Overview
- The Federal Trade Commission (FTC) and the US Department of Justice (DOJ) are updating their standard preservation notices and instructions for responding to all manner of discovery (e.g., second requests, voluntary access letters, compulsory process, etc.). The update will alert parties to the steps that must be taken to preserve communication from popular business collaboration tools and “ephemeral messaging platforms” like Slack, Microsoft Teams and Signal.
- These platforms are typically set to delete communication data automatically and may lack appropriate capabilities for preserving and extracting data even when a preservation notice is issued. While these tools have become central features in the modern business landscape, the Agencies’ announcement is designed to clearly set out the expectation that companies and individuals will adhere to preservation requirements. Parties could be subject to criminal obstruction of justice charges if they fail to comply.
- Highlighting the very serious concern these tools raise in the DOJ’s view, Manish Kumar, Deputy Assistant Attorney General for the DOJ’s Antitrust Division, asserted that ephemeral messaging platforms are “designed to hide evidence.”
In Depth
WHAT HAPPENED
- On January 26, 2024, the DOJ and FTC (the Agencies) announced an update to their preservation notices and instructions for responding to all manner of discovery to “address the increased use of collaboration tools and ephemeral messaging platforms in the modern workplace” and “reinforce longstanding obligations requiring companies to preserve materials during the pendency of government investigations and litigation.”
- The Agencies recognize that ephemeral chat messaging is becoming an increasingly important feature of the modern business landscape, and they have sought to collect ephemeral messaging data in the past. However, because these platforms are typically set to delete messages automatically and may lack clear solutions for preserving data, the Agencies have run into dead ends trying to collect such data in prior cases. Indeed, Manish Kumar, Deputy Assistant Attorney General for the DOJ’s Antitrust Division stated that “these updates to our legal process will ensure that neither opposing counsel nor their clients can feign ignorance when their clients or companies choose to conduct business through ephemeral messages.”
- This new preservation language will be included in all DOJ and FTC preservation letters, second request specifications, voluntary access letters, compulsory legal process and grand jury subpoenas going forward.
- While the new language changes are a continuation of the Agencies’ existing preservation policies, they will highlight parties’ obligations with respect to ephemeral messaging data specifically, potentially making it easier for the Agencies to seek sanctions and other recourse against companies who fail to preserve such data.
- Indeed, the Agencies’ announcement cites a prior case where civil spoliation sanctions resulted from a target’s failure to properly preserve ephemeral messaging data. Likewise, the FTC has also signaled its willingness to refer cases to the DOJ Antitrust Division’s Criminal Liaison Unit for criminal obstruction charges in certain cases.
WHAT THIS MEANS
- The Agencies have recognized in recent cases that relevant business communications that used to happen over email are now flowing through more informal channels like ephemeral messaging platforms and employee text messages. Ephemeral and text messages thus potentially represent a key source of information because the same types of communications may not be contained in email or other channels of communication.
- Companies traditionally have precise means of preserving, collecting and producing employee email data. However, managing data from other channels can present significant challenges. For example, certain ephemeral messaging apps and collaboration tools need to be manually programmed to preserve data from automatic deletion, if it is possible at all. Other platforms lack the ability to extract data in a format that isn’t cumbersome to collate and produce.
- Likewise, investigation compliance has become even more complicated because many employees now use text messages and messaging apps on personal devices to communicate for business purposes. Business and personal data are now intermingled and cannot be easily segregated. This can be especially problematic in industries where employees regularly travel and communicate mainly with mobile devices.
WHAT YOU SHOULD BE DOING
- Given the Agencies’ emphasis on the need to preserve ephemeral messaging data, and the potentially significant penalties for compliance failures, general counsel should work with their IT departments to formulate technology policies and strategies for responding to investigations.
- For instance, companies should consider implementing policies that prevent employees from using unapproved apps or personal accounts to communicate for business purposes.
- IT personnel should be trained to ensure that any platform used by a covered employee is set to retain all data as soon as a litigation or investigation hold is issued. Any autodelete features should be disabled immediately.
- In addition, companies that use platforms with legal hold functions should enable such features for messaging data. For certain platforms, enabling these features will allow companies to preserve channels or custodians’ chat data centrally.
- To that end, companies should, where possible, only approve platforms that give IT personnel admin-level control over data retention settings. Conversely, companies should avoid applications and platforms that allow employees to control their own data-retention settings.