Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New E-Discovery Rules Benefit Some Firms

kdawson posted more than 7 years ago | from the don't-overwrite-that-backup-tape dept.

The Courts 35

The new E-discovery rules that came into effect last Friday — clarifying federal requirements about producing electronic documents as evidence in lawsuits — may make life harder for some companies, but they will benefit others. mikesd81 writes to mention an AP article profiling companies that help businesses track and search their e-mails and other electronic data. From the article: "There are hundreds of 'e-discovery vendors' and these businesses raked in approximately $1.6 billion in 2006... That figure could double in 2007."

cancel ×

35 comments

it has its own sound effect, even (3, Funny)

macadamia_harold (947445) | more than 7 years ago | (#17088606)

The new E-discovery rules that came into effect last Friday -- clarifying federal requirements about producing electronic documents as evidence in lawsuits

I think it goes something like this: "You've got nailed!"

Corporate Policy on Volatile Communications (3, Interesting)

eldavojohn (898314) | more than 7 years ago | (#17088614)

The company I work for had a policy that no e-mail was to be kept longer than 30 days unless it was absolutely necessary. If it was an internal e-mail, it was kind of expected that you would delete it as there would be no long term use for it. Now, like a few company policies, this one was broken even by myself a few times. Somebody would write a procedure out in e-mail and send it to the group or you could be in a hurry and you just drop an e-mail on installation instructions into the same directory as the deployment file. Under almost no circumstances were you allowed to record internal instant messaging conversations either.

It was claimed that we did this to keep the Exchange server free & not clog our hard drives with e-mail. But I really think that our lawyers speculated that since we're such a large company with subcontracters and other companies working with us that it would be best not to have these information linger. It's hard to ensure that a company with many tens of thousands of employees has everyone of them doing things that aren't illegal. It's just a problem of sheer numbers. Plus the incidences of the famous Microsoft memos about their competition. Memos about eliminating your only competition in a free market are frowned upon by the market but not exactly taboo inside the company.

Now, Friday morning, we got an e-mail saying that that has changed. That now we're supposed to keep e-mails but it didn't really say for how long. Plus it was Friday morning and an e-mail about a change in company policy was pretty high on my list of things to ignore. I'd imagine that our corporate policy is going to change to something vague and undefinable about under what circumstances you're supposed to archive it. And if a case comes up and my company is called on this Federal law that requires them to keep e-mails, it will now be the employee's fault since this e-mail was very applicable to a future case but they failed to archive it. What does that encourage me to do? Keep all my e-mails regardless of any policy.

I think the more volatile a communication is and the larger the company, the more they encourage you to destroy it. It's just a game of numbers. If you have 10,000 employees and 1 in every 100,000 e-mails is by chance something bad for the company, then each employee need only send 10 e-mails for you to have problems.

Re:Corporate Policy on Volatile Communications (2, Insightful)

nomadic (141991) | more than 7 years ago | (#17089028)

Now, Friday morning, we got an e-mail saying that that has changed. That now we're supposed to keep e-mails but it didn't really say for how long. Plus it was Friday morning and an e-mail about a change in company policy was pretty high on my list of things to ignore. I'd imagine that our corporate policy is going to change to something vague and undefinable about under what circumstances you're supposed to archive it. And if a case comes up and my company is called on this Federal law that requires them to keep e-mails, it will now be the employee's fault since this e-mail was very applicable to a future case but they failed to archive it. What does that encourage me to do? Keep all my e-mails regardless of any policy.

If the e-mail says you're supposed to keep e-mails but doesn't specifiy a date, then they probably want them to be kept in perpetuity.

Open Discovery (1, Funny)

Anonymous Coward | more than 7 years ago | (#17088644)

""There are hundreds of 'e-discovery vendors' and these businesses raked in approximately $1.6 billion in 2006... That figure could double in 2007.""

None of them open source. Looks like RMS will not be having a Merry Christmas.

Re:Open Discovery (0)

Anonymous Coward | more than 7 years ago | (#17088782)

None of them open source. Looks like RMS will not be having a Merry Christmas.

Meh, he'll probably be as excited that they're not open source as he will be disappointed that they're not free software.

sendmail (1)

pe1chl (90186) | more than 7 years ago | (#17089698)

Anyone knows if (open source) sendmail can be configed to keep the messages it has relayed?
E.g. something like moving processed queue items from the mqueue to another directory instead of deleting them after delivery.

With that in place, a tool to search the archived messages could come later (i.e. when it is really required).

Re:sendmail (1)

jo42 (227475) | more than 7 years ago | (#17104932)

I know postfix can be configured to do this very easily.

