Where Is the Data?

If you walk into the Meet and Confer or 26(f) meeting of parties unprepared for an informed discussion of electronically stored information (ESI), the repercussions are serious. Today, electronic data makes up the great majority of documents to be produced, and addressing ESI upfront with those responsible for data systems can prevent issues from surprising the team. Making sure that IT and legal are on the same page can prevent misunderstandings and fully prepare the legal team for intelligent and informed discussions with opposing counsel about discovery.

Scheduling a Meeting

A meeting with IT should be a scheduled as soon as litigation is anticipated. Every moment the implementation of the litigation hold is delayed, the greater the chance of evidence being spoliated. Two meetings with two separate groups in IT are suggested. One is with all of IT ' including contractors, third parties, anyone who administers data/systems. This is a more general meeting to explain the litigation hold and the role of IT in complying with the hold.

The second meeting is with key players. From this meeting, a memorandum is jointly issued from IT and the legal team that explains precisely the policies that IT must follow to comply with this litigation hold. The memorandum can be used for training and as a reminder that the policy is in place.

Meeting with All of IT

Issuing a litigation hold notice is standard operating procedure, but in addition there should be an in-person (if at all possible) meeting with IT as soon as the hold is issued. In order to ensure the preservation of documents and data, as well as to discuss the pre-existing document retention policy, this meeting happening right away is extremely important. If your company uses any contractors for any function in IT, make sure they are included in the litigation hold and in the meeting. It is essential to have everyone involved in IT whether a contractor, part-time, or full-time employee understand the litigation hold and what it entails for the IT department.

First, try to explain exactly the reason for the litigation hold. While the IT team may not need to understand too much about the case facts or the legal issues in dispute, they do need to understand why these documents are needed and how the IT department is essential to the process. Even if this is just a discussion of the discovery process and possible sanctions, it is important for IT to know what their role is and how important it is in this effort.

Also, let IT know that the guidelines and timelines will change. For instance, if there is some disagreement between the parties about whether documents from three years or six months back need to be held, let IT know so they can at least be ready for these abrupt changes. The changes could be to timelines, custodian lists, or document/data. Just letting them know that things can change at any time allows them to be more flexible when these changes are announced. Nothing in litigation remains static and IT must be prepared for the changes that will be coming.

Discussing what the litigation hold actually means and how it differs from the current document retention policy is important as well. Explaining the hold in plain language and being as clear as possible about what the litigation hold notice means should be the focus of the meeting. At the meeting give examples of what compliance with the notice looks like. Does it mean stopping the recycling of backup tapes? Does it mean changing users' permissions on the network? Does it mean setting up an account that will receive all the e-mail that managers or other custodians receive? The answers to these questions will define what compliance looks like. This is not a “one-way meeting,” but a way to share information so that everyone can get a hold on what compliance looks like in this specific environment.

The Key Stakeholders Meeting and the Memorandum

Once this informative meeting has taken place, the group can be narrowed to the key IT people so they can ask specific questions about the data. Having an excellent note-taker or a video/audio recording made of this meeting is recommended in order to record responses and to follow up with a summary memorandum that can be issued to all of IT from the legal team and the key IT people in the meeting. The material (recordings, notices, notes, memorandum) related to the litigation hold is normally protected by Attorney-Client Work Product or privilege. However, all of this material should be written (and spoken, if recorded) as if it will be reviewed by a judge, just to be on the safe side. If there is a problem as to the timing of the hold, the instructions given to custodians, or how the hold was carried out, the litigation hold material will be discoverable. (See Major Tours v. Colorel, 2009 U.S. Dist. LEXIS 68128 (DNJ Aug. 4, 2009.)) Basically, if you write and speak as if the opposing party and the judge were reading the memorandum or in the room, then there should be no problem if the material is discoverable at a later date. The memorandum written by IT and the legal team will memorialize the decisions and keep them available for IT to refer to and update as the litigation progresses. The advantage of having IT issue this memorandum jointly with counsel is that the decisions and actions will be stated in a way that is straightforward and focused on data. This memorandum should be free of legalese and filled with “tech talk.”

Bringing a crossover person, or someone with extensive knowledge of network systems, data and programs as well as familiarity with the legal part of discovery, into the drafting of the memorandum and the meeting is always a help. The crossover person could be a consultant, vendor, or someone from the legal team, but having this person is essential for ensuring that the meaning and the purpose of the litigation hold is in the memorandum.

The other person that might be a great help at this meeting is the vendor/consultant who will be handling the processing, review, and production of documents. In some cases, this person could play a dual role as the crossover IT/legal person. If this vendor/consultant can hear the information about the data and documents that are being preserved, she can give the legal team a better assessment of the timeline for production and other issues that will need to be addressed at the Meet and Confer.

