Prelude:  Document Retention in the Electronic Age

 

 

Robert D. Kolar

 

 

 

I.

Introduction

The best laid schemes of mice and manufacturers are oft times led astray[1] by a careless word that never should have been uttered in the first place. The word in question is often found in a document that long since should have been destroyed as part of a strictly enforced record retention policy.  Simply stated, in the words of a song popular not so long ago, when dealing with your corporate records, “you’ve got to know when to hold them and know when to fold them.”[2]

When one is faced with litigation about a product your company manufactured and for which you may be responsible, the time for developing a good record retention program will have long since expired.  Your company’s record retention policy should have been crafted to address the particular needs of the company. The policy should determine which documents need to be saved at all, how long they should be saved and how should they be stored.  That record retention policy must also determine what files can and should properly be destroyed.  Remember, however, that good housekeeping can sometimes run afoul of federal and state laws relating to finance, taxes and personnel. Also there are civil requirements for retention of records relative to litigation that could lead to sanctions or monetary awards or adverse jury instructions if they are not met.  Since all of us have made determinations relating to record retention policies, I will not go into that discussion in any great detail here.  However, record retention in the Electronic Age raises an entirely new set of problems and circumstances that must now be built into your record retention policy.

Business records are now created, modified, segregated, distributed and stored electronically.  Much of current communication, which ten years ago would have been by telephone, is now routinely carried out through email, and usually with copies to anybody who might be remotely interested in the subject.  In fact, it is commonly believed that in many companies a third or more of all company data exists only in some computer on or off company premises or in some other electronic storage medium that is accessible by a computer.

II.

Basis for Discovery of Electronic Information

In 1970, when computer technology as we know it today might be considered to have been still in its infancy, Rule 34 of the Federal Rules of Civil Procedure was amended. The amendment specifically included “data compilations from which information can be obtained, translated, if necessary, by the respondent through detection devices into reasonably usable form.”  Federal Rule of Civil Procedure 34(a) now provides:

Any party may serve on any other party a request (1) to produce and permit the party making the request, or someone acting on the requestor’s behalf, to inspect and copy, any designated documents (including writings, drawings, graphs, charts, photographs, phonorecords, and other date compilations from which information can be obtained, translated, if necessary, by the respondent though detection devices into reasonably usable form) or to inspect and copy, test, or sample any tangible things which constitute or contain matters within the scope of Rule 26(b) and which are in the possession, custody or control of the party upon whom the requests is served; or (2) to permit entry upon designated land or other property in the possession or control of the party upon whom the requests is served for the purpose of inspection and measuring, surveying, photographing, testing, or sampling the property of any designated object or operation thereon, within the scope of Rule 26(b).

The Notes of the Advisory Committee issued contemporaneously with the amendment to Rule 34 in 1970 explained this change as follows:

The inclusive description of “documents” is revised to accord with changing technology.  It makes clear that Rule 34 applies to electronic data compilations from which information can be obtained only with the use of detection devices, and that when the data can as a practical matter be made usable by the discovering party only through respondent’s devices, respondent may be required to use his devices to translate the data into usable form.  In many instances, this means that respondent will have to supply a printout of computer data.  The burden thus placed on respondent will vary from case to case, and the courts have ample power under Rule 26(c) to protect respondent against undue burden or expense, either by restricting discovery or requiring that the discovering party pay costs.  Similarly, if the discovery party needs to check the electronic source itself, the court may protect respondent with respect to preservation of his records, confidentiality of nondiscoverable matters, and costs.[3]

Observe particularly that the last sentence of the Advisory Committee Notes authorizes the court to give the discovering party access to the electronic source itself.  This right has been extended to even require the respondent to a discovery request to develop the software programs to extract the electronic information and also to teach the party seeking the discovery how to review and interpret the data.[4]

III.

Electronic Data

Electronic data exists in three separate states: active, archival and residual.  Active data is the data in your personal computers or in your network that is immediately available to you.  Archival data is the data that has been backed up, whether onto tapes or disks or indeed onto other computers in a remote location, which may be used to restore data to the system after a computer failure.  Residual data is often the devil in the discovery process. This is because it is the data that many people believe has been deleted but which still remains available to the keyboard of a computer expert.  Many systems contain a separate file for deleted items, and when an item is deleted from the “Deleted” file, many users come to the erroneous conclusion that the data then is permanently deleted and irretrievable.  In fact, when the “delete” key is pressed, the file is not destroyed or erased.  Rather, the computer merely deletes the reference to that file from the file allocation table, an internal index of all of the files on the hard drive, and the name of the deleted file is also removed from the directory listing.  Since there is no road map to help the computer locate the deleted file, it is for all practical purposes gone.  However, the electronic text that makes up the file remains on the drive until it is over-written by new information or “wiped.”  The latter means the file is truly and completely deleted by over-writing the entire file with a string of zeros or some other combination of digits.  This wiping is accomplished through the use of shredder or utility software programs.

