Phillip M. Adams & Associates v. Dell Inc.
Corporate record retention policies are taking a beating in court.
Conventional policy instructs employees to look at records on a one-by-one basis and decide according to rational standards what to keep and what to destroy. Conventional policy further provides that when litigation arises, then a legal hold is applied – that is, record destruction is suspended and relevant records are retained. Classic records and information management (RIM) theory holds that if a corporation follows such a conventional policy, then the corporation should not be penalized in litigation for improper destruction of records.
But the theory is not holding up. Over the past decade, legal authorities have looked askance at record destruction policies.
At an emotional level, the attitude of authorities is, “What? You’re telling me, big enterprise, that you don’t have any records on the topic of this lawsuit because you told your employees to destroy records (or you set up your system to destroy records automatically unless employees undertake arduous steps to preserve them)? Explain that to me. What is the urgency to destroy records in this digital age? Maybe when records were paper an enterprise needed to rid itself of documents that occupy a lot of real estate and are hard to search. But e-mail archives do not take up much physical space, and they are amenable to automated search. I have a pointed question for you, big enterprise: Did you as a matter of policy winnow down the number of your records so that you could achieve a general advantage in lawsuits?”
The legal system is unhappy with an enterprise that destroys records for the purpose of positioning itself for future litigation, even litigation that is not specifically anticipated. The system calls that behavior spoliation.
Phillip M. Adams & Associates v. Dell Inc. is a striking case. It sanctioned a company for destroying records for some years before the lawsuit was filed or specifically threatened. In accordance with the company's policy, employees (including an engineer or two) destroyed records, or they refrained from preserving records as the company's computer systems destroyed them.
Storage space was limited on the company's central e-mail servers. Servers overwrote (erased-purged) e-mail relatively quickly unless employees made special efforts to preserve them.
Although the company's policy was not fully expressed as a formal, unified document, the court was able to ascertain what the policy was from the company's deliberate practices and their effect. Said the court, "“[The company's] practices . . . tend toward loss of data. The practices place operations-level employees in the position of deciding what information is relevant to the enterprise and its data retention needs."
Effectively, the company's policy is what I've termed on this blog the make-a-decision style of records management, where individual employees are supposed to decide what records to keep and what to destroy.
The court essentially felt the policy was unreasonable.
Some commentators think the court made a bad decision because it runs counter to common business practice. They speculate the court suspected bad faith on the company's part, but couldn’t specifically cite evidence to support that suspicion.
Regardless of whether the court was right or wrong, the case is consistent with a trend in 21st century law: the legal system is distrustful of early or aggressive record destruction. The legal system is providing enterprises a growing basket of incentives to be more generous in retaining records, especially email.
–Benjamin Wright
Mr. Wright teaches e-discovery and e-investigations law at the SANS Institute.