25 Jul 2013

Beware of BYOD and Text Messages in E-Discovery

Posted in: Thursday E-Discovery Case Law 2 Comments

By Mike Hamilton, J.D.

For in-house legal departments, Bring Your Own Device (BYOD) and the increasing use of mobile devices to conduct business has created numerous new corporate e-discovery preservation risks. These devices (iPhones, tablets, etc.) exist in the “wild” beyond the control of corporate networks, which from a risk management standpoint should sound off alarms. What creates this risk? It comes from a lack of visibility/control over devices used for work and not having immediate access to search and quickly extract potentially relevant electronically stored information (ESI) in the face of anticipated or pending litigation/regulatory inquiries. Today, legal teams are facing this conundrum on a daily basis, how to preserve information from mobile devices.

Case in point is PTSI, Inc. v. Haley (Pa. Super Ct. May 24, 2013).

In this employment case, the plaintiff, PTSI, sought spoliation sanctions against the defendants, Haley, for the deletion of text messages. The plaintiff alleged that the defendants violated an earlier preservation order by “intentionally deleting text messages and electronic records from their phones and/or computers.” The trial court considered whether it was proportional to circumstances surrounding the case for the defendants to preserve and collect this mobile ESI.

First, the court considered the scope and nature of the litigation, which included reviewing the amount in controversy and the importance of the litigation at stake. Since the suit involved a large corporate fitness company suing a small start up competitor, the court ruled that “the amounts at stake involved are relatively minor and that the level of importance and complexity of the issues concerning the electronically stored information” did not lean in favor of sanctions.

Next the court assessed whether the deleted ESI was relevant to the case. The court held that the defendants could not have destroyed any relevant ESI by not collecting the mobile ESI. The defendants alleged unlawful conduct arose during its employment with the plaintiff. Since the preservation order was issued after the employment ended, spoliation of relevant ESI already had occurred.

Lastly the court analyzed the value of the spoliated ESI and what importance it played in the court’s adjudication. The court found that “substantially similar” ESI was available to the plaintiff from other sources. Namely, over a thousand emails were recovered from the defendants’ computers. As a result of this three part analysis, the trial court held that spoliation sanctions were not warranted.

The plaintiff appealed the ruling but incurred the same result. The appellate court ruled that there was no duty to preserve the mobile ESI since litigation at the time the ESI was deleted was not reasonably foreseeable. This court did note however that ESI had been deleted after the preservation order went into effect, but even this conduct did not warrant sanctions because the defendants’ “conduct was routine and not motivated by bad faith” and “that they deleted only non-relevant electronically stored information and turned over all relevant electronically stored information.”

THE E-DISCOVERY BEAT’S TAKE

According to a recent Gartner report, the number of smart devices to be sold this year is estimated at about 1.2 billion. As evidenced from recent case law (e.g. PTSI), the information stored and created on mobile devices, such as text messages, emails, etc. are all subject to discovery during litigation. Whether provisioned by IT or added as part of a Bring Your Own Device (BYOD) policy corporations must account for how to defensibly preserve and collect this information. To get started here are a couple tips to help create or fine tune your collection/preservation process for mobile information.

  • Create a BYOD Policy: Personally owned devices are not company property therefore companies cannot extract mobile data without the owner’s consent. As a result, the BYOD policy must include what the company’s rights are for monitoring and accessing employees’ mobile devices.
  • Backup Mobile Data for Key Custodians: For employees who are frequently subject to litigation (executives, managers, etc.), companies must make it a priority to regularly copy critical mobile work documents onto the corporate network. This process will enable legal teams to argue that ESI stored on targeted mobile devices is duplicative and therefore outside the scope of discovery.
  • Update E-Discovery Workflows to Include Mobile ESI: Mobile ESI will undoubtedly become a standard form of evidence requested by opposing parties. Legal teams need to be proactive and modify their e-discovery processes to include the preservation and collection of mobile ESI. Ways to accomplish this: (1) Revise legal hold policies to include mobile devices on the list of data sources required for preservation and collection, and (2) Identify technology that empowers legal teams to quickly and easily extract and ingest mobile ESI for preservation and analysis. Having access to this type of technology will not only save time and money, it will allow legal teams to identify if responsive ESI exists and whether it needs to be produced.

To learn more about how to defensibly and efficiently collect mobile ESI, click here.

 

Mike Hamilton, J.D. is a Sr. E-Discovery Analyst at Exterro, Inc., focusing on educating Exterro customers, prospects and industry experts on how  to solve e-discovery issues proactively with technology. His e-discovery knowledge, legal acumen and practical experience give him a valuable perspective on bridging the gap between IT and legal teams. You can find him on Google+, Twitter and Linkedin. Contact him directly at michael.hamilton@exterro.com.

2 Responses to “Beware of BYOD and Text Messages in E-Discovery”

  1. Court holds that employer did not have “possession, custody or control” of text messages sent or received on its employees’ personal cell phones | Technology Law Source says:

    [...] addition to these steps, the E-Discovery Beat blog recently shared some tips for addressing these challenges, including creating a BYOD policy and updating e-discovery [...]

  2. Court Holds That Employer Did Not Have "Possession, Custody or Control" of Text Messages Sent or Received on its Employees' Personal Cell Phones : Employer Law Report says:

    [...] addition to these steps, the E-Discovery Beat blog recently shared some tips for addressing these challenges, including creating a BYOD policy and updating e-discovery [...]

Leave a Reply