An Open Door Gives Away The Secret, But Rule 502 Attracts It Back

A new case involving the movie The Secret provides excellent analysis of new Evidence Rule 502 while at the same time taking irony to new heights. Heriot v. Byrne, 2009 WL 742769 (N.D. Ill. March 20, 2009).

I do not normally write a blog in the middle of the week, but the sarcastic potential and ironies in Heriot v. Byrne are just too much to resist – sleep can wait. The Law of Attraction compels this exposé. Consider the facts. This is a law suit about a movie called The Secret, where one of the corporate defendants is named The Secret, LLC. All of the parties in this law suit were somehow involved in the conception and making of The Secret. The movie was a huge New Age success. The exalted spiritual masters who conceived and produced The Secret did so, or so they say, to share the secret of the ages as to how to attract success and happiness in your life.

Well, now the real secret is out, these special masters have indeed attracted what they deserve, they have attracted lawyers and fights over money. The plaintiffs claim to own part of The Secret. The defendants deny that and have filed counter-claims of their own. The plaintiffs’ primary goal seems to be their accounting claims where they are trying to find out how much money The Secret has made, which, so far, the defendants have kept secret.

But wait, there’s still more secrets. The defendants accidentally received some of the plaintiffs secret emails to their attorney. They received these secrets because the plaintiffs’ e-discovery vendor made a mistake. The named of the vendor is Open Door Solutions. You cannot make this stuff up. If this were a movie, you would not believe it, which, by the way, appears to have been the judge’s reaction to the movie, but we will get to that in a minute.

Back to the open-door disclosure of the plaintiffs’ secret attorney communications. When these secrets were accidentally disclosed to defense counsel, they denied that they were secrets at all. Alternatively, they said that even if they were once secrets, they were no longer secrets, because the secrets were revealed. They argued that the disclosure of the secrets by handing them over to opposing counsel waived any attorney client privilege that these secrets might have once enjoyed.

Plaintiffs tried to protect their secrets by relying on new Evidence Rule 502. It protects attorney-client secrets and requires clawback of inadvertently disclosed secrets if certain conditions are met. Defendants denied clawback and the applicability of Rule 502. Defendants claimed that the plaintiffs’ disclosure of secrets was not inadvertent. Even if the disclosure was inadvertent, defendants argued that Rule 502 should still not protect the secrets because it only protects secrets where reasonable steps to prevent disclosure were taken. The claimed that the way-too-open-door handling of plaintiffs’ alleged secrets was negligent and thus not protected by Rule 502. Finally, they argued that even if these secrets were protected by Rule 502, they should still be allowed to tell these secrets, and not give them back, because of the crime-fraud exception to the attorney-client privilege. That is the rule where a client cannot keep secret any communications he may have with his attorneys about a crime or fraud that he may commit in the future. (Confidential communications about past crimes and fraud committed in the past can, however, be kept secret.)

So to summarize, open door mistakes led to a battle between the masters of The Secret over the attorney-client secrets of a man who claimed to own part of The Secret and wanted its secret profits disclosed. The defendants, purported sole owners of The Secret, including  one called The Secret, LLC., wanted to keep their profits secret, but disclose the plaintiffs’ secrets, claiming they were not secrets at all, or if they were, they were bad secrets not entitled to secrecy, or they were waived by a way-too-open door handling of the secrets. (Try saying that real fast.)

Magistrate Judge Martin C. Ashman attracted to himself the task of sorting out this tangled web. As mentioned, Judge Ashman was not too impressed by the movie The Secret, as he begins his opinion by noting:

This case involves a controversy over The Secret, a made-for-television documentary that purports to reveal the “most powerful law in the universe.” The Secret, http://www.thesecret.tv/ (last visited Mar. 17, 2009). As if that declaration was not grandiose enough, the website further claims that, “[b]y applying the knowledge of this law, you can change every aspect of your life.”  

Although Judge Ashman did not think The Secret the parties had created was much of a secret, he did think the plaintiff’s secrets were bona fide and entitled to protection. He upheld the attorney-client privilege by applying Evidence Rule 502. He held that the open-door disclosure was a mistake, and happened in spite of the reasonable steps to prevent disclosure that had been instituted by plaintiff’s attorneys. For that reason, Judge Ashman enforced the clawback provisions of Rule 502 and required that the defendants, including The Secret, LLC., to keep the plaintiffs’ secrets secret.

Factual and Procedural Background

This saga of secrets began innocently enough with the defendants’ request for production, including  “[a]ll documents relating to United States visa applications filed by or on behalf of Heriot.” The plaintiff, Drew Heriot, happens to be a citizen of Australia, as are most of the other parties to this action.

Since all documents these days are created electronically, this triggered e-discovery, which in turn triggered the attorneys for Heriot to seek the help of an e-discovery vendor, the mentioned Open Door Solutions. Open Door provided electronic scanning, optical character recognition, and other discovery related services.  Here is the court’s description of the process which Open Door (here called the “Vendor”) and Heriot’s attorneys set up for this production:

First, the Vendor created a database of the documents provided to it by Plaintiffs (“Master Database”), which Plaintiffs then could review. (Id. at 3-4.) Second, during April and May of 2008, Plaintiffs “had paralegals and other non-lawyers conduct a preliminary review [of] the documents in the Master Database,” assigning documents “general, pretrial discovery codes.” (Id. at 4.) One general code was “immigration,” which Plaintiffs “used to flag documents (primarily e[-]mails) that had anything to do with Mr. Heriot’s immigration to the United States.”(Id.) (Editors note: the misspelling of “immigration” in the Westlaw transcription was corrected as an obvious error.)

Third, Plaintiffs searched for responsive documents in their Master Database. (Id.) Fourth, once identified, these responsive documents would be “coded for subsequent copying and inclusion in the Production Database.” (Id.) Additionally, Plaintiffs would mark responsive documents “as either Confidential or Highly Confidential under the Stipulated Protective Order.”

Id. at *2. 

This is a pretty standard plan of action, except that I do not see privilege review and logging specifically mentioned.  To comply with the discovery request regarding Heriot’s immigration visa, plaintiffs requested and received a paper copy of the visa file from Heriot’s immigration lawyer. Next, plaintiffs gave the Heriot’s visa application to Open Door with instructions to:

(1) scan and add it to the Master Database, (2) copy the scanned versions to the Production Database, … (3) electronically stamp the application as ‘Highly Confidential’ for production[,] … [ (4) ] Bates Stamp all documents in the Production Database, and … [ (5) ] include Mr. Heriot’s visa application and other sensitive material at the front of the production.

Id. 

Now we come to the mistake of Open Door. (By the way, mistakes like this can and do happen to most everyone sooner or later, but seem to happen more often to some than to others.) Frankly, from the court’s limited description of the facts in the opinion, I cannot understand exactly what the vendor did wrong that supposedly blew the privilege review, but I gather it had to do with mixing the sensitive visa related materials in with the general database and not placing them in the front of the production for review as instructed. The vague description makes me more sympathetic towards Open Door and a little suspicious about the attorneys. All we know for sure is that mistakes were made here and secret emails were unintentionally produced.

On August 25, 2008, plaintiffs produced around 1,499 documents comprised of 6,952 pages. This is a pretty small production by today’s standards. Plaintiffs did not withhold any documents for privilege and so did not produce a privilege log. That does seem odd. Two months later, on October 22, 2008, plaintiffs counsel discovered the mistake in production while preparing for a deposition scheduled for October 24, 2008. The next day, October 23rd, they notified defense counsel of the inadvertent production and demanded the return and destruction of certain documents they claimed were privileged. The defense complied, but kept one copy for use to challenge the claimed privilege protection. The defendants then promptly filed a motion to compel production, including the challenged documents, which were filed under seal. The plaintiffs opposed that motion and filed their own unrelated motions to compel.

Legal Analysis on Waiver

Judge Ashman begins the legal analysis with the following overview of the law (citations omitted):

Ordinarily, disclosure of confidential information to an unprotected third party operates as a waiver.  Under FRE 502, however, disclosure of privileged information will not operate as a waiver when “(1) the disclosure is inadvertent; (2) the holder of the privilege or protection took reasonable steps to prevent disclosure; and (3) the holder promptly took reasonable steps to rectify the error, including (if applicable) following Federal Rule of Civil Procedure 26(b)(5)(B).” FED.R.EVID. 502(b)(1)-(3). All three elements described in FRE 502 must be satisfied to prevent a waiver. Id.

Id. at *5. 

