Compliance And E-Discovery: Two Inseparable Risk Management Functions

Saturday, September 1, 2007 - 01:00

Editor: The United States District Court for the Southern District of California's decision in Qualcomm v. Broadcom could require companies to reconsider their e-discovery policies and procedures. Would you provide our readers with an overview of the case?

Mack: Qualcomm v. Broadcom is a patent case. Broadcom alleged that Qualcomm had intentionally withheld information about its intellectual property from other members of a standards body so that it could attain a market advantage. Qualcomm alleged that they did not participate in the standards making, so that they did not need to disclose their IP. Standards are what allow us to use multiple devices regardless of manufacturer, such as a USB port. The Judge, Rudi Brewster, found for Broadcom.

The e-discovery issues in this case focused on whether e-mails that had been harvested had been produced during discovery. They were not. After the end of the case and judgment on the merits, Qualcomm ran some key word searches that produced 200,000 pages of documents that could have been responsive to Broadcom's discovery requests. Judge Rudi Brewster ordered Qualcomm to pay Broadcom's attorneys fees and costs. The Magistrate Judge handling the e-discovery, Barbara Lynn Major, also issued an order to show cause for 14 attorneys representing Qualcomm by name, including name partners, to demonstrate why they should not be subject to personal sanctions. The potential sanctions stated in the order could require each attorney to formally notify his clients and the courts where they have cases pending of their e-discovery misbehavior, issuance of a referral to the state bar for disciplinary action and other sanctions. Those results should be known on August 29, 2007.

Editor: Will this case have the same impact on e-discovery that Zubulake had?

Mack: It may, as both in-house and outside counsel are impacted publicly. Even though the reasons for Qualcomm's general counsel resigning are not clear, some believe that it was as a result of this case. To have a senior executive like the general counsel resign and this number of outside counsel publicly called to explain their actions feels similar to the Morgan Stanley case. Many intellectual property attorneys are just warming up to e-discovery, seeing the Zubulake decision as limited to the employment realm. This case will change that perception very quickly, especially for those prosecuting patent cases. Additionally, this case was decided in the Southern District of California, warning those outside the Southern District of New York that e-discovery feet are being held to the fire everywhere. The perception that the company and the attorneys withheld evidence emphasized the bad faith element of the case.

There is the significant issue of how something like this could have happened. It may be that there was a lack of communication between those charged with developing the company's strategy and those involved in implementing it at the tactical level. The judge is going after 14 specific attorneys, as well as those who appeared in court and those who signed certifications or motions during the discovery process. An attorney asked to sign his or her name to representations and certifications will need a whole new level of trust that all is as it should be.

Editor: It appears that a well-formulated e-discovery plan, similar to those in place for compliance, would have uncovered these issues?

Mack: It is interesting that you mention that because there are companies that have not made the appropriate connection between e-discovery planning and compliance. I asked a group of about 100 compliance professionals during a conference how many were involved in the legal hold process. I was amazed to see only a few hands raised. The potential sanctions and harm that a company faces for not handling a discovery request properly are so high that decisions on structuring litigation holds and ensuring that those involved adhere to company policies should include the compliance function. Companies should have a trusted person, who we refer to as a "technology counsel," within the organization who reports to the chief compliance officer or the chief legal officer on a regular basis on what is happening in the e-discovery area. This should be someone with legal, technical and business knowledge who can contribute at the strategic level and assess what is happening at the tactical level to ensure the tactics support the strategy.

Editor: Would you recommend that risk assessments take into account the risk of failing to produce required documents?

Mack: Absolutely. The DOJ and SEC expect companies to respond quickly to their requests. Increasingly, the FDA is requesting more and more documentation on drugs that are already on the market. A risk assessment allows a company to understand when and how the requests arise, where this data resides, in what format and how easily the incoming requests can be satisfied. It can then take steps to improve their processes.

Editor: Do these recommendations make sense for all organizations regardless of size?

