Home > Knowledge > Blog

Who’s Yo Data? Identifying Sources Is Only the Beginning of Litigation Preparedness

Feb 1, 2023

Imagine that the hustle of New Year activities has gone, and you’re settling into your desk with excitement for the promise that 2023 will most assuredly bring. Then you open a letter to find your company or your client’s company is being sued.

Sigh.

From here, you face two paths: preparedness or panic.

If you’ve taken Level Legal’s advice and shored up your eDiscovery policies by creating an eDiscovery Dream Team, you take a deep breath and relax, confident you know what data is being used, where it’s located, and how to get to it.

But if you haven’t taken these steps, you may need to do some damage control before more serious problems occur. With communications spread over so many platforms, companies without sound policies in place to identify, preserve, collect, review, and produce data will struggle to conduct thorough internal investigations. Or worse, they’ll fail to comply with their production obligations during litigation, leading to fines and other sanctions.

If you’re on the “panic” path, take these steps to preparedness ASAP.

Identifying Data: Failure to Communicate?

Gone are the days when company executives and employees communicated with a few applications. Back then, a company’s tech stack might be comprised of email and a few programs within the Microsoft Office Suite. Cellphone text messages complicated the situation.

Now, however, collaboration tools like Slack and Skype are the norm, even for high-level executives (subscription required). Data shows that the use of these tools has increased from just over 50 percent in 2019 to nearly 80 percent in 2021.

Of course, the COVID-19 pandemic and ensuing reliance on remote work was a major catalyst for the adoption and utilization of these tools. For example, Microsoft Teams noticed an 894 percent growth from March 2020 to June 2020 and now reports it reached 270 million users in 2022. Similarly, Slack earned more than $900 million in revenue between March 2020 and April 2021, a 43 percent increase year-on-year.

But despite much of the world returning to the “new normal,” many businesses are choosing to incorporate remote (or hybrid) work into their future strategies, leading to a continued increase in the tools available for inter-office communication. Informational governance is foundational to ensuring companies have policies and processes regarding the proper use of communication tools. Companies that don’t enforce sound policies on what tools may be used will find themselves struggling to understand what data they have and where it’s located.

Not to mention dealing with Bring Your Own Device (BYOD) policies. If your company follows such a policy, do you have clear procedures outlining such usage?

Preserving Data: The Nightmare of Auto-Delete

Under the common law and the Federal Rules of Procedure, a duty to preserve evidence attaches when a party reasonably anticipates litigation. And while the terms “reasonably anticipates” are the subject of much legal debate, best practices commend a better-safe-than-sorry approach. For sure, legal battles surrounding data retention and various communication platforms (or the lack thereof) are prevalent, as many platforms automatically delete data after a certain period of time. (For example, Slack may delete messages and data after 90 days, depending on your settings. WhatsApp allows users to enable “disappearing messages” that auto-delete after 24 hours, seven days, or 90 days.)

Making matters worse, figuring out how to change these settings isn’t always intuitive, and sometimes, easy access to do so is only available at top-tier pricing levels.

If you’re unsure how your company would fare with an accusation of spoilation, here are some questions to get on the right track:

  • Does your company have clearly outlined policies regarding document retention for the various programs it uses?
  • Do you know what the default auto-delete settings are on each of your platforms?
  • If data is deleted, do you know how to recover it, or if it can be recovered? For example, deleting a Slack channel permanently deletes Slack messages, regardless of your retention settings. In Teams, if a policy is set to retain chats or messages, data is secured even though users will not see their deleted messages.

Arguing that your team or vendor doesn’t know how to access data or change settings won’t be sufficient to prevent reprimands or sanctions for failure to produce or find relevant information. See, WeRide Corp. v. Huang, No. 5:18-CV-07233-EJD (N.D. Cal. Apr. 24, 2020).

Collecting Data: Tougher Than Ever

Data out there is exploding with volume and a variety of new data types. Modern technology, such as mobile devices, file links and modern attachments, and social media has created these common pitfalls with collecting data. According to writer Cassandre Coyer, a Washington D.C.-based legal technology reporter from Legaltech News, here are those three technology pain points:

  • Mobile Devices: Forensic Implications. For example, in-person and remote imaging can be time-consuming, while it can be difficult to decide whether a collection from cloud platforms is complete as users can customize their backups. What’s more, remote target collections are limited and could lead to needing more collections later, which can be inefficient. Meanwhile, new software updates, such as the iOS 16 iMessage features that would allow users to edit sent messages or unsend messages, are also creating their own forensic implications.
  • File Links and Modern Attachments: Collecting modern attachments can be tricky among eDiscovery practitioners because the link that is collected may not be the same version of the file that the custodian originally viewed. By choosing to collect all versions of the file, the risk is being flooded with attachments and collection sizes.
  • Social Media: New privacy compliance requirements have made it harder to collect users’ data, leaving forensic and eDiscovery professionals relying on screen capture and screen scraping tools that are not as efficient.

Reviewing Data: Technology to the Rescue

If you have been diligent enough to set up processes and procedures that allow you to readily identify communication platforms or tools within our organization, as well as pulling the relevant data, you may be staring at thousands (or hundreds of thousands!) of pieces of data from text messages, emails, or even Slack comments. How can you determine what it all means?