The court then considered the issue of whether the new rule superseded prior federal common law concerning waiver of attorney-client privilege. The court basically said it did, unless the prior law (here Judson Atkinson Candies, Inc., v. Latini-Hohberger Dhimantec, 529 F.3d 371, 387-88 (7th Cir.2008)) was not conflicting. Here Judson was not conflicting (it was harmonious) and so the court used Judson to supplement its analysis and articulated the following test (footnote omitted):

This Court therefore adopts the following test. First, a court determines whether the disclosed material is privileged. If it is not, the inquiry ends. If the material is privileged, the court applies FRE 502(b). If the court concludes that disclosing party satisfied all of the elements in FRE 502(b), the privilege is not waived. If, however, the disclosing party fails to satisfy any of the FRE 502 elements, the privilege is waived. In applying FRE 502(b), the court is free to consider any or all of the five Judson factors, provided they are relevant, to evaluate whether each element of FRE 502(b) has been satisfied. This Court applies and explains the details of this test in the following sections.

Id. at *7. Judge Ashman then applied the test where he began by finding that most of the emails in question were privileged. The judge personally reviewed all of the emails and found they contained legal advice to Heriot from his immigration lawyer. A few emails included prior non-privileged communication with a third party. They were to be produced, but with redactions to protect the privileged part of the email chain. A few others had been sent to third parties and, as to them, no privilege was allowed. Id. at *8-*9.

Next the court addressed the Crime-Fraud Exception to the attorney-client privilege. Here is the court’s summary of this law:

Although communications subject to the attorney-client privilege are protected, that protection can be forfeited when, for example, “ ‘the attorney … assist[s] his client to commit a crime or a fraud.’ “ U.S. v. Al-Shahin, 474 F.3d 941, 946 (7th Cir.2007) (quoting Mattenson v. Baxter Healthcare Corp., 438 F.3d 763, 769 (7th Cir.2006)). In other words, “[t]he crime-fraud exception places communications made in furtherance of a crime or fraud outside the attorney-client privilege.” U.S. v. BDO Seidman, LLP, 492 F.3d 806, 818 (7th Cir.2007) (citing U.S. v. Zolin, 491 U.S. 554, 563, 109 S.Ct. 2619, 105 L.Ed.2d 469 (1989)).

Id. at *9. It turns out that the defendant’s arguments here were very weak and there was no basis for a claim of fraud in these emails between Heriot and his immigration attorney. 

Three Part Test of Rule 502(b)

Judge Ashman then moved on to consider whether the three requirements of FRE 502(b) were met wherein disclosure of privileged information will not operate as a waiver when:  

(1) the disclosure is inadvertent;

(2) the holder of the privilege or protection took reasonable steps to prevent disclosure; and

(3) the holder promptly took reasonable steps to rectify the error, including (if applicable) following Federal Rule of Civil Procedure 26(b)(5)(B).”

Rule 502(b)(1)-(3) Fed.R.Evid.

1. Inadvertence

The court put the burden of proof on the party claiming the privilege in accord with established case law. This is the way it should be. Judge Ashman then found that the first requirement had been met, that the disclosure had been inadvertent. This was the right result, but he labored way-too-hard to get there. In my opinion, it is hard to see how a disclosure like this could be anything but “inadvertent,” taking the normal common sense meaning of the word as “unintentional,” or “not attentive.” Defense counsel here argued in accord with case law that “inadvertent” meant something completely different, that inadvertent here means “not negligent.” The defendants main argument on this point was that the disclosure was “not-inadvertent” because, in their words “Plaintiffs’ counsel … [was] asleep at the switch.” Heriot v. Byrne, supra at *11. Judge Ashman went along with that argument, but then went to great lengths to show they were not quite as asleep as alleged and so the disclosure was inadvertent as required under the rule.

I think this misreads the rule by conflating all three criteria into the first one. This incorrectly resurrects somewhat contra case law that Rule 502 supersedes. Obviously plaintiffs’ counsel was “asleep at the switch” when the production was made and that is exactly what inadvertent means, not attentive or unintentional. For part one of Rule 502(b) three-part test, the party should only have to prove that the disclosure was not done on purpose, that it was a mistake.

Here Judge Ashman made a finding that the disclosure was inadvertent because a variety of factors were met indicating the mistake was understandable and prompt corrective action was taken. These facts are relevant to the second and third prongs of the rule, not the first prong of inadvertence. For that reason I think Judge Ashman made a harmless error in stating:

To determine whether a disclosure was inadvertent, “this Court has … look[ed] to factors such as the total number of documents reviewed, the procedures used to review the documents before they were produced, and the actions of producing party after discovering that the documents had been produced.” WunderlichMalech Sys., Inc. v. Eisenmann Corp. (Eisenmann II), No. 05-C-4343, 2007 WL 3086006, at *3 (N.D.Ill. Oct. 18, 2007) (citing Wunderlich-Malech Sys., Inc. v. Eisenmann Corp. (Eisenmann I), No. 05-C-4343, 2006 WL 3370700, at *3 (N.D.Ill. Nov. 17, 2006)). This Court can find no reason to discard these factors, which aptly address the issue of whether a party inadvertently disclosed confidential information.

Id. at *11. The plain language of the rule is good reason enough for me. The court should have disregarded these prior case law factors, at least in so far as the determination of  the “inadvertence” test is concerned. All a party should have to prove to meet the first part of the test is that the disclosure was not intentional. If someone intentionally made the disclosure, and then just changed their mind for some reason, like perhaps new counsel was retained, then you would fail the first test. But if the disclosure was a mistake, an unintentional accident, then according to the normal commonsense meaning of the word, it was inadvertent, and you move on to the next two steps. 

This is, by the way, the only mistake I see in this opinion, which undertakes the difficult task of interpreting and applying a new rule with very little prior case law. This is otherwise a well reasoned opinion demonstrating excellent scholarship. I just hope that the many future cases that are likely to cite this decision do not make the same mistake of conflating the three criteria in Rule 502(b).

2. Reasonable Steps to Prevent

The next thing to be proved under the Rule is that “the holder of the privilege or protection took reasonable steps to prevent disclosure.” Now we get into the facts and circumstances incorrectly considered by Judge Ashby in the determination of the first step. The defendants here argued that it was unreasonable for plaintiffs not to review the ESI after it was readied for production. They made this argument, even though plaintiffs’ counsel they had already reviewed the email and other documents before they were delivered to the vendor, here Open Door, for final processing and production. The defendants’ position would require either a double review, or review only after processing by a vendor. Either alternative is not acceptable in most circumstances, although I for one do not like a vendor to make direct productions, and where possible would prefer to make a final quick overview myself before production, just to be sure obvious errors were not made. Judge Ashby wisely rejected defendants contention and held:

… a pre-copy review procedure is not per se unreasonable. The procedure used here-where Plaintiffs reviewed the documents and then provided them to the Vendor for production-was reasonable; no disclosure would have occurred but for the Vendor’s error. 

Id. at *14. Of course, had plaintiffs counsel made a quick inspection before turning over the CD, this error might well have been caught. But whether mistakes were made is not the issue. Of course mistakes were made, or the unintentional disclosure would not have occurred. The issue is whether there was a reasonable procedure in place. Here the judge said there was and I do not disagree.

3. Reasonable Steps to Rectify

The third and final test under Rule 502(b) is whether the party that made the unintentional disclosure “promptly took reasonable steps to rectify the error.” Here there was a two week gap between the time of the production and the time the disclosure was noticed. Plaintiffs notified defendants the very next day after the mistake was discovered, so the defendant had to argue that the two month delay was not prompt or reasonable. This means they had to argue for the necessity of a post-production review.  I know that some attorneys and judges contend this is the intent of Rule 502: that you have to look again at documents already produced to verify that you caught and logged all privileged documents; that to do otherwise is not reasonable and constitutes a violation of Procedure Rule 26(b)(5), which requires that all withheld privileged documents be logged. This same people are at a loss to explain the Rules Commentary that expressly states:

The rule does not require the producing party to engage in a post-production review to determine whether any protected communication or information has been produced by mistake.

I agree with Judge Ashman who held:

Plaintiffs had no duty to re-review the documents after providing them to the Vendor. Id. That would be duplicative, wasteful, and against the spirit of FRE 502. Additionally, imposing on disclosing parties a duty to re-review would chill the use of e-vendors, which parties commonly employ to comply with onerous electronic discovery. Against this grain the Court cannot cut.

Heriot v. Byrne supra at *13.

I think it is clear that Rule 502 does not require another review after production, just to make double-sure that a mistake was not made and privileged documents inadvertently disclosed. If your preproduction steps to prevent disclosure were reasonable, then you are done and should not have to do anything more to search for privileged documents. Your only remaining duty should be to rectify, if and when you happen to discover a mistake while doing something else, like in this case, reviewing documents to prepare for a deposition, or you are advised of the mistake by opposing counsel. Many times when the later happens, opposing counsel will cooperate and just notify you of the mistake and send it back. This is especially true in circumstances where the vendor or law firm make a big mistake, like mislabeling a CD and turning over information to the wrong party. This kind of thing can easily happen despite all kinds of reasonable precautions and good intentions. When it does, most opposing counsel are very polite about, as they should be, and they tell but don’t look. After all, we all know that “Where discovery is extensive, mistakes are inevitable ….” In re Sulfuric Acid Antitrust Litig., 235 F.R.D. 407, 417 (N.D. Ill. 2006), quoted with approval in Heriot at *11.

