Thinking E-Discovery: Metadata Revisited: Recent Developments, Correcting Common Misconceptions and Analyzing the Florida Approach
By Dennis Kennedy, Evan Schaeffer and Tom Mighell
Dennis Kennedy (DK): Our co-author Tom Mighell is prepping for a big case. So Evan and I decided to give him a break for this column and return to the issue of metadata and talk about some of the recent developments each of us has blogged about recently. Metadata has been with us for many years. The issues that metadata presents in electronic discovery and otherwise in the practice of law have been well-documented for many years. The ways to deal with these issues have even been widely known for many years. However, metadata has generated a ton of interest and questions from lawyers in the past six months or so. I’ve noticed lately that I’m getting a regular stream of questions from lawyers and requests for interviews for articles on metadata. Evan, I know that you have been writing more frequently on your blog about metadata. Are you noticing the same trend?
Evan Schaeffer (ES): I certainly am. I think the trend coincides with the media’s discovery of metadata, especially in the context of some widely-reported news stories. In November, for example, the New York Times did an article about how the Democratic National Committee was embarrassed by metadata in a memo about then-Supreme-Court-nominee Samuel Alito. I’m sure you remember that article, Dennis, since you were quoted in it. It was titled “It Pays to Mind Your Metadata,” and then, in a later version, “Beware Your Trail of Digital Fingerprints.”
(DK): I went back and looked at our earlier “Thinking E-Discovery” column on metadata. I still recommend the article as a good primer on metadata issues for lawyers, along with Ben Cowgill’s blog post listing a “mega-list” of metadata resources. In retrospect, however, I wish that we would not have opted to use the alliterative phrase “mining metadata” in the title. It sounds good, but it also creates misconceptions, not the least of which has become of apparent in the recent efforts in Florida to define looking at document metadata as unethical. We thought it would be a good idea to correct some common misconceptions about metadata and discuss the Florida approach to “protecting” lawyers on metadata. Evan, I like the way that you have blogged about how the “mining” metaphor leads us in some wrong directions when thinking about metadata.
(ES): Metaphors and analogies can color the way people think about a subject. An imprecise metaphor can easily send readers astray. When you say that metadata can’t be viewed unless it’s “mined,” it implies that someone else has taken great steps to hide it. That often isn’t the case. We’re not the only ones who have used the “mining” metaphor. It’s very popular, probably because it makes a technical subject sound a little more dramatic and interesting.
(DK): And even the “mining” analogy is imprecise. Some mining is complex, expensive, difficult and involves drilling deep down into the earth. In other cases, the ore is all but lying on the surface. When I think about metadata, I am reminded of Jed Clampett and the Beverly Hillbillies - “up through the ground came some bubblin’ crude - oil, that is.” Not much mining going on there. Some one sent me a document last week and when I opened it, all of the “track changes” and comments were revealed. I felt a lot more like Jed Clampett than John Henry.
(ES): When you saw the other person’s metadata, did you feel like you’d done something wrong? Under Florida’s approach to metadata, just opening a document might get you in hot water. There’s no Jed Clampett defense. If it’s metadata of the type described in the rule, you’re not supposed to look at it. We’ll talk more about Florida’s approach a little later in this column.
(DK): I felt like a savvy computer user, not a wrong-doer. Let’s take a look at the different kinds of metadata. To me, there are three categories to keep in mind. The first is almost a “surface metadata.” Some one sends me a document and I save it. When I go to open it in Windows Explorer, a pop-up appears when I roll my mouse over the file name and I see the author or other information. Or I look at the document properties or, as in my earlier example, information appears to me just because I am using normal and recommended settings. How is that “mining”? The second category is metadata that takes a little bit of effort to find, and that is metadata that the sending party can easily keep you from seeing. For example, I make a conscious effort to turn on “track changes” back on. If the sending party did not take simple and easy efforts to protect the document, the tracked changes show. If they did make these efforts, they don’t. The third category is computer forensics, where you bring in an expert to learn all that you can about a document or file. Personally, I’m not sure that any of these categories really bother me, but I only have issues with the third category. In fairness, I know that puts me in a minority, but, as I’ve said, if you care about the metadata issues, there are straightforward ways to address the problems that have been around for years.
