By Mike Tonsing - www.your-second-chair.com
Last month, the federal judiciary (through its Advisory Committee on Civil Rules) published the latest proposed changes to the Federal Rules of Civil Procedure. (Copies of the proposed changes and the accompanying committee commentary - comprising in all about 130 pages - can be downloaded and printed in PDF format from www.uscourts.gov/rules/comment2005/CVAug04.pdf.)
In its preface, the Committee said:
Over the past five years the Committee has examined whether the roles adequately accommodate discovery of information generated by, stored in, retrieved from, and exchanged through, computers. During this period, electronic discovery has moved from an unusual activity encountered in large cases to a frequently-seen activity, used in an increasing proportion of the litigation filed in the federal courts. The Committee has been urged by organized bar groups, litigants, lawyers, and judges to consider rules changes that accommodate the distinctive features of such discovery.
The public (or, more accurately, the legal community) now has until February 15, 2005, to comment on the proposed Rules, which will not take effect until late 2006, or even later.
The August 2004 submissions deserve your active and immediate consideration. (The Committee has made it easy to respond. Timely comments can be submitted electronically at www.uscourts.gov/rules/submit.html.)
Though the Civil Rules Advisory Committee's work was not limited exclusively to E-Discovery, that was its major focus. The Committee's E-Discovery proposals address, inter alia, the unintended disclosure of privileged electronic information, the treatment of electronic information that is not reasonably accessible, and the consequences of loss or destruction of electronic data; and, they propose "meet and confer" provisions that encourage litigators to focus on E-Discovery issues early in the life of each lawsuit.
The most prominent feature of electronic evidence, in the opinion of the Committee's majority, is:
. the exponentially greater volume that characterizes electronic data, which makes this form of discovery more burdensome, costly, and timeconsuming.
That view is hard to gainsay. Quoting from the Manual for Complex Litigation (4th), the Committee forcefully made its point:
The sheer volume of such data, when compared with conventional paper documentation, can be staggering. A floppy disk, with 1.44 megabytes, is the equivalent of 720 typewritten pages of plain text. A CD-ROM, with 650 megabytes, can hold up to 325,000 typewritten pages. One gigabyte is the equivalent of 500,000 typewritten pages. Large corporate computer networks create backup data measured in terabytes, or 1,000,000 megabytes: each terabyte represents the equivalent of 500 billion typewritten pages of plain text.
Given the breadth and number of the Committee's proposals, it would be difficult for me to comment meaningfully on them all within the confines of a single column. Therefore, I will focus here on just one recommendation - that of a "safe harbor provision - and leave the others to be addressed in ensuing months.
One fairly novel and controversial recommendation of the Committee would result in an amendment to FRCP 37 to include a "safe harbor" provision. If the Committee's overall criteria are met (and if the proposal is adopted), a party would be shielded from sanctions for failing to provide electronically stored information if it had taken "reasonable steps to preserve the information after it knew or should have known the information was discoverable ... and the failure resulted because of the routine operation of the party's electronic system." The safe harbor protections would apply only to sanctions under the rules and only to data losses that occurred after the lawsuit was filed.
This proposed change is meant to confront the reality that electronic data can vaporize without anyone intentionally destroying it, - through, e.g., commercial programs that routinely and automatically recycle data, that overwrite deleted information, and that erase data that have not been accessed for a specified period of time.
The Advisory Committee suggests that, once the subjects of litigation have been identified, a party should consider imposing a "litigation hold" - an "e-freeze" that preserves e-mail records and electronic files of key individuals and litigation-targeted departments. But, it would impose no duty to do so.
The Committee's report candidly acknowledges the existence of a split of opinion on whether the standard of culpability for the destruction of electronic files under Rule 37(f) should be (1) the negligence standard embodied in the draft, or (2) a higher standard, i.e., one requiring willful misconduct. (By the way, the Advisory Committee is specifically soliciting feedback on this question, in particular.)
