The Lawyer’s Role in Information Lifecycle Management

By Adam S. Bendell

I.        Introduction

The term “Information Lifecycle Management” (“ILM”) has been used by IT professionals for many years.  It refers to the concept that electronic information has a lifecycle which should be managed – it is born, it lives its life, and it should eventually die.  The original goals of ILM were IT goals – to reclaim storage space, to reduce the load on systems and thus improve performance, to move infrequently accessed data to less costly storage (which is an adjunct of ILM known as “hierarchical storage management”). 

 “Records Management” is a similar concept.  “Records” have a lifecycle, too – they are created, serve a purpose, and should eventually be destroyed.  Although any modern definition of a “Record” includes electronic records, in practice corporate records management has traditionally focused on inactive paper records – the records that are sent to central storage after they are no longer in active use.  While the core principle of records management – to keep records only so long as operationally useful or legally necessary – applies to active and electronic records as well, records managers have been ill-equipped to manage electronic data, which has traditionally been the purview of IT.

 With the rise of electronic discovery, the Legal Department has begun to worry about the information lifecycle as never before.  The duty to preserve information relevant to anticipated litigation or investigations, the need to describe “Electronically Stored Information” (“ESI”) early in the discovery process under the recently amended Federal Rules of Civil Procedure (“FRCP”), the distinction of whether data is “reasonably accessible” under the FRCP, and the need to review and produce ESI in litigation have forced in-house lawyers to pay attention to ILM and Records Management as never before.

 The challenge can be overwhelming.  The volume of information is staggering.  The corporate stakeholders (IT, Legal, Compliance, Records Management) all have different agendas.  The most relevant information in litigation is often unorganized data stored on personal computers or network file servers, which has traditionally been managed only by the creator or recipient, if at all.  The format, location and structure of information in a large corporation is incredibly complex, with thousands of systems in use at large multinational corporations.  The technology for managing such information must account for all those variations, and the state-of-the-art in Records Management software is not up to the task.  Some triggers of the duty to preserve data for litigation are ambiguous.  The standards are vague, the data volume vast, the tools complex, the corporate culture antagonistic, and the consequences of failure dire.  It is not surprising those assigned to such a project wonder if they are being punished.

 II.      The Lawyer’s Contribution

Given the size of the task, successful ILM is a multi-disciplinary, multi-year, project in which the in-house lawyer has at least ten critical responsibilities:

 1.       Determine records retention policy and periods. 

Records retention is the core of ILM.  The definition of a “record” should be narrow enough to encompass only documents which need to be retained for legal or operational reasons.  Given the general climate of concern about spoliation of evidence, records and IT staff will tend to err on the side of over-retention.  So will individual employees, for whom records management is a chore and who find individual value and perceive little risk from permanent retention.  It is the lawyer’s job to make sure not only that records are appropriately retained, but also that non-records are quickly destroyed (absent a specific preservation duty) and that records are kept only so long as necessary, and no longer.  Unnecessary retention makes it hard to find useful documents and adds tremendous to the costs of ongoing retention and sorting through data in litigation.  Although document discovery is of course not limited to records, pre-litigation retention requirements apply only to records, and deleting non-record documents pre-litigation is the single most effective electronic discovery cost control measure. 

 Records must be categorized into “records series” – the fewer categories, the better, to simplify and improve employee compliance.  Each series has a retention period.  The retention period is generally the longest of a) all of the legal and regulatory requirements applicable to that type of record, b) non-mandatory legal considerations (such as statute of limitations), and c) operational requirements to have access to records of that type. 

 It is an axiom of records management that the retention period is determined by the content of the information, not its format.  There is not a single correct retention period for all email, but a different one for email constituting contracts, employee performance reviews, project documentation, general correspondence, etc.  The lawyers should help assure that the record retention policy is applied according to content type, and to all systems, including enterprise databases. 

 2.       Support gradual elimination of unstructured junk piles

The vast majority of data produced in electronic discovery comes from “unstructured” data sources such as email, word processing documents, spreadsheets and presentations stored on local computers and unmanaged file servers.  Typically, documents which should have been destroyed long ago under the applicable records retention policy are retained and thus gathered in electronic discovery, dramatically raising the cost of litigation.  These documents remain after their useful life because they have never been centrally managed, and their deletion is up to an individual employee.

