The next time you are involved in litigation in which communication or documents are relevant to the issues at bar your computer hard drive will be delivered to an expert who will retrieve from it every e mail, every website, every saved document you have ever opened or sent on that computer. Each one.
The only exception will be e mails and documents to and from your lawyer.
No matter how private or personal. No matter how much you feel it is an invasion of your privacy.
And if you erase your hard drive or seek to erase parts of it, you will either be unsuccessful or/and may face court ordered sanctions.
If you have old computers in your closet, if you have given your computer to a family member or friend or even donated it to some foundation, expect it to be retrieved and investigated in the same way.
In the last fifteen years an entire industry of experts has emerged to assist attorneys and other investigators in analyzing computer hard drives and retrieving even erased and deleted materials. As one told the writer, “If it was ever in the computer, I can find it. Just give me enough time and money and it will be on your desk.” He was right and dozens of documents, deleted by our opponents, were not only retrieved, but the date of the attempted deletions (after start of the litigation) carefully noted, to their consternation and dismay.
This has radically altered the world of litigation and the simple fact is that the majority of cases not only utilize such evidence but more and more cases are decided by such evidence.
And the collateral damage can be extensive. Marriages destroyed, employees fired, ancillary litigation erupting. While protective orders can be sought, such information quite often must be shared among the parties delivering the materials and this writer has seen more than one friendship destroyed by partners reading what the other partner said in an e mail to a mutual friend.
At the commencement of most litigation, your opponent (and you, in turn) will file a pleading requiring you to maintain in a safe locale all your hard drives and not to attempt to erase any of them. Once received, that pleading imposes upon you severe sanctions should the Court find that you violated it. It is not uncommon for opposing counsel to let that order stand for months before actually investigating the computer hard drives, while the opposing party worries about the various documents and websites that may eventually be viewed by the opposing parties. It is a wonderful incentive to settlement, one lawyer cynically told this writer.
To adjust to this new fact of litigation should be a vital part of each person’s and business’s planning, yet most do not even know this is an issue. This article will discuss the basic law of access to computer data in litigation and suggest some policies that each person may consider appropriate in planning for this eventuality.
The Law:
Discovery is the process by which a party can utilize various statutory means during litigation to obtain documents, admissions and take testimony before trial. See our article on The American System of Litigation. It is during such discovery that access to computer data is usually sought. And it is allowed.
1. California Law Supports Inspection of the Computers
California Code of Civil Procedure Section 2031.010 provides that a demand may be used to obtain inspection of “documents”, tangible things or land in the possession, custody or control of another party. As noted in Rutter Guide, California Civil Procedure Before Trial, Discovery, Electronic Data, Section 8:1428.2, p.8H—4, “[d]ata stored on any type of electronic device may be subject to inspection. This includes not only a computer’s hard drive and peripheral storage devices (disks and backup tapes), but also thumb drives, laptops, cell phones, personal data assistants (PDAs), etc. [See R.S. Creative, Inc. v. Creative Cotton, Ltd. (1999) 75 Cal.App.4th 486; 498 [89 Cal.Rptr.2d 353, 362); TBG Ins. Services Corp. v. Sup.Ct. (Zieminski) (2002) 96 Cal.App.4th 443, 448 [117 Cal.Rptr. 155, 159-160] (home computer).” [1]
In TBG Ins. Services Corp. v. Sup.Ct. (Zieminski) (2002) 96 Cal.App.4th 443, 448 [117 Cal.Rptr. 155], the moving party sought inspection of the plaintiff’s home computer. Plaintiff opposed inspection of the computer on the grounds that the computer contained personal information, and that the production of the computer would invade his constitutional right of privacy. The trial court denied the motion to compel, finding the information on the computer was ‘merely corroborative’ of facts already in the moving party’s possession since it already had extensive evidence of the facts sought to be proved, and that any additional evidence that the home computer would disclose would not outweigh the fact that the computer contained personal information. The Court of Appeal ordered issuance of a writ of mandate directing the trial court to vacate its order denying the demand for production, and compelling production. The Court of Appeal concluded that the home computer was indisputably relevant, the fact that evidence might be cumulative was not a viable objection under California law, and even if plaintiff had some lingering privacy interest in the information stored