Read these ediscovery collection best practices to learn why self-collection – or allowing clients to collect their own data – is dangerous.
Picture this: it’s 1988 and you’re at your desk, poring over a veritable encyclopedia of case law. You just sent your paralegal to collect an official notice from the judge in your latest case. They return with a litigation hold requiring the preservation of all the files stored in a certain custodian’s office. What do you do next? Call your client and ask them to haul the documents to your practice? Or send your team over to carefully collect the potential evidence and ensure no spoliation occurs?
Back then, it was common to let the client do the heavy lifting when it came to collecting potential evidence. (Still, this approach has always been risky – spoliation can occur anytime evidence passes through hands without attorney supervision.) But today, the litigation landscape has changed – you probably conduct research online and receive litigation holds digitally now. And instead of boxes of paper documents, you’re dealing with gigabytes of digital data.
The hands-off approach to evidence collection is a thing of the past. Digital data has amplified the dangers of this method, making it essential for attorneys to be directly involved with the collection of potential evidence.
When Self-Collection Becomes Self-Selection
When a client collects their own documents for a litigation matter or investigation we call it “self-collection,” and the practice is generally discouraged by courts except in limited scenarios. Self-collection potentially puts both the client’s interests and the lawyer’s practice at risk. In fact, one judge stated the practice “greatly troubles and concerns the Court.” EEOC v. M1 5100 Corp., d/b/a Jumbo Supermarket, Inc., Civil No. 19-cv-81320 (S.D. Fla. July 2, 2020)
The client may not fully understand the scope of their legal and ethical responsibilities, which could result in over-collection, requiring more review time and unnecessary expense. Or they may under-collect because of self-incrimination concerns or a conflict of interest. The lawyer may lose credibility when they carelessly certify a client’s self-collection and production effort (FRCP 26(g)) that turns out to be inadequate or inaccurate. While self-collection isn’t inherently a bad practice, self-selection is definitely a problem.
Is the Client Capable of Collecting Their Own Data?
Attorneys may be prone to give their client latitude when it comes to collecting and preserving their evidentiary data for litigation. After all, the clients presumably know their data better than anyone else, and frankly, most attorneys don’t want to take the time and effort to learn about their client’s information systems or badger them with unwanted oversight.
But does the client have time to properly accomplish the task? Does the client have the resources available? Often, the company’s IT professionals are asked to collect data without adequate direction, which means they’re left wondering about the parameters of the collection and relying on their own initiatives.
Because the collection process involved in litigation matters and investigations is data-centric, most people characterize the process as an IT activity. But there’s a great deal of strategy and decision-making that goes into a data collection project that requires both legal and technological acumen.
Does the client understand the full scope of the data collection? Has the attorney sent a comprehensible legal hold letter outlining the extent and limits of the data that needs to be collected? Has the legal team outlined the types of files that need to be collected or provided search terms or date ranges for the collection?
Lastly, does the client possess the technical know-how to properly collect the data? Some clients may not have IT professionals available to assist with the collection, and that leaves individual custodians (employees) to simply copy and paste files to locations without regard to protecting the associated metadata or other information. When this happens, files run the risk of incidental alteration – plus, losing relevant metadata will make document review far more challenging.
In those instances, it might be prudent to retain the services of a professional service provider that can a) accomplish the task necessary and b) provide the necessary support in case there are any questions that arise.
A Lawyer’s Duties in Data Collection
In EEOC v. M1 5100 Corp., the Court stated, “attorneys have a duty to oversee their client’s collection of information and documents, especially when ESI is involved” because “self-collection by a layperson is highly problematic and raises a real risk that data could be destroyed or corrupted.”
The Court further stated that “parties and clients, who are often lay persons, do not normally have the knowledge and expertise to understand their discovery obligations, to conduct appropriate searches, to conduct responsive discovery, and then to fully produce it, especially when dealing with ESI, without counsel’s guiding hand.”
The Court warned that counsel must take an active role assisting their clients with the search, collection, and production of ESI because counsel is required to ensure that the production is complete and correct at the time it is made (FRCP 26(g)). And if counsel is not comfortable with this duty, the Court stated that the lawyer or the party may “consider retaining an ESI vendor to assist with the process.”
These duties are not new. One of the first court opinions from 2004 addressing ediscovery concerns was Zubulake v. UBS Warburg, LLC, 229 F.R.D. 422 (S.D.N.Y. 2004) (“Zubulake V”) where Judge Scheindlin stated that counsel “must oversee compliance with the litigation hold, monitoring the party’s efforts to retain and produce the relevant documents.” Judge Scheindlin also commented in 2012 in Nat’l Day Laborer Org. Network v. United States Immigration & Customs Enforcement Agency, 877 F. Supp. 2d 87 (S.D.N.Y. 2012) that custodians cannot be “trusted to run effective searches of their own files” without proper assistance of counsel.
These case opinions (and many more) emphasize the inherent need for legal counsel to be engaged in overseeing the data collection and preservation efforts of their clients, and even bringing in outside expertise and assistance when necessary.
A Data Collection Checklist
What are some of the ediscovery collection best practices that you can follow and provide to your clients?
1. Collect only what you need
It may be tempting to take the easy route and simply copy an entire mailbox or hard drive from a custodian, but that will ultimately cost more money and require more work. There are times when a wholesale collection is appropriate, but it’s normally a lazy move performed without adequate time spent on crafting a proper ediscovery strategy.
2. Be proactive and get help when you need it
There will inevitably be challenges that arise during a data collection effort. There may be data that was not identified earlier, you may need to collect data from mobile devices, or your ediscovery strategy may require forensically collecting data from computers and servers. In those situations, you are much better off asking for help and engaging outside assistance from companies such as Nextpoint.
3. Approach your collections in phases
While speed is certainly a consideration, you don’t necessarily have to collect everything immediately. It might be a more prudent approach to identify highly relevant data, or sources that could potentially contain the most relevant data, as well as sources that may contain less relevant data. If you’re pressed for time or under a production deadline, then consider starting a collection with the more relevant sources before moving to the less relevant sources. Just remember that this approach doesn’t negate your duty to preserve the information, even if it’s not yet collected.
4. Create a central repository for storing collected Electronically Stored Information
Many law firms have multiple matters that revolve around the same or similar issues, people, and data. Consider creating a central repository where that collected data can be stored so that you don’t have to repeat the same collection process over and over.
Data collection is a complex and dynamic process that relies on sound ediscovery strategy as well as proven technical resources and expertise. While some lawyers may be tempted to allow a client to self-collect their documents and files, it is crucial that lawyers work closely with their clients on understanding their IT systems, providing direction on the collection efforts, and seeking outside assistance when necessary.