Archive for the ‘E-Discovery’ Category
The Silver Bullet for Business Success in the New Year: Respond Well
Historically, martial arts practices were a means to defend oneself from a physical threat. With this in mind, a legitimate question is whether martial arts remain relevant in today’s “advanced” society. After all, I find myself in a good ol’ fashion fisticuffs – like most suburbanites – somewhere in the range of never in any given week. And assuming a physical threat presented, it is far more likely to come from a firearm, natural disaster, explosives, or worse, e.g., chemical or biological weapons. While I love to delude myself into believing I’ve got “mad martial arts skills,” it is much more likely that I would end up knocking someone down trying to run away from danger (get out of my way men, women, and children) than taking out a gunman with a flying arm bar.
Preparation is the Silver Bullet for Responding Well to Business Challenges in 2009.
But I have come to realize that martial arts practice is not simply an instructional cookbook, i.e., if you face attack “A” then respond with “B.” Instead, in the words of my instructor, Sifu Brown, a fundamental purpose of practicing martial arts is to learn how to “respond well” to any situation (I encourage anyone interested in this concept to go to the source). Responding well is essentially shorthand for the Zen expression “mushin no shin,” which means mind of no mind. Mushin is a state martial artists sought to achieve where the mind and body operate in unison. This state can also be analogized to how athletes explain a phenomenal performance as a result of being in the “zone.” Regardless of the label, a required precursor for achieving mushin/responding well/the zone is physical and mental preparation.
The same mindset should be applied to business challenges. And the rationale — whether facing business challenges or physical threats — is straightforward: Simple problems tend to become monumental challenges in times of crisis. Further, in a time of crisis people freeze when action is needed or react instead of responding, i.e., assessing the situation and choosing the appropriate response. And Business Leaders simply can’t afford inaction or taking the wrong action where budgets are already anemic. (For a great concurrence, see InHouse Blog’s Corporate New Year’s Resolutions in a Tight Economy. While being able to sit in a full lotus position is optional, achieving “business mushin” or “responding well” must be a top Resolution for Business Leaders in the New Year. In this regard, the following areas pose significant risks to a business organization’s overall bottom line:
- E-mail/E-discovery Budget Busters: For any company dragged into litigation in 2009, e-mail and digital information (e-discovery) will likely be the KO punch companies don’t see until it is too late. See The Big Data Dump (Noting that “A deluge of electronic information may overwhelm American civil justice.”). For both the business organizations and their insurance carriers on the hook for insuring claims, e-discovery done wrong will destroy a litigation budget. And there are any number of ways e-discovery can go wrong. For example, in Goodbys Creek, LLC v Arch Ins Co, 2008 WL 4279693 (MD Fla Sept 15, 2008), the court ordered the defendant to re-produce – at its costs – documents previously produced as TIFF images. The basis of this “judicial re-do” was that defense counsel failed to comply with the e-discovery rules regarding the production of digital information. In another “judicial e-discovery production redo,” the estimated cost was $206,000. See PSEG Power New York, Inc v Alberici Constructors, Inc, 2007 U.S. Dist. LEXIS 66767 (NDNY Sept. 7, 2007). These cases raise an expensive question: Who pays for the re-do?” In the PSEG Power case, counsel for the producing party blamed the mistake on a software issue or malfunction on the part of the e-discovery vendor. And even if technological incompetence does not rise to the level of a “mistake,” it is still costly. For example, in defending an employment claim, the prior attorney either failed to effectively communicate the e-discovery search and retrieval obligations to the client’s IT professional or the IT professional misunderstood. In any event (and setting aside questions as to this delegation of e-discovery) the end result was that the corporate IT professional essentially wasted approximately two weeks focusing on reproducing back up tapes and related information where there was arguably no legal relevance and obligation to do so given the facts and claims of the case. The bottom line is that litigation takes place against the backdrop of technology. And if attorneys and business organizations aren’t able to address the technological side of litigation, it could be a long, expensive year when it comes to litigation.
