frcp and metadata · frcp and metadata: avoiding the lurking e-discovery disaster. 2.the impact of...

FRCP and Metadata:Avoiding the Lurking e-Discovery Disaster

Author: Dennis Kennedy | Published: 2006

4

4

10

12

14

17

18

19

20

©2012 Workshare. All rights reserved. Workshare and DeltaView are registered trademarks of Workshare. Workshare Document Content Technology, Workshare Protect, Workshare Compare Service, Workshare Professional and the Workshare logo are trademarks of Workshare. All product and company names herein may be trademarks of their registered owners.

2

Contents

Section

2. The Impact of Rule Changes

3. New FRCP Amendments Bring Metadata Front and Center

4. Metadata and the Challenges It Raises

5. Laying the Groundwork for Managing Metadata

6. Steps Toward Gaining Control of Metadata

7. Considerations when Selecting Metadata Tools

8. Avoiding the Lurking Dangers at the Crossroads

9. Appendix 1

10. About Workshare

FRCP and Metadata: Avoiding the Lurking e-Discovery Disaster

1. Executive Summary

1. Executive SummaryNew e-Discovery rules are forcing organizations to develop policies and implement actions to address the new world of civil litigation in a digital era. The rules clarify that document metadata will be part of e-Discovery and must be considered in every case. Organizations who do not take steps face significant risks. Organizations that step up to the challenge by designing and implementing reasonable policies and selecting tools that help automate procedures will not only lower e-Discovery costs, but will avoid future e-Discovery disasters that can lead to sanctions and penalties and lost business, brand reputation and customers .

A treasure trove of potentially damaging information hides in plain sight beneath the surface of today’s electronic documents. Although we see the occasional newspaper story announcing the embarrassing release of this hidden data, the issues raised by document “metadata” have only slowly made their way into litigation matters, court cases and law practices.

That’s all now changed–and drastically–with potentially disastrous consequences for the unprepared. New amendments to the Federal Rules of Civil Procedure (FRCP) that became effective December 1, 2006, have brought organizations to a crossroads in the way they deal with the issues raised by metadata in civil litigation. These new amendments update traditional discovery rules for the modern era of electronic documents and force organizations and their legal teams to consider the impact of electronic data, including hidden data associated with documents, in every case.

In this white paper, you will learn practical ways to deal with the issues raised by metadata under the new FRCP amendments, to prepare your organization and your legal team to understand these issues, and to take appropriate practical steps to deal with your metadata in the new FRCP-driven legal environment. This paper will cover the highlights of the new rules that affect e-Discovery and metadata, provide you with a practical overview of the issues involved, and outline the policies, procedures, tools and approaches you will need to consider for your organization to move forward confidently and successfully in this new era.


3


2. The Impact of Rule ChangesThe new rules make metadata management a cornerstone of any effective e-Discovery strategy. Metadata management has been elevated to a level of importance traditionally occupied by often-discussed topics like email archiving, document retention, and content indexing for e-Discovery readiness. And it’s more than just Rules 26(b) and 34(a) and (b) eliminating any doubt that metadata is subject to discovery. New Rule 37(f) provides a welcome safe harbor for organizations that manage metadata as part of normal business practices in accordance with automated implementation of reasonable policies.

Organizations that attempt to deal with metadata on an ad hoc basis rather than managing metadata from document creation based on well-considered policies now face risks and costs that are simply unacceptable. The new rules change discovery procedures and shift the emphasis on discovery in litigation matters to reflect our increasingly digital world. They also subject organizations and their counsel to the full range of discovery sanctions for sloppy or improper handling of documents and their associated metadata.

However, there are larger issues at stake than simply sanctions and penalties. This hidden data can include records of changes, comments, dates and other information that can spell the difference between winning and losing cases at trial or being forced to settle cases where there initially appeared to be little at risk. Establishing good policies on handling electronic documents and their associated metadata can not only avoid these business disasters but can save money in document production, streamline cases, and improve efficiencies in handling litigation matters. Because virtually every document created in today’s business contains metadata, the extent, scope and implications of metadata and metadata management issues are large. Unprepared organisation risk unprecedented disasters, as the $1.5 billion verdict recently handed to Morgan Stanley as a direct result of discovery violations illustrates all too well[1].

3. New FRCP Amendments Bring Metadata Front and CenterAfter many years of discussion and drafting and with much fanfare and attention, the new amendments to the Federal Rules of Civil Procedure became effective December 1, 2006. Given all of this attention, anyone who reads the new amendments will be surprised at how little is really there, both in the number of words, how few rules are affected, and how modest the changes seem to be. The rules adopt and implement some simple rules and sketch out broad guidelines rather than give specific answers. These amendments reflect the approach of the Sedona Conference Working Group and other sources of the amendments that featured fourteen core principles of e-Discovery that focused on big picture issues rather than micromanagement of all aspects of the discovery process. The amendments also recognize and reflect that technology is likely to make specific requirements obsolete within a short time after enactment of any rules.

