chevron-down Created with Sketch Beta.
February 13, 2024 Feature

E-Discovery Challenges: The Collection and Preservation of Electronic Evidence

Brett Burney
Advances in electronically stored information (ESI) require litigators to continually stay informed about the related challenges and procedures.

Advances in electronically stored information (ESI) require litigators to continually stay informed about the related challenges and procedures.

d3sign via Getty Images

How do you define a “document” today? Do you automatically visualize an 8.5”-by-11” sheet of paper (or 8.5”-by-14” for us legal folk)? Do you sense the tactile feel of pulverized wood pulp in your hands? The reality is that the paper document you might hold in your hand is only a mere reflection of a “document” because the original file is composed of 1s and 0s sitting on your computer. The world of information today is digital, which means any paper you’re holding has been printed from a digital file . . . unless it’s a handwritten note, microfiche, or a land deed from the 1800s. This is the white-hot nucleus of e-discovery—the discovery of electronic data.

Until 2006, Rule 34 of the Federal Rules of Civil Procedure (and most analogous state rules) was titled “Producing Documents and Tangible Things.” There was no conception of evidence that wasn’t physical, palpable, or tangible. There was no mention of electronic or digital files in the Rule, so clever litigants would attempt to argue that emails or spreadsheets were not “documents” or “tangible things” and, therefore, did not need to be produced. In 1971, Rule 34 was amended to include the phrase “data compilations,” and the 1970 Notes from the Advisory Committee explained that the “inclusive description of ‘documents’ is revised to accord with changing technology,” so presumably that would have included punch cards, which was the type of “data” compiled at the time.

In the early 2000s, when personal computers and the World Wide Web were becoming mainstream, it became apparent that Rule 34 needed another update. In 1995, the Southern District of New York made a bold statement in Anti-Monopoly, Inc. v. Hasbro, Inc. 1995 U.S. Dist. LEXIS 16355 (S.D.N.Y.): “Today it is black letter law that computerized data is discoverable if relevant.” But it took until 2006 for Rule 34 to have its title changed to “Producing Documents, Electronically Stored Information, and Tangible Things.” That phrase, “Electronically Stored Information,” usually shortened to ESI, was purposefully designed to broadly cover all files, documents, and digital data that might need to be collected, reviewed, and produced in litigation. The phrase has withstood the test of time, especially as the original 2006 amendment authors could not have foreseen the developments of WhatsApp, Facebook Messenger, or TikTok, yet all the content in those platforms is indeed ESI and, if relevant in litigation, must be collected, preserved, and produced.

If new and novel file formats were the only consideration we had in e-discovery today, that would be fairly straightforward. An extra complicating layer, however, is the drastically different mediums that society uses to communicate today. To build your case as a litigator, you are definitely interested in what people are typing or texting. If everyone just used email to communicate (like the good ol’ days?), we would have a solitary target for collection. Today, there might be an initial email, but the recipient may choose to respond via text message. And then, someone might create an online Google Doc where folks collaborate and make comments. They might discuss related topics in a Slack channel, and then, ultimately, someone might download the finalized Google Doc as a Microsoft Word document and attach it to an email. What aspects of those interactions are “documents”? How do we determine where each conversation node started and ended? Do we just collect it all, or do we choose to be targeted in our approach?

These are some of the digital-focused challenges facing litigators today. And while it sounds staggering and retirement-inducing, it is simply the reality of the digital world in which we practice. The good news is that there are strategies and resources to help effectively navigate it all.

Keep the End in Mind from the Beginning

While e-discovery—and, in particular, preservation and collection—is the focus of this piece you’re reading, it’s only a small sliver of an overall litigation matter. As a litigator, you have to keep numerous plates spinning throughout a matter, and sometimes, the technological necessities just get overlooked or ignored. That’s unfortunate because studies have shown that discovery (especially the “e” version of discovery) has become the most expensive component of litigation. A study from 2012 calculated that review and productions accounted for 73 percent of total litigation costs (Nicholas M. Pace & Laura Zakaras, Where the Money Goes: Understanding Litigant Expenditures for Producing Electronic Discovery (2012)). Most of this can be attributed to litigators refusing to adjust traditional habits from paper to digital and not using the proper tools available today.

