The Dangers of Trusting Technology to Keep Privileged Documents From Opposing Counsel

It's every litigator's fear - inadvertent disclosure of privileged documents leading to a court finding of waiver of privilege.  A recent Illinois case shows just how easy it is to waive the privilege if you do not stay on top of the technological aspects of your production, even after conducting a complete review and indentifying privileged documents.

In Thorncreek Apartments III, LLC v. Village of Park Forest, 2011 WL 3489828 (N.D. Ill. Aug. 9, 2011), the court was faced with a defense counsel who "thought" that merely marking documents as privileged in an electronic database would keep them safe from production. Unfortunately for counsel, every document that had been identified as privileged was produced to opposing counsel. To make matters worse, defense counsel did not learn of the accidental disclosure for nearly nine months of discovery. He then waited an additional four months to produce a privilege log to opposing counsel. Not surprisingly, the court held that while some of documents were privileged when originally created, defense counsel had waived privilege by his actions, or more precisely his inaction.

Here are some key points from the case all litigators should take to heart when engaging in document production:
 

1.  Attorneys must take precautions to protect electronic disclosure of privileged documents. They should never presume that merely marking documents as privileged in an electronic database will prevent their production.

The court determined that the defendants' procedures for privilege review were "completely ineffective." Although counsel "thought" marking a document as privileged in the electronic database would automatically lead to it being withheld from opposing counsel, counsel never actually checked the production to assure that this was the case. The court also noted that counsel hardly could have taken adequate safeguards against production where every single privileged document, not merely one or two, had been produced.

2.  Attorneys should produce privilege logs close to the time when a production is made. It will act as a check on whether documents have inadvertently been produced and alert opposing counsel to a document's privileged status.

The Thorncreek court weighed heavily the defendants' nearly nine-months' ignorance regarding the disclosure of privileged documents. Defense counsel failed to check in at all, on the electronic database of documents to see what documents were present and what documents opposing counsel was viewing from the production.

Defense counsel was also faulted for failing to timely produce a privilege log. Such a log would have alerted both sets of counsel to a privileged document being accidentally disclosed. Instead, defense counsel waited more than a year after production began, and a whole four months after learning of the accidental disclosure during a deposition, to provide such a log.

3.  Where inadvertent production of privileged documents has occurred, counsel must immediately take steps to rectify the error in order to protect and maintain privilege.

The court came down on defense counsel for not knowing of the inadvertent production of privileged documents for months, and then failing to act with diligence after finding out.

It may be basic, but the lesson is that there must be additional checks and balances other than simply checking off documents as privileged in an electronic database, ten steps before they are actually produced. While this hardly means that an attorney must re-check every single document marked for production or privilege a second time, there could be, for example, a search of a sample of privileged documents to ensure they are privileged; and a sample of non-privileged documents to make sure nothing privileged has snuck into the pile. Another method is to run a search for a few attorney names, and verify that the resulting hits are marked privileged.

The bottom line is that counsel should always check a production for privileged documents, monitor documents in an electronic database, and act immediately to assert privilege when an accidental production is found. 

Ascending to the Cloud Creates Negligible E-discovery Risk

Cloud computing platforms (a set of pooled computing resources that are powered by software and delivered over the Web) have been generating quite a bit of press in the last year. Indeed, just recently computing giant Microsoft launched its Microsoft 365 cloud computing platform, designed to rival Google’s "mega-cloud" platform, which launched in May 2010. Since the release of the first commercial cloud computing platform by Amazon in 2006, cost-conscious companies have been racing to evaluate the pros and cons of moving their computing operations to “the cloud.” According to the Booz, Allen, Hamilton technology consulting firm, “Cloud computing may yield:

Life cycle costs that are 65 percent lower than current architectures

  • Benefit-cost ratios ranging from 5.7 to nearly 25
  • Payback on investments in three to four years."

Notably absent from that cost-benefit analysis, however, is the effect cloud computing may have on the costs and risks associated with conducting electronic discovery. Those engaged in such activities may well ask the question, “Will the savings companies expect from moving their data to the cloud be absorbed by the additional costs/risks created by conducting e-discovery in the cloud?”

