The document discusses the importance of records retention and destruction policies (RRDP) for compliance with statutory and contractual obligations, particularly in the context of increasing electronic data. It outlines the necessary steps for developing and managing an RRDP, including assessing current practices, establishing policies, and ensuring proper implementation. The document also highlights the implications of improper document management in terms of litigation risks and e-discovery processes.

1. RECORDS RETENTION AND DESTRUCTION POLICIES Richard Austin Austin Technology Law March 30, 2010

2. INTRODUCTION WHY HAVE A RECORDS RETENTION AND DESTRUCTION POLICY? COMPLIANCE WITH STATUTORY OBLIGATIONS COMPLIANCE WITH CONTRACTUAL OBLIGATIONS APPROPRIATE DOCUMENT DESTRUCTION DEVELOPING AND MANAGING A RRDP INTERNAL APPROVALS GETTING STARTED – ASSESSING THE SITUATION DEFINING THE SCOPE OF THE RRDP REGULATORY AND CONTRACTUAL REQUIREMENTS ESTABLISHING THE STANDARDS IMPLEMENTATION LITIGATION AND E-DISCOVERY NOTES

3. I. INTRODUCTION The Information Age: 1.73 billion Internet users worldwide (September 2009), an 18% increase over 2008. 252,908,000 Internet users in North America 90 trillion emails sent in 2009 247 billion emails per day in 2009, up from 100 billion per day in 2002 and 5.9 billion per day in 1999 99% of information stored in the U.S. is created electronically Business data is presently growing at 70 to 120 % per year 70% of documents are never printed

4. I. INTRODUCTION cont’d (1)

5. I. INTRODUCTION cont’d Electronic Documents are different than paper documents: Volume and Duplicability Environment-Dependence Persistence Obsolescence Metadata Dispersion Dynamic, changeable content Searchability

6. II. WHY HAVE AN RRDP? COMPLIANCE WITH STATUTORY OBLIGATIONS General corporate obligations : For companies, their incorporating stature will require specific books and records to be retained, e.g. Canada Business Corporations Act, R.S.C. 1985, c. C-44, s. 20 Business Corporations Act , R.S.O. 1990, c. B.16, s. 140

7. II.A Statutory Obligations cont’d Canada Business Corporations Act: “ 20.(1) A corporation shall prepare and maintain, at its registered office or at any other place in Canada designated by the directors, records containing ( a ) the articles and the by-laws, and all amendments thereto, and a copy of any unanimous shareholder agreement; ( b ) minutes of meetings and resolutions of shareholders; ( c ) copies of all notices required by section 106 or 113; and ( d ) a securities register that complies with section 50. (2) In addition to the records described in subsection (1), a corporation shall prepare and maintain adequate accounting records and records containing minutes of meetings and resolutions of the directors and any committee thereof. (2.1) Subject to any other Act of Parliament and to any Act of the legislature of a province that provides for a longer retention period, a corporation shall retain the accounting records referred to in subsection (2) for a period of six years after the end of the financial year to which the records relate.” (emphasis added) For specific provisions relating to electronic documents, see s. 252.

8. II.A Statutory Obligations cont’d 2. Taxing statutes, e.g. : Income Tax Act , R.S.C. 1985,c.1 (5 TH Supp.), s. 230 Excise Tax Act , R.S.C. 1985, C. E-15, s. 286 Retail Sales Tax Act , R.S.O. 1990, c. R.31, s. 16 3. Employment Related Statutes, e.g. : Canada Labour Code , R.S.C. 1985, c. L-2, s. 252(2) Canada Pension Plan , R.S. 1985, c. C-8, s. 24 Employment Insurance Act , S.C. 1996, c.23, s. 87 Employment Standards Act , 2000, S.O. 2000, c. 41, Part VI Occupational Health and Safety Act , R.S.O. 1990, c. O-1, s. 26.

9. II.A Statutory Obligations cont’d Industry specific obligations, e.g. : Bank Act , S.C.1991, c. 46, ss. 238-239 Insurance Companies Act , S.C. 1991, c. 47, ss. 261-262 Trust and Loan Companies Act , S.C. 1991, c. 45, ss. 243-244 For securities dealers: Provincial securities statutes and regulations Provincial securities commissions rules Investment Industry Regulatory Organization of Canada Mutual fund Dealers Association of Canada .

