This Week in eDiscovery: The Duty to Preserve Ephemeral App Data, Employee Compliance with Electronic Communication Rules

Written by

Every week, the Array team reviews the latest news and analysis about the evolving field of eDiscovery to bring you the topics and trends you need to know. This week’s post covers the week of July 8-14. Here’s what’s happening.

Failure to Retain Ephemeral Data Could Lead to Long-Lasting Headaches

Just because your data is gone, don’t assume that it’s been forgotten. In fact, it’s a good idea to rethink just how “gone” that data really is.

This is a lesson that several companies are learning about ephemeral messaging apps. These apps delete users’ messages and related files from their servers within a relatively short time frame, in some cases 24 to 72 hours. But that data may still live on individual user devices after it’s deleted from app servers, which means — if the duty to preserve is invoked — companies must take steps to retain that information. (In fact, the FTC and the Justice Department explicitly warn companies about ephemeral data in their standard preservation letters.)

Two Canoes LLC v. Addian Inc., a case from New Jersey, shows what can happen when ephemeral messaging app data isn’t preserved. The plaintiff company alleges that it was sold fraudulent N95 masks during the pandemic, Kelly Twigger notes in her latest “Case of the Week” on her eDiscovery Assistant blog.

The plaintiff also sought sanctions in the case because the defendant’s CEO — who had preserved and produced email, text messages and other electronically stored information (ESI) — did not produce any of his old WeChat messages. He hadn’t preserved any of them. In fact, he had recycled or otherwise got rid of two phones after the duty to preserve arose. (A third phone was disposed of before then.)

A magistrate judge determined the CEO hadn’t taken reasonable steps to save the WeChat data. The judge also found that at least some WeChat messages were lost during the relevant period. But they stopped short of saying the CEO acted with intent or prejudice. That will be left up to the jury to decide during the actual trial. (Which is one more fight that defense will find itself fighting.)

Counsel has to understand what data may exist on their clients’ phones and if it could be at risk of deletion, Twigger notes.

A good retention policy and employee training might have helped, too. The defendants could have saved themselves a lot of trouble — and attorney fees — if they had a plan to automatically preserve ephemeral data. Interviewing custodians about the different sources of ESI that needed to be preserved could have prepared the defendants for issues early on.

Survey: Many Financial Firms Struggle with Compliance Over Electronic Communication Rules

Having strong policies around electronic communication is necessary. Getting employees to follow them isn’t always easy, though.

Global Relay, a maker of compliant communication software, recently surveyed professionals in charge of compliance, risk, data and surveillance at financial services firms.

About 65% of them said their No. 1 issue is getting employees to comply with the rules. Avoiding apps like WhatsApp or WeChat for business is a particular concern.

In a lot of cases, employees know the rules. They just don’t follow them — even though regulators have handed out almost $3 billion in fines over the past two years for related violations.

So how can you get your people on board?

  • Some firms are doing away with bring-your-own-device policies and requiring employees to use company-issued phones that can monitor for use of forbidden apps.
  • Some are forbidding any use of WhatsApp and WeChat, though again, many employees simply ignore the bans.
  • Others are adopting compliance tools that allow employees to use the apps — which can be incredibly useful for work — while also preserving the necessary data. As we’ve noted before, employees need less formal ways of communicating outside email.
  • Another key is more detailed training. Tell employees exactly which apps are and aren’t allowed. A surprising number of firms fail to spell this out.
  • Surveillance software and periodic audits can help uncover noncompliance, too.
  • Some firms, if they get fined, are making sure that bonuses reflect that fact. As Global Relay noted: “Bigger fines do focus the mind.”

Other recent eDiscovery news and headlines:


Julia Helmer; Director, Client Solutions

With a decade of expertise, Julia excels at optimizing enterprise eDiscovery workflows from start to finish. With a deep understanding of how to seamlessly integrate workflows across various eDiscovery platforms, Julia creates tailored solutions for data identification, legal holds, ESI collections, and productions. By harnessing the power of Technology Assisted Review and Analytics, she delivers efficient, cost-effective results that align with best practices and budgetary constraints. Julia’s exceptional communication and customer service skills have fostered strong, lasting relationships with both clients and Project Management teams, enabling her to effectively problem-solve and drive success across numerous projects.

Skip to content