The Brief - Fall 2012 - Vol.42, No. 1 - October 17, 2012: "Meeting Your Duties Regarding Electronically Stored Information"

by Nexsen Pruet, PLLC

[author: Gary L. Beaver]
The Brief - Fall 2012 - Vol.42, No. 1 - October 17, 2012

Gary L. Beaver's article appeared in the Fall 2012 edition of the ABA Tort Trial & Insurance Practice Section's The Brief.  It is reprinted here with permission from the American Bar Association.

The law governing electronically stored information (ESI) has been developing at a rapid rate for at least 15 years. For those who entered practice well before these developments, it is time to adapt or die (well, maybe adapt or be sanctioned is more accurate). For the most part, the ESI case law developed in lawsuits involving large amounts of ESI, so the vast majority of litigators have been able to continue with their old ways without having the hammer of the law fall on them. However, like bad fashions and the latest urban slang, the “new” ESI duties are gradually spreading to everyone. It is high time to learn the new ways and develop best practices for handling ESI whether you are an old-timer for whom the computer is merely a peculiar adornment on your desk or a younger lawyer skilled in the use of all the latest electronic gadgetry. If you do not, your opponents will have you for lunch by making your mishandling of ESI the major issue in your cases rather than the actual merits of the disputes.

Prior to changes in the federal and many states’ rules of civil procedure, the courts applied then-existing rules of civil procedure to ESI and developed several duties concerning e-discovery:

1.        the duty to understand your client’s ESI system;

2.        the duty to preserve ESI; and

3.        the duty to locate, disclose, and produce ESI.

The five Zubulake opinions issued by Judge Scheindlin in the Southern District of New York between 2003 and 2005 were very influential.[1] So were information, guidelines, and principles published by the Sedona Conference. Eventually, many of the duties were put into rules. The Federal Rules of Civil Procedure were amended to address ESI in December 2006, and many states have made similar rules changes.[2] These duties were subsequently formalized in many jurisdictions’ civil procedure rules, but also look to case law and local rules to ensure a full understanding of the scope of these duties in jurisdictions where you practice.

The duty to preserve ESI arises early whether the evidence is ESI or non-ESI—usually before a client even consults an attorney—when a party reasonably should know that the evidence may be relevant to anticipated litigation.

When a client engages you, first inform the client of its duty to preserve. This is not as simple as it sounds and not a one-shot task. Have the client issue a litigation hold notice to at least key players in the matter in dispute. Have your client review, suspend, or modify its document retention/destruction policy as needed, or create a proper policy if none exists. Your client cannot use its retention policy to fail to preserve, i.e., “accidentally destroy,” discoverable evidence. Be somewhat specific telling your client what to preserve—do not expect your client to fully understand what evidence might be discoverable in the case. You know the issues better than the client. Monitor compliance by periodically reminding your client of its ESI preservation duties and checking to ensure the litigation hold is being followed.

While these duties apply to all discoverable evidence, they are particularly important with respect to ESI because many companies routinely “destroy” ESI by erasing it after a certain period of time has passed from its creation to make room for more ESI. To the extent practicable, you may want mirror images made of important hard drives to ensure that relevant information is preserved. Many jurisdictions now have rules that provide a limited safe harbor for the routine destruction of ESI so long as the party took reasonable steps to preserve the information after it knew or should have known the information was discoverable in the action and the destruction was because of the routine operation of the party’s electronic information system. Such rules reflect common law on spoliation, which generally requires a “culpable state of mind” in destroying relevant evidence before sanctions will be imposed.

Second, send an evidence preservation letter to the opposing party. This is especially important if you think that there will be disputes over the scope of the case and scope of discovery. You do not want the opposing party to be able to say it did not know the damaging evidence it destroyed was relevant to the dispute. For both types of preservation letters—those to your client and those to opponents—develop pro forma letters into which you can fill appropriate party identifications and make edits to tailor the letter to your client’s or opponent’s matter.

Third, make serious efforts to understand your client’s ESI system. Federal Rule of Civil Procedure 26(a)(1)(A) requires in your client’s initial disclosures a description by category and location of all ESI that your client may use to support its claims or defenses. Document requests from your opponent will seek additional ESI in virtually every lawsuit. In the past, litigators would send the written interrogatories and document requests to their clients and ask them to provide the relevant information. Today, however, you can no longer sit back and count on your client’s completeness in telling you what information it has. Force your client to explain what ESI it creates and what ESI it stores. Your client contact is unlikely to know everything about the client’s IT system, so find out to whom else you must speak. Do not expect your client to always know if its production is complete. Attorneys have been sanctioned for failing to find and produce ESI from a computer that was part of an old computer system (known as a legacy system) when the client was unaware that the old computer held the data and only found the data by accident well into the discovery period.[3]

Similarly, do not expect your client contact to know if the client is producing more ESI than requested. It is your job to find out. For example, electronic documents have “metadata”—information about when a document was created, edited, sent, and received, or how data on a spreadsheet was calculated—embedded in them that does not appear when the document is printed or seen on the screen. You might unknowingly produce metadata that waives a privilege or gives away a trade secret or fail to produce metadata if it was required to be produced, leading to sanctions for discovery failures.

