the Y2K planning experience showed, resources to read old information formats may not be readily available, if at all. Consider this, for example: How many old accounting records are on magnetic tapes or on 5.25-inch floppy disks?

In criticizing both parties' data searches, the ToysRUs.com opinion also noted another dilemma for e-commerce records policies: practical search tools.

'The Court also acknowledges that the volume of the data maintained by Amazon makes this search not only difficult but susceptible to tremendous compromise in its credibility. ' There were efforts to retrieve data but unless that data was specifically identified and requested by TRUCC it was not provided. TRUCC's request for data in discovery only produced data that TRUCC actually knew existed.'

Those writing e-commerce records policies may also face resistance from a firm's marketers. Today, customer information can be one of an e-commerce firm's most valuable ' and marketable ' assets. While this article isn't intended to discuss all the elements of an effective privacy policy, or what must be incorporated in the records policy, the records-policy author must recognize that widely accepted limits on use and retention of properly collected personal data may at the same time have a bottom-line cost to her employer

Of course, e-commerce firms could simply choose not to retain all records ' as long as they do it consistently. But exceptions ' records located by an opposing party in one of the many places that even the most junior litigator knows to look today ' could lead to very harmful inferences. The absence of a key record then appears to be a purposeful refusal to save what might have been harmful data, rather than a prudent corporate approach to managing prodigious quantities of information.

This attention to missing documentation must extend even to such mundane areas as sales-tax enforcement. An e-commerce firm's failure to collect and maintain resale-exemption certificates, for example, may lead an auditor to try to seek back taxes and penalties. State taxing authorities have become increasingly successful at showing sufficient nexus to require e-commerce sites to collect and remit sales tax, as they have learned how much tax revenue has been lost to untaxed e-commerce.

But despite all these practical problems, e-commerce businesses overrun by data must still plan strategies for controlling this explosion of records. Courts, in turn, must reconsider what record-keeping ' and planned destruction ' is reasonable when the physical cost of records storage is dwarfed by the human cost of managing it, even before the start of litigation.

Reading the opinion in the ToysRUs.com case, it's hard to imagine how either side could have tried its case without the ready availability of extensive, organized records. The court specifically cited evidence of how the joint Web site appeared on different days and in response to certain queries (in addition to more traditional records of how the business deal was negotiated). Wall Street Journal technology reporter Lee Gomes called the evidence presented in the case 'one of the few windows we have into real corporate history. Corporate archivists are a dying breed, in part because companies are worried that some preserved memo might one day become the basis for a shareholder lawsuit.'

Plan To Join The Change Cycle

Perhaps the best way to start to confront the retention problem, then, is to try to change the entire firm's way of thinking about record-keeping. Instead of focusing on 'record-keeping,' as has been the buzzword, firms should train employees in proper 'record-creation' and 'record-organization' policies. In other words, a record that was never created doesn't have to be managed.

On the other hand, many records and messages are necessary, and must be kept for future use simply as a part of good business practice, or by regulatory requirement, so, it's just as important to think carefully about what to include ' and leave out ' of each communication, if it must be kept, as it is to plan for its deletion.

Everyone creating a document, from memos to e-mail to Web site to blog postings, should do so as if it will be read in a court case some day. The context of a negotiation may not be apparent to the judge reading it years later, unless it is spelled out. Corporate executives should avoid unthinkingly sending blind copies (especially of drafts) to those who don't need to see them. For example, if you list only two claims for breach of a contract in your first message to the e-commerce firm, do you want to explain to a judge why you left out the other 10 issues that you later complained about?

Warnings about flame e-mails and incendiary blog postings have been widely circulated for years. Recently, unsuccessful job seekers have learned how easy it is for potential employers to check personal blogs and MySpace sites for information about and by the applicants or candidates. But the same cautions apply equally to routine business communications, because records may exist indefinitely, despite a person's or firm's best efforts to create retention policies. Also, in a world that runs on the speed of a Blackberry, systems should be in place so that a record is easily and accurately stored the first time it is saved.

