This Week in eDiscovery: The Need to Preserve Passwords, New Challenges Over Legal Hold Notices and Privilege

Every week, the Array team reviews the latest news and analysis about the evolving field of eDiscovery to bring you the topics and trends you need to know. This week’s post covers the period of July 22-28. Here’s what’s happening.

Don’t Forget to Preserve Passwords, Too

A case from Utah raises an interesting question: If you preserve electronically stored information (ESI) and it’s password-protected, what is your responsibility to save that password, too?

In OL Private Counsel, LLC v. Olson, the defendant — a former employee — was accused of misappropriating the plaintiff’s confidential documents and sharing them with a third party, the Sidley blog reports.

The defendant had allegedly been in contact with another ex-employee via a messaging app, so the plaintiff reached out to that person and bought his phone. During a meeting, the plaintiff made a copy of the phone’s entire contents — but without getting the phone’s password. The plaintiff retained the phone.

(Data was reportedly deleted from the phone and its cloud storage, too. The defendant and the plaintiff disagreed over who actually did that.)

The defendant wanted its ESI vendor to conduct a forensic review of the phone, but it couldn’t do a full review because the plaintiff said they didn’t have the password.

A magistrate judge denied the defendant’s motion for dismissal without prejudice, but ordered the plaintiff to produce the phone, its password and its full copy of the phone.

The plaintiff had tried arguing that it wasn’t responsible for preservation at the time because it wasn’t anticipating litigation. It was just trying to learn more about the situation. The judge disagreed — duty to preserve kicks in when a party “knows, or should know, litigation is imminent.”

The plaintiff also argued that, as a third party, it wasn’t responsible for preserving the password because the phone wasn’t in their control yet. The judge pushed back, saying that under Rule 34, a party could be required to produce information that isn’t in its direct possession if it has “any right or ability to influence the person in whose possession the documents lie.”

Remember: Preserving ESI should include the ability to access that ESI, and having a way to either acquire passwords or work around them should be part of your team’s comprehensive policy for document preservation.

What If Your Legal Hold Notices Were Fair Game?

Don’t be surprised if your opponents make a play to discover your legal hold notices. More litigants are seeking access as part of spoliation claims, so they can see exactly how a party did (or didn’t) plan to preserve information.

Case in point: In FTC vs. Amazon, the FTC alleged that spoliation had occurred, and it wanted access to Amazon’s document preservation notices and instructions for using ephemeral messaging apps. Those kinds of documents are usually protected under attorney-client privilege and attorney work-product doctrine, Kelly Twigger writes at the ACEDS Blog.

The judge — who agreed the information could be relevant — went along with an Amazon suggestion to hold a 30(b)(6) deposition, where FTC attorneys could question an Amazon rep about their legal holds, who received them and when, what information was supposed to be saved, and what actions employees were supposed to take.

If the FTC doesn’t get sufficient information from that interview, though, it could renew the motion.

Takeaways: Make sure you have an active, clear policy of communicating and enforcing preservation rules and well-written legal hold notices with a defined process for distributing those notices to the correct custodians and IT stakeholders, with special attention given to ephemeral messaging apps and data. That way, in the event that your hold notices do have to be produced, you won’t have any reason to be embarrassed — or worse.

Other recent eDiscovery news and headlines:

 

Julia Helmer; Director, Client Solutions

With a decade of expertise, Julia excels at optimizing enterprise eDiscovery workflows from start to finish. With a deep understanding of how to seamlessly integrate workflows across various eDiscovery platforms, Julia creates tailored solutions for data identification, legal holds, ESI collections, and productions. By harnessing the power of Technology Assisted Review and Analytics, she delivers efficient, cost-effective results that align with best practices and budgetary constraints. Julia’s exceptional communication and customer service skills have fostered strong, lasting relationships with both clients and Project Management teams, enabling her to effectively problem-solve and drive success across numerous projects.

Skip to content