Conclusion

This case, much like the movie, shows just how much time and money can be wasted over a few garden variety secrets. The parties would have been much better off practicing what their movie preaches. Of course, if that were true, there would have been no lawsuit and these secrets of 502 would not have been revealed. At least, not in such an ironically attractive manner.

New 4th Circuit Ruling on Illegal e-Discovery Adds Teeth to Federal Anti-Hacker Email Privacy Law

The Fourth Circuit Court of Appeals has strengthened federal anti-hacker email privacy law by allowing a civil suit for punitive damages alone, even when there are no actual damages. Van Alstyne v. Electronic Scriptorium, _F.3d_, 2009 WL 692512 (4th Cir. March 18, 2009). The Court recognized that the intentional taking of email stored online was a violation of the  Stored Communications Act (“SCA”), 18 U.S.C. §2707, allowing a victim to sue for monetary damages to punish the hacker and deter such future conduct.

This is a significant advance in privacy protection law because previously, punitive damage awards under the SCA were not allowed without proof of actual damages. Id. at pg. 16. People Helpers Found., Inc. v. City of Richmond, 12 F.3d 1321, 1326 (4th Cir. 1993). This is in accord with the general rule that punitive damages are never allowed without proof of actual damages unless a statute expressly allows it. Id. The Court found such authority in the civil enforcement section of the SCA, which states:

If the violation is willful or intentional, the court may assess punitive damages.

18 U.S.C. §2707(c). This is the first time the SCA has been so interpreted by a Circuit Court of Appeals and the first time punitive damages, costs, and attorney fees for an SCA violation have been allowed without proof of damages.

It is a Crime to Hack Into an Online Email Account

The unauthorized access of an AOL account in Van Alstyne constituted a violation of the SCA, which is part of the Electronics Communications Privacy Act (“ECPA”), 18 U.S.C. §2510, et seq. As the opinion at page 8 explains:

Section 2701 of the SCA creates a criminal offense for whoever “intentionally accesses without authorization a facility through which an electronic communication service is provided” or “intentionally exceeds an authorization to access that facility,” and by doing so “obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage in such system.” 18 U.S.C.A. §2701(a)(1-2).

As background, Bonnie Van Alstyne was employed as Director of Marketing for Electronic Scriptorium, a small data-conversion company. She claimed she was fired after rejecting sexual advances from the CEO, Edward Leonard. At that point, Leonard did a little self-help e-discovery (we presume without any assistance from his lawyer) and hacked into Van Alstyne’s AOL email account.

This AOL account, like any online email service, is considered ”a facility through which an electronic communication service is provided” covered by the SCA. Leonard had somehow discovered Van Alstyne’s AOL password. We are not told how he did that, but he could have lawfully discovered it by looking on company computers. Regardless, Van Alstyne had never authorized Leonard to access her AOL account. Leonard used her AOL user-name and password to read her email. We do not know all of the nefarious motives behind this invasion of privacy, but certainly one motive was to try and find something that he could use against Van Alstyne to defend the sexual harassment claims. He found a few emails he liked, downloaded them, and provided them to his lawyer. The lawyer in turn surprised Van Alstyne with these emails during her deposition.

The downloading of emails from Van Alstyne’s AOL account without authorization constituted “obtaining … a electronic communication while it is in electronic storage in such system” and thus a clear violation of the SCA was established. The Court held that if the SCA is intentionally violated, then punitive damages, costs, and fees can be awarded, even though no damages were caused by the taking of the electronic communication.

Court Requires Actual Damages to Trigger the Statutory Minimum

The Court did, however, draw the line at the automatic award of the minimum statutory damages of $1,000 per unauthorized access. It held that it is not permitted under the statute without proof of some damages. In so doing, it followed the Supreme Court in Doe v. Chao, 540 U.S. 614, 627 (2004). The Supreme Court in Doe considered nearly identical language in the Privacy Act, 5 U.S.C. §552a (g)(4), and held that the $1,000 minimum statutory damages award was available “only to plaintiffs who suffered some actual damages.”

The Fourth Circuit considered itself to be bound by Doe, but reportedly five district courts in five different circuits did not. They had previously held to the contrary that proof of actual damages was not required to receive the statutory minimum award under the SCA. For this reason, some consider Van Alstyne to be a setback for privacy law, and indeed it is, to a degree. Still, this is a slight setback and pales in comparison to a Circuit Court of Appeal allowing punitive damages under the SCA without proof of actual damages.

Here is the Court’s summary, at page 8, of the civil action of damages allowed under the SCA:

Section 2707 provides a private cause of action for “any . . . other person aggrieved” by a violation of § 2701. 18 U.S.C.A. §2707(a). Under § 2707, a district court may award equitable or declaratory relief, a reasonable attorney’s fee and other costs, and “damages under subsection (c).” 18 U.S.C.A. §2707(b). Subsection (c) provides:

The court may assess as damages in a civil action under this section the sum of the actual damages suffered by the plaintiff and any profits made by the violator as a result of the violation, but in no case shall a person entitled to recover receive less than the sum of $1,000. If the violation is willful or intentional, the court may assess punitive damages. In the case of a successful action to enforce liability under this section, the court may assess the costs of the action, together with reasonable attorney fees determined by the court.

The Court rejected plaintiff’s arguments that the reference to a minimum award meant that you should receive $1,000 for every violation, even if there were no “actual damages.” I found the Court’s argument on that point persuasive and even forgetting Doe, which of course you cannot do, I do not see how five district courts were persuaded to rule to the contrary. If Congress had intended to allow a minimum statutory damage award absent proof of actual damages, it could easily have said so in the statute. For instance, The Wiretap Act, which like the SCA is found within the ECPA, does exactly that:

In any other action under this section, the court may assess as damages whichever is the greater of . . . the sum of the actual damages suffered by the plaintiff and any profits made by the violator . . . or . . . statutory damages of whichever is the greater of $100 a day for each day of violation or $10,000.

18 U.S.C. §2520(c)(2). I would support an amendment to the Stored Communications Act to provide for an automatic award of damages in an amount even greater than $1,000 per violation, but regardless, we now have incentive enough from actual and punitive damages to sue to enforce this important law.

Lesson For Hackers: Computer Privacy Law Now Has More Teeth

Although this case arises out of an employer context, and involves other claims of sexual discrimination and wrongful discharge (thus the search for her email), this is not really an employment case, but rather an individual privacy rights case. This decision strengthens the protection of the Electronics Communications Privacy Act by encouraging civil suits to enforce the SCA email protection segments of this law.

Since it is often difficult or impossible to prove actual damages from an invasion of email privacy, there is little encouragement for victims to sue under the Stored Communications Act if the suit requires proof of damages. Further, as Van Alstyne argues in this case, if you do try to prove damages, such as emotional distress, you often open yourself up to very invasive discovery of all aspects of your personal life. This is something that most people, including Van Alstyne, are unwilling to do. The net result is that the hacker often walks, undeterred from doing it again to the next victim.

If a person is just embarrassed and annoyed by the interception and theft of their email and other electronic messages, and they cannot easily prove actual hard dollar damages, they had no incentive to sue the perpetrator. (They might be able to get an injunction or declaration, but so what.) If you must prove actual damages, then the victim’s only real hope to try to punish and deter a computer hacker is though the criminal system. A victim could file a complaint and hope the prosecutor would bring criminal charges. But as a practical matter, unless money is involved, few prosecutors have the time, money, expertise, or inclination to prosecute such computer privacy cases. The reluctance to prosecute non-monetary hacker cases is especially true in situations such as in this case, where there is ongoing civil litigation between private parties.

Aside from cases where there are actual damages, such as credit card or medical information hacker cases, criminal prosecutions for breach of computer privacy alone are few are far between. The only exception is the high profile case, such as 2008 Republican Vice presidential candidate Sarah Palin, whose Yahoo email account was hacked into during the election. A college student accessed her email account by guessing the answers to her security questions, and then publicly bragged about it. You betcha he was tracked down and indicted under the SCA. But even there, the student has not yet been convicted and there may be problems with the SCA criminal case.

Although many people use online email, it is far from secure. It is all too too easy to discover a person’s online email account password and “hack” into their email or other cloud computing accounts, including social media accounts such as Facebook. The ease of such computer intrusion or hacking is shown by this case and the Sara Palin case. This is especially true if you know the person, or they are a public figure and you can guess their password security questions as the Palin case shows. It is also easy to do if you have access to the person’s work computer and can trace their Internet use history, something most employers today can do.