Sedona principles that affect metadata include an emphasis on a realistic assessment of costs and burdens of dealing with electronic data, a recognition that organizations are in the best position to evaluate the most reasonable ways to preserve and produce their own data, and a focus on active data that is meant to be used for future business purposes. The Sedona principles did not expect parties to take every possible step to preserve all potentially relevant data. The new amendments to the FRCP incorporate these Sedona principles.

The new rules are evolutionary, rather than revolutionary. In simplest terms, they are designed to clarify that e-Discovery is now a part of traditional discovery. The amendments provide for roughly equivalent treatment of electronic documents and paper documents. It is in the implications of these rules where the action is. Organizations that fail to comply with these rules face possible sanctions, including adverse instructions, default judgments and even monetary fines. Even worse, they risk losing cases that previously would have been won or favorably settled.

1. Coleman (Parent) Holdings, Inc. v. Morgan Stanley & Co. Inc., 2005 Extra LEXIS 94 (Fla. Cir. Ct. Mar. 23, 2005).


4



5


Executive Office of President (Armstrong v. E.O.P. (Bush): First court case discussing email metadata

Alcatel: Security vulnerability in Alcatel’s DSL modems revealed in metadata

Microsoft: Ad flap leaves Microsoft red-faced

2001

2002

1993

\\

2003

2004

2005

2006

Department of Justice: Balco case details inadvertently made public via metadata

The White House: Metadata reveals nonpartisan testimony gets White House edit

The Pentagon: Readers find metadata and ‘declassify’ US document

Williams v. Sprint: The most thorough and instructive consideration of metadata by a court

The United Nations: Metadata reveals UN office doctored report on murder of Hariri

Democratic National Committee: Author name and creation date of memo about Judge Sam Alito revealed

Westpac: Westpac’s full-year profit results exposed via metadata before being finalized and lodged with the Australian Stock Exchange

Merck: Relevant data deleted from a manuscript resulting in 7,000 personal injury lawsuits

SCO: Complaint filed with tracked changes and comments revealing strategy and issues of concern

Telxon Corp.: Deletion of all metadata in two years of documents was not considered “good faith” production. Default judgment as sanction

Sun Life Financial: Error forced the company to release its fourth-quarter and year-end results ahead of schedule

Google: Google inadvertently reveals internal projections

Chronicle of Higher Education: Microsoft Word’s Hidden Tags Reveal Once-Anonymous Peer Reviewers

United Nations: Deleted name of individual allegedly involved in Lebanese assassination plan revealed

New Amendments to the Federal Rules of Civil Procedure

The British Prime Minister’s Office: Metadata reveals Minister’s office is not author of Iraq’s Security and Intelligence Report

ABA Ethics Opinion: Lawyers receiving electronic documents are free to examine hidden metadata

The Sedona Guidelines: Best Practice Guidelines & Commentary for Managing Information & Records in the Electronic Agesanction

New York State Bar Association: Opinion brief recommends that attorneys remove metadata from documents sent via email

Table 1. Representative Cases and News Stories

It is important to note that there are not substantive requirements, guidelines or directives under these new rules that you can pull out and implement. Much like the existing discovery rules, the new amendments are directed to the ways lawyers and courts handle and conduct cases in the Federal court system (and in many, if not all, states). They deal with the ways electronic information will be gathered and produced in the litigation context. They do not mandate records management requirements.

As a result organizations have not found the clarity and certainty they might have expected from the new amendments. As the extent and complexity of e-Discovery gradually become clearer, organizations have more, not fewer, questions about what they really need to do to prepare for and safeguard themselves from the lurking dangers of e-Discovery and metadata disasters. The numbers associated with e-Discovery will grab your attention. Consider (1) trillions of bytes of data to review, (2) billions of dollars in estimated e-Discovery costs, including products and services, in 2007 and already a billion-dollar verdict, (3) millions of documents in complex litigation cases, and (4) potentially thousands of items of metadata in a single document with tracked changes. The number of newspaper headlines and court cases involving metadata and metadata disclosure continues to grow at a fast pace.

In the case of metadata, you will not find a specific new rule on metadata that you can turn to and learn everything that applies to metadata issues. Instead, you will see that the treatment of metadata arises from the implications of the rules and the discussion of the rules in the official comments. Simply put, the decision-makers in your organization need to know that the new rules clarify that the treatment of metadata must be a consideration in all discovery in today’s litigation matters.

There are five amendments to the rules that will have an impact on the handling of metadata in litigation matters. These rules and their impact are summarized in Table 2 and detailed below.