It must be remembered that tools are available to allow a potential adversary to retrieve everything that is on your computer and back up drives, even if it has been “deleted,” so long as it has not been shredded or over-written.

In addition to the actual documents that are retrievable, computers also contain a virtual trail of when the files were created and, for network computers, who created them, when the files were modified and who made the modification.  Your computer records also contain all of the preliminary drafts of a document.

Many computers have backups of which the user is not even aware.  If you have ever noticed a slight pause in the processing speed of your computer, that pause often is caused by automatic backups to what you are doing in the event of a failure in some part of your computer system.  Every time this pause occurs, a “clone” is created and stored.  Therefore, there often are many copies of a document or of a file of which a computer user is never aware.  These clones may be saved in the network but most usually are saved on the individual's hard drive.  Therefore, even after the document or the file is deleted from the server or even shredded or wiped, these clones still can be retrieved from the hard drive.  Imagine your embarrassment if you were successful in totally and irrevocably deleting a given document only to find that your adversary is able to find preliminary drafts of that document with all of their additions and deletions. These preliminary drafts may well be more incriminating than the final document.

Even companies with a good record retention program may forget that a single keystroke presents an exponentially increasing trail of copies and copies of copies of that information.  The information is in the hard drive of the desktop unit and in the memory of the computer network.  It is also on every backup tape made of the network and it is in the buffer memory of printers.  Many sophisticated companies maintain on-site and multiple off-site backup tapes or drives, all of which have the same electronic information.

A good record retention system for both tape and hard drive electronic data will even help you improve your internal efficiency because you will be avoiding filing errors and increasing your own retrieval speed when you have need of your own documents.  A well-managed retention system will reduce the risks of inadvertently retaining some trail of electronic documentation that can and will come back to haunt you in an aggressive discovery program.

So, there definitely is a problem out there and it can come back to haunt you in litigation if it is not addressed properly.  Is there an answer?  The lawyerly response to that question would be “possibly.”  The only way to absolutely ensure that everything that your document retention program says should be destroyed will, in fact, be destroyed, would be to go back to the Stone Age (10 years ago?) and use only telephones and typewriters.  Actually, even that would not be a solution because not using computers and their ability to handle and retrieve vast amounts of data would bring the monoliths of industry and probably our very economy to a crashing halt.  Rather, the prudent manufacturer will establish a document retention policy in concert with its MIS department or a computer consultant.  The same rules you apply to paper documents should also apply to electronically stored confirmation.  The key is to remember that destruction of information pursuant to reasonable, good faith retention policies is your best defense to claims for sanctions for your destruction of that information.[5] However, a corporation cannot blindly destroy documents and expect to be shielded by a document retention policy that is not reasonable or was instituted in bad faith.[6]

A reasonable, good faith retention policy is set out in detail in Lewy v. Remington Arms Co.,[7] and includes the following guidelines:

1.         The length of the retention period should be reasonable for the specific type of document involved, and need not be the same for each type of document.  The Lewy court gives the example that a three-year retention period may be sufficient for documents such as appointment books or telephone messages, but inadequate for documents such as customer complaints.

2.         The frequency and magnitude of lawsuits requiring access to certain types of documents should be considered.  The Lewy court defined a higher duty for preservation of records relevant to those claims that are common to a company’s products, and a duty to preserve them for a longer period of time.

3.         The reason for the adoption of the retention policy can also be important to the reviewing court, because if the retention policy is instituted only in order to limit damaging evidence available to plaintiffs, an “adverse inference” instruction may be proper.

Of course, merely having a reasonable, good faith retention policy would not be a defense to a claim of spoliation of evidence if the party’s usual practice were to ignore the formal retention policy.

IV.

Electronic Mail

Although the Federal Rules do not specifically discuss whether or to what extent email will be discoverable, many courts have held that email is definitely discoverable.[8]

Email is probably the most under regulated portion of your document retention system.  Since it is such an easy and popular way to communicate in the workplace, email users think of it as a substitute for the telephone.  However, the telephone message does not leave a trail whereas email leaves the same trails as discussed above.  Also, whether there is a periodic backup of the network or an automatic backup in your computer or both, email messages are stored and cloned in the same way as other documents created on the computer system.

Since most desktop computers include email and Internet access, they are easily abused and can lead to independent legal liability and employment-related matters.  Many employees send harassing or inappropriate jokes or messages via email which, if seen by third parties or the “butt” of the joke, may lead to litigation.  In addition, improper use of the Internet can result in evidence for employment discrimination or sexual harassment cases.

