The Legal Duty to Preserve Electronic Business Records: The New Rules

The Enron debacle presented a particularly egregious example of document “spoliation,” an organized, massive, and deliberate destruction of documents that were highly relevant to inevitable litigation and governmental investigations. But destroying documents, even in less dramatic ways, can pose serious problems and risk, especially electronically stored information. If such documents or records are destroyed, a business litigant could be faced with charges that it destroyed relevant information. Likewise, a party asserting such a claim could allow critical electronic records to become lost and no longer subject to production or examination in the proceedings. The party successfully asserting spoliation could seek discovery sanctions from the court, which could include an adverse determination on critical issues in the case, the imposition of judgment or dismissal, or instructions allowing the jury to draw adverse inferences against the party that allowed or permitted the destruction of documents. Obviously, litigants desire to avoid all of these possible sanctions.

The Federal Rules of Civil Procedure were recently amended to address the topic of discovery of electronic data, records, and communications. Many of these new amendments relate to how discovery of such records can be efficiently managed during the litigation process through means such as discovery management plans. These aspects of the rule changes are important to parties because their personnel will be crucial participants in this planning and preservation process. They also have to ensure that counsel is fully informed as to the operation and architecture of the company’s IT system.

Of special relevance and concern is the amendment to the section on “sanctions,” which reads in its entirety as follows:

“Absent exceptional circumstances, a court may not impose sanctions under these rules on a party for failing to provide electronically stored information lost as a result of the routine, good-faith operation of an electronic information system.”

Unfortunately, this brief paragraph raises more questions than it answers. One key point is that it relates to instances where documents are deleted in the course of routine operations. If deletion decisions are made outside this context, the “safe harbor” protection may not automatically apply. “Exceptional circumstances” is an undefined term that will be subject to future determination on a case-by-case basis.

Another key concept is “good faith.” One of many formulations of this concept is “honesty of intention, and freedom of from knowledge of circumstances which ought to put the holder upon inquiry.” Since bad faith is difficult to prove, this might seem to be a wide harbor of safety; at least in theory, a party can be negligent but still act in good faith.

Businesses should strive to implement a preservation plan that goes beyond good faith and meets the higher standard of reasonableness. Not only will this create an added degree of protection from discovery sanctions, it will also address possible direct liability for document spoliation, which can provide a basis for civil liability separate from the discovery rules.

General Considerations of a Reasonable Electronic Record Management System In setting up a record retention system in advance of a lawsuit or notice of a claim, a business can take advantage of a comprehensive and informative analysis prepared by The Sedona Conference. “The Sedona Guidelines: Best Practice Guidelines & Commentary for Managing Information & Records in the Electronic Age” may be downloaded at www.thesedonaconference.org. It articulates and expounds upon basic principles and guidelines with an extended discussion and analysis of each. In addition, it cites many relevant court decisions and contains a glossary and discussion of technical concepts.

The Guidelines contain the follow overarching principles for an organization considering an electronic record management system:

  1. The organization should have reasonable policies and procedures for managing its information and records.
  2. The policies and procedures should be realistic, practical, and tailored to the organization’s circumstances.
  3. It is not necessary to retain all electronic information ever generated or received.
  4. The organization should also develop procedures to address the creation, identification, retention, retrieval, and ultimate disposition or destruction of information and records.
  5. The policies and procedures must mandate the suspension of ordinary destruction practices to comply with preservation obligations related to actual or reasonably anticipated litigation, government investigation, or audit.

Beyond these starting points, companies should consider the following:

  • Developing the record management plan should be a business priority. In addition to the key and continuing roles of in-house counsel and IT specialists, senior management should be actively involved in reviewing, revising, and approving the plan, as well as reevaluating it as necessary.
  • Periodic reevaluation is essential so the system reflects current technology.
  • There is no “cookie cutter” or single best system that will work for all organizations. The system should reflect the organization’s unique architecture.
  • The system cannot allow destruction of “bad” or embarrassing documents. This can lead to the most severe sanction of default judgment.
  • It is important to educate all employees about the record management program. Monitoring implementation and observance, including periodic compliance reviews, is also important.
  • Destruction of documents pursuant to a reasonable retention plan does not constitute spoliation, even if they later turn out to be relevant to litigation. To quote the Sedona Guidelines, “[i]t is imperative, however, that destruction is carried out consistently and non-selectively in conformance with the standard operation procedures of the organization.”

Litigation Holds — Pre- and Post-Litigation Events may arise that require a business to interrupt its routine record deletion policy and place “holds” on the destruction of records. This can happen both before and after litigation is commenced. The duty to place such holds arises most clearly when a party is actually sued, but it also arises upon notice of a possible claim or suit, such as an accident or product failure that is likely to give rise to a future controversy.

Once there is a suit or potential claim, the legal department will likely become a central decision-maker working with IT personnel and others in implementing the hold. It is essential to issue a hold on document destruction as promptly as possible. Initially, depending on the size of the organization, the hold might be company-wide, but can later be tailored to persons and departments likely to have relevant information. As this analysis develops, other persons or departments within the organization can be released from the hold and routine documents destruction recommenced. The need for a hold on destruction should be effectively communicated in a way that makes clear the importance and immediacy of the hold.

It is wise for the legal department to create a checklist of circumstances when such a hold might be triggered. Prior to explicit notice or actual suit, the policy should include such matters as who has the authority to issue a hold, who is responsible for communication of the hold within the organization, who is responsible for implementation, and who has the authority to release the hold in whole or in part.

The hold may also need to include third parties, such as accountants, who might have relevant documents that are effectively in the control of the company.

A recent case addressed the difficult issue of when a duty to preserve specific records might arise prior to explicit notice or the filing of suits. The court held that the duty arises if the company has notice that litigation is likely, but not if it is a mere possibility. Part of the court’s analysis included the burden and cost of preserving vast amounts of evidence. The court also recognized that the total cessation of routine practice could create the undesirable result of greater accumulation of massive and irrelevant data that would ultimately be more time-consuming and expensive.

Conclusion
In the final analysis, the new rules recognize the practical reality that no system can be perfect and that a good faith and reasonable system should provide protection, even if some relevant electronic documents are unintentionally destroyed. A convenient way of stating a goal for legal protection is to take all reasonable steps to make the preservation system as perfect as practically possible, given the business needs and limits of the organization.

 

wrj