Something along the lines of setting up an archive email address and then configuring always_bcc [postfix.org] to that address.

open source email archiving - rsync.net (1)

enselsharon (968932) | more than 7 years ago | (#17093424)

Although rsync.net doesn't look like an "e-discovery" provider per se, my own use of their service makes it clear that you could very well use it for this purpose.

Their platform is totally open and totally based on open source (I think they run on FreeBSD, but perhaps it is Solaris) software like rsync, OpenSSL, and apache, etc.

If there is any doubt, their warrant canary seals the deal for me and a lot of other folks I know that use thier service for offsite backups and email storage:

http://www.rsync.net/resources/notices/canary.txt [rsync.net]

Stunning (-1, Redundant)

Anonymous Coward | more than 7 years ago | (#17088718)

It is amazing that something which costs some people money benefits other people monetarily! How could this possibly work?

Forged emails (4, Funny)

statusbar (314703) | more than 7 years ago | (#17088724)

It is a really good thing that it is not possible for a malicious party to create forged emails!

--jeffk++

Re:Forged emails (1)

lderezinski (720899) | more than 7 years ago | (#17088940)

That is the one of the points to discovery. You provide the documents to the other party, so it would be from one of your "sent" emails. The received emails are still up for grabs though.

Re:Forged emails (1)

statusbar (314703) | more than 7 years ago | (#17091470)

But I can forge one of my 'sent' emails as well!

My whole thought process here is that without crytographically signing the emails, the emails can be forged. Even then, the fact that someone said he 'sent' me an incriminating email does not mean that I received it. My spam filter erases 1200 emails every day, and sometimes there are false positives and sometimes mail servers crash and sometimes my computer crashes and loses files before I read them.

--jeffk++

Re:Forged emails (1)

lderezinski (720899) | more than 7 years ago | (#17091616)

If you forged one of your "sent" emails then in the discovery materials you would not be able to find the matching email. I agree with you. It is a complete mess....

Media Suppliers (3, Insightful)

nurb432 (527695) | more than 7 years ago | (#17088834)

It also benefits companys that make backup media.

Because of rules like this (0)

Realistic_Dragon (655151) | more than 7 years ago | (#17088836)

Work mailboxes are limited to 75mb and auto purged of content over 15 days old.

Re:Because of rules like this (1)

AlexDV (759799) | more than 7 years ago | (#17092418)

I think you're missing the point. The point of this ruling is that businesses will be required to keep this information. Intentionally destroying those e-mails could potentially land your company in some hot water if you were ever required to produce them in court.

E-mail services ? (1)

nurb432 (527695) | more than 7 years ago | (#17088874)

I wonder if places like yahoo or google ( or other email services, be them free or pay ) will have to retain and provide emails on demand, from their users. Both are 'US companies'. True, you arent employeed by either company, but they might still be required to do so, depending on how loose the law is ( no, ive not had a chance to read it ).

And, does this get extended to 'general files' as well? Thats pretty much the same as shreding documents if you only retain electronic copies of critical documents.

Re:E-mail services ? (2, Informative)

nomadic (141991) | more than 7 years ago | (#17088954)

I haven't read through all the new rules, but everything I've read about them say they kick in at the discovery stage of litigation. Presumably the traditional rules regarding document retention policies are still in place (if someone who has read them all knows differently, please say so). Under the regular rules Courts generally will allow you to have document retention policies, and get rid of old stuff. What you're supposed to do is whenever you have a reasonable belief that you may be sued over something, you're supposed to at that point make sure to keep whatever documents might be requested in the litigation.

reasonable belief (1)

nurb432 (527695) | more than 7 years ago | (#17089158)

These days, just being in business one can almost assume you will be sued :|

ugh (1)

nomadic (141991) | more than 7 years ago | (#17088896)

I used to work for an e-discovery firm. You have no idea how boring it is to go through thousands of e-mails and other electronic documents and decide whether they're responsive for a lawsuit or not.

I saw plenty of really interesting e-mails that I'm sure the sender never imagined someone else would ever read. Taught me a lesson; I never complain about my current job, or talk about anything specific about my work, over my work e-mail.

Ugh, from both ends (1)

almost entirely lega (1029988) | more than 7 years ago | (#17091412)

As someone currently immersed in going through about 10,000 pages of paper copied e-mails plus another years worth in a couple of electronic formats let me say: you think it's boring on your end? Sheesh! And, of course, there are those classic foward chains of everything from Osama jokes to pictures of various unclothed individuals. I'm sure the various investigators find those as delightful as do those who receive them. Bottom line: if anyone still thinks e-mail is private...

