2014 was another eventful year for e-discovery and information management in Canada. Set out below are some of the major trends and developments that emerged over the last year.
SEDONA CANADA PRINCIPLES
The Sedona Canada Principles Addressing Electronic Discovery are being updated. For the past year, the Sedona Canada Working Group has been working on updating the principles, which were originally published in 2008 to reflect the growth of electronic discovery in Canada and the developments in the case law. The updated Sedona Canada Principles are expected to be published early in 2015.
The current principles continue to be recognized by courts in Canada. In Palmerston Grain v. Royal Bank of Canada, the Ontario Superior Court of Justice stated that the Sedona Canada Principles have been incorporated by reference into the Ontario Rules of Civil Procedure and that a failure to comply with the principles constitutes a breach of the rules. Other provinces, such as Alberta, have taken similar steps to incorporate the principles into the provincial process.
Courts continue to emphasize the importance of discovery planning and the need to put discovery agreements in writing. In Siemens Canada Ltd. v. Sapient Canada Inc., Siemens asked the court to, among other things, impose a discovery plan on the parties. When the action started, the parties did not establish a discovery plan but proceeded to produce documents without communicating with each other. When Seimens produced 120,043 documents, and Sapient only produced 23,356 documents, counsel for Seimens began to question why Sapient had produced so few documents. The answer was their approach to discovery. While Siemens was partially successful on its motion, the Ontario Superior Court of Justice denied it any costs, noting that the parties were “the authors of their own misfortune” for proceeding without a discovery plan. And, in Coleman v. Neagu, the Ontario Superior Court of Justice held that an oral agreement to a discovery plan did not satisfy Rule 29.1.04(3) of the Ontario Rules of Civil Procedure, which requires that discovery plans be in writing. The takeaway from these cases is to ensure that you have a discovery plan and that it (and all revisions to it) be in writing.
Given the growth of electronically stored information, courts continue to emphasize the need for parties to craft a proportional discovery process based on the Sedona Canada Principles and the requirements of Rule 29.2 of the Ontario Rules of Civil Procedure. For example:
- In Allianz Global Risks US Insurance Co. v. Canada (Attorney General), Master MacLeod of the Ontario Superior Court of Justice noted that “before producing large numbers of technically relevant but perhaps unimportant documents … counsel are required to confer with a view to narrowing the scope of production.” Master MacLeod stated that when dealing with electronic documents “the parties are required to consider proportionality and to have regard to the Sedona Canada Principles.”
- In Farrell v. Kavanagh, Justice Brown, then of the Ontario Superior Court of Justice, attached to his decision “Standard Case Management Directions for Proceedings Case Managed by D.M. Brown J.” Under the section entitled “E-Discovery,” it was stated that “[c]ounsel must explore creative ways to ensure that e-discovery costs remain proportionate to the complexity of the issues and the amount of money at stake in this case. Those creative ways can include (i) limiting the number of issues on which initial documentary discovery can be made, (ii) delaying e-mail documentary discovery until after core documents related to the limited issues have been exchanged, and then (iii) limiting the scope of e-mail documentary discovery.”
Another trend has been to require parties to provide more details about the records over which they are claiming privilege. In Canadian Natural Resources Limited v. ShawCor Ltd., the Alberta Court of Appeal changed how litigants in Alberta are required to describe records over which they are claiming privilege. The court held that litigants must describe the records over which they are claiming privilege in their affidavits of documents “to assist other parties in assessing the validity of the claimed privilege.” Before this case, litigants in Alberta were not required to specifically describe privileged records and could describe them merely as privileged bundles, identifying the various types of privilege claimed. The court noted that this new approach (supported by the latest revision to the Alberta Rules of Court that came into effect in 2010) is consistent with the approaches being taken in other jurisdictions for the listing of privileged documents in affidavits of documents, including British Columbia, Ontario, Saskatchewan and the Federal Court.
PRIVACY AND DATA STORAGE
There is a high-profile case underway across the border between Microsoft and the American government, which will be worth watching in 2015. At issue in Microsoft Search Warrant Order, No. 13-2814 is whether Microsoft should be forced to hand over data that is stored overseas. Microsoft stores messages sent and received by its users at its “datacentres”. The physical location of a user’s data depends primarily on the proximity of that user to the various datacentres. In December 2013, in connection with a narcotics investigation, a judge from the Southern District of New York issued a search warrant to Microsoft related to an email account stored at premises “owned, maintained controlled or operated by Microsoft Corporation.” Microsoft objected to the warrant to the extent it sought information stored at its datacentre located in Dublin, Ireland. Microsoft’s motion to quash the warrant was denied, a decision upheld by U.S. District Judge Loretta A. Preska. Microsoft has since appealed to the U.S. Court of Appeals for the Second Circuit. No hearing date has yet been set.
From an e-discovery perspective this case raises two main issues: (1) the complexity of data privacy laws around the world, and (2) questions surrounding the possession, custody and control of data. On the data privacy side, countries around the world have a wide variety of different data privacy laws. The variance between laws can make cross-border e-discovery difficult to navigate. Compliance with orders such as this one could mean violating privacy laws in the jurisdiction where the data is actually housed. This case also raises questions of possession, custody and control of documents. Microsoft’s primary argument on the motion to quash the warrant was that the warrant sought information located outside the U.S. While the court’s analysis on this point focused on U.S. law (primarily the Stored Communications Act), the court held that the heart of the issue was not where the data was actually stored but whose control it was under.
Cybersecurity made headline news repeatedly in 2014. There were several significant data breaches resulting from both external and internal threats. Criminal hackers infiltrated computer networks, stealing confidential corporate and personal data, unencrypted company laptops were lost and/or stolen, and rogue employees stole confidential personal information that was in their employer’s custody. While the retail sector has been hit especially hard this year, cybersecurity threats can (and do) occur in any industry, e.g., financial, biotech, health care, energy, education, government and hospitality.
At the same time that cybersecurity risks are increasing, the amount of electronic information being created, received and sent is also increasing. From an e-discovery and information management perspective, having an information governance policy that includes specified and enforced records retention periods is a step that is needed to mitigate the risk and impact of a cyber-attack. Ensuring laptops, phones and all external devices (USB keys, hard drives, etc.) are encrypted is another vital step in managing cyber-risk.
In August 2014, the Competition Bureau published draft guidelines regarding the Production of Electronically Stored Information. The draft guidelines were prepared with input from the Canadian Bar Association and are designed to standardize the production process for voluntary and involuntary productions of electronic records to the Bureau.
The guidelines are focused on technical aspects related to production such as document format, indexing and document delivery. The guidelines recognize that as technology changes, the production process will need to be updated accordingly. In the guidelines, the Bureau encourages producing parties to engage in dialogue regarding the production of electronically stored information. The Bureau continues to require that producing parties identify the specifications in the request for which each document is responsive and to limit the scope of permissible de-duplication to civil matters only (i.e., for criminal matters, all duplicates must be provided).