How To Get The Discovery You Need From Your Opponent

October 2007

Library Sections:

• Expert Testimony
• Damages Analysis
• Investigations and Forensic Accounting
• Computer Forensics / Electronic Discovery
• Sarbanes-Oxley Whistleblower Solutions
• Valuations and Appraisals
• Financial Reporting
• Tax Advice and News
• Other Current Events and Economic Commentary
• Financial Calculators and Related Advice

An extraordinary amount of time is incurred in discovery asking for records that may not even exist, or asking for records that do exist, but the other side declines to produce records that were not requested using just the right terms. Once the records are identified, wasteful paper-based productions occur because the requesting party did not insist on an electronic production, usually because of concerns that an electronic production may not be usable or understood. All of this wasted effort can be avoided easily.

Today, practically all business records exist electronically. Many records exist only in an electronic form. All of these electronic records can be produced much more quickly, cheaply, and easily than ever occurred with paper. For all these reasons, your discovery requests should initially focus on digital records.

A corporate-representative deposition on electronic-discovery issues should be the very first discovery action you take. This quickly obtains an overview of your opponent’s data systems. When done at the beginning of a case, senseless argument over what information exists and does not exist is avoided, because you then have the benefit of a party admission. Under FRCP 30(b)(6) and analogous “person most knowledgeable” state-court rules, you can send a notice that lists topics of inquiry, and this obligates your opponent to provide a witness(es) who has knowledge of the topics you list.

The subpoena should include a demand to produce records that identify the location, format, and character of your opponent’s data. Specific requests include all records that describe or memorialize:

1. Written data retention policies, and a description of the data retention policies actually in place

2. All technical manuals, network architecture diagrams, booklets, guidelines, memoranda

3. Policies and procedures for managing electronic information, including:

a. Individuals with administrative level access to the network
b. User permissions for accessing, modifying, and deleting data;
c. Utilization of data deletion programs;
d. Schedule for formatting hard drives or reinstalling software applications;

4. Servers or computers serving as a central repository of any information for the organization - Information should include:

a. Server name of each system
b. Physical location of each system
c. Operating systems and versions of each system
d. Business purpose of each system (e.g., webserver, accounting system, fileserver, etc.)
e. Critical applications running on each system, and the versions of each
f. Critical databases or information stores found on each system

5. Current and former users on the network

6. Individuals responsible for access to information systems on the network (e.g., accounting systems, operations systems, human resources databases)

7. List of each computer or device (i.e., PDA, removable media) with network access, including physical location

8. Location and description of personally owned computers used by employees for business purposes

9. Accessibility of computer systems from outside the office

10. Disaster recovery system and processes, including without limitation:

a. Lists of backup media
b. Locations of backup media
c. Hardware and software used to backup and archive information
d. What data is backed up
e. Backup schedules
f. Individuals responsible for the backup/recovery procedures
g. Circumstances where backup data was used for non-disaster data retrieval (This is important when addressing contentions that backup data is “not reasonably accessible” and hence need not be produced)
h. Under what circumstances are the storage schedules modified?

11. System(s) used for the electronic mail system, including but not limited to:

a. Outside services used, if any
b. Server and workstation software, including versions details
c. Server and workstation storage
d. Lists of users
e. Location of email files

12. Current litigation holds in place

13. Timeline of data available from online systems – For how far back does online data exist for each system?

14. Timeline of data available from archived systems - For how far back does backup and archived data exist?

15. Software upgrades or changes to all critical applications, databases, accounting systems and operations systems, including without limitation:

a. If upgrades exist, are the old software versions still supported?
b. Do any systems on the network still have access to the legacy system and data?
c. List archived media that contains data accessible with the legacy systems

16. Reports generated as part of the normal operation of the business, including the individuals to whom the reports are distributed

17. Business policies regarding acceptable use of computers and other technology systems

18. All documents which the deponent utilized or may need to refresh his recollection regarding any issues which relate to this lawsuit

19. All documents which the deponent utilized, consulted, or may need, to refresh his recollection regarding the preparation for this deposition

In order to make the most of the depositions and the documents produced, most lawyers taking such a deposition would benefit from having the active assistance of their technical consultant during the deposition.

Responding to these Requests

When responding to these requests, most companies would be wise to err on the side of a person that has deep technical skills. If misinformation is provided, the e-discovery Rule 30(b)(6) deposition will sidetrack litigation for months by causing your opponent to request records while driving litigation and motion-practice costs unnecessarily high. This person should be thoroughly prepared before the deposition, just as would be done for any important percipient witness. Only a well-prepared witness will have the proper frame of reference to avoid innocent pitfalls that can cause such damage.

Companies that do a poor job of managing their electronic records are particularly vulnerable to discovery of information that never should have been retained in the first place. To avoid these problems see Electronic Storage Best Practices.

For additional information on electronic discovery, see Electronic Discovery Best Practices. This article addresses both preparing for your own production, and obtaining discovery from your opponent.


Fulcrum Inquiry provides electronic discovery and computer forensics services in litigation.