Migrated from eDJGroupInc.com. Author: Greg Buckles. Published: 2010-03-17 14:44:33Format, images and links may no longer function correctly. In Part 1, we explored changing face of internet and intranet collaborative communication platforms and the increased risks posed by outdated policies and technologies. My main concern over these systems is the unreasonable expectation that a typical corporate custodian could preserve relevant ESI stored in Sharepoint or another cloud based system. Despite recent rulings emphasizing written Hold Notification, most users simply do not have the tech savvy, rights or proper tools to either make a complete preservation copy or secure the items in place against expiry or accidents. That shifts the onus back onto Legal to effectively preserve these dynamic data sources.
As Barry Murphy’s recent articles have highlighted, it can be difficult to copy files and their context from systems like Sharepoint and Facebook. The line between application and webpage has blurred with Java apps, Ajax and other web-based languages that present dynamic database driven interfaces. The Federal standards for admissibility are based in Rule 901 which requires that an item be authenticated prior to being entered into evidence. There do not seem to be any definitive standards as yet for proving that a web page or other dynamic ESI is an exact copy, but I found quite a few cases using a combination of witness testimony and documentation of process. Much of the caselaw around internet evidence is focused on the reliability and potential hearsay nature of the internet, rather than the technical method of capture.
My overall (non-attorney) impression is that the courts want to see a well thought out and documented process that is able to reproduce the entire item and context as it was viewed at the time of collection. That could mean taking screenshots, saving as a full web archive (.mht file) or using a program like Adobe Acrobat 9 Professional or HTTrack to render a full copy. These methods seem to have a reasonable acceptance for collection of internet webpages in civil litigation, but this is such a new area that you should confer with counsel and clearly disclose your proposed collection methods to the other side along with a sample to get their approval. I am not advocating a specific application for collection because one size does not fit every platform or circumstance. It may be impossible to snapshot the interface in a manner that is acceptable and meaningful without the structured database behind the interface.
When considering a dynamic collaboration ESI source, there are some basic questions and points that may help you avoid authentication problems.
- How is the system accessed? (web vs. installed application)
- Are the items and their context relatively static or is the context actively dynamic? (simple file collaboration vs. interactive chat board)
- Can all of the relevant non-visible or linked information associated to the target ESI or page be collected?
- On structured data systems, consider segregating a full back up even when the opposing party has agreed to exported reports or selective snapshots. It is better to have a pristine copy in case they suddenly decide that they need another field or secondary pages.
- List the cost, effort, scalability and advantages of potential collection methods. Take sample collections if possible. Having a ‘standardized’ method and process across cases may weigh in your favor, especially if evidence has been authenticated in prior matters.
- Once counsel has made the final method determination, DOCUMENT everything. Go beyond the normal chain of custody information where reasonable with screenshots, hash values of the collection, having a secondary witness or using an appropriate service provider for a 3rd party witness.
- Take steps to lock down your collection during processing or review, as some of these capture formats can be altered by access.
All of this is more of general recipe for how to approach dynamic content sources than specific methodology. Be aware that not all ESI is built the same and ask your custodians to identify and request assistance for all potential evidence that falls outside of a list of known static sources. You should walk through your corporate data sources and define appropriate preservation methods for each. I am not saying that custodians cannot preserve ESI, but they require specific instructions, tools and possibly training if you are going to rely on them.