Corporate America's steady shift to hybrid and remote working has catapulted the use of collaborative technologies and remote work applications that connect employees like Cisco, Asana, Hive, Slack, Zoom, Trello, and Microsoft Teams, to name a few. Although this technology has existed for years, the pandemic brought about a drastic shift to this remote landscape allowing employers continuity in conducting their business, connecting with their employees, and project management. As a result, these collaborative technologies morphed from luxuries to necessities. With that change comes the need to be prepared for demands for the production of these electronic communications as electronically stored information (ESI) will rapidly become a fact of life for construction lawyer's litigating claims. Be ready.
In a world where communication is abundant, attorneys must understand how parties use collaborative technology and retain data to preserve potentially discoverable electronically stored information (ESI) and ensure early and active cooperation with parties. We know that ESI is purposely not defined precisely. The Rule 34 Advisory Committee provided that “[t]he wide variety of computer systems currently in use, and the rapidity of technological change, counsel against a limiting or precise definition of [ESI].” However, we know a few things about ESI: 1) it includes data stored in any medium from which information can be obtained either directly or, if necessary, after translation by the responding party into a reasonably usable form; and 2) it is data that is stored somewhere. Such broad parameters bring these new and indispensable technologies within our purview.
In addition to companies adapting to new technologies and processes, courts are grappling with discovery disputes associated with the preservation and collection of meeting recordings from RingCentral, Microsoft Teams, and Zoom; posts from Slack, Flowdock, Trello, Dapulse; and chats from Quip, Basecamp, and others mentioned above like Slack. Courts have ordered the production of Slack messages after determining they were relevant and discoverable, ruling that “requiring the review and production of Slack messages [ ] is generally comparable to requiring search and production of emails and is not unduly burdensome or disproportional [ ] if the requests and searches are appropriately limited and focused.”
Today, ESI is abounding with emojis, GIFs, videos, edited photos, electronic documents such as word, excel, Google Sheets and Docs, decks, email, text messages, iMessage, chats, recordings, and transcripts from Facebook, Instagram, Twitter, LinkedIn, Snapchat, TikTok, Reddit, Twitch, Discord, Slack, Microsoft Teams, GSuite, WeChat, WhatsApp, Signal, Telegram, Wickr, Zoom, WebEx, Teams, Skype, and more. Key questions to consider when evaluating a client's data sources include:
- What technologies (e.g., applications, software, and hardware) are utilized for project management, collaboration, and communication?
- Where does the data reside?
- How long is the data retained and accessible, and who has access?
What Technologies Are Used?
It is imperative to understand a company's workflows down to each department and not just what has been written in a policy. For example, in-house counsel may advise that the company uses NetSuite for project management, Outlook for email and calendaring, and Microsoft Teams for meetings. However, service technicians, unbeknownst to in-house counsel and against corporate policy, may communicate regularly through WhatsApp or text messaging from personal or company-owned devices. Once a technology is identified, it must be reviewed and categorized according to its data retention and archival policies set by default or personally by the company/custodian. While this seems archaic, newer technologies such as ephemeral messaging have muddied the waters.
Ephemeral information is stored briefly and is kept somewhere during its storage; therefore, it is ESI. There are three types of ephemeral messaging:
- Purely Ephemeral Messaging – deliberate, permanent, and automated message deletion built into the application; unchangeable deletion trigger; no archiving or storage capability; deletion consistent for senders and recipients; E2E encryption.
- Quasi-Ephemeral Messaging – preservation possible and customizable by the user; deletion impeded by external mechanisms such as message forwarding or screenshots; content deleted but metadata preserved.
- Non-Ephemeral Messaging – deliberate and permanent message deletion not built into the application; deletion inconsistent amongst senders and recipients; deletion from the application does not delete from other sources like servers and backups; deletion timeframe variable, no E2E encryption.
For example, the aforementioned service technician may have tried to send a one-time untraceable message to a co-worker about a machinery inspection via Facebook Messenger's end-to-end (E2E) encrypted Vanish Mode chat; however, the data may still be available. While some E2E encrypted applications are untraceable, many are not—they store data instead of deleting permanently. Vanish Mode and Snapchat are examples of ephemeral messaging that purportedly enable users to send temporary messages to anyone with an active chat, which disappears after the recipient reads them. Yet, depending on the specific ephemeral messaging the application adopts, the data intended to be sent temporarily could live on a backup in perpetuity.