Some on the Committee are satisfied with a negligence standard. Others say that more than mere negligence should be a prerequisite to sanctions, in light of the complexity of many computer systems today. And, still others suggest that the case law on spoliation and preservation of evidence already has been very well-defined through court decisions and a revision of FRCP 37 designed to preserve electronic evidence is simply not needed.
Rather than commenting on all of the Advisory Committee's wide-ranging proposals for change, I'd like to focus initially on an emerging "new reality" recognized by the Committee - the fact that electronic data can indeed vaporize without anyone intentionally destroying it. And, I'd like to use a rather simple example to make my point, the point being that rules that specifically target "current" technology are doomed to become obsolete faster than a 500 MHz PentiumT chip. As you will soon see, I side with those who believe that the case law on spoliation and preservation of evidence already has been very well-defined through court decisions and a revision of FRCP 37 designed to preserve electronic evidence is simply not needed.
According to a short article buried in the middle of the second section of the August 26, 2004, Wall Street Journal, "companies are growing concerned that digital copiers and printers can be tapped for corporate intellectual property or employees' personal data." The article points out that, precisely because modern digital copiers are digital, they are likely to employ hard-disk drives to store documents, drives that are just like those on personal computers. So, even though most office employees presume that all data has been deleted when their seemingly innocent copier finishes its job and speedily delivers, collates and staples the last document, that may not be true.
Today, the hard disk inside most multifunction digital photocopiers has a "management data area" and a "real data area." When data is deleted, it is removed from the management data area of the hard drive only, leaving the "real" data - i.e., the sensitive data - intact.
The Journal story, which addresses security issues rather than E-Discovery issues, quotes Edward McLaughlin, president of Sharp Document Solutions, who indicates proudly that new disks that eliminate the digital residue of old documents are coming very soon for most multifunction printers, as soon as this fall, long before the proposed new Rules are scheduled for consideration and adoption.
Sharp seems to be in the forefront in developing copier security technology. (See www.sharpusa.com/products/SharpSecurity1.) It has developed what it dubs the Data Security Kit, which first encrypts and then overwrites latent image data used in a Sharp digital copier's system memory. Sharp claims that this two step process, initial encryption combined with multiple overwrites of data, provides a higher level of security than many processes currently used by other manufacturers. So much for security. Congratulations, Sharp. Congratulations, Mr. McLaughlin. But, what about E-Discovery? And, what about the proposed new Rules?
Business litigation firms soon will need to confront the embarrassing absence of client data that was admittedly captured earlier by their clients' photocopier hard drives but erased by their nifty Data Security Kit before the other side could get its hands on it. Will sanctions follow? Will there be a safe harbor for digital copier data routinely overwritten by a Data Security Kit after a case has been filed, but not before? Is there a special duty to protect such data on copier hard drives from spoliation once the prospect of litigation becomes palpable, or imminent, or once the defendant has been made aware that its copier may be a discovery target? If any of the above, does a defendant's duty extend to disconnecting its Digital Security Kit or does it require freezing the office behemoth altogether, since each new innocently made copy could overwrite potentially relevant and sinister data that might exist nowhere else? (And, if so, have the Advisory Committee members become the unwitting dupes in a plot by the industry to sell many more of its photocopiers?)
The proposed new Rule, it seems to me, does not adequately address the issue of photocopier hard drive E-Discovery. It focuses almost exclusively on e-mail (and derivatively, on instant messaging), which has a different pathology altogether.
My "bottom line" point is that technology continues to advance at warp speed, faster than even a highly regarded FRCP Advisory Committee can react. I remain unconvinced that we are better off with a safe harbor provision that may not fit new advances in technology that are already overtaking the rulemakers (like hard drives on copiers and Digital Security Kits to routinely scrub them).
Good judging, forming precedent on a case-by-case basis, remains the best approach when confronting rapid change, in my view. But, what do you think? Please let the Advisory Committee know. (I respectfully suggest that you leave out all references to plots by photocopier companies, in any event.)
See you again next time here in the E-Discovery Disco.
Open Mike Archive >>