Information Governance

The emergence of ephemeral messaging applications to communicate with friends, family, and coworkers quickly, securely, and effortlessly has boomed over the past decade. In that time, users of ephemeral messaging apps have risen significantly, from millions to billions of active users! Ephemeral messaging is an integral and evolving part of both individual and company communications with advantages and challenges impacting companies and the legal industry. Companies must consider the ramifications of their employees' use of ephemeral messaging and adopt policies and procedures to best protect themselves and comply with requirements relating to litigation and regulation. Courts have already begun addressing the failure to preserve relevant ephemeral messages and have been issuing sanctions in a myriad of legal challenges. Ephemeral messaging is here to stay, and companies, courts, and attorneys must understand and adapt to evolve with this emerging technology.

Seeking to resolve a split among the Circuits “regarding the scope of liability under the [Computer Fraud and Abuse Act]’s “exceeds authorized access” clause, the Supreme Court granted certiorari to the appeal of Robert Van Buren, a former Georgia police sergeant whose criminal conviction for violating the act was upheld by the Eleventh Circuit in 2019. Under the "gates-up or gates-down" threshold established by the Court's opinion, the access to information relevant to the question of civil or criminal liability under the CFAA is defined by IT permissions. Specifically, the question is now what files or folders within a computer system is an authorized user allowed to access and did that user exceed that authorized access? 

While the term sounds quite formal, with respect to e-discovery, in practice, “Information Governance” really means getting your electronic house in order so that you can mitigate risks and expenses should e-discovery become an issue in the future. “Getting your electronic house in order” covers the entire data lifecycle, from the initial creation of electronically stored information (“ESI”) through its final disposition, and potentially involves an organization’s entire suite of technology and related processes, policies and strategies. Indeed, IG becomes the foundation and framework of an organization’s  management of its information assets and, importantly, the degree to which e-discovery processes are streamlined and cost-efficient is dependent upon having effective IG policies and procedures in place.

Two of the most compelling discovery sanction cases of the past year are Klipsch Group., Inc. v. ePRO E-Commerce Ltd. and Ronnie Van Zant, Inc. v. Pyle, both decided in the Second Circuit. In the first, the court awarded $2.68 million in discovery sanctions in a case valued at a mere $20,000. In the second, the court issued an adverse inference when a defendant failed to preserve text messages held by a non-party. The implications of both decisions appear far-reaching and critically important for those involved in the discovery process.