Written by Doug Austin, Editor of eDiscovery Today
When I think of the evolution of discoverable sources of ESI in eDiscovery today, one rule of thumb for what I consider to be likely sources is by considering my own business practices and those of my colleagues. For example, it has become common for many people to communicate with colleagues via text messages and collaboration apps, so I consider those as routinely discoverable sources in most cases today. Another way in which sources of ESI have begun to evolve is the increased hyperlinking to cloud-based files in lieu of attaching files within emails and other communications. And this is becoming a big “can of worms” to address in eDiscovery workflows.
Move Toward Cloud-Based Office Suite Technologies
Even before the COVID-19 pandemic, organizations were moving to the cloud for more of their business apps, including the Office suite of technologies, and that has only accelerated since the pandemic with so many workforces working remotely.
According to Statista, Microsoft O365 is now used by over a million companies worldwide, with over 650,000 companies using it in the United States alone. And it’s not even the most popular office suite software used in the cloud: Google’s G Suite controls around 55.2%of the global market (56.97% in the US) and M365 holds around 38% (42.63% in the US).
With more organizations using cloud-based platforms for email communications and also for word processing, spreadsheets, presentations and more, it has become more common to hyperlink to cloud-based office files in emails instead of attaching them. From an Information Governance standpoint, doing so is good data hygiene as linking to files instead of attaching them avoids a proliferation of numerous copies of the same file, which also makes it more secure as less copies of important company information means less risk of that data being exposed.
So, you can expect more employees within organizations to choose to hyperlink to cloud-based files instead of attaching them in emails in the future.
The Impact of Hyperlinking Files on eDiscovery
eDiscovery professionals have always understood that there will always be some hyperlinking to content. The most common example is linking to a page on a website – we’ve all done it for decades and we have come to accept that, at some point, the source may be changed or may be no longer be available as the page (or the entire website) is decommissioned and the link will be broken. There has typically not been an expectation by requesting parties that responding parties will attempt to retrieve those data sources – they’re not considered in the “possession, custody and control” of the responding party.
Linking to cloud-based office files within the organization is different – those files are within the “possession, custody and control” of the responding party. However, just as linked web sources may be changed or deleted at some point, the same holds true for linked office files. Unlike attachments, which are a snapshot of the file at the time of that correspondence, linked files are evergreen: they can continue to be edited or even deleted, so the evidence as it existed at the time of the email may be lost.
In addition to that issue, parties are also now disagreeing on the responding party’s duty to produce those files as part of an email “family” that have typically included attachments along with the email. In the recent case Nichols, et al. v. Noom Inc., et al., New York Magistrate Judge Katherine H. Parker denied the plaintiff’s motion for reconsideration over production of hyperlinked documents, stating: “the Court does not agree that a hyperlinked document is an attachment”; as a result, the defendants were not required to reproduce Google Drive and Gmail documents as family groups (which was a decision many in the eDiscovery industry disagreed with). I expect there will be more cases to come disputing this issue.
What to Do About It
So, if you’re a party involved in litigation, what should you do about the potential of hyperlinked office files? Let’s take a look from each perspective:
- Requesting Parties: As a requesting party, you need to ask specific questions early in the case regarding the handling of office files in communications, such as emails, to determine whether the responding party commonly hyperlinked to those files rather than attaching them. You also need to address clearly in the ESI protocol how those should be handled to get your expectations identified up front. In the case above, doing so might have led to a different result for the requesting party – Judge Parker observed, for instance, that the parties’ ESI protocol in that case didn’t address how hyperlinked files should be handled.
- Responding Parties: As a responding party, you need to ensure that your litigation hold extends to hyperlinked files vs. when they can be defensibly deleted. You may also need to be prepared to change collection processes to collect those files if requested. Software exists today to automate that collection process, so it’s important to be able to implement such a workflow if required.
I called this a “can of worms” at the beginning of this post and that’s putting it mildly. The trend toward hyperlinking to office files instead of attaching them will change existing eDiscovery workflows considerably that have been historically based on the treatment of emails and attachments as family groups.
Are you ready for those changes?
Learn more about how IPRO helps organizations manage data in attachments and other data repositories.
For more educational topics from me related to eDiscovery, cybersecurity and data privacy, feel free to follow my blog, eDiscovery Today!