The short answer is no. Although there are risks associated with conducting e-discovery from the cloud, they are remote, manageable and eclipsed by the savings companies should expect from cloud computing. Some of the riskiest aspects of conducting e-discovery in the cloud are:

  • The loss/alteration of data and associated metadata
  • The potential violation of international data privacy laws by illegally disclosing data in the jurisdiction in which the cloud is located
  • The unintentional waiver of the attorney-client privilege by co-mingling data or disclosing attorney client communications to third parties
  • The failure to properly and timely implement and monitor litigation holds

Fortunately, companies can easily manage the risk of altering metadata and the risk of violating international data privacy laws by insisting the service agreement with their cloud provider:

  • State that none of the company’s data may be stored outside the United States
  • Provide a detailed mechanism for how the cloud will implement litigation holds
  • Address how metadata will be created and stored in the cloud environment

Similarly, companies can minimize the risk of waiving the attorney-client privilege by including “no waiver” language in their cloud computing service agreements and establishing security protocols to prevent the inadvertent disclosure of communications to the administrators of the cloud or any other third party.

When the technology has improved and cloud computing administrators have developed expertise at responding to e-discovery requests, companies might even enjoy e-discovery cost savings by moving their data to the cloud. “If the cloud fulfills its promise and supplants the hodgepodge of local hard drives, LAN servers, and removable storage that now house our data, the cloud will emerge as the simpler, ‘one-stop shop’ for preservation and search in electronic discovery,” Craig Ball, an expert on trends in e-discovery, predicts.

In fact, that technology already has been developed and is in use for other applications. In late 2010, Facebook (currently the largest functioning equivalent to a cloud computing environment) added to its regular user interface a one-button preservation tool for capturing user content. Now, by simply clicking the “Download Your Information” button (and providing the appropriate password), Facebook users can request a neatly packaged zip file containing all of their videos, messages, wall posts, friend lists and other profile content — it doesn’t require a professional background in information systems to comprehend how similar technology can be applied to collect corporate data stored in the cloud.

Furthermore, cloud administrators saddled with the responsibility of responding to many subpoenas or production requests on behalf of myriad clients will, in time, develop an expertise in culling, processing and producing data. In turn, cloud users will undoubtedly benefit from advances in technology as well as the experience that cloud administrators have gained in responding to e-discovery requests.

The hope is that these efficiencies will translate directly to the end-user. At the end of the day, in-house counsel should be confident that (if managed properly) the benefit of moving a company’s data to the cloud outweighs the risks and costs associated with producing data from the cloud as part of a lawsuit.

                                       *                                                   *                                                *

This article was originally published by Steven Hunter, a Quarles & Brady partner, in Inside Counsel.

Logging Email Chains to Preserve Privilege

 

Lawyers regularly receive emails from clients that contain earlier email threads that are forwarded in the course of seeking legal advice. Sometimes these earlier threads appear as attachments. Other times, they are embedded beneath the content of the most recent thread. Regardless of the form of the threads, parties involved in litigation will often seek to withhold the entire chain from the opposing party. The problem lies in determining how to properly log an email chain to preserve the privilege that attaches to the earlier email threads when they are forwarded along with a privileged email.

In a recently published opinion from the Eastern District of Pennsylvania, the court found that each individual thread must be logged. Rhoads Industries, Inc. v. Building Materials Corp. of America, 254 F.R.D. 238, 241 (E.D. Penn. 2008). If an underlying email is not logged, any privilege that otherwise might have attached to it is waived.  

If it doesn’t make immediate sense to you why someone might not want to log each individual thread, consider that the underlying emails probably have to be produced in their original, non-forwarded format. By comparing the log with the emails that have been produced, the opposing party can determine what emails the client forwarded to the lawyer.  Because the opposing party has access to these emails in their original format, the opposing party might be able to determine what the lawyer and client knew and when they knew it, including key facts in any dispute. 

 

Rhoads made many bloggers “Year in Review” lists in December and January because the court, in an earlier opinion, engaged in a lengthy analysis of the factors to be considered under Federal Rule of Evidence 502 in determining whether Rhoads took reasonable steps to prevent inadvertent disclosure and to rectify the mistake upon discovering it. In that earlier opinion, the court decided that Rhoads had waived the privilege that might otherwise apply to several documents that its attorneys had failed to log.

The court was subsequently called upon to clarify whether or not Rhoads had waived the privilege with respect to email chains, some threads of which were logged, others of which were not.  Although the court noted that the attorney-client privilege may attach to an otherwise non-privileged email when the email is forwarded along with a privileged email, the court found that Rhoads had waived the privilege for any unlogged threads. The court ordered Rhoads to produce the email chains, but authorized Rhoads to redact any threads its lawyers had previously logged.

The moral?  If one email in a chain is privileged, counsel needs to take care in considering whether all of the emails in the chain are privileged and treat them accordingly.  If they are not all treated as privileged and logged as such, counsel risks waiving the privilege as to the entire email string. 