Here are some tips for improving your review:

  • Utilizing data analytics If your document review platform or vendor doesn’t help determine patterns and trends within your data, it’s time to switch.
  • Data visualization straight review. Various review platforms help organize data into clusters, groups, charts, and subsets. Without these tools, you may have 250 emails relevant to your search but no real clear pattern or grouping to help interpret the data. However, with the use of a data visualization tool, you might see a chart reflecting that three people within that grouping generally communicate on certain days or times about particular phrases or ideas.
  • Third-party specific review tools. Many of the original document review platforms were initially created to recognize and synthesize emails, not Slack messages or even texts. Utilizing review platforms in connection with these third-party tools may be critical for comprehensive review, particularly when dealing with mobile data and communication tools like SMS text messaging.
  • Busting discovery budgets due to failure to leverage tech.

 

Producing Data: Three Cautionary Tales

As stated, ad nauseum, failure to adequately produce or identify relevant information can lead to sanctions or worse, even in situations where data was not knowingly withheld.

In case you’re not persuaded, the following cases might influence your thinking:

  • Monetary and case terminating sanctions due to deleting/failing to preserve information after hold in place. See Columbia Pictures Indus., Inc. v. Galindo, No. 2:20-cv-03129, 2022 WL 3009463 (C.D. Cal. Jun. 14, 2022), report and recommendation adopted, 2022 WL 3369629 (C.D. Cal. Aug. 15, 2022); Schnatter v. 247 Group, LLC, No. 3:20-cv-00003, 2022 WL 2402658 (W.D. Ky. Mar. 14, 2022).
  • Granting of mandatory adverse inference jury instruction because the defendant modified Slack retention settings from indefinite to seven days after duty to preserve attached. See, In Drips Holdings, LLC v. Teledrip LLC, 5:19-CV-02789, 2022 WL 3282676 (N.D. Ohio Apr. 5, 2022), report and recommendation adopted in part, rejected in part, 2022 WL 4545233 (N.D. Ohio Sept. 29, 2022).
  • Sanctions for failure to produce relevant information due to alleged lack of competency. See Red Wolf Energy Trading, LLC v. Bia Capital Mgmt., LLC, _ F. Supp. 3d _ , No. 19-10119, 2022 WL 4112081 (D. Mass. Sept. 8, 2022). The Court noted: “At a minimum, [defendants’] decision to utilize an unpaid novice in Kazakhstan to conduct its search for Slack messages, rather than an experienced vendor in the United States at a modest cost, … was in reckless disregard of [their] duties under Rule 26 and to obey court orders.”) at 60; see also, DR Distributors, LLC v. 21 Century Smoking, Inc., No. 12 CV 50324, 2022 WL 5245340 (N.D. Ill. Oct. 6, 2022) (half of $2.5 million sanction to sanctioned defendant’s counsel for failing to produce responsive information. Counsels’ missteps, failure to check auto-delete policies, and failure to supervise eDiscovery vendor).

Moving Toward Preparedness

Even if you have a well-oiled data machine in your organization, the beginning of the year is a great time to ensure that your policies and procedures don’t need a tune-up. In fact, in addition to the somewhat obvious benefits of avoiding the dire situations described above, knowing where your data is housed and how to get it and produce it will actually save you time and money in the long run.

Need help managing your data? Contact Level Legal for help.

Greg Moreman leaves nothing to chance. This includes weather forecasts, culinary adventures, and the best time of year to buy a holiday turkey. In fact, if our director of legal compliance services were a proverb, he would be, “Measure twice, cut once.” If he were a rapper, he’d be “Lil Inbox Zero.” Greg’s a generalist, a role Level Legal leans on when growth pains bring new problems or when a new strategy means new processes. Greg handles it. Never complaining. Always willing. His work and his example benefit everyone.

 

 

 

 

 

Explore More
Close Modal

Our Framework

Understand.

During this phase, we work to step away from any assumptions and guesses about what our customers needs, and let our research findings inform our decision-making. We learn more about our customers, their problems, wants, and needs, and the environment or context in which they will use the solution we offer.

Our Framework

Define.

During the Define phase, we analyze our research findings from the Understand phase and determine what is the most important problem to solve — and why. This step defines the goal. Then we can give a clear problem statement, describing what our customers’ needs are that we are trying to solve, making sure that we heard and defined their problem correctly.

Our Framework

Solve.

This phase is an important part of the discipline in our process. People often settle for the first solution, but the most obvious solution is often not the right one. During the Solve phase, we brainstorm collaboratively with multiple stakeholders to generate many unique solutions. We then analyze our potential solutions and make choices about which are the best to pursue based on learnings in the Understand phase.

Our Framework

Build & Test.

This phase is critical in developing the right solution to our customers’ problem. An organized approach to testing can help avoid rework and create exceptional outcomes. Starting small and testing the solution, we iterate quickly, before deploying solutions across the entire project.

Our Framework

Act.

During this phase, the hard work of prior phases comes to life in our customers’ best solution. The research, collaboration, and testing performed prior to project kick-off ensure optimal results.

Our Framework

Feedback.

At the project completion, we convene all stakeholders to discuss what went well, what could have been better, and how we might improve going forward. We call these meetings “Retrospectives,” and we perform them internally as a project team, and with our external customers. The Retrospective is one of the most powerful, meaningful tools in our framework.

Next