The attorney-client privilege is an important part of any court case but as email has grown in importance, so has the probability that the attorney-client privilege can be compromised. Therefore it behooves companies to understand what role their corporate networks play in preserving and/or undermining this privilege. It also important to understand how best to protect the company when faced with an eDiscovery involving employees and any email correspondence that occurs between them and their attorney while at work.

This is highlighted by two recent court cases that lay out several key rulings regarding privilege and corporate email systems. There are specific differences in these two cases but both share one aspect in common: employee use of a company computer while at work.

First, a case that was closely watched in the past is Stengart v. Loving Care Agency. In this case the New Jersey Superior Court ruled that because an employee used her company computer to access her web-based Yahoo email account, she waived her right to attorney-client privilege. In this particular case, the employee emailed her attorney during business hours about bringing hostile work environment claims against the employer but did so while still at work and in the employ of the company.

The court ruled that the employee waived privilege by using the company's laptop on company time and referenced the company's handbook that prohibited the use of the company's email system for "solicitation or outside business ventures." This ruling showed when a company has an email policy in place they could claim that the employee did not have attorney-client privilege since the employee was using the corporate network to send and receive emails.

However it does not end there. On appeal the appellate court reversed this decision and ruled that in fact the emails were privileged, and ordered all emails deleted. The court also ordered a hearing for appropriate sanctions and was specific in citing that "an employer's rules and policies must be reasonable to be enforced" and must "concern the terms of employment."

The court continued by explaining that although the employer's policy provided that email was part of the employer's business records and was "not to be considered private or personal to any individual employee," employees were permitted under the policy to make "occasional personal use" of the employer computers. This provided a reasonable expectation of privacy regarding the occasional personal use, especially regarding communications between an attorney and their client.

Alamar Ranch LLC, v. City of Boise. In this case the employee is again using a work computer for communication with his/her attorney but in this circumstance the employee used the employee's work email address. To establish attorney-client privilege and if it was waived in this case, the court turned to a four factor test:

1. Is there a company policy banning personal use of email?
2. Does the company monitor the use of its email?
3. Does the company have access to all emails?
4. Did the company notify the employee about these policies?

In this case the company's policies and procedures stated, "All emails become company property, they will be monitored, stored, accessed and disclosed by the employer, and should not be assumed to be confidential."

Therefore the court ruled that the emails were not confidential and stated it was "...unreasonable for any employee in this technological age--and particularly an employee receiving the notice Kirkpatrick received--to believe that her emails, sent directly from her company's email address over its computers, would not be stored by the company and made available for retrieval."

There are two distinct differences between these two cases and why the courts found as they did. First, in the case of Stengart, the company's computers and network were used but not its email system. As highlighted by point #3 in the four factor test, the company's email domain was not the primary email system used. Instead it was the client's 3^rd party Yahoo webmail address that was accessed and used to communicate with her attorney.

Also in the Stengart case, the company allowed periodic personal use of the corporate network which invalidated its claim that it banned the personal use of email since email could be accessed via the web. These are important distinctions and one that companies must understand.

The four factor test to establish attorney-client privilege coupled with the Alamar Ranch and Stengart rulings provides some valuable insight into how companies can respect client-attorney privileges while still protecting themselves. Email archiving and management technologies such as Estorian's LookingGlass allows companies to meet both the letter and spirit of the law of attorney-client privilege such as it applies to e-mail.

It is not entirely surprising that governmental agencies have a history of writing rules that apply only to the private sector while conveniently exempting themselves from these rules. Government agencies have historically had an entitlement mentality as it pertains to compliance by writing rules that everybody else has to follow while they grant themselves a "Get out of Jail Free" card. But as it pertains to eDiscovery this is no longer the case.

Government's responsibility to comply with eDiscovery requests started in earnest when it was ruled that the SEC would have to comply with FRCP like any other litigant. DCIG blogged about this ruling earlier this year and highlighted the fact that this would change the way federal, state and local government viewed eDiscovery.

Since this ruling was handed down, I have continued to look for examples that show that government agencies are increasingly held to the same standards as private businesses when it comes to matters pertaining to the FRCP. Now a steady stream of cases involving state and local government agencies has been in the headlines in regards to complying with eDiscovery rulings.

The first was Mirbeau Geneva Lake v. City of Lake Geneva. In this case the defendant sought production of all "computers and electronic storage devices" for forensic examination. The Judge ruled the parties should have open and candid discussions regarding completion of discovery of electronically stored information (ESI). The Judge also stated that if destruction of relevant evidence occurred the court is willing to impose sanctions including terminating sanctions.

Next is Peschel v. City of Missoula. This case arose from a claim that the defendant was wrongly arrested and that the arresting officers used excessive force. Sanctions were sought due to the city's failure to preserve the video of the arrest that was recorded by a camera located in the officer's car. The Judge found the lost video was the result of recklessness and granted sanctions, and ruled that for the purposes of the case, it could be assumed the arresting officers used unreasonable force to affect the arrest.

Another case is Lake v. Phoenix. The Supreme Court of Arizona overturned a lower court ruling and affirmed that "if a public entity maintains a public record in an electronic format, then the electronic version including any embedded metadata is subject to disclosure under public record laws.

