banner ad
Experts Logo


How To Get The Discovery You Need From Your Opponent

By: David Nolte
Originally Published in Financial Complexity Made Clear, October 2007
Tel: (213) 787-4100
Email Mr. Nolte


View Profile on

An extraordinary amount of time is incurred in discovery asking for records that may not even exist, or asking for records that do exist, but the other side declines to produce records that were not requested using just the right terms. Once the records are identified, wasteful paper-based productions occur because the requesting party did not insist on an electronic production, usually because of concerns that an electronic production may not be usable or understood. All of this wasted effort can be avoided easily.

Today, practically all business records exist electronically. Many records exist only in an electronic form. All of these electronic records can be produced much more quickly, cheaply, and easily than ever occurred with paper. For all these reasons, your discovery requests should initially focus on digital records.

A corporate-representative deposition on electronic-discovery issues should be the very first discovery action you take. This quickly obtains an overview of your opponent's data systems. When done at the beginning of a case, senseless argument over what information exists and does not exist is avoided, because you then have the benefit of a party admission. Under FRCP 30(b)(6) and analogous "person most knowledgeable" state-court rules, you can send a notice that lists topics of inquiry, and this obligates your opponent to provide a witness(es) who has knowledge of the topics you list.

The subpoena should include a demand to produce records that identify the location, format, and character of your opponent's data. Specific requests include all records that describe or memorialize:

  1. Written data retention policies, and a description of the data retention policies actually in place
  2. All technical manuals, network architecture diagrams, booklets, guidelines, memoranda
  3. Policies and procedures for managing electronic information, including:
    1. a. Individuals with administrative level access to the network

      b. User permissions for accessing, modifying, and deleting data;

      c. Utilization of data deletion programs;

      d. Schedule for formatting hard drives or reinstalling software applications;

  4. Servers or computers serving as a central repository of any information for the organization - Information should include:
    1. a. Server name of each system

      b. Physical location of each system

      c. Operating systems and versions of each system

      d. Business purpose of each system (e.g., webserver, accounting system, fileserver, etc.)

      e. Critical applications running on each system, and the versions of each

      f. Critical databases or information stores found on each system

  5. Current and former users on the network
  6. Individuals responsible for access to information systems on the network (e.g., accounting systems, operations systems, human resources databases)
  7. List of each computer or device (i.e., PDA, removable media) with network access, including physical location
  8. Location and description of personally owned computers used by employees for business purposes
  9. Accessibility of computer systems from outside the office
  10. Disaster recovery system and processes, including without limitation:
    • a. Lists of backup media

      b. Locations of backup media

      c. Hardware and software used to backup and archive information

      d. What data is backed up

      e. Backup schedules

      f. Individuals responsible for the backup/recovery procedures

      g. Circumstances where backup data was used for non-disaster data retrieval (This is important when addressing contentions that backup data is "not reasonably accessible" and hence need not be produced)

      h. Under what circumstances are the storage schedules modified?

  11. System(s) used for the electronic mail system, including but not limited to:
    • a. Outside services used, if any

      b. Server and workstation software, including versions details

      c. Server and workstation storage

      d. Lists of users

      e. Location of email files

  12. Current litigation holds in place
  13. Timeline of data available from online systems - For how far back does online data exist for each system?
  14. Timeline of data available from archived systems - For how far back does backup and archived data exist?
  15. Software upgrades or changes to all critical applications, databases, accounting systems and operations systems, including without limitation:
    • a. If upgrades exist, are the old software versions still supported?

      b. Do any systems on the network still have access to the legacy system and data?

      c. List archived media that contains data accessible with the legacy systems

  16. Reports generated as part of the normal operation of the business, including the individuals to whom the reports are distributed
  17. Business policies regarding acceptable use of computers and other technology systems
  18. All documents which the deponent utilized or may need to refresh his recollection regarding any issues which relate to this lawsuit
  19. All documents which the deponent utilized, consulted, or may need, to refresh his recollection regarding the preparation for this deposition

In order to make the most of the depositions and the documents produced, most lawyers taking such a deposition would benefit from having the active assistance of their technical consultant during the deposition.

Responding to these Requests

When responding to these requests, most companies would be wise to err on the side of a person that has deep technical skills. If misinformation is provided, the e-discovery Rule 30(b)(6) deposition will sidetrack litigation for months by causing your opponent to request records while driving litigation and motion-practice costs unnecessarily high. This person should be thoroughly prepared before the deposition, just as would be done for any important percipient witness. Only a well-prepared witness will have the proper frame of reference to avoid innocent pitfalls that can cause such damage.

Companies that do a poor job of managing their electronic records are particularly vulnerable to discovery of information that never should have been retained in the first place. To avoid these problems see Electronic Storage Best Practices.

For additional information on electronic discovery, see Electronic Discovery Best Practices. This article addresses both preparing for your own production, and obtaining discovery from your opponent.

Fulcrum Inquiry provide electronic discovery and computer forensics and records reconstruction services in litigation.

David Nolte is a principal at Fulcrum Financial Inquiry LLP with over 30 years experience performing forensic accounting, auditing, business appraisals, and related financial consulting. He regularly serves as an expert witness.

©Copyright - All Rights Reserved


Related articles


7/15/2010· Computer Forensics

CSI Computer Forensics - Real Cases From Burgess Forensics

By: Steve G. Burgess

It was a grey October day, the kind of day when a guy likes to cozy up next to a bank of servers to keep warm, when the Teacher first called me. "They think I'm nuts" were the words emanating from the phone. Well, just because you're paranoid doesn't mean they're not out to get you. I sat up and went to my desk, away from the noisy fans cooling off all those Gigahertzes. "What's the problem, Miss?"The young woman explained that she was a not-yet-tenured teacher in a New England (greyer there than here) high school with a problem. Seems that a student in one of her classes was repeating things in the classroom that she had uttered only the night


11/12/2004· Computer Forensics

The Evolving Legal Landscape of Electronic Discovery

By: SETEC Investigations

It is estimated that over 90% of all documents are now created electronically, although most of them are never printed; therefore, legal professionals are being challenged by a drastic increase in electronic evidence


7/15/2010· Computer Forensics

The Future of Computer Forensics

By: Steve G. Burgess

A student asked me an interesting question today, regarding what I foresee in the field of computer forensics in the coming years: 5, 10, & 50. Having not thought about it before , my answers surprised me a bit.

; broker Movie Ad

Follow us

linkedin logo youtube logo rss feed logo