| In This Issue:
 FROM THE BENCH: DOCUMENT RETENTION POLICY DOES NOT PROTECT PLAINTIFF’S DOCUMENT PURGE
In a recent patent infringement action, Rambus, Inc. v. Infineon Techs. AG, 2004 WL 383590 (E.D.Va. Feb. 26, 2004), amended by, 2004 WL 547536 (E.D.Va. Mar. 17, 2004), the Defendant moved to compel the production of documents, including those relating to the Plaintiff’s document retention policy. The Defendant alleged that the Plaintiff instituted a document-purging program despite notice of impending litigation regarding the patents at issue. In support of its allegations, the Defendant pointed to internal emails that reflected the Plaintiff’s “Shred Day,” an event in which the Plaintiff’s employees shredded about two million documents as part of its document retention and destruction policy. A slide presentation the Defendant gave to its employees immediately before Shred Day instructed employees that, “inter alia, documents designated as containing trade secret information should be retained for the life of the trade secret, that personnel records should be kept for a period of three years, and that employees should ‘LOOK FOR THINGS TO KEEP’ and to ‘LOOK FOR REASONS TO KEEP IT’.”
At trial, Plaintiff did not dispute that it “destroyed some documents because of their ‘discoverability’.” Additionally, the trial court found that the Plaintiff’s creation of its document retention policy clearly demonstrated the Plaintiff was on notice that the Defendant might be bringing patent infringement lawsuits. The Plaintiff argued its true motive was not to destroy potentially discoverable information and it was legitimately trying to reduce search and review costs.
The court concluded that even if the Plaintiff “did not institute its document retention policy in bad faith, if it reasonably anticipated litigation when it did so, it is guilty of spoliation.” The court further noted that “even if it was merely instituting a valid purging program, even valid purging programs need to be put on hold when litigation is ‘reasonably foreseeable’.” As such, the court granted the Defendant’s motion and ordered the Plaintiff to immediately produce documents about its document retention policy.
*** For further discussion of the Rambus case, see the “TECHNOLOGY YOU SHOULD KNOW” column below. ***
THE BRILL FILES: THE MYSTERY OF THE MISSING EMAILS
*** Written by Alan Brill, Senior Managing Director for Kroll Ontrack, The Brill Files reflects his work in the field with clients who have encountered some not-so-pleasant events and what was done to remedy the situation. With more than 25 years of consulting experience, Mr. Brill has assisted organizations with a wide range of technology security issues and is an internationally recognized speaker and instructor. ***
We recently received a call from a senior executive who was worried about the security of her email. A consultant who had been doing a very important – and very confidential – project for her, called wanting to know what she thought of the three reports he had emailed to her. She told the consultant that she had not received them. The consultant said he had receipts from her firm’s email server indicating the messages had been received and accepted.
How could this have happened? Was someone intercepting the messages or manipulating the email server? This problem had to be handled quickly, with extreme confidentiality about the consultant’s work. Fortunately, we were engaged in a broad-range review of information security at the executive’s company when the incident occurred.
First, we determined that the receipt messages seemed to originate from the company’s servers and the reply messages were relayed to the recipient by the mail server. The reply messages did not state that the original emails were actually delivered to the individual listed in the “to” field. Rather, the reply message stated the emails were “relayed” to her by the email server. The assumption – a natural one – was if the email server “relayed” them to her, she would have gotten them.
We chatted with the email administrator under the cover of our broad security review and found out that inbound mail was filtered through a two-stage process. In the first stage, the email server looked at the messages and attachments to determine if they violated anything in the rule set on the server. If a message passed by the server, it was accepted and then passed to an anti-virus package for further review. We noted that there were differences between the rule sets for the email server and the anti-virus package. In this case, the key difference was that the email server would accept a message with an attached .zip file, but the anti-virus system would reject it. The apparent result was that the consultant’s three messages were accepted, the return receipts sent to the consultant, and the messages were then killed (since that was the rule in the anti-virus package) without notification to the ultimate recipient. To verify this, we asked for the anti-virus package’s log file for the prior month. Sure enough, the log file validated our theory. The log showed the three emails in question had been deleted from the system without notice by the anti-virus package.
The mystery was solved, but the issue remained. There was nothing to prevent it from happening again, unless the two filters could be synchronized. While the email server was not going to detect the latest viruses, it could certainly be programmed to recognize and reject a .zip file. An email security system cannot be treated as if each portion operates in its own distinct world. If an email server has rules for rejecting inbound or outbound email, those rules should be set up to be handled by the earliest filter to avoid sending acceptances of mail that could later be rejected. When a message that initially has passed in the email system is later rejected, it is important to notify the designated recipient, so they can take the appropriate action.
By combining Kroll Ontrack’s technology and investigative skill sets, this case was handled quickly and confidentially, with an explanation of why this happened. Take time to check your email filters and system rule sets so you do not find yourself facing a similar missing email mystery.