(ES): Your categories make it clear that metadata is a general term that can mean different things. Some categories of metadata pose problems that others don’t. It makes it difficult to fashion rules. If you write a rule that applies too generally, you might unintentionally regulate types of metadata that aren’t troublesome. The various definitions are very important. Anyone who is learning metadata for the first time should start by getting a good grasp on the types of metadata that can be found “in the wild.” But definitions by themselves aren’t good enough–you need to have examples, too.
(DK): My basic assumption is that if you spend five minutes watching the video on handling metadata in Word documents that you will find on the Microsoft web site, read our earlier column, read the articles Ben Cowgill points to, and maybe even get a little training, you will be a metadata wizard. Craig Ball and Donna Payne have each written excellent articles this year explaining the basics of metadata. I’m starting to lose patience with lawyers who can’t even be bothered to make that level of effort and, as in Florida, are instead looking for ways to protect themselves.
(ES): Of course, the lawyers who can’t be bothered to make the effort might be under the impression that it’s just too difficult to learn about metadata. But most of those same lawyers know about word processing. That’s a little puzzling, since for the types of metadata that every lawyer should know about, the two go hand in hand. The metadata is created as part of the creation of a word processing document. Maybe metadata should be part of the standard approach to training about word processing.
(DK): I do want to go back to the root issue. In every area of the use of information technology other than the practice of law, use of metadata is seen as a good thing. Knowledge management is a good example. The search engines we use on the Internet everyday give us better results because of the ways metadata has been used over the years. Metadata in documents is tremendously valuable for collaboration, archiving and other reasons. Lawyers need to understand that they are swimming against the tide when they claim that metadata is evil or should be eliminated.
(ES): If metadata has been demonized, I again blame the media. Even in specialized lawyer publications, metadata is rarely mentioned unless there’s a story to report about the way its disclosure surprised or embarrassed someone. It’s no wonder that many lawyers regard metadata as something evil.
(DK): Before we talk about the Florida ethics issues, I did want to point to the Williams v. Sprint case in Kansas that contains an excellent discussion of metadata issues. The Williams case probably should be cited and discussed in every brief or argument on metadata issues these days. I will note that the facts are important here and made the decision, in my opinion, a fairly easy one. However, the extended discussion of metadata and the framework set out for analyzing the issues are the important parts of the decision. I suggested that everyone read the case. I do have some quibbles with the analytical framework and, of course, the case has only the precedential value of a federal district court decision, not an appellate court or Supreme Court decision. The decision is very reasonable, though, and I expect that it will become a seminal case in this area. Do you agree?
(ES): For now, Williams v. Sprint is one of the few written opinions about the production of metadata in litigation, which makes it important already. One of the things I like about the case is its finding that metadata is an inherent part of an electronic document. It makes the case helpful to me in those situations where an opposing party tries to produce electronic files without the metadata. As one of the few cases standing for the proposition that metadata should generally be produced, Williams v. Sprint can be cited to virtually any court no matter what the jurisdiction.
(DK): Let me boldly suggest that the Williams case will turn out over the long term to more important that Zubulake. However, let’s turn to what’s going on in Florida. Keep in mind that the Florida bar regulators seem to be floating some trial balloons, and that when you are reading this article, they may have moved in other directions. In simplest terms, Florida wants to apply the ethics rules to the use of metadata by lawyers. Evan, you had a great post on your blog recently that analyzed the Florida approach, do you want to give everyone a quick description of the Florida approach?
(ES): The Florida approach is contained in a proposed advisory opinion that was recently issued by the Ethics Committee of the Florida Bar. It describes the ethical obligations of lawyers who send and receive electronic documents. Sending lawyers have a duty to protect the confidential information of their clients, including “information contained in metadata.” Receiving lawyers have a duty “not to try to obtain from metadata information relating to the representation of the sender’s client where the recipient knows or should know that the information is not intended for the recipient.” The advisory opinion specifically excludes metadata “that is discoverable under applicable rules or is admissible in a trial or arbitration.”
