Mobile Devices and the Evolution of Electronic Discovery

Technology today has made it possible to carry our entire office in a single device and to work from anywhere. Our personal and business lives are increasingly blending together, because technology is always at our fingertips. A person can communicate and share information in ways that only a decade ago would seem impossible. An iPhone allows a user to make a phone call through a telecommunications provider or Skype through the internet using a network or internet service provider. A person can e-mail, text message, instant message, and log onto countless applications including social networking while working or sitting on a beach. We have developed into a society with an endless amount of data and information deployed through an ever-growing number of electronic devices. Many lawyers fear what implications these developments will have on the boundaries of discovery. Discovery rules and particularly electronic discovery rules have gone through constant modification in an effort to keep up. However, the rules of today can no longer keep up with the technology of tomorrow.

In 2006, when electronic stored information was explicitly added to the Federal Rules of Civil Procedure, courts still thought of electronic stored information (ESI) in a traditional way.[1] ESI would be created or received by employees or individuals as a memo, spreadsheet, or e-mail. Then the information would be stored on a PC hard drive, email server, or storage media like a CD or DVD. The Advisory Committee Notes to Rule 34 state that the discovery of documents did not just mean papers, but also "electronic data compilations from which information can be obtained only with the use of detection devices."[2] The Rules called for ESI in the responding party's possession, custody, or control to be initially disclosed and eventually turned over if requested and reasonably accessible.[3] Courts initially faced questions of how far a practitioner must go in disclosing ESI. The Zubulake case made it clear that, as with any other type of discoverable information, companies had a duty to develop modes of ESI preservation and lawyers had a duty to make sure that clients knew of and followed these duties.[4] The discoverability of deleted computer files, like e-mails or Word documents, while also initially contested, soon came within the scope of the discovery rules by the courts.[5] Indeed, cases at the time like Zubulake mostly addressed ESI in the context of a business environment having to do with deleted e-mails and back-up tapes, now ESI related to litigation can be anywhere because of the strides in technology.

Today, the real tough discovery disputes no longer take on such traditional modes of communication. With the growing prevalence of personal electronic devices and the quicker movement of information, data is no longer only stored in easy to access and simple to control places. In fact, because personal electronic devices are smaller than computers, more of the data they hold is volatile and subject to automatic deletion.[6] As the Rules are currently drafted, these automatic deletions are potentially always safe because of the ESI safe harbor.[7] The Rules do not sanction for negligent destruction of data, but because many only conduct business electronically, a negligent standard for sanctions may be warranted. It is now much easier to take advantage of the safe harbor. The data that is now stored remains in the internal memory, SIM card, SD memory stick, or service provider's servers; all increasingly volatile and hard to freeze in place.[8] It is also much harder to separate what is personal and what is business, leading to huge swaths of information being ignored by retention policies altogether, without any consequences. Courts are not the most adept to the new modes of communication and data transfer that are out there, but a negligence standard would provide incentives to retain and produce relevant ESI.

Even though only six years have passed since Zubulake IV, retention and preservation are much harder to control. Not only do lawyers have to quickly try to get at the information, but they also have to look in the right places. There is a reason that there is so little literature on discovery preservation in the personal electronic device field.[9] Lawyers do not want to waste huge amounts of time and money to get smaller bits of information from a wider array of sources. The Federal Rules themselves, because they are structured on a traditional model of electronically stored information also don't provide lawyers with enough guidance and wherewithal to address the growing issue of discovery concerning fast moving data. A preservation requirement should be added to the Rules or at least the advisory committee notes that specifically tackles data that is shared on mobile devices. Not only will this make it easier on courts when addressing the issue, but it will also encourage portable electronic information that is relevant to be included in retention policies.

