The Modern Archivist

I Know Who You Called Last Summer

By Linda Sharp, ESQ., MBA

As the burgeoning world of electronic data blurs the line between public and private, more cases like that of People v. Taylor, Colo. Court of Appeals, 5th Div. No. 09CA2681 (June 7th, 2012) will surface. The issue with this case revolves around the legality of searching a cell phone without a warrant and if this is in breach of the rights accorded by the 4th Amendment (1).

In this case, undercover police officers suspected that the defendant (Taylor) was dealing drugs and, subsequently, arrested him on these charges. During the search of the defendant, they seized his cell phone and reviewed his call logs without a warrant. In the course of this review, they found incriminating evidence that showed that the defendant was, in fact, dealing drugs.

Currently, the defendant is trying to get this evidence dismissed in court by arguing that reviewing his call logs without a warrant is in violation of his 4th Amendment rights. The police are counter-arguing that this is well within the law due to the “search incident to arrest” exception to the law requiring a warrant prior to search. This exception states that police have the right to search any object(s) either in possession or within reach of the arrested person(s). Currently, there is not a Supreme Court ruling revolving around the applicability of this exception to cell phones. The ruling in the lower circuit courts have been split. Various courts have ruled in favor of this exception vis-à-vis cell phones (e.g. 4th and 5th US Circuit Courts) while others have said cell phones are off limits (e.g. Ohio Supreme Court).

As of right now, the judge in this case has ruled that reviewing the call logs of the defendant was well within the realm of the “search incident to arrest” exception of the warrant requirement. The court based this off of the fact that the search was merely limited to the cell phone’s call logs and nothing else. If the evidence in question was found in text messages or some other form of data within the phone, this ruling may have been completely different.

The importance of this case on the corporate world of eDiscovery revolves around the 4th Amendment and electronic data. This case shows that the line between someone’s 4th Amendment rights and its applicability to eDiscovery is becoming ever-increasingly blurry as the courts attempt to deal with technology’s inundation into contemporary society.

1. The 4th Amendment of the US Constitution guards against unreasonable search and seizure. To read more, click here.

SAC Capital: Dumping Data

According to the Wall Street Journal, two former hedge-fund managers from SAC Capital Advisors have been acting quite suspiciously lately – one even took his computer drives apart with pliers and deposited the left-overs in four different garbage trucks around NYC. In testimony, the offending manager, Donald Longueuil, explained in very colorful language that, “It’s all f—in’ ripped apart. Everything’s gone.”

That is one way to enact a retention policy.

Mr. Longueuil had been reacting to this WSJ article about a federal probe into insider trading. Now, there’s no way to tell how SAC Capital manages their electronic data, but I am sure that no compliance officer is happy when someone is ripping up hard drives by piece.

“When people frantically begin shredding sensitive documents and deleting computer files and smashing flash drives and chasing garbage trucks at 2 a.m. … it is not because they have been operating legitimately,” said Manhattan U.S. Attorney Preet Bharara.

This is a prototypical case of why companies cannot allow end-users to manage the retention of their data – they are allowed to break the law and destroy the evidence. Prosecutors will not be kind to such a poorly governed company. Already the government has been broadening the scope of the investigation into SAC and its partners.

In this case specifically, SAC Capital could have benefitted from e-mail and file archiving to ensure that they keep a copy of all business-relevant data from their computers. With this information they could have proven Mr. Longueuil to be an isolated manager who went off the reservation. Instead, they will be at the center of an expanded federal investigation.

News Flash: e-Discovery Sanctions on the Rise

Okay, so maybe it isn’t shocking to learn that E-Discovery sanctions have risen every year in the past 10 years.  But it is surprising to find that the rise has been so great and that it continues regardless of aggressive attorney educational efforts and maturing technological solutions.

If you haven’t already seen it, last month the folks at legalworkshop.org published a thorough analysis of e-discovery violations throughout the past 29 years (yes, there was an e-discovery case in 1981). You can find the original post here.  According to the authors “ESI has played a more predominant role in pretrial discovery; producing parties have struggled to comply with ever-expanding and increasingly complex responsibilities. The liberal scope of discovery in federal courts, when coupled with ESI’s defining characteristics—high volume, broad dispersal, and dynamic nature—also confounds efforts to conduct discovery effectively and economically.”