It is very important to talk to your client’s IT personnel, who may be the only ones with knowledge of all of the client’s ESI storage devices. Ask probing questions about the ESI system, ESI devices used by personnel (including those we all carry in our pockets and use for mixed business and personal uses), storage of backup and archival data, retention/destruction of data, and disposition of old ESI storage hardware. You can be personally sanctioned for failing to ask the right technical questions. If you do not understand technical ESI terms, become knowledgeable in any way you can. If your firm or company has IT personnel, they can help you. Otherwise, you have to do some searching and reading on the Internet and/or attend relevant ESI-oriented CLEs to know at least enough to ask the right probing questions.

In cases where ESI is likely to be sought, you should also inventory your client’s ESI. Create an ESI schematic showing sources of ESI storage, such as servers, desktops, laptops, magnetic disks (e.g., computer hard drives or floppy disks), backup and archival magnetic tapes, USB flash drives, zip drives, optical disks (e.g., CDs or DVDs), PDAs (e.g., BlackBerries or Treos), pagers, cell phones, and home computers. Determine what ESI is inaccessible due to undue burden or cost (e.g., backup tapes or archives). Find out what backup tapes exist and have them inventoried; consider the need to take a snapshot of all possibly relevant ESI. If your client has the right to access ESI held by others, include those other ESI sources in your ESI schematic and identify such ESI in discovery responses if requested and discoverable.

Do the same with regard to the opposing party’s ESI systems, usually through formal discovery. Discover what you can in your first round of written discovery and/or in initial depositions. You may need to take preliminary depositions of the opposing party’s IT personnel prior to merits discovery to ensure that you have obtained the relevant ESI. Once you know the potential ESI sources on both sides, work with opposing counsel to create search protocols. You may have to ask the court to establish protocols especially if you cannot agree, or do not trust, the opposing party, or if that party is obstructive or there are other complications. For example, in Ferron v. Search Cactus, L.L.C.,[4] the court had to assist with protocols to search the computers of a lawyer who worked out of his home because the computers also contained irrelevant personal information. In depositions, explore your opponent’s efforts to search for ESI. For example, find out what ESI devices every witness has used while doing your opponent’s business and then find out if anyone checked each of those devices for what you requested in discovery. If you do not inquire deeply enough of the opposing party, you will likely either fail to obtain complete discovery or fail to put the opposing party in the adverse litigation position it would richly deserve for its discovery production failures.

You cannot properly do other duties—meet and confer, scheduling, ensuring your client preserves discoverable ESI, and obtaining complete discovery from your opponent—without first understanding what ESI your client and your opponent stores and where. The federal rules and some state rules require the court to address ESI discovery in the scheduling or case management order. Concomitantly, the parties’ attorneys must meet and confer to discuss ESI discovery and include provisions governing it in a proposed discovery plan to be incorporated into the court’s scheduling order. Such issues include the forms in which ESI should be produced and any issues relating to preserving discoverable information. Consider whether you need metadata (which is typically not produced unless specifically requested) or to have the ESI in a particular format. Do the parties want hard copies or PDF, TIFF, HTML, or native files? Consider developing e-discovery protocols and directives to provide to experts hired to examine or download the ESI. You cannot wait until discovery requests are exchanged before thinking about these types of issues. The pocket guide for ESI discovery issued by the Federal Judicial Center for use by federal judges suggests meeting with your client’s key IT personnel well before the meet and confer deadline and even having them attend the Rule 26 conference.[5]

Identify possible limitations on or bases to withhold discovery. Rules of civil procedure that address ESI generally allow parties to withhold inaccessible ESI due to “undue burden or cost.” Make sure you know what “inaccessible” and “undue burden or cost” mean in your jurisdiction. Still preserve the withheld ESI and disclose and identify such ESI so that your opponent can challenge if it chooses.

The actual identification of discoverable ESI and its production can be a complicated matter. In a small case, it is relatively simple to gather ESI for a small window of time from a few key players. In cases involving massive amounts of e-mail traffic in a large company, the search for and review of requested, discoverable ESI can be prohibitively burdensome as to time and expense in reviewing millions of pages of documents. In such cases, many attorneys resort to formulating search protocols using key search terms or, more recently, predictive coding. The selection of one search method over another generally is dictated by which method is more precise in identifying relevant information at a cost proportionate to what is at stake in the lawsuit. You may have to engage some outside assistance to help develop appropriate protocols—a process that may include creating the search parameters, then testing and refining them several times before your client will have been deemed to have fulfilled its production duties. Even searching your client’s ESI can be risky. You can be held personally responsible for the inadequacy of your client’s search parameters.

