Long before the Pension Committee opinion, my dear friend and revered colleague, Browning Marean, presciently observed that the ability to frame and implement a legal hold would prove an essential lawyer skill. Browning understood, as many lawyers are only now coming to appreciate, that “legal hold” is more than just a communique. It’s a multi pronged, organic process that must be tailored to the needs of the case like a fine suit of clothes. For all the sensible emphasis on use of a repeatable process, the most successful and cost-effective legal holds demonstrate a bespoke character from the practiced hand of an awake, aware and able attorney.
Unfortunately, that deliberate, evolving character is one of the two things that people hate most about legal holds (the other being the cost). They want legal hold to be a checklist, a form letter, a tool–all of which have value, but none of which suffice, individually or collectively, to forestall the need for a capable person who understands the ESI environment and is accountable for getting the legal hold right. It’s a balancing act; one maximizing the retention of relevant, material, non-duplicative information while minimizing the cost, complexity and business disruption attendant to meeting one’s legal responsibilities. Achieving balance means you can’t choose one or the other, you need both.
This post is about custodial hold. It’s a very hot topic in e-discovery, and for some lawyers and companies, custodial hold is perilously synonymous with legal hold:
“How do you do a legal hold in your organization?”
“We tell our people not to delete relevant stuff.”
Custodial hold is relying upon the custodians (the creators and holders) of data to preserve it. It makes sense. They’re usually the folks best informed about where the data they hold resides and what it signifies. They may be the only ones who can relate the stored information to the actions or decisions at the heart of the litigation. A custodial hold is subjective in nature because custodians choose to preserve based upon their knowledge of the data and the dispute. Absent assurance that custodians can’t alter or discard potentially relevant data, you almost always need some measure of custodial hold, to the point that Judge Schiendlin hyperbolically (and erroneously) characterized the failure to implement a written custodial hold as gross negligence per se.
Okay, so a proper legal hold is a custodial hold. Check!
Um, sorry no, not by itself. This is where the balancing is needed.
The subjective nature of a custodial legal hold is both its strength and its weakness. It’s said that three things can happen when you throw a football, and two of them are bad. The same is true for custodial hold. Custodians may do it well, but some won’t bother and some will do it badly. Some won’t bother because they will assume it’s someone else’s responsibility, or they haven’t the time or any of a hundred other reasons why people fail to get something done when it’s not important or beneficial to them.
Some will do it badly because they don’t understand what’s going on. Some will do it badly because they understand quite well what’s afoot. When you make custodians think about how the information they hold relates to a dispute, you stir them to consider the consequences of others scrutinizing the information they hold. Maybe they start to worry about being blamed for the problem that gave rise to the litigation or maybe they worry about getting in trouble for something that has nothing to do with the litigation but which looms large as an item they don’t want discovered. Either way, it’s “their” information, and they aren’t going to help it hang around if it might look bad for them, a co-worker or the company.
Judge Scheindlin has lately touched upon the risk of relying solely on custodial holds in her most recent decision in the NDLON v ICE litigation, leaving lawyers, companies and entire branches of government scratching their heads about whether they can or cannot rely upon custodial holds.
“Hrrrmph,” they sniff, “We can trust our people to do what we tell them to do.”
Okay, trust, but verify. It’s a phrase no one who was of age when Ronald Reagan was president could ever forget, lifted from an old Russian proverb that Lenin loved, “doveryai, no proveryai.” I much prefer the incarnation attributed to Finley Peter Dunne: “Trust everyone, but cut the cards.”
That means you should backstop custodial holds with objective preservation measures tending to defray the risk of reliance on custodial holds. Put another way, the limitations of custodial holds don’t mean you don’t use them–you must use them in almost every case. It means you don’t use them alone.
Instead, design your hold around a mature recognition of human frailty. Accept that people will fail to preserve or will destroy data, and recognize that you can often easily guard against such failure by adding a measure of objective preservation to your hold strategy.
Subjective custodial hold or objective systemic hold?
You need a measure of both.
This is where the thinking and balancing comes in. You might choose to put a hold on the e-mail and network shares of key custodians from the system/IT side before charging the custodians with preservation. That’s essential when the custodians’ own conduct is at issue.
Or you might quickly and quietly image the machines of persons whose circumstances present the greatest temptation to reinvent the facts or whose positions are so central to the case that their failure would carry outsize consequences.
Or you might change preservation settings at the mail server level (what used to be called Dumpster settings in older versions of Microsoft Exchange server) to hang onto double deleted messaging for key custodians.
Certainly you need to think of your client and its employees as your allies in litigation; but, you’d be a fool not to consider them your adversaries, too. Trust everyone, but cut the cards.