- Business Organizations in the Crosshairs: Thanks to high profile cases like Qualcomm Inc. v. Broadcom Corp., No. 05-cv-1958-B, slip op. (S.D. Cal. Jan. 7, 2008), Business Leaders and their companies face increasing willingness by courts to impose extraordinary and costly sanctions for e-discovery violations. In the Qualcomm case, the court imposed $8,568,633.24 in sanctions against Qualcomm and referred its counsel to the State Bar of California for further investigation and possible imposition of sanctions. The Qualcomm debacle underscores that both the client and its attorneys will be on the hook to ensure that a reasonable inquiry is performed to identify and produce relevant e-discovery. Additionally, it was reported that 25% of the approximately 138 reported electronic discovery opinions issued from Jan. 1, 2008 to Oct. 31, 2008, concerned sanctions. See Kroll Ontrack’s Report.
- Data Breaches – A Patchwork of Liability: There were 646 data breach incidents reported in 2008, a 47% increase over 2007’s total of 446 breaches. There is also an increasing amount of statutory and regulatory compliance that companies must address with respect to protecting private and confidential information. For example, in 2007 Michigan joined approximately 44 states that have enacted some type of data breach notification law. Click here for a listing of these state laws. Under Michigan’s statute a company must be able to assess its obligations and risks regarding a security breach of any database or data that includes personal information. A breach may require the company to provide a notice of the security breach to each individual whose information was accessed or acquired and subject the company to a to a fine of $250 for each failure to provide notice with the cumulative liability for multiple violations arising out of the same security breach limited to $750,000. The problem for business organizations, however, is that triggers for notification, obligations for responding to a breach, and the content of disclosure letters vary from state to state. Thus, if a company finds a data breach compromising someone from Michigan and also someone from California, they have different obligations. For a list of breaches, click here. For a great summary of security risks see Top 5 Security Issues for 2009.
- Unfair Competition/Misappropriation Litigation. Misappropriation of business critical information (e.g., trade secrets and confidential and proprietary information) claims are likely to increase as a significant risk due to the (im)perfect storm of a down economy adding to an already cut-throat competitive market, an increasingly mobile, technically savvy work-force, and technologies to facilitate the easy downloading/transfer of significant amounts of information. From my own experience, I’m seeing more claims by companies seeking to restrict their competitors from hiring away key employees or restricting former employees from starting up a competing business. It will, therefore, be important to assess and, where necessary, update your company’s plan for protecting against misappropriation claims and assess your defensive measures to guard against a claim brought by a competitor for doing the same. In this regard, the Computer Fraud and Abuse Act is likely to be increasingly relied upon by companies to obtain injunctive and monetary relief against a departing employee and the departing employee’s new employer. See Adding to the Playbook.
- Employment Litigation: E-discovery in employment litigation always poses serious risks for business organizations because e-discovery is not evenly distributed between the parties. And employers will likely have plenty of opportunity to test this hypothesis because employment related litigation continues to increase across the board. See EEOC Charge Statistics. This trend will likely continue due to the number of job losses and this past year saw the U.S. Supreme Court issue a series of pro-employee decisions. One of the more significant opinions, CBOCS West Inc. v Humphries, opened up a new avenue for filing retaliation claims, which provide plaintiff’s attorneys with a longer statute of limitations, no EEOC review requirement, no restrictions for filing against small companies exempted from Title VII, and no cap on damages. It is also worth noting that in 1992, retaliation claims comprised only 15.3% of the EEOC’s discrimination charges. This number, however, has steadily increased and in 2005 retaliation charges approximately doubled to 29.5 percent. Another significant employment opinion, Sprint v Mendelsohn, ruled that trial courts have significant discretion to admit “me too evidence” of discrimination from employees who were under supervisors different from those a plaintiff worked under. The impact on employers was previously addressed in my prior post: Employers Will Need More than a White Belt to Survive “Me Too Evidence” Avalanche.
Winston Churchill observed, “In war, there is no guarantee of success. But we can make sure we deserve it.” Mr. Churchill’s words are especially appropriate for business leaders preparing to “respond well” to increasing regulatory and statutory obligations pertaining to a digital workplace. I wish you well in this New Year and it is my resolution to continue to be a resource for business leaders in working for success in the digital workplace.