on the computer, defendant’s demand did not constitute a serious invasion of that privacy interest. Appropriate protective orders could prohibit unnecessary copying and dissemination of plaintiff’s financial and other information and it is immaterial that the party seeking discovery already has extensive other evidence of the same fact: A party “is entitled to discover any non-privileged information, cumulative or not…”[ TBG Ins. Services Corp. v. Sup.Ct. (Zieminski) (2002) 96 Cal.App.4th 443, 448 [117 Cal.Rptr. 155, 159-160; City of King City v. Community Bank of Central Calif. (2005) 131 Calapp.4th 913, 933 [32 Cal.Rptr.3d 384, 398]; Rutter Guide, California Civil Procedure Before Trial, Discovery, Electronic Data, Section 8:70.5, Cumulative Evidence, p.8C—3. The only limitation is that the information sought must be relevant, i.e. reasonably assist a party in evaluating its case, preparing for trial or facilitating a settlement. (Glenfed Development Corporation. v. Superior Court (1997) 53 Ca.App.4th 1113, 1117. See also, Rutter Guide, California Civil Procedure Before Trial, Discovery, 8:1426-8:1427.1
2. The Information Sought from the Computers Must Be Relevant
As noted in TBG Ins. Services Corp. v. Sup.Ct. (Zieminski) (2002) 96 Cal.App.4th 443, 448 [117 Cal.Rptr. 155, 159-160] quoting (Glenfed Development Corporation. v. Superior Court (1997) 53 Ca.App.4th 1113, 1117, “[a] party may obtain discovery regarding any matter, not privileged, that is relevant to the subject matter involved in the pending action…if the matter either is itself admissible in evidence or appears reasonably calculated to lead to the discovery of admissible evidence. (Section 2017, subd. (a).) In the context of discovery, evidence is ‘relevant’ if it might reasonably assist a party in evaluating its case, preparing for trial, or facilitating a settlement. Admissibility at the actual trial is not the test, and it is sufficient if the information sought might reasonably lead to other admissible evidence. In the more specific context of a demand for production of a tangible things, the party who asked the trial court to compel production must show ‘good cause’ for the request—but unless there is a legitimate privilege issue or claim of attorney work product , that burden is met simply by a fact—specific showing of relevance.”
3. The Party Resisting Production Has the Burden to Prove a Claimed Privacy Interest Outweighs the Right to Inspect
The Party resisting discovery of its computer data has a high burden of establishing that his or her right of privacy bars inspection of the home computers. (Hill v. National Collegiate Athletic Association (1994) 7 Cal.4th 1, 39-40. [26 Cal.Rptr. 2d 834]). The party must establish: (1) a legally protected privacy interest; (2) a reasonable expectation of privacy in the circumstances; and, (3) conduct by moving party constituting a serious invasion of privacy.
There are two general classes of legally recognized privacy interests; (1) interests in precluding dissemination or misuse of sensitive and confidential information or “informational privacy”; and, (2) interests in making intimate personal decisions or conducting personal activities without observation intrusion, or interference or “autonomy privacy”. (Hill, supra, 7 Cal.4th at p. 35) Courts have routinely held that privacy rights must give way to the far more powerful right to access to possible evidence. Showing that the computer was used as to any relevant communications will normally allow full inspection. The courts hold that once one uses the computer for such purposes, they no longer have a reasonable expectation of privacy as to its contents. As noted in Vinson v. Superior Court (1987) 43 Cal. 3d 833, 842 [239 Cal.Rptr. 292, 740 P.2d 404], a party cannot be allowed to make serious allegations without affording the other party an opportunity to put their truth to the test.
Even assuming the existence of a legally cognizable privacy interest, the extent of that interest is not absolute—the extent of the privacy interest is dependent upon the circumstances of that particular case, i.e., do the circumstances create a reasonable expectation of privacy? (Hill, supra, 7 Cal.4th at 36; TGB, supra, 96 Cal.App.4th at 449.) With respect to communications and/or documents relative to deleted items, it has been concluded that persons who use e-mail to communicate do not have a reasonable expectation of privacy in those communications. (See United States v. Charbonneau (S.D. Ohio 1997) 979 F. Supp. 1177, 1184 (“an e-mail message, like a letter, cannot be afforded a reasonable expectation for privacy once that message is received”).
Further, courts have often held that a moving parties’ demand to inspect computers does not constitute a serious invasion of that interest. (Hill, supra, 7 Cal.4th at p. 39-40; TGB, supra 96 Cal. App.4th at p. 449.) Moving parties are often willing to stipulate to an appropriate protective order defining the scope of the inspection and copying of information on the computers to that which is directly relevant to a particular litigation and that is normally enough to satisfy the courts…even though the computer will still fully be investigated by strangers, to the discomfort of the producing party.