6



7


Table 2. Key Ammendments Affecting Metadata

Rule Key Point Impact Summary Implications for Your Organization

34(A) Creates new category of Electronically Stored Information (ESI)

Removes any doubt whether electronic data (including metadata) are potentially discoverable

• Must be able to preserve and produce ESI

• Can no longer argue that electronic documents are not discoverable “documents” under the FRCP

• Electronic data must be part of litigation holds and other litigation procedures

34(B) Gives requesting party the right to specify format in which ESI is produced

Encourages requiring production in native file format (i.e. Word, email, Excel)

• Native file format will include metadata

• Forces a move away from scanning and printing electronic documents only

• Requires development of systems and policies for preserving, producing and handling ESI in native file formats

26(b)(2) Introduces categories of “accessible” and “inaccessible” ESI

Implies that metadata will NOT be considered “inaccessible”

• Eliminates argument that hidden data is not “accessible”

• Strongly encourages development of policies, procedures and systems for preserving and handling metadata in ESI

• Production of ESI will involve consideration of metadata in every case

37(f) Creates a “safe harbor” protection from sanctions for deletion of ESI in course of routine, good faith operations of computer systems

Reduces the chances of severe penalties in many cases and recognizes the practical difficulty of controlling everything today’s computers do while operating

• Places a premium on creating policies and procedures that canbe automated to create routine metadata operations

• Requires all business decision-makers to participate in development of policies and procedures

• Offers a “safe harbor” for rules-based, automated deletion and management of metadata in electronic documents

16(b) and 26(f)

“Meet and confer” rules require early discussion of ESI issues

Forces discussion of ESI early in discovery process and requires understanding of ESI issues for both you and your opponent

• Requires legal team to understand fully how ESI, including metadata, is handled in your organization

• Requires that reasonable and defensible plans and procedures be in place for dealing with ESI that a judge will be likely toapprove

• Requires preparation for dealing with metadata in every case

1. Definition of Electronically Stored Information (“ESI”)

No set of new legal rules would be complete if it did not introduce at least one new acronym. In the case of these amendments, that acronym is ESI, for “electronically stored information.” Before the amendments, discovery consisted of two categories of discoverable items: documents and things. Although judges tended to treat electronic data as a form of “document,” some courts treated electronic information differently, and there were always questions about whether new forms of electronic data would fit into the category of “document.” Metadata is one example of whether it falls into the definition of “document” might be difficult.

Perhaps the most important aspect of the new amendments is that they eliminate issues about electronic data and “documents” by creating the additional category of “electronically stored information” in Rule 34(a). Electronic data, including metadata, is now clearly discoverable material, assuming relevance and other requirements are met. This result is consistent with the general approach of eliminating formal distinctions between electronic and paper documents. There should no longer be any grounds to contest whether metadata is, by definition, not discoverable.


8


2. Emphasis on Production in Native File Format

Rule 34(b), among other things, gives the requesting party the right to specify the format in which ESI is produced and places the burden on the producing party to show why another format should be used.

Today, litigants generally use one of three formats when producing documents electronically. Electronic documents might be provided in the TIFF format, or essentially as a scanned copy of the underlying printed document. They also might be provided in the PDF format, which is seen as more convenient, searchable, and usable. Finally they might be provided in what is known as the “native file format.” Native file format simply means the actual format in which the document was created in the application in which it was originally created. For example, a Microsoft Word document would be produced in its original document format – the .doc format. Documents produced in native file format do not require scanning or conversion. They can also be viewed in the same manner that the creator and recipients saw the documents. In the case of spreadsheets, for example, you can see formulas used in cells and other information not available from a paper printout or TIFF or PDF versions of the same spreadsheet. Use of native file format tends to be cheaper, easier, and more convenient, and makes documents more accessible in many settings than production in the other two formats.

However, unlike TIFF and most PDF documents, electronic documents produced in native file formats will contain the hidden and embedded data often referred to as “metadata.” As a result, there is a growing tendency to request electronic documents in native file format, in no small part because of the availability of the metadata associated with these documents. There is a growing consensus that judges will be sympathetic to requests for production in native file formats and that the trend will be toward native file format becoming the default form of production under the new rules. The result will be that metadata will be in play and need to be considered and dealt with in nearly every case.

3. Accessible and Inaccessible ESI

Rule 26(b)(2) introduces the notion of accessible and inaccessible information. The intent of the rule is to not require production of electronic information when it is not “reasonably accessible” as a practical matter because of undue costs or burdens of production. The concept of “inaccessible” has been defined in terms of substantial economic or of other burdens, not in terms of being “hidden” or “embedded.” As a result, the rule indicates that, absent very unusual circumstances, metadata will fall into the reasonably accessible category of ESI.