There are many other instances of email hacking going on today that you never hear about, particularly in divorce or harassment cases. Thanks to Van Alstyne, in the future you will to start to hear about this much more often. The Fourth Circuit has strengthened the rights of computer users to privacy by adding punitive damage teeth to the Stored Communications Act. Since cloud computing has now become so pervasive, this is an important decision for everyone’s privacy rights, including corporations at risk for having their own computers and email systems hacked. Hackers beware! You may not only go to jail, but be sued for punitive damages and fees by everyone you hack.

Apparently this change in the law may also help plaintiffs in class-actions cases that allege SCA violations, such as suits against service providers like AT&T for turning over private email to the government without a valid subpoena. It will make it easier to state a cause of action under the SCA because you will no longer have to plead damages, just an intentional violation. According to class-action attorneys Al Gidari and Ryan Mrazik in their article on the Van Alstyne decision in Digestible Law:

Practically, this case actually makes it easier for plaintiffs to survive motions to dismiss for failure to plead actual damages because they now can assert the conduct was “willful or intentional” and discovery will be required to determine if punitive damages are warranted. And, because whether conduct is willful or intentional is a question of fact, it will be difficult for defendants to win summary judgment after discovery as well. In sum, the Fourth Circuit’s decision may open the door to much more SCA litigation.

Attorneys Gidari and Mrazik recommend that:

Companies should carefully consider when and whether to access, use, or disclose stored communications or customer information and ensure their conduct comports with SCA-authorized activities to avoid the now higher risk of litigation.

That is good advice for companies, spammers,  Gladys Kravitz-types, and hackers alike.

Lessons for e-Discovery Lawyers:
Beware of Illegally Hacked Email

There are important lessons here for e-discovery lawyers too. The unauthorized access of a person’s private email account to discover and retrieve their email is a crime. Just because you know a person’s user name and password, does not give you the right to use it. This kind of self-help e-discovery is not only unethical, it is criminal. You must employ a request for production or subpoena. You cannot hack into their private email accounts or home computers any more than you can break into their house and steal papers.

Of course, this is different from a situation where you look at the contents of the employee’s office, or office computer, or office email account. See IT Workers Read Your Personal Email and U.S. Law is Generally OK with That. An employer can use an employee’s password to access their company computer and company email because they have authority to do that. But I have never seen an employment agreement or policy which provides an employer with authority to access an employee’s private email account, such as AOL, Yahoo, or Gmail, or hack into their home computer systems, regardless of whether they may sometimes use these computers and email services for business.  Also See: Quon v. Arch Wireless 529 F.3d 892, 2008 WL 2440559 (9th Cir., June 18, 2008), which I wrote about in More “Must Read” 2008 Cases. In Quon the Ninth Circuit held that a company’s disclosure of text messages to the employer, who was the “subscriber” and not “an addressee or intended recipient of such communication,” violated the SCA.

Van Alstyne sends a clear signal to the computer-savvy-Bar. You cannot use self-help in the guise of discovery or employee monitoring to hack a person’s private email account. Yes, I know it is ridiculously easy to hack into these online email and social media accounts. It might be a simple way get at the truth, expose liars, and win the case. It could be done surreptitiously and never disclosed. But don’t do it. This kind of self-help e-discovery is a crime. You could go to jail (up to five years), be fined, and lose your license. Also, as this case holds, you could face a civil suit and a jury with the power to punish the “bad lawyer” with damages. The CEO in Van Alstyne got tagged with a $100,000 punitive damage award. How much do you think a jury might award to punish a lawyer hacker or his or her law firm? It is an easy button to be sure, but don’t press it, and don’t allow your staff, hired detectives, or vendors to do it either.

Van Alstyne also sends a clear signal to the computer-challenged-Bar. Consider the facts in Van Alstyne as stated in the opinion. Van Alstyne was shown several emails during her deposition. They were presented to her in paper form and had apparently not been disclosed to her attorney before the deposition. She had written these emails before she was fired and she recognized them. Apparently they were all work related in some way and hurt her case.

Van Alstyne had primarily used her employer’s Outlook email for work, but would sometime also use her personal AOL email account. She suspected that some of the emails shown to her during the deposition were from her AOL account, not her Outlook account. (I do not know why this was just a suspicion, instead of obvious from the email address, but perhaps the emails all just showed the same user name or perhaps that portion of the email was not included on the papers shown to her). Here is the Court’s explanation of what happened after the deposition:

Van Alstyne believed that these exhibits were actually taken from her AOL account and not her company account. With her suspicions aroused, Van Alstyne began pursuing the possibility that Leonard and ESL had broken into that private account. Sure enough, during a June 2006 deposition, Leonard admitted that he accessed Van Alstyne’s AOL account after she left the company. He further testified that the emails produced during the deposition represented the only occasions on which he had accessed her account.

It turns out that Leonard, the alleged sexual harasser, was not entirely truthful during his deposition testimony. He had far more of Van Alstyne’s AOL emails than that. In truth, he had accessed her AOL account many, many times. In later depositions Leonard admitted the truth. Here are the Court words in footnote 2 about Leonard’s false testimony in his first deposition:

These statements were not entirely true. Indeed, Leonard ultimately admitted to accessing Van Alstyne’s AOL account at all hours of the day, from home and internet cafes, and from locales as diverse as London, Paris, and Hong Kong. During discovery, Leonard produced copies of 258 different emails he had taken from Van Alstyne’s AOL account.

A tad obsessive, wouldn’t you say? In any event, after contradictory testimony like that, Leonard’s credibility is shot. It is no surprise that the jury awarded $100,000 in punitive damages alone, just for these unauthorized intrusions into Van Alstyne’s AOL account.

But what about Leonard’s attorney? Did he or she ask Leonard where he got the emails they were going to use for the deposition of Van Alstyne? I would hope so, and hope that the client lied to his attorneys and said they were all from his company’s computers. Still, it would seem that a diligent investigation and supervision of the discovery process would have revealed the true origin of these emails.

The lesson to be learned here by attorneys is to always ask and be sure you understand where and how your client obtained email that they turn over to you. Especially in a heated case like this with allegations of sexual harassment, you need to be sure the emails were obtained legally. This is now a common problem in divorce cases. If your client has hacked into someone’s private email to get the evidence, they may well have committed a crime, as this case shows. They should be counseled accordingly. You cannot simply act like Sergeant Schultz in Hogan’s Heros and say “I know nothing!” The dumb as you want to be defense will not work with savvy opposing counsel or judges. You have a duty to inquire and cannot simply look the other way. If you learn the evidence is tainted, you do not use it and just hope that nobody notices.

I am not suggesting that is what happened here. I do not know; but the facts stated in the opinion raise some disturbing questions. Clearly we should all exercise caution in the discovery of an adversaries’ email and other personal computer information. When it comes to private email we should forget the common proverb; we should carefully look a gift horse in the mouth.

Conclusion

Everyone who uses email in the clouds can now rest a little safer, thanks to this important ruling of the Fourth Circuit. We can only hope that other Circuits will follow Van Alstyne and allow punitive damage, cost, and fee awards for unlawful invasion of email privacy without proof of actual damages. This will encourage active enforcement by private parties in civil lawsuits. If a jury is mad at the hacker, be they a young student, like in Palin, or the CEO of the company, as in Van Alstyne, we could see quite a few six figure punitive damage awards (assuming the judge does not reduce the size of the award as unreasonably high; see Abner v. The Kansas City So RR , 513 F.3d. 154 (5th Cir. 2008)). Nobody likes to have their email privacy invaded and now we have another way to fight back.

Judge Shira Scheindlin and I Speak on e-Discovery and Education

Judge Shira Scheindlin and I did a one-hour audio podcast last week on e-Discovery and Education. The focus of our talk was on the need of students and lawyers to master e-discovery and the resources available to help them to do that, including Judge Scheindlin’s new text books co-written with Professor Daniel Capra and The Sedona Conference, entitled Electronic Discovery and Digital Evidence: Cases and Materials (West 2009), and Supplementary Materials on Electronic Discovery: For Use in Civil Procedure Courses, and my two books, Introduction to e-Discovery (ABA 2009) and e-Discovery: Current Trends and Cases (ABA 2008). Judge Scheindlin also mentioned another book she co-wrote with Professor Capra, which will be released soon by West as part of its Nutshell series. It is designed to simplify e-discovery for general practitioners. 

The presentation Judge Scheindlin and I made was in the form of a spontaneous, unrehearsed interview conducted by a well-known e-discovery entrepreneur, Karl A. Schieneman. The podcast can be downloaded for free from Karl’s new web, ESIbytes.com, or you can read on, as most of this week’s blog consists of my transcript of this podcast.