In some cases, the parties decide that it is more cost-effective to allow the opposing party to take a “quick peek” at some category of documents to ensure that the request is seeking ESI down a blind alley. In other cases, the parties may decide to produce unreviewed masses of ESI and agree to a process by which the producing party is permitted to demand the return, i.e., “clawback,” of ESI that was inadvertently produced for which the producing party has some privilege or other legitimate reason to withhold the ESI. However, if you do not take care in creating the search protocols, you may waive privileges attached to documents that you inadvertently produced.[6] Some jurisdictions have added a provision to Rule 26 that specifically allows for the clawback of privileged ESI.

In cases where the ESI production is costly, you may also be able to shift to your opponent some of the production costs but likely need a court order to do so.

You may find it a struggle to keep up with ESI law as it evolves, but you must try.[7] Also learn the peculiarities of admitting ESI as evidence. A good place to start is by reading Lorraine v. Markel American Insurance Co.[8]

If you do not ensure that your client searches all of its ESI devices and archives and produces complete, unaltered copies of the discoverable ESI, your client may be subject to a wide variety of sanctions, including dismissal, adverse inferences, striking of claims and defenses, monetary penalties, and paying the opposing party’s attorney fees, and you may be subject to sanctions as well. In Qualcomm Inc. v. Broadcom Corp.,[9]the plaintiff was sanctioned for $8.5 million in legal fees for the defendant, and the plaintiff’s counsel was reported to his state bar for withholding 300,000 pages of relevant ESI until after trial. Your carrier will not be impressed. In a Florida state case, Morgan Stanley had the burden of proof shifted to it though it was the defendant for failing to produce backup tapes of e-mails; the jury awarded the plaintiff $600 million in compensatory damages and $850 million in punitive damages. It is hard to imagine how properly producing damaging e-mails could have been worse. (Morgan Stanley later dodged this bullet when the appeals court reversed;[10] imagine the wait for that decision.)

Obviously, you must take your ESI duties seriously. To do so, you have to stay current about the latest technology used to create, transmit, and store ESI. Who knew 20 years ago about iPads, USB flash drives, PDAs, digital cameras, smart phones, memory cards, text messaging, and tweeting? New methods of creating and storing ESI are constantly being developed or evolving. You need to know about them so that you can ask the right questions and find the most pertinent relevant evidence.


[1]See Zubulake v. UBS Warburg LLC, 382 F. Supp. 2d 536 (S.D.N.Y. 2005); Zubulake v. UBS Warburg LLC (Zubulake V), 229 F.R.D. 422 (S.D.N.Y. 2004); Zubulake v. UBS Warburg LLC (Zubulake IV), 220 F.R.D. 212 (S.D.N.Y. 2003); Zubulake v. UBS Warburg LLC (Zubulake III), 216 F.R.D. 280 (S.D.N.Y. 2003); Zubulake v. UBS Warburg LLC (Zubulake II), 230 F.R.D. 290 (S.D.N.Y. 2003); Zubulake v. UBS Warburg LLC (Zubulake I), 217 F.R.D. 309 (S.D.N.Y. 2003).

[2]See Rules and Statutes, Kroll Ontrack, (last visited Aug. 29, 2012).

[3]See Phoenix Four, Inc. v. Strategic Res. Corp., No. 05 Civ. 4837, 2006 WL 1409413 (S.D.N.Y. May 23, 2006).

[4]No. 2:06-CV-327, 2008 WL 1902499 (S.D. Ohio Apr. 28, 2008).

[5]Fed. Judicial Ctr., Managing Discovery of Electronic Information: A Pocket Guide for Judges (2007), available at$file/eldscpkt.pdf.

[6]See Victor Stanley, Inc. v. Creative Pipe, Inc., 250 F.R.D. 251 (D. Md. 2008).

[7]See, e.g., Pension Comm. of Univ. of Montreal Pension Plan v. Banc of Am. Sec., LLC, 685 F. Supp. 2d 456 (S.D.N.Y. 2010), abrogated on other grounds by Chin v. Port Auth. of N.Y. & N.J., 685 F.3d 135 (2d Cir. 2012).

[8]241 F.R.D. 534 (D. Md. 2007).

[9]No. 05cv1958-B, 2008 WL 66932 (S.D. Cal. Jan. 7, 2008), vacated in part, Qualcomm Inc. v. Broadcom Corp., 2008 WL 638108 (S.D. Cal. 2008).

[10]Morgan Stanley & Co. v. Coleman (Parent) Holdings Inc., 955 So. 2d 1124 (Fla. Dist. Ct. App. 2007).

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Nexsen Pruet, PLLC | Attorney Advertising

Written by:

Nexsen Pruet, PLLC

Nexsen Pruet, PLLC on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.