Teams Chat and Zoom Meetings – The Next Wave of Discovery Disputes
Three chapters outline any shock to a civilization: 1) the event itself; 2) the immediate response; and 3) the ricochet effects. Today, the state of Louisiana (and others) is nearing the end of the immediate response. People are working remotely, businesses and restaurants are slowly opening, Amazon confirmed my shipment of Lysol wipes, and hospitalizations from COVID-19 are steadily decreasing. This is all good news.
However, the novelty of the pandemic may cause certain ricochet effects to appear as a second shock. For cybersecurity law, the biggest ricochet will be discovery of dialogue from remote workers.
Discovery rules in Louisiana are notoriously liberal, allowing litigants great latitude in collecting written, documentary, and testimonial evidence from each other. Often, the only manner in which to effectively and lawfully exclude certain materials from discovery in a case with even a tenuous relationship to the communication was to conduct the discussion in person or over the phone, or ensure the presence of counsel.
Over the last three months, companies were forced to communicate on Zoom, Microsoft Teams, Skype Business, and Blackboard’s Collaboration Rooms. Each of these platforms enable recording functions, many of which are default settings – meaning automatically in place. For example, the Skype for Business default settings give an individual the power to record audio and video meetings unless a network administrator removes this ability. Similarly, Microsoft Teams records the user’s chat history, which can be replayed and all types of conference recording (video, chat, and audio) can be shared.
The next request for production of documents that a business receives, if drafted by a decent litigator, will request these transcripts and accompanying interrogatories will identify the chief security officer for a deposition to determine how/when default settings were configured for collaborative software. Excluding these materials may prove very difficult absent the participation of counsel.
In Compound Prop. Mgmt., LLC v. Build Realty, Inc., Case No. 1:19-cv-133, the United States District Court for the Southern District of Ohio recently ordered a defendant to produce Zoom Audio Conference Records requested in discovery. Despite arguing “marginal relevance,” Federal District Court Judge Douglas Cole found that discussions among company “officers and executives regarding how they have been managing the company could presumably shed substantial light on the relationships between those entities …as well as offer information regarding how the entities operate (which could be directly relevant to the breach of fiduciary issues).” Id. at *6.
Because most entities have document and data retention policies, any abrogation of those policies by deleting digitally recorded conversations can bring allegations of evidence spoliation. Frequently alleged by parties engaged in bitter discovery disputes but rarely litigated, spoliation is feared by attorneys. In many jurisdictions, spoliation brings a “negative inference” against the party that destroyed the evidence. The court will presume that the destroyed evidence reflected negatively on the badly behaved party’s claims and/or defenses.
Potential solutions and mitigation tactics are limited to adjusting default recording options on digital networking software and coordinating and conducting sensitive discussions over teleconference. Counsel must be consulted before taking further action.
However, the Compound Prop. Mgmt. case serves to remind businesses about the value of a cybersecurity lawyer, especially with the mass corporate transition to remote work. Absent cyber counsel, many more entities may find that previously private conversations conducted by executives are now public record.