In the beginning, there were the Sedona principles.
Issued in March 2003, the principles were authored by the working group of the Sedona Conference, a confederation of private practice lawyers, corporate in-house counsel and consultants in the
burgeoning field of electronic evidence and records management who gathered in sunny Sedona, Arizona to shine some light down the dark tunnel of electronic discovery, or e-discovery for short. The mind-boggling, spontaneously regenerating volumes of information, its accessibility over the years and the legal and business implications of it vexed conference attendees, who sought to develop best practice for addressing requests to produce computer-based data in civil litigation.
Corporate America has a love affair with technologies such as e-mail, word processing, spreadsheets and the internet. But it also has displayed a lack of planning and discipline in what to do with this plethora of communications. Couple that with the only casual recognition of the distinction between the practices of backup and archiving, and you have a Wild West situation when litigation is introduced.
Back to basics
The Sedona principles aim to balance the competing interests of parties to a lawsuit with respect to specific discovery requests of data that has been created, edited, stored (and possibly destroyed) on a computer. As such, they address the production of information in a legal proceeding, not the retention of that information prior to, during or after initiation of a lawsuit. The efforts of working group participants have not gone unheeded: hearings will soon begin on proposed amendments to the Federal Rules of Civil Procedure.
In 2004 the Sedona Conference working group offered up a prequel to the principles in the form of the Sedona guidelines. These five statements offer a deceptively simple guide to help manage and control what has become widely recognized as a valuable, yet potentially deadly asset of every modern corporation: information. Both Richard Braman, founder and executive director of the Sedona Conference, and Jonathan Redgrave, a partner at law firm Jones Day who chairs the steering committee for the working group, are fond of the image of ‘the tail wagging the dog’ when describing the impact of litigation on daily corporate life. They and their working group colleagues espouse a sound record management policy that promotes a rational information system as the first step toward sidestepping, if not solving, this problem.
According to Robert Williams, president of record management systems consultant Cohasset Associates and a participant in the Sedona guidelines working group, discovery costs have soared in recent years to the point where they are ‘the largest uncontrolled cost in American business.’ Based on budgets Williams says have been shared with him, he estimates between $2.5 mn and $4 mn per billion dollars in sales is spent on discovery. ‘This is clearly an area where, if you managed your records better, you could reduce your costs,’ Williams notes.
The Sedona guidelines, he says, are a call to action. Information records are the most poorly managed assets among all corporate assets, he maintains, positing the question: what if companies managed their money the way they manage their records?
Cohasset Associates’ contribution to this field has included annual surveys unveiling the risky nature of corporate America’s information management practices. While there is widespread recognition of the problem, there is equally widespread inertia when it comes to taking action. Some 38 percent of the survey respondents reported in 2003 that they follow their own retention schedules on an irregular basis. More than half – 59 percent – confess they do not have a formal e-mail retention policy. And 70 percent have no formal plan for preservation that would allow accessibility to records in the future.
‘The guidelines, in my view, capture what corporations need to worry about from a legal point of view,’ sums up Thomas Allman, senior counsel at Mayer, Brown, Rowe & Maw LLP in Chicago, as well as a member of the steering committee of the Sedona Conference working group and an architect of both the principles and the guidelines. ‘If you’re fighting ongoing litigation it requires cooperation from the entire company. If there is any lesson to be learned from recent case law, it’s that individual people’s actions really do make a difference.’ Recalling his own experience in corporate America with information technology departments, Allman says having a ‘wonderful relationship’ truly helps. Indeed, the Sedona guidelines underscore the critical importance of communications between in-house counsel, litigation teams and information management.
John Carroll, dean and professor at Cumberland School of Law in Birmingham, Alabama, characterizes the guidelines as ‘a great starting point because they identify the issues.’ While it seems there’s consensus among litigators that electronic data is both physically and intrinsically different from paper, the lines are drawn over ‘what you have to keep and what you have to turn over.’ The guidelines offer a degree of comfort for those corporations that establish a rational, transparent, auditable and audited policy for data preservation. And for those that haven’t, they serve as a wake-up call, Carroll asserts.
