Introduction to E-Discovery - Module 1 of 5

Module 1: Introduction to E-Discovery

Introduction: The Nature of E-Discovery

All discovery in litigation or any other official proceeding in which the object of the discovery is in electronic format is called electronic discovery, or e-discovery. The documents, photos, videos, and other data subject to e-discovery are categorized under the general term “electronically stored information,” or “ESI.” The term ESI is a part of the base language of e-discovery that is used everywhere in this field.

ESI is subject to the same rules of discovery to which any other piece of evidence is subject. But there are also several specific rules pertaining to ESI discovery, which form the basis of this course. 

The rules of e-discovery involve the exchange of electronically-stored documents and other potential evidence between parties. E-discovery is a relatively new but rapidly expanding field that has driven new technologies and new procedural rules since the 1990’s.

In this opening module, we will explore many of the ins-and-outs of this field. Because this is an intermediate-level course, we will assume a general knowledge of discovery under civil, criminal and evidentiary rules. Also, because e-discovery straddles the worlds of court procedure rules and technology, we will be discussing several technological concepts which you may not be familiar with. You would do well to take your time with this course as you familiarize yourself with this fascinating and exciting topic.

In general, we will be discussing e-discovery and ESI within this framework:

--What is it?

--Where is it?

--How do you find what you need, or keep the other side from it?

--How do you analyze what you need from it after you find it?

--How do you get what you need, and only what you need?

--How do you use it in litigation?

Overview: Discovery in Litigation

When we use the term “discovery” in litigation, we refer to the exchange of information between litigants. Overseen by each court, the rules governing discovery in litigation are the federal and state rules of procedure. We will focus mainly on the Federal Rules of Civil Procedure, and particularly on Rules 26-37, which are entitled “Disclosure and Discovery.”[1] We will look briefly at some state rules and some rules of criminal procedure and evidence. [2]

Open Discovery

Allowable discovery is very broad.[3] In most cases, at least theoretically, each party is entitled to all the materials that are in the possession of the other party that could potentially be used in a trial and that are not protected by privilege or “work product” rules.[4] This includes not only what might be used as evidence at a potential trial, but anything that could lead to evidence. That could be data, physical evidence, witness statements, photographs or anything else that may be relevant to the case or that might lead to discovery of evidence in the case.

The reasons for broad discovery allowance are basic fairness and judicial efficiency. Due to crowded dockets, courts are looking for any way to settle cases before they go to trial. Open discovery encourages the parties to settle because the likely outcome of the case should become apparent once all the facts are on the table.

The Scope of Discovery

While “discoverability” is very broad, discovery in any given case may be limited by several factors. The discovery that the other party is entitled to after these limitations are imposed is called the “scope” of discovery.[5]

The first limit on discoverability is the relevance[6] of the materials that are requested and its comparable e-discovery limitation called “proportionality.”[7] Any discovery request can be met by an objection as to its relevancy. In legal terms, relevancy is the ability of a given item to prove or disprove an element of the case, or to have value in finding something to lead to such evidence. Relevance is not the same as admissibility, as the rules for admitting evidence are much more stringent than the relevancy rules in discovery.

The next limit on discoverability is privilege and work product,[8] a very common objection in electronic discovery. Privilege blocks discoverability of evidence that is subject to attorney-client privilege, doctor-patient privilege, and so on, as well as attorney work product, which are materials prepared in anticipation of litigation.

The scope of the discovery produces millions of documents, some of which contain correspondence between attorneys and their clients or between the attorneys and their co-attorneys or staffs. Most of these communications are protected from discovery. They also must be treated carefully as there are almost uncountable instances in the records of e-discovery cases where documents that were privileged were inadvertently transmitted to the other party.

Parties can waive these privileges and inadvertent disclosure may be tantamount to a waiver, placing an even further emphasis on care in document communications.[9] Note that in some cases, parties may have to waive a privilege to bring a lawsuit, as in a medical malpractice case, where the plaintiff’s medical records need to be entered into evidence.

Illegally seized records can also be kept out of court, particularly in criminal proceedings.