We continue to see this played out in the courts and in the marketplace. The ruling in Qualcomm Inc. v. Broadcom Corp concluded that Qualcomm and its counsel failed to produce more than 200,000 pages of relevant electronic documents and was ordered to pay $8.5 million in legal fees. In the Victor Stanley v. Creative Pipe decision, intentional e-discovery mishaps nearly led to jail time and cost over $300,000 in sanctions.

A quick analysis of the data shows that written rulings on E-Discovery almost tripled between 2003 and 2004 – with a steady increase in each consecutive year and culminating in 2009 with 111 total rulings, 46 sanctions awarded and 12 adverse jury instruction sanctions. The rise of adverse jury instruction sanctions should be of particular concern for  defendants since it was found that the sanctions disproportionally affect them.  Indeed, since 2005, the courts have seen between a 1:5 to 1:3 ratio of plaintiff sanctions to defendants’.

With sanctions being given out at historic rates, it behooves legal counsels to take advantage of timely educational opportunities.  For

example, ZL is hosting a webinar next week, December 14^th, on Ethics in E-Discovery (sign up here) and another on 1/11 and 1/25 in January.

For more information click here.

In addition, in-house attorneys should re-evaluate their e-discovery software to see

if it can scale to match the incredible influx of documents and includes air-tight audit trails to prove the defensibility of all actions taken.  By combining education and the tools to properly address e-discovery, ZL aims to help all of our customers develop an unquestionably defensible e-discovery process.

Government Rewarding Whistleblowers and Effective Whistleblower Policies

A little publicized provision in the new Dodd–Frank Wall Street Reform and Consumer Protection Act, “…requires the Commission to pay an award…to eligible whistleblowers who voluntarily provide the Commission with original information about a violation of the federal securities laws that leads to the successful enforcement of a covered judicial or administrative action…”

In the end, the provision allows the commission to pay between 10 to 30 percent of any recovery over $1 million to whistleblowers who give original information of fraud. As the Wall Street Journal’s Law Blog points out, “It opens companies up to more scrutiny from the SEC, and will likely raise costs.”

Corporate compliance systems will be under increased scrutiny internally, as employees are given incentive to tell on their employers, and externally, from the SEC itself. It is of importance to develop a system to quickly conduct internal investigations and to develop a set of whistleblower policies conducive to such an environment.

An effective whistle blower policy will:

• prohibit employees from interfering with the right of another employee to blow the whistle
• prohibit employees from retaliating against an employee for having made a protected disclosure or for having refused an illegal order
• provide a procedure for raising a concern to the corporate legal department
• provide a procedure for filing and addressing complaints of retaliation for whistleblowing.

Once these policies have been enforced, it is then vital to implement a robust investigation process – a process which manages internal reports of fraud and investigations directed by the SEC itself. The ability to quickly launch a thorough investigation, to identify areas of risk or to take action against open cases, becomes increasingly important as scrutiny increases. The Dodd-Frank bill pushes to light the mandate to create an environment of corporate transparency – an order now directly from Washington.

Investigations can take months to complete – disparate data sources and an incomplete data map can make collection a logistical nightmare. By deploying ZL Technologies’ Unified Archive, enterprises can manage and search through all of their unstructured data (including email and file shares) from one platform. This cuts down collection from days or weeks to seconds. With the Unified Archive, responding to an allegation of misconduct has never been simpler.

Tags: compliance, frank-dodd, internal investigations, policy, SEC, whistleblower

Electronic Privacy and the Vast Machine

Last week, the Saudi Arabian government announced their intention to block BlackBerry service, claiming that the BlackBerry producer Research in Motion (RIM) had failed to “meet the regulatory requirements of the [government] commission.” The statement did not elaborate much further. This announcement came after the United Arab Emirates had recently decided to suspend BlackBerry service for the benefit of national security. Other countries such as Indonesia and India have expressed similar interest in limiting Smartphone communications as well.

Over the weekend, RIM came to an agreement with Saudi Arabia to place servers inside the Middle Eastern kingdom in order to avoid a ban on service. Saudi officials will now be capable of reviewing messages from BlackBerry products in efforts to curb whatever they deem to be illegal activity.

This agreement creates a dangerous precedent for other governments in the region, and anywhere else in the world.  They will undoubtedly compel all smartphone producers to provide full access to previously encrypted, private information (if they haven‘t already).  Just like RIM, they won’t have any real choice.

