Control of Personal Email Accounts & Litigation Holds

Puerto Rico once again has issued a thought provoking eDiscovery opinion. It’s about time we hold a conference there.

FlagPuertoRico

The Court found the Plaintiff had offered sufficient evidence that the Defendant had a duty to preserve the personal email accounts of its former officers. The Court explained the email accounts were within the Defendant’s control because the officers had used the accounts for as along as seven years to manage the company. P.R. Tel. Co. v. San Juan Cable Llc, 2013 U.S. Dist. LEXIS 146081, at *4-5 (D.P.R. Oct. 7, 2013). Since the Defendant likely knew its managing officers were using personal email to conduct business, the duty to preserve included those accounts. Id. 

Sending smsThe Court did not grant the Plaintiff’s motion for adverse inference instructions, because there was no bad faith nor a showing of prejudice. P.R. Tel. Co., at *5.

The Defendant had issued a litigation hold within a month of the lawsuit.

Moreover, it appeared that only three email chains were “lost.” P.R. Tel. Co., at *6. 

While the Plaintiff could show three email chains were missing, it could not offer a clear theory on how it suffered any prejudice. P.R. Tel. Co., at *7.

Judge Bruce J. McGiverin ended the opinion with this legal foreshadowing:

Upon further discovery, more information regarding the extent of spoliation may come to light. Forensic analysis of these three former employees’ personal email accounts and computers may be appropriate to determine whether critical emails have been deleted. Nacco Materials Handling Grp., Inc. v. Lilly Co., 278 F.R.D. 395, 406 (W.D. Tenn. 2011) (“The only way to determine if relevant evidence currently exists or previously existed and was lost destroyed is to conduct a forensic examination to see if such evidence exists.”). At that time, plaintiff may renew its motion for sanctions if circumstances so warrant.

P.R. Tel. Co., at *7.

Bow Tie Thoughts

This case makes me think of one big issue: BYOD.

If an employer knowingly enables an employee to use a personal device for work, there is a duty to preserve what is relevant off of the device in a lawsuit. This could get ugly fast in litigation, as attorneys and experts debate doing targeted collections off of a personal device vs a mirror image.

If a company has Bring Your Own Device policies, they better have litigation plan that includes preserving any relevant information. It might be easier to simply have a work issued smartphone.

As to the personal email account issue, this would raise interesting collection issues. Email messages with eBay alerts, online dating or kid’s soccer games are highly unlikely to be relevant to a lawsuit. A data collection strategy could include targeting messages with work topics, specific individuals, date ranges and other narrowing methodologies. Early Case Assessment or data clustering technology would be very helpful in identifying relevant ESI.

You just need to compel the employee to turn over their passwords.

  1. I was recently having a discussion with a bunch of folks about BYOD. I was explaining some of the technology that could be used to “collect” from smartphones, if it was deemed necessary, as part of litigation, and they started thinking about what the policies at their company were. Turns out the policy was basically, that if you use your personal device and connect it to the work network in any way, they retain the right to forensically image that device at any time during your employment, to remotely wipe it should it become lost, and to examine it for any business records that may be stored on it at the termination of your employment.

    I then reached into my bag and pulled out two phones. My personal phone and my work phone. 😉