4. Rule 37(f) Safe Harbor

Rule 37(f) provides a limited protection from the imposition of discovery sanctions in the event of deletion or loss of ESI in the routine, good faith operation of computer systems. While there seems to be some consensus among commentators that the safe harbor will apply only in limited situations related to backup procedures and the standard workings of operating systems, the language of the rule is broad enough to cover policy-based automatic metadata management efforts. However, the concept of “routine, good faith operation of computer systems” will find its way into other areas of interpreting these rules. The safe harbor also illustrates the way that the new amendments emphasize and have a respect for the difficulties of trying to work with the issues involved in handling electronic information in a changing technology environment. As a result, judges may respond favorably to reasonable efforts, procedures and processes adopted by organizations and their data managers when dealing with data handling and production issues, including metadata deletion and management. It is unclear how the case law will develop in that area, but organizations with reasonable, well-considered, and carefully administered metadata policies and procedures certainly have arguments that they fit into the safe harbor provisions.


9


5. Meet and Confer

Rules 16(b) and 26(f) require that ESI be considered as part of every case, and considered and addressed early and often. There is an obligation of parties to meet and confer about discovery within 45 days after filing the case. A discussion of the handling of ESI must be part of that conference. There is also a clear expectation in the rules that lawyers will cooperate to work out reasonable solutions to the issues raised by ESI. Lawyers and their clients must be prepared early to address, and have a plan for dealing with, ESI and electronic discovery issues including the handling of metadata.

These five amendments will play the biggest part in the treatment of metadata. As the distinction between “paper discovery” and e-Discovery disappears, you will need to be aware that traditional rules and case law with respect to spoliation, chain of custody, presumptions of “hiding” evidence when ESI is deleted and other notions will apply and take on new meaning in an electronic age. Other aspects of discovery practice, such as Rule 82, relating to entities in non-US jurisdictions and requiring consideration of ESI across an organization’s global network, will apply when ESI is involved, and forms, such as Form 45, will expand to cover ESI.

The new rules do not set up requirements, regulations or specific guidelines for the handling of metadata and specific metadata issues. However, they clearly leave no place for organizations and their legal teams to hide when it comes to metadata. The rules clearly bring the consideration, discussion and handling of metadata to the surface in every case, and eliminate any argument that metadata is not a part of modern discovery practice.


10


4. Metadata and the Challenges It RaisesMetadata is too often defined today by referring to the origins and history of the component parts of the term. You often see metadata referred to as “data about data,” a linguistically accurate and descriptive formulation, but not an especially useful or illuminating one. For our purposes, metadata should be thought of as information associated with and made part of an electronic document that is not visible in the normal viewing or printing of that document. In that sense, “hidden data” might one day replace “metadata” as a more useful term. Metadata can include descriptive, historical, technical or other information and is often generated automatically. It can also include hidden information manually added by users of the document. Classic examples of metadata are the information contained in “document properties” of Microsoft Word documents and comments or tracked changes in Word documents.

Metadata is neither inherently good nor bad. Depending on its context, it can be quite useful. Outside the legal environment, adding and using metadata is a highly valued method of making information more usable and findable. Metadata can also be quite useful in helping you organize, identify, and review your electronic documents. Metadata is not a new topic. It has been with us for a long time. Interestingly, the concept of metadata is not confined to electronic documents.

In fact, paper documents have their own analogous forms of metadata that are not immediately visible to readers. Consider “metadata” like paper size, whether a paper was printed, typed or copied, paper type, and other information, or written comments (ink, pencil or typed) or highlighting (color, ink type). Thinking about “paper metadata” will help you think more clearly about electronic metadata.

Metadata, and electronic documents, might contain three categories of metadata. In many cases, elements from all three categories will be found. Table 3 summarizes the three categories and lists illustrative cases and news stories about each category.

Table 3. Categories of Metadata

Category Examples Representative Cases Or News Stories

System File creation dates and times, user names, file locations

• Armstrong v. Executive Office of President, 1 F.3d1274 (D.C. Cir. 1993) (considered first case to discuss email metadata issues)

Application Word document properties, word and character counts, version numbers, editing time, company name

• Williams v. Sprint, 230 F.R.D. 640 (D.Kan. 2005)(thorough discussion of metadata issues involvedin production of spreadsheets)

Document (or User-Added)

Tracked changes, comments, highlighting

• 2004 - The SCO Group filed a complaint that included the name of another contemplated partyand other comments and tracked changes aboutissues in the case

• 2006 - Google reveals financial projections hidden in presentation documents

• 2006 - United Nations document revealed deletion of names involved in Lebaneseassassination


11


1. System Metadata

System metadata is data automatically added by your computer system that relates to the operation of the system and the handling of files. Examples of system metadata include file creation date and time stamps, file location, author or user identification and other information generally useful for system administration purposes. While this metadata is not the type that regularly draws headlines, it might be very useful when certain types of fact issues arise. For example, if the date when a document was created is a key fact issue in a case, a “date created” time stamp might be dispositive on the issue. A user name might resolve a dispute over who created a document.

