By Adam Lenain
The combination of emerging technologies, information security risks and electronic discovery obligations continues to give rise to questions regarding best practices for adoption of modern ephemeral communication tools in lieu of more traditional forms of communication, particularly in the context of probable or pending litigation. Many businesses now employ various instant messaging systems, and employees routinely send work-related text messages and interact over collaboration applications--some of which enable automatic, or time of life, expiration and deletion of information (referred to as “ephemeral” communication).
Absent an affirmative duty to preserve, an organization has no general obligation to save or store its communications or other information and is free to use technology to enable “effective, timely and consistent disposal of electronic information that no longer needs to be retained” as part its information governance program. Nevertheless, organizations must do so responsibly and under carefully crafted information governance policies designed and implemented with the assistance of counsel as courts have struggled to keep pace with the rapid changes in communications technology and the scope of a party’s preservation obligations as they relate ephemeral communications in the context of the litigation hold has not been clearly established.
As a result, as with the adoption of any emerging technology in the workplace (email, electronic signatures, etc.), the use of ephemeral communication tools by an organization requires a risk-versus-reward analysis. To assist in an analysis of the risk profile associated with deploying ephemeral communications tools in the workplace, this paper will discuss:
(i) the advantages of using ephemeral communications applications;
(ii) the duty to preserve electronically stored information in the context of the litigation hold and the risks of failing to preserve electronically stored evidence;
(iii) case law related to the duty to preserve ephemeral data in the context of the litigation hold; and
(iv) key considerations regarding the use of ephemeral messaging following a litigation hold.
Advantages of Using Ephemeral Messaging Applications
Deployment of a secure ephemeral messaging application has the potential to improve information security, significantly minimize the cost of electronic discovery (“e-discovery”) in future litigation, and reduce the company’s overall data storage costs.
1. Information Security
Information security is one key reason to consider adopting encrypted ephemeral communications in corporate settings. As an initial matter, use of ephemeral communication tools can minimize the breadth of exposure following a data security incident. If a company has a policy in place that calls for the routine and periodic expiration and deletion of information, that information is simply not available on the system to be “hacked.”
Further, the use of ephemeral communication tools (and public disclosure of that use) may also deter potential incursion attempts as some sensitive and valuable information will no longer exist. This deterrence may be particularly valuable given the increased shareholder and investor focus on data security, a dramatic uptick in data breaches, and the potential cost of a data security incident. A 2016 Ponemon Institute study calculated that the average cost of a data breach is $4 million per company, with the loss or theft of sensitive data reaching $158 per record. That cost includes direct and indirect expenses incurred by the organization such as:
- engaging forensic experts;
- outsourcing hotline support;
- providing free credit monitoring subscriptions;
- conducting in-house investigations and communication; and
- the extrapolated value of customer loss resulting from turnover or diminished customer acquisition rates.
It does not, however, include the legal fees associated with defending the company from regulatory inquiries, enforcement actions, or potential consumer class actions.
2. Reduction in Electronic Discovery Costs
Another advantage of ephemeral communications is a reduction in e-discovery costs. Much of the cost of modern litigation can be attributed to the collection, processing, review, and production of electronically-stored information (“ESI”). A 2012 analysis of litigation costs for individual cases involving various Fortune 500 companies (the “RAND Study”) found that median e-discovery expenditures were $1.8 million per litigation and advised that “many millions of dollars in litigation expenditures will be wasted each year until legal tradition catches up with modern technology.” To that end, an appropriate data deletion strategy can help to avoid significant downstream e-discovery costs. In contrast, “failure to ‘pay now’ by defensibly managing and deleting data means that organizations won’t be able to free themselves from the yoke of increasingly escalating litigation budgets.” Through ephemeral communications, companies can minimize costs in future litigation by appropriately expiring and deleting data that is no longer needed.
The cost savings (of both direct expense and internal resources) should not be under-valued. E-discovery costs are largely a function of data volume. In the majority of litigations, before outside counsel even begins the review of potentially relevant documents and communications, each potentially relevant document or communication must be:
- harvested from servers or storage mediums by the e-discovery vendor, often in conjunction with internal counsel and IT staff members;
- processed into a useable data form;
- selected for review using search criteria and limiting factors; and
- uploaded to and hosted on a review software.