Ode to E-Discovery in 2008

Flooding the internet, they consistently accrue:
Blawgs offering e-discovery 'Year in Review's;
But these go on about facts and case histories too,
Before getting to the point of what you can and can't do.

Why not cut to the chase? Why not give it up straight?
Stripped below are the basics of two thousand and eight.
We'll start off with the general dos and the don'ts;
The haven'ts, the shouldn'ts, the emphatically won'ts.

Quite instructive are Canon's and Keithley's examples
Of "lackadaisical attitude" of defendants. As samples:
Do not find that hard drive behind the client's home door,
When discovery has been ongoing for a year or for more.

Do not stumble on computer reports you said "did not exist"
In an e-folder marked "Reports" that you for some reason missed.
And periodically remind clients and their IT personnel
Of the need to preserve the source code that was written on that Dell.

When you don't produce e-mails, the court said in Peskoff
Explain your search method and why, at production, you scoffed.
But if you contributed to information deletion or loss
And the court orders recovery, you won't get your costs!

Do not say you've e-searched when it's just a tall tale:
This was sanctioned under Rule 26 in R&R Sails.
There were costs sanctions also in Ajaxo, among a larger plethora.
And sanction of termination in Arteria and also Pandora.

In Keithley sanctions were imposed even on a party pro se
And in Schwarzenegger for "foot dragging" and a "litany of delays."
But take heed, warned O'Keefe -- don't request termination on whim.
Do not "strike at a king" unless you're sure you'll "kill him."

O'Keefe (plus Equity, Victor) gave lawyers heart attacks.
For saying that search term effectiveness is for experts to crack;
And that if lawyers pick and evaluate the key words instead
They are moving toward places "where angels fear to tread."

The courts warned that when using a method of searching
Learn first of its weaknesses through prior researching.
This was why D'Onofrio rejected what both experts said
And created a brand new search protocol method instead.

Rule 502 on preventing waiver through "reasonable steps"
Saw decisions pronouncing judgment on various missteps.
Alcon acknowledged that the Rule's very recent debut
Was designed to avoid "expensive, painstaking review."

Despite this pronouncement, some courts have cried "waived"
As to attempts made in hindsight to have privilege saved.
Rhoads found possible waiver for documents mistakenly produced
If they were not in the privilege log – there could be no excuse.

And failure to take measures that could prevent waiver
Like claw-back agreements, or Sedona-type saviors
Led to Victor’s conclusion, which uncommonly held
That the attorney-based privilege at issue was quelled.

Moving on, Mancia addressed the Rule 26 obligation
To meet early on regarding e-preservation,
Proclaiming "adversarial conduct" in e-discovery condemned
As a "burden to the American judicial system."

Some courts dove in early to prevent such discord,
Ordering forensic exams to preserve evidentiary records.
To conserve ephemeral info in Xpel, it was fair;
And when defendants were evading service, it was ordered in Allcare.

Other examples included when a party was unable
or unwilling (in Canon) to preserve/produce on the table.
Just remember: as emphasized in Sterle and Square D
Do not interfere with a court-ordered forensic decree.

Rodman, Reinhard and Younessi addressed nonparty subpoenas
And the protection of confidential, trade secret arenas.
Where nonparties are concerned and offer up much resistance
In-house searches are fine, or neutral expert assistance.

The debates continue on metadata versus non-native tracks
And Aquilar labeled metadata as being "the new black."
That court ordered re-production of non-natives with meta
Though the recipient was required to pay costs, as pro rata.

But not all courts required conversion to a metadata mode.
Extra burden led D'Onofrio to an "only if necessary" ode.
And Autotech said doc requests must actually require "native" --
You can't ask for it in hindsight by getting creative.

Yet if e-documents already exist in original native form
And the requests do not contain any language that informs,
White condemned the conversion to non-native in litigation
Since this is done just to increase the opponent's frustration.

Finally, social networks are making an appearance in law
And becoming a most popular e-discovery draw.
The field is wide open on the extent to which these
Are discoverable and admissible, or cannot be seized.

Flagg required defendants to give ISPs consent
And to produce ISP-retrieved records of texts that it sent.
And in Australia a court made clients even more nervous
By allowing Facebook to be used as a method of service!

We hope you've enjoyed this short "Year in Review"
And that all of this knowledge is useful to you.
We await more developments in two thousand and nine;
And wonder whether and where courts will draw any lines.

 

**For a complete list of the cases discussed above, please contact the author.