How is this news? (1)

Tim C (15259) | more than 7 years ago | (#17088924)

New laws come in placing extra requirements on $group, so firms spring up/enlarge to offer the service for a fee.

When exactly has this *not* happened?

Re:How is this news? (1)

matzebrei (901706) | more than 7 years ago | (#17097170)

It's not some case of rampant legislation and a bunch of "entrepreneurs" who want to make money off it, but rather a fairly backwards industry catching up a little and putting forth some long-needed standards. Only in the last few years have emails even been a regular part of discovery, and even then most courts handle them by printing them out and treating them as paper plus whatever metadata you can extract from the original mailbox*.

For the longest time in the legal world, just about everything was paper, and it more-or-less still is. The bottom line is that the courts have *finally* woken up to the concept that there are business documents out there that contain critical info for whatever case they're working, that have never seen paper, but should be part of the evidence. The cases mentioned in the article were ones where the court put the smack-down on companies that had all the appearance of hiding evidence behind lax retention policies.

Would you rather have a single national-level retention standard or up to 50 state-level ones?



* to be honest, there are a couple of advantages to doing this, such as there are already quite a few tools and practices built around paper evidence (either on paper or as an image of a page), and just converting files and emails to paper adds a time-and-cost barrier to manipulation.

E-Discovery (1, Informative)

Anonymous Coward | more than 7 years ago | (#17088972)

I work right now on a such project for a very big company. It's crazy, but this e-discovery email/data holding is a very complex application. We are(or suppose to be) near completion, but we are yet to see the details. Our big problem are the lawyers , they change their minds and alter the specs ofter than a baby his diapers. It's quite a hell to do automated tests. FYI, we are using the compliance software from aungate ( http://aungate.com/content/pathways/litigation/ [aungate.com] ).

Creating a new class of "Tax Accountants" (1)

anvilmark (259376) | more than 7 years ago | (#17088988)

...may make life harder for some companies, but they will benefit others.

The same way US tax law makes life harder for "some" (MOST) companies but benefits the parasitical "tax accountant".

"No man's life, liberty, or property are safe while congress is in session" - Mark Twain

Government regulations (1)

XNormal (8617) | more than 7 years ago | (#17089172)

...may make life harder for some companies, but they will benefit others

Isn't that true for just about any government regulation?

Maybe a stupid question (0)

Anonymous Coward | more than 7 years ago | (#17089450)

According to Wikipedia:

"Rule 26. General Provisions Governing Discovery; Duty of Disclosure

[2] The most substantial rule, which guides the discovery process.

Subdivision (a) provides for automatic disclosure, which first was added in 1993. Disclosure requires parties to share their own supporting evidence without being requested to by the other party. Failure to do so can preclude that evidence from being used at trial. This applies only to evidence that supports their own case, not anything that would harm their case." (emphasis added)

Of course, the plaintiff can request any evidence that may be harmful to the defendant's case, however, the defendant need not turn it over without being compelled to do so.

I thought that company's are regarded as persons under the laws of the US. As such, aren't they protected from self-incrimination? Are individual persons compelled to not destroy potential evidence of a crime they may have committed?

Re:Maybe a stupid question (1)

zappepcs (820751) | more than 7 years ago | (#17089746)

The parent has a damned good point, and one which I'm sure will be used to bring pressure to not store Gazillions of billions of emails forever or we may well be seeing the last of corporate email servers!

Think of it, if email has to be kept in perpetuity, many corporations may simply stop using email... poof! no more, all gone, we don't do that anymore....

Yes, like that will happen, so something has to give, and it won't be business' ability to function. The law will get clarified before MS exchange server becomes extinct. I have faith in that!

Re:Maybe a stupid question (1)

matzebrei (901706) | more than 7 years ago | (#17097234)

I thought that company's are regarded as persons under the laws of the US. As such, aren't they protected from self-incrimination? Are individual persons compelled to not destroy potential evidence of a crime they may have committed?


These rules apply to civil lawsuits (key word: "Plaintiff") not criminal ones. These are the kind of cases where someone is trying to recover some sort of loss due to their dealings with the defendant, and often the key evidence is in the defendant's possesion.

Regardless, for most civil suits, the defendants do indeed have to cough it up, even if the evidence hurts them, though thy might try to hide it among an avalance of other documents that "might also be of interest for the case".