Each of these steps typically carries a separate charge from the e-discovery vendor that is calculated on a per gigabyte basis. Those charges are in addition to the cost for counsel reviewing each of the potentially relevant documents and communications. Indeed, in 2012 the RAND Study found that, the average total direct cost of reviewing one gigabyte of data was $18,000. Given that e-discovery vendor and law firm rates have steadily increased in the last four years, it is safe to say that number has only grown. In addition to the direct costs, litigation also often results in companies devoting significant internal resources (including time spent by members of the in-house law department and the IT department) to preserving, locating, and helping to harvest their data.
The duration of the litigation and the run rate for the legal fees are also influenced by the scope (number of documents to review) of the e-discovery process. Often the optimal settlement point for litigation is when the costs and risks of continuing a dispute outweigh the costs and risks to settle. As such, a reduction in the amount of data (and therefore the cost of e-discovery) may help a company avoid being forced to accept a quick – but not as favorable – settlement simply because of costs associated with e-discovery and the balance that must be struck against settlement costs.
3. Reduction in Data Storage Costs
Similarly, companies can save in data storage costs by demonstrating deliberate information stewardship. According to the Center of Democracy and Technology’s 2014 study on data deletion, despite decreases in the physical costs of data storage, storing information is still an expensive proposition – costing companies “huge sums of money in terms of personnel time and technical infrastructure.” In fact, as of 2012, companies were spending an average of $5 million per petabyte to retain historic information.
Ironically, there is little, if any value in storing non-essential information. Indeed, many companies are simply maintaining excess data needlessly. According to the Compliance, Governance and Oversight Council, corporate information generally falls into one of four categories with almost 70% of data able to be safely deleted:
- One (1%) percent of data needs to be retained for litigation purposes;
- Five percent (5%) needs to be retained for regulatory compliance reasons;
- Twenty percent (25%) has business value; and
- Sixty-nine percent (69%) has little or no business value.
As such, deployment of ephemeral communications tools where information is routinely and periodically expired and deleted can significantly contribute to a reduction in the cost of storing data.
The Duty to Preserve Electronically Stored Information in the Context of Litigation
In the context of litigation, Rule 34(a) of the Federal Rules of Civil Procedure provides for the discovery of ESI that is “stored in any medium from which information can be obtained either directly or, if necessary, after translation by the responding party into a reasonably usable form.” Further, “Rule 34(a) applies to information that is fixed in a tangible form and to information that is stored in a medium from which it can be retrieved and examined.”
This definition is intentionally vague and was drafted to avoid reference to any specific type of technology. Because of Rule 34’s open-ended definition of potentially discoverable electronic information, the rule contemplates that instant messages are ESI, as are emails. A corollary to the ability to obtain ESI is the duty to preserve them. The obligation to preserve evidence arises “when a party has notice that the evidence is relevant to litigation or when a party should have known that the evidence may be relevant to future litigation.” Thus, “[o]nce a party reasonably anticipates litigation, it must suspend its routine document retention/destruction policy and put in place a ‘litigation hold’ to ensure the preservation of relevant documents.”
Risks of Failing to Preserve Relevant Evidence
Spoliation is the intentional destruction or alteration of evidence, or the knowing failure to preserve evidence in pending or reasonably foreseeable litigation. Federal courts have the inherent discretionary authority to make appropriate evidentiary rulings and to levy sanctions in response to the destruction or spoliation of relevant evidence.
Rule 37(e) of the Federal Rules of Civil Procedure provides:
If electronically stored information that should have been preserved in the anticipation or conduct of litigation is lost because a party failed to take reasonable steps to preserve it, and it cannot be restored or replaced through additional discovery, the court:
- upon finding prejudice to another party from loss of the information, may order measures no greater than necessary to cure the prejudice; or
- only upon finding that the party acted with the intent to deprive another party of the information’s use in the litigation may:
(A) presume that the lost information was unfavorable to the party;
(B) instruct the jury that it may or must presume the information was unfavorable to the party; or
(C) dismiss the action or enter a default judgment.
Thus, sanctions for failing to preserve relevant evidence include dismissal of the litigation in favor of the other party, exclusion of evidence, and adverse jury instructions in which the jury is informed that it may presume that the destroyed evidence, if produced, would have been adverse to the party that destroyed or failed to preserve it. A finding of bad faith is not required before spoliation sanctions may be imposed – sanctions may be imposed on the basis of simple notice of potential relevance to the litigation.