Overview of Electronically Stored Information

ESI includes video, audio, image and text files in all formats. It includes word processing and all data affiliated with word processing. It includes website and social media activity and history, and anything posted to those sites. It includes voicemail and video mail, phone records, emails, texts, chats and instant messages, and computer programming information. As technology and communications advance, new forms of communication will also fall under ESI.

ESI includes every piece of data that is stored or transmitted on, from, to or through any electronic device, including laptop and desktop computers, cloud storage devices and services, phones, tablets, cameras, devices on the Internet of Things, removable storage devices, mainframe computers, smart televisions—you name it.[10] If it stores any data that could be evidence in litigation, it is ESI under the rules of evidence and procedure. In other words, ESI includes basically every type of product of the Information Age wherever it may happen to be stored.

File Formats

One way that ESI can be broadly categorized is as natively electronic (like emails, Word documents, texts, etc.) or not natively electronic (like scanned documents). Non-native documents also include electronic documents in a different format, like an email cut-and-pasted into Word, or a printout of a text.[11]

The difference between those two types of documents has to do with searchability. Search tools called “optical character readers”, or OCR, are needed to search scanned documents. Native electronic documents can be searched through their own formats. This means that e-discovery platforms need to include a variety of search mechanisms.  

Court rules and proceedings generally prefer the use of native format documents where possible. Also, because of the best evidence rule, also called the original documents rule, courts prefer documents that are as close to native formats as possible.

“Native file formats” refer to viewing documents in the way the parties created them.[12] In other words, a Word document being viewed as a Word document is in its native file format. If it converted into a PDF, it may still be discoverable or admissible, but it’s no longer in its native file format.

Admitting documents in native format is preferred since it lets the jury see what the documents “really” looked like and because it preserves the metadata of the documents.

Metadata

Metadata is data that gives information about other data. In e-discovery, the term metadata refers to information stored in a file that tells the history of the document. This could be geolocation for a photo taken or the entire history of a Word document, which is updated invisibly by Word every time the document is changed or saved.[13]

Metadata is an extremely important concept in e-discovery. Numerous cases in the development of e-discovery have hinged on the production of documents in native file format, mostly because of the metadata question. Today, most attorneys, IT departments and judges know to produce documents in native file format when possible.

Defining “Document”

The history of e-discovery can be traced through the growing definition of the word “document” under the rules of procedure over the time of the digital revolution.[14] Without overstating the obvious, documents under the Rules started out as physical writing on paper or another media (a long time ago, a will was once ruled valid that was written on a piece of wood). Now, after several updates to the language in the Rules, the word “document” collectively refers to all electronically stored information, in any form.

Duty to Preserve ESI and Spoliation

The duty to preserve evidence that is imposed on the party that holds the evidence is as old as litigation itself. But, because of the special nature of electronic data, special procedural rules have been enacted regarding the preservation of ESI[15]. The rules are designed to encourage the parties’ cooperation in setting the scope of discovery as early into the litigation as possible so that everyone knows what data needs to be preserved.

Every entity that stores ESI has a duty to preserve that data when it has been informed that litigation is possible, or even when the company can reasonably infer that a lawsuit is coming. Failure to preserve relevant ESI, or any deliberate change in ESI such as erasing it or changing it is called “spoliation.” There are two types of spoliation—inadvertent and deliberate. Deciding whether spoliation is accidental or deliberate is a matter of proof but can also be inferred from the circumstances.

To impose sanctions for spoliation, a court must find that:

    ·      the relevant ESI that “should have been preserved” must have been “lost”;

    ·      the loss must have occurred after the duty to preserve arose (which triggers when litigation was “reasonably foreseeable”);

    ·      the loss must have occurred because the party failed to take “reasonable steps” to preserve the ESI; and

    ·      the ESI cannot be “replaced or restored” through additional discovery, so the loss prejudices the party seeking the ESI.[16] 

This rule does not cover the deliberate destruction of ESI, but courts can also impose sanctions in those cases.[17]