The bad news for local and state governments keeps coming with the case of Swofford v. Eslinger. This case against the Seminole County Sheriff's Office ended with the Judge ruling "Defendant's blatant disregard of their obligation to preserve electronic information" as evidenced by their deletion of emails despite receipt of plaintiffs' request for preservation, the court imposed sanctions allowing the jury to infer that the deleted emails contained detrimental information in this case. An award of fees and attorney fees was also granted.

So in the span of a month there were several costly rulings against state and local government that will no doubt be damaging to the reputation and budgets of these agencies.

Further, government entities cannot longer rely on rising mill levies and increased sales tax revenues to bail them out of shortfalls in funding caused by electronic evidence spoilation through reckless actions, or non-existent eDiscovery processes.

State and local government agencies must learn from the lessons of the private sector and understand that without technologies such as Estorian's LookingGlass and putting in place processes that enable them to respond to eDiscovery mandates such as Legal Hold, they are doomed to make the same mistakes that private companies have made and been penalized for making over the years.

It is time for government agencies to adopt an archiving solution such as LookingGlass. A proactive archive acts as a front line of defense in eDiscovery and serves as a reliable and cost-effective store to hold emails and their attachments for pending or anticipated litigation. Since email is now the preferred medium for communications by and between government agencies, it stands to reason that email archiving is no longer an option but a necessity for government agencies.

Government officials should realize that now is the time to introduce robust eDiscovery products and processes into their agencies. To ignore this important issue is to do so at their peril. Other government agencies across the country have already discovered the hazards of not having proper archiving process and, in so doing, have damaged their reputations while bringing financial hardships to the district citizens that they serve.

A recently published study by The Radicati Group, Inc entitled, Email Storage Market, 2009-2013, provides a stunning look into the amount of storage that enterprises need to meet growing email stores. The most telling statistic was that enterprises with 1000 users will consume approximately 20 GB of storage per day or nearly 400 GB per month. But beyond just the problems and costs associated with storing these volumes of email data, an equally pressing challenge is intelligently managing these emails once they reside in these repositories.

Business intelligence tools are now being viewed as a new mechanism to accomplish this. Business intelligence (BI) provides the concepts and methods that improve business decision making by using fact-based support systems. Normally, business intelligence tools are used in conjunction with acquiring new customers or competitor analysis but growing email stores are forcing organizations to start to use these tools to ensure corporate compliance and manage risk. c

This management of external and internal risks is becoming increasingly important as organizations seek to cost-effectively mitigate the risks that responding to new government regulation, financial reporting, and litigation introduce in regards to managing email.

The application of business intelligence to searching and manipulating archived email data stores is still somewhat of a new concept. However technology driven, fact-based support systems are now needed to provide insight and manage these growing mountains of email data. So it is time to think about email archiving not just as a way to capture and store emails but as a way to apply traditional business intelligence principles to email data stores.

Products such as Estorian's LookingGlass give companies the "fact-based" tools necessary to make important decisions such as:

• Track any email or attachment regardless of whether it is incoming or outgoing. The spherical indexing engine used by LookingGlass provides organizations the ability to analyze email and track them in whatever direction they go.
• Track all activity of email, even if it hasn't been sent, by tracking activity in draft folders. LookingGlass can intelligently see activity as it is happening even if an email has not been sent. These emails are noted and indexed which gives a complete picture of email activity for compliance and legal matters.
• Search capabilities that start with the attachment and then works backwards to find all associated emails. This capability allows a true front-to-back search capability without needing to know either the sender's or the receiver's email address.

Extending business intelligence to email allows companies to make proactive business critical decisions in areas that are often overlooked through traditional BI solutions. Email continues to experience exponential growth in enterprises but by applying BI technology solutions to email stores, companies can begin to manage and treat them the same way they do with data found in their other mission critical applications.

Today more so than ever before critical data with high risk implications is housed in email and should be treated like any other critical data source against which BI technology is used and decisions are made so it only makes to bring email into the same fold as financial, sales, or marketing data.

Expanding current BI initiatives and applying the same BI techniques to email as with other data through BI tools such as Estorian LookingGlass can no longer be ignored. After all, if companies ignore email and the growing complexity that large data stores create, they do so at their own peril as it leaves management poorly equipped to make the intelligent and critical decisions that today's business and regulatory environment demands.

Although this case did not end in sanctions for EchoStar, it showed the need for email controls and archive technology that preserves email in its native form. Central to this case was an allegation of sending emails which conveyed a commercial advertisement and displayed the name and/or logo of Dish Network. This was alleged to be in violation of the Ohio Consumer Sales Practice Act.

The Plaintiff sought sanctions for failure to preserve website links and images contained in messages. Paper copies of the messages were given in response to the subpoena due to the fact the Plaintiff did not establish the Defendants' duty to preserve the images. The emails were provided on a CD-ROM and it was argued that the images were fully visible at the time of production. The Plaintiff contended that the unavailable images were the only evidence to establish that the contents of the emails violated the law.

This case seemed mismanaged in a lot of ways as it pertains to preservation and production of ESI, and rightfully it would appear sanctions were not granted. But, producing emails on a CD, not presenting metadata, and not preserving images is definitely not the norm and is a rare exception in today's legal environment.

Companies should take the necessary steps to preserve email data, preserve the contents of the email and ensure that metadata is intact. Without the ability to show a solid history of email management, the risk of costly sanctions rises dramatically.