10. II.A Statutory Obligations cont’d 5. Privacy Obligations, e.g. : Personal Information Protection and Electronic Documents Act , S.C. 2000, c. 5 “ 5.(1) ... every organization shall comply with the obligations set out in Schedule 1.” Schedule 1: 1. Accountability 2. Identifying Purpose 3. Consent 4. Limiting Collection 5. Limiting Use, Disclosure and Retention 6. Accuracy 7. Safeguards 8. Openness 9. Individual Access 10. Challenging Compliance

11. II.A Statutory Obligations cont’d Privacy Obligations cont`d. PIPEDA Case Summary # 2007 - 380 - Bank’s record keeping practices considered inadequate safeguard : “ ... On balance, the Assistant Commissioner believed that this account was the complainant’s only, and therefore the bank disclosed his personal information without the complainant’s knowledge or consent. She noted that it was not enough for the bank to argue that it was a joint account because both of the names appeared on the statements. It needed to produce evidence and it could not . This last point led the Assistant Commissioner to comment that the bank’s record keeping with respect to this account was so careless as to amount to an inadequate safeguard . It could not provide documentary evidence to support its position vis-à-vis the account holder(s). It could not provide documentary evidence that it had or had not disclosed material. She commented that while there might be retention periods in place for certain documentation, these were not consistently applied, as shown by the fact that the bank could provide signature cards for an account that was older than the one under investigation.” (emphasis added)

12. II.B Compliance with Contractual Obligations Obligations relating to records retention and destruction in: Non-disclosure agreements Letters of Intent Memoranda of Understanding Software license, maintenance and support agreements Teaming Agreements Master Service Agreements and Statements of Work Subcontracts, supply agreements and purchase orders Shipping documents Franchise agreements Distribution agreements etc.

13. II.B Contractual Obligations cont’d Typical non-disclosure agreement: Each party agrees, with respect to the other party’s information: To keep the information confidential Not to disclose, distribute or disseminate to 3 rd parties Not to copy the information except with written consent Not to disclose to employees, except as required for business purpose; and if employees agree to be bound To notify of unauthorized possession At completion, to return or destroy all copies Injunctive relief for failure to comply Failure to enforce does not waive compliance

14. II.B Contractual Obligations cont’d BC Government Master Services Agreement (2): “ Records” means books, records, reports, documents, maps, drawings, correspondence, system logs, system development records, accounts, invoices, backup data (including original source documents) and other similar documents, images, writings or information by any means whether graphic, electronic, audio, mechanical or otherwise. 14.1 Maintenance of Records. During the Term and for a period of seven (7) years after the end of the Term (or such longer period as may be required by Applicable Law, or in the case of Subcontractors who cease to provide Services, seven (7) years after such Subcontractors have ceased to provide Services), the Service Provider will: (a) maintain accurate and complete Records related to this Agreement and to the Services to be provided by the Service Provider under this Agreement ... 14.4 Final Return of Province Records. Upon Termination of this Agreement, the Service Provider will deliver all such Province Records then in its Custody to the Province ... .

15. II.B Contractual Obligations cont’d BC Government Master Services Agreement cont`d: 14.5 Costs of Record Keeping. The Service Provider acknowledges and agrees that all costs of record keeping contemplated in this Article 14 ( Maintenance of Records ) will be the responsibility of the Service Provider , and that compensation to the Service Provider in respect thereof is included in the Fees. 14.7 Locations of Records. Unless provided otherwise in this Agreement, ... the following provisions will apply in respect of all Province Records that contain any Personal Information: (a) the Service Provider will maintain the Province Records at the Service Locations ; (b) the Service Provider will not relocate any such Province Records maintained pursuant to this Section without first notifying the Province in writing, and will not remove any Province Records to a location outside of Canada except as Approved by the Province; (c) at no time will any Person have remote access to any Personal Information (including on any backup data) contained in the Province Records from any location outside of British Columbia ... .

