Why Every Business Needs a Document Retention Policy that Includes
An Electronic Document Archive
Carol S. Maue

As George Orwell anticipated in the science fiction novel, “1984,” it appears that Big Brother has arrived, albeit a little late. Regardless of whether or not one is a fan of Mr. Orwell, however, few would argue that we live in an increasingly complex, technological age that relies on computers to accomplish most every day tasks. As everyone with a teenager at home certainly knows, Internet access, instant messaging and email is no longer a novelty; it is a necessity, not only to live our lives as individuals comfortably, but to conduct business today. This is true for all businesses, large and small, privately owned or publicly traded.

In the business world, technological complexity has also spawned a new age of regulatory oversight. Historically, federal and state laws have always required businesses in all industry segments to retain documents for a specified term of years. Today, most governmental agencies (Internal Revenue Service, United States Patent & Trademark Office, Securities and Exchange Commission, United States District Court, United States Bankruptcy Court, and New York State Supreme Court) also increasing require the electronic filing of documents. Much of this communication and filing takes place through the medium of email.

In addition, over the past two years, many, new, federal statutes have been enacted, protecting individual privacy rights and subjecting business to ever-increasing record keeping and reporting obligations in the process:

• The Gramm-Leach-Bliley Act: requiring every business who accesses or uses a customer’s personal financial information to issue a privacy statement that notifies its customers “in clear and conspicuous language” on an annual basis how that information is collected and used and to comply with its stated privacy policy to protect the privacy of such information;

• The Health Insurance Portability and Accountability Act: requiring every business who accesses or uses an individual’s protected health information to issue a privacy statement that notifies such individuals on an annual basis how that information is collected and used and to comply with its stated privacy policy to protect the privacy of such information;

The Sarbanes Oxley Act:

• requiring accountants who audit or review Financial Statements for a publicly-traded business to retain certain business records relating to that audit or review; and

• imposing criminal liability for document destruction in certain circumstances, even if such document destruction occurs before formal notice of commencement of an official proceeding and in some cases without the necessity of proving a bad intent for the destruction, i.e., a “corrupt persuasion.”

Criminal liability for document destruction imposed by the Sarbanes Oxley Act is a very significant, new development for publicly traded corporations. Under Section 1512 of Title 18 of the United States Code, it was always a federal crime to “corruptly persuade” someone to destroy or alter business records or other documents for the purpose of making them unavailable in any “official proceeding.” A formal investigation commenced by a governmental agency, contested litigation in a court, enforcement proceedings commenced by a governmental agency or administrative body and an arbitration proceeding are actions that may be characterized as an “official proceeding.”

However, the Sarbanes Oxley Act goes further than this. Section 1519 of Title 18 of the United States Code makes the alteration or destruction of documents a crime, even when there is no “official proceeding” pending. In some circumstances, it also eliminates the requirement that the government prove bad intent or “corrupt persuasion” to have criminal liability attach, as was originally required by Section 1512.

What does this mean for U.S. businesses today? As the downfall of the accounting firm, Arthur Anderson, demonstrated in the wake of the Enron scandal, it means that a business, including its officers and directors, can be held criminally liable for the destruction of business records by its employees and representatives even when such conduct is contrary to an official company policy.

It has also always been the case under the rules of civil procedure adopted by most states and applicable in our federal courts that a business involved in a contested, civil administrative, regulatory or court proceeding that destroys documents can be sanctioned. These sanctions can take the form of the imposition of monetary fines, and in egregious cases, outright dismissal of claims and defenses.

Under the state and federal civil procedure rules, all businesses, both publicly-traded and privately held, have always been required to retain and produce during the discovery phase of a contested litigation any business documents that are arguably “relevant” to any claim or defense that may be asserted against a business and its officers and owners. This is not a new rule. Moreover, a business document need not be “admissible in evidence” at a trial to be subject to this obligation to disclose that document to the opposing party in a contested proceeding. Under the federal and state civil procedure rules, any business record that is “relevant” to any claim or defense being asserted and that is not otherwise privileged has always been “discoverable” by the opposing party and must be produced.

