Legal and Technical Strategies to Protect Non-Party Corporate Affiliates From Additional Discovery Exposure

Introduction

Parties in U.S. litigation are generally obligated to produce relevant, non-privileged documents and materials that are within their “care, custody or control.” See Federal Rule of Civil Procedure 34(a).

Broad interpretations of that phrase, and particularly the word “control,” can create significant exposure for non-party corporate affiliates when parent, subsidiary or sister corporations face discovery demands in litigation. See In re NTL, Inc. Sec. Litig.,
244 F.R.D. 179, 195 (S.D.N.Y. 2007) (defining control as “the right, authority or practical ability to obtain documents from a non-party to the action”); United
States ITC v. ASAT, Inc., 411 F.3d. 245, 278 (D.C. Cir. 2005) (defining control as “the legal right, authority or ability to obtain documents upon demand”).

In this electronic age, discovery can be extremely burdensome and expensive, and it can create significant competitive disadvantages for companies to be expected to bear the costs of responding to additional discovery obligations even in cases where they are non-parties.

Governing Rules

Although the discovery of documents and electronically stored information in federal cases is governed by Fed. R. Civ. P. 34, non-party document discovery is authorized by Fed. R. Civ. P. 45.

Rule 45 requires the issuance of a subpoena for the production of documents from non-parties and certain jurisdictional, as well as territorial, limitations must be considered.

Additionally, non-parties that are forced to respond to subpoenas often are able to obtain scope limitations or cost recovery (whether by agreement or protective orders) that litigation parties cannot. See Fed. R. Civ. P. 45 (c)(2)(B)(ii) (when a court orders compliance with a subpoena over an objection, “the order must protect a person who is neither a party nor a party’s officer from significant expense resulting from compliance.”); Legal Voice v. Stormans Inc., No. 12-35224 (9th Cir. 2013); Linder v. Calereo-Protocarrero, 251 F.3d 178 (D.C.Cir. 2001). ¹In Legal Voice, the Court held that the Rule renders cost shifting mandatory in all instances in which a non-party incurs significant expense from compliance with a subpoena. Furthermore, the court held that only two considerations are relevant under the Rule: (1) Whether the subpoena imposes expenses on the non-party and (2) whether those expenses are “significant”. The Linder court held that if these two requirements are satisfied a court must protect the non-party by requiring the party seeking discovery to bear at least enough of the expense to render the remainder non-significant. The court in Legal Voice agreed, holding the Rule provides no exceptions. Legal Voice v. Stormans Inc., at *12 (language of Rule 45(d) requiring protection of non-party from substantial discovery expenses “leaves no room for doubt that the Rule is mandatory.”) The court also ruled that the lower court in fact erred in framing the issue of compliance by a non-party to a subpoena in terms of “undue burden” rather than “significant expense.” Rather than considering if compliance was unduly burdensome, the district court should have considered only whether the cost was significant. Moreover, the court noted that Fed. R. Civ. P. 45(d)(1) is another route by which a non-party can seek protection from compliance with a subpoena. Rule 45 (d)(1) permits the non-party to seek sanctions against the party seeking discovery. However, Rule 45(d)(1) applies to parties and non-parties alike, while Rule 45(d)(2)(B)(ii) applies to non-parties only.

Accordingly, it can be a substantial advantage for companies to face discovery obligations through third party subpoenas as opposed to imputed obligations through affiliated companies.

The seemingly distinct parameters of Rule 34 and 45 often become less well defined in circumstances where a related, but legally separate company is involved in litigation. The boundaries of discovery obligations are unclear in affiliate relationships, especially where legal and technical resources may be integrated or shared between the affiliated companies.

Often a parent company will make significant investments in shared resources for subsidiaries. The efficiencies of combining backup systems, telecommunications, hosted data services and information technology administration may result in decreased costs while facilitating best practices. Many parent companies therefore share enterprise systems with subsidiary organizations, including document management platforms and corporate servers. These information repositories are often primary targets of discovery in litigation.

In addition, related entities frequently implement integrated records archives and IT infrastructure to maximize the impact of budget dollars and improve information governance. Organizations that follow this practice must take into account the eDiscovery and other risks resulting from commingling parent and subsidiary information.