Preservation and collection serve two primary purposes: First, they give you the opportunity to read through important documents, files, and emails to better understand the case. Second, they allow you to review data to determine what should be produced to the opposing party without any modification (spoliation). That’s why it’s important to keep the end in mind from the beginning. Preservation and collection can’t be considered in isolation; you must be thinking about production from the very outset of data collection.

This is because Federal Rule of Civil Procedure 34 and most analogous state rules allow parties to dictate the “form or forms” in which ESI will be produced to them. If you collect data without knowing what “form or forms” the opposing party will request it in, there is a possibility you will have to re-collect and re-produce data, which will require more time, resources, and money (sometimes ordered by the court).

The Preservation Obligation

The process of identification must take place before preservation and collection because it’s important to know what you need to preserve and collect before you start off aimlessly. Part of this analysis should be done in your “early case assessment,” where you learn about the people involved in the matter and events that have transpired so you can craft an effective legal strategy for the matter. Unfortunately, most lawyers completely fail to ask about the data involved, how the individuals were communicating, or where potentially relevant files are stored. These inquiries help you formulate a more comprehensive picture of the costs and time involved with the matter because you are devising a data preservation and collection strategy for review and production.

The bedrock of the preservation obligation is rooted in fairness—to show that files and documents have not been modified between the time they were collected and the time they were produced. Parties to litigation are required to preserve relevant ESI so that it is not destroyed, altered, deleted, or modified while a legal proceeding or litigation matter is pending.

The preservation duty is not explicitly outlined in any rule. As the Sedona Conference Commentary on Legal Holds explains,

The duty to preserve requires a party to identify, locate, and maintain information and tangible evidence that is relevant to specific and identifiable litigation. It typically arises from the common law duty to avoid spoliation of relevant evidence for use at trial and is not explicitly defined in the Federal Rules of Civil Procedure. See, e.g., Silvestri v. General Motors, 271 F.3d 583 (4th Cir. 2001) (applying the “federal common law of spoliation”); Chambers v. NASCO, Inc., 501 U.S. 32 (1991).

The Sedona Conference, Commentary on Legal Holds: The Trigger and the Process, 11 Sedona Conf. J. 265, 267 (2010).

The duty to preserve potentially relevant ESI exists even if you don’t ultimately collect, review, or produce the ESI. In other words, you may need to counsel your client (or the opposing party) that they cannot delete potentially relevant ESI, even if you don’t yet know if it needs to be collected or produced. The preservation duty kicks in when there is a “reasonable anticipation of litigation,” which might look different depending on which side of “v” you are representing.

How do you communicate this to your client or prove that you took reasonable steps to preserve the potentially relevant ESI? This is where a “litigation hold” comes into play. One part of the hold process is to send an email or notification to your client describing the data that needs to be preserved (i.e., not deleted) and track their acknowledgment of that communication. Another part is to put a “hold” on any automatic deletion rules or policies that might be in place. For example, if your client has an established policy or rule of deleting emails older than 90 days, that policy must be suspended for the purpose of preservation. You should document all these actions for defensibility purposes.

Generally stated, parties to a litigation matter must take reasonable steps in good faith to preserve potentially relevant ESI so that it can ultimately be produced to the opposing party. Federal Rule of Civil Procedure 37(e), Failure to Preserve Electronically Stored Information, comes into play in cases where ESI should have been preserved but the party failed to take reasonable steps to preserve it. When contemplating Rule 37(e) violations, courts will generally focus on the act, intent, and culpability of the party, looking to see if there was an intentional act to deprive the opposing party of the ESI and whether the opposing party was prejudiced by the failure to produce. If you fail to inform your client about these responsibilities and fail to oversee good-faith preservation efforts, you and your client might face unnecessary sanctions. These undesirable situations can be avoided by simply taking the time to talk to your client (and their IT professionals) about their information systems, data organizational habits, and deletion policies they may have in place.

Getting to an Acceptable Collection Destination

In the not-so-distant past, collecting documents usually meant pulling paper files out of a desk or filing cabinet. But that has mostly become a bygone era.

Digital Documents and Files

Perhaps the closest analogy to filing cabinets we have today is how people store digital files on a computer, network server, or cloud-based storage system such as Dropbox or OneDrive. Just as people once stored paper documents in manila folders in a filing cabinet, we store digital files today in folder icons on our computers or servers. Most people organize these folders and files in an arrangement that typically makes it easy to find what needs to be collected.

