Corporations/Businesses have an obligation to preserve and produce data on platforms and devices owned strictly by their employees

As of 2012, sixty-seven percent of employees were utilizing personal devices in the work place for work-related purposes – whether or not it was officially sanctioned by the organization. Accordingly, now more so than ever before, all businesses and corporations should provide consideration to litigation readiness when determining their internal policies and protocols related to the use of personal devices in the work place. Depending upon where data is stored and used in the context of carrying out business activities, employers may be required to maintain data outside of the their direct “control.”

Pursuant to the Federal Rules of Civil Procedure (“FRCP”) 34, during litigation, an employer may be compelled to produce data not controlled by the employer. Courts across the country have differed in their view of “possession, custody, and control” of data. Generally speaking, an employer does not have “control” over information and data stored on the personal email of an employee. However, in interpreting Rule 34, courts have imposed an obligation to preserve, collect, search and produce such data, even if the corporation/business does not actually possess or have custody of the data. As a general rule, the case law in this area has coalesced into three broad interpretations.

  1. Legal Right Standard: When a party has the legal right to obtain the Document and ESI (the “Legal Right Standard”);
  2. Legal Right Plus Notification: When a party has the legal right to obtain the Documents and ESI. Plus, if the party does not have the legal right to obtain the Documents and ESI that have been specifically requested by its adversary but is aware that such evidence is in the hands of a third party, it must so notify its adversary (the “Legal Right Plus Notification Standard”); and
  3. Practical Ability Standard: When a party does not have the legal right to obtain the Documents and ESI but has the “practical ability” to do so (the “Practical Ability Standard” or “Practical Ability Test”). The Sedona Conference Commentary on Rule 34 and Rule 45, “Possession, Custody, or Control.” 17 Sedona Conf. J. 483 (2016)

The standard applicable to the 6th Circuit Court and consequently to all federal cases in Michigan is the Legal Right Standard. “[a] party responding to a Rule 34 production request cannot furnish only that information within his immediate knowledge or possession; he is under an affirmative duty to seek that information reasonably available to him from his employees, agents, or others subject to his control.” (emphasis added). Flagg v City of Detroit, 2008 WL 787061 (E.D. Mich. 2008)

Companies should take note by reevaluating and updating their information governance, litigation readiness, and discovery response practices accordingly to manage discovery obligations. An organization’s IT systems and policies should facilitate users’ autonomy, opportunities for work/life integration, and personal data privacy. However, users who avail themselves of the benefits of using devices to create and store business and personal data will be responsible for adhering to the organization’s policies and to potential discovery requests in litigation.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s