Factors to be considered when determining the severity of the sanction to impose against a party for failure to preserve evidence include: (1) willfulness or bad faith of the party responsible for loss of evidence; (2) degree of prejudice sustained by opposing party; and (3) what is required to cure prejudice. The loss or destruction of evidence qualifies as willful spoliation if the party “has some notice that the documents were potentially relevant to the litigation.” before they were lost or destroyed.
Case Law Assessing the Duty to Preserve Ephemeral Messages
At present, there is no case law analyzing whether ephemeral messages are required to be preserved or the messaging function disabled following the institution of a litigation hold. That said, cases analyzing other forms of “ephemeral” data are instructive and should be reviewed when analyzing the risk posed. Below is a brief summary of some of the key cases surrounding preservation of ephemeral data.
Convolve, Inc. v. Compaq Computer Corp., 223 F.R.D. 162, 177 (S.D.N.Y. 2004).
The plaintiffs in Convolve sought sanctions for failure to preserve intermediate wave forms for data that was displayed on an oscilloscope for each iteration of a tuning process and contended that the data should have been preserved either by printing the screenshots of each display or by saving the intermediate data to a disk. The court disagreed and declined to order sanctions, primarily on the basis of burden:
“…the preservation of the wave forms in a tangible state would have required heroic efforts far beyond those consistent with Seagate’s regular course of business. To be sure, as part of a litigation hold, a company may be required to cease deleting e-mails, and so disrupt its normal document destruction protocol. But e-mails, at least, normally have some semi-permanent existence. They are transmitted to others, stored in files, and are recoverable as active data until deleted, either deliberately or as a consequence of automatic purging. By contrast, the data at issue here are ephemeral. They exist only until the tuning engineer makes the next adjustment, and then the document changes. No business purpose ever dictated that they be retained, even briefly. Therefore, absent the violation of a preservation order, which is not alleged here, no sanctions are warranted.”
Importantly, however, the court noted that the issue of whether to issue sanctions would potentially be different if the ESI at issue was instant messages: “A somewhat analogous situation arises in the use of Instant Messenger functions. There the question may be a closer one both because at least some Instant Messenger programs have the capability, like e-mail, of storing messages, and because such information is intended to be transmitted to others.”
Columbia Pictures Indus. v. Bunnell, 2007 WL 2080419 (C.D. Cal. May 29, 2007)
The plaintiffs in Columbia sought the production of server log data in order to determine the IP addresses of entities accused of copyright infringement. The defendants, while technically able to retain such information, had never done so, and did not have a computer infrastructure designed to retain such a capability. As a consequence, the relevant information existed in the RAM of defendants’ servers for only six hours.
The court rejected the defendants’ argument that requiring them to retain such information for the first time would be akin to requiring the creation of a new document for production, finding that the information did already exist, even if it was only in temporary RAM storage: “because the Server Log Data already exists, is temporarily stored in RAM, and is controlled by defendants, an order requiring defendants to preserve and produce such data is not tantamount to ordering the creation of new data.” The court then proceeded to find that requiring the defendants to retain server log data would not constitute an undue technical burden or undue financial burden. Finally, the court was not swayed by the fact that the Server Log Data was stored on a third-party’s system, finding that even though theelectronic information was “temporarily stored” by another party, the defendants’ retained “control” since they had “the ability to manipulate at will how the [information was] routed.”
Because all information handled by a computer system exists in that system’s RAM at some point in time, this case reiterated that any form of ESI may be within the reach of discovery. Accordingly, under the reasoning of the case, the only legitimate basis for not preserving ESI for production is undue burden to the producing party, which is essentially a cost/benefit judgment that does not automatically protect a party.
Healthcare Advocates Inc. v. Harding, Earley, Follmer & Frailey, 497 F. Supp. 2d 627 (E.D. Pa. 2007).
The plaintiff moved for a spoliation inference based on the defendants’ failure to preserve Internet cache files, a form of ephemeral data. A cache is a “temporary storage area where frequently accessed data,” such as Web addresses, “can be stored for rapid access.” Depending on the setting applied, the Web browser may empty the Internet cache automatically, and “[s]ome cache files are discarded after only twenty-four hours.” The cache files that the plaintiff sought related to copyrighted computer images that had been viewed by the defendants, an act which the plaintiff alleged constituted “hacking.”