Since business email and instant messages are nothing more than electronic versions of business documents, they are subject to these same rules. Statutory and case law developments now make it clear that email and other electronic records are considered business records that are discoverable and must be produced.

On December 1, 2006, amendments to the Federal Rules of Civil Procedure specifically addressing e-discovery will become effective, subject to approval by the Judicial Conference, the US Supreme Court and Congress.

Although the new amendments to the Federal Rules of Civil Procedure addressing electronic discovery will not be effective for a year (and may change in some respects during the upcoming review process) every business should review its document management policies now in light of these amendments. Implementation of similar, uniform state rules are also currently being considered. The Conference of Chief Justices has promulgated for comment a similar draft entitled, “Guidelines for State Trial Courts Regarding Discovery of Electronically-Stored Information.”

To save time and money reconstituting electronic business records that are not readily accessible in the event of receipt of a subpoena or a discovery request, a record retention policy that includes a searchable, “worm” (write once read many times) email and instant messaging archive is critical for every business.

Courts have consistently approved document retention policies (a “DRP”) that meet the following criteria provided that they are consistently applied and adhered to scrupulously by the company. The DRP must:

• Comply with applicable regulations in the company’s industry;

• Comply with developing case law applicable in the relevant jurisdictions;

• Be implemented in good faith, that is, designed to:

o Provide ready access to required information;
o Preserve its authenticity;
o Consider the likelihood that claims will be asserted that will render the archived or destroyed information relevant and discoverable;
o Consider the potential significance of any claims that may be asserted that will render the archived or destroyed information relevant and discoverable; and
o If a claim or proceeding is initiated, require the immediate cessation of any document destruction undertaken in accordance with the policy to preserve evidence.

It is also important to keep in mind that under applicable federal and state civil procedure rules, it is permissible for a business to convert paper documents into microfiche or electronic form and then to destroy the paper copy to save space and promote the implementation of a well thought-out document retention policy. Under this scenario, Courts will typically permit the business to substitute the microfiche or electronic copy for the hard copy for use in a contested litigation or proceeding without subjecting the company to any civil or criminal penalties for document destruction.

However, the converse is not true. In other words, businesses may be subject to criminal or civil sanction if they retain hard copy of an electronic record, like an email or instant messaging transmission, but do not retain the electronic copy. This is the case because the hard copy may not contain necessary and relevant metadata encoded in the electronic copy, like dates and times of transmission and receipt, and other electronic information. Similarly, unlike electronic copy stored in a properly configured electronic document retention system, the authenticity of the hard copy may not be assured since it may be subject to physical alteration.

The importance of metadata in this electronic age is underscored by the inclusion of “metadata” as an official entry in the Merriam-Webster English Dictionary, where it is defined as, “data that provide information about other data.” Metadata exists for virtually every electronic document and can be highly relevant information in a contested litigation where the timing of an electronic communication or the identity of the sender is critical.

Ever-evolving case law specifically recognizes the importance of metadata in contested litigation:[1]

• In Armstrong v. Executive Office of the President, 1 f3d 1274 (D.C. Cir. 1993), rev’d in part on other grounds, 90 F3d 553 (D.C. Cir. 1996), a seminal case addressing discovery of metadata, the district court held that government agencies that instructed employees to print out a paper version of an electronic document without the metadata included (evidencing who had sent the communication, when, to whom) had not reasonably met its obligations under a federal, document retention statute, the Federal Records Act.

• In The Pueblo of Laguna v. US, 60 Fed. Cl. 122( Fed. Cl. 2004), a protective Order was granted to the plaintiffs by the Court, requiring the government to preserve all documents, including electronic documents, email and metadata that either contained relevant information or might lead to discovery of relevant information.

