Look Before You Leap! Avoid Pitfalls When Moving e-Discovery to the Cloud

Effective Data Retrieval Requires Efficient Data Storage

The hype surrounding the cloud has generally focused on the opportunity for cheap and unlimited storage of information. Storage, however, is only one of many factors to consider in selecting a cloud-based e-discovery solution. To be able to meet the heightened expectations of courts and regulatory bodies, organizations must have the actual ' not theoretical ' ability to retrieve their data and do so in real time. Otherwise, they may not be able to satisfy e-discovery requests from courts or regulatory bodies, let alone the day-to-day demands of their operations.

In an analogous context, courts have traditionally compelled paper document productions even though the requested materials may be buried in a messy warehouse. For example, in Brooks v. Macy's (S.D.N.Y. May 6, 2011), a Manhattan federal court ordered a company to turn over decades-old records that were commingled with other materials in poorly labeled, shrink-wrapped boxes. The company had argued that such a production was unreasonable given the substantial costs it would incur to find the responsive information. In rejecting this argument, the court reasoned that disorganized record-keeping should not excuse an organization from producing relevant information.

The rationale from the Brooks case is equally applicable to cloud storage. Cloud-based data must be intelligently organized such that organizations can timely respond to discovery requests and other legal demands. Otherwise, the savings achieved through cheap storage will be redirected to the resulting legal quagmire.

Implementing Data Retention Protocols

A key step to retrieving data in a timely manner is to confirm whether a cloud solution has the capacity to implement and observe company retention protocols. Just like traditional data-archiving software, the cloud must enable automated retention rules and thus limit the retention of information to a designated time period. This allows data to expire once it reaches the end of that period.

The pool of data can be further decreased through single instance storage. This deduplication technology eliminates redundant data by preserving only a master copy of each document placed into the cloud, reducing the amount of data that needs to be identified, preserved, collected and reviewed as part of any discovery process. For while unlimited data storage may seem ideal now, reviewing unlimited amounts of data will quickly become a logistical and costly nightmare.

Suspending Automated Retention Rules

Any viable cloud offering should also have the ability to suspend automated document retention rules to ensure preservation of relevant information. This goes beyond placing a hold on archival data in the cloud. It requires that an organization have the ability to identify the data sources in the cloud that may contain relevant information and then modify aspects of its retention policies to ensure that cloud-stored data is retained for e-discovery. Taking this step will enable an organization to create a defensible document retention strategy and be protected from court sanctions under the Federal Rule of Civil Procedure 37(e) “safe harbor.”

Rule 37(e) shields litigants from sanctions even though their data has been destroyed pursuant to the routine operation of their electronic information systems. Described in layman's terms, organizations may avoid court punishment even
though their computer systems deleted e-mail and other electronic data. To find shelter in the safe harbor, however, courts require that the “routine operation” be carried out in “good faith.” This typically entails modifying or suspending aspects of a retention policy when a preservation duty attaches. The decision from Viramontes v. U.S. Bancorp (N.D. Ill. Jan. 27, 2011) is paradigmatic on how organizations can avoid sanctions under Rule 37(e) by suspending aspects of retention policies.

In Viramontes, the defendant bank defeated a sanctions motion because it modified aspects of its e-mail retention policy once it was aware litigation was reasonably foreseeable. The bank implemented a retention policy that kept e-mails for 90 days, after which the e-mails were overwritten and destroyed. The bank also promulgated a course of action whereby the retention policy would be promptly suspended on the occurrence of litigation or other triggering event. This way, the bank could establish the reasonableness of its policy in litigation. Because the bank followed that procedure in good faith, it was protected from sanctions under Rule 37(e).

As the Viramontes case shows, an organization can be prepared for e-discovery disputes by timely suspending aspects of its document retention policies. By creating and then faithfully observing a policy that requires retention policies be suspended when litigation or other triggering events are reasonably foreseeable, an organization can develop a defensible retention procedure. Having such functionality in a cloud provider will likely facilitate an organization's e-discovery process and better insulate it from litigation disasters.

The Ability to Issue Litigation Hold Notices

To be effective for e-discovery purposes, a cloud service provider must also enable an organization to deploy a litigation hold to prevent users from destroying data. Unless the cloud has litigation hold technology, the entire discovery process may very well collapse. For electronic data to be produced in litigation, it must first be preserved, and this cannot happen if the key players or data source custodians are unaware that such information must be retained. Indeed, employees and data sources may discard and overwrite electronically stored information if they are oblivious to a preservation duty. Unless the cloud provider has adequate litigation hold technology, organizations may be vulnerable to data loss and court punishment. Perhaps no case is more instructive on this issue than E.I. du Pont de Nemours v. Kolon Industries (E.D. Va. July 21, 2011).

In DuPont, the court issued a stiff rebuke against defendant Kolon Industries for failing to issue a timely and proper litigation hold. That rebuke came in the form of an instruction to the jury that Kolon executives and employees deleted key evidence after the company's preservation duty was triggered. The jury responded by returning a stunning $919 million verdict in favor of DuPont.