16. II.B Contractual Obligations cont’d Compliance with contractual obligations: Touches all aspects of the business Requires education and training of company personnel Dynamic and changing Raises business, confidentiality and security issues Not susceptible to standardized approaches Costly Sometimes isn’t possible

17. II.C Appropriate Document Destruction The “Smoking Gun” : “ ATHM is a piece of crap!” Email from Merrill Lynch analyst who published high ratings of ATHM, disclosed during an SEC investigation of Merrill Lynch, resulting in $100 million fine

18. II.C Appropriate Document Destruction cont’d 1. The “Smoking Gun” cont’d Qantum Communications Corp. v. Star Broadcasting , 382 F.Supp.2d 1362 (2005): Star Broadcasting and Ronald Hale agreed to sell radio stations two radio stations to Qantum. Contract included a “no shop” provision - until the deal was finalized, Star and Hale could not look for better offers. Deal for the first station closed but the second did not. Judge gave Qantum the right to buy the radio station after e-mails revealed that the station's owner had lied about trying to sell the station to another bidder. See Rob Hyndman, “Smoking-Gun Email Nails Violation of No-Shop Clause” August 25, 2005 at 07:45 at http://www.robhyndman.com/2005/08/25/smoking-gun-email-nails-violation-of-no-shop-clause/

19. II.C Appropriate Document Destruction cont’d Spoliation : “ the intentional destruction, mutilation, alteration or concealment of evidence.” Black’s Law Dictionary , 7 th ed.

20. II.C Appropriate Document Destruction cont’d 2. Spoliation – U.S. Case Law : Zublake v. UBS Warburg LLC: Plaintiff brought employment discrimination claim against former employer UBS’ counsel advises UBS not to destroy or delete material potentially relevant to the claim Despite instructions, court finds UBS intentionally deleted a number of potentially relevant emails Some of the emails were recovered from backup tapes but at least one is never recovered. Court issued “adverse inference instruction” to the jury Zublake awarded $29 million

21. II.C Appropriate Document Destruction cont’d 2. Spoliation – U.S. Case Law : Coleman (Parent) Holdings, Inc. v. Morgan Stanley & Co., Inc.: Plaintiff sues for aiding and abetting and conspiring to commit fraud in relation to the sale of certain stock Plaintiff brings order for production of further emails after not being satisfied with initial email production Order entered requiring Morgan Stanley to “search its oldest full backup tapes for emails subject to certain parameters and to certify compliance” Morgan Stanley certifies compliance. However Plaintiff learns that Morgan Stanley had discovered additional back-up tapes that had not been searched. Court issues “adverse inference order” to jury. Jury awards U.S. $604 million in compensatory damages and U.S. $850 million in punitive damages Reversed on appeal and judgment entered for Morgan Stanley

22. II.C Appropriate Document Destruction cont’d 2. Spoliation – Canadian Case Law : Brandon Heating & Plumbing (1972) Ltd. v. Max Systems Inc., [2006] M.J. No. 149 (Q.B.): Claim based or purchase of allegedly faulty accounting software Defendant requires access to operating systems and processors where software installed for defence Plaintiff undertakes to preserve the hardware and disks and to make them available for inspection After three years and a number of inquiries from defendant, plaintiff said that hardware had been replaced. Court found failure to preserve hardware and disks amounted to spoliation and dismissed plaintiff’s action

23. II.C Appropriate Document Destruction cont’d A properly adopted and implemented RRDP may help defend against charges of improper document destruction or failure to preserve: “ Compliance with a reasonable records management policy ... should not, in the ordinary course, constitute sanctionable conduct. There are a number of factors to be considered in determining if destruction was intentional or reckless. Adherence to a document management policy in the face of reasonably contemplated or actual litigation is not appropriate.” Comment 11.e (Reasonable records management policies), Sedona Conference Working Group 7, The Sedona Canada Principles, Public Comment Draft, February 2007

24. III. DEVELOPING AND MANAGING A RRDP Internal Approvals : Identify RRDP issues to the board/senior management: The necessity for a comprehensive and dynamic RRDP Establish RRDP Committee: Cross-functional representation With sufficient budget and authority Reporting regularly to the board/senior management

25. III.B Getting Started – Assessing the Situation Examine any current Records Retention and Destruction Policies Evaluate current records retention and destruction practices: What information does the company keep, how and where? What information does the company destroy, where and how? Are these practices in compliance with law and existing policies?