OK, can anyone *summarize* what's changed? (0)

Anonymous Coward | more than 7 years ago | (#17090278)

The "old way" was 1) have a retention policy stipulating time windows for each type of document to be retained. 2) Adhere to the policy 3) When under subpoena, halt the policy and retain documents for review 4) documents not under scope of discover could then resume their rotation/deletion.

Article is slightly misleading... (1)

Remik (412425) | more than 7 years ago | (#17092764)

IANAL, but I am a Litigation Technology Admin for a major IP firm:

As far as retention/compliance goes, this isn't SOX for everyone who might ever be sued...I think having retention policies (and following them) becomes more important (ex. amended rule 37(f) creates an explicit safe harbor in the event that data is destroyed in the normal course of business, absent a litigation hold or anticipation of litigation), but there's still no duty to preserve until there's reasonable expectation of a lawsuit (in contrast to SOX).

The biggest changes I see for law firms is the need to get to know the IT framework of our clients, and the need to discuss the issues surrounding ESI earlier in the litigation cycle. I think the article slightly misinterprets the rules...it's not an issue of having to retain Emails/IMs, it's an issue of 1) having to produce IMs if you retained them, or 2) having a legally defensible reason for not retaining them if you could have and had reason to believe you should have.

The introduction into the rules of a standard that takes into account whether data is 'reasonably accessible' is also going to become important. I think it will reduce the scope of e-discovery in smaller cases, because it's simply not reasonable to mirror and process a client's Exchange server when the potential exposure of the case is low.

One of the suggestions in the article that I highly agree with is, if possible, encouraging clients to construct a "Data Map" or what it calls, "Inventory of their IT system". It will not only help with collection strategy at the beginning of a case, but it will show due diligence in the event that something is missed. And, I imagine keeping legacy systems on the corporate radar might also be a way to ensure they are decommissioned sooner rather than later, as the cost of exploring their contents is not something anyone wants to have to endure.

-R

Re:Article is slightly misleading... (1)

RulesLawyer (245442) | more than 7 years ago | (#17095086)

"rule 37(f) creates an explicit safe harbor in the event that data is destroyed in the normal course of business, absent a litigation hold or anticipation of litigation"

IAAL, and from what I've heard, the safe harbor isn't really much of a protection. A typical strategy might go something like this.

1) Send an e-mail letter to a potential defendant corporation, to some low level attorney in their legal department, complaining about whatever it is you complain about (product liability, HR, whatever). Include something obliquely related to "I might even think about hiring an attorney to sue you about this." Companies get letters like this all the time.

2) Wait a long time. Just before the statute of limitations runs out, file the lawsuit.

3) Make a discovery request.

4) Odds are, they won't have your original e-mail which they were required to keep, under the comments to FRCP 37(f). The FRCP allows for inadvertent destruction due to the routine operation of a computer system, but "a party is not permitted ... to thwart discovery obligations by allowing that operation to continue in order to destroy specific stored information that it is required to
preserve. [A] party is under a duty to preserve information because of pending or reasonably anticipated litigation..."

5) Move for sanctions. And heck, if they can't find that e-mail, which was so clearly in anticipation of pending litigation, who knows what else they've destroyed? Move for an adverse inference instruction, too, telling the jury to assume the defendant destroyed a smoking gun document.

6) Profit!

I'm just glad I'm not the one in my company who deals with this game playing on a regular basis.

Re:Article is slightly misleading... (1)

Remik (412425) | more than 7 years ago | (#17107326)

You assume that the company "reasonably anticipated litigation" because a low-level associate received an e-mail from someone with an axe to grind that obliquely hinted at the possibility of hiring an attorney? I think that supposition would be laughed out of most courts.

-R

Regulation Benefits the Big Firms...Sometimes (1)

CodeBuster (516420) | more than 7 years ago | (#17093922)

It is well known by economists that large firms will sometimes lobby for increased regulation of their industries in order to raise barriers of entry to new firms and impose costs on existing competitors who are less able to satisfy the regulatory hurdles. This behavior is also seen in professional associations who lobby for licensing to restrict the number of practitioners. In fact, among the more heavily regulated professional occupations is that of cosmetology and this is in spite of the fact that the public interest would be better served by LESS regulation. This is not to say that all regulation is frivolous, but rather that certain business is regulated against the public interest. I like the fact that commercial airline pilots are licensed and regulated by the government, but I do not need the government to protect me against the possibility of a bad haircut when that "protection" doubles the cost of a haircut.

Time to load up on EMC's stock (0)

Anonymous Coward | more than 7 years ago | (#17096340)

Storage companies will have record earnings in 2007 thanks to this law, just like they did when Sarbanes-Oxley came into application.
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...