Forensic examinations are about as invasive as they come in the eDiscovery world. They are indiscriminate and far-reaching, allowing a party to obtain and examine an exact image of his adversary’s hard drive, mobile device, server, etc. The privacy implications are particularly problematic, especially when a party requests forensic examination of opposing counsel’s computer system.
In a recent case out of the Middle District of Florida, a party requested a forensic examination of opposing counsel’s computer system after opposing counsel’s office experienced a power surge. The power surge corrupted data on opposing counsel’s computer system, rendering some data unrecoverable. As a result, counsel’s IT technician attempted to “recover as much data as possible.”
Defendant claimed that the technician could have used methods that are more sophisticated and possibly could have recovered more data. They claimed this warranted a forensic examination of counsel’s entire computer system.
Counsel assured the court that he had produced all responsive electronic data and that a forensic examination would be an unnecessary intrusion. Further, counsel insisted that the defendant had obtained all responsive documents through other alternative sources, including by deposing counsel and third parties. According to counsel, there was no basis to believe that other responsive documents existed.
The court denied defendant’s motion to compel forensic examination. In doing so, the court relied on Federal Rule of Procedure 26(b)(2), which requires a party to show good cause when discovery is not reasonably accessible. Because the defendant could not provide the court with even a prediction as to the type of potential evidence it hoped to obtain, the court ruled that it had failed to show good cause.
Significantly, despite the defendant’s offer to pay for the forensic examination, the court found the burden of discovery would likely outweigh any potential benefits. The court noted the inherent privacy concerns of such an intrusion, particularly when a party is requesting a forensic examination of an opposing attorney’s computer—that in all likelihood will be replete with confidential and privileged information regarding matters having nothing to do with the underlying litigation.
The court then stated in determining whether to compel inspection, it must “weigh inherent privacy concerns against its utility.” In doing so, it must consider “whether the responding party has withheld requested information, whether the responding party is unable or unwilling to search for the requested information, and the extent to which the responding party has complied with discovery requests.” All of these factors were not present in this case, and so the court denied defendant’s motion.
The short story: If you are seeking a forensic examination of an opposing party’s computer, you need to do three things:
- identify some basis for warranting such an intrusive search,
- demonstrate that the likely benefit of the discovery outweighs the burden of the inspection,
- make a showing—probably a heightened showing if seeking inspection of opposing counsel’s computer—that what you are likely to find outweighs any potential privacy concerns.
It’s a tough burden, and one that is usually only met where fraud is alleged. If you can’t meet the burden, consider less expensive approaches than motion practice.
To read the full opinion, see Bradfield v. Mid-Continent Cas. Co., 2014 WL 4626864 (M.D. Fla. 2014). The case has been digested and added to eDiscovery Assistant™ under Case Law — to find it, filter using the title in the search box.