This article is an excerpt from Oregon Civil Pleading and Practice, chapter 30, E-Discovery. For more information on this topic, go to the BarBooks™ online library or purchase a hard copy at a discount during our Summer Sale.
By Mark A. Friel
This chapter discusses key aspects of electronically stored information (ESI) in the context of civil discovery in Oregon courts. ESI generally refers to any information created or used in a digital environment, or stored on digital media. The Federal Rules of Civil Procedure were first amended in December 2006 to specifically address the discovery of ESI. The Oregon Council on Court Procedures has promulgated an amendment to ORCP 43, which took effect on January 1, 2012, to include “electronically stored information” within the definition of documents, and to include the following new provision (ORCP 43 E):
E Electronically Stored Information. A request for electronically stored information may specify the form in which the information is to be produced by the responding party but, if no such specification is made, the responding party must produce the information in either the form in which it is ordinarily maintained or in a reasonably useful form.
Reported decisions under Oregon state law are practically nonexistent with respect to ESI, and there is very little guidance for state courts apart from the more developed case law under the Federal Rules of Civil Procedure. For example, see Conference of Chief Justices, Guidelines for State Trial Courts Regarding Discovery of Electronically-Stored Information (2006) (noting the lack of guidance relating to ESI under state law, and making frequent references throughout the publication to the federal rules and federal case law) (available at <http://www.ncsc.org/Topics/Civil/Civil-Procedure/Resource-Guide.aspx>).
Relying mostly on developments under federal law, this chapter explains some of the basics of ESI, why it is different from traditional forms of discovery, how to effectively manage the process of ESI preservation and production, and the sanctions the courts use to deal with the mishandling of ESI. The final section (§30.6) offers further reading in this rapidly evolving area.
BASICS OF ELECTRONICALLY STORED INFORMATION (ESI)
Sources of ESI
In Zubulake v. UBS Warburg LLC, 217 FRD 309 (SDNY 2003), in the first of a series of famous opinions on electronic discovery, the court explained that
[f]ive categories of data, listed in order from most accessible to least accessible, are described in the literature on electronic data storage:
1. Active, online data: “On-line storage is generally provided by magnetic disk. It is used in the very active stages of an electronic records [sic] life—when it is being created or received and processed, as well as when the access frequency is high and the required speed of access is very fast, i.e., milliseconds.” Examples of online data include hard drives.
2. Near-line data: “This typically consists of a robotic storage device (robotic library) that houses removable media, uses robotic arms to access the media, and uses multiple read/write devices to store and retrieve records. Access speeds can range from as low as milliseconds if the media is already in a read device, up to 10–30 seconds for optical disk technology, and between 20–120 seconds for sequentially searched media, such as magnetic tape.” Examples include optical disks.
3. Offline storage/archives: “This is removable optical disk or magnetic tape media, which can be labeled and stored in a shelf or rack. Off-line storage of electronic records is traditionally used for making disaster copies of records and also for records considered ‘archival’ in that their likelihood of retrieval is minimal. Accessibility to off-line media involves manual intervention and is much slower than on-line or near-line storage. Access speed may be minutes, hours, or even days, depending on the access-effectiveness of the storage facility.” The principled difference between nearline data and offline data is that offline data lacks “the coordinated control of an intelligent disk subsystem,” and is, in the lingo, JBOD (“Just a Bunch Of Disks”).
4. Backup tapes: “A device, like a tape recorder, that reads data from and writes it onto a tape. Tape drives have data capacities of anywhere from a few hundred kilobytes to several gigabytes. Their transfer speeds also vary considerably . . . The disadvantage of tape drives is that they are sequential-access devices, which means that to read any particular block of data, you need to read all the preceding blocks.” As a result, “the data on a backup tape are not organized for retrieval of individual documents or files [because] . . . the organization of the data mirrors the computer’s structure, not the human records management structure.” Backup tapes also typically employ some sort of data compression, permitting more data to be stored on each tape, but also making restoration more time-consuming and expensive, especially given the lack of uniform standard governing data compression.