Judge Shira Scheindlin used her lunch break in the middle of a jury trial to give this interview. I was honored to be asked by her to participate. We discussed our nearly identical views on the urgent need for improved e-discovery education and the crises of competence now faced by the legal profession. If you have any doubt about the crises, you have only to look at the steady stream of new judicial opinions demonstrating attorney negligence and refusal to cooperate on simple technical matters, all to the detriment of clients. The latest poster child case for this sad state of affaris comes out of my home court in Orlando in a well written opinion by Magistrate Judge Karla Spaulding. Bray & Gillespie Mgmt. LLC v. Lexington Ins. Co., 2009 WL 546429 (M.D. Fla. Mar. 4, 2009).

In Bray & Gillespie, one of the largest law firms in the world, and two of its attorneys, are personally sanctioned for a series of blunders and unnecessary fights over metadata. The court found the plaintiff’s lawyers were to blame for stripping metadata from the native files that the client had properly collected. The attorneys refused to produce in native as requested; instead, producing 200,000 unsearchable Tiff files. See Story of the Poor Bunny and my prior article Should You “Go Native”?  These actions forced the court to have two evidentiary hearings concerning what was supposedly agreed to by the attorneys at the 26(f) meet and greet conference. Judge Spaulding also heard testimony from a number of experts to cut through the elaborate smoke screens used to try to justify the excessive gamesmanship here. This 51 page opinion should be studied by everyone looking to see what happens when you play discovery the old fashioned hardball way and flaunt cooperation and technical understanding. Bray & Gillespie shows the crises of competence, even in the best law firms. It should be a wakeup call to upper management in law firms everywhere to get their litigators under control and educated about e-discovery, or face the imposition of monetary sanctions (and embarrassment) against your firm.

Getting back to the podcast, although the Judge and I focused our dialogue on education, the topics discussed went well beyond that, including how Judge Scheindlin first became interested in e-discovery, the conflation of a legal and technical education (it troubles her), the advantages of young lawyers over senior partners, and even the dangers of jurors who use Google and Facebook during trial to investigate the case.

Judge Scheindlin said a lot of interesting things, including a quote that should be read by every litigation attorney in America who still thinks e-discovery is just a passing fad and can be ignored:

We used to say there’s e-discovery as if it was a subset of all discovery.  But now there’s no other discovery.

At the end of the podcast Judge Scheindlin made an important statement on what a party should do when faced with overly-expensive discovery. These quotes will be repeated again in the full transcript below, but her remarks are so important that they bear repetition:

JUDGE: Do you disagree with what I said, Ralph, or do you think it’s right on? [referring to a long statement she just made about what she thinks is the most important topic in e-discovery today, namely search and better use of technology]

RALPH: Uh no, that is very important. And I would just phrase it a little differently insofar as the primary thing I’ve found myself coming back to and explaining to the law students particularly is related to that. And that is the whole notion of proportionality, of scale, and of the importance of understanding Rule 26 (b)(2)(C) in achieving a balance between the value of a case, the importance of the case, and what the cost may be in the different kinds of information available. This is the kind of thing that you address so well in Zubulake and other cases. I mean, this is the fundamental thing that I think many lawyers have lost track of. They’ve gotten so involved in the chase, they aren’t coming back to the fundamental question: should I really be spending a million dollars to track down email when on the best day this case is only worth two million dollars? Is that the right thing, is that fair or does that comply with the requirement of a just and quick adjudication of justice? I’m trying to drill that in everyone’s head, and also the notion that discovery is not a field where there should be unnecessary contests. It should be a cooperative search for the truth and, you know, that kind of goes hand-in-hand. Let’s put the facts on the table and then just argue with what the facts mean. There’s plenty of room for adversarial arguments in the presentations to judge and jury, but not about technical things like metadata, do you need it or not; you know, let’s get real with that.

JUDGE: Well Ralph, I’d like to for just a moment challenge a little piece of what you said. You know, you don’t want to spend, you said, a million dollars on discovery when the case is at best worth two million. But what do you do when you are the defendant and you’re not there voluntarily, and you’re being asked to produce information. Are you saying that rather than spend that money you ought to throw in the towel and just settle the case? Because I’m worried, and many people are worried, about the high cost of e-discovery allowing extortion to occur in a settlement. Because from a defense perspective, you don’t have a choice. You have to spend what it takes to properly respond to the request. You must do it. You can’t just say, “Well it’s too expensive. I can’t do this.” You have to do it. You can try to seek cost shifting, you can try to involve the court in apportioning cost. By the end of the day you either do it or you’re going to pay it in a settlement. And I know there’s been a fear, I hear it all the time in The Bar, that the cost of e-discovery is shifting the ground in terms of the ability to extort settlements. And I’d like to hear what you think of that.

RALPH: Well I’m glad to hear your concern about that. I share that concern, as I am primarily doing defense work. Of course, in e-discovery it’s not so much defense as it is requester or producer, and the producing party if it’s a larger corporation, David and Goliath, can be behind the eight ball. But I do think that a large company is entitled to protection and that there is no need to try and find every piece of relevant email, but you should instead scale your search. We should be thinking in terms, as I know you do, of rolling productions in a series. Let’s start off – let’s see what we can get in an economical manner and produce that first, and then come back with secondary, more focused discovery. Because, you know, I don’t think you should have to spend a million dollars to find electronic evidence if the case is two million. I think that’s where you go immediately for protection and do not allow yourself to be extorted by the cost of a lawsuit.

JUDGE: But that’s the key point. You can’t use self-help. You either go for protection by coming to court or you comply. But you can’t take the middle ground and just ignore it, put your head in the sand, do it half way and then say, “Well the reason I didn’t do better is it was too expensive.” That’s what you can’t do and that’s where I think a lot of lawyers make a mistake

That last statement by Judge Scheindlin is right on. Of course, that means immediately applying to the court for relief, or in the case of requests for production, serving detailed, custom objections (not boilerplate), and placing the burden on the requesting party to seek agreement or relief. Either way, this means more work and burden for the judiciary, but the alternative of self-help, non-communication is way too risky, as this statement by Judge Scheindlin verifies. If you wait, you are likely to lose. The only way out of the proportionality and discovery extortion dilemma is for Golaith to reach an agreement with David, or failing that, the parties asking the court for relief. Otherwise, you may lose your head and fall victim to extortion-high settlements.

Yes, this was a very interesting dialogue as guided by our interviewer, Karl Scheineman. Although Karl is just getting started in this e-discovery interview series, he has already interviewed Judge Facciola, Jonathan Redgrave, James Daley, Ron Hedges, and others. He has many more good interviews scheduled for the near future, including Craig Ball, Richard Braman, and Sherry Harris, and even one with me alone. Karl does this as a public service, meaning for free, much like my blog. His day job is with Jurinnov, where he is the Director of Legal Analytics and Document Review.

So, without further ado, here is the transcript of the audio interview, with just a bit of cleanup up to make it easier to read. Also, I have omitted the initial introductions by Karl of the Judge and me, since I do not think that is necessary here. 

KARL: First of all, Judge Scheindlin, why did you become interested in electronic discovery?

JUDGE: Well it started out with my tenure as a member of the Advisory Committee on Civil Rules. At that time we were taking up some rule changes that had nothing to do with e-discovery, and I remember receiving a comment from a lawyer that said, “it’s nice that you’re doing what you’re doing but the real issue that the rules Committee had better turn to soon is electronic discovery,” and it was like a head’s up. Nobody had ever heard about this. It was quite a while back, I would say 1999, a number of years back, 10-years now – a decade. This lawyer was prescient. And I said, “Well, I’m going to jump on his suggestion. I’m gonna just throw myself into it.” So I wrote an article way back then, probably 2000, about whether Rule 34 as it was then written was sufficient. And I found that it wasn’t, and one thing then lead to another and the Rules Committee, as you know, then spent six years debating and drafting and eventually adopting a new set of Rules. So that’s the history for me.

KARL: Ralph, same question.

RALPH: Well I started back with computers going back to law school days in the late ‘70s, but insofar as a separate discipline, it wasn’t until Judge Scheindlin wrote Zubulake that I realized this needed to now be a specialty.  So I have a debt to you, Judge.

JUDGE: Thank you.

KARL: And I do, too.  I came up with that bottle of wine label based on the Zubulake opinion which I have sitting on my desk behind me.  Thank you for autographing it, Judge Scheindlin.

JUDGE: Right.

KARL: Okay.  Well now it’s been two years since the Federal Rules were adopted, four years since your landmark decision in Zubulake, for both of you, do you think we’re making progress in electronic discovery?