Using Ancient Chinese Martial Arts to Control Litigation Costs and Risks
Chin Na (pronounced chin nah) is a component of Chinese Martial Arts. “Chin” means to “seize or catch.” “Na” means to “hold and control.” Although Chin Na covers a wide range of defensive and offensive techniques, it can generally be broken down into grabbing techniques (controlling and locking an opponent’s joints, muscles, or tendons to prevent further movement) and pressing techniques (focusing on pressing and in some instances striking nerves, cavities, and blood vessels, to cause immobilization).
Despite the preceding description, a fundamental principle behind the use of Chi Na is that it is a way to control an opponent without injuring him through escalating a conflict, i.e., pounding an opponent’s face until it looks like ground hamburger. Instead, after executing a Chin Na, you are giving your opponent the choice of having, say an elbow snapped, or an intellectual discussion about the pros and cons of continued physical aggression (just make sure to maintain the Chin Na so you have the final word). In fact, this submission option is widely cited as one of the reasons that Mixed Martial Arts (MMA) Competitions are actually safer than boxing matches. See John Hopkins Study published in the 2006 Journal of Sports, Science and Medicine, Incidence of Injury in Professional Mixed Martial Arts Competitions.
While there are no foreseeable plans to substitute the U.S. litigation system with a Thunder Dome style Justice System, Chi Na is a great metaphor for companies to follow for subduing litigation costs and risks, while avoiding having their defense turned into the equivalent of ground hamburger.
For CIOs and other IT professionals, it is also a conversation starter with CEOs, CFOs and other management to change the perception that IT operations are a financial drain and, instead, actually contribute to the company’s bottom line. And certainly any CEO/CFO is going to appreciate any value added to the business operations in these tough economic times. For a great write up on this example, see Tough Times and Three Unequivocal Standards of IT Agility by Michael Hugos (noting that “Your company’s business agility (and the IT agility that drives it) will determine whether it becomes a victim of tough times or whether it rises to the challenge and reinvents itself to fit new circumstances.”).
The specific technique for using a Business Chi Na is implementing and perfecting what has become known as the “litigation hold.”
A “litigation hold” simply refers to suspending the applicable record retention policy, e.g., the deletion, recycling, or destruction of information no longer having a business purpose, in response to litigation or the likelihood of litigation. This suspension is required in response to actual or anticipated litigation. See Bloemendaal v. Town & Country Sports Center, Inc., 255 Mich. App. 207; 659 N.W. 2d 684 (2002) (Court dismissed plaintiff’s case as a sanction for failing to preserve evidence).
In response to litigation, Companies must be prepared to seize and control the delete key.
Companies must implement a litigation hold in response to litigation or the reasonable likelihood of litigation. This is because courts are coming down hard on companies that fail to issue litigation holds. See Keithley v. Homestore.com, Inc., 2008 WL 3833384 (N.D.Cal. Aug. 12, 2008) (The defendants’ failure to issue litigation hold after its preservation duty arose led the court to label the discovery misconduct “among the most egregious this court has seen” and resulted in an order requiring the defendants to pay over $250,000 in fees and costs associated with prior and future motion practice and expert fees, deferring additional amounts until actual fees can be determined, while also imposing an adverse jury instruction against the defendants); DaimlerChrysler Motors v Bill Davis Racing, Inc, 2005 WL 3502172 (ED Mich Dec. 22, 2005) (Adverse jury instruction ordered against Bill Davis Racing for its failure to preserve emails that were automatically deleted by computer program); United States v. Phillip Morris USA, Inc., 2004 WL 1627252 (D. D.C. July 21, 2004) (Court imposed $2,995,000.00 in fines for executives and high-ranking executives deletion of emails). In one instance, a court even fined a CEO $10,000 for failing to adequately implement a litigation a hold. Danis v. USN Communications, Inc., 2000 WL 1694325, 53 Fed. R. Serv. 3d 828 (N.D. Ill. 2000).