• In Jicarilla Apache Nation v. United States, 60 Fed. Cl. 413 (Fed. Cir. 2004), the Court included metadata in the definition of “documents” required to be produced, directing the parties to produce the records “in the format in which that party routinely uses or stores them,” and specifically, with respect to electronic records, to produce the records “along with available technical information necessary for access or use.”

• In Williams v. Sprint/United Mgmt. Co., 2004 WL 2401628 (D. Kan Sept. 29 2005), a recent decision in the State of Kansas, the Court required the defendant to produce electronic spreadsheet metadata, stating, “when a party is ordered to produce electronic documents as they are maintained in the ordinary course of business, the producing party should produce the electronic documents with their metadata intact, unless that party timely objects to production of metadata, the parties agree that metadata should not be produced, or the producing party requests a protective order.”

• Similarly, in In re Verisign, Inc. Sec. Litig., 2004 WL 2445243 (N.D. Cal. March 10 2004), the Court required the defendants to produce electronic documents in their “native” format, i.e., in searchable electronic format that included metadata. This directive was confirmed on appeal.

• In Zenith Elec. Corp. v. WH-TV Broad Corp., 2004 WL 1631676 (N.D. Ill., July 19, 2004), the Court ordered a third-party defendant to re-produce documents that were previously produced in hard copy format in electronic format. The Court accepted the defendant’s argument that the documents needed to be produced electronically because the printed copies lacked metadata and the electronic files were more easily searched. The Court also found that the third-party defendant was responsible for the cost of the production, noting that printing was a “convenience” and that the documents could have been produced initially in electronic form but were not.

Lastly, parties who fail to preserve metadata may be at risk for judicial sanctions, from adverse inference instructions to the jury, to monetary fines, evidence preclusion or even default judgments on the merits. In re Telxon Corp. Sec. Litig., 2004 WL 3192729 (N.D. Ohio, July 2, 2004), illustrates the degree to which Courts will sanction a party for failure to produce relevant metadata.

At issue were allegations that an accounting firm failed to produce certain emails, metadata and other documents. The magistrate judge found the accounting firm had to have known multiple database versions existed and that the hard copy production failed to capture all relevant components of the databases, such as metadata. The magistrate judge recommended a default judgment in favor of the corporation, declaring “no reasonable person could believe that PwC’s production…to Telxon…was a ‘good faith’ production.”

Judicial decrees requiring the production of metadata in response to a discovery request in a contested lawsuit is a legal trend that should not be ignored.

If your business practice is to print hard copies of electronic documents (like email and instant messaging communications) and then destroy the original electronic version, then think again. You should also be retaining the electronic version, preferably in a way that stores the data using worm technology that assures authenticity and permits cost effective and timely retrieval.

When these procedural rules that control the discovery process are viewed in the context of the new regulatory framework and case law developments mentioned above, including the passage of the The Patriot Act, new federal legislation designed to fight terrorism, that suspends constitutional rights in some cases and that gives the federal government broad, new powers to issue wire taps and pen registers to intercept and monitor telephone calls, email, instant messages and other electronic communications, the danger, as a business owner or a corporate executive, of not having a well thought out and implemented document retention plan that includes the ability to archive, retrieve and protect from alteration email and other electronic business records is all too apparent.

In several, recent, high profile cases, companies have been required to produce email in the context of contested litigation and have been sanctioned for failing to preserve and produce electronic records on a timely basis.

In Linnen v. A.H. Robins Co., a Fen-Phen case litigated in Massachusetts involving the pharmaceutical manufacturer, Wyeth, the plaintiffs requested emails from fifteen designated Wyeth executives that discussed Fen-Phen and the medical risks associated with its use. In response, Wyeth produced hard copy of a few emails, claiming that it did not have a back up system that permitted ready access to email in electronic form.

Despite its earlier representations, during the course of discovery, Wyeth eventually disclosed that there in fact existed more than 1,000 back up tapes that had been segregated and preserved for an earlier litigation. However, Wyeth asserted that it should not be compelled to produce the back up tapes because the company had already instructed its employees to preserve all relevant documents, all of which, it claimed, had already been produced.