JUDGE: Well I do. First of all, it has been two years since the new Federal Rules regarding e-discovery went into effect, but they’ve been in the public eye for more than two years because they were in draft and there was public comment, and everybody knew they were coming. So in a way they’ve been out there four years. And then the earliest Zubulake decision was 2003, so that’s been six years. So I would say, you know, we are in that range of four to six years, and now everybody knows about e-discovery. There’s nowhere in the Country that you can go where attorneys and judges aren’t aware at least of the problem and of methods for addressing the problem. So it’s in everybody’s consciousness, and to that extent, we are making progress. Discovery lawyers do routinely discuss this now in their meet and confers, they do try to work out solutions. The court doesn’t always see the problems because I think counsel are handling it. But it is a new world; most records are created electronically not on paper, and everybody’s dealing with it. Whether everybody’s up to speed enough is a different issue, particularly with respect to effective search techniques and cost issues. Maybe not everybody’s up to the same level of speed, but everybody’s aware of the problem. That’s a good thing. I might even add that our government is aware of it and you hear more and more now about the new administration having questions about electronic records, and the medical field and other fields. I would say we’ve made tremendous progress in the e-discovery area.

KARL: That’s great.  Well jumping in to the …

JUDGE: Did Ralph want to answer that?

KARL: Ralph do you have anything to add to that?

RALPH: I agree totally with Judge Scheindlin on that.  Consciousness raising-wise, we’ve done it, I think.  But as to teaching skills, we still have a long way to go.  I agree with her on that.  I think that’s one reason the Judge and I both spend so much time writing, to try to facilitate some more in-depth study.

KARL: I know you have a new blog out constantly on this, so I know it’s something you have a deep passion for.  Now Judge Scheindlin, let’s talk a little bit about the book you’ve recently written, the curriculum for law students called Electronic Discovery and Digital Evidence which you wrote with Professor Dan Capra from Fordham Law School and with help from the Sedona Conference.  There’s a real creative blog post on the Internet called “Teach Your Children Well, a Case for Teaching E-discovery in Law Schools,” written by Shannon Capone Kirk and Kristin Alley.  Why do you see the need, Judge Scheindlin, for law students to learn about electronic discovery?

JUDGE: Well, you know, there’s an old saying “softball up the middle,” that’s pressure was really softball up the middle.  We just said that the practice of law today involves nothing but electronic records.  We used to say there’s e-discovery as if it was a subset of all discovery.  But now there’s no other discovery.  As the world shifts to electronic records there are no paper records, and by the time today’s graduates become lawyers they will see hard copy as a thing of the past.  Boxes, warehouses, sorting through paper – I really don’t think that’s going to be the way they’re going to practice.  It’s all electronic.  So if they don’t learn the techniques for working with electronics records efficiently, for thinking in advance about such things as form of production, search terms, search techniques, if they’re not up to speed they’re going to just fall out.  I mean, they’re not going to cut it in the new world.  Those of us who are a little older, shall I say modestly or immodestly, but it’s too late for us.  We can’t really change completely.  But for these young people coming out the world will change with them.  So it must be taught in law schools.  I think it would almost be malpractice for a law school to graduate a young lawyer these days and not have exposed them to the very important and fascinating issues of e-discovery.  Ralph, do you agree with that?

RALPH: Totally. I was just going to be teaching law school again tomorrow at the University of Florida. I go up there once a week. And there’s real enthusiasm there, the students. Not only that, they get it so much better than the CLEs that I do.

JUDGE: Right.

RALPH: Plus they have the time to really study it and get it. I mean, it takes just for one semester – and we do a two-credit course which is typical of the law schools that offer it – you’re talking about 150 hours of dedicated study including the two hours a week classroom and three to four hours a week of reading assignments, and then preparing for the final exam.  This is what it takes.  It is a complicated subject and it’s frankly embarrassing that there are so few law schools that are now teaching it, but I think that will change soon particularly with Judge Scheindlin’s excellent course book and the books I’ve written. There’s now no excuse for law schools not to add it.

JUDGE: Well thank you.  That’s one of the reasons I’ve decided, along with Professor Capra, to undertake a casebook because we felt that professors find it harder to teach a course when it’s brand new and there’s no casebook.  Once you give them a casebook on a platter, it isn’t that hard, and we thought this would add the possibility of a course in electronic discovery to more law schools. We did a survey before we wrote the book, and believe it or not, it is offered in I think more schools than you think.  We found about 40 courses all by adjuncts.  But I think it’s going to catch on and I’m glad that Ralph agrees with that.

KARL: And you know I would say, anecdote only, there’s a lot of interest in this area since we basically shut down the circuit for the show on the initial attempt at the podcast and I sent this out to almost every law school in the Country this morning.  Well given the importance of this, do you think the course should be a core course in law school just like torts, contracts, property and other courses that we’ve all taken?

JUDGE: Well no, actually, I don’t because there’ll be some areas of practice where a litigation skills course is not necessary; however, that said, if you’ll forgive me again for just a small plug, just today West has published a supplement that I’ve written along with Professor Capra called Supplementary Materials on Electronic Discovery: For Use in Civil Procedure Courses.  What it is, is kind of a reduced version of the casebook.  So in every civil procedure course, if the professor – usually a full-time professor – wants to add a segment about electronic discovery, maybe a two or three week segment, they could have the students purchase the supplement as opposed to the casebook.  And at least they could make sure that everybody gets a small exposure to e-discovery in the first year.  So that I would advocate.  I am sorry if these law schools are not on the phone but maybe they can catch the podcast another time, but I think civil procedure professors really should consider at least a segment of their one-year course being devoted to this.  As far as a stand-alone course in the core curriculum, I don’t think that would be right because the lawyers who are going into other fields – corporate law, secured transactions or whatever – it’s not as important to focus on e-discovery as it is for litigators.  So I look at it as a skills course much like trial practice, appellate advocacy, that type of course.

KARL: And I’m sure my old friend, Jim Michalowicz, would say, “Why not a course in electronic records management while we’re at it.”

JUDGE: Right.

KARL: The next text book.  Hey Ralph, you didn’t have the benefit of the course materials from this book when you started teaching.  How did you compile your course materials?

RALPH: The prior adjunct Professor, Bill Hamilton, started using my first book that came out last year; we’re now teaching e-discovery at U.F. for the third semester in a row.  Students seem to like that book.  We welcome the addition of the more academically oriented one that Professor Capra and Judge Scheindlin have created.  But we also supplement the texts, as most of the adjuncts I’ve talked to do, by bringing in other practitioners as guest lecturers.  For instance, we had Jason Baron at the University of Florida a couple of weeks ago speaking about search and TREC, the scientific research that’s going on now about search. I think such guest lectures are also a good way to supplement textbooks.  But I’ll tell you, there’s now a big hunger by law students for e-discovery – that might be one reason we flooded the switchboards – when we put our course up, it was offered this January for the semester, it sold out.  We decided to cap it at 40 students.  It was completely filled in a half hour of online registration.  And the reason is, the students get it. They want and need this new knowledge to gain an advantage in getting a job and to get ahead in their law firms. That is why it is such a shame that most law schools are not offering it.  They’re really disadvantaging their students by not providing them with the opportunity to learn e-discovery and apply the computer skills they already know to help themselves and the profession at the same time.

KARL: Judge Scheindlin, given that comment and understanding the book just recently came out, and law schools tend to go on a regimented, you know, it’s time to do our course the year beforehand getting it slotted, are you getting any feedback on how your book is being received from law schools?

JUDGE: You mean now the casebook, not the …

KARL: The casebook, yes.

JUDGE: Not the Supplement which is just coming out.  Well you know, the casebook wasn’t published till December so we just got it out barely a few weeks before the spring semester, so we didn’t have too much hope that it would be picked up for courses in the spring semester. But I am hoping as people hear about the existence of the casebook, and that’s really not for me to publicize, but if West Publishing is talking – I guess called Thompson Reuters now but , that’s their publisher – if they’re meeting with law schools, their representatives are meeting with law schools, word-of-mouth is good, but hopefully as the schools become aware of it, it will be used.  I can’t say that, I mean, I hope it is.

KARL: I just did a podcast about a week and a half ago with Judge Facciola, and he’s deeply concerned that lawyers need to learn something about electronic discovery if they’re litigators, or else they’re really risking malpractice.  In fact, he gave a couple of examples of what he thought were pretty darn close to malpractice committed in his courtroom.  Do you see that same type of need from your perspective on the bench?