Many of the discovery problems associated with portable electronic devices and electronic applications have to do with the fact that the information on these devices is short-lived. This fleeting data is also known as ephemeral data. In order for information to be considered fleeting, it has to be automatically created, without the knowledge of the user, and it has to be temporary.[10] In a landmark 2007 California case[11], a court held that fleeting RAM data was discoverable electronically stored information subject to the same preserve and produce framework as any other electronically stored information. The Magistrate judge tried to avoid any panic associated to the ruling by limiting the decision to the particular facts of the case, where potentially dispositive RAM data was at stake.[12] Nevertheless, the fear from lawyers was immediate.[13] Lawyers had always assumed that such data would be considered not reasonably accessible by its very nature or not "stored" within the meaning of Rule 34.[14] The Bunnell Court disagreed. The fleeting information was discoverable under Rule 34 because it was "sufficiently permanent or stable to permit it to be perceived, reproduced, or otherwise communicated for a period of more than transitory duration".[15]

Fleeting data opens up an endless array of information and further amplifies a lawyers' duty to take into account ESI. For example, is the data concerning the number of times an application was opened on an iPAD discoverable? According to Bunnell, it would be, so long as it was relevant and reasonably accessible. If the information is requested early enough in the litigation, Rule 26 and Rule 34 establish that this information is discoverable and should be produced. However, the Court does not answer whether the analysis changes if such information is sought from a wealthy company or a single individual? Arguably a person would find the discovery request much more burdensome than a company able to afford ESI lawyers and electronic technicians.

Courts are still not in agreement over how to handle this information that users do not know about and is quickly deleted. How is something to be preserved if it automatically deletes itself in as little as twenty four hours? In Bunnell, the Court was presented with a case about preservation of RAM files and proceeded to balance prejudice considerations similar to the framework of Rule 26(b)(2)(C)[16]. However, even after finding that the defendant did not comply with Rules 26(b) and 34(a), the court still determined that sanctions were not warranted.[17] Another oft-cited case, Healthcare Advocates, faced the questions of whether fleeting data that had already been deleted necessitated a sanction of the producing party.[18] The deletion of internet temporary cache files was found to not be a discovery violation worthy of sanctions because they were deleted automatically and not purposefully.[19] The Court also pointed to the fact that the cache files were not specifically requested or mentioned by opposing counsel in his letter asking that nothing be deleted or altered on the computers.[20] However, how was opposing counsel supposed to know of the existence of these specific cache files so early on in the litigation? Wouldn't a reasonable person understand that a letter asking for nothing to be deleted was meant to encompass the cache files as well?

There is something counter-intuitive in the reasoning of the courts. They are willing to grant that a piece of data is discoverable, but not willing to punish anyone if that data is destroyed under Rule 37(e). The producing party is left without any incentive to retain the fleeting data or institute preservation procedures for such data. If a court is willing to say that fleeting data is discoverable and could prove to be dispositive, it only makes sense that the court would sanction for the loss of such data. Of course, it is difficult for the courts to ask litigants to preserve all such fleeting data, but the balance the courts are trying to reach in these cases leaves a high level of uncertainty over what must be maintained. Very often such data is simply not worth the burden on the litigants. It might be beneficial to edit the Rules in such a way as to allow the safe harbor to apply to all data that is not maintained in the ordinary course of business for less than a certain prescribed period of time unless there is pending litigation. If there is litigation, businesses have to be encouraged to adopt retention policies that take into account fleeting data on stationary and mobile devices. The failure to adopt a retention policy or to maintain fleeting data once there is pending knowledge of litigation should lead to an automatic sanction under a true negligence standard. If the failure is deemed to be egregious enough the penalty should even go beyond monetary sanctions. Currently, there are simply not enough incentives to maintain fleeting data that could be extremely useful and further maintain a liberal discovery model. With clear rules or commentary in the advisory notes, such change is possible.

Most recently, Swofford v. Eslinger presented the debate of preserving fleeting data and who should be held accountable.[21] Two police deputies (Remus and Morris) were in pursuit of possible burglary suspects.[22] At the same time, Robert Swofford was asleep in his house.[23] Upon hearing his dog bark and a commotion, Swofford went outside with his gun, to check on his property.[24] The deputies encountered Swofford during their search for the suspects and shot him seven times, sending him to the hospital for six weeks with serious injuries.[25] Swoffords' counsel sent two letters to the Sherriff's Office asking that all evidence related to the shooting be maintained, including all electronic evidence.[26]