26. III.C Defining the Scope of the RRDP Records Management: “ The planning, controlling, directing, organizing, training, promoting, and other managerial activities involving the life cycle of information, including creation, maintenance (use, storage, retrieval), and disposal, regardless of media. Record management procedures are used to achieve adequate and proper documentation of corporate policies and transactions and effective and economical management of business and organizational operations” Records: “ anything that is recorded within an organization, including email, drawings, documents/reports created by users, and information received from the outside” http://www.rimtech.ca/page7.html All devices and locations: servers, personal computers, laptops, Blackberries, PDAs, cell phones, iPods, hard drives, disks, sticks, social media sites, etc.

27. III.D Regulatory and Contractual Requirements For each of: Statutory requirements (*) Industry specific standards Contractual requirements Understand and document: What records must be kept? For how long? In what form? What records must/can be destroyed? When? How? (*) If the company operates outside Canada, it will be necessary to ensure compliance with international obligations

28. III.E Establishing the Standards Format of Records Destruction Periods Classification of Information Preserving Privilege Integration with other policies and practices, e.g. Policies relating to: Confidential information Intellectual Property Protection Use of corporate assets Internet Usage Security Suspension for Litigation Holds: When: as soon as litigation is reasonably anticipated Who can suspend

29. III.F Implementation Communication Monitoring Compliance: Test effectiveness of: Retention practices Destruction practices Litigation Holds Audit compliance with the policy Part of individual performance evaluations Update as required

30. IV. Litigation and e-Discovery New Rules of Civil Procedure in effect in Ontario as of January 1, 2010 implemented changes to rules relating to Discovery: the production, inspection, dissemination, review, listing and safekeeping of documents relevant to legal proceeding Positive step towards control over time and expense of litigation in new era of e-Discovery: “ the discovery of electronic information, including email, web pages, word processing files, computer databases, and virtually any information that is stored on a computer or other electronic device ” Sedona Conference Working Group 7, The Sedona Canada Principles, Public Comment Draft, February 2007

31. IV. Litigation and e-Discovery cont`d What is the scope of documentary disclosure ? Rule 30.02(1): “ Every document relevant to any matter in issue in an action that is or has been in the possession, control or power of a party to the action shall be disclosed ... whether or not privilege is claimed in respect of the document.” What is a “document”? Rules 1.03(1) and 30.01(1)(a): “ document” includes ... data and information in electronic form ;

32. IV. Litigation and e-Discovery cont`d What is “electronic”? Rule 1.03(1): “ electronic” includes created, recorded, transmitted or stored in digital form or in other intangible form by electronic, magnetic or optical means or by any other means that has capabilities for creation, recording, transmission or storage similar to those means ... .” Documents are electronic if they exist in a medium that can only be read by way of a computer or other device (as opposed to documents that can be read without such assistance)

33. IV. Litigation and e-Discovery cont`d Discovery Plan: Rule 29.1: “ ... the parties to the action shall agree to a discovery plan ... .” The discovery plan will be in writing and that plan shall include: the intended scope of documentary discovery dates for service of each party’s affidavit of documents information respecting the timing, costs and manner of the production of documents names of persons to be produced for oral examination any other information intended to result in the expeditious and cost-effective completion of the discovery process

34. IV. Litigation and e-Discovery cont`d Discovery Plan cont’d: Parties required to update the discovery plan to reflect changes in information In preparing the plan, the parties shall consult and have regard to the document “ The Sedona Canada Principles Addressing Electronic Discovery ”

35. IV. Litigation and e-Discovery cont`d Proportionality: How much does a party have to produce? Rule 1.04(1): “ These rules shall be liberally construed to secure the just, most expeditious and least expensive determination of every civil proceeding on its merits.” New Rule 29.2, Proportionality in Discovery , requires courts to consider, in determining whether a document shall be produced, whether: Time required would be reasonable The expense would be justified The party would be caused undue prejudice It would unduly interfere with the orderly progress of the action; The information is available from another source; and The order would require a party to produce an excessive volume of documents.