 There are only two ways to improve this situation: better records compliance by individual employees, and eliminating the “attractive nuisance” of limitless storage of unstructured data.  One of the most difficult data sources in litigation are “public shares” – network file server locations on which a large group of people can store documents indefinitely.  Many organizations are seeking to eliminate public shares, or to automatically delete data older than a couple of weeks which is placed there, to ensure that they are used for temporary sharing and not for long-term storage.  These locations are replaced with more structured storage locations such as collaboration spaces and document management systems, in which the eventual deletion of obsolete data can be semi-automated.  Although they add overhead and can therefore be unpopular, lawyers should support the move to structured data stores in order to mitigate both the risks and costs of litigation.

 3.       Develop data map

The Committee Note to the amendments to Rule 26(f) of the FRCP suggests that the parties be prepared at the discovery planning conference to “identify the various sources of such information within a party’s control that should be searched for electronically stored information” and the form in which such ESI might be produced.  These are new requirements for which many corporations are unprepared, both because of the explicit emphasis on disclosing the source of ESI and because this disclosure is intended to happen very quickly after the filing of the complaint.

 Pre-litigation planning is essential to cope with this requirement.  Many corporate legal departments are developing (often with the assistance of outside consultants) “data maps” or “system inventories” that comprehensively identify the sources of ESI.  Without such an inventory, it is quite difficult for counsel to be prepared for the 26(f) conference, as it is difficult and time consuming to determine what computer systems may have relevant information. 

 The IT department may have some kind of system inventory which can be used as a starting point, but be alert for a differing emphasis.  The IT department is often unconcerned with retired systems, but if data from those “legacy” systems still exists, it is fair game for discovery and the legal department must be concerned with it.  Likewise IT people may focus on variations in the “code base” of the systems themselves, whereas the lawyers are necessarily focused on variations in the data created by those systems. 

 Once the data map is developed, it must be maintained, because the IT landscape is constantly changing and the information quickly becomes dated.  The map is a useful tool for the IT department as it seeks to simplify and rationalize the IT infrastructure, retire duplicative systems, and move towards more comprehensive ILM. 

 4.       Define triggers for legal hold

Routine deletion of information at the end of its retention period must be suspended when litigation or an investigation is commenced or reasonably anticipated (the “legal hold”).  This can be accomplished by changing the deletion rules in the existing systems, or by making a copy of the data for preservation purposes.  The big software vendors line up on different sides of this question, and determining which approach to take is outside the scope of this article, other to say that both approaches can be legally adequate and both have their advantages and disadvantages. 

 Another ongoing debate is the degree to which it is permissible to rely on individual employees to enforce legal holds, versus requiring enforcement of non-destruction by software.  While the standard of care may change as the tools improve, today most legal hold programs rely to some degree on employee cooperation. 

 Lawyers also define when a legal hold is triggered.  It is clear that once a complaint has been filed or other formal notice of litigation or an investigation served, a duty to preserve potential evidence arises.  It is far less clear whether specific events or communications constitute notice that litigation should be “reasonably anticipated,” which is the generally accepted standard of what triggers the duty of preservation.  The case law on the duty of preservation and its cousin, the tort of spoliation of evidence, is confusing and inconsistent, and it is difficult to deduce clear practical triggers of the duty to preserve.  Nevertheless, counsel must do just that, to determine when the duty arises in each specific instance.  Once the duty arises, normal lifecycle management is suspended, and no destruction of active, potentially relevant data should be permitted. 

 5.       Assure scope of preservation

A major difference between information in paper and electronic form is that the destruction of paper requires affirmative action, whereas electronic information is routinely deleted in normal computer operations.  Although Rule 37 of the amended FRCP limits sanctions for ESI “lost as a result of the routine, good-faith operation of an electronic information system,” it is clear that parties have a duty to attempt to prevent such loss. 

 Traditionally a “legal hold” was implemented by sending a memo to custodians of potentially relevant data instructing them not to delete relevant data.  While this practice remains a core strategy, it may not work to prevent destruction of data in enterprise systems.  For at least those systems, a coordinated approach between the lawyers and IT department is required to assure that data not in the control of an individual custodian is also preserved.

 6.       Avoid excess preservation

On the other end of the spectrum, excessive preservation can also be tempting.  The two most common forms are the implementation of email “journaling” (in which every single inbound and outbound email is retained) and the suspension of routine backup tape recycling.  While each of these responses has an appropriate place in discovery response, they are often overused, to disastrous effect. 

