Key Methods for Ensuring FRCP Data Preservation Compliance
As we wait for updates to the Federal Rules of Civil Procedure (FRCP) amendments to take effect on December 1, 2015, I am reminded of previous role I held at an eDiscovery service provider firm and the variety of preservation horror stories we would hear about. Some tales were of becoming lost in a sea of back-up tapes, others would speak of the infinite variety of things one would find when creating an image of a hard drive, while others would simply amaze you of how many different ways the dog was able to eat the homework.
The efforts to preserve the data – needless to say – were often manual processes, dependent on action from individual custodians, and containing many potential points of failure. Widely publicized preservation failures have clearly established legal hold activity as the greatest area of eDiscovery risk. As a result, organizations have continued to search for guidance to enable a streamlining of their data-preservation processes.
When the FRCP was last amended in 2006, much of the eDiscovery effort centered on paper. Over the next several years, the emphasis shifted to email - even though corporations continued to push ahead of eDiscovery with a growing use of communication tools such as instant messaging, social media, and collaboration tools. Today, some are surprised that they must now consider all forms of communications in their preservation efforts.
The new FRCP amendments introduce the notion of “reasonable” preservation effort to preserve data across all forms of enterprise communication. In court, organizations must prove they made reasonable efforts to prevent communications data, in any form, from being destroyed. Failure to do so will lead the court to the assumption that the information not preserved is harmful to your defense.
By some estimates, eDiscovery costs U.S. organizations around $41 billion annually. Not only is this expensive, but it can also be a time-intensive exercise. So, how can organizations demonstrate “reasonable” preservation efforts? While no absolute standard of “reasonable” is being created by the new FRCP guidance, the following practices will help reduce the potential sources of failure in data preservation practices, thereby saving time and lowering costs in the face of litigation.
Automate custodian notification
When litigation is a “reasonably anticipated”, organizations must proactively notify the appropriate custodians to make sure they understand their obligation of ensuring the requisite data is preserved. Typically, ‘reasonably anticipate’ is interpreted as “the receipt of notification or other information identifying the possibility of a lawsuit or upon the actual service of a summons and complaint.”
Individual custodians know what material information they possess, and must take action to protect it. However, I have seen far too many organizations stopping here, often with a manual tracking process run on spreadsheets.
Relying solely on individual custodians to take the appropriate actions assumes that the person knows the appropriate actions, or has the time to take them. Implementing intelligent technology automates processes and helps reduce the pressure on people. An airtight, documented notification process is also key to defend the actions your company has taken.
Ensure your technology preserves data
I like to use the Samsung and Apple patent infringement case as an example. In 2011, Apple sued Samsung over smartphone technology. Samsung was likely aware of the possibility of litigation long before news broke, but failed to disable the auto delete function in their email servers that automatically deleted data after two weeks.
As a result, judges informed the jury to assume Samsung did not take the steps necessary to preserve information relevant to the lawsuit. Had Samsung turned off the auto delete function, the outcome of the suit may have been very different. This example illustrates that in many cases, automated archiving and eDiscovery technology is not enough.
Samsung isn’t the only company to fall victim to this problem. I’ve come across many organizations that have an automated system in place but fail to make the necessary adjustments to ensure it preserves all relevant data. It’s especially important that archiving technology captures communications information inclusively – that is, with knowledge of when the information is created and the context in which it was created. No matter how robust a technology solution, organizations must also have human oversight over their systems.
To meet the ‘reasonable’ standard of the new amendments, organizations must have proactive eDiscovery policies in place as well as should regularly test and audit them to ensure all of them work. The best way for organizations to do this is to implement a system that alerts the appropriate people and uses automated technology – with human oversight. If the opposing council sees that you have an airtight system and intelligent technology to manage your data preservation, they will look elsewhere for holes in your case.
The FRCP’s guidelines for what constitutes reasonable efforts will be further clarified over time with case law. Judges will provide the details in highlighting what an organization did or did not do to make reasonable efforts to preserve relevant data. However, providing training to custodians, documenting processes, and automating key preservation tasks – with human oversight – will put you on the right course to meeting the new ‘reasonableness’ test.
(About the author: Robert Cruz is senior director of information governance at Actiance)