July 24, 2013 Articles

Defensible Deletion: The Touchstone of Effective E-Discovery

What are your clients doing to address the massive amounts of electronic data that expose them to litigation risks?

By Philip Favro

When Rambus, Inc., found itself on the wrong side of a terminating sanctions order due to evidence spoliation, the Silicon Valley–based chip manufacturer probably started to take inventory on what it might have done differently to have avoided such a fate. See Philip Favro, Bad Faith Retention Policy Leads to Terminating Sanctions, "e-discovery 2.0," Jan. 4, 2013. Although that list could have included any number of entries, somewhere near the top had to be an action item to revamp its information retention policies and litigation hold procedures. Breakdowns in and deviations from those protocols led to the destruction of critical electronically stored information (ESI). This, in turn, eventually resulted in the corresponding court order in Micron Technology, Inc. v. Rambus, Inc., No. 00-792-SLR (D. Del. Jan. 2, 2013), which declared several of Rambus’s patents unenforceable. The matter culminated in a judgment in favor of its competitor, Micron Technology, regarding the parties’ long-running feud.

Fortunately, most companies will never have to deal with the fallout from having their patents declared unenforceable as an e-discovery sanction. Nevertheless, they still struggle with the same cost and logistics issues associated with information retention that ultimately tripped up Rambus. Although there are no quick or easy solutions to these problems, a method ever increasing in popularity for effectively dealing with them is an organizational strategy referred to as defensible deletion. A defensible deletion strategy could encompass many items. But at its core, defensible deletion is a comprehensive approach that companies implement to reduce the storage costs and legal risks associated with the retention of ESI. Organizations that have done so have been successful in avoiding court punishment while eliminating ESI that has little or no business value.

Developing an Overall Strategy for the Retention of Data
Most companies tend to agree that adopting a defensible deletion strategy makes business sense. In response to a recent industry survey, 96 percent of respondents agreed that a defensible deletion strategy is “absolutely necessary” to reduce the costs and risks associated with information retention. See Barry Murphy, New eDJ Group Report Available: Defensible Deletion Topic Overview, "eDiscovery J.," Jan. 10, 2013. Despite the perceived benefits of defensible deletion, other surveys confirm that companies are still delaying implementation of the procedures that would enable this strategy. This is often the result of many factors. For example, organizations often do not have information retention policies. In many enterprises, the key stakeholders responsible for defensible deletion—lawyers and information technology (IT) professionals—frequently have trouble working together. Yet, without these elements, companies unwittingly delegate to their operations-level employees the duty to manage, archive, and discard data. Allowing employees to manage company information arbitrarily is often disastrous.

Thus, the first step to implementing a defensible deletion strategy is for organizations to ensure that they have a top-down plan for addressing data retention. This typically requires that legal and IT are cooperating with each other. These departments must also work jointly with records managers and business units to decide what data must be kept and for what length of time. All such stakeholders in information retention must be engaged and collaborate if the organization is to create a workable strategy.

This is especially important for email. Based on my practice experience, I have found that email (and its destruction) generates more e-discovery headaches than any other source of information. But the answer to this problem is not to keep all company email. That would cause an organization to increase operating expenses needlessly while stockpiling useless and, in some cases, risky information. Instead, legal and IT should set a period for retaining email that is reasonable in relation to the enterprise’s business, industry, and litigation profile.

Cooperation between legal and IT naturally leads the organization to establish records retention policies, which carry out the key players’ decisions on data preservation. Such policies should address the particular needs of an organization while balancing them against litigation requirements. This will enable a company to reduce its costs by decreasing data proliferation. In addition, it will minimize a company’s litigation risks by allowing it to limit the amount of potentially relevant information available for future litigation.

Using Technology to Facilitate Defensible Deletion
In the digital age, an essential aspect of defensible deletion is technology. Without it, organizations cannot realistically expect to reduce data volume and the resulting legal exposure of the data.

A particularly useful innovation that can help address the costs and risks of stockpiling data is archiving software. A software archive provides organizations with a central repository to manage company ESI. One of the critical functions of that repository is data classification. Automated classification tools analyze and tag data content as it is ingested into the archive. Depending on the content, categorized ESI may be assigned a particular retention period or may be flagged for deletion. This enables organizations to retain information that is significant or that otherwise must be kept for business, legal, or regulatory purposes—and nothing else. They can also search for data with greater efficiency, which will help reduce expenses downstream when documents must be retrieved in response to legal demands.