The grim reality is that personal emails were (still are?) being read by employers and agents of supposed “free democratic” societies such as the United States. And employees already know that their emails and communications are capable of being read by their employers.  Indeed, there exists very little expectation of privacy for anything online, and the fact that messages are sent on personal phones does not change this reality. In this way, I appreciate that Saudi Arabia and UAE are open and forthcoming about their intentions.

Will individuals begin to behave differently because they are aware that they are being watched?  As it becomes increasingly apparent that someone may be (likely is) reviewing electronic communications, we could simply limit the quantity or type of information we view and share (this will be the virtual panopticon).  Or will we reverse course?  The increasing abundance of data could create a sense of “that couldn’t happen to me” because of such an overwhelming base of information (the ostrich defense?).

Whatever the outcome, don’t be fooled into thinking that the original desire of the Saudi government to review emails is something new, or something limited to oppressive Middle Eastern regimes – privacy is a shared illusion worldwide.

Tags: electronic records, legal discovery, litigation discovery, records management, smoking gun documents

Goldman All Red Over Profanity

 

“boy, that timberwof was one s— deal.”

This one line tormented Goldman Sachs throughout the Senate’s investigation and is highlighted in recent bad press about their curse-laden culture.  Shockingly, these aren’t even as bad as it getswhen it comes to regrettable corporate e-mails that have been leaked to the press.  In response, Goldman Sachs has banned profanity from electronic communications, joining the ranks of Citigroup and J.P. Morgan Chase. Not a bad idea after losing $535M to the SEC in July.   

The lawsuit and investigation, which was in part based on Goldman’s own traders calling their deals “shi**y”, underlines the need for companies to review communications system-wide.  I am sure that Goldman is looking for software that can pre-review emails for certain phrases (like shi**y) and alert the sender and the sender’s management of the breach of policy.  Without that level of monitoring and review, employees can cost companies millions…and in this case, over half a billion. And any software that does this level of pre-review can go far beyond Goldman’s enforcement of their new curse code (or whatever they are calling it) and includes the protection of intellectual property, personal information, and general Data Loss Prevention.

People might see profanity censorship as draconian, yet this has become standard practice for many companies. Bloomberg LP says that it has monitored emails for over 10 years. As Kendall Coffee, former federal prosecutor says, “There is case after case of email disaster that is reported in newspapers or media, and you would think that the last thing any rational person would do would be to…use profanity in email, but it seems to be an unlearnable lesson.”

I agree and doubt there is any way to stop traders from using profanity.  But is it too much to hope that Goldman can learn to stop trying to f*!@ its investors?  We’ll see.

Tags: Discovery, e-discovery search, electronic records, Preservation, records management, review

Is it Possible to hide a Document Anymore?

 In the past, when a company was sued and received onerous discovery requests for “all documents,” they might simply open up their warehouse filled with boxes of documents and tell the opposing party that they have free reign to search for relevant documents.  And as many in the legal world may recall, this could be successful in hiding documents.   However, a recent post on www.appliedediscovery.com and others makes me think that companies can no longer hide smoking gun documents.

As Toyota, BP and countless other companies know, even if they don’t produce a document to a regulatory body or an opposing counsel, some whistle blowing employees will release the document anyway. For example, see here and here.    Or, as the White House learned, a FOIA request can show some questionable activities. 

Even without whistle blowers and FOIA requests, it is important to remember that when it comes to electronic documents, there is almost always going to be a copy outside of your control.  For example:  Emails that make it outside of the organizations servers can be very difficult and sometimes impossible to find; and backups allow records to be restored even if the data was purposefully deleted from the active platform.  In addition, most of the onerous spoliation sanctions come from the evidence left behind when a party tries (or succeeds) in destroying data.  For example, see TR Investors, LLC v. Genger (an owner of the TRI business was fined $750,000 as a result of ordering his IT consultant to clean out his hard drive which resulted in the inability to produce ten relevant documents in court). 

The best way to deal with the potential of smoking gun emails is to establish appropriate retention policies and consistently delete documents. The risks involved with attempting to hide an email or electronic file are far greater than any potential reward.

Tags: Discovery, e-discovery, e-discovery software, EDRM, electronic records, litigation discovery, smoking gun documents