The General Counsel admitted that the Sheriffs Office never issued a single directive or litigation hold.[27] The letters from Swofford's counsel were forwarded by a paralegal at the General Counsel's office to six senior employees[28]. Deputies Morris and Remus did not receive a copy of the letters or any instructions to preserve evidence even though they were two of the defendants in the case.[29] Neither a single employee nor the General Counsel did anything to ensure the preservation of evidence. In fact, this case is a real life example of what can happen if the discovery process is simply ignored by one party entirely. The General Counsel even confessed to have not read the Federal Rules of Civil Procedure to figure out his obligations.[30] In arriving at a spoliation inference for Morris and Remus, the Court gave significant weight to an instant messaging conversation between Remus and another officer.[31] In the conversation, that was only discovered because of the other officer, Remus referenced himself as the "Lotta Killa". Robert Swofford was widely known to have won the Florida lottery before his encounter with the deputies, but Remus refused to acknowledge that he had any idea what "Lotta Killa" referred to.[32] Furthermore, Deputy Remus had his entire laptop erased, including the "Lotta Killa" conversation and all other documents that could have potentially provided evidence to the case.[33] The spoliation was so blatant that even the radios, uniforms, and guns used by the officers at the time of the incident were never turned over; some were actually destroyed. In the end, the adverse inference instructions against the defendants are not at all surprising.

However, this case is groundbreaking because for the first time a court found that in-house counsel and not the counsel of record was to be sanctioned with fees and costs for a "complete failure to fulfill his duty, both in his official capacity as General Counsel [and as initial counsel for the defendants]."[34] In-house counsel can no longer stand idly by, they have to be involved in the retention and preservation procedures or face their own consequences.[35] The instant messages themselves would not be enough to prove spoliation, but it is also clear by this decision that such messages are discoverable even though they are fleeting and rarely kept for a significant period of time. The instant messages were also invaluable to proving the lack of credibility of the defendants, making the judge that much more inclined to institute harsh sanctions. Once again, this case shows the importance that fleeting information could have. The case also shows the potential pitfalls of the Rules as they stand today.

Let's imagine that the spoliation was less blatant and it was found that that only the instant message conversations were deleted. The rules as they stand do not specifically call for retention of the fleeting instant message information. Even if such messages were found to be deleted, it is possible that sanctions would not be enforced because of the high standard of intentionality required. Short of knowing what was on the messages, the information would be lost forever. Having a rule that requires retaining fleeting data, especially in the midst of litigation is the possible solution. Increasing the ability of courts to sanction a party on a negligent standard would also increase incentives to maintain information. It is true that obtaining such information could be costly and difficult, but with the appropriate incentives and retention procedures, sharing the existence of such data could and should be compulsory at the outset of a case.

Up to this point, we have addressed the issue of data that no matter how fleeting remains on an electronic device. However, data is just as likely to reside on servers controlled by a third party; and with the growth of "cloud computing", data and applications can be housed in cyberspace. This is a brand new discovery arena that courts have only recently begun addressing. In fact, there is not a single case dealing with "cloud computing" in the discovery context. The following section deals with the obstacles to obtain discovery because of new technology, with a focus on Rule 45 subpoena powers.

When a person uses a personal electronic device to send a text-message or updates their Facebook profile, or even Tweets, this information is retained by service providers for a set period of time. These third party service providers are often named as parties in lawsuits to get at data, even though they are not involved in the underlying action.[36] The disputes of what should or should not be revealed for the purposes of discovery sometimes take up more time and money than the underlying action itself. This trend is especially clear when looking at the various arguments for the discovery of text messages.[37] These disputes are mostly found in employment liability cases and involve the Stored Communications Act (SCA).[38] The SCA offers an alternative and sometimes complimentary way to obtain discovery information, but is also riddled with exemptions and provisions that underscore privacy concerns associated with obtaining electronic information from a third party.[39]

Congress passed the act in 1986 to address some of the new privacy concerns that the Fourth Amendment does not tackle.[40] The statute has two main components. The first is that it limits the government's right to compel providers to disclose information about their customers and subscribers.[41] The second is that the statute limits the right of an ISP to disclose information about its customers voluntarily to the government.[42] The statute also distinguishes two different types of providers: the remote computing service (RCS) and the electronic communication service (ECS).[43]

An RCS is "the provision to the public of computer storage or processing services by means of an electronic communications system".[44] An ECS provider is "any service which provides to users thereof the ability to send or receive wire or electronic communications." [45] The designation between RCS and ECS may seem convoluted at best, but a court determining one way or another will have serious consequences. If a provider is designated as an ECS, the government must have a search warrant to access electronic communications stored at an ECS for less than 180 days.[46] If a provider is designated as an RCS, the government only needs a subpoena or court order to access the data so long as it provides the user with prior notice.[47] Therefore, it is easier to get at information when a provider is determined to be an RCS. If a court finds that the information was available to the public, then that data does not fall under the SCA because the privacy concern is eliminated from the picture.[48]