 Journaling may be deployed because it is easier for the IT organization to deploy than coping with the management of increased email storage for specific employees necessitated by a legal hold.  Unfortunately, it results in a massive increase in the volume of email to be searched in litigation, the vast majority of which is irrelevant. 

 Backup tape recycling is often suspended on the advice of outside counsel, who see only the risk of data loss in their specific case, and not the negative impact on backup operations, the costs of retaining hundreds of tapes, or the attractive nuisance that a pile of old backup tapes presents to discovery adversaries. 

 The better approach is to plan in advance and narrowly tailor preservation to the requirements of the case at hand, coordinated with the overall corporate ILM strategy. 

 7.       Tracking, training and audit of hold compliance

As Zubulake V (Zubulake v. UBS Warburg, 229 F.R.D. 422 at 432 (S.D.N.Y. 2004)) and its progeny makes clear, it is not enough to send out a legal hold memo and not affirmatively confirm compliance.  It is the job of the lawyers to assure that employees understand the duties to preserve and have training in the skills necessary to preserve electronic and paper data and prevent automated destruction within the company’s environment, and to periodically audit employees to assure effective compliance. 

 Furthermore, the company must be able to document its preservation efforts.  This includes tracking who received legal holds, on what date, with what scope, in which matter, what subsequent instructions were provided and when.  In a company facing numerous litigations, or even a single litigation involving hundreds or thousands of custodians, this is a significant challenge without a well-developed tracking system, typically in the form of a database.  It is the job of the lawyers to assure that this tracking occurs and is accurate.

 8.       Track data outside corporate boundaries

The IT department typically loses track of data once it leaves the corporate boundary.  Even if the IT department has been involved in collecting data for litigation, once that data has been sent to a vendor or law firm for processing or review, it disappears from the information lifecycle radar. 

Of course the data does not really disappear until all copies have been deleted.  Data kept in litigation support databases of outside counsel, or retained by vendors or consultants involved in its processing for litigation, remains available to subpoenas and document requests in future litigation.  Avoiding duplicative attorney review of that data in subsequent litigation also requires affirmative information management.  Often only the legal department has visibility into the existence of this data, and therefore it is the lawyers’ responsibility to assure the appropriate management of its lifecycle (i.e. that it is eventually deleted).

9.       Assure completeness of collection

“Preservation” involves the retention of potentially relevant information.  “Collection” is the subsequent gathering of information responsive to document requests for review and possible production to your adversaries.  The approach to collection was not addressed by the amendments to the FRCP.  The basic choices are custodian self-selection (in which individual employees are asked to gather relevant documents), active data sweeps (in which all active electronic data meeting certain objective criteria such as date and file type are gathered), and forensic collections, in which an exact image of both active and inactive data on a computer hard drive is created. 

While a forensic image will capture more data than a sweep, and a sweep generally more than self selection, more is not necessarily better and none of these methods themselves assure completeness.  Data may exist on home computers, on removable media such as portable hard drives or CD ROMs, on home computers and on public network shares.  In order to collect data, one must be aware of its presence and location.  While in the long run the better solution is the gradual elimination of unstructured data stores described above, so long as such locations exist, they must be searched in litigation in order to assure a complete collection. 

10.    Make sure data dies at end of life or release from hold

Many companies put lots of attention on applying legal holds, but little on releasing them when the litigation ends or narrows.  If records management and ILM instructions are couched only in terms of how long information must be retained, rather than also demanding that it be deleted at the end of its retention period, excessive retention will result.  If attention is paid to narrowing the definition of a record and deleting records at end-of-life, but no attention is paid to deleting non-records documents within a short time frame, excessive retention will result. 

The cost of excessive retention may be less obvious than a headline-grabbing spoliation sanction, but it is no less harmful.  In each case (not releasing and narrowing legal holds, not requiring deletion of records at end-of-life, and not requiring deletion of non-record documents and information), the successes achieved in managing a portion of the information environment will be overshadowed by the failure to manage the rest. 

This is why ILM must be pursued holistically, across all the data sources in the organization.  While few companies (other than those in highly regulated industries) have yet to achieve comprehensive ILM, and the challenges of doing so immense, the goal is simple:  to retain information only so long as it is useful or must be retained by law, after which it is promptly deleted.  Since the legal process has become perhaps the most expensive consequence of ILM inadequacy, lawyers have a critical role in defining and implementing the solutions.

Adam S. Bendell is the president of Strategic Discovery, Inc., and former chief technology counsel of Gibson, Dunn & Crutcher. E-mail: abendell@strategicdiscovery.com