The destruction at issue occurred when Kolon deleted e-mails and other records relevant to DuPont's trade secret claims. After being apprised of the lawsuit and then receiving multiple litigation hold notices, several Kolon executives and employees met together and identified e-mails and other documents that should be deleted. The ensuing data destruction was staggering. Nearly 18,000 files and e-mails were deleted. Furthermore, many of these materials were at the heart of DuPont's claim that key aspects of its Kevlar formula were allegedly misappropriated to improve Kolon's competing product line.

Surprisingly, however, the court did not blame Kolon's employees as the principal culprits for spoliation. Instead, the court criticized the company's attorneys and executives, reasoning they could have prevented the destruction of information through an effective litigation hold process. The three hold notices circulated to the key players and data sources were either too limited in their distribution, ineffective since they were prepared in English for Korean-speaking employees, or too late to prevent or otherwise alleviate the spoliation.

The DuPont case underscores the importance of having a cloud service provider that enables automated legal hold acknowledgements. Such technology allows custodians to be promptly and properly notified of litigation and thereby retain information that might otherwise have been discarded.

Conclusion

Confirming that a cloud offering can quickly retrieve and efficiently store enterprise data while effectively deploying litigation hold notices will likely address the basic concerns regarding its e-discovery functionality. Yet these features alone will not make that solution the model of e-discovery cloud providers.

Advanced search capabilities should also be included to reduce the amount of data that must be analyzed and reviewed downstream. In addition, the cloud ought to support load files in compatible formats for export to third party review software.

The cloud should additionally provide an organization with a clear audit trail establishing that neither its documents ' nor their metadata ' were modified when transmitted to the cloud. Without this assurance, an organization may not be able to comply with key regulations or establish the authenticity of its data in court. Finally, memorializing those provisions in the service level agreement governing the relationship between the organization and the cloud provider will better ensure the availability of these features when they are actually needed.

The e-discovery frenzy that has gripped the American legal system over the past decade has become increasingly expensive. Particularly costly to organizations is the process of preserving and collecting documents. These aspects of discovery are often lengthy and can be disruptive to business operations. Just as troubling, they increase the duration and expense of litigation.

Because these costs and delays affect the courts as well as clients, it comes as no surprise that judges have now heightened their expectations for how organizations store, manage and discover electronically stored information. Gone are the days when enterprises could plead ignorance for not preserving or producing their data in an efficient, cost effective and defensible manner. Organizations must now follow best practices ' both during and before litigation ' if they are to safely navigate the stormy seas of e-discovery.

The importance of deploying such practices applies acutely to those organizations that are exploring “cloud”-based alternatives to traditional methods for preserving and producing electronic information. Under the right circumstances, the cloud may represent a fantastic opportunity to streamline the e-discovery process for an organization. Yet it could also turn into a “dangerous liaison” if the cloud offering is not properly scrutinized for basic e-discovery functionality. Indeed, the City of Los Angeles's recent decision to partially disengage from its cloud service provider exemplifies this admonition to “look before you leap” to the cloud. Thus, before selecting a cloud provider for e-discovery, organizations should be particularly careful to ensure that the provider has the ability both to efficiently retrieve data from the cloud and to issue litigation hold notices.

Effective Data Retrieval Requires Efficient Data Storage

The hype surrounding the cloud has generally focused on the opportunity for cheap and unlimited storage of information. Storage, however, is only one of many factors to consider in selecting a cloud-based e-discovery solution. To be able to meet the heightened expectations of courts and regulatory bodies, organizations must have the actual ' not theoretical ' ability to retrieve their data and do so in real time. Otherwise, they may not be able to satisfy e-discovery requests from courts or regulatory bodies, let alone the day-to-day demands of their operations.

In an analogous context, courts have traditionally compelled paper document productions even though the requested materials may be buried in a messy warehouse. For example, in Brooks v. Macy's (S.D.N.Y. May 6, 2011), a Manhattan federal court ordered a company to turn over decades-old records that were commingled with other materials in poorly labeled, shrink-wrapped boxes. The company had argued that such a production was unreasonable given the substantial costs it would incur to find the responsive information. In rejecting this argument, the court reasoned that disorganized record-keeping should not excuse an organization from producing relevant information.

The rationale from the Brooks case is equally applicable to cloud storage. Cloud-based data must be intelligently organized such that organizations can timely respond to discovery requests and other legal demands. Otherwise, the savings achieved through cheap storage will be redirected to the resulting legal quagmire.

Implementing Data Retention Protocols

A key step to retrieving data in a timely manner is to confirm whether a cloud solution has the capacity to implement and observe company retention protocols. Just like traditional data-archiving software, the cloud must enable automated retention rules and thus limit the retention of information to a designated time period. This allows data to expire once it reaches the end of that period.

The pool of data can be further decreased through single instance storage. This deduplication technology eliminates redundant data by preserving only a master copy of each document placed into the cloud, reducing the amount of data that needs to be identified, preserved, collected and reviewed as part of any discovery process. For while unlimited data storage may seem ideal now, reviewing unlimited amounts of data will quickly become a logistical and costly nightmare.