The court held that a spoliation inference was not warranted. In reaching this conclusion, it focused on five factors. First, the court held that the defendants had no reason to anticipate a lawsuit alleging “hacking” for their use of a public Web site to view images from another public Web site, or to expect that the cache files would be sought. Second, because the files were deleted automatically, the defendants were not responsible for their loss. In fact, according to the court, “[t]he most important fact regarding the lost evidence is that the [defendants] did not affirmatively destroy the evidence.” Third, the files were temporary, and may have been deleted numerous times before plaintiff specifically requested them; they “might [even] have been lost the second another website was visited.” Fourth, the plaintiff never specifically requested the cache files. Finally, the plaintiff was able to obtain the information it needed through alternative means.
Arista Records LLC v. Usenet.com Inc., 608 F. Supp. 2d 409, 416 (S.D.N.Y. 2009)
The plaintiffs successfully sought sanctions for the defendants’ failure to preserve usage data files that the plaintiffs alleged were relevant to their copyright infringement claims. The usage data at issue consisted of “pre-existing records from Defendant[s’] computer servers reflecting actual requests by Defendant[s]’ paid subscribers to download and upload digital music files using Defendant[s’] service.” Like other ephemeral data, a usage data file is created automatically by the computer system and not by any individuals, “is transitory in nature, not routinely created or maintained by defendants for their business purposes, and requires additional steps to retrieve and store.” In deciding to issue an adverse inference sanction, the court weighed a series of factors, including evidence that the defendants acted in bad faith when they failed to preserve and produce the usage data files.
Many of these factors overlapped with those considered by the courts in Healthcare Advocates and Bunnell. First, the court noted that the files had been specifically requested. Second, the defendants had active control over the data. Third, the defendants’ usage data was able to be stored for significant periods of time. In fact, the defendants’ actively changed the configuration of their systems to shorten the retention time of these files (which, in essence, was an attempt to make the data more ephemeral). Finally, the data was highly relevant to the parties’ underlying dispute, and the information sought could not be more readily obtained from another source. In this case, the defendants cited both Convolve and Healthcare Advocates to support their arguments that they had no duty to preserve “transient electronic data.” The court, however, deemed both cases distinguishable because the usage data files had not been specifically requested up front. The court also noted that Bunnell had denied sanctions for the destruction of RAM data, in part, because the data had not been specifically requested.
Louis Vuitton Malletier v. Dooney & Bourke, Inc., No. 04 Civ.5316 RMB MHD, 2006 WL 3851151 (S.D.N.Y. Dec. 22, 2006)
The plaintiff sought spoliation sanctions for the failure to preserve the instant messaging exchanges within a customer service chat room on the defendant’s website. It is not entirely clear from the opinion, but it appears that defendant’s failure to preserve continued after notice of litigation.
The Louis Vuitton court found that such instant messages were “a far cry” from failure to preserve emails: “Indeed, it is more akin to a demand that a party to a litigation install a system to monitor and record phone calls coming in to its office on the hypothesis that some of them may contain relevant information. There is no such requirement ….”
Importantly, however, the Court also specifically noted that for the vast majority of time that the chat communications occurred, “the technology that [defendant] utilized did not provide a ready means for retaining such communications.”
Key Considerations Regarding Use of Ephemeral Communications Tools Following a Litigation Hold
Once a litigation hold is put into effect, organizations (and their counsel) must evaluate whether to disable the use of ephemeral communications tools or take measures to preserve the data going forward. The best way forward always depends on a particular case and surrounding circumstances. Below, however, are key considerations for evaluating how to proceed once a litigation hold is in place.
Are the Ephemeral Messages Relevant to the Litigation?
In determining how to proceed with use of ephemeral communications tools after institution of a litigation hold, it is important to first determine whether the messages are relevant to the litigation. Often, in seeking to comply with their preservation obligations, parties go too far and attempt to preserve every scrap of data. As explained by Principle 5 by the Sedona Principles, it is unreasonable to expect parties to take every conceivable step to preserve each instance of ESI. Therefore, before taking preservation to the extreme by disabling all ephemeral communications tools, turning on logging, or beginning journaling, outside counsel should ask themselves the baseline question of discovery: do these data sources contain communications that are potentially relevant to the litigation?
