Here's Why You and Your Clients Need An ESI Policy

Posted on July 7, 2008 by Johnette Hassell, Ph.D.

When I start speaking at conferences and CLE seminars on the need for ESI Plans (also called Document Retention and Destruction Plans), eyes start glazing over.  I know it is not a glamorous topic.  I know that it seems like expensive drudgery.  I know it doesn't seem contribute to a client's ROI.  But cases are being lost because of missing and inadequate ESI Plans.

In Jerily Quon et al. v Arch Wireless and the City of Ontario, et al. the issue was text messages sent and received on City-owned pagers.  These pagers had a 25,000 character limits that were sometimes exceeded.  Employee text messaging was not monitored or audited, although it was supposed to be for City business and not for personal benefit or gain.  Employees were told that their usage would not be audited if they paid the overage any time there was one. They had been paying the overages when they occurred. 

The "bill collector" got tired of this role and conducted an audit, ostensibly to see if the 25,000 character limit was sufficient.  A major point in the opinion was that the employees had a reasonable expectation of privacy because of the "no-audit-if-you-pay-overage" policy.  Since several of the messages were of a sexual nature and between a husband and wife, I assume they did expect privacy.

The Ninth District ruled that the City had no right to the text messages.  As with many opinions, the discussion is complex and involves multiple concepts and precedents.  I'll let attorneys mull this one over, but I will comment on its practical implications. 

How did it happen?  The ESI policy was out of date and made no reference to text messaging.  The "Bill Collector" established a policy in practice that was not in writing and not approved.  The written policy was clear that employees had no expectation of privacy concerning files stored on the City's servers, but the text messages were stored on the Arch Wireless servers. 

I've read at least one blog arguing that now employers have to start paying to archive anything their employees store at a third party location.  It's not the third party location that is the issue, it is the ESI policy that told employees they had a reasonable expectation of privacy at that third party site.

I'm interested in hearing about what organizations are actually doing to create and update their ESI policies AND what law firms think their role should be in encouraging the practice.

Tags: , , , , ,

e-Discovery is Coming, Are You and Your Clients Prepared?

Posted on July 5, 2008 by Johnette Hassell, Ph.D.

I have been concerned for some time that corporate clients are not getting the message about preparing for e-discovery.  Organizations that are in frequent litigation seem to understand the issues, but they are not necessarily prepared.  In a survey of in-house counsel, Kroll Ontrack found that only 25% of these counsel felt they were prepared for e-discovery.  Half of the counsel said they did not have an ESI policy.

Baseline has provided an excellent article-from the IT staff's point of view-on the need to prepare for e-discovery.  I recommend it to IT departments of both corporate clients and law firms themselves.

I'd like to hear what the various IT departments have to say about it.

Tags: , , , ,