There are also several other important caveats to the SCA that many overlook. The SCA's prohibition on disclosure to non-governmental parties applies only to the contents of stored communications.[49] The SCA does not allow for a third party to use a subpoena in a civil case to get data directly from an ECS or RCS provider under § 2702 of the Act.[50] The courts have continually agreed not to read civil subpoena permission into the SCA. Otherwise, they argue, people would be discouraged from using new modes of communication, while the significant costs of obtaining and producing such data in civil suits would be passed on to the consumer; ultimately raising prices.[51] This does seem to pin the SCA at odds in some respects to the Federal Rules of Civil Procedure.[52] Nonetheless, the SCA does have an exception for ECS and RCS providers to reveal contents of any communications when "lawful consent" has been given.[53] That consent can be given by the sender or intended recipient of the communication.[54] Courts have found that without this consent, subpoenas served by defendants on third parties should be quashed.[55]

To potentially get around these problems associated with the SCA, discovery requests should be formulated around Fed. R. Civ. P. 34(a)(1). This rule calls for the production of electronically stored information that is in the responding party's possession, custody, or control. The Court in Flagg found that text messages are an appropriate medium to be requested through Fed. R. Civ. P. 34(a)(1) so long as there is evidence of custody or control.[56] Even though the third party service provider maintained actual control, the court was willing to say that the defendant city was the actual controller of the text-messages. Once custody or control is shown, the Court was willing to force a party to consent to the disclosure through a motion to compel.[57] The SCA does not provide a barrier for these communication requests served on a non-third party service provider. The Court reasoned that a Fed. R. Civ. P. 34(a)(1) request on a party requires that party to provide consent and provide the text messages as being under their own control. Essentially, the plaintiff does not have to deal with a third party service provider if they serve a Rule 34 request to produce directly on the defendant in control of the data itself. The SCA is subordinated to the Federal Rules of Civil Procedure in this case. Even though the circumstances of the Flagg case make the decision laudable, it is also potentially dangerous in terms of privacy. Forcing consent basically eliminates the protections of the SCA and acts as an end-around to the SCA's prohibition of civil discovery subpoenas, a very worrisome precedent. At least one Court pointed directly to these reasons for not issuing a motion to compel.[58]

Moving beyond the text message context into an even more modern form of technology; the case of Crispin v. Christian Audigier, Inc. is in many ways pioneering.[59] Buckley Crispin is an artist who brought suit against licensees for alleged breach of oral contract and copyright infringement, among other claims.[60] The defendants served subpoenas under Rule 45 on three social networking sites, including Facebook and MySpace.[61] None of the sites moved to quash the subpoena, but Crispin did. The Court first determined that the SCA does not authorize civil subpoenas for the purpose of discovery, and then the Court had to determine what niche social networking sites occupy within the SCA.[62] The Court was unwilling to institute a Flagg Rule 34 analysis in this case. Never before had a court considered whether social networking sites fall into the scope of the SCA. The Crispin Court found that because all three sites provide private messaging or email service, each one is an ECS.[63] However, the analysis did not end there. The court then explored whether the social networking sites at any point switched from ECS providers to RCS providers.[64] Ultimately, the court decided that when a message has not yet been opened, the sites act like an ECS.[65] If the message is opened and retained, the social networking sites become RCS providers.[66] So, the sites are both ECS and RCS depending on the actions of the user. Confused yet? The Court itself admits by citing a Ninth Circuit case that the SCA is so outdated that modern technology is difficult to apply to a statute that was written prior to the promulgation of the Internet and modern forms of communication.[67]