ESI Preservation

Once that smaller group of key players is gathered, the discussion of the nuts and bolts of the ESI preservation can begin. What was IT doing to comply with the ESI document retention policy? Do you recycle backup tapes? Where are these tapes? How far back do the tapes that you have go? What is the procedure to restore tapes? Is a vendor used to restore the tapes or is it done in-house? What are the average charges per tape for restoration? How long does it take to restore the tapes? What is the overwrite policy? What is the network design? Are the servers in this building? Are there servers/backup servers in another location? Does the company use e-mail via the cloud, or are there e-mail servers? Is computing done via the cloud or locally? Who has access to what, and how it is logged? What types of databases are used/stored? What is the size of the data and files currently stored? How is the size managed? What is the rate of growth of the data? Does the server capacity double every month or does it seem pretty stable? What kind of text searching is IT able to do? How complex can the text searches be on the server data and documents?

Also, the custodians and their access to various potential sources of electronic data need to be discussed. Who has a PDA/Smart Phone? Who uses a laptop? If there are remote employees, and if there are, how do they access company data? Do remote employees have company issued laptops or do they use home computers? Do any other employees use home computers to do work? In the office, do employees have laptops or desktops? Do they use removable media such as USB memory sticks and removable hard drives as well as CDs/DVDs? Are these removable media controlled by IT? Are employees able to burn CDs and DVDs from their laptops/desktops? Are there access logs/permission logs to see what each employee has read/write permissions to on the network? Where do employees store their data? Does each employee have a networked drive for their personal use? Do employees store data on their laptop/desktop hard drive? Is there a system of department folders on the network (share drive) where only people working in those areas have access?

At this point, if the legal team can have a list of the custodians, even if it is partial, you can begin to ask more specific questions of the IT department. Let them know what needs to be preserved. If the legal team can come to the meeting with IT carrying a list of custodians and data/document types that need to be preserved, then there is less room for misunderstanding. If the legal team can list the people involved or the offices/departments involved ' anything to narrow the hold while making sure all possibly relevant documents and data are preserved ' the hold can be limited more efficiently and those users/folders can be segregated for preservation. This allows IT to go ahead with business as usual while complying fully with the hold.

Asking about any possible issues now will save you time later. Have there been any crashes? What is done with the computers, data, and network files of former employees? Are the hard drives wiped? Is the computer passed on to another employee? Are the contents of that computer burned onto CDs/DVDs? Who would have these CDs/DVDs? Have there been any events such as floods, computer viruses or cyber attacks that have caused loss of data in the past that affected the servers? What are the disaster recovery procedures and have you ever had to use them?

Cost Concerns

The IT department will bring up some cost concerns as well. They only have a certain budget, and the legal team just walked in and asked for things that were not included in the IT budget for this year. To comply with the litigation hold, IT will need to purchase more back-up tapes, pay for the extra time for the segregation of files, set up an e-mail address to receive all e-mail that is sent and received by supervisors in one department, pull access and permissions data, etc. And this will be in addition to their everyday responsibilities. Try to come in with an answer to these concerns. Bring up the extra IT costs before the meeting. If the company can address the budget issue directly with IT before you arrive for these meetings, it will save them money and you time. The sooner IT has an answer to this funding question, the sooner they can get to work and get you a better idea of the data that will need to be reviewed and/or produced.

Using the Information

Meeting with IT and asking the right questions at the first hint of litigation will get the legal team off on the right foot in preparing for the 26(f) Conference. Walking into the Meet and Confer without at least this information leaves the legal team at a disadvantage and can cause delays. In litigation today, there is no excuse that a judge will tolerate for not bringing the details of the ESI involved in the litigation to the table at this first meeting. Working with IT and making sure everyone understands their role in the litigation is critical. Between Judge Shira A. Scheindlin's ground-breaking rulings, the revisions to the Federal Rules of Civil Procedure, and the Suggested Protocol for Discovery of Electronically Stored Information (Judge Paul W. Grimm), every attorney should be familiar with the best practices and first steps of becoming aware of the ESI involved in the litigation at hand and be able to present this information herself or make use of an ESI Coordinator of some kind to assist in the technical details.

Conclusion

The two meetings outlined above should get the legal team started on their preservation and collection responsibilities. More issues will arise, but setting up a line of communication with IT can help to try and avoid or predict those issues in respect to ESI.

Amelia Stobaugh is an Assistant Project Manager at IE Discovery, Inc., Washington, DC, a provider of technology/litigation support services and discovery management. She is a certified Project Management Professional (PMP) and may be reached at [email protected].