JUDGE: Well yes, I mean, that’s why CLEs have been so popular in the electronic discovery area, and I will say there are many publications.  Obviously Ralph Losey is a real leader in this field having published and published, but there are plenty of books out there.  Just, of course, to add to the library shelf, I am coming out with a third book with Professor Capra and that will be a Nutshell.  I don’t know if you’ve seen the West Nutshell series over the years, but it’s a narrative.  It’s not like a casebook, doesn’t have the case in it, it’s a narrative.  Again, it’s based on the casebook, so it’s a third publication.  We have the Casebook, the Supplement For Civil Procedure and the Nutshell should be out in about two months.  And I’m hoping the Nutshell would be attractive not only to law schools but to members of The Bar because it’s easy reading, I mean, you can just read the whole Nutshell in any area.  It’s not very hard.  But I’m not saying that’s something new, there are many good books out there that lawyers can and should be buying. So I agree with Judge Facciola completely.  Lawyers have to get up to speed and I think they’re trying.  I do think they’re trying.  That’s why as I said, CLEs have been popular.

KARL: Ralph, you can take a shot at this first.  I’d like to get both your opinions.  I mentioned earlier a blog post in Ralph’s blog by  Shannon Capone Kirk that I found interesting with a quote that said:

“[T]he dizzying “hell” (as Nash would say) lawyers endure now in navigating the uncharted seas of E-Discovery – the sanctions, the technology, the new technology, the newer technology, the vendors, the review platforms, the advanced review platforms, the review platforms 2.0, 3.0, 4.0, 5.0, etc., the hold orders, the 30(b)(6) depositions, the conflicting law, metadata, e-gads metadata’s ugly step-sister, embedded data, the new and then new again local rules, and the sanctions again? Oh, our “hell did slowly go by” – but it doesn’t have to be that way ad infinitum. 

Do you have a reaction to that and how can law school’s courses help us?

RALPH: Well, I agree with what Judge Scheindlin said earlier and that is, we’re kind of hopelessly, as Ken Withers likes to say, protodigital, Judge Scheindlin and I, because we grew up with paper. But now those days are over. It’s now all digital. So it’s a little difficult for us senior litigators. As Jason Baron likes to say, anybody that’s actually seen the Apollo moon landing is probably too old to get it. So that’s why a lot of us put our heart in the law schools. But we can’t really wait that long, so CLEs are also important, but even more important, is the advent of specialization and internal law firm training. I know that Shannon Kirk, who wrote the blog you mentioned, “Teach Your Children Well,” is deeply involved in that, as am I at Akerman. We are setting up specialty areas within our law firms where there are attorneys that do e-discovery and only do e-discovery, such as myself. That’s all I do.  And it is a complicated field.  Zubulake is just the beginning of a long journey of study and understanding. Just like we have antitrust specialists, we’re going to have e-discovery specialists. That’s just the way that it has to be going forward in order to deal with the just incredible complexities of the IT systems. The architecture of all of this, as Judge Scheindlin mentions in Zubulake, is constantly evolving and it becomes really a full-time job to keep up with this.

JUDGE: Well I’ll just throw in a couple words here. I’m a little bit concerned about the risk of conflating a law education, a legal education with a technical education. I don’t think that we can turn all lawyers into computer specialists, and there are some lawyers who have a love of computers and they really do both fields – and probably Ralph Losey is one of them and there are a couple others who come to mind – but many lawyers are really lay people. They don’t have an engineering background, a science background, a math background, and they’re never going to implement technology. But what I think is important is that they at least identify when they need help, the questions they should ask, the places they should go. We just want them to be educated, conversant with the field, even though we may not expect all lawyers to become technical specialists.

KARL: Those are good points. Now in the world of a young lawyer, a law student breaking in, you know, is this something that we’re going to have to wait to germinate? Because I remember being a first year associate and it was hard to set strategy when you were just trying to find a work assignment in a firm?

JUDGE: I’m sorry, I don’t understand that question.

KARL: Well is it, you know, do you expect it to take a while for the law students to actually be able to make contributions within law firms?

JUDGE: I don’t expect a law student, you mean a young lawyer?

KARL: A young lawyer who’s gone through these courses?

JUDGE: Well that’s interesting.  The young lawyers, as Ralph said earlier in this podcast, are going to be ahead of the more senior partners because they’re just going to be more conversant with computers and computer technology.  So I think we’ve seen already in law firms that the more senior people turn to the more junior people for their sort of youthful knowledge and energy to take a leadership role in e-discovery projects.  I think a young lawyer has a lot to contribute when usually he or she would not.

KARL: Yeah, that’s a good point.  Anytime you have a differentiating skill in a firm it’s not a bad thing, too.

JUDGE: Right.

KARL: Well 40 schools, I guess, was the number that was thrown out – I haven’t Shepardized or checked that – are offering electronic discovery, and I know that there’s about, I think, 180 or 190 accredited law schools that are out there.  Do you think the law schools have moved quickly enough into this area to add courses on electronic discovery?  Ralph we’ll start with you but I’d like both your opinions.

RALPH: In the past, no, but I think that’s rapidly changing. I think that may be a positive benefit of the economic crisis, if you can try and find one, that we’re starting to be more practical.  Many schools – and I’m talking the top tier schools – have had an attitude of “discovery is beneath us.”  It’s not the kind of thing professors write about, there are not many circuit appellate positions on it.  But I think the academic community needs to get real and face the fact that this is a serious problem that The Bar is facing. We need the help of the academic community, and we need to have professors start teaching this, not just adjuncts.  And I’m hopeful but, to be honest with you, the top tier schools have – you know, we have Georgetown is a great exception to that, they’re leading the way, but most of them are pretty reluctant.

KARL: Okay.  I’d like to ask a couple of questions on what a class on electronic discovery is like.  Ralph, do you apply the Socratic method in this type of class?  Is it anything like how Judge Scheindlin made her quest on the defendant in the Zubulake case, resulting in sanctions?  To the best of your imagination.  I know you weren’t there.

RALPH: Well, I’m teaching sanctions tomorrow in the class and we’re going to be talking about Zubulake. It’s great, I mean, it’s much more fun, and Judge, if you have an opportunity, I urge you to try it out. Compared to teaching CLEs, where they may or may not be paying attention, and they may be doing their Blackberries while you talk, the classes are much more focused and you have the opportunity to ask questions. So I do follow the Socratic method. I ask questions and the beautiful thing is they are starting to ask questions back. Last week before Spring break we were doing metadata and, you know, I had to say, “Okay, we’re going to have to move on now,” there were so many questions. I mean, it is something that I think the students understand that finally they’ve got an edge from what they’ve learned. They know they know more than their parents, and they know they know more than the law firms they’re going to be working with, and I think they get it and they see this opportunity. So there’s a real excitement there in teaching in law schools and the kids are very bright.  A lot of them have some terrific backgrounds.  So I do have a lot of hope for the future coming out of that.

KARL: Well that’s fantastic.  Judge Scheindlin, do you think a class on electronic discovery, which it sounds technical in nature and therefore scary to most law students, might have the risk of only getting geek lawyers to sign up?

JUDGE: Actually no, I don’t have that concern at all because what we’ve said throughout this call, that people in their twenties don’t have the same kind of phobia as we might have had 30 years ago about the word “computer” or the word “technology” or the word “tapes.” I mean, these words are not scary to these people in their twenties. So I don’t think that you’re only going to get geek lawyers.  All the kids in law school have grown up with all of this. It’s very familiar to them. They like it. I know that from my law clerks. There’s not a law clerk I get now who can’t do all kinds of amazing things with computers. So I think they will embrace it. They will not be afraid of it.

KARL: That’s true.  They’ll probably be, I mean, I know my kids are on Facebooks and all that, and …

JUDGE: Exactly. Exactly.

KARL: Its their world.

JUDGE: Well we have a problem with that.  I don’t know if you saw the article in today’s New York Times, that jurors who have long been instructed not to do any research outside the courtroom are now ignoring that instruction, going on Google, going on Facebook, and we just had three trial verdicts rescinded, according to the New York Times, in major cases because jurors confessed to doing all this research online. It’s so easy and they’re so used to it. 

KARL: I don’t know what you can do about that.

JUDGE: We have a problem with technology now. It’s too easy. It’s too available. They leave the courtroom and they do their own work, it’s terrible. I mean, we just have to be firmer in our instructions but we’ll never catch them if they don’t tell us.

KARL: We’ll have to sanction the jurors.

JUDGE: Well it’s a real, real issue for the court because, particularly the high profile case, if somebody goes home and Googles it, they’re going to hear a lot of things or read a lot of things that we kept out of the trial for evidentiary purposes. Based on the Rules of Evidence. So it’s a real problem. It’s an interesting article in today’s Times.

KARL: Well I have to definitely look it up. You know, the same sort of question, Ralph, for you for practitioners today. Do you think we’re still finding intimidation within, you know, other lawyers that are practicing about electronic discovery?