Suspending Automated Retention Rules

Any viable cloud offering should also have the ability to suspend automated document retention rules to ensure preservation of relevant information. This goes beyond placing a hold on archival data in the cloud. It requires that an organization have the ability to identify the data sources in the cloud that may contain relevant information and then modify aspects of its retention policies to ensure that cloud-stored data is retained for e-discovery. Taking this step will enable an organization to create a defensible document retention strategy and be protected from court sanctions under the Federal Rule of Civil Procedure 37(e) “safe harbor.”

Rule 37(e) shields litigants from sanctions even though their data has been destroyed pursuant to the routine operation of their electronic information systems. Described in layman's terms, organizations may avoid court punishment even
though their computer systems deleted e-mail and other electronic data. To find shelter in the safe harbor, however, courts require that the “routine operation” be carried out in “good faith.” This typically entails modifying or suspending aspects of a retention policy when a preservation duty attaches. The decision from Viramontes v. U.S. Bancorp (N.D. Ill. Jan. 27, 2011) is paradigmatic on how organizations can avoid sanctions under Rule 37(e) by suspending aspects of retention policies.

In Viramontes, the defendant bank defeated a sanctions motion because it modified aspects of its e-mail retention policy once it was aware litigation was reasonably foreseeable. The bank implemented a retention policy that kept e-mails for 90 days, after which the e-mails were overwritten and destroyed. The bank also promulgated a course of action whereby the retention policy would be promptly suspended on the occurrence of litigation or other triggering event. This way, the bank could establish the reasonableness of its policy in litigation. Because the bank followed that procedure in good faith, it was protected from sanctions under Rule 37(e).

As the Viramontes case shows, an organization can be prepared for e-discovery disputes by timely suspending aspects of its document retention policies. By creating and then faithfully observing a policy that requires retention policies be suspended when litigation or other triggering events are reasonably foreseeable, an organization can develop a defensible retention procedure. Having such functionality in a cloud provider will likely facilitate an organization's e-discovery process and better insulate it from litigation disasters.

The Ability to Issue Litigation Hold Notices

To be effective for e-discovery purposes, a cloud service provider must also enable an organization to deploy a litigation hold to prevent users from destroying data. Unless the cloud has litigation hold technology, the entire discovery process may very well collapse. For electronic data to be produced in litigation, it must first be preserved, and this cannot happen if the key players or data source custodians are unaware that such information must be retained. Indeed, employees and data sources may discard and overwrite electronically stored information if they are oblivious to a preservation duty. Unless the cloud provider has adequate litigation hold technology, organizations may be vulnerable to data loss and court punishment. Perhaps no case is more instructive on this issue than E.I. du Pont de Nemours v. Kolon Industries (E.D. Va. July 21, 2011).

In DuPont, the court issued a stiff rebuke against defendant Kolon Industries for failing to issue a timely and proper litigation hold. That rebuke came in the form of an instruction to the jury that Kolon executives and employees deleted key evidence after the company's preservation duty was triggered. The jury responded by returning a stunning $919 million verdict in favor of DuPont.

The destruction at issue occurred when Kolon deleted e-mails and other records relevant to DuPont's trade secret claims. After being apprised of the lawsuit and then receiving multiple litigation hold notices, several Kolon executives and employees met together and identified e-mails and other documents that should be deleted. The ensuing data destruction was staggering. Nearly 18,000 files and e-mails were deleted. Furthermore, many of these materials were at the heart of DuPont's claim that key aspects of its Kevlar formula were allegedly misappropriated to improve Kolon's competing product line.

Surprisingly, however, the court did not blame Kolon's employees as the principal culprits for spoliation. Instead, the court criticized the company's attorneys and executives, reasoning they could have prevented the destruction of information through an effective litigation hold process. The three hold notices circulated to the key players and data sources were either too limited in their distribution, ineffective since they were prepared in English for Korean-speaking employees, or too late to prevent or otherwise alleviate the spoliation.

The DuPont case underscores the importance of having a cloud service provider that enables automated legal hold acknowledgements. Such technology allows custodians to be promptly and properly notified of litigation and thereby retain information that might otherwise have been discarded.

Conclusion

Confirming that a cloud offering can quickly retrieve and efficiently store enterprise data while effectively deploying litigation hold notices will likely address the basic concerns regarding its e-discovery functionality. Yet these features alone will not make that solution the model of e-discovery cloud providers.

Advanced search capabilities should also be included to reduce the amount of data that must be analyzed and reviewed downstream. In addition, the cloud ought to support load files in compatible formats for export to third party review software.

The cloud should additionally provide an organization with a clear audit trail establishing that neither its documents ' nor their metadata ' were modified when transmitted to the cloud. Without this assurance, an organization may not be able to comply with key regulations or establish the authenticity of its data in court. Finally, memorializing those provisions in the service level agreement governing the relationship between the organization and the cloud provider will better ensure the availability of these features when they are actually needed.