Litigation: Essential steps for navigating e-discovery in the cloud
While use of cloud computing continues to grow, the Federal Rules of Civil Procedure and most state civil rules have not caught up with this technology.
August 29, 2013 at 05:00 AM
5 minute read
The original version of this story was published on Law.com
While use of cloud computing continues to grow, the Federal Rules of Civil Procedure and most state civil rules have not caught up with this technology. Current rules do not provide any specific guidelines for preserving and producing electronically stored information (ESI) in a shared environment. And not surprisingly, there are few court rulings interpreting how the civil rules should operate in the cloud. This leaves in-house counsel and its outside counsel litigation team with little guidance when formulating a plan for managing company data stored in a cloud in the face of a large and complex piece of litigation.
If you find yourself in these shoes, here are some essential steps to take in order to fulfill your e-discovery obligations for preserving and producing data stored in a cloud.
1. Serve a litigation hold on your cloud vendor
It is safe to assume that moving ESI to a third-party provider's cloud does not remove a company's document retention requirements or obligations to review and produce ESI in response to discovery requests. Treat the ESI in the cloud the same way you would if it was stored on your company's own hard drives. As a result, immediately serve your cloud provider with a litigation hold when notified of a claim or that litigation is anticipated. Your cloud computing service level agreement (SLA) will likely have procedures for litigation holds. If your provider has no protocol for this procedure, still proceed with the written hold and communicate with your cloud provider to ensure it is taking steps to preserve relevant ESI.
2. Formulate a plan for complying with discovery requests
Do not wait until the discovery requests are served to come up with a plan for responding to them. Given the unique features of cloud computing, it is critical to understand very early in a case the entire process you will need to take in order to respond to discovery requests. An early understanding of all the relevant information in a cloud is required by Rule 26 initial disclosures anyway. Immediately after serving the litigation hold, map out how you will identify, collect, and review relevant ESI. Some cloud providers will have this procedure spelled out in the SLA. If not, engage personnel from your IT department and relevant business units to help put together a plan with the cloud provider. There are a host of important issues to consider during this mapping process. Does the provider have a built-in e-discovery tool to conduct searches or will it be more efficient to export the data out of the cloud to be searched with another application? What is the format of the data stored in the cloud and can all of it be searched and produced, including metadata? What are the additional costs the cloud provider will charge for complying with e-discovery requests? And finally, how quickly can all of this be done? Once you have this process mapped out, this knowledge will empower you in making objections and negotiating stipulations with the other party on ESI technical issues and cost production sharing. Keep in mind that Rule 26 grants some protection against producing ESI that is not reasonably accessible because of undue burden and cost.
3. Secure the data and maintain the privilege
In the past few years, the American Bar Association and many state bars have issued ethics opinions that bless the use of a cloud in e-discovery provided that certain safeguards exist for protecting client data. This means you need to exercise due diligence and cannot blindly rely on the provider's word. Because the data is being maintained by a third-party host, steps must be taken to make sure the data is not being accessed by non-essential third parties to the relationship and that reasonable precautions are made to maintain confidentiality. Understand who else is storing data in the cloud. Many cloud providers use the same processors and storage devices to service multiple clients. Learn how the system works and is designed so that there is no risk of commingling or unauthorized access to the data. Confirm that the provider's written policies state that all company data will be kept confidential and secure.
4. Properly retain the data post-lawsuit
After the litigation is resolved, make sure the cloud provider is appropriately retaining the ESI. If the ESI must be retained for some reason (e.g., a subsequent insurance coverage case), put steps into place to ensure the provider is maintaining the ESI. Otherwise, important evidence could be destroyed due to a provider's scheduled deletion of data. If there is no reason to retain the ESI from the case, instruct the provider to treat data in accordance with company's standard document and data retention policies.
As the use of cloud computing becomes more prevalent due to the benefits of reducing infrastructure and power costs, the courts will provide more guidance for lawyers on how to operate in this new environment. In the meantime, taking an approach that treats ESI in cloud as if it were stored on your company's hard drives is the safest way to proceed.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All
Inside Track: How 2 Big Financial Stories—an Antitrust Case and a Megamerger—Became Intertwined
CLOs Still Jazzed About Gen Al, Even as They Realize Successfully Implementing It Is Harder Than It Looks
2 minute read
AT&T General Counsel Joins ADM Board as Company Reels From Accounting Scandal
How Gen AI Is Changing Legal Work for In-House Counsel
Trending Stories
- 1Trump's Return to the White House: The Legal Industry Reacts
- 2Infant Formula Judge Sanctions Kirkland's Jim Hurst: 'Overtly Crossed the Lines'
- 3Climate Disputes, International Arbitration, and State Court Limitations for Global Issues
- 4Election 2024: Nationwide Judicial Races and Ballot Measures to Watch
- 5Judicial Face-Off: Navigating the Ethical and Efficient Use of AI in Legal Practice [CLE Pending]
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