If a company routinely discards ephemeral data, it may not be required to preserve it just because litigation is reasonably anticipated. Counsel need not embrace the knee-jerk reaction of preserving everything – doing so largely drives up cost without significantly mitigating risks. In contrast, deciding to expire data based on a reasonably investigated (and documented) belief that the data is not relevant and the burden to preserve it is too great has been found to be defensible. This inquiry, however, is highly fact-specific. Other factors that may contribute to the decision to continue data expiration and deletion is whether the data is duplicative and the actual expense of obtaining the data in a usable format.
To minimize risk while simultaneously controlling cost, it is crucial that counsel understand the client’s electronic infrastructure and communication procedures. For example, if employees only use a messaging application to make lunch plans, it is likely reasonable and defensible to decide not to spend valuable resources preserving those messages. If the employees routinely use electronic communications tools for business purposes, however, then counsel should consider whether those conversations may have any bearing on the litigation, and how far back the data goes. Just as attorneys investigate and recommend email preservation protocols, procedures for the preservation of ephemeral data should be investigated and implemented if warranted.
How Has the Court Analyzed the Issues of Ephemeral Messages Previously?
Several jurisdictions and individual judges have recognized the issues surrounding ephemeral communications data and other types of transitory data and have taken steps to address those issues. Specifically, various courts have established categories of ESI such as text messages, RAM, and even a broad category of “other ephemeral data” are not generally discoverable and thus need not be preserved. For example, the Eastern District of Texas provides a Model Order for E-Discovery that states “[a]bsent a showing of good cause, voicemails, PDAs and mobile phones … need not be collected and preserved.” Thus, in analyzing the continued use of ephemeral communications following a litigation hold, counsel should also consider how the relevant court has previously addressed the preservation and production of ephemeral data.
Will Opposing Counsel Agree that Ephemeral Messages Need Not Be Preserved?
There is tremendous cost-saving value in cooperation among parties in the area of electronic discovery. Rule 26 of the Federal Rules of Civil Procedure permits parties to stipulate to the preservation or non-preservation of particular data source, including ephemeral messages. If there are problems with the preservation of ephemeral communications or counsel believes the communications are irrelevant, a best practice would be to disclose the existence of the data to opposing counsel and carve those categories of data out of the preservation and production obligations in a written discovery plan. At a minimum, addressing this issue early will allow the parties to timely present the issue to the Court for review and will likely minimize potential sanctions for willfully failing to preserve the ephemeral data.
Evaluation of a company’s risk management strategy in general, and the risk-reward analysis for whether to deploy ephemeral communications tools in particular, should take place at the highest levels, with guidance from internal information technology teams, information security experts and counsel. Every company exists within a varied information security, litigation, and regulatory ecosystem and there is no magic formula for managing risk and handling the large amounts of ESI a company generates. As such, the risk-reward analysis will be different for each company endeavoring to exemplify best practices as they pertain to ephemeral communications.
For the right company, adopting ephemeral communications tools in concert with a defensible deletion policy (which ties in to a company’s information governance policy) can prove highly advantageous. To that end, secure messaging platforms which automatically expire and delete data may prove to be a useful tool for mitigating the costs associated with e-discovery and data storage as well as the risks of costly data breaches. As the Center for Democracy and Technology has stated:
“[f]rom massive breaches to fear of litigation and rising costs of e-discovery, the urge to collect and retain large amounts of data in the hopes of squeezing value out of it has been tempered by evidence that holding data can actively work against a company’s interests. A key solution to reducing data stores is the application of data management policies and emerging technology techniques that reduce data holdings. Data deletion works to protect individuals’ privacy and security, and it helps organizations save resources that would otherwise be spent hosting information without significant value. … Ultimately, data management policies and procedures that include retention and deletion strategies provide a platform for improving the overall sustainability of a company, allowing it to make faster and more efficient decisions about products and services. Data deletion should be part of every company’s data management tool kit.”
Disclaimer: This white paper is not intended to constitute legal advice and does not create an attorney-client relationship. The information contained herein should not be relied upon in lieu of consultation with appropriate legal advisors. Further, as the areas of data security and electronic discovery are constantly evolving, this information may no longer be accurate. The information contained in this white paper is current as of August 1, 2017.
 An affirmative duty to preserve communications or information can arise from statutory, regulatory or other document preservation requirements specific to a certain industry, a governmental investigation or in the context of probable or pending litigation. The duty to preserve communications or information that arises from probable or pending litigation is often referred to as the “litigation hold.” This paper addresses certain issues arising from the use of ephemeral communication tools in the context of the “litigation hold.” This paper does not address issues arising from the use of ephemeral communication tools in the context of any other affirmative duty to preserve communications or information.