If this isn't confusing enough, the Court then looked at the SCA as it applies to Facebook "wall posts" and MySpace "comments". Without any way to modernize the SCA, the Court looks at case law concerning private electronic bulletin board services as authoritative on the subject.[68] In the context of social networking sites, they find that wall posts and comments do not involve an intermediate step before they are received, unlike an email being opened.[69] They are therefore not protected as temporary intermediate storage. This decision is a bit puzzling because it could be considered an intermediate step to open the site and have to click on "profile" to see the post. Even more confusing, what if a person sets their settings in such a way that they are e-mailed any time they receive a comment or a wall post. This would potentially add the intermediate step the court looks for to determine privacy. Nevertheless, the Court concludes that wall posts and comments also turn social-networking sites into both RCS and ECS providers.[70] The Court establishes that postings on a Facebook wall and MySpace that are kept private do deserve protection as an ECS act, but if they are "public" they are stored communications to be treated as RCS acts.[71] How private does one of these posts or comments have to be in order to trigger the SCA protections? The court does not elaborate. The Court overturns the subpoenas that seek private messages, and vacates the subpoena concerning the wall posts and remands that issue for more evidence.[72]

This case in particular speaks to the growing concerns towards the SCA. It is universally understood that the statute is in great need of modernization. Congress should either eliminate the ECS and RCS distinctions altogether or explicitly explain the analysis for providers that provide both RCS and ECS services. Courts have moved from considering whether a provider is an ECS or RCS to an analysis of whether a particular user act is RCS or ECS. When Congress enacted the SCA the concept of a "communication" was very different then what it is today. The legislative history of the act envisions telephone companies as ECS providers while the providers of file storage in "off-site data centers" or sent to remote computers for sophisticated data processing would be considered RCS.[73] Most users today do not consider their Facebook as storage for data, but it does act as such in many ways. Tweeting has many components that could make it an ECS or RCS service. The poor distinction makes it difficult to know what exactly providers can produce and withhold. Additionally, the Federal Rules of Civil Procedure and the SCA seem to clash over discovery and privacy concerns. It has to be fully explained in what cases discovery from third party service providers under the Rules is possible over the statutory provisions of the SCA.

Cloud computing that we discuss in the next section is even harder to peg as a particular type of service as envisioned by the SCA. When passing the SCA, Congress could never predict the growing dependency and interaction of internet service providers, telephone providers, and cloud providers. Only with vast revisions could the SCA once again become relevant and helpful in dealing with the attainability of data today. Additionally, it might be prudent to consider amending the SCA to allow civil discovery subpoenas in large corporate cases or cases that involve a large social benefit with huge amounts at stake if the data is not attainable in any other way. Here privacy concerns are mitigated by the concern for getting at the truth with as much relevant information as possible.

Looking forward, "cloud computing" looks to be the next battleground of discovery. There are two main types of cloud computing, Software as a Service (SaaS) and Platform as a Service (PaaS).[74] The term "cloud computing" refers to a user storing data and software platforms or service in a third-party maintained "cloud".[75] Physical control of the data is no longer with the cloud subscriber; instead it is stored in some location in the cloud.[76] A "cloud" can be considered as a metaphor for the internet. As opposed to a regular website or application, cloud computing "utilizes the resources from many computers as a collective virtual computer, where the applications can run independently from particular computer or server configurations."[77] Computers are pooling resources to basically establish a large computer that has unlimited hardware dimensions. The effect of this is that it becomes possible for a user to run any type of software through the internet without having to worry about a particular hardware capability issue. A user can open their internet browser on their mobile device and can use an application or software at any location without any installation. Google is a prime example of this service. When you have a Word or PDF attachment, you can view it online through the Google email or docs platforms whether or not you have Microsoft Word or Adobe Acrobat installed on your computer. All the data that is uploaded through the software or through an application is ultimately stored in a third-party cloud.[78]

Cloud computing adds another complicated dimension to discovery of electronically stored information. The Rules were never envisioned with cloud computing as a possibility. As a few lawyers have pointed out, Rule 34 of the Federal Rules explicitly states that a party may serve a request to produce documents and ESI that are in responding party's 'possession, custody, or control'".[79] The third party service provider is effectively the maintenance keeper of the data, but the responding party may still be in control.[80] Still, the same reasoning that allowed courts to consider text-messages as being in the control of a defendant (and not the third party service provider), may not work as well with cloud computing.[81] Control in the cloud context is even less direct, depending on the contract that was drafted between the cloud subscriber and cloud provider. With this in mind, it is possible that a third party cloud provider may not provide potentially relevant information, may dispose of such information, or may even shut down making the data irrevocably lost.[82] A party serving discovery requests will have to do so early and involve many more parties in the initial litigation. If something does go wrong, there is always the potential that the responding party and not the third-party cloud provider will face the consequences. Almost as ill-advised is if a third party cloud provider simply reveals everything, without going through proper screening of ESI.