2. Application Metadata

Application metadata is like system metadata in that it is automatically created and associated with your document. The difference is that application metadata directly relates to the application that creates or uses the document. Using Microsoft Word as an example, you can check the properties of a document (the Properties choice under the File menu) and find data relating to word and character counts, document statistics, total editing time, and the like. You might find more than one hundred metadata items automatically generated and incorporated into your Word document.

3. Document (or User-Added) Metadata

Document metadata describes hidden or embedded data that is manually added to a document. Comments, highlighting and track changes markup are good examples of this category. When people talk about the dangers of metadata or metadata containing “smoking guns,” they generally are referring to document metadata. Cases like the SCO filing that showed a petition was originally going to be filed against another company have appeared regularly over the years.

Metadata adds a large amount of new information to documents when compared to paper documents. In that context, a printout of a document (or a scan of a printout) simply does not give the full picture of all that is contained in a document. Although much metadata is innocuous and will have little or no value in discovery, the fact that it can be automatically generated or included in a document without anyone’s knowledge presents problems for everyone involved in handling and managing documents in electronic discovery.

Appendix 1 provides a comprehensive list of metadata elements in common file types.


12


5. Laying the Groundwork for Managing MetadataThe new FRCP amendments move metadata from the frontier of e-Discovery to the mainstream, with possible involvement in every case. They also put organizations and their legal teams at a crossroads. They simply cannot rely on the methods that worked for paper discovery. They must make choices about what directions to take as they move forward. Metadata risk should be managed well before opposing parties request it in discovery. In order to manage metadata risk, companies must prepare and implement policies, practices and tools that minimize their risk profile and improve their discovery readiness.

Setting up policies in advance offers organizations several benefits. First, remember that metadata is not always a bad thing. Metadata can help you find information, categorize data, and identify ESI as part of your discovery preparation. In the same way as organizations have found that “document deletion” procedures eliminate both “good” and “bad” documents, it is clear that an emphasis on metadata management, not just metadata deletion or scrubbing, can have positive benefits in helping you with the discovery process. Second, just as policy-based email and document retention can provide protection in the event emails or documents are deleted in accordance with the policy, reasonable metadata management policies and procedures will allow you to defend your reasonable procedures rather than leave you in the weak position of trying to explain ad hoc, suspicion - inducing metadata deletion efforts. Developing routine, good-faith, business-justified metadata policies will also provide a basis for application of the Rule 37(f) safe harbor protections.

There are three key areas to consider as you prepare to make decisions about the directions you will take in handling metadata.

1. Understanding and Training

Dealing with metadata in e-Discovery starts with obtaining a solid, practical understanding of the nature and scope of the potential issues and problems created by your use of metadata. The stories and cases that have already appeared (and the ones that are likely to come) will sound the wake-up call on the extent of the potential problems. These are not headlines in which any organization wants to see its name featured.

Many lawyers have only a limited understanding of what metadata is, where it exists, and how it should be handled. Businesses also have only a limited understanding of the issues, and their employees often have little or no understanding over what metadata is being created, what control they do or do not have over this metadata, and what they need to do to deal with, manage, or remove metadata that has been created. This state of affairs all but guarantees that there will be insufficient knowledge to take appropriate actions on how metadata should be handled in advance of litigation or produced as part of a litigation. Education and training will play a key role in any serious metadata management efforts.

2. Identification and Awareness

After establishing a solid base of knowledge, you must identify the metadata that exists, where it is located, and how it is created. You must have a working knowledge of what is happening in your own systems and documents. With this knowledge, you can assess the issues you face in your documents, both those that may already be subject to production and those that might one day become subject to production. Remember that not all metadata will be dangerous or potential “smoking guns.” Some can be quite valuable to your business or your clients. Becoming fully aware of what your metadata landscape looks like is a necessary step in getting prepared to deal with metadata inside and outside the e-Discovery process and complying with the new rules.


13


3. Usage and Strategies

How will you use metadata and what strategies will you choose? Lawyers tend to focus on the “offensive” use of metadata. How might they find a “smoking gun”? While there are good incentives to look at the other side’s metadata, organizations are better served by focusing on the “defensive” use of metadata and ways to protect their own documents.

What can you do to control, reduce or eliminate the amount and types of metadata created? Can existing metadata be removed from all or selected documents? What options are available to help you manage the disclosure of your metadata? What will judges be willing to accept as ways to avoid disclosure of metadata?

Once you educate yourself and your employees about metadata and the way it is created and can be used, you can move to take prudent action on the issues raised by metadata. The best approach is to think systematically about metadata and how it is used in organizations and how the needs of the organization and litigation might intersect. You will want to adopt, and the new rules definitely encourage, reasonable policies and procedures for dealing with metadata.