*** If you would like to explore the opportunity of Alan Brill speaking at a conference you are supporting or organizing, please contact Nicolle Martin at (952)949-4137 or at nmartin@krollontrack.com. ***
TECHNOLOGY YOU SHOULD KNOW: IMPLEMENTING DOCUMENT RETENTION POLICIES
*** As technology continues to play a larger role in litigation and
internal company investigations, lawyers and investigators are expected
to comprehend the inner workings of computers and how they relate to
any computer conduct at issue. ***
As the Rambus, Inc. v. Infineon Techs. AG case illustrates, courts are mandating the production of relevant electronic documents during discovery. If a company fails to produce these documents, allegations of spoliation of evidence (inappropriate document destruction) can occur. See e.g., Rambus, Inc. v. Infineon Techs. AG, 2004 WL 383590 (E.D.Va. Feb. 26, 2004), amended by, 2004 WL 547536 (E.D.Va. Mar. 17, 2004).
Developing a solid document retention policy allows an organization to balance between appropriate purging of unnecessary documents and preservation of potentially material documents. A document retention policy involves the systematic review, retention, and destruction of documents received or created in the course of business.
When implementing document retention policies, organizations should:
- Tailor the policy to the organization’s particular needs by taking an electronic information inventory
- Include a method for identifying classes of documents, determining retention periods, forming a retention schedule, and implementing retention procedures
- Designate an organization-wide records custodian and then delegate preservation responsibilities among the different departments of the organization
- Ensure that everyone on the preservation response team understands the preservation plans, from both a legal and technical perspective
- Formulate hard drive imaging protocols for smaller-scale preservation efforts and server imaging protocols for broad-scale preservation efforts
- Allow for segregation of server space for documents created after the initial image and/or preservation efforts
Most importantly, an organization should retain documents when it knows or can reasonably anticipate that the documents might become relevant. If it destroys potentially relevant documents, the organization can be held liable for spoliation even if it instituted a good faith document retention policy. Further, a computer forensic investigation might be warranted to examine the breadth of the spoliation and determine if any of the deleted information is recoverable. Placing a high degree of scrutiny on an organization’s preservation policies and procedures and implementing a reasonable and recorded document retention policy can help mitigate these and other potential spoliation allegations, should such events arise.
KROLL ONTRACK NEWS & EVENTS
Kroll Ontrack Announces Recipients of 2004 Electronic Evidence Thought Leadership Awards
At the end of March, Kroll Ontrack announced the recipients of its annual Electronic Evidence Thought Leadership Awards. These awards were presented to law firms, corporations, government entities, and individuals based on their recent and significant contributions to the development of the body of law, practice and procedure in the area of electronic evidence. The recipients of the 2004 Electronic Evidence Thought Leadership Awards were:
- The E-Evidence Thought Leading Law Firm Award - Kirkland & Ellis LLP
- The E-Evidence Thought Leading Litigator Award - William D. Hagedorn, Esq., a Partner in the Washington, D.C. office of McDermott, Will & Emery
- The E-Evidence Thought Leading Antitrust Practitioner Award - Michael Cowie, Esq., a Partner in the Washington D.C. office of Howrey Simon Arnold & White, LLP
- The E-Evidence Thought Leading Litigation Support Manager Award - Barbara Gueth, a Litigation Support Manager in the Boston office of Ropes & Gray LLP
- The E-Evidence Thought Leading Scholar Award - Michael R. Arkfeld, Esq. author of Electronic Discovery and Evidence and The Digital Practice of Law.
- The Thought Leading Electronic Discovery Case of the Year Award - Zubulake v. UBS Warburg (presented to the Plaintiff's attorneys, Defendant's attorneys, and Judge Shira A. Scheindlin)
- The Thought Leading Computer Forensics Case of the Year Award - Kucala Enters. Ltd. v. Auto Wax Co. (presented to the Plaintiff's attorney, Defendant's attorney, Magistrate Judge Arlander Keys, and Judge Joan Humphrey Lefkow)
Meet Kroll Ontrack Representatives at the Following Events:
Visit http://www.krollontrack.com/upcomingevents/ for more information on these events and others
KROLL ONTRACK REQUESTS YOUR INPUT
Our legal consultants, project managers, and technology
experts strive to stay on top of e-discovery law.
If you are aware of any additional local court rules
or new cases in this area of the law, please do not
hesitate to contact us by writing to mlange@krollontrack.com.
Portions of this newsletter are written by Michele C.S. Lange, staff attorney with Kroll Ontrack. Ms. Lange has published numerous articles and speaks regularly on the topics of electronic discovery, computer forensics, and technology’s role in the law. She can be contacted by writing to mlange@krollontrack.com.
For more information about electronic discovery
and computer forensic services, contact Kroll Ontrack
at 1-800-347-6105 or www.krollontrack.com.
|
