Posted on: January 14, 2014in Blog
eDiscovery Update: iPhones, BlackBerrys and Androids, oh my!
This article was originally published on The Daily Record.
The “bring your own device policy” (BYOD policy) phenomena is fully upon us. In the past six months, D4 has handled more mobile devices (i.e. smartphones and tablets) than the previous two years combined. Almost every case that we work on has one or more iPhones, iPads, Kindles or Androids. Recently we extracted ESI from an Xbox 360!
I wrote an article in May 2012 about text messages and in that article I outlined some steps one can take to ensure text messages are preserved. But saying is much easier than doing — with most things in life. It certainly is one thing to send out a litigation hold notice and instruct users to preserve relevant data, but another to ensure that happens. This begs the question, who has that burden to preserve? Is it with the company, or its counsel, or is it with the individual?
In a recent federal case, an individual was held personally and criminally responsible for deleting text messages. He may receive time in prison despite the fact that the company had instructed employees to retain ESI.
I wonder if that individual was spoken to directly by counsel about these text messages. Did the individual understand that text messages were potential evidence? Was the intent of the individual to hide evidence?
The risk of sanctions or jail exists in many cases, not just in big, high-profile matters.
In a recent case I encountered a similar dilemma. In this matter, texts may have existed on a particular mobile device and no effort had been taken to preserve them. This fact was uncovered in a deposition when a witness stated that she had messages that may have been relevant but, she said, they were deleted by a BlackBerry auto-delete function. Yes, BlackBerrys have a text message auto-delete function that is set, by default, for 30 days, but this setting can be changed.
I discussed with the attorneys the importance of understanding what they are or should be instructing custodians to do. They must understand the systems (including mobile devices) that contain potentially relevant evidence. More importantly, it is critical for counsel to understand who controls the data and the tools for its deletion. It is not sufficient simply to issue a litigation hold. Attorneys must follow up to ensure there are not any “gotchas” out there such as auto-delete routines on email systems or on mobile devices.
Are backup tapes that may contain potentially relevant information part of a tape rotation so that data is being constantly overwritten? If there is a litigation hold, that overwriting needs to stop until the potentially relevant data on the backup tapes can be preserved!
When my client asked me what can be done about this BlackBerry auto-delete issue, my first instinct was to recommend telling the employees to stop using text messages to discuss business matters. Texting is great: “Hey, when do you want to meet for drinks?” or “Pick me up some bread and milk on the way home,” but not for “I don’t think we should do that next deal with ACME because the numbers don’t make sense.”
So what could have been done differently?
Hindsight is 20/20. If counsel is aware that some relevant data may exist on mobile devices what do they need to do to preserve it? Do they instruct custodians to search for text messages and preserve relevant ones or do they create a plan for these custodians to properly preserve messages?
There is technology that exists that we use every day at D4 to preserve texts and other data from mobile devices. But even a low tech method can be used in the absence of nothing. One can take a screenshot of the important text messages and email them to counsel. Though it puts metadata and chain of custody questions into play, that procedure may be acceptable in some matters.
There may be a complex technology component to preserving mobile device information. Current iPhones and the manner in which they operate make it difficult or nearly impossible to recover deleted text messages. So let’s assume an individual deletes text messages without malicious intent and let’s further assume that this individual didn’t even know that the messages he deleted had any material he was supposed to retain.
To the point about technology and complexity; if this occurred today and an effort was made to forensically recover the messages from an iPhone 5, it would likely result in no deleted text messages being found. In this hypothetical scenario, the deleted messages would have come to light only if the individual had relayed that information in a timely way to his employer or to counsel.
What would you do if you thought it might lead to time in prison? Or if you thought that you had already given the same information in a different format? Or if you didn’t think of the messages as evidence?
- If you are counsel or in a senior position of responsibility, it is not sufficient simply to issue a litigation hold and hope that everyone understands what it is, to what it applies, how to do it, and hope that somehow it preserves evidence. This is true especially if a custodian of that data may not even understand what constitutes evidence.
- If you are outside counsel or an attorney inside a corporation that has substantial litigation risks, then seriously consider issuing some edicts about limits to using text messages on mobile devices for work-related matters. Is that possible in every business? Probably not, but I bet it is for most. By asking employees to stop this practice you not only save the company time and money when that data needs to be preserved and produced, but you may also be saving someone from going to jail.
- Know what mobile devices are in use inside your organization or at your clients. I mentioned that BlackBerrys may have a default delete function for messages over 30 days. However, iPhones and Android devices do not. Additionally, there are hundreds of apps beyond the standard messaging apps installed by default on these devices. Make sure you are asking about Skype, Instagram, Twitter, WhatsApp and others!
- BYOD and ESI | 5 Things You May be Leaving Out of Your BYOD Policy
- How to Review Text Messages Most Efficiently
- The Fundamentals of Document Management [Infographic]
- Wearable Tech - The Next Source of ESI
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted January 18, 2018
5 Expert Predictions for the eDiscovery Industry in 2018
Posted January 17, 2018
Get Your Passport to GDPR Success - LegalTech New York 2018
Posted January 11, 2018
Is Your Organization Vulnerable to a Cyber Attack? 3 Steps to Put Your Mind at Ease
Posted January 04, 2018
How the EU and China Plan to Deal with Multinational Data
Posted December 28, 2017
How to Navigate International Data Privacy Laws for eDiscovery
Posted December 21, 2017
Cross-Border eDiscovery: An Introduction to Cultural and Legal Obstacles
Posted December 14, 2017
Webinar Q&A Featuring Panelists from Special Counsel and Brainspace
Posted November 30, 2017
Help Your Employees Find the Information They Need with Machine Learning
Posted November 22, 2017
How to Use Managed and Prioritized Workflows to Reduce the Cost of Review [On-Demand Webinar]
Posted November 16, 2017
5 Workflow Tips for Conducting a Foreign Language Review