In-House Insight Series – Part 3
Our goal for Elevate Ediscovery remains providing practical guidance and actionable tips for in-house ediscovery professionals on an array of ediscovery topics. In Part 3 of our series on data preservation best practices, we continue our discussion of the key elements of a sound preservation plan.
Last week in Part 1, we established the need for a plan to articulate how potential trigger events are surfaced, and how the decision is made as to whether or not a duty to preserve has attached. Now, let’s look at scoping the hold obligation.
Defining the Scope of Preservation
Once the organization has determined that it’s subject to a duty to preserve, it must determine a reasonable scope for those preservation efforts. What information may be relevant to establishing the claims of the anticipated litigation? What information may be needed to defend against those claims or issues? What supports or undermines the allegations in the case?
Rule 26(b)(1) defines the scope of discovery as “… any nonprivileged matter that is relevant to any party’s claim or defense and proportional to the needs of the case.” Therefore, scoping the extent of potentially discoverable information that is subject to a preservation obligation starts with evaluating the claims or defenses that could be asserted in the lawsuit or regulatory action.
Many organizations convene a “claims and defense” meeting at the outset of a matter to determine what issues may reasonably be raised and identify relevant data sources to preserve and personnel to interview. Ultimately, scoping efforts determine what information is considered relevant, where such information resides, and who is likely to possess or have knowledge regarding that information (as data custodians or stewards).
A thorough preservation plan should define who will be engaged in the initial scoping process. Is the legal department equipped to identify where potentially relevant information may be retained within the organization? Are there others within the organization — perhaps in information technology (IT), information security, human resources (HR), records management, data privacy or other departments — who can assist? Many organizations create a standing “discovery response team” with members from these different departments. This allows them to quickly pull in knowledgeable people who are experienced in translating the various types of information that the legal department needs to preserve, given the myriad potential data sources that may be involved.
An organization may also choose to invest in some type of data mapping effort. At a minimum, data mapping helps to capture institutional knowledge concerning where certain types of data exist and who should be informed when preservation actions are required. These content maps may simply record where the organization stores commonly sought information, who controls that data, and how they can preserve it when required.
When a new preservation obligation arises, this knowledge can be invaluable to making efficient, well-informed, and repeatable decisions. Having a data map for common data types also allows the team to focus only on the smaller subset of new information types or sources involved in a matter. Finally, the institutional knowledge from a data map can inform proportionality and burden arguments, helping counsel decide how far the organization should go when preserving data. Remember, perfection isn’t the standard when it comes to preservation.
Once an organization has identified the types and sources of data involved in a matter, including any attributes such as subject matter, date range, geography, and the like that may help to limit the scope of preservation, it must determine what steps it will take to preserve that data. Which data custodians or stewards need to be informed of the need to act, and what do they need to do? It’s useful to draw a distinction between data that is under the custody and control of individual custodians, such as information on employees’ computers and mobile devices, as opposed to data that is managed by data stewards who have a broad responsibility for maintaining a company system or data repository. Still other data may be in the custody and control of third parties that will need to be informed of the duty to preserve that data on the organization’s behalf.
Again, documentation is critical to defensibility. A preservation plan should include steps for documenting how the organization has made decisions to include or exclude certain custodians or data types and what factors informed those decisions at the time. If proportionality or the burden of accessing and saving data are factors in deciding not to preserve it, it is critical to capture those reasons.
One last point about scope: the duty to preserve can, and likely will, evolve over the life of a matter. New information may alter the scope of the duty for anticipated or pending litigation. In the same vein, new information may lead an organization to conclude that it should no longer reasonably anticipate a particular litigation matter and that it is, consequently, no longer subject to that preservation obligation.
Next week, we’ll tackle the third element of an effective preservation plan: taking actions to preserve discoverable information.