If you walk into the Meet and Confer or 26(f) meeting of parties unprepared for an informed discussion of electronically stored information (ESI), the repercussions are serious. Today, electronic data makes up the great majority of documents to be produced, and addressing ESI upfront with those responsible for data systems can prevent issues from surprising the team. Making sure that IT and legal are on the same page can prevent misunderstandings and fully prepare the legal team for intelligent and informed discussions with opposing counsel about discovery.

Scheduling a Meeting

A meeting with IT should be a scheduled as soon as litigation is anticipated. Every moment the implementation of the litigation hold is delayed, the greater the chance of evidence being spoliated. Two meetings with two separate groups in IT are suggested. One is with all of IT ' including contractors, third parties, anyone who administers data/systems. This is a more general meeting to explain the litigation hold and the role of IT in complying with the hold.

The second meeting is with key players. From this meeting, a memorandum is jointly issued from IT and the legal team that explains precisely the policies that IT must follow to comply with this litigation hold. The memorandum can be used for training and as a reminder that the policy is in place.

Meeting with All of IT

Issuing a litigation hold notice is standard operating procedure, but in addition there should be an in-person (if at all possible) meeting with IT as soon as the hold is issued. In order to ensure the preservation of documents and data, as well as to discuss the pre-existing document retention policy, this meeting happening right away is extremely important. If your company uses any contractors for any function in IT, make sure they are included in the litigation hold and in the meeting. It is essential to have everyone involved in IT whether a contractor, part-time, or full-time employee understand the litigation hold and what it entails for the IT department.

First, try to explain exactly the reason for the litigation hold. While the IT team may not need to understand too much about the case facts or the legal issues in dispute, they do need to understand why these documents are needed and how the IT department is essential to the process. Even if this is just a discussion of the discovery process and possible sanctions, it is important for IT to know what their role is and how important it is in this effort.

Also, let IT know that the guidelines and timelines will change. For instance, if there is some disagreement between the parties about whether documents from three years or six months back need to be held, let IT know so they can at least be ready for these abrupt changes. The changes could be to timelines, custodian lists, or document/data. Just letting them know that things can change at any time allows them to be more flexible when these changes are announced. Nothing in litigation remains static and IT must be prepared for the changes that will be coming.

Discussing what the litigation hold actually means and how it differs from the current document retention policy is important as well. Explaining the hold in plain language and being as clear as possible about what the litigation hold notice means should be the focus of the meeting. At the meeting give examples of what compliance with the notice looks like. Does it mean stopping the recycling of backup tapes? Does it mean changing users' permissions on the network? Does it mean setting up an account that will receive all the e-mail that managers or other custodians receive? The answers to these questions will define what compliance looks like. This is not a “one-way meeting,” but a way to share information so that everyone can get a hold on what compliance looks like in this specific environment.

The Key Stakeholders Meeting and the Memorandum

Once this informative meeting has taken place, the group can be narrowed to the key IT people so they can ask specific questions about the data. Having an excellent note-taker or a video/audio recording made of this meeting is recommended in order to record responses and to follow up with a summary memorandum that can be issued to all of IT from the legal team and the key IT people in the meeting. The material (recordings, notices, notes, memorandum) related to the litigation hold is normally protected by Attorney-Client Work Product or privilege. However, all of this material should be written (and spoken, if recorded) as if it will be reviewed by a judge, just to be on the safe side. If there is a problem as to the timing of the hold, the instructions given to custodians, or how the hold was carried out, the litigation hold material will be discoverable. (See Major Tours v. Colorel, 2009 U.S. Dist. LEXIS 68128 (DNJ Aug. 4, 2009.)) Basically, if you write and speak as if the opposing party and the judge were reading the memorandum or in the room, then there should be no problem if the material is discoverable at a later date. The memorandum written by IT and the legal team will memorialize the decisions and keep them available for IT to refer to and update as the litigation progresses. The advantage of having IT issue this memorandum jointly with counsel is that the decisions and actions will be stated in a way that is straightforward and focused on data. This memorandum should be free of legalese and filled with “tech talk.”

Bringing a crossover person, or someone with extensive knowledge of network systems, data and programs as well as familiarity with the legal part of discovery, into the drafting of the memorandum and the meeting is always a help. The crossover person could be a consultant, vendor, or someone from the legal team, but having this person is essential for ensuring that the meaning and the purpose of the litigation hold is in the memorandum.

The other person that might be a great help at this meeting is the vendor/consultant who will be handling the processing, review, and production of documents. In some cases, this person could play a dual role as the crossover IT/legal person. If this vendor/consultant can hear the information about the data and documents that are being preserved, she can give the legal team a better assessment of the timeline for production and other issues that will need to be addressed at the Meet and Confer.