36. IV. Litigation and e-Discovery cont`d Proportionality cont’d: Principle 5, Sedona Canada Principles : “ The parties should be prepared to disclose all relevant electronically stored information that is reasonably accessible in terms of cost and burden.” Principle 7, Sedona Canada Principles : “ A party may satisfy its obligation to identify electronically stored information in good faith by using electronic tools and processes such as data sampling, searching and/or the use of selection criteria to collect potentially relevant electronically stored informati on.”

37. IV. Litigation and e-Discovery cont`d Proportionality cont’d: Dulong v. Consumer Packaging Inc. [2000] O.J. No. 161 (S.C.J.): Plaintiff asks “if there are emails in existence which relate to the matters in issue in this litigation”. Court indicates, on plaintiff’s motion to compel answers, that it was: “ too much like fishing and would, having regard to the extent of the defendant’s business, be such a massive undertaking as to be oppressive.”

38. IV. Litigation and e-Discovery cont`d Proportionality cont’d: CIBC World Markets Inc. v. Genuity Capital Markets , [2005] O.J. No. 614 (S.C.J.): Forensic consultant granted: “ access for imaging and storing in a safe manner the contents of computers, Blackberries and other types of similar electronic devices of every nature and kind as to which the defendants have in their possession, power, ownership, use or control, directly and indirectly.” (emphasis added) Order extended to devices located at any office, home or elsewhere, regardless of whether the devices owned or used by others. Defendants required to certify they had not used the services of other persons / other electronic devices to send or receive messages (and that they had not deleted records).

39. IV. Litigation and e-Discovery cont`d Deleted, Residual and Hidden Data : Principle 6, Sedona Canada Principles : “ A party should not be required, absent agreement or a court order based on demonstrated need and relevance, to search for or collect deleted or residual electronically stored information .” (emphasis added)

40. IV. Litigation and e-Discovery cont`d Preservation : Principle 4, Sedona Canada Principles : “ As soon as litigation is reasonably anticipated, parties must consider their obligation to take reasonable and good faith steps to preserve potentially relevant electronically stored information.”

41. IV. Litigation and e-Discovery cont`d Preservation : Principle 11, Sedona Canada Principles “ Sanctions should be considered by the court where a party will be materially prejudiced by another party’s failure to meet an obligation to preserve, collect, review or produce electronically stored information. The party in default may avoid sanctions if it demonstrates the failure was not intentional or reckless.”

42. IV. Litigation and e-Discovery cont`d Failure to Disclose or Produce a Document : Rule 30.08 (1): Where a party fails to disclose a document in an affidavit of documents or a supplementary affidavit, or fails to produce a document for inspection in compliance with these rules, an order of the court or an undertaking, if the document is favourable to the party’s case, the party may not use the document at the trial, except with leave of the trial judge; or if the document is not favourable to the party’s case, the court may make such order as is just.

43. IV. Litigation and e-Discovery cont`d Failure to Serve Affidavit or Produce Document : Rule 30.08 (2) - Where a party fails to serve an affidavit of documents or produce a document for inspection in compliance with these rules ... the court may, revoke or suspend the party’s right, if any, to initiate or continue an examination for discovery; dismiss the action, if the party is a plaintiff, or strike out the statement of defence, if the party is a defendant; and (c) make such other order as is just.

44. V. Notes Useful websites : 1. The Sedona Canada Principles, Public Comment Draft, February 2007 is available online at: http://www.thesedonaconference.org/content/miscFiles/2_07WG7pubcomment.pdf 2. For more information about records and information management, visit the ARMA Canada website at http://www.arma.org/ Notes : This slide is used with the permission of Ledjit Consulting, Canada`s unique firm specializing in information management, e-discovery, legal technology and law practice management. Master Services Agreement between Her Majesty the Queen in Right of the Province of British Columbia, as represented by the Minister of Health and Sun Microsystems (B.C.) Inc. as of April 13, 2007, available at http://www.health.gov.bc.ca/ehealth/pdf/MSA_and_Schedules.pdf

45. eds.com Questions??