 |
In This Issue:
 Recent ESI Court Decisions
Court Holds Mere Statement Regarding Accessibility Insufficient
KnifeSource, LLC v. Wachovia Bank, N.A., 2007 WL 2326892 (D.S.C. Aug. 10, 2007). In a suit alleging common law and UCC conversion, the plaintiff motioned the court to compel the defendant's production of all bank statements from a specified person who allegedly altered the payee information on checks to deposit them in her personal account at the defendant's bank. The defendant claimed it could not comply with such request, arguing it did not maintain copies of the statements and an order like this would require creation of documents for the sole purpose of complying with this discovery request. The defendant merely claimed it did not maintain physical copies of the requested information, not that it did not have the information.
Therefore, the court held the defendant failed to
demonstrate the information was not reasonably accessible. The court ordered the defendant to comply with the request to the extent the information was maintained electronically.
Court Requires Culpability, Preservation Obligation and Prejudice to Issue Sanctions
In re Kmart Corp., 2007 WL 2198309 (Bkrtcy.N.D.Ill. July 31, 2007). In a Chapter 11 bankruptcy proceeding, Global Property Services, Inc. (Global) filed an administrative claim against the debtor, Kmart Corporation, for breach of contract and
tortious
misconduct. Shortly thereafter, Global issued its first discovery requests and sought assurances that all responsive documents would be preserved and produced. After months of struggling to obtain responsive documents from Kmart, Global motioned the court to sanction Kmart for spoliation and violation of a previous production order. Kmart filed a response to the motion, noting there was no contention Kmart had destroyed documents intentionally or in bad faith and that Global had failed to identify any "trigger date" for Kmart's duty to preserve evidence. The court applied a three step analysis requiring culpability, an obligation to preserve and that the other party suffered prejudice as a result before ordering sanctions. The court reasoned where the duty to preserve information is well known and the party fails to do so, they will be charged with a higher culpability. The court held that even though Kmart had a duty to preserve the relevant electronically stored information as of the claim's filing date, its failure to do so was with mere fault, not willfulness or bad faith, and therefore refused severe spoliation sanctions. Finding a small element of prejudice, the court required Kmart to pay a portion of Global's attorney's fees and costs associated with drafting and presenting the motion.
Court Refuses to Sanction Party for Neglecting to Preserve Temporary Cache Files
Healthcare Advocates, Inc. v. Harding, Earley, Follmer & Frailey , 2007 WL 2085358 (E.D.Pa. July 20, 2007). In a suit alleging copyright infringement, inter alia, the plaintiff motioned the court to sanction the defendant for spoliation of evidence. Prior, the plaintiff sued a party that was represented by the defendant. In defending that suit, the defendant viewed archived screen shots of the plaintiff's former Web site, printing copies of each archived screenshot viewed and using the images during the course of the underlying litigation. The defendant did not actively save electronic copies of any of the screenshots viewed. In the instant suit, the plaintiff claimed the defendant hacked the archival web site to gain access to these screen shots and had a duty to preserve the information they viewed and printed. The plaintiff argued that failure to preserve the screen shots that were temporarily stored in the cache files but not downloaded onto the defendant's hard drives, entitled it to a spoliation inference at trial. The court rejected the plaintiff's argument and accepted the defendant's summary judgment motion on the issue, holding it impractical for the defendant to have had the duty to preserve such evidence.
Other New Case Summaries Added to the Kroll Ontrack Case List This Month:
- Court Sanctions Plaintiff for Failing to Comply with Discovery Order — Mother, LLC v. L.L. Bean, Inc, 2007 WL 2302974 (W.D.Wash. Aug. 7, 2007).
- Court Refuses to Compel Production of Personal Hard Drive — Benton v. Dlorah, Inc., 2007 WL 2225946 (D.Kan. August 1, 2007).
- District Court Reverses Magistrate's Cost Shifting Order Due to Lack of Accessibility Analysis — Pipefitters Local No. 636 Pension Fund v. Mercer Human Resource Consulting, Inc., 2007 WL 2080365 (E.D.Mich. July 19, 2007).