It is self-evident that an employer cannot totally and completely monitor the use and the content of email and other electronic communication by its employees.  However, those employers should take steps to control what may be in the database and, therefore, potentially discoverable by adverse parties in litigation.[9]

In addition, even if portions of an email message contain attorney-client privileged communications, the non-privileged portion of that message may be discoverable.[10] However, to the extent that privileged communications are sent through the email system, remember that any confidential attorney-client or other proprietary information should be protected from discovery in the same manner that paper documents reflecting that same information would be.  The criteria for maintaining confidentiality between a law firm and its client and between in-house counsel and corporate employees generally are beyond the scope of this paper, except to note that documents that may be otherwise privileged from discovery may, nonetheless, be discoverable if the privilege is lost.

Therefore, rigid policies must be established to ensure that employees exercise a great degree of caution in transmitting confidential or privileged communications.  With respect to company confidential information, policies should be established prohibiting the re‑transmission or forwarding of any such information to individuals outside of the company.  Likewise the information should not be sent or forwarded to employees within your own company whose job function does not require access to the information.  When receiving a message or communication from in-house or outside counsel or when creating any such message, care should be taken to forward or copy the messages only to those individuals specifically cleared by the attorney to receive that information.

When addressing email messages containing company confidential information or attorney-client privileged communications, care should be taken to ensure that the recipients are appropriate.  When using distribution lists, care must be taken to ensure that the lists remain current.

As stated previously, your record retention policy should reflect the documents that foreseeably may be relevant to potential litigation.  In addition, once a lawsuit is filed or you have good reason to believe that one might be filed, the document retention program should include provisions to insure that any document that might be relevant to that specific litigation will be segregated and retained.

Once the lawsuit is filed or is imminent, the attorney you retained to represent your company should work with a designated individual to establish which documents will be preserved, and how they will be preserved and stored.  Depending on the nature of your company and the dispute, this may also require close interaction with the MIS department to educate the attorney with respect to the companies document retention policies and procedures.  Steps that are taken to identify and preserve relevant information should be documented, both to make the actual discovery and document production simpler and more economical and to serve as evidence of your good faith in responding to discovery.

 

V.

Conclusion

In summary, the best time to prevent damaging electronic data from benefiting an adverse party in litigation is at the time the information is generated.  Creation and strict implementation of a good faith document retention system for both paper and electronic information, and scrupulous attention to a rigid email distribution and forwarding protocol will ensure that an adverse party will not be able to rummage through never-ending trails of electronic information.

ENDNOTES

 


[1]           With apologies to Robert Burns and his To a Mouse.

[2]           Kenny Rogers, The Gambler, Kenny Rogers Twenty Greatest Hits (EMI 1983).

[3]           Fed. R. Civ. P. 34 Advisory Committee's Note (1970).

[4]           National Union Elec. Corp. v. Masushita Elec. Indus. Co., 494 F. Supp. 1257 (E.D. Pa. 1980).

[5]           Lewy v. Remington Arms Co., 836 F.2d 1104 (8th Cir. 1988).

[6]           Id. at 1112.

[7]           Id.

[8]           See, e.g., In Re Brand Name Prescription Drugs Anti-Trust Litigation, 94-C-897, M.D.L. 997, 1995 WL 360526 (N.D. Ill. 1995).

[9]           Examples of corporate electronic communications policies can be found in Charles A. Lovell & Roger W. Holmes, The Dangers of Email: The Need of Electronic Data Retention Policies, 44 R.I.B.J., December 1995, pp. 7-8.

[10]          Crown Life Ins. Co. v. Craig, 995 F.2d 1376, 1382 (7th Cir. 1993).

 

(Author's bio)

 

            Robert D. Kolar is a partner in the Chicago office of Tressler, Soderstrom, Maloney & Priess .  He received his undergraduate degree in Physics and Mathematics from Roosevelt University and worked as a Research Nuclear Physicist at the IIT Research Institute.  Mr. Kolar received his law degree from John Marshall Law School where he was elected to the Order of John Marshall.  His practice is concentrated in the areas of risk prevention, products liability and complex technical litigation for United States and foreign corporations.  Mr. Kolar is a member of the state bars of both Illinois and Texas and an active member of the Product Liability Committees of the Federation of Insurance & Corporate Counsel, the American Bar Association, the International Association of Defense Counsel, the Illinois Association of Defense Trial Counsel, and the Defense Research Institute.  He has authored numerous articles and is a frequent lecturer on the subject of product liability and risk prevention.