14


6. Steps Toward Gaining Control of MetadataControl of your metadata issues will come from the adoption of targeted, well-conceived policies and procedures. Unfortunately, in the new world of e-Discovery, not choosing a policy means that you have in fact chosen a default policy that will probably not be the policy you want. A passive approach is a dangerous route to take, especially when you stand at a crossroads knowing that the old ways and directions will no longer work. You will want to implement practices that move you along the steps set out in the preceding section of this paper. There is no substitute for hard work and diligence in this process. It will take significant time and money and require a dedicated team effort. The sooner you get started, the better.

1. Education and Training

If you and the people working with you on these issues do not understand the nature of the problem, you will not be able to address your metadata concerns successfully. Fortunately, a good number of articles, seminars and other resources are now available to help you understand how metadata is created and how your can work with it and manage or eliminate it, especially in connection commonly used programs such as the Microsoft Office suite. Following up on basic Metadata 101 education with ongoing training about your policies and procedures and new developments is a must.

Table 4. Useful Web Resources on Metadata

Site URL

Content security resources http://www.metadatarisk.org/

Williams v. Sprint http://www.fjc.gov/public/pdf.nsf/lookup/ElecDi09/$file/ElecDi09.pdf

Sedona Conference http://thesedonaconference.org

Rosenthal, Metadata and Issues Relating to the Form of Production

http://thepocketpart.org/2006/12/4/Rosenthal.html

Kennedy and Mighell, EDD- ucating Yourself About Electronic Discovery

http://www.abanet.org/lpm/lpt/articles/slc10061.shtml

Searchable e-Discovery Case Log

https://extranet1.klgates.com/ediscovery/Search.aspx

Sensei Enterprises Electronic Evidence Case Digest

http://www.senseient.com/case_search.asp

Federal Rules of Civil Procedure

http://judiciary.house.gov/media/pdfs/printers/109th/31308.pdf

http://www.metadatarisk.org/

http://www.fjc.gov/public/pdf.nsf/lookup/ElecDi09/$file/ElecDi09.pdf

http://thesedonaconference.org

http://thepocketpart.org/2006/12/4/Rosenthal.html

http://www.abanet.org/lpm/lpt/articles/slc10061.shtml

https://extranet1.klgates.com/ediscovery/Search.aspx

http://www.senseient.com/case_search.asp

http://judiciary.house.gov/media/pdfs/printers/109th/31308.pdf


15


2. Policies

Organizations and their legal teams must begin to create consistent, well-thought-out and reasonable policies for the use and handling of metadata. Successful policies grow out of having the right people ask and concentrate on the right questions. Metadata management requires a team approach, not a purely legal approach. What metadata are you creating and transmitting, and why? What should be happening? Can you change default settings? What are the likely uses of documents with metadata? Should different types of documents be treated differently? Should legal or other business concerns drive the project? What are the legal and business ramifications of the policy choices? As a practical matter, can policies be enforced or implemented? Who will implement them? Who owns and pays for these efforts? These are but a few of the questions that will lead you toward an effective policy.

Your history of litigation and your prospects for future litigation are some of the other factors that will play a part in these decisions. You also want to consider the impact of the new FRCP amendments on your efforts. While the amendments do not enact any specific requirements for the handling of metadata, they certainly place a premium on developing reasonable approaches and policies for the routine handling of metadata. If you have an existing reasonable policy for deleting or otherwise managing metadata, a judge will be more likely to approve your handling of metadata than if you simply begin scrubbing metadata from selected documents in preparation for an individual suit or, worse, after a suit is filed. Whether or not your procedures bring you into Rule 37(f) safe harbor, they should make you prepared for the “meet and confer” requirements and the obligations to address ESI early and often in your cases.

Expect policies that focus on thoughtful, selective handling and deletion of metadata to be better received by courts than “scrub every bit of metadata” approaches. Before the new rules became effective, it probably did make sense to think in terms of “scrubbing” metadata and scouring away all of its traces. A better way to think about metadata policies today is in terms of “document hygiene.” In other words, you must determine the ways you can clean documents appropriately, address specific risks and problems with appropriately targeted interventions, and take care that your documents stay healthy for all business purposes.

3. Processes and Procedures

Once you have developed a policy, you will need to develop and put into place the processes and procedures to turn policy into action and cultivate appropriate behaviors. In general, the rules suggest that reasonable and defensible processes and procedures will be looked upon favorably. Because of the complexity and potentially overwhelming burden of dealing with mountains of metadata, it is highly likely that courts will focus on what policies and procedures an organization uses more so than specific actions it takes with individual documents. In other words, in the absence of specific corporate metadata policy, a court is highly likely to order production of documents and data in native file formats with all metadata included. On the other hand, if a company has a reasonable corporate policy that is effectively implemented, a judge is likely to permit the production of documents without metadata as they are maintained in normal processes. This result will be even more likely if metadata is cleaned and managed automatically using rules-based processes, procedures, and tools that reflect clearly-stated and enforced policies driven by reasonable business justifications.