Keeper of the records
‘The dawning of the 21st century brings before senior management a fundamental challenge to find and establish value in the assets that emerge from a digital economy,’ says Jeffrey Ritter, a Washington-based partner at Kirkpatrick & Lockhart Nicholson Graham LLP. Ritter, who is not a trained litigator but works in his firm’s national information technology practice, maintains that it’s important to ask who in the corporation is ultimately responsible for creating and preserving the asset value of the information.
Perhaps surprisingly, he argues it’s not the chief information officer, nor the general counsel, but rather the corporate secretary, whose historical origins date back to the mid-1800s as ‘custodians of the books and records of the enterprise.’ Ritter says there is a critical distinction to be drawn between the mission of the corporate secretary as a builder of value in information and the functionality of destroying records. ‘Merely to pursue the Sedona guidelines still fails to address the important function of wealth creation through information,’ he explains, stressing that the process of records management should be driven by sound business principles, not the law or fear of a lawsuit.
Perhaps one of the best-versed independent observers of the field of e-discovery is Kenneth Withers, a senior judicial education attorney at the Federal Judicial Center in Washington, where he develops educational programs for judges and attorneys employed by the US courts. Withers has written prolifically on computer-based disclosure and discovery and says responsibility for information management begins and ends with those in charge of corporate compliance. This is a straight line to the corporate secretary and the board.
‘In the past, you had an assembly line that functioned physically; managing the assembly line was a separate process documented on paper,’ explains Withers. ‘Today those two functions are indistinguishable and integrated as part of the management process. For a business to function there must be an understandable and transparent management information system keeping the business moving along.’
The down side, however, is that you have to minimize risk in the event you are sued; this demands systems that can produce evidence in your defense and allow the business to function on a day-to-day basis. And it is, says Withers, the responsibility of the audit committee to certify not just that the numbers are valid but also that the systems producing those numbers is valid.
Indeed, there seems little to object to in the guidelines – which begs the question: why wouldn’t a firm go out of its way to incorporate them? There are two reasons. Attorney Gregory Joseph, who formed his own practice four years ago after more than 20 years at Fried, Frank, Harris, Shriver & Jacobson LLP, says plaintiffs’ attorneys find the guidelines and the principles were created by ‘a narrow audience around a narrow set of concerns.’ Although he agrees it’s important to have routine operating systems in place, he prefers adherence to the Federal Rules and the American Bar Association standards.
The second reason is money. ‘Dealing with a huge backlog of information is pretty expensive,’ observes Lori Ann Wagner of Faegre & Benson LLP, co-editor-in-chief of the Sedona guidelines. It also entails the challenges of altering an entrenched corporate culture.
But Wagner says she has started to notice that some companies are shifting responsibility for records management away from the information technology department and into risk management, as a means of focusing both management attention and resources. ‘When you’re dealing with information you have to make a distinction between what is truly valuable and what is not,’ Wagner states. ‘For IT people, all data are equally valuable.’
‘The gap between what companies know they should be doing and what they’re willing to fund outside of what’s required by regulators is pretty wide,’ observes Braman. ‘Frankly, I’m surprised companies are fighting the concept of managing information. Experience shows that the more possessors of information can demonstrate the reasonableness of their system planning, the less intrusive the preservation order will be.’
Attorney and senior consultant Rae Cogar, who works with Cohasset Associates, puts it this way: ‘ It’s like cleaning out your garage. You hate to do it and it takes a lot of time but once it’s done it’s a lot easier to keep it tidy going forward.’
Or, as Withers concludes, ‘All US businesses are drowning in useless, non-business information. If there is no business, statutory, regulatory or litigation reason to hang onto the information, let it go!’
According to this new report from NAVEX Global, there has been a rise in employees reporting compliance and ethics problems in recent years, and the percentage of repeat reports has more than doubled over the last five years.
Find out why and discover a range of other key statistics to benchmark your compliance program against industry standards by downloading this free report today.
This briefing contains statistics and analysis on employee reports of problems via a range of helpline methods, including:
This data comes from more than 8,000 NAVEX Global clients and provides actionable insights for policy management, training, awareness, and more.
Helpline data that is carefully tracked, reviewed, benchmarked and presented with context often provides the early warning signs needed to detect, prevent and resolve problems.
Our free weekly email newsletters are an essential bulletin of GRC updates, insight and information.
Our experienced journalists provide relevant, timely information and analysis that will keep you at the forefront of industry developments and best practice.
Sign-up to receive your copy when you register with the Corporate Secretary website for free.