Technology such as Estorian LookingGlass provide the ability to archive, index, search, and provide a complete trail of e-mail messages necessary to answer an eDiscovery request. Some of its capabilities include:

• Email is archived with the images in tact. LookingGlass provides a unique way of searching and displaying images. When the image you are looking for is identified, a simple mouse click of the image shows the complete email attached to the image.
• Search capabilities provide a complete email trail. Once the email is located that is tied to an image LookingGlass provides the ability to see all persons who received, sent, or deleted the email.
• Metadata is preserved. All metadata associated with the email is preserved, archived and available for display and/or presentation to meet eDiscovery mandates.

LookingGlass provides a powerful way for companies to sort through mountains of email and provide the ability to capture and search images within email. This is critical as the above case demonstrated.

Companies should not count on poorly framed eDiscovery requests to keep sanction possibilities at bay. Instead proactive planning, solid eDiscovery processes, and technology such as LookingGlass should be used to meet the complex circumstances surrounding today's state and federal laws such as the Federal Rules of Civil Procedure (FRCP) and California's Electronic Discovery Act.

As this case shows, email continues to be a huge risk and a consistent pain point for eDiscovery and without the ability to archive and present images in email it will no doubt lead to sanctions. So while this Defendant was fortunate it that it did not meet with any court sanctions, companies should not expect the same fortunes in their eDiscovery strategies as their luck will eventually run out.

Any time California passes a law, especially as it pertains to eDiscovery, the rest of the nation needs to pay attention. California previously set the stage for the nationwide adoption of data breach notification laws with its passage of SB1386 in September, 2002. Since that law went into effect, nearly all states have since followed suit with their own data breach laws (only 5 states have NOT passed similar laws) as well as the federal government.

Organizations that have failed to act and put in place pro-active eDiscovery processes are starting to pay the consequences. The recently published, "2009 Mid-year Update on eDiscovery", highlights that sanctions in eDiscovery cases against organizations have doubled since 2008. It is important to note the statistic that sanctions were considered in half of every case involving eDiscovery and that they were awarded in 36% of these cases.

This statistic should be a wake up call to all organizations. Clearly many organizations' eDiscovery efforts are still in the primitive stages and now that most states have passed their own eDiscovery laws and California is coming back for round 2, new risks and ultimately new sanctions are poised to strike yet again.

Some notable points of interest in the Electronic Discovery Act:

• The California law differs from the FRCP in how it approaches data in "a reasonably useable form". If your company is subject to an eDiscovery request, the burden will be upon you to provide the information in a reasonably useable form. This is a big departure from FRCP. This new wording could lead to a large expense for a company as definitions of a "reasonably, useable form" are worked out.
• Expands eDiscovery beyond inspection and copying to include testing or sampling of ESI. This act expands existing eDiscovery procedures and demands that can be made for inspection of ESI to include copying, testing or sampling of ESI.It also allows for a party to demand that another party of someone acting on that party's behalf, to inspect, copy, test, or sample ESI in the possession, custody, or control of the party when an eDiscovery demand is made.
• Parties that fail to produce ESI pursuant to a discovery request may face monetary sanctions. This sets a new precedent that organizations must now consider. Before they mostly just had to contend with costs at the federal level. Now the state of California has the power to levy monetary sanctions as well
• Sanctions are prohibited if failure to produce ESI is due to routine, good faith business operations. I consider this California's version of the safe harbor provision, but as with FRCP, safe harbor can be elusive as evidenced by the aforementioned statistics on sanctions.

There is much more to this act, including more notable departures from the language of the FRCP. Overall this is a detailed act with new risks and eDiscovery considerations that now impact organizations if they end up in the California state court. Like all risks, it all boils down to costs but the big question organizations have to answer is, "What is the cost of complying versus doing nothing and taking a reactive approach to an eDiscovery to deal with it only if and when it hits you?"

This is the big question when it comes to this bill as there are several cost shifting areas for companies to consider which is an aspect that I will tackle in a future blog post. The main question that will need to be answered is how will costs be shifted as part of a discovery notice? There has been precedent in California for cost shifting, in Toshiba v. Superior Ct., but questions still remain if this will continue to be the rule.

It should come as no surprise that eDiscovery is moving front and center at the state level. State courts are not immune to eDiscovery problems posed by electronic documents and shifting evidentiary requirements are caused from ever increasing amounts of ESI.California is no different and it is simply seeking to try to limit the costs of eDiscovery in disputes. But as the FRCP has shown this is much easier said than done.

Companies will need to ensure their eDiscovery strategy not only covers FRCP but also complies with differing state laws.New technology such as Estorian's LookingGlass will increasingly be needed to ensure ESI such as email can be produced in a reasonably usable form.

Much legal wrangling lies ahead as sides argue over wording, meaning and intent of this law with a lot of information forthcoming as it relates to costs and interpretation.But, there is no doubt that other states will almost certainly follow in California's footsteps and tackle eDiscovery in their own court systems.As this occurs, the costs and painful consequences for those organizations with inadequate eDiscovery strategies are poised to skyrocket.

The SEC has taken its lumps for its role, or lack of it, during the economic downturn. But, this case shows the SEC is paying attention and investigating those who play fast and loose with the rules. What this investigation highlights most of all is that AIG was routinely engaged in business practices designed to inflate the company's worth and misstate earnings, costing investors millions of dollars. All of this was orchestrated through the use of shell companies and investors with the full knowledge of the former executives.

