Electronic Discovery & Information Governance – Tip of the Month: 2020 Tips of the Month: A Compilation

In 2020, the COVID-19 pandemic presented litigators and eDiscovery practitioners with unique challenges, including the rapid rise in working from home (“WFH”) and a slew of bankruptcies. Last year also saw new artificial intelligence (“AI”) tools gain widespread acceptance, both within and outside the litigation context, and the continued, swift evolution of European data-privacy laws. A few highlights from our Tip of the Month coverage of these topics last year—information that still applies this year—are recapped below.

COVID-19 Pandemic

• Work-From-Home. Business communications may have been upended by the switch to WFH environments during the pandemic. While companies were rushing to get their technology platforms up to speed, many employees may have improvised and resorted to using a variety of messaging apps on their work and personal devices.
• Employees may have used so-called “ephemeral messaging” apps (such as Wikr, Telegram and Snapchat) as a “virtual water cooler” in lieu of face-to-face conversations among coworkers. Employees may also have increasingly relied on their personal devices, such as their own cellphones and laptops, to communicate.
• A properly crafted litigation hold should take into account the specific features of the applications and devices used by company employees to ensure that potentially relevant documents are not destroyed before collection. In relation to ephemeral messaging apps, a litigation hold should instruct custodians to change these apps’ settings to retain information until it can be considered for collection.
• Bankruptcy. The pandemic has caused a wave of business bankruptcies. Given the rapid pace of bankruptcy proceedings—and the reality that the bankrupt entity is often under enormous financial and business stress—practitioners should consider the following:
• An entity preparing to file for bankruptcy should take careful steps to preserve electronically stored information (“ESI”), including from departing employees. Document privacy obligations, including by statute, agreement, regulation or otherwise, should also be reviewed.
• Interested parties in bankruptcy litigation are encouraged to confer with one another regarding issues related to preservation and production of ESI. Clear communication with adverse parties (or other parties) can be especially helpful in winnowing discovery expectations and obligations among the parties before and during the litigation and in minimizing disputes.
• The parties should be attentive to the document preservation and production vendor (or internal group) chosen as the adviser on these matters, if such an engagement or arrangement is necessary. For example, these discussions should include how this vendor or group expects to handle the fast pace of discovery in bankruptcy.

Artificial Intelligence

• Contract management. Digital contract management tools are software products that locate, track, analyze and change contracts. Modern contract management tools have incorporated AI, allowing them to perform advanced searches and analytics on a repository of contracts.
• Digital contract management tools are invaluable for identifying force majeure clauses and other contract provisions that may have been triggered by unforeseen economic conditions. With this functionality at their fingertips, users have been able to react quickly and intelligently to the crisis caused by the pandemic.
• These tools also underpin custom workflows that automate and streamline projects, such as repapering contracts that are impacted by the transition away from LIBOR or other IBOR benchmark rates. Without such tools, companies are faced with a much more manual, lengthy and costly scenario.
• Litigation. In late 2020, the Northern District of Illinois approved the use of a relatively new AI tool—Continuous Active Learning (“CAL”)—that is widely accepted in the eDiscovery world.
• A CAL tool continuously analyzes the results of human review and reorganizes the review population frequently so that lawyers are looking at the most relevant documents first. Eventually, the number of responsive documents dwindles, and the remaining documents do not need to be reviewed.
• The court held that the responding party could use a CAL tool—or another form of technology-assisted review—without the approval (or even against the wishes) of the opposing party.

European Data Privacy

• GDPR. There was significant litigation concerning the impact of the General Data Protection Regulation (“GDPR”) on data transfers, culminating in a July 2020 decision by the Court of Justice of the European Union that invalidated one of the principal ways in which organizations in the European Economic Area (“EEA”) had been able to transfer data to the United States (the “EU-US Privacy Shield”).
• Then, in November 2020, the European Data Protection Board published new recommendations on the measures to be taken to supplement the personal data transfer tools companies currently rely on to ensure compliance with the GDPR.
• The recommendations are particularly relevant for businesses that rely on so-called “standard contractual clauses,” binding corporate rules or other “appropriate safeguards” in Article 46(2) of the GDPR to transfer personal data outside the EEA to locations (such as the United States) that the European Commission has determined do not offer adequate data protection.
• The recommendations make it even harder for companies to transfer and process European personal data outside of Europe because of the requirement to conduct an assessment of the local law in the jurisdiction where the European personal data is transferred to and implement supplementary technical measures for such transfers. The recommendations may ultimately lead to companies having to store more European personal data in Europe.
• Brexit. The United Kingdom left the European Union at the beginning of 2020 but remained in the EU’s legal framework during a transition period that lasted until the end of 2020.
• Going forward, the GDPR will be incorporated directly into UK law as the UK GDPR.
• The UK GDPR will be substantially the same as the EU GDPR, and the key principles, rights and obligations will remain the same, although the two regimes may diverge in the future.
• Companies should review their data-protection arrangements and ensure they are compliant with the UK GDPR.

In 2021, we expect that working from home and virtual litigation proceedings, including depositions and court hearings, will continue, at least for a while. The lessons we learned, and the new techniques and technologies adapted in 2020, will likely continue to serve us well into 2021 and beyond.