Mack: Companies of all sizes should conduct thorough assessments to determine their highest areas of risk, cost and time. The controls and strategies they develop will be influenced by the resources they have at their disposal and the quantified risk exposure. However, Fortune 1000 companies should consider assigning a full-time executive who is responsible for overseeing the company's retention policies and e-discovery practices. Gartner, a leading IT research and advisory company, recommends that companies have a litigation support manager inside the IT department. From my perspective, this role should be closely tied to the technology counsel role, so that the strategy component for the company can be integrated with the tactical litigation support function.

Editor: Do you believe that this issue would have been avoided if the case had begun after the amendments to the Federal Rules of Civil Procedure had gone into effect?

Mack: This case started well before the federal rules were amended. Had they been in place, many of these issues could have been more visible to the other side and to the judges during the scheduling conference after the Rule 26 meet and confer. There could have been an agreement or an order on what had to be preserved and produced, in what format, and whether anything was considered accessible or inaccessible.

The amendments to the federal rules were intended to prevent this type of catastrophic event by requiring the producing party to demonstrate good faith during the discovery process. Good faith is demonstrated by a company's actions and through proper documentation of how information is stored, collected and produced. Qualcomm attempted to make some disclosures after the trial. The time to demonstrate good faith is early in the process; not after the trial has concluded when the threat of potential sanctions against the legal team arises. The judge was very offended by what he described as "stonewalling, denial and diversions of requests for evidence during discovery." The new amendments will never prevent deliberate withholding. They create conditions to guard against unintentional withholding and subsequent sanctions.

Editor: What can companies do to prevent this from occurring to them?

Mack: Corporations need to have people with enough experience and education to monitor the people responsible for producing evidence. If a company cannot afford to hire somebody full time, then it should reach out to organizations, like Fios, who can help them navigate this process. We regularly help clients assess their litigation readiness. We identify the normal response patterns from preservation through production, map these practices to the company's litigation profile, and identify and prioritize gaps in the processes so that a baseline can be established for improvements. Companies that face or foresee high profile, high value cases need to act now as they have a greater risk profile. A risk assessment should be done on the whole litigation profile, as well as on particular matters, so that counsel will know how much to invest and where.

Editor: How often should a company engage in this type of assessment?

Mack: Technology and electronic discovery requirements are constantly moving targets. What was standard two years ago is no longer acceptable today. For example, under the federal rules the requesting party can request in what format the evidence is produced. The producing party used to control that decision. Court decisions, like the Broadcom case, also require companies to re-assess their processes to avoid problems arising in the future. Conducting periodic and consistent assessments gives companies a foundation to determine whether the processes need to be amended in light of these types of changes.

Editor: How can U.S. multinational companies reconcile the need to produce evidence with the need to comply with foreign laws which may conflict with discovery requests?

Mack: The majority of e-discovery requests from abroad result from U.S. laws extending into other jurisdictions. For example, the Microsoft antitrust case in the U.S. sparked high profile e-discovery in the EU. European laws and the history of protecting privacy rights can result in cross-border, legal conflicts when dealing with these issues.

Establishing a technology counsel would allow companies with operations in Europe and other countries to know the requirements of each jurisdiction, how to gather information when required, and the resulting penalties for compliance failure. There are ways to obtain safe harbors to protect the company from violating foreign privacy laws during discovery. We work with companies with global operations during the planning process, so that they take these issues into consideration and avoid delays and surprises down the line. We look at the IT department's organization and how subsidiaries and foreign operations tie into that organization. If a company is considering a foreign acquisition, it should also assess the target company's vulnerability to e-discovery issues as part of the due diligence process.

Editor: Where can corporate counsel learn more about developments in e-discovery laws abroad?

Mack: Conferences like the Sedona Conference, the Eversheds conference on global compliance readiness and the ABA International Subcommittee, meeting in London in October, are places where these issues will be discussed. Fios will include this topic in our webcasts series ( and in future published articles. Outside the U.S., discovery rules are not as liberal as in the U.S., so it is less likely that the same amount of information will need to be produced. Nevertheless, the need to show good faith though consistent processes, representations and documentation is similar regardless of jurisdiction.

Please e-mail the interviewee at with questions about this interview.

Her blog is

More like this