eDiscovery Update: Six things you must consider when sending ESI

Peter Coons

Have you ever had to ship a hard drive, thumb drive or CD to another party; or to a vendor for processing and hosting? Did you put the media in the container or envelope and cross your fingers, hoping it would arrive safely? Or did you did you follow best practices and make a copy of it prior to shipping?

In a recent decision out of the SDNY (Cognex Corp. v. Microscan Sys., Inc., [SDNY Dec. 31, 2013]), a judge sanctioned the plaintiffs for not following a basic tenet of handing and shipping evidence. In this matter, Cognex Corporation filed suit against Microscan Systems, Inc. for patent infringement.

During the course of discovery defendants asked plaintiffs to send an optical disk/CD that contained software related to the matter. The plaintiffs promised to provide the CD, but later informed defendants that the CD was damaged. The plaintiffs blamed Federal Express for the CD’s destruction. Regardless, at the end of the day, the plaintiffs failed to make a copy of the CD prior to shipping it to its expert. When the CD was shipped back to the plaintiffs by the expert it was damaged.

In response to this calamity, the defendants filed for sanctions and requested an adverse inference.

A party seeking an adverse inference jury instruction on the basis of spoliation of evidence must establish: (1) that the party having control over the evidence had an obligation to preserve it at the time it was destroyed; (2) that the records were destroyed with a culpable state of mind; and (3) that the destroyed evidence was relevant to the party’s claim or defense such that a reasonable trier of fact could find that it would support that claim or defense.

The court ultimately decided that monetary sanctions to the tune of $25,000 were appropriate, but not an adverse inference ruling. The court agreed that the plaintiffs had a duty to preserve the data on the CD and their failure to make a copy of the disk “before shipping it to their expert gave rise to inference of their culpable state of mind, where alleged infringers failed to show that the disk was material to their claims or defenses.” In the end, the alleged infringers could not show that the data contained on the CD would support the claims or defenses.

“Here, defendants have failed to show how a CD that contained software related to the HawkEye 51 reader would be material to their claims or defenses. This lack of materiality does not excuse plaintiffs’ misconduct, but it is highly pertinent to determining what sanction is appropriate. In particular, the absence of materiality suggests that the severe punishment of an adverse inference instruction would here be excessive.”

This situation could have been avoided if the plaintiffs made a simple backup of the CD prior to shipping. They had a duty to preserve it and they failed in that duty. What else could have been done? What are other best practices or considerations when shipping ESI?

1. Make a copy. This is not a consideration, it is a must do! It is fairly simple these days to safely copy media without altering the contents of the original. If you don’t know how to do it then find an IT person or your favorite litigation support professional. Whatever you do, do not ship original materials. If for some reason the evidence is so unique or important and it can’t be copied you may want to ask yourself if it should be shipped under any circumstance.

2. Encrypt it. Encrypt the data that is going to be shipped. There are many free encryption programs available. Even if you make a copy of the data, that is not a guarantee it will arrive safely or arrive at all. If your package never arrives, you will sleep well at night knowing that your client’s secret formula was sent on an encrypted hard drive.

3. Use a service that provides a tracking number. This may seem obvious, but make sure you use a service like FedEx that allows for tracking packages. Even the U.S. Postal Service provides shipping that can be tracked.

4. Include documentation or a form from vendor. Many times we receive packages with hard drives, CDs or other media and that is it! No documentation, no prior phone calls or emails giving us a heads up. Not only is it important to include documentation so chain of custody can be maintained, it is important so people know what they are getting. At the very least include a letter with a description of the contents, the project and the name of the sender. Most vendors have forms that should be completed by you prior to the ESI being shipped.

5. Use your head when packing the evidence. In the same packages without documentation we usually find hard drives in boxes large enough for four without any padding or other protection. On more than one occasion we have attached drives to find they no longer operate due to poor handling. I cannot blame this on FedEx like the plaintiffs tried to do in Cognex v. Microscan. Use appropriate packing material.

6. Look to alternatives, like Secure File Transfer Protocol or hand delivery. Some information may be so sensitive or vital that it must be hand-carried. Most shipping companies have a white glove service where an individual hand carries the package from location A to B.

Additionally, it is possible to transfer ESI over the Internet. File Transfer Protocol or FTP is one way to accomplish this technological feat, but make sure it is secure (SFTP). I do not recommend using services such as DropBox to transfer sensitive or client-related data. Again, reach out to your local IT person to find a secure way to transfer your data over the Internet. The volume may be too large, but anything that can fit on a CD can be shipped over SFTP.

Sanctions can be imposed for missteps at any stage of discovery. Knowing and following best practices along the way is not a guarantee that mistakes will not occur, but it is better than crossing your fingers.

Peter Coons is a senior vice president at D4, providing eDiscovery and digital forensics consulting services to clients. Peter is a Certified Information Systems Security Professional (CISSP), an EnCase Certified Examiner (EnCE), an Access Data Certified Examiner (ACE), and a Certified Computer Examiner (CCE). He belongs to various digital investigation and information security based organizations. Peter holds a master’s degree in Digital Forensics Management from Champlain College and a bachelor’s degree in Economics from the State University of New York at Oneonta.