Employees should also be trained on immediate deletion of unnecessary records ' 'read once, delete immediately' ' and this is more important, when not to delete. The possibility of litigation, or regulatory demands, can transform a policy based on good housekeeping and risk avoidance into an expensive lesson in the court rules of civil or even criminal procedure.

Of course, even low-tech handwritten records can cause expensive problems. For example, the scribbled word 'dump' on a 1970s survey added weeks of due diligence, legal fees and investigation costs to the sale of the real estate on that map 30 years later. By then, no one still with the company knew anything about the potential dump, much less whether it was on the property.

Be Prepared For Change

In today's world, disputes and litigation are nearly a certainty, for
e-commerce firms as well as for their traditional competitors. For all of the commonly discussed reasons, e-commerce firms should not stop trying to create record-keeping policies to protect against the information they kept for safety from coming back to endanger them. The realities of storage and search technology, and the litigation incentives to find the 'needle in a haystack,' however, mean that such policies probably will not eliminate all harmful records.

Instead, in the e-commerce era, a good record-keeping policy should have a very different focus from the traditional 'destruction' policies that have plagued executives and lawyers alike. Instead, think as much about creating records that show context, after the fact, and about good housekeeping, so that the full record of a dispute can be located without undue effort when needed. As the ToysRUs.com opinion showed, timely, cost-efficient retrieval and organization of the massive quantities of data generated by e-commerce can win a case as easily as an imprudently retained document can lose it.

In the dot-com boom, William Shatner's ubiquitous 'This changes everything' ads for Priceline.com became symbolic of the creative destruction that e-commerce wreaked on traditional business. Today, e-commerce record-keeping must undergo the same paradigm shift, from how to destroy a limited number of records to planning how to best keep and manage a seemingly limitless quantity of them. It ought to be a prime directive of e-commerce companies.

e-Commerce Web sites' only constant is change. They must nimbly adjust prices and offerings on the fly to meet market conditions and customer profiles. And those aren't all of these sites' ongoing change requirements.

One thing that doesn't change, however, is their reliance on data ' customer preferences as well as transaction information. Although e-commerce Web sites are an inherently transient medium, that data is as worthy of preservation as a treasure map or share certificate of old, because, in many ways, it is worth more than money.

For these firms, a record-keeping and record-retention policy seem to be electronic oxymorons, as much as an 'inexpensive lawyer' or 'friendly litigation' may seem to many people The controlled destruction of records typically associated with such policies in the post-Enron and Arthur Andersen era appears to fly in the face of the needs and realities of e-commerce, as much as do traditional notions of photocopying and saving every paper business record.

Yet another constant in the commercial realm in the last few years has been the message to businesses about the risk of improperly destroying documents, or simply failing to preserve them. As a result of cases decided on the evidence of e-mails and letters that never should have been sent or saved, mundane record-keeping policies have entered the boardroom.

The He Said, She Said Of It

According to today's common wisdom, businesses should simply throw out the records they don't need. Not only will they find what they really do need more easily, without tearing up the office, but they will also eliminate documents that could harm them if viewed in the wrong light.

But instead of haphazard deletion when computer or mobile-storage memories or file cabinets fill up, a true policy establishes a controlled pruning of records, year in, year out, according to pre-established criteria. The document removal must be consistent ' a policy that isn't followed isn't a 'policy,' but a philosophy or principle.

Of course, a well designed and consistently well implemented policy must have exceptions. When a matter is in litigation, or close to it, records shouldn't be touched, so that the appearance of impropriety or manipulation of evidence is avoided.

Nonetheless, some legal documents are worth keeping for as long as possible. Original promissory notes, releases and contracts, for instance, may be needed in court. Old insurance policies often pay for a defense lawyer and coverage for losses, many decades after the fact.