Litigation costs and outcomes can turn on the ability of parties to discover, and/or defensibly produce, electronically stored information relevant to a particular claim or dispute. Given the risks and high stakes, corporations should consider legal and technical strategies to reduce their exposure to non-party discovery obligations.

Discovery of Evidence in the
Control of Nonparties

The discovery rules governing the production of relevant materials in U.S. litigation are well settled. A party is unequivocally required to produce documents and materials that are within its “care, custody or control.” See Fed. R. Civ. P. 34(a). “Control” is typically defined to encompass the legal “right, authority or practical ability to obtain documents.” See
In re NTL, 244 F.R.D. at 195-196.

In the event potentially relevant evidence resides with a non-party related entity, courts have compelled production where there is an underlying agreement to share materials or standard procedures to assist in the fulfillment of legal obligations. See
In re NTL, 244 F.R.D. at 195-96 (control and custody established where two separate companies emerged after bankruptcy and emergent entity had both the legal right and practical ability to obtain information due to a document sharing and cooperation agreement).

Similarly, where related non-parties are custodians of documents and exert control over each other’s operations, courts have found an obligation to produce information, despite non-party status. See
Mt. Hawley Co. v. Feiman Production Inc. v. Industrial Risk Insurers, et. al., Case No. 3:09-cv-00481, at *19-23 (N.D. W.V. August 19, 2010)) (non-parties who exercised control over the plaintiff’s operations were intimately involved in corporate decisions and custodians of documents and ESI related to parties’ claims and defenses); Halliburton Energy Servs., Inc. v. M–I LLC, 2006 BL 113032 at *1 (S.D. Ohio Oct. 27, 2006) (control is established where a non-party has “the ability to obtain documents as the result of closeness, connection and practical interaction”).

In contrast, other courts have interpreted the obligations in Rule 34 more narrowly, refusing to compel the production of materials from a legally separate affiliate absent a legal right to obtain documents upon demand.

For example, in the recent case of Dugan v. Lloyds TSB Bank, PLC, No. 12-CV-02549 (N.D. Cal. Sept. 4, 2013), the court declined to order production of materials from the parent company where a legally separate subsidiary could refuse to turn over documents without breaching any contract. In Dugan v. Lloyds, the absence of an agreement to assist in compliance with legal obligations was found sufficient to insulate the non-party parent from production obligations in the subsidiary’s litigation, despite a complete overlap in the Board of Directors, some shared IT resources and a joint legal team assisting in the defense of the matter. Id.

Degrees of Separation.

A number of courts have decided the issue of non-party production obligations after examining the “closeness of the relationship between the parties.” See Stella v. LVMG Perfumes & Cosmetics USA, Inc., No. 07 C 6509, 2009 BL 59697, at *2 (N.D. Ill. Mar. 23, 2009) quoting Flavel v. Svedala Indus., No 92 C 1095, 1993 BL 326, 63 FEP Cases 1199 at *4 (E.D. Wis. Dec 13, 1993) (internal quotations omitted).

For the subsidiary to be deemed in “control” of the documents, it need only be able to obtain the documents in question, and need not “control” the affiliated legal entity that possesses the documents. See
Mendy v. Herrod,
2013 BL 195275 (Ariz. Ct. App. July 23, 2013) (citing Helge v. Druke, 136 Ariz. 434, 437-38, 666 P. 2d 534, 537-38 (App. 1983)); Wilson v. Sundstrand Corp., Nos. 99 C 6944 & 99 C 6946 (N.D. Ill. Aug. 18 2003).

Some courts, however, have warned against an overly expansive reading of the term “control,” noting that “the fact that a party could obtain a document if it tried hard enough … does not mean that the document is in its possession, custody or control … .” Chaveriat v. Williams Pipe Line Co., 11 F.3d. 1420, 1427 (7th Cir. 1993); In re: Subpoena to Huawei Technologies Co., Ltd., No. 10 C 1975 at *11 (June 2, 2010).