There is a lack of legislation that governs how a third party cloud provider is supposed to handle potentially discoverable information. Critics worry about hackers or unauthorized users obtaining access to a particular cloud and altering potentially relevant and discoverable information. Discovery now has the added concern of whether information obtained from a cloud can be trusted and verified. Google recently introduced a major cloud computing innovation called "Google Wave", making it possible for a user on a network to send a document into a cloud where other users could edit and comment on that document. In the context of discovery, it may be relatively simple to determine the original author of the document, but much more difficult (both in terms of costs and resources) to determine the contents of the original document and what changes were made by what users. The larger the company and the larger the cloud, the more these problems are prevalent. Beyond this challenge is the fact that neither the Rules nor discovery tools have been adapted yet to fulfill the preserve and produce requirements as they concern cloud computing.

We simply do not know how this technology will change discovery. It is likely that cloud providers will be subject to the Stored Communications Act, which is already strained by the constant need to fit an outdated statute to so many advanced modes of communication and data storage. The fleeting RAM data that was discussed in Columbia Pictures Inc. v. Bunnell and found by the Court to be discoverable was actually maintained in a cloud. So far, it seems that "cloud computing" is being treated like any other third party service provider when it comes to discovery and old Rules and precedents are being applied. However, "cloud computing" continues to move more and more information out of the hands of individual users. Obtaining vital electronically stored information that many cases rest their hopes on; such as deleted emails, documents, or metadata could no longer be possible without additional costs and support from third party providers. Already there are cloud-based programs for portable electronic devices that can delete all metadata sent over e-mails. In fact, because "cloud computing" involves various computers and servers working together over a network, it is becoming more difficult to recover deleted information that is spread out in bits and pieces among several computers. Cloud service providers also do not allocate particular server space to one user or another.[83] Therefore, multiple users have access to the same server. If a party were to proceed to discovery and have access to nonparty data, all types of privacy and security concerns would be raised.[84] The Rules have to be updated in such a way as to make both sides aware that this type of information is out there and might be at issue. The only way that I see this being viable is if another mandatory disclosure is required of the parties. It would be mandatory for a party to disclose any and all contracts with third party service providers they may have. This information would be invaluable for an attorney to better prepare a discovery plan and immediately issue litigation holds and ESI requests before the information is unattainable. Most of the data from these new modes of technology becomes harder to obtain the further you move from the communication date. Instituting a mandatory disclosure requirement of this nature allows the preserve and produce requirements to trigger before it is already too late, while maintaining the liberal discovery model that the Rules have come to represent.

The discovery Rules have been a great innovation, but they have constantly been attacked for not providing enough guidance as to new modes of communication. Placing an emphasis on preserving information and disclosing information early in the process or facing mandatory sanctions would go a long way to addressing those concerns. Making these explicit in the Rules will also have the added benefit of limiting discovery debates during litigation. Courts will no longer have to face deciding two lawsuits for a single issue. E-discovery has come a long way since Zubulake IV and as our society continues to move everything online it is important to develop techniques that produce as much relevant information as possible during discovery. This will not only help lawyers in the present, but also in the future when paper documents are mostly the exception and e-discovery is the standard.

[1] See Fed. R. Civ. P. 26, 34, 37(e), 45, and accompanying advisory committee notes to the 2006 amendments.

[2] See Fed. R. Civ. P. 34 advisory committee's notes to the 2006 amendments.

[3] Fed. R. Civ. P. 26(b)(2); Fed R. Civ. P. 34.

[4] Zubulake v. UBS Warburg LLC (Zubulake IV), 220 F.R.D. 212, 217 (S.D.N.Y. 2003) (finding that a litigant is "under a duty to preserve what it knows, or reasonably should known, is relevant in the actions, is reasonablyt calculated to lead to the discovery of admissible evidence, is reasonably likely to be requested during discovery and/or is the subject of a pending discovery request.") quoting Turner v. Hudson Transit Lines, 142 F.R.D. 68, 72 (S.D.N.Y. 1991).