Maurice R. "Hank" Greenberg, Former Chairman and CEO, and Howard I. Smith, Chief Financial Officer settled with the SEC with payments of $15 million and $1.5 million respectively for their roles in this scandal. This is in addition to the fines levied in 2006 against AIG totaling around $800 million dollars for securities fraud and improper accounting. The SEC's release included this quote from Robert Khuzuai, Director of the SEC's Division of Enforcement, "Corporate leaders cannot avoid the truth and consequences of their company's performance by using improper accounting gimmicks and signing off on distorted financial reports."

While reviewing the SEC complaint several interesting items were found;

• Greenberg made it clear through conversations regarding reduction of stock price due to inadequate loss reserves that AIG was going to use "aggressive accounting techniques". This was done through a transaction with GenRe which was paid a $5 million dollar fee and refunded $10 million dollar premium back to AIG through an off-shore company. This transaction was not in conformity with GAAP and referred to as "reckless" by the SEC.
• A "sham" transaction was done through what is called a round trip of cash. Basically a transaction was done between two companies which had no economic substance, but was done for the sole purpose of manipulating AIG's financial statements.
• Materially false statements regarding loan loss reserves were given that were signed off on by Greenberg and Smith.
• Concealed losses through a shell company from Barbados called Capco which AIG acquired through a subsidiary called AIRCO. Using this company, Capco absorbed $210 million in AIG losses so investors would be willing to make capital investments and stock price would not be affected.
• When AIRCO officials raised concerns regarding Howard Smith's orders to not record an unrealized loss, Howard Smith admonished them for sending their concerns over e-mail and demanded that all evidence of the conversation be destroyed.

This SEC complaint reveals full of sham investments, false investors, manipulation of financial statements and cover-up. These were all designed to hide losses that reached the hundreds of millions of dollars while at the financial statements were inflated and stock prices were manipulated. This is not to mention the damning evidence that a direct order was issued from AIG's CFO to destroy all e-mail trails of AIG's wrong doings.

Technology such as Estorian's LookingGlass allows companies to ensure that e-mail evidence isn't destroyed. Shareholder value and company reputation should be closely guarded and ensuring all communications regarding the financial viability of a company should be kept in accordance to federal law.

AIG was front and center in the current financial crisis and only survived through a bailout from unearned tax payer dollars. But, when you see this type of unethical and arguably criminal of allegations against Hank Greenberg and Howard Smith, it makes one pause and question whether AIG deserved to be saved and undoubtedly will make it harder to gain public support for further cash infusions.

Companies should be mindful of these types of executives and ensure that e-mail discussions of company financial data is preserved through the use of technology such as LookingGlass. As this case points out, executives who cook the books and destroy evidence will eventually be held accountable. The big difference today between AIG and you is that your company cannot count on a bail out if it happens inside your company.

I then set out to try and determine if such a list existed and have come to the conclusion that if such a list does exist it isn't widely known and I certainly could not find it. As I continued to try and answer this question, I realized that if I was having this much trouble, chances are that most people will have the same frustration.

One of the most significant areas of eDiscovery is performing a relevant keyword search of data to produce the proper documents as mandated by eDiscovery requests. This collection of ESI (electronically stored information) holds particular importance as produced documents will go through a review process prior to producing these to opposing counsel. As data continues to grow within organizations eDiscovery costs continue to rise therefore it is extremely important to have a robust search that reduces non-relevant information during a search.

Collection of electronic data should be comprehensive. But based on recent eDiscovery failures involving keyword searches such as the recent case of Active Solutions, LLS and Southern Electronics Supply, Inc. v. Dell, Inc. as was highlighted by DCIG, this process is difficult for even large companies with greater resources such as Dell to achieve.

Companies must take a consistent approach to meeting these mandates and a company's keyword search process should not negatively impact the eDiscovery procedure as it moves forward. Dell's case also highlighted the importance of a proper search of a company's e-mail and the court's increasingly impatient stance toward inadequate searches of email during eDiscovery. So some areas to consider for keyword search moving forward are:

• Be specific in your search. A well thought out word search reduces the amount of irrelevant "hits." For example, using short words such as "mark" will produce numerous hits on words such as "trademark" "benchmark" etc., if you want to eliminate this then try more specific word searches, or phrases.
• If possible avoid generic industry words. If you are doing a search at a hospital, words such as "patient" "transfer" and "emergency" will be found in abundance and may hinder rather than help in your search efforts.
• Search for user created files types. Search for user created file types such as "rtf", "doc", "xls", "pdf", "txt", "html", etc. and avoid known files that are not relevant to your search. The National Software Reference Library is a huge repository for known traceable software and can be very helpful in narrowing search results.

Using email archive products such as Estorian's LookingGlass can provide companies a means to index and search email and give you accurate results. By accelerating the email search process and reducing a huge volume of data down to only relevant information, it significantly increases a company's ability to perform early case assessments of the data thus saving costs.

The importance of ensuring a proper approach to email keyword searches is clearly demonstrated in Dell's case but it applies to almost every aspect of eDiscovery. Email's continued importance in eDiscovery processes provides a challenge to companies that only through the use of technology such as LookingGlass and proper keyword search techniques can overcome. The courts are consistently showing their unwillingness to accept poor search results and companies that present these types of unsatisfactory results run the risk of the courts demonstrating their frustration through fines and sanctions on the offending party.

