Migrated from eDJGroupInc.com. Author: Barry Murphy. Published: 2010-05-28 05:22:46Format, images and links may no longer function correctly. After bemoaning the lack of eDiscovery sanctions with real teeth, it was interesting to see an article this week about the sanction of $700K against Piper Jaffray & Company for failure to preserve emails. The company was fined $1.65 million in 2002 for the same issue. At that time, the company implemented new archiving procedures and software in order to ensure that the same mistake would not occur. I take two things out of this story. First, it could be that the lower fine for this infraction is due to recognition that a good faith effort to retain information was in place. And second, archiving technology by itself is not enough to ensure that all necessary information can be preserved.
Granted, I do not know the details behind why FINRA levied this sanction on Piper Jaffray, but I do suspect that courts and regulatory agencies do look at least somewhat favorably upon organizations that take steps to ensure preservation capabilities. If I were in charge, I would certainly apply lesser sanctions to a company that tried and failed than to a company that didn’t even try. That said, the efforts a company makes need to be both reasonable and good faith. That means that reasonable retention policies must be in place, that procedures to lock down potentially responsive information must exist, and that organizations recognize their duty. I make this last point because not all organizations really get the full extent of their duties. There is an attitude that putting tools and policies in place is enough. I’ve heard companies say, “we put email archiving in place, so there is no chance we will lose potentially responsive emails.”
Well, that statement is patently false. Yes, email archiving can help with preservation (as well as provide the benefits of getting mail off production servers to help with backup and storage costs). However, email archiving has long relied on the messaging application programming interface (MAPI) as a capture mechanism. Because MAPI puts quite a burden on production mail servers, most organizations scheduled MAPI runs for after business hours. Smart employees that really wanted to permanently delete emails (especially incriminating ones) could do so before the MAPI run and before the backup snapshot and the email would be gone, despite the archiving tool being in place (assuming that the employee was not being journaled). Is it a reasonable, good faith effort? Well, each organization needs to make that decision on its own, but with the availability of continuous data protection, I would think now that organizations are on the hook for 100% preservation.
The bottom line is that legal and IT teams need to get together, outline what is reasonable, define the requirements, and get moving. In order to succeed, it will take a combination of tenable policies, legal hold processes that are workflow-enabled, and eDiscovery applications that can give organizations control over collection and the ability to enforce preservation.