A central archive can also reduce costs through efficient data storage. For example, the repository’s automated processes can expire data in accordance with retention policies. In addition, many archives employ deduplication technology, which preserves only a master copy of each document. By storing only one copy of a document, archives free up space on company servers for the retention of other materials and ultimately lead to decreased storage costs.

Archiving software can further diminish legal risks by helping remove information management decisions from the exclusive control of rank-and-file employees. While employees can use the software to access their archived email and other ESI, it can be programmed to prevent employees from deleting or modifying that data. This is significant because employees may be tempted to conceal their errors. Moreover, ordinary employees may lack the depth of corporate knowledge necessary to determine what documents must be retained for business, legal, or regulatory purposes.

And by relying on an automated process rather than employees to manage and expire data, an organization may further reduce litigation risks through the “safe harbor” for the destruction of electronic information under Federal Rule of Civil Procedure 37(e). Those provisions are designed to protect organizations from court sanctions when the ordinary, good-faith operation of their automated systems causes email, archival data, and other electronic information to be overwritten and destroyed. See Philip J. Favro, Sea Change or Status Quo: Has the Rule 37(e) Safe Harbor Advanced Best Practices for Records Management?, 11 "Minn. L.J. Sci. & Tech." 317 (2010). The automated processes of a software archive, which expire ESI pursuant to company retention policies, dovetail with the safe harbor’s requirements. See Viramontes v. U.S. Bancorp, No. 10 C 761, 2011 U.S. Dist. LEXIS 7850 (N.D. Ill. 2011) (invoking the Rule 37(e) safe harbor to protect defendant from sanctions for destroying emails before its preservation duty was triggered).

Developing an Effective Legal Hold Process for E-Discovery
Another critical aspect of a defensible deletion strategy is the development of an effective legal hold process for e-discovery purposes. As in the creation of ESI retention policies, the legal department should work cooperatively with IT to create a protocol for how the organization will address document preservation in response to legal and regulatory actions. Such a process will likely involve the designation of officials who are responsible for issuing a timely and comprehensive litigation hold. This will better ensure that ESI subject to a preservation duty is actually retained and thereby help an organization avoid the mistakes that often characterize e-discovery both before and during litigation.

Using an E-Discovery Platform to Enable Legal Holds
To facilitate the legal hold process, organizations should consider deploying an e-discovery platform with the latest in legal hold technology. E-discovery platforms can enable automated legal hold acknowledgements on various custodians across multiple cases. That functionality allows organizations to place data on hold through a single user action. Such a proactive approach can help organizations eliminate concerns that ESI may slip through the proverbial cracks of manual, reactive hold practices.

To enable a strategic and seamless legal hold placement on ESI, the e-discovery platform should also be compatible with the software archive. Such integration allows an organization to suspend aspects of its automated retention policies efficiently. In addition, it enables parties to identify and collect pertinent ESI quickly from the archive for immediate processing, search, and analysis without the costly and time-consuming involvement of third-party vendors.

Finally, a platform should also provide transparency regarding user actions. Such transparency ideally would enable an organization to establish a chain of custody for each email, document, or file across the entire spectrum of information governance. All of which has the effect of obviating costly investigations that are often required to address an organization’s information retention practices and e-discovery review efforts.

Conclusion
Organizations are experiencing every day the costly mistakes of delaying implementation of a defensible deletion program. Although they may not necessarily result in the unenforceability of key patents, those mistakes are wasting precious company resources at the expense of innovation and revenue. Fortunately, this trend can be reversed through a commonsense strategy that, when powered by effective, enabling technologies, can help organizations decrease the costs and risks associated with the exponential growth of ESI.

Keywords: litigation, technology for the litigator, information retention, e-discovery, Rambus, safe harbor, information management, information governance, litigation hold, legal hold, sanctions, federal rules


Copyright © 2013, American Bar Association. All rights reserved. This information or any portion thereof may not be copied or disseminated in any form or by any means or downloaded or stored in an electronic database or retrieval system without the express written consent of the American Bar Association. The views expressed in this article are those of the author(s) and do not necessarily reflect the positions or policies of the American Bar Association, the Section of Litigation, this committee, or the employer(s) of the author(s).