This report provided some interesting insight that reveals how pervasive email usage is in corporations and more importantly how users view email:

• 98% had both work and home email addresses
• The 24-54 age group is more likely to access email at work than at home
• The most important email function as identified by users was email from friends and family
• 1 in 6 people surveyed admitted to clicking on spam

After reading through these statistics (especially the last one) it became clear that even with all of the education and security alerts around email, current email usage policies coupled with virus and spam controls are not enough. Users continue to engage in unsafe email behavior and since most users rightly or wrongly view their work email address as their primary email address, the risks that email misuse presents to organizations are extensive.

Through my IT career I have seen the rise of anti-virus software and, more recently, anti-spam solutions aimed at the enterprise. For the most part organizations now see the risk/reward to installing these types of products but the effectiveness of both the solutions and risks of not implementing the right ones vary widely from company-to-company.

This study highlights some of these risks which include:

• What attachments are being sent or received?What are the chances that trade secrets or attachments with confidential or proprietary information are being sent from the company without its knowledge or permission?

• Are users using email outside established policy thereby putting your company at risk?The most important function of email for users according to this survey is communicating with friends and family. There is no problem with that but how comfortable are organizations with the knowledge that their employees are using their email system solely for work purposes? Further, are the emails being sent and received in violation of policy and do they, in a worst case scenario, present a legal risk to the organization?

• Is a large volume of e-mail being sent from a specific user? Can you identify a rapid acceleration of sent e-mail being sent from a specific user? This type of email velocity could point to a compromised PC being used as a "bot"

These risks beg the question "What else is going on?" as there are undoubtedly other risks to which companies are unknowingly exposed that are not being taken into consideration in this study. Statistics like these scream out the obvious: Companies need to take control of their email. To do so companies need tools to ensure their employees do not expose them to unnecessary risks.

New technologies now mitigate some of these risks. Products such as Estorian's LookingGlass alleviate the risks outlined above as it fully indexes incoming and outgoing emails and their attachments. In so doing, LookingGlass provides companies the assurance that all emails that their employees send and receive adhere to existing policies in real-time and, if they do not, are blocked and alerts are generated

These notifications warn when a policy has been violated and sends the information to the individuals responsible for taking action, such as HR or an internal security team. Email analytics features included in LookingGlass can track email by user, hour, day and beyond which provides insight into items such as the number of emails sent and received. This can provide important quantitative information on email velocity and identify a small problem before it becomes a big one.

The MAAWG study highlighted that employees do not always differentiate between home and work email. Because of this, organizations need some means of enforcing email policies to deter employees from jeopardizing a company from their ill-advised email behaviors. Taking control of email requires having tools that proactively monitor the information contained in emails so organizations are protected from the potentially abusive or dangerous content that is shared and sent in emails. Products such as Estorian LookingGlass provide this level of control that products such as anti-spam, anti-virus and even other email management products yet lack.

• Document retention policy. Do you have a document retention policy that explicitly covers email?  If so, was it developed with the input and perspective of IT, Legal, and Compliance, or just IT?

Having a policy that guides email retention is a must and once the policy is in place it should be followed. If your retention of e-mail is 90 days then you should adhere to this standard and not let 90 days mean 60 days, or 6 months etc. as inconsistent adherence to email retention policies is even worse in the eyes of the court than having a wrong policy in place. Safe harbor in eDiscovery rests in an organization adhering to its policies and procedures that guide the destruction of its email data.

• Legal Hold of E-mail. If your policy guides destruction of email at the end of every 90 days but you can reasonably anticipate legal action on these emails then you are bound by FRCP to hold those documents in anticipation of a possible discovery.

Destruction of emails once you know a legal hold is necessary could expose an organization (public or private) to court sanctions for spoliation. So if you even suspect you might need to retain emails, you better have a means to hold on to them. eDiscovery rulings are often a moving target and knowing exactly when to start retaining e-mails critical to a case can be very difficult as shown in the recent case of Phillip M. Adams & Associates, L.L.C. v. Dell, Inc., 2009. 

• Regulatory Factors. Is e-mail retention for your company guided by government regulation such as Sarbanes-Oxley (SOX)?  Publicly traded companies, healthcare institutions and financial services organizations all are subject to regulations that affect how long they retain emails. These regulatory considerations often have strict penalties attached to them for non-compliance.

Retention periods can also vary depending on the information contained within email, whether it is financial statements, HR data, patient information, or contractual discussions. Each could have different regulatory retention requirements based upon the information contained in the email.

Judge Ledet's admonishment of Dell's actions as "unconscionable" was due to Dell's response to an eDiscovery stemming from a current civil lawsuit. The lawsuit, Active Solutions, LLC and Southern Electronics Supply, Inc. v. Dell, Inc., has centered over a New Orleans crime camera system. The case was brought by Active Solutions and Southern Electronics in 2007 against Dell claiming that the surveillance system Active Solutions had developed had been misappropriated by the City of New Orleans technology department and that it then conspired with Dell to acquire the system.

As details of the case have unfolded several eDiscovery areas of interest have emerged. A significant component of the case revolves around whether Michael Dell knew about the pending sale of camera equipment to the city of New Orleans and if the issue of security cameras came up between him and New Orleans Mayor Ray Nagin in a meeting that allegedly occurred in June 2004. Michael Dell and Ray Nagin do not recall this meeting but a former Dell employee disputes that claim and stated in an affidavit that the meeting did in fact occur on or about June 21^st, 2004.

During the course of this hearing Judge Ledet has ordered the recent deposition of Michael Dell. Judge Ledet has also sided with the Plaintiff's attorneys in their claim that Dell had provided "piecemeal" production of eDiscovery documents and that specific key word searches for words such as "camera" were not done across its email archives on emails that may have been sent to Michael Dell.