When the Plaintiff moved the Court to require Wyeth to produce the back up tapes, claiming that the tapes in all likelihood contained communications that were directly relevant to the plaintiff’s case that had not yet been produced, Wyeth’s response was to accuse the Plaintiff’s attorney of engaging in a “multimillion dollar fishing expedition.” However, the Court rejected Wyeth’s argument, stating that the cost involved in producing the electronic records was a cost of doing business in the electronic age, and ordered Wyeth to begin restoring a select sample of its back up tapes and to produce them for the plaintiff. The Court also sanctioned Wyeth for its less than candid response to the plaintiff’s discovery requests by making it solely responsible for the associated costs, estimated at the time to exceed a million dollars, but reserved decision on whether or not restoration of additional back up tapes would be required pending an examination of the evidence gleaned from the sample.

Unfortunately for Wyeth, the company also did not suspend the on-going destruction of documents conducted under the guise of its document retention policy for a period of several months after the litigation commenced. Accordingly, the Court issued a jury instruction at trial that permitted the jurors to draw an adverse inference from the fact that Wyeth continued to destroy documents according to its document retention policy notwithstanding the commencement of litigation.

In another, shareholder fraud case against the aircraft manufacturer, Boeing, that was litigated in the state of Washington, the plaintiff ‘s attorney discovered the existence of 14,000 back up tapes containing company email that were stored in a warehouse and requested that all email stored on the tapes that were relevant to the case be produced. Although Boeing attempted to narrow this discovery request, this was an impossible task, because Boeing did not know, and could not determine, whose emails were on which tapes without first restoring the tapes. Accordingly, the Court ordered Boeing to restore and produce all 14,000 tapes. Because of its concerns about the information that might be on the tapes, Boeing elected to restore the tapes itself and bear the entire expense to accomplish this gargantuan task. After examining the tapes, Boeing settled the case for a whopping $92,000,000.

Needless to say, had Wyeth and Boeing each had in place a searchable email archive system incorporating WORM technology, the scope of discovery could have been substantially narrowed at the outset of the litigation, thus creating an atmosphere of cooperation, substantially reducing the discovery costs incurred and in Wyeth’s case, avoiding the imposition of monetary sanctions.

Most recently, in a New York case decided in the U.S. District Court for the Southern District of New York, Zubulake v. UBS Warburg LLC et al, in the context of a civil arbitration commenced against the defendant, UBS Warburg, LLC, by a former employee alleging sexual discrimination and retaliatory dismissal, Judge Scheindlin required the defendant-employer, UBS Warburg LLC to produce all emails that the court determined were relevant to Ms. Zubulake’s claims. In a subsequent decision, allocating the cost of the discovery between the plaintiff, Ms. Zubulake, and her employer, the Court required the employer, UBS Warburg, LLC, to bear a full seventy-five percent (75%) of the very substantial cost of producing these emails, notwithstanding the fact that production of the emails would primarily benefit the plaintiff, Ms. Zubulake, the defendant-employer did not have a searchable email archive system in place, the emails were stored on back up tape and were not readily accessible and it was estimated that it would cost approximately $273,649.00 to retrieve and produce the requested email.

In her opening statement in the initial Opinion and Order, Judge Sheindlin stated:

“The world was a far different place in 1849, when Henry David Thoreau opined (in an admittedly broader context) that ‘[t]he process of discovery is very simple.’ That hopeful maxim has given way to rapid technological advances, requiring new solutions to old problems. The issue presented here is one such problem, recast in light of current technology: To what extent is inaccessible electronic data discoverable and who should pay for its production?”

