The Yale Law Journal


The New Electronic Discovery Rules: A Place for Employee Privacy?

01 Sep 2006

The new procedures for electronic discovery might encourage companies to spy on their own workers. To prevent that from happening, I argue that courts should apply the new rules—which will likely take effect in December—in a way that discourages the abuse of surveillance technologies and protects workers’ privacy. When weighing the benefits of a particular discovery request against the costs, judges should consider an invasion of workers’ privacy as one of the costs.

The influential decision of Zubulake v. UBS Warburg LLC taught corporate America just how much electronic discovery can cost. After UBS Warburg fired Laura Zubulake, she sued the firm for gender discrimination and retaliation. During the discovery phase of her case, she requested “[a]ll documents concerning any communication by or between UBS employees concerning” her, including internal e-mails stored on the firm’s backup tapes. The court agreed that Zubulake could search the tapes—a very expensive procedure. To find out just how expensive, the court ordered UBS to restore a sample of five tapes. After evaluating sixty-eight e-mails from those tapes that Zubulake pinpointed as highly relevant, the court ordered UBS bear seventy-five percent of the costs of restoring the other seventy-plus tapes.

Restoration revealed damning evidence of spoliation—the destruction of discoverable evidence—because the tapes contained relevant emails that key players at UBS had deleted from their computers after the lawsuit was filed. At Zubulake’s request, the court instructed the jury that they could infer that the lost evidence would have been unfavorable to UBS. The jury eventually awarded her $9.1 million in compensatory damages and $20.1 million in punitive damages.

Zubulake and other cases like it have influenced courts and alarmed corporations across the country, especially corporations with large amounts of electronic data stored on difficult-to-restore backup tapes. Because the Federal Rules of Civil Procedure use a generous standard of what evidence is relevant—and thus discoverable—courts have required corporations to restore hundreds of these tapes, running up bills in the millions. And as Zubulake showed, a corporation can face stiff sanctions if its employees delete relevant e-mails despite corporate counsel’s attempt to enforce a litigation-hold. Multiply these costs by the number of lawsuits a corporation faces every year and e-discovery could wind up dictating the outcome of many lawsuits, as companies choose to settle the case rather than pay the staggering fees, and brave the spoliation risks, of complying with the other side’s e-discovery requests.

In short, by combining a low bar for the discoverability of inaccessible data with the possibility of severe sanctions for destruction, the Zubulake framework places a heavy burden on employers with large information systems. That makes electronic surveillance an attractive option. By spying on their employees at work, companies can (1) reduce the amount of data captured on backup tapes, which makes the tapes cheaper to recover and to search in response to a discovery request; (2) detect improper employee behavior before the company is sued; and (3) prevent employees from erasing electronic evidence once litigation is anticipated. With Zubulake over their heads and increasingly sophisticated surveillance technologies at their fingertips, America’s bosses must be sorely tempted to invade their employees’ privacy.

The new e-discovery rules provide an opportunity to recalibrate the balance between employers’ interests in reducing their litigation costs and employees’ interests in maintaining their privacy at work. The new rules offer two features designed to alleviate e-discovery burdens: (1) a two-tier structure of discovery procedures for accessible and inaccessible electronic data; and (2) a safe harbor for the loss of electronic evidence.

The two-tier structure appears in the amendment to Rule 26, which will require parties to produce all “reasonably” accessible electronic data without further prompting, but will excuse them from producing information that is “not reasonably accessible because of undue burden or cost.” If a responding party claims that a requested source is “not reasonably accessible,” then it must persuade the court of its reasons—the first tier. If the court agrees that the information is not reasonably accessible, then the burden shifts to the requesting party to show that “good cause” nonetheless warrants discovery—the second tier.

If, in practice, good cause is harder to demonstrate than inaccessibility, then proposed Rule 26's two-tier structure may make e-discovery less costly for employers. That could benefit employee privacy simply by making aggressive (more expensive) methods of electronic surveillance less attractive. However, instead of hoping that the new rule will prompt employers to voluntarily protect employee privacy, courts could directly promote employee privacy by considering invasion of privacy an additional cost that weighs against the expected benefit of e-discovery. To illustrate, a request for all relevant e-mails written by a minor player in the case should be considered overly burdensome if it would require the company to read through all of that employee’s personal e-mails to ascertain which, if any, are relevant to the suit. Courts should acknowledge employee privacy only to the extent that the employer has done so itself, however. If a corporation has used intrusive surveillance technology to monitor employees, courts should bar it from offering its employees’ nonexistent privacy as a reason for limiting its discovery obligations. This would provide an incentive for the company to refrain from muscling in on employee privacy in the first place.

The second innovation introduced by the proposed amendments is a safe harbor for the loss of electronic data. Proposed Rule 37 shields a party from sanctions if it has lost discoverable data due to the “routine, good-faith operation” of its electronic information system. As the committee note explains, the concept of a routine operation includes “the alteration and overwriting of information, often without the operator’s specific direction or awareness, a feature with no direct counterpart in hard-copy documents.” In other words, proposed Rule 37 would protect a corporation from sanctions for inadvertently permitting a backup tape to be automatically overwritten, but not for failing to prevent employees from deleting relevant e-mails. Thus, even with this safe harbor in place, many companies may still decide that electronic surveillance is necessary to thwart willful spoliation by employees.

To avoid this result, courts could interpret proposed Rule 37 to promote employee privacy by varying the severity of sanctions according to the level of employee surveillance a company maintains. For example, courts could impose harsher spoliation sanctions on companies that have instituted continuous or blanket forms of electronic surveillance, and lighter sanctions on companies that commence surveillance once a lawsuit is anticipated, confined to key players who have a duty to preserve potentially relevant documents. Such a varying application of Rule 37 would certainly be reasonable. A corporation that has adopted extensive surveillance measures has a greater capacity to prevent employees from deleting relevant evidence, and so should be held to a higher standard of preservation. Courts could also broaden the scope of discoverable backup tapes if evidence shows that employees have deleted relevant e-mails, on the theory that there is good cause to believe that a corporation that closely monitors its employees probably condoned the spoliation. If the corresponding backup data has been lost in a routine operation, courts could consider the extent of a corporation’s surveillance as evidence tending to support a finding of bad faith, which would render the safe harbor inapplicable.

While technology advances with frightening speed, our notions of privacy appear to be stuck in the last century. The time has come to re-examine the value of privacy and update it to fit the world we live in.

Elaine Ki Jin Kim is a recent graduate of Yale Law School. She is currently clerking for the Honorable Margaret M. Morrow on the United States District Court for the Central District of California.

Preferred Citation: Elaine Ki Jin Kim, The New Electronic Discovery Rules: A Place for Employee Privacy?, 115 Yale L.J. Pocket Part 161 (2006),