Thomas Perez, chairman, Democratic National Committee

A suit filed by the Democratic National Committee alleging an international conspiracy to interfere in the 2016 election could lead to a massive e-discovery undertaking that crosses borders, communication platforms and numerous parties.

Filed in the U.S. District Court for the Southern District of New York, the 66-page complaint names 15 defendants and additional “John Does” affiliated with the presidential campaign of Donald Trump, the Russian government and WikiLeaks. The complaint, said Munger, Tolles & Olson e-discovery counsel Bobby Malhotra, contains “very expansive allegations regarding hacking, trespass, alleged Russian interference in the election, and collusion.”

“It's so expansive that if the current DNC lawsuit makes it to the discovery stage, it really opens the door for the DNC lawyers to obtain critical electronic evidence,” Malhotra said. “That includes emails, documents, communications from the Trump campaign that are aimed at uncovering connections between the campaign and Russia.”

The DNC complaint paints a picture of a clandestine effort to undermine Democratic presidential candidate Hillary Clinton, coordinated through a series of illicit communications, Russian hacking into the DNC's computers, and the dissemination of sensitive information to the public. The nature of the accusations, Malhotra said, could also implicate “more exotic e-discovery sources,” such as text messages, instant messenger data and sever logs “to show potential intrusion and access to DNC servers.”

Yet such a situation could provide complications for the DNC as well. In such a discovery phase, a defendant could make moves to determine the nature and scope of intrusions by actions like demanding to inspect DNC servers to see whether a malicious code was installed. Further, given the DNC's claims that it paid over $1 million for repairs related to cybersecurity issues and that its employees were harassed due to the breach, it could be required to produce evidence regarding repair and remediation measures taken, costs, and cybersecurity firms that they worked with.

Additionally, objections could be raised on privacy grounds, Malhotra said, given that servers could contain sensitive third-party information.

A source with insight into the suit told the New York Law Journal that it provides an opportunity to use the civil discovery process in investigating allegations made against the Trump campaign. And while much of the information supporting the civil proceeding is based on the Department of Justice investigation, the suit and discovery materials will remain separate.

However, compelling certain parties to produce could prove problematic. Jeff Kangas, executive managing director at e-discovery company H5, told LTN that the DNC's claims could be viewed as “audacious” by defendants, some of which don't have “a vested interest in being forthcoming” and will likely claim jurisdictional rights.

“From an e-discovery perspective, what will ultimately matter is if folks ultimately do become compelled to produce documents,” Kangas said. “Just the mere fact of how many people they've named, if they were compelled to actually produce what they were requested, I would suspect there would be quite a bit of data. [But] I don't know if these parties will cooperate unless absolutely forced by a judge.”

“Any time you're dealing with data overseas or complex issues, and now you add a foreign sovereign into the mix, there's definitely going to be complicating issues that you don't see in your vanilla e-discovery fact pattern,” Malhotra said, specifying obtaining access to data, preservation obligations, responding to discovery requests, and jurisdictional issues as hurdles.

And certain discovery requests, particularly those seeking ephemeral data that exists only for a period of time, could be objected to under Rule 34 of the Federal Rules of Civil Procedure, which pertains to the production of electronically stored information for inspection. Such ephemeral information would include server logs detailing computer activity.

“You could see litigants and possibly defendants making burden arguments, making arguments that certain documents don't fall within the definition of document and ESI under FRCP Rule 34,” Malhotra said. “If the court deems that they do, they'll also have to make a difficult decision on whether those sources are discoverable based on the underlying issues of the matter.”

Indeed, judges have ruled in the past that server logs constitute evidence under Rule 34. A discovery order out of the U.S. District Court of the Central District of California ruled that server log data was relevant to the case, while a U.S. Court of Appeals of the Ninth Circuit decision ruled that random access memory (RAM) found in data in servers and other devices is considered ESI.

As to whether such information will be discoverable in the DNC suit, Malhotra said, “I think you'll see some arguments go both ways.”

Regarding the role e-discovery may play in the suit if it moves into the discovery stage, Kangas  noted, “Most of the stuff that's cited in the complaint is based on media reports. And I think if this case makes it to a place where there's actually discovery done, you're going to have to find evidence in documents that link people to some of these actions.”