ESI Preservation

Once that smaller group of key players is gathered, the discussion of the nuts and bolts of the ESI preservation can begin. What was IT doing to comply with the ESI document retention policy? Do you recycle backup tapes? Where are these tapes? How far back do the tapes that you have go? What is the procedure to restore tapes? Is a vendor used to restore the tapes or is it done in-house? What are the average charges per tape for restoration? How long does it take to restore the tapes? What is the overwrite policy? What is the network design? Are the servers in this building? Are there servers/backup servers in another location? Does the company use e-mail via the cloud, or are there e-mail servers? Is computing done via the cloud or locally? Who has access to what, and how it is logged? What types of databases are used/stored? What is the size of the data and files currently stored? How is the size managed? What is the rate of growth of the data? Does the server capacity double every month or does it seem pretty stable? What kind of text searching is IT able to do? How complex can the text searches be on the server data and documents?

Also, the custodians and their access to various potential sources of electronic data need to be discussed. Who has a PDA/Smart Phone? Who uses a laptop? If there are remote employees, and if there are, how do they access company data? Do remote employees have company issued laptops or do they use home computers? Do any other employees use home computers to do work? In the office, do employees have laptops or desktops? Do they use removable media such as USB memory sticks and removable hard drives as well as CDs/DVDs? Are these removable media controlled by IT? Are employees able to burn CDs and DVDs from their laptops/desktops? Are there access logs/permission logs to see what each employee has read/write permissions to on the network? Where do employees store their data? Does each employee have a networked drive for their personal use? Do employees store data on their laptop/desktop hard drive? Is there a system of department folders on the network (share drive) where only people working in those areas have access?

At this point, if the legal team can have a list of the custodians, even if it is partial, you can begin to ask more specific questions of the IT department. Let them know what needs to be preserved. If the legal team can come to the meeting with IT carrying a list of custodians and data/document types that need to be preserved, then there is less room for misunderstanding. If the legal team can list the people involved or the offices/departments involved ' anything to narrow the hold while making sure all possibly relevant documents and data are preserved ' the hold can be limited more efficiently and those users/folders can be segregated for preservation. This allows IT to go ahead with business as usual while complying fully with the hold.

Asking about any possible issues now will save you time later. Have there been any crashes? What is done with the computers, data, and network files of former employees? Are the hard drives wiped? Is the computer passed on to another employee? Are the contents of that computer burned onto CDs/DVDs? Who would have these CDs/DVDs? Have there been any events such as floods, computer viruses or cyber attacks that have caused loss of data in the past that affected the servers? What are the disaster recovery procedures and have you ever had to use them?

Cost Concerns

The IT department will bring up some cost concerns as well. They only have a certain budget, and the legal team just walked in and asked for things that were not included in the IT budget for this year. To comply with the litigation hold, IT will need to purchase more back-up tapes, pay for the extra time for the segregation of files, set up an e-mail address to receive all e-mail that is sent and received by supervisors in one department, pull access and permissions data, etc. And this will be in addition to their everyday responsibilities. Try to come in with an answer to these concerns. Bring up the extra IT costs before the meeting. If the company can address the budget issue directly with IT before you arrive for these meetings, it will save them money and you time. The sooner IT has an answer to this funding question, the sooner they can get to work and get you a better idea of the data that will need to be reviewed and/or produced.

Using the Information

Meeting with IT and asking the right questions at the first hint of litigation will get the legal team off on the right foot in preparing for the 26(f) Conference. Walking into the Meet and Confer without at least this information leaves the legal team at a disadvantage and can cause delays. In litigation today, there is no excuse that a judge will tolerate for not bringing the details of the ESI involved in the litigation to the table at this first meeting. Working with IT and making sure everyone understands their role in the litigation is critical. Between Judge Shira A. Scheindlin's ground-breaking rulings, the revisions to the Federal Rules of Civil Procedure, and the Suggested Protocol for Discovery of Electronically Stored Information (Judge Paul W. Grimm), every attorney should be familiar with the best practices and first steps of becoming aware of the ESI involved in the litigation at hand and be able to present this information herself or make use of an ESI Coordinator of some kind to assist in the technical details.

Conclusion

The two meetings outlined above should get the legal team started on their preservation and collection responsibilities. More issues will arise, but setting up a line of communication with IT can help to try and avoid or predict those issues in respect to ESI.

Amelia Stobaugh is an Assistant Project Manager at IE Discovery, Inc., Washington, DC, a provider of technology/litigation support services and discovery management. She is a certified Project Management Professional (PMP) and may be reached at [email protected].