The policy must also satisfy regulatory and privacy requirements. For example, securities firms must preserve communications with customers, even instant messages. And the policy should protect personal information obtained in normal business transactions against disclosure or improper use, and it should also warn customers that it will be saved.

What Should You Do? Well, Um '

Balancing these competing and expensive needs makes records-retention difficult for any firm ' and has spawned a cottage industry of consultants that is growing all the time. Of course, the consultants will be glad to bill you for creating even more records of advice on what not to do (which could look very bad in your files, if you don't follow the advice!).

In fact, the rules have become so muddied that the courts themselves sometimes cannot agree on when a firm can destroy documents. For example, a federal appellate court recently reversed the conviction of a prominent dot-com investment banker. Two separate trials had previously come to conflicting results about whether his forwarded e-mail, 'strongly advising' recipients to follow a colleague's instruction to 'catch up on file cleanup,' had criminal intent. (See, www.law.com/jsp/article.jsp?id=1142862090894.)

Yet modern records policies may be more challenging for e-commerce firms than for their bricks-and-mortar counterparts ' and may paradoxically change firms' focus to record retention, and away from destruction. For instance, although Web sites are ephemeral, e-commerce businesses still must keep the same permanent records as any bricks-and-mortar business ' because they face the same legal duties and business needs as the lowest-tech firm does, from tax and accounting data to proof of regulatory compliance to the handling of normal business correspondence. In addition, the constantly changing Web sites and round-the-clock transactions at the core of any e-commerce business have dramatically expanded the number of 'records' that must be managed. As the court stated in the recent and widely reported decision in a dispute between two industry leaders, ToysRUs.com, LLC v. Amazon.com, Docket No. C-96-04 (NJ Superior March 1, 2006 ' also at www.judiciary.state.nj.us/toysrus/index.htm), 'The volume of data in this case is overwhelming. ' Everyday the volume of documents maintained in electronic format multiplies exponentially.'

Staggering Volume Must Be Managed

Consider some of the special burdens posed by the sheer quantity of e-commerce records. e-Commerce firms' primary method of communication is by e-mail. The Zubulake cases have certainly made indisputable the assertion that electronic correspondence is as much of a business record subject to normal discovery as traditional paper-based communication. But clearer rules haven't eased the burden of dealing with the massive quantities of e-mail produced by even the smallest firm, much less those that do business only through e-mail and other electronic communications. Moreover, although records policies have been common for many years, today's digital technology and paperless offices pose great legal and practical problems. Electronic records ' from spreadsheet and word-processing files to e-mail ' can easily be copied and stored, cheaply and, seemingly, indefinitely.

Consider the rabbit-like, automatic propagation of records, without human activity, when an order acknowledgement is e-mailed to a customer. Each server from which that message is downloaded has a copy, as well as does each computer hard drive used to retrieve it; so does the computer on which the form was created, as well as any firm networks on which it traveled. Backup tapes and servers will also preserve the data, including those at Internet service providers that handled the data along the way. And so may employees who worked on the matter (including from a home office), or who kept a personal copy 'to be safe.'

The e-commerce Web site itself faces the same practical problems. The site may be hosted on multiple servers to accommodate traffic surges, as well as to provide redundancy. Copies may be cached throughout the world to speed response times. The site also may have partners that handle specific tasks, each with its own copy of the site, and records of particular transactions. As a result, today's records manager must include all of these places in the retention plan ' because a creative plaintiff's lawyer will look in all of them for the 'smoking gun.' If a record that should exist can't be found after litigation has begun, and a records policy doesn't exist to explain its absence, then a court may presume that the record contained unfavorable information ' and was improperly deleted. Also, low-tech paper records can always resurface at the most inopportune moment, despite the best efforts at electronic housekeeping.

