Self-Collection and Its Risks – Collection Fundamentals Series, Part 6

A multi-part series on the essentials practitioners need to know about ESI collections

In “Collection and the Duty of Technology Competence,” we discussed lawyers’ duty of technology competence and the importance of understanding collection to fulfilling that duty.  In “The Broad Scope of Collection,” we discussed the potential legal and technological scope of collection.  In “How Computers Store ESI,” we discussed the operation of computer memory.  In “Collecting and Recovering ESI from Computer Memory,” we discussed the technical process of collection.  In “The Intersection of Technical and Legal Realities,” we discussed the intersection of that technical process with the legal requirements.  In this Part, we start our review of available collection approaches with a discussion of self-collection and its risks.

Collection Approaches: Self-Collection

Self-collection refers to a collection approach in which the custodians themselves undertake the identification and collection of relevant documents from their own materials.  Typically, they are doing so pursuant to some instructions and oversight from in-house or outside counsel.  For example, they might review their physical records and turn over any relevant paper files to a designated recipient in the in-house counsel’s office, or they might review their stored electronic files and place copies of relevant materials in a designated storage area on the organization’s network (or move relevant emails to a designated folder in Outlook).

These approaches, and other variations on them, are often undertaken by less frequent litigants with less experience engaging in eDiscovery, and in certain narrow circumstances (i.e., very small, simple matters with no reason to mistrust custodians), they may be a reasonable choice.  In most common eDiscovery situations, however, the downstream risks associated with self-collection approaches dwarf the small, up-front project cost savings they offer.

The Risks of Self-Collection

Self-collection approaches carry four categories of risk that can each lead to spoliation sanctions, authentication and admissibility issues, and other negative consequences, which is what makes self-collection approaches unsuitable for most matters:

• Generic Inaction: The first category of risk you run when leaving collection to the custodians is that they simply may not do it. Employees are busy doing their normal job duties, and most do not understand the importance of preservation and collection the way lawyers do.  It is not uncommon to have to chase employees down just to get them to acknowledge receiving a legal hold.  Asking them to execute a complex, time-consuming collection process is likely to go right to the bottom of their to-do list.  And, even if you eventually get everyone to act on your instructions, the delays before action can lead to the loss or alteration of relevant materials through normal work activities, automated janitorial processes, or other risks.

• Legal Misunderstanding: The second category of risk you run when leaving collection to the custodians is that they will misunderstand or misapply the legal and factual scope information you give them in your instructions. The scope of preservation and collection is defined through the interaction of a nuanced legal standard, the pleadings and discovery requests of the parties, and the facts known at the time.  The scope of relevance (and, thus, of collection) frequently evolves over the course of discovery as legal disputes are refined and more factual knowledge is gained.  Expecting non-lawyer employees to clearly understand nuance that lawyers frequently struggle with is a recipe for disappointment, and expecting that nuance to be consistently applied from employee to employee is even more so.  And, when employees misunderstand or misapply the scope you’ve tried to set, relevant materials can end up omitted or lost altogether.

• Technical Ineffectiveness: The third category of risk you run when leaving collection to the custodians is that – even if they perform the requested collection and apply the scope guidance as you intended – they may still execute the process in a technically ineffective manner resulting in materials being missed, lost, or altered. For example, custodians asked to run keyword searches to locate relevant materials (in email, or their local files, or enterprise systems they use) may design them ineffectively, or execute provided ones incorrectly, causing relevant materials to be missed entirely.  Minor changes to search syntax or search settings can make major differences in the results returned, and syntax and settings vary from system to system.  Moreover, ESI materials and their metadata are easily altered by almost any interaction with a file.  Custodians working without writeblockers or other forensic tools cannot maintain forensic soundness or perform hash validation.  Some metadata will be altered, which may affect the ESI’s evidentiary value, its authentication, or its admissibility.

• Intentional Misconduct: The final category of risk you run when leaving collection to the custodians is that they will engage in intentional omission, alteration, or destruction of materials to conceal their own actions. As we discussed in our series on investigations, there are many situations in which your custodians’ interests may run counter to your organization’s.  They may be responsible for some part of the events giving rise to the matter and fear getting in trouble themselves, they may be engaged in some unrelated misconduct they are afraid may be exposed, or they may think they’re protecting a colleague or the organization.  Whatever the reason, when custodians are trusted to self-collect they have the opportunity to commit sins of omission or spoliation.  And, even if they do not take that opportunity, another party may challenge the reliability of collection performed by a custodian with an individual interest in the matter or the materials.

Together, these four categories of risk make self-collection approaches unsuitable and undesirable for most matters.  As noted above, in very small, simple matters – ones where the materials needed can be clearly identified and easily retrieved, where metadata is not important (or the requesting party has agreed to forego it), and where you have no reason to mistrust the custodians – it may be reasonable and proportional to rely on a self-collection approach.  Even then clear instruction and careful oversight will be needed.  In all other situations, self-collection should be avoided in favor of one of the approaches we will discuss in the next Part, as courts have made clear time and again.

The Courts on Self-Collection

The risks and consequences of employing self-collection approaches are not merely hypothetical.  Courts in numerous cases have taken parties and their lawyers to task for their reliance on custodian self-collection in the face of its clear risks:

• Green v. Blitz U.S.A., Inc, Case No. 2:07-CV-372 (TJW) (E.D. Tex. Mar. 1, 2011)
• SunTrust Mortgage, Inc. v. AIG United Guaranty Corp., Case No. 3:09cv529 (E.D. Va. Mar. 29, 2011)
• National Day Laborer Organizing Network v. U.S. Immigration and Customs Enforcement Agency, Case No. 10 Civ. 3488 (SAS) (S.D.N.Y. Jul. 13, 2012)

As Judge Shira Scheindlin wrote in National Day Laborer:

The second answer to defendants’ question has emerged from scholarship and caselaw only in recent years: most custodians cannot be “trusted” to run effective searches because designing legally sufficient electronic searches in the discovery or FOIA contexts is not part of their daily responsibilities.  Searching for an answer on Google (or Westlaw or Lexis) is very different from searching for all responsive documents in the FOIA or e-discovery context. . . .

. . . In short, a review of the literature makes it abundantly clear that a court cannot simply trust the defendant agencies’ unsupported assertions that their lay custodians have designed and conducted a reasonable search.  [internal footnotes omitted; emphasis added]

Upcoming in this Series

In the next Part of this series, we will review the next two available collection approaches: in-person collection and remote collection.