To view additional case summaries visit: http://www.krollontrack.com/case-summaries/
Practice Points: Computer Forensics — What Every Human Resources Manager Needs To Know
With the ever increasing role technology plays in conducting business, human resource managers are being placed on the front lines like never before in internal investigations and other employment related matters involving ESI. It is estimated that over 60% of employees use e-mail as a means to communicate, and a recent survey reports that 24% of organizations have had employee e-mail subpoenaed. Additionally 15% of organizations have gone to court to battle lawsuits triggered by employee e-mail.
What types of ESI could be involved?
Data will exist in a variety of places and likely in a variety of formats. Gone are the days where a computer required the space of an entire room and took days to perform the most remedial tasks. Data can now be stored on hard drives, shared/network drives, external drives/removable disks, laptops, home computers, internal Web sites, Blackberries, Treos, PDAs, instant messenger systems, voicemail, CDs, DVDs, Internet usage logs, and backup tapes. Seek help understanding each of these media types, be thorough in your investigation and consider all possible "buckets" of information.
How can computer forensic experts help?
Internal employee investigations — for both current and former employees — can often be complicated, time consuming and generally require a standardized HR process. Computer forensics experts are an important resource to include when developing and deploying such a process. Each of the capabilities listed below may become the linchpin in the investigation of theft of proprietary information, employee computer misuse, executive departure, workplace harassment, internal hacker, or trade secret misappropriation. A computer forensic expert can:
- Preserve electronic data so that the employee's computer is maintained completely pristine from the last time it was used.
- Possibly recover data that has been deleted from a computer. Data can remain on a hard drive in the unallocated or slack space until it is completely overwritten and often times a computer forensic expert can recover it.
- Locate and interpret metadata. Metadata is "data about data" and can be extremely relevant to a particular investigation. It may be important to know when a file was last accessed, when it was created, when it was modified, when it was printed, or who the e-mail recipient was.
- Analyze e-mail usage, Internet history usage and whether removable devices were used.
- Provide testimony for the proper steps in gathering, documenting, analyzing, and reporting findings should the investigation move into litigation.
Who else needs to be involved?
While the Human Resources department is the first place an employee investigation will likely begin, it is also important to include multiple players to ensure positive results. In addition to working with an outside computer forensic expert, Human Resources managers should directly engage members of the organization's IT staff, legal department, executive management, and security department. These investigations usually require input from all of these important teams in order to ensure the best possible result.
Conclusion
It is unlikely that HR managers need to become experts in computer forensics, IT, legal, or any of the other various key areas impacted in an employee investigation. However, the HR department can be an effective manager of the issue — helping staff know where to go, what to ask and which resources to employ. Ask IT what the computer policies are and whether they are consistently enforced. Ask who is responsible for the data and whether there is a need for assistance from an outside computer forensic expert. Ascertain the costs of the investigation in relation to the risk of the incident in question. Ensure that the Legal department is considering its regulatory and other legal responsibilities. Establish the roles and responsibilities of each key player during the investigation. With these questions answered and decisions made, the HR department will be off to a great start when ESI is involved in an employee issue.