In addition to a litigation hold being required, it also has the added benefit of demonstrating to a potential judge that your company (1) Is on top of the litigation and, therefore, there is no need for judicial intervention in the form of a sweeping “hold everything, suspend all backup procedures, direct all third parties that may have information relevant to the litigation to do the same, and do not delete a single e-mail including the dubious e-mails from a Sudanese Businessman willing to share a couple of million dollars if you simply give him your bank account information to deposit the funds (ok perhaps slight hyperbole but for an example of a very broad preservation order see this 2007 Order from a Federal District Court); (2) Shows – regardless of the merits (or lack thereof) – that your company takes its litigation obligations seriously; and (3) Puts your company in a position to take advantage of a “safe harbor” provision under the Federal Rules if digital information was inadvertently lost or destroyed.
So what steps should a company consider in implementing a litigation hold policy? Virgil Hunter, a boxing trainer, provided a great explanation applicable to almost any endeavor: “It’s not about getting it right or wrong. There is no right or wrong. It’s about not getting hit.” (quoted from an equally great book, Sam Sheridan’s A Fighter’s Heart (2007)). In this regard, there is no right or wrong answer in implementing a litigation hold, just don’t get hit. And to avoid getting hit, companies creating a retention policy generally should focus on the business purpose of the information (if you don’t need it, get rid of it), what, if any, regulatory or statutory requirements must be complied with, and are there any preservation obligations due to existing or anticipated litigation. After addressing these issues with competent counsel, a company should also address the following topics associated with implementing a legal hold:
- Have a written retention policy that is enforced. Two points for you if you realized that this consideration was already discussed in the preceding paragraph. The reason for this duplication is that a written policy is so important in contributing to running an efficient business and reducing costs associated with litigation by eliminating the accumulation of information that no longer is relevant or otherwise serves a business purpose. This reduces the amount of information you will have to pay an attorney to review when litigation is involved. For example, the cost for retrieving and reviewing a sampling of e-mails for seven former employees and two managers totaled $42,892.42 in an employment claim. See Henry v Quicken Loans, Inc, Case No. 4:04-cv-40346-PVG-SDP, Dkt. No. 384 (ED Mich Feb 20, 2007).
- Know when to pull the trigger. Part of your retention policy should outline when the litigation hold must be put in place. Remember, the trigger date may predate the actual filing of litigation. It also may be required in situations your company is not involved in litigation. For example, in response to a subpoena, governmental investigation, or an internal investigation. The important point is to err on the side of caution and to document the reasons and rationale for not instituting a hold.
- Notify the key players. Written notice should be provided to those employees considered key players in the reason for the litigation hold. And IT professionals will always be included in the “key player category” (they hold the keys to the digital kingdom – how could the techies not be important?). The notice should explain to the key players what type of infomation must be preserved (e.g., e-mails, digital files, voice message, text messages, etc.), what sources of information must be preserved (e.g., laptops, USB drives, voice mail, etc.), the steps for preserving information, and a contact person for any questions about the hold process. You will also want to determine how much information about the reason for the litigation hold should be given. Public litigation may provide more leeway, while private matters will require more discretion.
- Confirmation from the key players. You should document that the key players have received the notice and have complied with it. Referring back to Virgil Hunter, there is no right or wrong way to do this, just make sure you won’t get hit down the road. In this regard, you will want to have a documented trail if a judge were to question your efforts in preserving litigation. So make sure the confirmation along with all of your steps along the litigation hold path are documented.
- Update the Hold as needed, including releasing it. You will probably find that the initial hold was nothing more than an unsatisfying lawyer’s mantra of “preserve everything.” While this may have been prudent at the outset of the litigation hold, you and defense counsel should begin the process of analyzing what is actually relevant to the litigation and, therefore, what actually must be preserved. This is because until the scope of preservation is determined, companies will likely incur unnecessary costs related to preservation. Further, from a judicial perspective, an open-ended “preserve everything” order is not desirable due to the vast amount of non-discoverable and redundant information that will likely be preserved with no gains towards resolving the pending action. Also, when the litigation hold is released, you will need to confirm whether the information that was subject to the hold should be deleted, preserved, or put back into the normal record retention policy.
Feel free to contact me about obtaining a copy of an example litigation hold letter. But be prepared: I may ask you to stand in while I work on executing a shoulder crank.
Defending The Digital Workplace 