Digital Spoliation of Evidence: Risks, Rules, and Prevention
The preservation of evidence is a foundational requirement in litigation, guaranteeing all parties equal access to the information necessary to reach a fair and just determination. Today, the vast majority of discoverable evidence exists in the form of electronically stored information, which is naturally more fragile than its physical counterpart.
That’s why a successful ediscovery strategy should include mastering the technical and legal nuances of digital spoliation.
Key Takeaways for Legal Teams
Digital spoliation happens when ESI is lost, altered, or destroyed after the duty to preserve has been triggered.
Courts may impose sanctions if relevant or potentially relevant ESI is spoliated.
Legal holds are critical for preventing the loss of ESI.
Maintaining well-documented processes strengthens defensibility during preservation challenges, and can demonstrate to the court that any spoliation was inadvertent, thereby avoiding severe sanctions.
What Is the Digital Spoliation of Evidence?
Digital spoliation is considered to be the intentional or negligent destruction, alteration, or loss of any ESI that may be relevant to a given legal matter. It happens when data is lost after the legal duty to preserve it has been triggered, potentially compromising the judicial process.
Why It Matters
Spoliation can be a deliberate action taken by a party to destroy, hide, or remove incriminating evidence, but it can also happen inadvertently and through negligence. If a party fails to adjust their email client’s retention settings after litigation is anticipated, those emails will likely be deleted and thereby become spoliated. In either case, lost ESI deprives the opposing party of evidence and should be taken seriously.
Because the Federal Rules of Civil Procedure mandate different judicial responses for intentional versus negligent acts, the court’s assessment of a party’s intent is pivotal in applying the appropriate remedy.
Rule 37(e)
While the duty to preserve is a long-standing common law practice, Rule 37(e) of the Federal Rules of Civil Procedure provides the specific framework for how federal courts handle the loss of ESI. This rule is designed to address the unique challenges of digital information, moving away from a standardized penalty system and instead focusing on proportionality.
Under Rule 37(e), if ESI that should have been preserved is lost because a party failed to take reasonable steps to protect it, the court first determines if the information can be restored or replaced. If it cannot, the court may take one of several actions.
In instances of negligent spoliation, courts first evaluate whether the lost data prejudices the opposing party. If a party unintentionally deletes emails in violation of a legal hold, but the loss does not result in prejudice, the court will likely forgo sanctions. However, if the unintentional destruction of ESI does prejudice the opposition, the court will implement corrective measures rather than punitive ones.
On the other hand, If it’s proven that a party acted with the specific intent to deprive another party of information, the court may impose severe sanctions. These sanctions can range anywhere from case dismissals to default judgements, or even an adverse inference instruction, in which the jury would be instructed to assume the spoliated evidence was damaging to the offending party’s case.
By focusing on reasonable steps, Rule 37(e) encourages legal teams to implement defensible, documented workflows in the pursuit of preserving ESI.
Intentional vs. Negligent Spoliation
The difference between intentional and negligent spoliation often dictates the severity of the court’s response.
Intentional spoliation involves the deliberate destruction of data with the specific goal of hiding evidence or gaining a tactical advantage.
Negligent spoliation is more common and typically results from user error, such as forgetting to disable an automatic deletion feature or failing to communicate a litigation hold to all relevant custodians.
While accidental loss is often treated with less severity than bad-faith spoliation, both can lead to sanctions if the court finds that the spoliation has harmed the opposing party’s case.
How Does Digital Spoliation Happen?
Digital spoliation is often the result of subtle, automated technical processes rather than deliberate action. Even routine data management can lead to the improper modification of relevant data. To maintain a defensible workflow, legal teams should understand where ESI is most vulnerable within their organization’s digital environment.
Automatic Deletion: The most frequent threat to digital evidence typically stems from standard efficiency practices. Most enterprise systems, like Microsoft Office or Google Workspaces, are configured to purge records after a set period of time. This setting, which is usually set by default, can inadvertently destroy ESI if not disabled.
Team and Messaging Platforms: Most offices and organizations utilize messaging platforms like Slack, Google Chats, or Microsoft Teams. These collaboration tools may have short retention cycles, meaning they may autodelete conversations regularly and often. These tools also give users the ability to edit or remove content without admin access, making the importance of a properly executed legal hold and data preservation process all the more relevant.
Documents and Metadata: Spoliation doesn’t always mean that a file has been destroyed, it can also refer to the loss of file integrity. It’s important to remember that modifying ESI can occur after the slightest interaction. Simply opening or moving a file without proper safeguards can alter the digital footprint that may be crucial for establishing a proper case timeline.
Device Loss or Destruction: Digital spoliation can also occur when the physical device that stores it is compromised. Computers and other devices can become lost, stolen, or even destroyed without the direct intent to do so. If a personal computer is left in a cafe and never recovered, or if a phone accidentally drops into a bathtub, any ESI that isn’t backed up elsewhere will be spoliated.
Failed Legal Holds: The first defense against unintentional spoliation is the timely implementation of a legal hold, which is the formal process in which organizations instruct their employees to preserve specific data for potential litigation.