Briefs From The Field

The ToysRUs.com opinion poignantly highlighted many of these special challenges of e-commerce record keeping. In that case, many legal issues turned on the factual questions of what screens customers saw, and in response to what queries ' all of which the parties had tried to retain in records. That case very well illustrated the importance of a retention-oriented records policy for an e-commerce firm, because the availability of comprehensive business records was critical in litigation.

'The evidence issue highlighted one of the other unique problems associated with this case,' the decision said. 'In a breach of contract agreement involving brick and mortar stores, the customers coming through the door of those brick and mortar stores are tangible. The shelves for products are physically present in a way that a witness can touch, feel, locate and capture the product itself, how many sales there are, and how many people come through the door. There is a different sense with e-commerce. The site navigation and search results on the Internet rarely, if ever, repeat the same pattern. In fact, during the course of this trial, just simply checking a different icon on the Court's own lap top computer resulted in a different screen shot than was being presented to this Court by counsel as evidence. In analyzing the evidence presented to this Court and its impact on the Court's decisions I cannot emphasize strongly enough the complexity of the problems presented.' (Emphasis added.)

The court even remarked on how difficult it had been to assemble records for it.

'Clearly, data gathering for this analysis and any data gathering from the Amazon site is Herculean task. The data on product offering and product sales ' was between fifty to sixty million records of information.'

Presumably, any firm would face the same problems in trying to apply a typical records policy to an e-commerce business.

Yet despite all these problems, the parties and court were able to manage these records, and effectively deploy them in court (albeit with two retailing behemoths footing the bill). But not all e-commerce firms may have the resources to maintain this volume of records in case they would be needed in a dispute, much less manage them in a practical way. That makes it clear that a good policy should also specify the topic of records management to allow information to be located when needed in a timely and efficient manner. Without those provisions, e-commerce firms could quickly have the proverbial messy desk replicated over many megabytes of storage, given the speed and quantity with which they create records.

Don't Forget Technology

Today's record-keeping policies must also address the constant of technological change and progress. Will tomorrow's technology even be able to read today's storage formats? As the Y2K planning experience showed, resources to read old information formats may not be readily available, if at all. Consider this, for example: How many old accounting records are on magnetic tapes or on 5.25-inch floppy disks?

In criticizing both parties' data searches, the ToysRUs.com opinion also noted another dilemma for e-commerce records policies: practical search tools.

'The Court also acknowledges that the volume of the data maintained by Amazon makes this search not only difficult but susceptible to tremendous compromise in its credibility. ' There were efforts to retrieve data but unless that data was specifically identified and requested by TRUCC it was not provided. TRUCC's request for data in discovery only produced data that TRUCC actually knew existed.'

Those writing e-commerce records policies may also face resistance from a firm's marketers. Today, customer information can be one of an e-commerce firm's most valuable ' and marketable ' assets. While this article isn't intended to discuss all the elements of an effective privacy policy, or what must be incorporated in the records policy, the records-policy author must recognize that widely accepted limits on use and retention of properly collected personal data may at the same time have a bottom-line cost to her employer

Of course, e-commerce firms could simply choose not to retain all records ' as long as they do it consistently. But exceptions ' records located by an opposing party in one of the many places that even the most junior litigator knows to look today ' could lead to very harmful inferences. The absence of a key record then appears to be a purposeful refusal to save what might have been harmful data, rather than a prudent corporate approach to managing prodigious quantities of information.

This attention to missing documentation must extend even to such mundane areas as sales-tax enforcement. An e-commerce firm's failure to collect and maintain resale-exemption certificates, for example, may lead an auditor to try to seek back taxes and penalties. State taxing authorities have become increasingly successful at showing sufficient nexus to require e-commerce sites to collect and remit sales tax, as they have learned how much tax revenue has been lost to untaxed e-commerce.

But despite all these practical problems, e-commerce businesses overrun by data must still plan strategies for controlling this explosion of records. Courts, in turn, must reconsider what record-keeping ' and planned destruction ' is reasonable when the physical cost of records storage is dwarfed by the human cost of managing it, even before the start of litigation.