RALPH: Yes, definitely.  That’s the generational divide and that’s, I think, one of the things that’s very important going on now is that the e-discovery world is embracing a new attitude about e-discovery. The main example is the cooperation proclamation, which Sedona is spear-heading, and I know Judge Scheindlin has signed on to that.  And I think a lot of the reason that so many of my peers, senior litigators, are still doing the old way of fighting through discovery is because they are not comfortable with the discovery because they don’t understand the technology.  And when you don’t really know what’s going on, the tendency especially seems to be to fall back on old ways of fighting over things. And so this is part of the problem and, as the attorneys do get more comfortable, they delegate it out, I think you’re going to start to see more cooperation; plus the fact we simply cannot afford to keep playing games with discovery. It’s too expensive. So I think there is an intimidation factor but people have just got to move beyond it. The clients demand it. They’re not going to keep paying through the nose for the kind of outrageous expenses involved in fighting over things that should simply be stipulated to.

KARL: You know a question just struck me from your answer. I was thinking of a lawyer I was talking to at a fairly sophisticated firm of about 25 lawyers, very strong commercial litigators, and they’re on a case where they subpoenaed a third party for email, and they found a disinterested third party and they got zero email back. And they’re not sure what they’re even going to do. They know – because they don’t know what it will cost and, you know, is it worth to fight but – I mean that’s the sort of thing that I think is still out there even within sophisticated law firms. Now how do you handle that and as a judge, what would be your advice, Judge Scheindlin?

JUDGE: I’m sorry, my advice on?

KARL: If a lawyer is in a case and they subpoenaed a third party for its email?

JUDGE: And got nothing?

KARL: And they got nothing. Not a single email back.

JUDGE: That’s logically impossible. I would bring it to the court. I mean, lawyers seem reluctant sometimes to ask the court for help, but that’s a case where they definitely should. They can do it in a letter, and say look, I don’t want to take the court’s time, I don’t want to make a motion to compel, but it’s inherently impossible if there is zero email. Something’s wrong here. And then the parties come into court and the judge works with the parties and the judge has knowledge and suddenly the situation changes and hundreds are produced. I mean, we are all familiar with last year’s Qualcomm v. Broadcom case where there were no emails, no emails, and suddenly there were half a million pages. But it took terrible persistence on the part of the adversary and then eventually the court to force the party to cough them up. And the first response was there are none. There are none. Well then suddenly there’s tons. And we’ve had that experience in case after case.

KARL: Well that pulls us in a different direction there.  So getting back onto the topic, the biggest lesson Judge Scheindlin and also to you Ralph is, what do you think is the biggest lesson we can teach our law students in newbie electronic discovery lawyers?

JUDGE: The biggest lesson.  You mean within the substantive area of e-discovery?

KARL: Yes.

JUDGE: Ah, substantive area. Well, I’ve been following the cases in recent years and I think the biggest topic that’s evolving is to think hard about the effectiveness of the search protocol that you develop because there seem to be too many failed protocols. People think they’ve searched and they haven’t looked in the right places, haven’t communicated with the right people, they haven’t used best technology to go through materials they do have. I had a case recently with many, many millions of documents and the privilege review was so poorly done that it simply failed to identify the privileged documents. And then when the attorney realized it, he asked for a second chance and that pretty well failed too, and a third chance. And the point is that people just aren’t getting this right and I think Magistrate Judge Grimm wrote a very fine opinion in Victor Stanley v. Creative Pipe where he explained the same problem, that nobody even quality-tested the protocol that the client and/or vendor were using to see if it was working. So if I were to pick on one issue I would have to say you have to test to see if what you’ve developed is a good way to search materials and produce relevant non-privileged information.

KARL: That’s heartening to hear because that’s I focus on. But anyway … thank you.

JUDGE: Do you disagree with what I said, Ralph, or do you think it’s right on?

RALPH: Uh no, that is very important. And I would just phrase it a little differently insofar as the primary thing I’ve found myself coming back to and explaining to the law students particularly is related to that. And that is the whole notion of proportionality, of scale, and of the importance of understanding Rule 26 (b)(2)(C) in achieving a balance between the value of a case, the importance of the case, and what the cost may be in the different kinds of information available. This is the kind of thing that you address so well in Zubulake and other cases. I mean, this is the fundamental thing that I think many lawyers have lost track of. They’ve gotten so involved in the chase, they aren’t coming back to the fundamental question: should I really be spending a million dollars to track down email when on the best day this case is only worth two million dollars? Is that the right thing, is that fair or does that comply with the requirement of a just and quick adjudication of justice?  I’m trying to drill that in everyone’s head, and also the notion that discovery is not a field where there should be unnecessary contests. It should be a cooperative search for the truth and, you know, that kind of goes hand-in-hand. Let’s put the facts on the table and then just argue with what the facts mean. There’s plenty of room for adversarial arguments in the presentations to judge and jury, but not about technical things like metadata, do you need it or not; you know, let’s get real with that.

JUDGE: Well Ralph, I’d like to for just a moment challenge a little piece of what you said. You know, you don’t want to spend, you said, a million dollars on discovery when the case is at best worth two million. But what do you do when you are the defendant and you’re not there voluntarily, and you’re being asked to produce information. Are you saying that rather than spend that money you ought to throw in the towel and just settle the case? Because I’m worried, and many people are worried, about the high cost of e-discovery allowing extortion to occur in a settlement. Because from a defense perspective, you don’t have a choice. You have to spend what it takes to properly respond to the request. You must do it. You can’t just say, “Well it’s too expensive.  I can’t do this.” You have to do it. You can try to seek cost shifting, you can try to involve the court in apportioning cost. By the end of the day you either do it or you’re going to pay it in a settlement. And I know there’s been a fear, I hear it all the time in The Bar, that the cost of e-discovery is shifting the ground in terms of the ability to extort settlements. And I’d like to hear what you think of that.

RALPH: Well I’m glad to hear your concern about that. I share that concern, as I am primarily doing defense work. Of course, in e-discovery it’s not so much defense as it is requester or producer, and the producing party if it’s a larger corporation, David and Goliath, can be behind the eight ball. But I do think that a large company is entitled to protection and that there is no need to try and find every piece of relevant email, but you should instead scale your search. We should be thinking in terms, as I know you do, of rolling productions in a series. Let’s start off – let’s see what we can get in an economical manner and produce that first, and then come back with secondary, more focused discovery. Because, you know, I don’t think you should have to spend a million dollars to find electronic evidence if the case is two million. I think that’s where you go immediately for protection and do not allow yourself to be extorted by the cost of a lawsuit.

JUDGE: But that’s the key point.  You can’t use self-help.  You either go for protection by coming to court or you comply. But you can’t take the middle ground and just ignore it, put your head in the sand, do it half way and then say, “Well the reason I didn’t do better is it was too expensive.”  That’s what you can’t do and that’s where I think a lot of lawyers make a mistake.

KARL: You know these are both great topics and I’m going to do shows on both of those topics because they’re great. I was digging for more future shows and so consider those preview answers. I want to wrap up here with just a couple of quick questions on the book. The textbook, by the way, I skimmed through the content and it looks like it’s about 650 pages long, it’s extremely comprehensive, lots of cases, hundreds of issues. Do you think there’s a larger market for this book for lawyers or young lawyers to get this book, or is it really for law students?

JUDGE: Well it was certainly created for law students but it wouldn’t be the first casebook where a practitioner says, “Given what’s available on the market, I think I’d like to own this book.” So I have had a number of practitioners who told me they bought it. It’s funny, I get an email saying I bought your casebook. I mean, I didn’t ask them to. I don’t know why they did. But I guess there’s not so much on the market and they thought it might be a useful way to learn. So, while I didn’t envision it for the lawyer market which is one reason we’re coming out with the Nutshell, it certainly can’t hurt. And I expect it is going to be on a number of lawyers’ book shelves.

KARL: My last quick question is, given the collaborative nature of law, I know in the voluminous content of the book, there has to have been people that helped you write it and if you wanted to thank anyone?

JUDGE: Oh we did, it’s all in the Preface. I don’t want to single one person out and forget to name another. But a co-author of the book is the Sedona Conference. So the Sedona Conference used volunteers who are members of the Conference to help with some of the sections. And as I said, I know if I start to name one name I’ll for get another, but it’s all in the Preface. They’re all thanked individually. We were very grateful to the members of the Sedona Conference who contributed to the book in addition to the work that Professor Capra and I did. So, obviously, Ken Withers, Educational Director, was the coordinator of the volunteers. So Ken’s name I certainly can mention separately. But other than that, just in general, we want to thank the Sedona Conference and its volunteers.

KARL: Great. And we’re going to have Richard Braman on a show in a couple weeks talking about the collaboration initiative and trying to get better cooperation out there. But I want to thank both of you for living with the technical glitches. We are in an electronic world and I’m glad that we’re able to come up with a back-up plan. I hope we will do future shows on other topics. I know, Ralph, we’re talking about one. And thank you again for your participation.

JUDGE: Okay. Thank you. Bye.

KARL: Okay. Take care.

RALPH: Thank you. Good bye.