Dell has countered by stating they have acted in good faith and provided over 160,000 documents. Judge Ledet did not agree and ordered a search of Dell email and documents using specific words. Once the results are known then the two sides can discuss how to move forward.

This case definitely is NOT a text book example of how to respond to an eDiscovery request especially from a company with the branding and resources that Dell enjoys. If anything, this is an indictment of Dell's own email archiving and management software that it purchased and has owned for some time. This case is exemplary if no other reason then it illustrates what not to do when confronted with litigation involving eDiscovery.

Any company involved in litigation is now expected to provide those documents relevant to the case, and as this case involving Dell highlights, that information more often than not resides in email. Using products such as Estorian's LookingGlass companies can archive and retain email messages and then do keyword searches across these archives. Using LookingGlass to search and present only relevant email not only reduces costs, but avoids the piecemeal presentation of documents Dell is accused of providing.

I find it surprising to see Dell in contempt of court and being accused of making a mockery of the court system, as well as its own ineptness in providing the documents needed to satisfy its eDiscovery obligations. But, what is more surprising is Dell's lack of keyword search capabilities and inability to present relevant information in a timely manage, especially given that they own a software that allegedly can perform these tasks. Using products such as LookingGlass give companies the ability to answer eDiscovery requests and avoid the ramifications of court ordered sanctions that can often be very costly.

The court's harsh words towards Dell did not lead to expensive sanctions (this time) but as the lawsuit continues to peel back the layers of what occurred in this case, that may yet occur. As this example illustrates, companies should be in a position to provide relevant emails in a timely manner because as new court cases are bearing witness, court sanctions are becoming more expensive, judges are becoming more willing to dole them out, and the inability to provided needed information can be damaging to their defense and ultimately lead to litigation losses.

A December 2008 poll at Law.com showed immature processes is the rule across corporate America when it comes to eDiscovery. The survey found 30% of companies in the survey lacked even basic policies for preserving evidence for litigation discovery. So based on these statistics, it is reasonable to assume this lack of knowledge in eDiscovery coupled with immature processes could lead to higher risks being taken by companies.

But a question I regularly hear is, "Why not set a policy that mandates the quick destruction of data and delete everything quickly?" The thought process behind this is simple. If an eDiscovery event occurs, simply point to the policy and attempt to show a routine and good faith destruction of data and avoid the associated costs. While it is a tempting to adopt this policy in order to try to avoid the costs of eDiscovery, it is a flawed approach and could result in more harm than good for your company.

The "Safe Harbor" eDiscovery provision, otherwise known as Rule 37(f), provides a means for companies to limits sanctions if (and I quote): "Absent exceptional circumstances, sanctions cannot be imposed for loss of ESI resulting from a routine, good faith operation of an electronic information system." Under this rule, a court may not impose sanctions on a party for failing to provide electronically stored information lost as a result of the routine, good faith operation of an electronic information system.

Based on this wording it would appear reasonable why companies might take a risk and attempt to limit their legal risks by quickly and routinely deleting documents such as email. But there are several areas of concern for businesses that rely on routine data destruction processes when it comes to their eDiscovery strategy, such as;

• eDiscovery is still evolving and the rules can be a moving target. Even when safe harbor would appear to extend to your company, the courts can bring a new wrinkle as it pertains to eDiscovery and suddenly your company could be facing a huge sanction. For example, a court ruling in the recent case titled Phillip M. Adams and Associates, LLC v. Dell, Inc., provided sanctions against ASUS for not preserving e-mails dating back to 1999, even though the plaintiff didn't bring a claim against ASUS until 2005. This has cast serious questions on the future of rule 37(e).

• What you view as routine destruction could in fact be spoilation. The above cited case is another good example of a company thinking they would be covered by safe harbor, and instead their idea of reasonable destruction of data through routine maintenance of their information system, was instead viewed by the court as spoilation of data that should have been held for litigation.
• Legal hold of data is open to interpretation. Legal hold of data is a process for holding all relevant information pertaining to a case when litigation is reasonably anticipated. The term reasonable is open to interpretation by the courts, and court interpretation is rarely predictable.

The sheer volume of e-mail and its impact on eDiscovery continues to be a pain point for companies searching for answers to costs. Products such as Estorian's LookingGlass provide an answer for companies looking to control the costs and complexities of e-mail in litigation. LookingGlass provides structure to historically unstructured data as well as providing search functionality for answering eDiscovery requests which becomes a valuable resource in controlling e-mail review costs.

In today's economic climate it is understandable why companies are tempted to try and avert costs through risky data retention strategies. But, this high risk strategy will fail and the costs and consequences could financially ruin your company. Proper preparation and deploying technologies such as LookingGlass provide a vastly lower risk point than attempting to rely on policy and pray for safe harbor.