News & Events
Kroll Ontrack Launches "The ESI Report" on the Legal Talk Network
In another effort to educate the legal community on topics relating to Electronically Stored Information, Kroll Ontrack has partnered with the Legal Talk Network. Michele Lange, Director of the Legal Technologies product line for Kroll Ontrack, hosts the radio show entitled "The ESI Report." The show is split into three segments: the Spotlight, the Buzz, and Bits and Bytes Legal Analysis. The Spotlight and Buzz sections concentrate on hot topics in the area of electronic discovery and give listeners a snapshot into important issues facing practitioners. In the two shows already recorded, segments highlighted advanced search technologies and what is going on at the state level in response to the recent amendments to the Federal Rules of Civil Procedure. The Bits and Bytes Legal Analysis segment focuses on a late-breaking case and features a Kroll Ontrack staff attorney or legal consultant who summarizes the case and comments on important aspects that make it noteworthy. For example, you won't want to miss the show where Columbia Pictures Industries v. Bunnell, also known as the RAM case, was featured. With nearly four hundred listeners since the two shows were taped last month, you'll want to be sure to listen as well and stay up to date by visiting: http://www.legaltalknetwork.com/modules.php?name=News&new_topic=17
National Conference of Commissioners on Uniform State Laws Approve Text of Uniform Rules Relating to the Discovery of ESI
The National Conference of Commissioners on Uniform State Laws (NCCUSL) met July 27th through August 3rd, 2007 and recently issued its final approval and recommendation for state approval of uniform rules relating to the discovery of electronically stored information (ESI). In December 2006, the Federal Rules of Civil Procedure were amended regarding the discovery of electronic documents. These Uniform rules are comparable to the Federal Rules amendments, only modified where necessary to accommodate various state procedures. Among the provisions in these uniform rules are preservation, production form, time frames, sanctions, court orders and data accessibility issues. The purpose of these rules is to provide uniformity amongst the states with regard to issues around the discovery of ESI. The proposed language can be viewed at: http://www.law.upenn.edu/bll/archives/ulc/udoera/2007am_final.htm
Court Denies Defendant's Motion for Review in RAM Case
The debate regarding the discoverability of data stored in random access memory (RAM) continues, as another significant judicial decision was recently issued in the case. On August 24, 2007, District Court Judge Florence-Marie Cooper, from the U.S. District Court of Central California, denied the defendant's motion for review of an earlier decision by Magistrate Judge Jacqueline Chooljian who issued an order requiring the defendant to preserve and produce Server Log Data stored in RAM. See Columbia Pictures Indus. v. Bunnell, No. 06-1093 FMC (JCx) (C.D.Cal. May 29, 2007). The suit arose from allegations by Columbia Pictures Industries, as well as other motion picture studios, claiming that the defendant was profiting from inducing copyright infringement via the TorrentSpy Web site. To determine the extent of copyright infringement, the magistrate judge ordered the defendant to log the Web site visitors' Internet Protocol (IP) addresses and produce that information to the plaintiff. For a complete summary of the case, visit: http://www.krollontrack.com/clu/. In this most recent opinion, Judge Cooper held that data stored in RAM, however temporary, is ESI subject to discovery under the circumstances of this case. See Columbia Pictures, Inc. v. Bunnell, No. 2:06-cv-01093 FMC-JCx (C.D.Cal. Aug. 24, 2007).
Meet our representatives at the following
events:
|
Electronic Evidence Thought Leadership Series |
Chicago, IL |
|
ASIS International 53rd Annual Seminar and Exhibits 2007 |
Las Vegas, NV |
|
Legalworks "Electronic Discovery After the New Federal Rules" |
Austin, TX |
|
Lorman Litigation Institute |
New York, NY |
|
IPMA 23rd Annual Conference & Expo |
Scottsdale, AZ |
|
Legalworks "E-Discovery Ethics & Best Practices for Counsel" |
Los Angeles, CA |
|
American Corporate Council (ACC) Annual Meeting |
Chicago, IL |
|
Advanced Electronic Discovery Certification Course |
Eden Prairie, MN |
|
Legalworks "E-Discovery Ethics & Best Practices for Counsel" |
Dallas, TX |
|
4th Annual Paralegal SuperConference |
San Francisco, CA |
|
Electronic Discovery Certification Course |
Eden Prairie, MN |
|
Electronic Evidence Thought Leadership Series & Awards Reception |
New York, NY |
Visit http://www.krollontrack.com/upcoming-events/ for more information on these events and others.
Back To
Top
WE REQUEST YOUR
INPUT
This newsletter is written by Michele C.S. Lange, a staff attorney with Kroll Ontrack, with assistance from Joni Heikes a Kroll Ontrack staff attorney. Ms. Lange has published numerous articles and speaks regularly on the topics of electronic discovery, computer forensics, and technology's role in the law. She can be contacted by writing to mlange@krollontrack.com.
For more information about electronic discovery and computer forensics services, please call 800 347 6105 or visit http://www.krollontrack.com.
|
|