[5] Kleiner v. Burns, 2000 U.S. Dist. LEXIS 21850, 2000 WL 1909470 (D. Kan. 2000) (finding that Rule 26(a)(1)(B) calls for a description of all computer data, including deleted e-mails, and holding that a disclosing party must provide any information they may have about any deleted electronic data; Simon Property Group L.P. v. my Simon, Inc., 194 F.R.D. 639, 640 (N.D. Ill. 2000) ( stating that "computer records, including records that have been 'deleted,' are documents discoverable under Fed. R. Civ. P. 34.").

[6] Erik Harris, Discovery of Portable Electronic Devices, 61 Ala. L. Rev. 193, 199 (2009).

[7] See Fed. R. Civ. P. 37(e) (stating that sanctions will not be imposed if ESI was lost because of routine good faith maintenance of electronic information).

[8] Erik Harris, Discovery of Portable Electronic Devices, 61 Ala. L. Rev. 193, 213 (2009).

[9] Id. at 205 (writing that only one case could be found that deals with portable electronic device ESI).

[10] Kenneth Withers, "Ephemeral Data" and the Duty to Preserve Discoverable Electronically Stored Information, 37 U. Balt. L. Rev. 349, 361 (Spring 2008).

[11] Columbia Pictures, Inc. v. Bunnell, 245 F.R.D. 443 (C.D. Cal. 2007).

[12] Columbia Pictures, Indus. v. Bunnell, No. CV 06-1093FMCJCX, 2007 WL 2080419, *13 n.31 (C.D. Cal.)

[13] Jennifer Rearden & Farrah Pepper, Oh No, Ephemeral Data!, 3/22/2010 N.Y.L.J. S.6, (col.1).

[14] Id.

[15] Columbia Pictures, Inc. v. Bunnell, 245 F.R.D. 443, 448 (C.D. Cal. 2007).

[16] Columbia Pictures, 2007 WL 2080419, at *7.

[17] Id. at *13-14.

[18] Healthcare Advocates, Inc. v. Harding, Earley Follmer & Frailey, 497 F. Supp 2d 627 (E.D. Pa. 2007).

[19] Id. at 641-642.

[20] Id. at 641.

[21] Swofford v. Eslinger, 671 F. Supp. 2d 1274 (2009).

[22] Id. at 1277.

[23] Id.

[24] Id.

[25] Id. at 1278.

[26] Id.

[27] Id.

[28] Id.

[29] Id. at 1279.

[30] Id. at 1281.

[31] Id. at 1283-1284.

[32] Id. at 1284.

[33] Id.

[34] Id. at 1287.

[35] David Degnan, The Expanding Duties of ESI and In-house Counsel: Providing Defensible Preservation and Production Efforts After Swofford v. Elsinger, 16 Rich. J.L. & Tech. 12, 16-18 (Summer 2010).

[36] Erin Secord, Exploring Challenges with the Discovery of Text Messages in Federal Cases Through the Lens of the Federal Rules of Civil Procedure and the Stored Communications Act 18 U.S.C. §§ 2701-11, 15 Suffolk J. Trial & App. Advoc. 143, 163 (2010).

[37] Id.

[38] See generally 18 U.S.C. §§ 2701-12; Quon v. Arch Wireless Operating Co., 529 F.3d 892, 895 (9th Cir. 2008); Fraser v. Nationwide Mut. Ins. Co., 352 F.3d 107, 109 (3d Cir. 2003); Adams v. City of Battle Creek, 250 F.3d 980, 982 (6th Cir. 2001); Flagg v. City of Detroit, 252 F.R.D. 346, 347 (E.D. Mich. 2008).

[39] Sharon Nelson, John Simek & Jason Foltin, The Legal Implications of Social Networking, 22 Regent U. L. Rev. 1 (2009-2010) (focusing on privacy concerns in the social networking context).

[40] S. Rep. No. 99-541, at 3 (1986), as reprinted in 1986 U.S.C.C.A.N. 3555, 3557.

[41] 18 U.S.C. § 2703.

[42] 18 U.S.C. § 2702.

[43] Secord, supra note 36, at 149.

[44] 18 U.S.C. § 2711(2).

[45] 18 U.S.C. § 2510(15).

[46] Katherine O'Connor, :o OMG They Searched My Txts: Unraveling the Search and Seizure of Text Messages, 2010 U. Ill. L. Rev. 685, 690 (2010); 18 U.S.C. § 2703(b).