• The cost of an eDiscovery associated for Microsoft is between $10 and $20 million dollars for each and every lawsuit.
• Losey recently wrote in his blog about a case where the Washington D.C. Appeals Court affirmed an order requiring that the Office of Federal Housing Enterprise Oversight (OFHEO) spend $6 million, or 9% of its annual budget, to comply with an eDiscovery subpoena request.
• Litigation is becoming too expensive so organizations are opting not to go to court and instead just settle.
• The American system of justice is very different than Europe's. Europe permits the voluntary disclosure of information so European companies may only choose to disclose information that helps them in a court case. The American System of Justice requires organizations to turn over all relevant information whether it hurts or helps them in a case.
• The written word has evolved over the centuries to become considered the best form of evidence. Since lawsuits involve events that occur in the past (often years ago), organizations need to be prepared to go back years to produce written documentation. The written word today now almost exclusively exists in the form of electronic communication.
• In 2006, Networkworld cited a study conducted by the Butler Group that employees now spend as much as 25% of their day searching for the right information to complete a given task. Losey now believes that the percentage of time employees spend looking for stuff is closer to 40%.
• The best estimates available are that during an eDiscovery organizations can only retrieve about 22% of the writings that are relevant to a case.

• Be proactive, not reactive, about information management.  The first step in the Electronic Discovery Reference Model (EDRM) is "Information Management" and yet most organizations start managing their information only after they receive an eDiscovery request and then are forced to start with some step in the middle of the process - such as the collection stage.

That is what gets companies into trouble. Starting with the collection of data as a means to do eDiscovery in a chaotic environment becomes very expensive. As a result, much of the money that organizations spend on an eDiscovery is wasted since so little relevant information is retrieved during the process.
 
A better way for organizations to start is by managing and archiving their email using software like Estorian LookingGlass. Software like this gives them a means to capture and manage the flow of information in and out of their organization while making it accessible and searchable if and when an eDiscovery occurs.

• Prepare for a future where a random sampling of electronically stored information (ESI) becomes the norm. While it is unlikely organizations ever retrieved 100% of relevant information when it was stored in paper, achieving that level becomes even more unlikely that it is stored electronically. So to adapt to this new environments, organizations need to prepare to employ methods of random statistical sampling of their ESI and then prepare to defend this method of eDiscovery in court to keep eDiscovery costs from spiraling out of control. Losey says, "Common sense dictates that sampling and other quality assurance techniques must be employed to meet requirements of completeness."

When I started looking into the alleged insider trading scandal I found not only interesting facts on Pequot, but also some interesting insight into how the SEC investigated the allegations of insider trading. Pequot was founded by Arthur Samberg and has been a respected hedge fund since 1998. The fund reportedly manages $3 billion in assets but at one time reportedly managed $15 billion. But, with investors already highly suspect of any bad news based on previous scandals, Samberg decided it was in everybody's best interest to close the fund.

With that recent history aside, insider trading allegations regarding Pequot were actually discussed in front of the U.S. Senate Committee on the Judiciary in December of 2006. According to testimony by Director of Division Enforcement, Linda Chatman, there were 10 transactions occurring between February 2002 and April 2005 that were forwarded to investigators working on the Pequot investigation. Investigating attorney Gary Aguirre claims he was fired for his requests to interview persons relevant to the case but, after all of the investigative work was done, Pequot Capitol was found to have not executed transactions based on insider knowledge.

What really caught my attention was in the "Case Closing Recommendation" documents there are several specific instances involving Pequot and insider trading allegations. During these investigations it became clear that the SEC is very conscious of email communications and looks closely at email in any investigation regarding insider trading. Email communications between Arthur Samberg are highlighted throughout to show either a link to possible wrong-doing or, more importantly, where email exonerates wrong-doing.

A specific example is in the investigation of Pequot accumulating Heller stock and shorting GE stock before a GE acquisition announcement of Heller was made public. Within the documentation the SEC specifically states it "reviewed the emails obtained from Pequot to identify other potential tippers. The staff then compiled information about each person identified, including searching for relevant documents in the database of emails provided by Pequot."

Pequot was also closely scrutinized in a trade involving Microsoft stock after Pequot hired former Microsoft employee David Zilkha in April of 2001. Before starting work for Pequot, David Zilkha started providing information about Microsoft by email to Samberg.

There were two emails that were particularly scrutinized by the SEC that preceded an earnings announcement by Microsoft. Pequot had a net positive result of over $2 million dollars in profit based on two trades in Microsoft that were theorized by the SEC to be the result of the email information received from Zilkha.

There were also several other examples of possible insider trades that the SEC investigated involving Pequot Capital and through these investigations Pequot provided 19.8 million pages of electronic mail to the SEC.

Based on the sheer volume of email presented by Pequot the SEC asserted on page three of Linda Chatman's presentation to the Senate that "our staff has become particularly adept at sifting through all available forms of evidence, including...emails."

Although originally Pequot Capital was cleared of insider trading, it now appears that the SEC is coming back and taking another look at this hedge fund but instead of facing the mounting investor scrutiny, Arthur Samberg has decided to scuttle the fund altogether. Yet what interested me most was the sheer volume of emails given to the SEC as well as the SEC's focus on email to not only look for evidence of wrong doing of Arthur Samberg but also to develop leads on other "tippers" of inside information.

This case is a good example of why companies need email management technology such as Estorian LookingGlass. As the SEC has shown, it is very adept at reviewing email documentation and having the ability to rapidly provide email information that can clearly show a company followed the rules will pay huge dividends in any investigation or information gathering exercise. An ability to provide transparency in any investigation or eDiscovery exercise can exonerate a business even if a government agency, such as the SEC, comes back to take a second look and help prevent taking such drastic measures as shutting down the business as Samberg obviously felt obligated to do.

Another area of interest within this bill is the inclusion of the wording "each appropriate Federal banking agency" which extends this bill to Banks, Savings and Loans, and Credit Unions. So, it would appear the Federal government fully intends to ensure that all credit lending institutions will fall under this complete overhaul of the "Consumer Credit Protection Act."

