As the business world becomes increasingly paperless, courts and legislators alike have made efforts to modernize the way the law approaches electronic evidence. The Covid-19 pandemic has reduced the need for paper records in exchange for heavy reliance on email, .pdf attachments, and digital video presentations. The work-from-home era has forced employers to abandon traditional file cabinets in exchange for cloud storage, document management services, and business e-platforms that house and manage employee data.
For the most part, the acceleration towards virtual will have a positive impact (e.g., reduced carbon footprint and increased accessibility and organization of company information). However, this transition may create issues when litigation inevitably rears its ugly head. Where it does, companies may face scrutiny if their electronic recordkeeping is found to be lacking.
Document migrations, email cleanses, and electronic revisions can cause important and relevant data to be erased, omitted, or overwritten. Moreover, these processes often occur automatically and without the company’s knowledge. A premium example of this is metadata, a subcategory of data that uniquely identifies and describes electronic documents. Although metadata is rarely visible on an electronic document, its contents are easily altered or overwritten by normal business processes, such as a mass upload from one database to another. Given the fragility of electronic documents and data, companies should (rightfully) question what their obligations are with regarding to retaining electronic information during litigation.
Fortunately, the authors of the Federal Rules of Civil Procedure have attempted to address these up-and-coming concerns about Electronically Stored Information (“ESI”) by altering Rule 37. Unfortunately, the changes to Rule 37 leave significant gray area as to the appropriate remedy for the loss or destruction of electronic evidence.
Federal Rule of Civil Procedure 37 addresses when a court may sanction a party for the withholding or destroying of ESI. Until recently, Rule 37 required an aggrieved party to prove three factors to show that sanctions are warranted: (1) whether the party who lost the ESI had an obligation to preserve the ESI when it was altered or destroyed, (2) whether the destruction or alteration was done with a culpable state of mind, and (3) whether the altered or destroyed evidence was relevant to the claims or defenses of the requesting party. See, e.g., Thompson v. U.S. Dep’t of Hous. & Urban Dev., 219 F.R.D. 93, 101 (D. Md. 2003). Where a party could satisfy these elements, sanctions could include forfeiture of claims/defenses, adverse jury instructions, or dismissal of the action entirely.
However, the increasing popularity of ESI created a blind spot in the second element of Rule 37. If a company knows of an automated process that will erase ESI but fails to take preventative action, is that party subject to the same harsh sanctions as a person who intentionally destroys evidence? Likewise, where ESI is lost due to an unintentional or automatic process, is an aggrieved party unable to show the appropriate scienter and therefore left without a remedy under Rule 37?
In 2015, the Legislature responded to this blind spot by amending Rule 37(e) to focus on the “failure to preserve electronically stored information.” Under the new amendment, an aggrieved party must prove the following “threshold” elements to show spoliation of ESI occurred: (1) ESI was lost, (2) the ESI should have been preserved, (3) the party who lost the ESI failed to act reasonably to prevent the loss, and (4) the ESI cannot be recovered or obtained from other sources.
Noticeably absent from these factors is the need to prove whether the loss of ESI occurred intentionally or inadvertently, which is addressed separately. Subsections 37(e)(1) and (2) assess the culpability of the spoliation in order to determine the appropriate sanction. Under Rule 37(e)(1), if the spoliation is prejudicial but occurs unintentional, the court may issue sanctions “no greater than necessary to cure the prejudice.” Alternatively, Rule 37(e)(2) provides that intentional spoliation permits sanctions that are more traditional and severe: evidentiary presumption against the spoliating party, jury instructions, or dismissal of the action/claim.
While Rule 37(e)(1) carves out relief for victims of unintentional spoliation, the rule is unspecific about what sanctions should be levied. Although the official commentary to the Rule provides certain examples of sanctions for unintentional spoliation, the reality is that the inquiry is factually dependent and must be analyzed on a case-by-case basis. Moreover, because of the recency of the 2015 amendment, appellate case law is sparse as to the appropriate method for determining sanctions for unintentional ESI spoliation.
As a result, the penalty for unintentionally losing or destroying ESI is currently unpredictable and leaves companies vulnerable to a wide range of sanctions that could dramatically affect litigation. As a matter of best practice, businesses should begin closely monitoring their ESI policies. Initially, companies need to familiarize themselves with ESI retention processes and be aware of when databases are automatically purged, consolidated or deleted. This is especially important with regard to company email accounts. Second, employers should maintain detailed data retention policies and ensure that employees are properly trained on their responsibilities thereunder. Third, as a safety net, businesses should explore options for back up servers or data archives that can be used to store important ESI that is no longer used by employees. Establishing a clear policy with regard to ESI not only promotes better internal organization, but also may be critical to saving the company from discovery sanctions and unwanted legal fees down the road.