Keep Your Documents Close and Your Flash Drives Closer

In 1969, when Mario Puzo published his novel “The Godfather,” his line “A lawyer with his briefcase can steal more than a hundred men with guns” became highly quoted and recognized because of the innate truth it contained: it’s easier to rob a company through information than through violence.

He could not have imagined that, just forty years later, enough information to take over, bring down, or steal from a company could be contained on a device the size of a pack of gum. Flash drives have made it possible for corporate espionage to reach new heights, and for any disgruntled employee - from the receptionist to the president of the company - to succumb to temptation, download and walk away with the company’s data in a format so small that it can be hung on a keychain. If not accounted for in a document retention policy, flash drives present a significant risk of comprising the integrity and negating the purpose of a document retention plan. 

In a posting called “Deter the Use of Flash Drives to Avoid Corporate Espionage” by James Koopman on the DCIG website, Koopman says,

The portability and high capacity of flash drives is creating headaches for many companies. The Net is swarming with stories of the ill-use, illegal activities, and security concerns as more and more of these devices are lost and stolen or used to steal sensitive information.

The site links to reports on the theft or loss of flash drives containing information as diverse as military secrets, patient data, and confidential child welfare cases, all because the drives are convenient, easy to use, take up no space, are inexpensive and easily obtainable in any electronics store.

 

What all this means to legal departments, of course, is that flash drives have to be accounted for when complying with record retention policies, and in planning electronic document production for litigation purposes. In some environments - the Pentagon being a notable example ("Pentagon Bans Flash Drives"), flash drives have been outlawed entirely due to security concerns.  

But even if national security isn’t your bailiwick, record retention policies should take into account information stored on flash drives and all other e-document locations, as noted by Robert Miller, in The Why and How of Document Retention Programs,” e-files can be stored using an array of portable media such as microfilm, flash drives, CDs and DVDs; or on devices such as Blackberries, Palm Pilots, laptops or even iPods. Additionally, files can be housed on systems such as workstations, servers, corporate e-mail systems, shared network drives, or even the company’s voicemail system.  Clearly, the chore of locating and identifying all discoverable documents is a lot more complicated now than when they existed solely in a metal file cabinet!

 

It does not take a “stab” in the dark to create a sound document retention policy because specific document retention periods are set forth in several sources of law which include the Sarbanes-Oxley Act, the Federal Rules of Civil Procedure, and other federal and state statutes. You can minimize the risk of unknowingly having a “smoking gun” document act as a “silencer” at a time when you least expect it by ensuring that your company has developed a document retention policy that covers the retention and disposition of physical records and all sources of electronic records. By doing so, you’ll certainly sleep easier - and you won’t wake up to a horse’s head in your bed.

Use Caution When Doing Your Spring Cleaning!

 

Although we're in the middle of winter, and the Midwest had -40 degree wind chills last week, this is the time for you to think about spring cleaning. I don't mean scrubbing floors or washing windows. Now is the time to develop a record retention policy and a litigation hold policy and then begin appropriately "cleaning house."  Micron Technology, Inc. v. Rambus, Inc., 2009 WL 54887 (D. Del. Jan. 9, 2009) shows us why it is so very important to have a litigation hold policy in place before starting that spring cleaning.

Rambus was a microchip technology company that became concerned about possible patent infringements by microchip manufacturers. It sought counsel regarding possible litigation, and counsel developed a litigation strategy. During this time, Rambus also designed and implemented a record retention policy, then held a series of "Shred Days" where many expired records were destroyed.

Micron sought a declaratory judgment from the court that its designs did not infringe on Rambus' patent.  The court held a separate trial on whether Rambus' wholesale destruction of documents pursuant to its document retention policy constituted spoliation of evidence and the appropriate sanction to be imposed on Rambus if in fact spoliation had occurred.  

In analyzing the spoliation issue, the court found that Rambus had a duty to preserve its documents once litigation became reasonably foreseeable.  According to the court,

Rambus knew or should have known, that a general implementation of the policy was inappropriate because the documents destroyed would become material at some point in the future.  Therefore, a duty to preserve potentially relevant information arose in December 1998 and any documents purged from that time forward are deemed to have been intentionally destroyed, i.e. destroyed in bad faith. 

Because Rambus' bad faith was so clear and convincing and because Rambus destroyed innumerable documents relating to all aspects of Rambus' business, the court determined that the very integrity of the litigation process had been impugned.  The court found that neither adverse jury instructions nor the preclusion of evidence nor the imposition of fees and costs on Rambus could cure the damage done by the massive document destruction.  Instead, the court delivered the ultimate sanction of all, it declared Rambus' patents involved in the lawsuit unenforceable. 

The moral of the story?  Companies must exercise extreme caution in implementing document retention policies and must strongly consider whether a "litigation hold" needs to be placed on some documents, even in cases where litigation has not been officially commenced yet.  Consequently, when you get that itch to do some spring cleaning, plan ahead so that you can protect your intellectual property and your business.

Saving Your Company's Bucks and Hide...

Did you know that, before paper money was used, Americans used animal hides, or buckskins, for money?  This is the origin of the slang term "bucks." If you want to help your company keep more of their “bucks” as well as their “hide” in 2009, urge them to review and comply with their existing document retention policy.