(DK): Well, to no one’s surprise, I have a number of serious problems with the Florida approach. I shudder every time I hear about rulemaking on technology that seems to be done quickly, reactively and without complete understanding of the underlying technology. If you’ve followed the Florida story, you see those elements in play.
(ES): According to news reports, some members of the Board of Governors of the Florida Bar didn’t know what metadata was until the meeting at which they voted to take action against it. It’s hard to criticize the board members for not having a firm grasp of metadata - lots of people don’t. But I think if a rulemaking body is uncertain about the meaning of metadata, they shouldn’t act until they’ve figured it out.
(DK): I start my thinking on this subject with the excellent critique Evan made on his blog. I would add to his comments that putting requirements on the receiving party on the basis of the sending party’s obligation to keep the sending party’s client’s information confidential is quite a stretch. However, I want to start with my difficulty in seeing ethics rules used as a way to insulate lawyers from learning very basic technology issues that have been around for a long time and with respect to which you can get up to speed in a very short period of time. How many other examples of that do we see? In other words, I don’t see metadata as even close to an issue that’s big enough to warrant this type of approach.
(ES): You’re right that under the Florida approach, lawyers really aren’t encouraged to learn the basics about the metadata they’re creating. They might conclude they don’t need to know since receiving lawyers aren’t supposed to be looking at anything that’s “not intended for the recipient.” But why give lawyers who create the metadata a free pass? It doesn’t make sense to me either, especially since the Florida Bar seems mostly to be concerned with metadata in word-processing documents. As we’ve pointed out already, that’s a pretty easy-to-understand form of metadata.
(DK): Second, I question rules that micromanage how lawyers use technology in their practice without considering the impact on clients. As I mentioned, I use standard and recommended settings that, as I read the proposed Florida rule, would arguably make me subject to disciplinary proceedings if I were a member of the Florida Bar. I use those settings to protect my documents and those of my clients. As a consequence of those settings, I may see metadata in documents where people do not take well-known and easy-to-implement precautions. I see this as a technology issue and am not convinced in the slightest that it’s an ethics issue. Why should I be forced to use technology in my practice in ways that I don’t believe represent safe computing and make me practice law in a manner based on the least common denominator of lawyers in my state?
(ES): I suppose the Florida Bar would argue that its approach is aimed at protecting not the least common denominator of lawyers, but protecting the clients of those lawyers. If some lawyers are too inept to take easy-to-implement precautions, their clients shouldn’t have to suffer for it. To make sure their clients don’t suffer, the Florida Bar has imposed a duty on receiving lawyers not to look at certain types of metadata. The problem with this approach is that it restricts the receiving lawyer’s ability to make use of technology. The technology that’s being restricted might have been used in a hundred different ways, each of them ethical. But under Florida’s approach, many of those uses might be prohibited–if Dennis practiced in Florida, for example, he arguably wouldn’t be able to use the “standard and recommended settings”–because the authors of the rule have identified one use that they think might be unethical. In trying to protect the clients of the sending lawyer, the authors of the rule have put a far greater number of clients–those of the receiving lawyer–at a disadvantage.
(DK): Third, doesn’t this type of rule protect and insulate lawyers from poor practices and prevent innovative lawyers from representing their clients well? For the life of me, I don’t understand how metadata raises any new issues. What’s next? Do we say that lawyers cannot use computer forensics experts? Do we say that that it’s “unethical” to use Google in sophisticated ways that will reveal more information than other less Internet-savvy lawyers can? It’s not a game that we should be playing because it can have a serious impact on how well a client can be represented.
(ES): One thing’s for sure. If forced to choose, potential clients will want lawyers who are able to take advantage of the most recent advances in technology on their behalf. They won’t choose lawyers whose hands are tied in ways that might put them at a disadvantage.