Be aware, however, that simply copying those files from a computer to an external hard drive or uploading them to a cloud storage system could modify the metadata of the files as to their “creation date.” Making a copy typically won’t modify the content of the file, but that is a risk unless you zip the files before copying them or engage a professional forensic examiner to make the copy. Having a client make a simple copy isn’t wrong, but you, as legal counsel, just need to be cognizant of the risks involved if anyone were to question the authenticity of the copied document.

Email

Documents are certainly important, but the primary source of potentially relevant ESI today is still email (although that is quickly getting overshadowed by text messages and collaboration data). When assessing the collection parameters for email, there are typically two primary questions we focus on: (1) Where is the email being hosted? and (2) How are individuals accessing their email? The answers to these questions help tremendously in estimating the time and costs required for collecting and preserving the relevant email.

Many corporations and organizations today host their email through Microsoft 365 or Google Suite, and there are different approaches we might take to collect email from these platforms. For example, if a company is using Microsoft 365, it is possible to access the administrative system to run a search for relevant emails and then export them as a PST (portable storage table) file, which keeps all the metadata intact for each message and associated attachments. Email exports can also be done from a computer running Microsoft Outlook software, but many Gmail users simply access their email through a web browser.

In no circumstances should you allow clients to forward relevant emails and then collect those messages from your email account. In that scenario, the email now has your digital fingerprints on it, which will introduce unnecessary questions during production.

Text Messages

Probably the fastest-growing request for collection in any kind of litigation matter today is for text messages. While email continues to be the primary source of potentially relevant data, many people will often eschew email for the more immediate communication method of text messages. If you are a litigator and need to find communications between your client and others, then you will have to collect and preserve text messages at some point. There are three basic methods for collecting text messages today, ranging from least expensive/comprehensive to most expensive/comprehensive, and it’s your responsibility to assess the potential risks involved with each for your matters.

The simplest method for collecting text messages is to take screenshots. The phone owner can pull up the beginning of a text message conversation, take a screenshot, scroll up, take another screenshot, scroll up, take another, and repeat until the entire conversation is “preserved” in multiple images. The risk with screenshots is simply authenticating where they came from, who took them, and whether they have been modified.

On the other end of the spectrum is the most expensive and comprehensive option, which involves engaging a professional forensic examiner to create a full copy (“image”) of the mobile phone. This image will typically collect everything on the device, from pictures to voice mail and, of course, text messages. If you need someone to testify regarding the process by which the text messages were collected, including the steps for preservation, the professional examiner will be willing and capable to step in.

The sweet spot between these two methods involves using software on a computer to create a local backup of a mobile phone. First, you’ll need to purchase and download the iMazing software on your computer. Second, when you plug a phone into the computer with a USB cable, the iMazing software will create a full backup of the phone contents (the first backup can take a while). Lastly, you can use the iMazing software to search for specific text messages and conversations and export the relevant threads as a PDF file. This method is a good middle ground for costs and collection, although the entire process should be documented for defensibility purposes.

Everything Else

While these are the most relevant aspects of ESI that you should be mindful of today, keep in mind there are always new and inventive file types that will fall under the ESI rubric. Collecting social media posts and profiles, for instance, can be challenging because of the way the services dynamically present information that could change throughout its life cycle. And many organizations today will utilize a collaboration platform such as Slack or Microsoft Teams to communicate instead of email. All this ESI (and more!) will require litigators to continually stay reasonably informed about the related challenges and procedures of modern-day data collection and preservation.

Here are some takeaways to help you stay prepared:

  • Don’t ignore e-discovery—talk to your clients about their data and talk with opposing counsel about forms of production.
  • Keep the end in mind from the beginning.
  • Remember that the duty to preserve kicks in even if you don’t ultimately collect or produce.
  • Know that you might need expert help when it comes to collecting relevant ESI from computers and mobile phones.
Entity:
Topic:
The material in all ABA publications is copyrighted and may be reprinted by permission only. Request reprint permission here.

Brett Burney

Nextpoint Law Group

Brett Burney is the vice president of eDiscovery Consulting at the Nextpoint Law Group, where he advises clients in the collection, preservation, review, and production of electronically stored information for litigation matters and investigations.