In the past, potential defendants would often receive letters threatening litigation before any case was filed. Very often now, the very first step in litigation is a “litigation hold” letter, which is a letter threatening litigation that includes the admonishment to freeze and hold any possibly relevant data where it is. The letter establishes a date when a duty to preserve arises for potential spoliation arguments later.[18]

The sanctions for spoliation can be harsh. One recent federal case imposed a $3 million fine on a company that had one employee delete a few thousand emails.[19] Sanctions could even theoretically include forfeiture (losing the case) in the case of egregious and deliberate spoliation.[20]

E-discovery Software Platforms

All discoverable data must be stored somewhere and in some format. It is discovered using different search methods and algorithms which find and collate relevant data in timelines and other ways that lawyers, judges and juries can understand. Many of these platforms now use machine learning, sometimes referred to as “artificial intelligence,” to find what they are looking for through a process called “predictive coding” which we will discuss in a later module.

How E-Discovery Platforms are Developed

Because ESI is stored electronic data, the tools that are needed to run discovery on that data are computer tools. As such, there are numerous competing software platforms that offer electronic discovery for the whole range of discoverable data or for smaller chunks of it. In fact, many primers on e-discovery double as sales manuals for software companies. We won’t discuss any companies specifically, but we will go over some of the things of which these platforms are capable. 

The companies who design and sell those e-discovery platforms use the same model for developing their products: The Electronic Discovery Reference Model, which was developed in 2005 by two Minnesota-based e-discovery consulting firms.[21] It provides the industry standard workflow model on which all e-discovery is based.

It is also the guideline for corporate IT departments and their attorneys for making sure that company-stored data will always be discoverable, if necessary. The model consists of nine parts[22]:

Information management: Implementing data governance processes that alleviate risk and expenses in the event of an electronic discovery request. This is the basis of the entire current e-discovery process: all businesses need to have information systems in place that are responsive to e-discovery requests. Many books have been written on the technology in this area.

Identification: Companies must be able to locate sources of information to determine exactly what the data is in scope, depth and breadth, and how it needs to be managed, both before and during e-discovery.

Preservation: Companies must ensure potentially relevant ESI is properly stored using measures such as retention and deletion schedules. They must make sure that the data is not compromised, deleted, or changed.

Collection: They must gather information for e-discovery use. This includes processing and reviewing the ESI.

Processing: This reduces the volume of relevant ESI and converts it to the appropriate formats for review and analysis.

Review: This is where one determines the data's e-discovery relevance and scans the ESI to determine if any of the data is privileged.

Analysis: This step is where you evaluate the ESI for content and context, including key patterns and topics. This is the “deep dive” into the data looking for patterns, surprises, topics, people, or anything that will tell the analyst what is going on in the case.

Production: Delivers the ESI to relevant parties, in the forms and delivery methods that are required in the individual case.

Presentation: This is where one displays data findings at depositions, hearings, trials, etc., to elicit further information, validate existing facts or positions or persuade a jury. The goal is to present the ESI in native or near-native formats, so triers of fact can see what really happened in the case.

Application to Criminal Cases

Although this course concentrates on civil law, the issue of ESI storage in criminal prosecutions is of interest to many. It is an issue that received national prominence in 2016 when the FBI reportedly paid hackers nearly a million dollars to hack into the San Bernardino Terrorist’s iPhone.[23] In civil cases, discovery of data like this can be had through motion or pretrial agreement. But in criminal cases, this discovery may require a warrant.

While ESI in criminal cases is treated procedurally like any other evidence, how that information is acquired may run into some unique Fourth Amendment search and seizure problems. Cases involving this issue have looked at the plain view doctrine and the particularity requirement for search warrants when, for example, suspects change file names on computers to hide evidence.[24]

The Department of Justice has a set of guidelines for ESI[25]. But, in truth, criminal ESI cases are all over the map. Trial lawyer groups and the advisory council on the criminal rules are currently working on amendments to rules for criminal procedure that are designed to create pretrial discovery procedures for ESI.[26]

In our next module, we will continue to look at electronically stored information, including where it is stored and its various forms. We will also look at when ESI must be produced in response to subpoenas and forensic measures used to retrieve ESI.