Now that all banking agencies fall under this act, what technology issues should they be aware in this bill? One main area of concern is highlighted in SEC.103 Limits of Fees and Interest Charges, under the Opt-Out piece of the legislation. This basically gives consumers the right to opt-out of over-the-limit transactions if fees are imposed. Under paragraph (2) (A) and (B) titled Notification by Consumer there is an interesting piece of language that refers to technology:

(A) "through the notification system maintained by the creditor under paragraph (4); or

(B) "by submitting to the creditor a signed notice of election, by mail or electronic communication, on a form issued by the creditor for purposes of this subparagraph."

What this bill lays out in paragraph 4 is there are several defined notification system options such as a toll free number, Internet address, and website. So, in addition to these specific areas defined, there is also the ability for banks to use electronic communication such as e-mail, in addition to those specific areas noted in paragraph 4, to submit and receive a signed notice of election to opt-out of those transactions.

Now that e-mail could very well be one of the opt-out vehicles used by a banking institution that falls under this act, it makes more sense than ever for banks to archive in order to have a strict accounting of e-mail transactions. By using products such as Estorian's LookingGlass, banks have the ability to use their existing e-mail infrastructure as a communication vehicle to transmit and/or receive signed notices of election. Without the ability to give a strict accounting of those notices banks limit their customer's options in providing signed notices of election.

Although it might be debatable whether this type of legislation actually helps consumers, it does demonstrate how consumer outrage toward a specific business sector can stoke a bipartisan fire. It also shows how the Federal government views technology as a way to ensure consumers can effectively and efficiently communicate their desired approach as it pertains to the services mandated within regulation.

As the Federal government continues its accelerated regulatory path, it stands to reason that there will be continuing emphasis on technology as the preferred means of communication between businesses and consumers. By using products such as LookingGlass, companies can continue to leverage their existing infrastructure to deliver services, as well as continue to meet current and future regulatory requirements.

Most individuals will generally welcome more protection in their lives from hostile terrorist attacks but it is unclear how much they are willing to accept government intrusion into their electronic communications.  Therefore a delicate balancing act is needed and this law may just go too far in the eyes of many as the mandates set forth in this EU directive are abundant, complicated to meet, require the capture of a plethora of electronic information and give governments the authority to access this information for a lengthy period of time. 

A review of the directive highlights the following areas:

• Article 6 titled "periods of retention" states Member States shall store all communication from customers no less than 6 mos., but no longer than 2 years.

Article 5 of the Directive spells out that the communication information must be stored. However there are some of the areas of concern as to what is stored. For instance:

• "Fixed" network telephony and mobile telephony. It will store the calling telephone number as well as the name and address of the subscriber.
• Internet access, Internet e-mail, Internet telephony. This calls for the retention of the user's Id, telephone number, name, address and IP address.
• Data necessary to identify date, time, and duration of the communications.
• Concerning e-mail - Date and time of the log-in and log-off from the ISP, IP address (static or dynamic), user ID of the subscriber or registered users. 

Article 8 of the Directive goes into the storage requirements for retained data by specifying that "data must be retained in a way that can be transmitted upon request to competent authorities without undue delay."  This is a key provision in that it not only requires the need for ISPs to store mountains of data but also puts a burden on them to search the data as well as determine if data meets any previously set criteria and then forward data that meets that criteria to the appropriate authorities without delay. 

Article 3 goes further and specifically calls out providers of public communications networks within the jurisdiction of the member state as the parties responsible for retaining the communication information noted in Article 5. 

Although this is an EU directive, organizations here in the United States need to be mindful of this regulation for a few reasons. First, we are talking about Internet communications that encompass the entire globe and not just the citizens of those Member States of the EU are charged with collecting data, though it is unclear how this would be enforced in the US. 

Second, if a government regulation such as this can pass muster in the EU, it stands to reason the US may follow suit at some point with legislation of this scale, especially with heightened role that the US government has been assumed in private industry.  Finally, Internet Service Providers (ISP) may have to bear the costs associated with this complying with this regulation so Internet access costs may increase. Equally unclear is as ISPs begin to act as cloud storage providers for businesses, how much of this private data will be stored as "public" information in these repositories because it traverses the Internet and is captured by these ISPs.

Organizations now need to begin to ask, "How does this law impact what data they send outside the organization over the public Internet?"  Although there are written safeguards on who can have access to the information and what information need to be stored, history is replete with examples that have shown that these safeguards are not always followed as is evidenced in a recent example that occurred here in the US. 

Email is a prime example of where confidential corporate information could easily end up outside of corporate fire walls and inside one of these "public" data repositories. How or if it may ever be accessed is anyone's guess but an advisable approach that organizations should consider taking is making sure it never ends up there in the first. Blocking the e-mail before it is ever sent using such products as Estorian's LookingGlass ensure that it never ends up in some data repository at an EU ISP that may come back to unexpectedly haunt you at some later point in time.

On the surface, this EU directive appears rooted with well meaning but poorly informed legislators who are looking to better protect their constituents. However, given the growing propensity of government to delve into the affairs of private business, organizations are advised that the less confidential and potentially incriminating data that they make accessible to the government, the safer they are. Technologies such as Estorian LookingGlass can help companies put in place email policies that ensure email communications that never should go outside corporate fire walls never do.