Header graphic for print
Electronic Discovery Law Blog Legal issues, news, and best practices relating to the discovery of electronically stored information.

Court Sets Protocol for Forensic Inspection of Plaintiff’s Computer Systems

Posted in CASE SUMMARIES

Ferron v. Search Cactus, L.L.C., 2008 WL 1902499 (S.D. Ohio Apr. 28, 2008)

In this case, plaintiff (a lawyer) brought claims under the Ohio Consumer Sales Practices Act based upon emails he received.  Because only the unsolicited emails plaintiff received would support his claim under the Act, it was necessary for the parties to ascertain which of the emails plaintiff received were unsolicited.  Plaintiff’s computer systems contained the only available documentary evidence that could show the pathways taken by plaintiff to solicit the emails or the absence of those pathways.

Defendants requested an inspection of plaintiff’s computer systems so as to ascertain whether plaintiff’s efforts with respect to receiving the emails and visiting the websites (that were at the heart of the action) constituted a consumer transaction under the OCSPA, or whether plaintiff’s opening of the emails and any attempts to obtain free merchandise were part of a business designed to profit from email litigation

Previously, the court held a telephone conference with the parties, directed that inspection of plaintiff’s computer systems’ hard drives was appropriate, and instructed the parties to discuss and propose a protocol for the inspection.  However, the parties were unable to agree and requested another conference with the court to address the issue.

The court held a telephone conference and concluded there were several reasons to allow defendants access to plaintiff’s computer systems:  (1) “Plaintiff apparently failed to fulfill his ‘duty to preserve information because of pending or reasonably anticipated litigation,’” (2) Plaintiff had not otherwise produced the relevant information, and (3) Plaintiff’s computers contained the only available documentary evidence of his visits to the websites in issue.  The court acknowledged plaintiff’s concerns about confidential and privileged information contained on the hard drives, and issued this decision establishing the protocol to be used:

1.  Within seven days of the date of this Opinion and Order, Plaintiff’s forensic computer expert shall mirror image both of Plaintiff’s computer systems’ hard drives and Plaintiff shall preserve this mirror image.
2.  Plaintiff’s forensic computer expert shall then remove only Plaintiff’s confidential personal information from the mirror image of Plaintiff’s computer systems’ hard drives.  Plaintiff’s expert shall provide Defendants with the protocol he utilized to remove the confidential information.
3.  Plaintiff shall then provide Defendants’ computer forensic expert access to his computer systems’ hard drives.
4.  Defendants’ forensic computer expert shall mirror image Plaintiff’s computer systems’ hard drives in approximately four to eight hours for each system.  If the expert finds that this is not enough time, Plaintiff is expected to be reasonable in allowing some additional time.  Defendant is expected to be considerate with regard to scheduling times that are less intrusive to Plaintiff and his business.
5.  Defendants’ expert shall review his findings in confidence with Plaintiff prior to making any findings available to Defendants.
6.  Plaintiff shall identify for deletion any information that is irrelevant and create a specific privilege log of any relevant information for which he claims privilege.  The computer forensic expert shall remove the information claimed as privileged and provide all other information to Defendants.
7.  Defendants’ expert shall provide Plaintiff with the protocol he utilized to remove the privileged information.
8.  Forensic computer experts C. Matthew Curtin and Scott T. Simmons shall act as officers of this Court.  Defendants shall be responsible for remunerating Mr. Curtin and Plaintiff shall be responsible for remunerating Mr. Simmons.