Legal Considerations to Avoid Compelled
Non-Party Production in Litigation

Based on the above, companies should consider, and discuss with their legal counsel, the following legal strategies to protect related non-parties from excess discovery exposure:

1. Review and Minimize Sharing/Cooperation Agreements. Review any and all corporate sharing or cooperation agreements and expressly limit language that requires either company to share information or assist the other with the fulfillment of legal obligations, so that any such duties run solely to the information of each individual entity, not to the information of its affiliates. Otherwise, these types of agreements and/or clauses can be interpreted to establish “custody or control” and expose companies to the production obligations of affiliated parties, despite their own non-party status.

2. Establish Controls to Segregate Information and Implement Policies Against Sharing. If affiliated companies routinely exchange documents in the ordinary course of business, this could potentially establish “custody or control” sufficient to compel one to produce information in matters where the other is a party.

The affiliates should consider proactively instituting written policies and procedures segregating and clearly prohibiting the sharing of documents on demand between the two entities.

Moreover, practical controls may be implemented to restrict access to affiliated company records, such as establishing distinct or segregated repositories of Electronically Stored Information for each affiliate, as well as other “operational” safeguards (see below).

3. Employee Training and Auditing of Compliance. Any IT personnel or other employees who have access to data across affiliates should be trained on the “no sharing” imperative, and auditing for compliance should be considered.

4. Discourage Litigation Assistance. In the event of litigation, the affiliated companies should avoid combining efforts or providing assistance that they would not provide to entirely independent companies.

Where discovery directed against one entity potentially implicates information of an affiliated company, consider having the affiliated company retain independent counsel.

5. Establish Separate Boards For Related Entities. The extent of overlapping or intermingling of directors can be one factor in a court’s determination of custody or control. This should be considered in regard to board composition of affiliated entities.

Technical Considerations to Avoid Compelled Non-Party Production in Litigation

In addition to the legal strategies enumerated above, the following technical safeguards should be considered to discourage any finding of “custody or control” in future litigation involving related, but legally separate, entities:

1. Maintain Separate and Distinct Network Drives. Affiliate network drives should follow naming conventions that clearly establish control and use by a specific entity (e.g., X: drive—Parent company name, drive, “Y: drive—Subsidiary company name”).

Security and other permissions should be assigned only to employees of the company designated to use the drive and, if operationally practical, employees of affiliates should not have any access to related company drives and information.

2. Differentiate Corporate Purchases and Leases of IT Resources. Keeping the purchase and/or lease of IT resources, including smartphones, laptops and other personal devices, separate and in the name of each affiliate will further segregate resources and establish firm technical boundaries between the companies.

3. Establish Separation of Information and Services with Third Parties. Each affiliated company may notify all third party vendors hosting data that the information of related companies should be separately maintained with appropriate security and permissions, including separate physical partitions on servers, to ensure these distinct repositories of information are accessed only by employees of the distinct organization.

4. Implement Distinct Repositories of ESI and Databases. Where possible, databases should not be shared, or separate repositories of information should be maintained within database platforms.

In addition, all repositories of information, such as e-mail archives, should be segregated by company, with access to each company’s data limited to authorized users from that company.

Conclusion

Broad interpretations of “custody or control” can require a non-party affiliate to produce materials in litigation without the protections and remedies typically afforded to non-parties. However, certain legal and technical strategies can be implemented to reduce the risk of compelled non-party production including:

• (1) avoiding contractual obligations to assist with litigation compliance;
• (2) adopting policies and procedures prohibiting the sharing of materials;
• (3) training employees in the separation of information and prohibited practices
• (4) retaining separate outside counsel to minimize assistance with affiliate litigation and decrease the risk of inadvertent disclosure and/or exchange of information;
• (5) avoiding or limiting the overlap or intermingling of directors;
• (6) implementing procedures to discourage open access to affiliate records in the ordinary course of business;
• (7) maintaining separate network drives with distinct naming conventions;
• (8) segregating all purchases and/or leases of IT resources in the names of each independent affiliate;
• (9) requiring separate information repositories with third party vendors for outsourced and externally hosted data; and
• (10) segregating databases and other storage repositories (particularly e-mail).

Proceeding with such measures can do much to limit non-party exposure to litigation obligations that may otherwise attach between related companies.