Reading the opinion in the ToysRUs.com case, it's hard to imagine how either side could have tried its case without the ready availability of extensive, organized records. The court specifically cited evidence of how the joint Web site appeared on different days and in response to certain queries (in addition to more traditional records of how the business deal was negotiated). Wall Street Journal technology reporter Lee Gomes called the evidence presented in the case 'one of the few windows we have into real corporate history. Corporate archivists are a dying breed, in part because companies are worried that some preserved memo might one day become the basis for a shareholder lawsuit.'

Plan To Join The Change Cycle

Perhaps the best way to start to confront the retention problem, then, is to try to change the entire firm's way of thinking about record-keeping. Instead of focusing on 'record-keeping,' as has been the buzzword, firms should train employees in proper 'record-creation' and 'record-organization' policies. In other words, a record that was never created doesn't have to be managed.

On the other hand, many records and messages are necessary, and must be kept for future use simply as a part of good business practice, or by regulatory requirement, so, it's just as important to think carefully about what to include ' and leave out ' of each communication, if it must be kept, as it is to plan for its deletion.

Everyone creating a document, from memos to e-mail to Web site to blog postings, should do so as if it will be read in a court case some day. The context of a negotiation may not be apparent to the judge reading it years later, unless it is spelled out. Corporate executives should avoid unthinkingly sending blind copies (especially of drafts) to those who don't need to see them. For example, if you list only two claims for breach of a contract in your first message to the e-commerce firm, do you want to explain to a judge why you left out the other 10 issues that you later complained about?

Warnings about flame e-mails and incendiary blog postings have been widely circulated for years. Recently, unsuccessful job seekers have learned how easy it is for potential employers to check personal blogs and MySpace sites for information about and by the applicants or candidates. But the same cautions apply equally to routine business communications, because records may exist indefinitely, despite a person's or firm's best efforts to create retention policies. Also, in a world that runs on the speed of a Blackberry, systems should be in place so that a record is easily and accurately stored the first time it is saved.

Employees should also be trained on immediate deletion of unnecessary records ' 'read once, delete immediately' ' and this is more important, when not to delete. The possibility of litigation, or regulatory demands, can transform a policy based on good housekeeping and risk avoidance into an expensive lesson in the court rules of civil or even criminal procedure.

Of course, even low-tech handwritten records can cause expensive problems. For example, the scribbled word 'dump' on a 1970s survey added weeks of due diligence, legal fees and investigation costs to the sale of the real estate on that map 30 years later. By then, no one still with the company knew anything about the potential dump, much less whether it was on the property.

Be Prepared For Change

In today's world, disputes and litigation are nearly a certainty, for
e-commerce firms as well as for their traditional competitors. For all of the commonly discussed reasons, e-commerce firms should not stop trying to create record-keeping policies to protect against the information they kept for safety from coming back to endanger them. The realities of storage and search technology, and the litigation incentives to find the 'needle in a haystack,' however, mean that such policies probably will not eliminate all harmful records.

Instead, in the e-commerce era, a good record-keeping policy should have a very different focus from the traditional 'destruction' policies that have plagued executives and lawyers alike. Instead, think as much about creating records that show context, after the fact, and about good housekeeping, so that the full record of a dispute can be located without undue effort when needed. As the ToysRUs.com opinion showed, timely, cost-efficient retrieval and organization of the massive quantities of data generated by e-commerce can win a case as easily as an imprudently retained document can lose it.

In the dot-com boom, William Shatner's ubiquitous 'This changes everything' ads for Priceline.com became symbolic of the creative destruction that e-commerce wreaked on traditional business. Today, e-commerce record-keeping must undergo the same paradigm shift, from how to destroy a limited number of records to planning how to best keep and manage a seemingly limitless quantity of them. It ought to be a prime directive of e-commerce companies.