5. Erased, fragmented or damaged data: “When a file is first created and saved, it is laid down on the [storage media] in contiguous clusters . . . As files are erased, their clusters are made available again as free space. Eventually, some newly created files become larger than the remaining contiguous free space. These files are then broken up and randomly placed throughout the disk.” Such broken-up files are said to be “fragmented,” and along with damaged and erased data can only be accessed after significant processing.
Zubulake, 217 FRD at 318–319 (footnotes and internal citations omitted). Of these five categories of electronically stored information (ESI), “the first three categories are typically identified as accessible, and the latter two as inaccessible.” Zubulake, 217 FRD at 319–320. The distinction the court in Zubulake drew between “accessible” and “inaccessible” ESI is, as explained in §30.4-5, relevant to a party’s obligations under the discovery rules.
Even within the various categories of accessible and inaccessible data, ESI includes not only that information that the user created intentionally (such as the text of a word processing file), but also any information created by the device on which the file is created, used, or stored (such as the date the file was created, the file’s author, the identity of anyone who may have edited the file, and a history of edits made to the file). This “metadata” is also a form of ESI and potentially subject to discovery. See, e.g.,
Romero v. Allstate Ins. Co., 271 FRD 96, 103 (ED Pa 2010) (“‘the producing party ordinarily must take into account the need for metadata to make otherwise unintelligible documents understandable'” (quoting Ford Motor Co. v. Edgewood Props., 257 FRD 418, 425 (DNJ 2009))).
Difficulties of Handling ESI
Electronically stored information (ESI) is unlike traditional documents. It does not reside in a drawer, in a filing cabinet, or on a shelf in a warehouse. It cannot be photocopied and simply handed over to another party in response to discovery requests. Perhaps most importantly, it is much easier to lose, alter, or destroy ESI than traditional documents. A simple keystroke could overwrite, alter, or destroy vast quantities of information in a matter of seconds.
It is because of the ease with which ESI can be lost, altered, or destroyed that the 2006 amendments to FRCP 37 added a new section providing:
Failure to Provide Electronically Stored Information. Absent exceptional circumstances, a court may not impose sanctions under these rules on a party for failing to provide electronically stored information lost as a result of the routine, good-faith operation of an electronic information system.
FRCP 37(e); see also FRCP 37(e), 2006 Advisory Committee notes (“The ‘routine operation’ of computer systems includes the alteration and overwriting of information, often without the operator’s specific direction or awareness, a feature with no direct counterpart in hard-copy documents.”). FRCP 37(e) is not an automatic out for parties who have allowed relevant, accessible ESI to be altered, overwritten, or otherwise lost. In its commentary on the new provision, the Advisory Committee explained:
Rule 37[(e)] applies to information lost due to the routine operation of an information system only if the operation was in good faith. Good faith in the routine operation of an information system may involve a party’s intervention to modify or suspend certain features of that routine operation to prevent the loss of information, if that information is subject to a preservation obligation. A preservation obligation may arise from many sources, including common law, statutes, regulations, or a court order in the case. The good faith requirement of Rule 37[(e)] means that a party is not permitted to exploit the routine operation of an information system to thwart discovery obligations by allowing that operation to continue in order to destroy specific stored information that it is required to preserve. When a party is under a duty to preserve information because of pending or reasonably anticipated litigation, intervention in the routine operation of an information system is one aspect of what is often called a “litigation hold.” Among the factors that bear on a party’s good faith in the routine operation of an information system are the steps the party took to comply with a court order in the case or party agreement requiring preservation of specific electronically stored information.
FRCP 37(e), 2006 Advisory Committee notes (former FRCP 37(f)); see also
Disability Rights Council of Greater Wash. v. Wash. Metro. Transit Auth., 242 FRD 139, 146 (D DC 2007) (“Rule [37(e)] does not exempt a party who fails to stop the operation of a system that is obliterating information that may be discoverable in litigation”).