 See, e.g., Barnett v. Deere & Co., No. 2:15-CV-2-KS-MTP, 2016 WL 4544052 (S.D. Miss. Aug. 31, 2016) (declining to impose sanctions for the destruction of relevant documents pursuant to Defendant’s document retention policy at a time when there was no duty to preserve and, in its discussion of bad faith, noted that the court “does ‘not draw an inference of bad faith when documents are destroyed under a routine policy’”); Zubulake v. UBS Warburg LLC, 2003 U.S. Dist. LEXIS 18771, at *8 (S.D.N.Y. Oct. 22, 2003) (“It goes without saying that a party can only be sanctioned for destroying evidence if it had a duty to preserve it.”).
 Reliance on cloud-based storage providers may not provide similar risk amelioration as many service providers offer only very basic data security to protect sensitive or privileged information. As a result, communications and documents stored in the cloud can be compromised in the case of a breach of such a third-party service provider.
 Ponemon Institute, LLC, 2016 Cost of Data Breach Study: Global Analysis at 1 (June 2016).
 Id. at 4.
 Nicholas M. Pace and Laura Zakaras, Where the Money Goes: Understanding Litigant Expenditures for Producing Electronic Discovery at xix, 17 (Rand Corporation 2012) (hereinafter “Where the Money Goes”).
 Dean Gonsowski, E-discovery costs: Pay now or pay later, Inside Counsel (May 23, 2012), http://www.insidecounsel.com/2012/05/23/e-discovery-costs-pay-now-or-pay-later.
 Where the Money Goes at 20-21 & Fig. 2.2.
 Michelle De Mooy, Joseph Jerome and Vijay Kasschau, Should It Stay or Should It Go? The Legal Policy and Technical Landscape Around Data Deletion at 9 (Center for Democracy and Technology 2017). (hereinafter “Center For Democracy and Technology Data Deletion Analysis”).
 Compliance, Governance & Oversight Council, Information Economics Process Assessment Kit at 3 (2012)
 Compliance, Governance & Oversight Council, Information Lifecycle Governance Leader Reference Guide at 5 (2nd ed. 2014)
 Advisory Committee Notes to the 2006 Amendments to Fed. R. Civ. P. 34.
 Rule 34(a)(1) is expansive and includes any type of information that is stored electronically. A common example often sought in discovery is electronic communications, such as e-mail. The rule covers—either as documents or as electronically stored information – information “stored in any medium,” to encompass future developments in computer technology. Rule 34(a)(1) is intended to be broad enough to cover all current types of computer-based information, and flexible enough to encompass future changes and developments. Advisory Committee Notes to the 2006 Amendments to Fed. R. Civ. P. 34.
 Zubulake, 2003 U.S. Dist. LEXIS 18771, at *8.
 Id. at *16.
 Black’s Law Dictionary 1409 (7th ed. 1999).
 Glover v. BIC Corp., 6 F.3d 1318, 1329 (9th Cir. 1993).
 See Unigard Security Ins. Co. v. Lakewood, 982 F.2d 363, 368-70 (9th Cir. 1992).
 See Glover, 6 F.3d at 1329; Fed. R. Civ. Proc. 37(e)(1).
 See Swofford v. Eslinger, 671 F. Supp. 2d 1274, 1280 (M.D. Fla. 2009).
 Leon v. IDX Systems Corp., 464 F.3d 951, 959 (9th Cir. 2006)).
 See, e.g., Am. Gen. Life Ins. Co. v. Billard, 2010 WL 5463327 (N.D. Iowa Dec. 29, 2010) (holding that reasonable diligent inquiry by a party finding no relevant, non-privileged voicemails existed precludes the necessity for a party to produce for discovery purposes those voicemails).
 Model Order for E-Discovery, General Order Amending Local Rules, United States District Court for the Eastern District of Texas; see also Model Protocol For Discovery of Electronically Stored Information in Civil Litigation, United States District Court Western District of Washington; Standing Order Relating to the Discovery of Electronically Stored Information, United States District Court for the Northern Division of Illinois Eastern Division, Magistrate Judge Brown.
 Fed. R. Civ. Proc. (b)(2) (B), (C).
 Center For Democracy and Technology Data Deletion Analysis at 15.