Passlogix, Inc. v. 2FA Tech., LLC, 708 F. Supp. 2d 378 (S.D.N.Y. 2010)
Upon finding that defendants spoliated relevant information, including emails, Skype messages, and computer logs, the court declined to order an adverse inference, to preclude defendants from the presentation of arguments implicating the discarded documents, or to order defendants to pay plaintiff’s costs, but ordered monetary sanctions in the amount of $10,000, after balancing “2FA’s litigation conduct with its status as a small corporation.”
In this opinion, the court addressed plaintiff’s allegations that defendants, specifically defendant Gregory Salyards, committed fraud on the court by creating and sending an anonymous email “in an effort to expand discovery, cause Passlogix competitive harm, and garner a favorable settlement.” Defending against the accusation, Salyards proffered the affirmative defense of IP spoofing, “stating that a Passlogix employee may have ‘spoofed’ his IP address in an effort to impersonate him on the internet.” Passlogix also sought spoliation sanctions arguing that defendants failed to implement a legal hold and took part in intentional spoliation of data, including emails and text messages.
Although beyond the scope of this summary, the court’s lengthy discussion of the anonymous email(s) and Salyards’ defense of “IP spoofing” is fascinating and showcases how ever-advancing technology has created scenarios for consideration that, not long ago, seemed more the stuff of spy novels than of litigation in our federal courts.
Returning to the topic of spoliation, plaintiff sought sanctions for defendants’ failure to implement a litigation hold and deletion of electronically stored information (“ESI”) despite their duty to preserve. Specifically, plaintiff alleged that defendants wrongfully destroyed a relevant, anonymous email received by defendant Salyards; destroyed written communications between defendant Salyards and Chris Collier, a former Passlogix employee and key figure in the accusations of IP spoofing; and failed to preserve computer logs from defendants’ investigation surrounding the alleged IP spoofing. In order to prevail, plaintiff was required to show that defendants had a duty to preserve at the time of the alleged spoliation, destroyed or failed to preserve the documents with a “culpable state of mind”, and that the documents were relevant to plaintiff’s claim or defense.
Regarding the anonymous email, defendant Salyards admitted deleting the email (which allegedly contained “Passlogix functional specifications”) after determining it was “improper for [defendants] to have it.” The court determined that the deletion occurred when defendants’ had a duty to preserve evidence. Additionally, the court determined that defendant Salyards’ deletion of the email and admitted failure to implement a litigation hold amounted to gross negligence. However, the court declined to infer the relevance of the deleted email absent evidence of bad faith.
The question of relevance was tied to the particulars of the IP spoofing defense, namely a question of whether defendant Salyards authored the anonymous email himself. Because Passlogix could present no evidence of such authorship, the court was not persuaded that a reasonable trier of fact could find the email hurtful or helpful to either party. Accordingly, the court declined to find that defendants’ had spoliated the anonymous email.
Regarding the written communications between defendant Salyards and Chris Collier, the court determined that defendant Salyards “was on notice that some of his written communications with Collier were probative of the underlying litigation when the communications were deleted”, that Salyards’ “failure to preserve these written communications, in addition to 2FA’s overall failure to issue a written litigation holds notice, constitutes gross negligence”, and that the written communications were relevant to the litigation. Accordingly, the court found that defendants “engaged in spoliation of evidence”, including emails, text-messages, and Skype messages.
Finally, the court addressed 2FA’s failure to preserve computer and network logs from its investigation of the source of the anonymous emails implicated in the IP spoofing controversy. Again, the court found the data was not preserved, despite a duty to do so. Beyond gross negligence, however, the court found the failure to preserve the computer and networks logs intentional, where the investigator admitted to withholding the logs because of his “subjective belief that the logs would have appeared to point falsely to Salyards as the author of the September 3 email.” In so finding, the court noted that “[t]he duty to preserve documents is meant to prevent these sorts of ‘judgment calls’ by litigants…”
Because the court found the spoliation intentional and in bad faith, the relevance of the documents was presumed and the burden shifted to 2FA to show that Passlogix was not prejudiced by the absence of the missing information. “Because Passlogix [did] not have a copy of 2FA’s computer logs and because the logs [were] likely no longer available as a result of 2FA’s continued deletion of records”, the court held that Passlogix was prejudiced by 2FA’s spoliation of the logs.
Turning to an appropriate sanction, the court denied Passlogix’s request for an adverse inference, for an order precluding Passlogix from making arguments implicating the “discarded documents”, and for Salyards to pay the costs of Passlogix’s investigation into the anonymous emails. Rather, the court determined that the appropriate sanction would be a monetary fine of $10,000:
The Court holds that a monetary fine of $10,000 against 2FA best suits "the facts and evidentiary posture of [this] case." Reilly, 181 F.3d at 267. 2FA is a small company founded only in 2006, and Salyards and Cuttill–who the Court both finds responsible for the spoliation of evidence in this case–are 2FA’s sole principals and co-founders. Here, a fine against 2FA serves the dual purposes of deterrence and punishment. See Green, 262 F.R.D. at 292. Because Salyards and Cuttill are the sole principals of 2FA, a fine directed at 2FA will affect them directly. In concluding that a fine of $10,000 is the most appropriate sanction, the Court balances 2FA’s litigation conduct with its status as a small corporation.