Processes and procedures will involve the selection of appropriate tools. The new rules will push use to a second generation of metadata management tools. In the first generation of metadata tools, “scrubbing” or removal was the goal. Today, a more sophisticate approach that implements policies and reflects the broader scope of document hygiene is called for. Tools that implement policy rules, act automatically, and give flexibility for specific concerns and exceptions will be necessary to implement in processes and procedures that are most appropriate for your document and data environment. Perhaps just as important, they will help reduce the time, burden, and cost of e-Discovery production by helping you achieve consistent, repeatable, and defensible results across all of your litigation matters.


16


4. Team Approach

None of these metadata decisions should take place in isolation. There are legal, IT, business and other management components of all policies dealing with metadata, and each of the stakeholders must be represented on the team determining and implementing these policies. In some companies, these efforts and costs can be folded into existing records management efforts, but in other businesses, it will be best to set up separate teams. Seeking additional input from outside counsel, consultants and vendors will be essential.

These efforts should not be driven entirely by the considerations and perspectives of lawyers who see metadata as an evil to be eradicated. Metadata can be quite valuable when people collaborate on documents and projects. Therefore, it is unlikely that a policy that deletes all metadata will work in most business settings. On the other hand, sending out documents outside the firewall loaded with metadata will rarely make sense. Dealing with metadata requires a balancing of interests and concerns within your organization and a nuanced approach that considers business concerns and not just the legal ones.


17


7. Considerations when Selecting Metadata ToolsThe FRCP amendments are a call to action. Drafting policies alone will not get the job done. When you have settled on policies and developed your processes and procedures, you will need to find the tools to implement your approach and help you comply with the new e-Discovery rules. As part of your education and training process, you will want to understand the types of tools and approaches that are now available. In general, you will want to select tools that make it easy for employees, your legal team, and others to effectively and consistently carry out your policies and to handle metadata and ESI in accordance with the policies. At this point, the use of single-purpose, free metadata scrubbing plug-ins, will no longer suffice for metadata management in the age of ESI and the new FRCP amendments.

In fact, the new e-Discovery rules push you toward more sophisticated tools and a movement from “scrubbing” to the idea of “document hygiene” discussed above. A policy-based approach brings us to a more nuanced world of intelligent preventive management of metadata and away from a world of brute force scrubbing. You want to target and prevent future problems, address existing problems, and establish a routine to maintain a healthy document policy and your organization. This will involve the selection of appropriate tools that allow you to comply with the new rules and the necessary training of personnel to use these tools and to implement and follow your procedures as part of their everyday approach to document creation and management.

Tools that reflect this new approach should offer features that both help you gain control of your metadata and implement your selected policies, and enhance your chances of being eligible for Rule 37(f) safe harbor protections for routine, good-faith operation of computer systems:

• Automation of rules-based policies

• Ability to identify documents in a variety of ways and to treat metadata differently depending upon a document’s classification automatically

• Confirmation that your policies are being implemented and enforced

In addition, these tools should:

• Not interfere with or slow down your work and business processes

• Work seamlessly and transparently with the software programs used within the organization

• Allow you to manage the hidden data in your documents in ways other than simple deletion

• Cover as many types of metadata as may exist in your organization

• Let you handle metadata both internally and when documents leave the protection of your firewall, treating metadata appropriately in each setting

• Provide warnings and reports to assist authors and reviewers of documents in dealing with hidden data issues, especially the types of reporting that will prepare your legal team quickly for the “meet and confer” requirements under the new rules

• Be easy to use and usable by employees with minimal training

Flexibility is also a must, as metadata and the treatment of metadata will continue to evolve and change. For example, with the introduction of Windows Vista and Office 2007, we can expect to see the nature of Office metadata change, probably in some unexpected ways. Rulings and case law might also require changes in your approach. Selection of the right tools can tame the daunting job of metadata management and e-Discovery preparation and give you an easier, more effective path through the dangers of the new litigation world.


18


8. Avoiding the Lurking Dangers at the CrossroadsThe new FRCP amendments have brought organizations facing actual and potential litigation matters to a crossroads where either business as usual or new directions must be chosen. Ignoring the issues or putting off the day of reckoning raises embarrassing, costly, and potentially disastrous consequences. The new FRCP amendments have removed any questions that anyone might have had about the availability of hidden data or metadata for production during discovery. In fact, the new rules bring hidden data out into the open, revealing the many lurking dangers of metadata in this process. The clear message is to begin planning for metadata issues, not to simply wait and react to them. For most businesses this will require a team-based approach with the development of specific policies created in consultation with legal, IT and other engaged business leaders and stakeholders.