Practicalities:
-
You must assume that in any litigation involving you or your company, every computer you utilize for e mail or drafting documents will be subject to scrutiny by experts. You may get a limited protective order as to what can be done with the data-but the fact remains that hostile inquiry will be made into each computer you have so utilized.
-
You must assume that this pertains to any e mail you received on each computer. Thus, if you occasionally utilize your home or personal computer to receive or send e mails…or even only used it once… those will be equally subject to the inquiry. If your spouse or children utilize your computer or if you have ever utilized their computers, their data will be equally subject to scrutiny.
-
The same rules apply to computer, text messages on cell phones, Blackberrys, Treos, etc. All will be examined.
-
Hard drives are only truly erased with extremely sophisticated equipment. What the layperson considers “erasing” is actually deleting it from a folder and moving it to another folder on the computer. While these folders slowly remove information as they are overwritten, that is not always the case and usually takes years.
-
If a matter is deleted or even erased, a good computer expert can not only determine when and how it was done, but can often retrieve much of the “erased” information.
-
The fact that information was deleted or attempted to be deleted is, itself, admissible as evidence and, as in the Watergate scandal, can be more incriminating than anything found on the computer.
-
Once one receives notice to preserve the hard drive and equipment, erasure or deletion can be a violation of a court order and result in severe sanctions. Such notices are now routine at the beginning of every case.
-
One expert put it well to this writer: the only way a lay person can actually erase a hard drive so that the information can not be retrieved is by physically destroying it.
-
With the internet and web involvement in e mails, the odds are good that each document and e mail you sent are stored on a dozen computers in a dozen servers. Those can be retrieved as well.
Prevention:
There is only one sure way to avoid access to all data on your computer. Do not put it there. The problem is that these powerful tools have become such a critical element in all of our communications that it is impractical to avoid their use. Nevertheless, the following guidelines should be considered:
-
Do not mix business with non-business. If you have a personal computer, NEVER utilize it for any communications involving your business life. Do not even make it a back up for e mails. Keep it entirely quarantined.
-
Do not utilize other people’s computers or other forms of electronic communications such as cell phones or Blackberries.
-
If a matter must be kept confidential, make it an attorney client privileged document.
-
If an attorney is not involved and you do not want the information subject to data retrieval…pick up the telephone and have a conversation or visit the person and talk.
-
Have a planned system of hard drive destruction independent of any litigation. See our article on Destruction of Business Records.
-
Do not fall into that odd mental trap that so many of us are prone to do. Your computer is not a private extension of your mind. It is the most public tool you have ever used, subject to scrutiny, even without litigation, by every person who can gain access to your network. Just because it is sitting on your desk with your password do not assume for a moment that it is private.
Thoughts:
The discipline necessary to rigidly utilize the business computer only for business and to carefully edit, at least mentally, any and all communications via e mail is seldom encountered in the business or, indeed, the personal world. The ease and efficiency of e mail communication, the increasing reliance on the portable devices and the international nature of such communication makes control all the more difficult.
And even if one shows discipline in one’s own use of a computer, if one receives an e mail relevant to the matter at hand then your computer is suddenly subject to investigation. What has actually occurred is a significant increase to litigants' of access to data of the opposing parties and witnesses which is transforming the world of litigation.
One client of this office utilizes three separate computers which he does not mix and match and controls who has access to separate e mail accounts so that his personal computer can not even receive critical e mails involving other cases. He understands that he must control those documents received to particular accounts to maintain any real chance for privacy.
But he is in a very small minority and the rest of us must assume that with litigation will come entry into all the information contained on any data storage device we utilize, from cell phones to laptops, from desk tops to Treos.
Be prepared.
[1] As noted in Rutter Guide, California Civil Procedure Before Trial, Discovery, 8:1472—1472.5, “[i]f necessary, the responding party must through detection devices, translate any data compilation included in the demand into reasonably usable form.” [CCP Section 2031.280(b)…] This includes computer data downloaded and stored on magnetic tapes, regardless of the difficulties that may be encountered. [Toshiba America Electronic Components, Inc. v. Sup.Ct. (Lexar Media) (2004) 124 Cal.App.4th 762, 768 [21 Cal. Rptr. 3d 532, 538]”…Although the statute is not explicit, ‘usable form’ presumably means that data stored in a computer file that is not too voluminous must be furnished in the form of a paper printout. If the file is too voluminous however, ‘usable form’ may mean furnishing a computer disk containing the computer file and any custom or proprietary software programs used to select, categorize or evaluate the data.