[47] Katherine O'Connor, :o OMG They Searched My Txts: Unraveling the Search and Seizure of Text Messages, 2010 U. Ill. L. Rev. 685, 690 (2010); 18 U.S.C. § 2703(a).

[48] 18 U.S.C. § 2702(a); 18 U.S.C. § 2702(c)(6).

[49] 18 U.S.C. § 2702(a).

[50] Viacom International Inc., v. Youtube Inc., 253 F.R.D. 256, 264 (S.D.N.Y. 2008) (finding that the SCA "contains no exception for disclosure of such communications pursuant to civil discovery requests).

[51] O'Grady v. Superior Court, 139 Cal. App. 4th 1423 (2006).

[52] See Fed. R. Civ. P. 45(a)(1)(C).

[53] 18 U.S.C. § 2702(b)(3).

[54] Id.

[55] In re subpoena duces tecum to AOL LCC., 550 F. Supp 2d 606 (E.D. Va. 2008); J.T. Shannon Lumber Co., Inc. v. Gilco Limber Inc., No. 2:07-CV-119, 2008 WL 3833216 (N.D. Miss. Aug. 14, 2008).

[56] Flagg v. City of Detroit, 252 F.R.D. 346, 349 (E.D. Mich. 2008).

[57] Id. at 359.

[58] J.T. Shannon Lumber Co., Inc., 2008 WL 4755370, at *1 (N.D. Miss. Oct. 29, 2008).

[59] Crispin v. Christian Audigier, Inc., 717 F. Supp. 2d 965 (C.D. Cal. 2010).

[60] Id. at 968.

[61] Id.

[62] Id. at 977.

[63] Id. at 980.

[64] Id. at 982.

[65] Id. at 983.

[66] Id.

[67] Crispin v. Christian Audigier, Inc., 717 F. Supp. 2d 965, 988 (C.D. Cal. 2010) (citing Konop v. Hawaiian Airlines, 302 F.3d 868, 874 (9th Cir. 2002)).

[68] Crispin, 717 F. Supp. 2d at 980-981.

[69] Id. at 989.

[70] Id.

[71] Id. at 990.

[72] Id.

[73] S. Rep. No. 99-541, at 3 & 10-11 (1986), reprinted in 1986 U.S.C.C.A.N. 3555, 3557, and 3564-3565.

[74] Timothy Martin, Hey! You! Get Off of My Cloud: Defining and Protecting the Metes and Bounds of Privacy, Security, and Property in Cloud Computing, 92 J. Pat. & Trademark Off. Soc'y 283, 287 (Spring 2010).

[75] Charles B. Molster III & Elizabeth H. Erickson, "Cloud Computing" in Discovery: How we Deal with Electronically Stored Information, 59 V. Lawyer 59 (June/July 2010), available at [hereinafter How We Deal].

[76] Martin, supra note 74, at 289.

[77] How We Deal, supra note 75, at 59.

[78] David Cross & Emily Kuwahara, E-Discovery and Cloud Computing: Control of ESI in the Cloud, 1 E-Disc. Digi. Evidence J. 5, 7 (Spring 2010), available at

[79] How We Deal, supra note 75, at 59.

[80] Id.

[81] Cross, supra note 78, at 5.

[82] Cross, supra note 78, at 7.

[83] Id. at 6-7.

[84] Id.

You can reach an attorney at Theta Law Firm by calling us or sending us an email at Theta Law Firm can represent clients all across the State of California, including in any of the following counties: Alameda | Alpine | Amador | Butte | Calaveras | Colusa | Contra Costa | Del Norte | El Dorado | Fresno | Glenn | Humboldt | Imperial | Inyo | Kern | Kings | Lake | Lassen | Los Angeles | Madera | Marin | Mariposa | Mendocino | Merced | Modoc | Mono | Monterey | Napa | Nevada | Orange | Placer | Plumas | Riverside | Sacramento | San Benito | San Bernardino | San Diego | San Francisco | San Joaquin | San Luis Obispo | San Mateo | Santa Barbara | Santa Clara | Santa Cruz | Shasta | Sierra | Siskiyou | Solano | Sonoma | Stanislaus | Sutter | Tehama | Trinity | Tulare | Tuolumne | Ventura | Yolo | Yuba