[author: Kaiser Wahab]
Social media is business media. In 2012, everything from Twitter to Facebook are no longer relegated to the fringe of personal vanity projects. And to wit, company PR, HR, R&D, and every other conceivable department, has either thoroughly studied leveraging social media tools, or are already doing so. Yet, with all this social media giddiness, many operations have forgotten the age old specter of legal preparedness. And where Fortune listed companies now have more than fifty percent Facebook and Twitter penetration, that specter can be disastrous, if not addressed sooner than later. In particular, one should be aware the data retention obligations that have long dogged email and other “traditional” electronic communications are now being applied to social media.
E-Discovery is not just for Email Anymore; Social Media Subject to the Same Exposure
Discovery is the process that governs the disclosure of documents and communications to the other side in a lawsuit. Usually when put on notice that a lawsuit might be pending, a company must take concrete measures to preserve so called “electronically stored information” (“ESI”). Traditionally, this meant documents (e.g., WORD, PDF, etc.) and emails. However today, social media posts and other activity also fall under the ESI umbrella. Rule 34 of the Federal Rules of Civil Procedure lays out the scope of ESI per a 2006 amendment, with the advisory committee on the amendment stating it was “intended to be read expansively to include all current and future electronic storage mediums.” As a result, ESI has been interpreted to encompass social media. With this wide a net, ESI can now capture any and all electronic communications, no matter how brief or social media driven (think Twitter). Moreover, data stored in the “cloud” is also up for grabs.
Company Document Retention Policies Must Evolve to Address Social Media Activity
Nearly every business should have a document retention policy in place. The preservation standard that should drive the business’ policy is “reasonableness and proportionality” (i.e., how reasonable were the efforts of that business in light of its own unique character and nature). And the goal behind any well articulated policy is to cut off lines of attack (particularly, the argument that your business deliberately or negligently destroyed relevant business data) from a party commencing a lawsuit.
Secondly, to the extent a policy exists but does not incorporate social media, it should be updated to do so immediately. Moreover, the trend is to take the procedures in place for email (storage/retention periods) and apply them to social media communications (after all, email is the granddaddy of document retention headache). By doing so, the business can maintain an internally harmonious procedure across media.
Finally, each business should be aware that in light of the standard set forth above, its own unique industry customs and regulations must be taken into account in drafting a policy. In fact, many industries have specialty agency oversight and these agencies have articulated their own standards and procedures for ESI retention (clients in the securities realm must take note of the SEC’s own crop of rules governing social media and what constitutes “dissemination” or “public” communications).
There is an Entire Crop of Vendors That Specialize in Storing Social Media/ESI
Major corporations are slightly ahead of the curve, as their in house counsel have already identified strategic vendors to preserve their social media activity. Some players in this space include CoTweet, Backupify, and SocialSafe. All three have their unique pros/cons, including security/encryption, automation, and storage facilities. Also, bear in mind that each business is unique and some of these vendor contracts are subject to negotiation (e.g., retention period and encryption level.) Hence, your business’ IT staff and legal counsel should work together to produce the most tailored contracts possible.
Real World Implications
Perhaps the most well known instance where a company ran afoul of lacking and enforcing a document retention policy was the Micron Tech. v. Rambus case. There, the court took very unkindly to the fact Rambus just recently enacted a retention policy in and around the time they were about to file suits on its patents and, moreover, Rambus was destroying documents just prior to filing suit. Indeed, the court was so incensed by the situation that it actually ordered that the subject patents were outright unenforceable against Micron Tech!
What it means for YOUR Business
Courts have long frowned upon poor data retention and lacking polices. As a result, there is a long history of court ordered sanctions in the e-discovery realm.
No Business is immune to the very real sting that social media can bring, when a lawsuit knocks on its door. And no business can procrastinate on implementing document retention policies designed to address their social media programs. Hence, all businesses with something to lose and potentially in the cross hairs of a lawsuit should be keenly aware of their ESI profile and should consult with counsel to assure their policies account for social media.