(DK): While the Florida effort does try to create some exceptions, I have difficulties with that approach as well. If I am to be at risk of being found “unethical” and disciplines because of my technology skills, I’d like to see safe harbors and clear guidelines of what can and cannot be done. In the current Florida draft, the exceptions are also classic examples of “chicken and egg problems.” How can I get a court order on discovery of metadata if I can’t look at metadata to know if any exists? Several of the questions I’ve been asked about lately made me feel that one side was flat-out lying to the other (and I mean big whoppers of lies).
(ES): It’s those pesky chicken-and-egg problems that make the Florida rule so unworkable. Here’s another one. Receiving lawyers aren’t prohibited from obtaining all metadata, but only metadata (a) “relating to the representation of the sender’s clients” where (b) “the recipient knows or should know that the information is not intended for the recipient.” It seems simple enough, except that you can’t tell whether metadata fits into those categories unless you view it first. But viewing it is prohibited, at least when the metadata fits into the categories. Confused? So am I.
(TM):
(DK): Well, you might be surprised that I think that I might have a solution. And it exists right in front of us. I start with the premise that there is nothing radically different about document metadata than anything we’ve seen before. You can find all kinds of “metadata” associated with paper documents - paper size, those initials of the author and secretary, type of paper, post marks, marginalia, ink type, even fingerprints. They raise the same issues, but I haven’t heard anyone lobbying to change the ethics rules on how they are handled. Letters and faxes have been inadvertently sent to the wrong people. Are we talking about changing rules on their use? Of course not. Metadata is simply analogous to everything else we’ve ever done. There are cases and guidance on issues like inadvertent disclosure, redaction and the like. Just apply them to metadata and electronic documents. The analogies are clear and there seems little reason to jump into a new regime of rules and laws for metadata, especially when there are strong concerns that people jumping to regulations without understanding the underlying technology. The issue is always behavior, not technology.
(ES): It seems like a workable solution. Confidential information that’s unintentionally disclosed in metadata can be treated like confidential information that’s unintentionally faxed or mailed to an opposing party. Arguably, that’s what the Florida Bar was trying to do. It could be that the simple rule they wanted to draft-a rule stating that ethical obligations pertaining to confidential information also pertains to confidential information contained in metadata-just became a little too elaborate. It’s not a problem that can’t be fixed. After all, at this point, the Florida rule we’ve been discussing is just a “proposed” rule. It’s not yet final.
(DK): These areas require a go-slow approach, if only because technology changes so quickly. Clients and courts will be the primary drivers in this area. Will clients want to hire Florida lawyers if they cannot use technology tools in fundamental ways? Let’s all take the small amount of time it requires to learn the basics of metadata and the issues it raises, then we can discuss in a calmer and more reasonable way what actions, if any, might be required. Until we do that, we will be battling an increasing number of misconceptions about metadata. It’s metadata, not rocket science, and all lawyers should be able to learn this stuff easily and quickly.
(ES): It’s a theme we return to a lot in these columns on electronic discovery: lawyers should take the small amount of time required to learn the basics. I wonder how many are actually doing it.
=============================
Dennis Kennedy (dmk@denniskennedy.com) is a well-known legal technology expert and technology lawyer based in St. Louis, Missouri. An award-winning author, he has written extensively on electronic discovery and other legal technology topics and also speaks frequently on these matters. His website (www.denniskennedy.com) and blog are highly-regarded resources.
Evan Schaeffer (eschaeffer@riverbendlaw.com) is a class action and mass torts lawyer based in the St. Louis metropolitan area. His firm is Schaeffer & Lamere, P.C. Schaeffer’s weblogs are The Illinois Trial Practice Weblog and Evan Schaeffer’s Legal Underground.
Tom Mighell (tmighell@swbell.net) is Senior Counsel and Litigation Technology Support Coordinator at Cowles & Thompson, P.C. in Dallas. He is the author of the Internet Legal Research Weekly, and the Internet research weblog Inter Alia, an Internet legal research weblog.
Filed under From the Experts.