By having solid policy around metadata management and retention, you can avoid the inherent risk of “smoking gun” discoveries in metadata while protecting your documents and streamlining the litigation process in ways that will appeal to the judges handling your matters and have you well-prepared for the new FRCP amendments. You must now begin to work on policies and approaches for your metadata and select the correct tools. By doing so, you will not only lower your e-Discovery costs, but you will avoid future e-Discovery disasters that can lead to sanctions and penalties and, worse, lost business, brand reputation and customers. The choice is yours.


19


9. Appendix 1List of Metadata Elements in Common File Types

Document metadata comes in many forms. Below is a list of the types of metadata found in Microsoft® Office documents.

Word Excel PowerPoint

Attached Template 3

Auto Version Flag 3

Comments 3 3 3

Custom Properties 3 3 3

Document Properties 3 3 3

Document Variables 3

Document Versions 3

Endnotes 3

Fields 3

Footers 3 3 3

Footnotes 3

Headers 3 3 3

Hidden Column 3

Hidden Row 3

Hidden Sheet 3

Hidden Slide

Hidden Text 3

Hyperlinks 3 3 3

Links 3 3

Macros 3 3

Off Slide Content

Redact text 3 3 3

Revision Authors/Reviewer Names 3

Routing Slip 3 3

Small Text 3 3 3

Smart Tags 3

Speaker Notes 3

Text Boxes 3

Track Changes 3 3

White on White Text 3 3 3

10. About WorkshareWorkshare is a leading provider of secure enterprise file sharing collaboration applications. Workshare allows individuals to easily create, share and manage high-value content anywhere, on any device. Workshare enhances the efficiency of the collaborative process by enabling content owners to accurately track and compare changes from contributors simultaneously. The integrated Workshare platform also reduces the commercial risk posed by inadvertently sharing confidential or sensitive documents. More than 1.8 million professionals in 70 countries use Workshare’s award-winning desktop, mobile, tablet, and online applications. For more information visit www.workshare.com or follow Workshare on twitter at www.twitter.com/workshare.


20


About Workshare PointWorkshare Point enhances Microsoft SharePoint 2010 as a Document Management System by providing a document-centric front end that provides integration to both Microsoft Outlook and Office for better Microsoft SharePoint access and content management. Workshare Point integrates Microsoft SharePoint and Outlook. You can access SharePoint document libraries from the Outlook Navigation pane. A Reading Pane view in Outlook lets you perform tasks on documents within SharePoint. You can also easily drag-and-drop files from SharePoint into Outlook email either as links or attachments.

About Workshare ProtectWith Workshare Protect you can remove hidden information (metadata) to protect against financial risk, a competitive disadvantage, or an embarrassing situation with costly consequences. Customizable with more than 25 document security options with unique settings for different types of recipients, Workshare Protect removes hidden information to reduce the risk of inadvertent exposure of confidential information with automated alerts and one-click removal of hidden information such as tracked changes, speaker notes, the author’s name, and document editing time from Microsoft Office documents and PDF files.

About Workshare CompareWorkshare Compare provides users with advanced document collaboration between multiple Word and PDF documents. The ability to compare images and Excel tables within documents, as well as the ability to accurately track document changes down to the paragraph, line, word, or character level, all add up to a streamlining of the entire document review process.

Workshare empowers users with a document-centric collaboration experience, enabling them to review, make content-specific comments, and update documents based on user-defined permissions. This is managed with presence indicators, real-time alerts, and activity feeds. Workshare offers a range of integrations that enable customers to embed the power of Workshare's collaboration and file sharing features into existing enterprise content management and productivity applications such as Microsoft SharePoint and Microsoft Office (Excel, Word, and PowerPoint).

http://www.workshare.com

http://www.twitter.com/workshare

About Workshare ProfessionalWorkshare Professional combines advanced document collaboration with the ability to keep documents secure. Users can expect accurate tracking even between the most complex documents while also benefitting from advanced security features when sharing documents, including the ability to remove potentially embarassing metadata or other information from any document. Additionally, Workshare Professional eliminates the need for multliple different document versions, maintaining all suggested document revisions within the original master document.

About Workshare DesktopWorkshare Desktop is ideal for individuals or organizations who want to collaborate, review, and comment on documents without the use of a web browser or Microsoft Office. Workshare Desktop also keeps local copies of files and folders in sync with the central cloud store, ensuring that everyone has the latest version and allowing users to continue working while offline.

About Workshare MobileWorkshare Mobile makes collaboration and file sharing easy for users on the move. Users and their guests can view, share, and comment on files using any browser-enabled mobile device while all content remains auditable and protected from loss. Additionally, the Workshare Mobile App is available for all users wishing to connect their iPhone or iPad to the collaboration experience, seamlessly integrating Workshare into the iOS interface.



21