Relevant data is frequently lost to routine digital maintenance when a gap exists between the anticipation of litigation and the issuance of a hold. Necessary preservation is difficult to achieve without a formal legal hold to override standard policies. Custodians may delete ESI or allow ESI to be deleted unintentionally, potentially hindering litigation.
Duty to Preserve
Timing is everything in the world of modern litigation. The duty to preserve ESI doesn’t wait for a formal subpoena or the start of discovery. It begins when litigation can be reasonably anticipated. That’s why understanding preservation triggers is essential for maintaining a defensible workflow.
Reasonably anticipated litigation: This is the most common trigger, occurring when a party becomes aware of facts or circumstances that would lead a reasonable person to expect a lawsuit.
Regulatory investigations: Inquiries from government bodies often carry immediate preservation mandates that mirror civil litigation duties.
Internal investigations: If an organization begins an internal probe into potential misconduct, the duty to preserve relevant ESI should be assumed.
Government inquiries: Even informal requests for information from state or federal agencies can serve as a signal that formal litigation or enforcement actions are on the horizon.
Once one of the above triggers occurs, legal teams should move quickly to implement legal holds and preservation protocols. These holds act as a manual override to an organization’s standard data retention policies, making sure potentially relevant evidence is locked down before it can be overwritten or deleted.
Consequences of Spoliation
More often than not, spoliation can result in significant consequences. Depending on the severity of spoliation and its impact on the case, a court may issue several types of sanctions.
Adverse inference instructions: The court may instruct the jury to assume that the lost or destroyed ESI would have been damaging to the party responsible for its spoliation.
Monetary penalties: Fines may be ordered to compensate the opposing party for additional costs incurred due to spoliated ESI, or the costs associated with bringing a motion forward related to spoliated ESI.
Exclusion of evidence: A party may be barred from introducing specific testimony or related evidence if the underlying digital records were spoliated.
Case dismissal: In the most extreme cases, typically involving efforts that were clearly made in bad faith, a court may dismiss a claim or enter a default judgment.
Referral for criminal prosecution: A court may also decide to refer a party for potential prosecution, if it finds that spoliation was intentional and designed to deny other parties access to potential evidence.
How Courts Respond to Spoliation
Judicial responses are made on a case by case basis. Courts typically weigh three primary factors when determining the appropriate consequence:
Effort to Preserve: The court will examine whether the offending party took reasonable steps to protect the data, such as implementing timely litigation holds and documenting their preservation workflows. If reasonable steps were taken and the data was lost anyway, spoliation sanctions are unlikely to follow.
Prejudice: When assessing spoliation, courts will consider the harm dealt to the opposing party’s ability to prove their case or defend their position. Spoliation of evidence that may be foundational to an opposing party’s argument will likely be treated more severely than the spoliation of evidence that has little to no material effect on the court’s final decision.
Intent: The court will also take into account the intent behind spoliation. If the evidence was lost through a routine automated process, the court will likely act more favorably than if there was a deliberate intent to deprive the opposing party of information.
How to Prevent Digital Spoliation
Mitigating the risk of evidence loss requires a proactive strategy that aligns legal obligations with technical execution. The best way for legal teams to achieve this is through implementing standardized workflows.
Move Fast on Legal Holds
The most effective way to prevent spoliation is the immediate issuance of a legal hold once a preservation duty is triggered. These holds notify custodians to cease any manual deletion and serve as a formal directive to bypass standard automated cleanup processes. A well-executed legal hold helps ESI to remain intact across large systems.
Coordinate With IT
Defensible preservation is a collaborative effort between legal teams and IT departments. To prevent the accidental loss of data, these teams should work closely to:
Grant system access so that legal or forensics teams have the necessary permissions to collect and/or lock down ESI.
Suspend retention policies by identifying and pausing any and all automated clean up protocols or expiration settings that would otherwise purge relevant ESI.
Maintain technical documentation by keeping a detailed log of all preservation actions taken, which serves as a critical audit trail if the effort to preserve is challenged in court.
Preserve ESI
Legal teams should categorize and prioritize data types to ensure comprehensive coverage. This includes traditional files like emails and spreadsheets, as well as more ephemeral sources such as social media or mobile data. Identifying these sources early is the start of ediscovery and the first step in preservation.
How Ediscovery Platforms Support Preservation
Modern legal obligations require modern technological solutions. Using a quality ediscovery platform is essential for maintaining a compliant and efficient discovery process. Modern ediscovery platforms can help legal teams track evidence, document preservation decisions, and help maintain a defensible workflow throughout the discovery process.
By leveraging purpose-built technology, legal teams can address the following critical areas:
Automated legal holds implement intuitive, user-friendly interfaces that streamline the issuance of notices and help legal teams keep track of when holds are deployed and acknowledged without adding administrative friction.
Targeted custodian surveys help legal teams gain granular visibility into the data landscape, allowing for the quick identification of relevant data sources and the custodians who manage them.
Proactive preservation controls help to deploy robust preservation tools that are purpose built to safeguard ESI at the source, helping to avoid the risk of inadvertent deletion or spoliation while maintaining a rigorous audit trail.
Learn more about preserving ESI and avoiding spoliation by building a defensible discovery workflow with Everlaw.