In another recent decision, Proctor & Gamble Co. v. Haugen, (D. Utah 8/19/03), involving a claim of unfair competition, the defendant, Haugen, moved for sanctions against Proctor & Gamble alleging that it had violated its duty to preserve relevant email communications by five, key employees. The Court found that Proctor & Gamble breached its discovery duties and sanctioned the Company $10,000 (or $2,000 for each of the five employees whose email could not be produced). Haugen then moved to dismiss the case with prejudice, claiming that Proctor & Gamble’s inability to produce the requested email was critical to Haugen’s case and that the failure to produce the email made it impossible for Haugen to defend the action. The Court agreed with Haugen and dismissed the case with prejudice, finding that “it was basically impossible” for the defendant to defend the action without the electronic data that was no longer available.

Another case of interest, In Re Honeywell International Securities Fraud Ligitation (SDNY 11/18/03), involved a discovery request addressed to a third party who was not a party to the lawsuit, the defendant’s financial auditor. In response to a Subpoena, the defendant’s auditor produced several thousand documents in hard copy form. The Plaintiff objected and requested electronic copy of the documents produced, asserting that it was impossible to review the information produced in any meaningful way because the hard copy was not organized in the order in which the documents were kept in the ordinary course of business and because it was impossible to tell which attachments belonged to which documents. The third-party auditor objected, claiming that it provided an adequate index to the hard copy of the documents and that in any event, electronic documents were only accessible with the use of the auditor’s proprietary software. However, the Court was unmoved. It required the auditor to produce all of the requested records in electronic form, confirming the plaintiff’s assertion that the hard copy production was insufficient because the documents were not organized and produced in the same sequence in which they were created and maintained in the ordinary course of business.

In yet another recent case in Maryland, Thompson v. US, (D. Maryland 12/12/03), the Court implemented the Draconian sanction of a preclusion order. When the defendant failed to respond to the plaintiff’s request for production of electronic documents and email, the plaintiff made a formal motion to the Court for sanctions against the defendant. The Court issued an Order sanctioning the defendant, precluding the defendant from calling certain witnesses at trial unless they were able to demonstrate that there were no email records generated or received by the affected witnesses or if the records did exist, that they had been produced by a certain date. Long after the discovery cut off and on the eve of trial, the defendant advised that it had discovered 80,000 email records responsive to the plaintiff’s original discovery request, despite having repeatedly insisted to the Court and the plaintiff that no such records existed. Accordingly, the Court revised its earlier sanction Order and precluded the defendant from using any of the email to prepare any of its witnesses for testimony at trial, forbidding counsel from attempting to refresh recollection of any such witnesses at trial using any of the email but allowing the plaintiff to use any or all of the email in preparation of its direct case and to cross-examine the defendant’s witnesses, requiring the defendant to pay the cost incurred by plaintiff to have counsel review the 80,000 email on the eve of trial and inviting the plaintiff to make a motion to have defendant’s counsel held in contempt of court.

As Judge Scheindlin’s decisions in the Zubulake case, placing the economic burden of producing electronic documents primarily on the shoulders of the defendant-employer, and the other judicial opinions cited, imposing monetary and trial sanctions for failure to respond to e-discovery requests in a proper, timely manner all illustrate, these concerns are no longer of interest just to big business. They are applicable to everyone conducting business in the USA today, large or small, publicly traded or closely held, whether in the service or the manufacturing sector.

The bottom line is that a corporate culture that values integrity is no longer enough to insulate a business, its owners, officers and directors from the cost to produce electronic business records in contested proceedings and from the potential for civil and in some cases, criminal, liability for document destruction.

To manage and control this risk, every business needs a solid document retention policy that it adopts and implements in good faith, taking into account any industry specific regulations, that it follows religiously and that expressly requires the prompt cessation of document destruction when a claim is threatened or an action is commenced.

A very important component of this document retention policy is an electronic document archiving and retrieval system, utilizing worm technology to insure authenticity of the documents stored, and incorporating timely and inexpensive search and retrieval capability.



© November 2005. All Rights Reserved.
This article is prepared and published for informational purposes only as a service to Chamberlain D’Amanda’s existing and prospective clients and referral sources. It is not intended as and should not be deemed legal advice for any purpose, and should not be relied upon without consultation with legal counsel.