In today’s litigation landscape, digital evidence resides on a wide array of platforms across multiple custodians. With many companies substantially expanding their bring your own device (BYOD) policies, whereby an employee owns the device upon which company data is accessed or stored, it is more crucial than ever for businesses to have a clear understanding of who – the employer, the employee or some other third party – maintains legal possession, custody or control over their sensitive business information when it resides on a device that is also intended for the employee’s own personal use. These policies can have serious implications for the ability to secure evidence that may be crucial to the prosecution or defence of a case.

Under the Federal Rules of Civil Procedure, parties to a litigation and non-parties who are subject to deposition or written subpoena are required to produce electronically stored information (ESI) within that entity’s “possession, custody or control,” yet the Rules do not define any of those three terms and courts are then left to consider their meaning in particular circumstances, often with divergent results. The interpretations vary so widely that some federal courts will preface their rulings in this area with warnings that “the federal courts are divided on when and how a party seeking discovery can access ESI stored on an employee’s personal device”.

Putting BYOD policies to the test

Last August, in the face of this broad range of interpretive standards articulated by courts across the country, the Sedona Conference, a leading e-discovery think tank, joined in the debate with a substantial report on “possession, custody or control”, identifying three main trends in these opinions which can help guide the analysis for companies with BYOD.

Apr-Jun 2017 issue

Nixon Peabody LLP