Jerome Wendt on the StorageChannel.com’s blog revisited some lessons from the past, which remain relevant for the new year. Wendt’s blog discussed the 2002 case of Murphy Oil USA, Inc. v. Fluor Daniel, Inc. (2002 WL 246439, E.D. La. Feb. 19, 2002). Fluor Daniel had an email retention policy that allowed them to erase backup tapes after 45 days, but neglected to follow their own policy…resulting in the unintended preservation of 93 backup tapes, some of which contained damaging information. The Court ordered Fluor Daniel to produce email from one of these backup tapes. Fluor Daniel could have avoided an unfavorable court decision and the costs associated with producing certain incriminating evidence had it only complied with its own document retention policy. 

The beginning of a new year should be seized as an opportunity to ensure that your company is complying with its existing document retention policy.  This is an excellent first step to saving more than a few bucks and protecting your hide as well. 

Walk the Line

There is a thin line when attempting to distinguish between personal records and corporate records. Some would argue that there is no line at all because it is very difficult to sustain a claim that documents prepared in connection with employment are "personal."  The distinction between personal records and corporate records is legally significant because the Fifth Amendment's privilege against self-incrimination can be used to protect personal records.  Because the Fifth Amendment can only be asserted by individuals, corporate records are typically compelled to be produced in response to a subpoena.

The risk to corporate clients is significant when employees maintain records outside of normal record keeping procedures. This issue often arises when employees improperly assume that a record is "personal" because it contains some personal content. Common examples include employee calendars or address books that contain personal information. 

One of the leading cases in this area, In re Grand Jury Proceedings, 349 F. Supp. 417 (N.D. Ohio 1972), established that a desk calendar maintained by executives and/or secretaries is a "corporate document." In that case, a doctor maintained a date book containing both business and personal data. The court held that the calendar could be compelled to be produced because no collective entity, such as a corporation, labor union or partnership, can resist a subpoena for its business records on Fifth Amendment grounds. The court reasoned that the information contained in the requested documents was relevant, stressing that the privilege does not protect any privacy interest in the contents of business records.

Therefore, corporate attorneys should remember that if any element of a document pertains to the business, the whole document may have to be produced in court if it is called for by subpoena. As such, it is best to encourage employees to plan as if all records will be considered as corporate records that are not entitled to the Fifth Amendment protection against self-incrimination.  Employees must understand that all records maintained by that employee can be considered corporate documents, even if personal information is also included in those "corporate" documents, and therefore, those records must be maintained uniformly in compliance with the company's record retention policy.

 

Not Just Another "Auld Lang Syne"

On New Year's Eve, we typically gather in a glitter-and-confetti whirl to toast the New Year with champagne…or maybe you're a stay-by-the-fire-and-watch-Times Square type. Whatever your preference to usher in the New Year, you may be interested to know that the singing of the Scottish folk song "Auld Lang Syne" at midnight is not as traditional as you believed - it did not come to yearly use until 1929, when Guy Lombardo's orchestra played it at midnight at the Hotel Roosevelt in New York City, then released a record of it and continued playing it every New Year's Eve afterward.

By the same token, a century from now law firms will no doubt wonder at our tizzy in getting used to electronic document discovery instead of our "traditional" means of producing documents via hard copy. But for now, clinging to the old ways and not making sure that document retention policies are not only up to date but adhered to is costing our clients a mint. As reported by Sheri Qualters in The National Law Journal on December 17, 2008, Kroll Ontrack analyzed 138 reported cases from January to October 2008 and reported that ONE QUARTER of the reported electronic discovery opinions in that period resulted in sanctions issues, while 13 percent addressed preservation and spoliation, 12 percent involved computer forensics protocols and experts, 11 percent, admissibility, and 7 percent, privilege considerations. In one case in the Northern District of California, defendants were sanctioned to the tune of more than a quarter million dollars. Keithley v. The Home Store.Com Inc., No. 3:03-cv-04447 (N.D. Calif., Aug. 12, 2008). That buys a LOT of champagne!

 

It's clear that doing things the way they were done in "old times past" - the literal translation of Auld Lang Syne - will get legal clients in trouble with the Court and could result in heavy financial sanctions. The Court has no "cup of kindness" when it comes to electronic discovery issues. So this New Year, no matter your celebratory preference, resolve to pay attention to your document retention and e-discovery policies, or if you do not have such policies, it's a New Year - a great time to implement a formal policy.

Quality Not Quantity

The adage that "quality, not quantity matters" certainly applies to the maintenance of business records. Businesses often devote numerous hours to developing lengthy schedules defining what records must be kept and for how long. While the development of a comprehensive schedule is important, the quality of the records to be maintained is just as important. Records must be of a sufficient quality to allow companies to defend against legal claims.

One important quality consideration is how to store the records. Records should be stored so that records can be easily located when necessary to respond to a discovery request. Failure to do so can result in burdensome costs.

In In re Brand Name Prescription Drugs Antitrust Litg., 1995 WL 360526 (N.D. Ill. 1995), an Illinois district court required a defendant corporation to sort through volumes of stored email at its own expense. Pursuant to the plaintiff's discovery request, the records had to be formatted before the plaintiff could search and retrieve the email records. The court held that the defendant should bear the discovery cost of $50,000 to $70,000. Reasoning that the translation of data into a useable form by the discovering party is a foreseeable burden because electronic records should be available with the same openness as traditional forms.

As in this case, companies face increasing requests to produce electronic records. However, the take away is that ineffective storage can be risky and costly for both traditional records and electronic records. Therefore, retention programs should consider the quality of records to minimize risk and high costs associated with discovery.