Don't gamble with your company's investigation process.

Learn about i-Sight software today

E-Discovery and Cyber-Shredding at News of the World

Whether or not the data is recoverable, NewsCorp’s lawyers will be hard-pressed to explain why it was deleted in the first place

Posted by Dawn Lomer on July 21st, 2011

The deletion of 500 GB of incriminating email archive data dating back to 2005 means the prosecution in the News of the World phone hacking case may be missing valuable e-discovery material.

One reporter has even gone so far as to suggest that Rupert Murdoch’s reason for shutting down the paper was to allow him to get rid of the electronic evidence.

Reuters law reporter Alison Frankel writes that Murdoch “may not be obliged to retain documents that could be relevant to civil and criminal claims against the newspaper–even in cases that are already underway. That could mean that dozens of sports, media, and political celebrities who claim News of the World hacked into their telephone accounts won’t be able to find out exactly what the tabloid knew and how it got the information.”

Obstruction of Justice

The e-discovery implications of the e-mail deletions are significant in light of the ongoing police investigation into the hacking allegations. If the executive can be identified, it’s likely that criminal charges will be filed for obstruction of justice.

“A company is supposed to suspend its routine destruction of electronically stored information if litigation is reasonably anticipated,” says Rebecca Shwayri, a former attorney and e-discovery expert at Carlton Fields. “At the time the UK company shut down in the phone tapping case, litigation could definitely be anticipated. Government investigations were already being threatened once the news story broke. Arguably, a litigation hold should have been applied (at the very latest) at that time,” she says.

FREE Investigation Report Template

Prepare thorough, consistent investigation reports with our free report template.

Download Template

Evidence Spoliation

E-discovery rules in the US and the UK (where it’s referred to as “disclosure”) are different, with the US requirement being more stringent and more likely to rule on evidence spoliation.

“For US companies and even their corporate officers, if emails were wrongfully deleted after a preservation obligation arose, a variety of sanctions may be imposed, including monetary, adverse jury instructions and adverse presumptions from the destruction of emails, default judgments, and even obstruction of justice related charges, which focus on whether one intended to interfere with governmental proceedings and withheld, misrepresented, removed from any place, concealed, covered up, destroyed, mutilated, altered or falsified any documentary material relevant to that investigation,” says Jason Shinn, an e-discovery attorney based in Michigan.

But while the US rules are more stringent, e-discovery rules have been enforced in the UK in the past with punishment meted out for evidence spoliation. And any US litigation related to the case will likely require evidence housed in the UK.

“Even if the e-discovery was located in the UK, a lawyer should make the argument that a litigation hold applies to e-discovery held overseas (especially if litigation is based in the United States),” says Shwayri.

A Question of Recovery

Whether or not the data is truly gone is another matter, and with today’s powerful computer forensics technology, it’s possible that the evidence is going to turn up.

“The recoverability of the e-mails will depend more upon when the e-mails were deleted than when they were created,” says computer forensic consultant Richard Morochove of Morochove and Associates in Toronto. “I believe in this case an e-mail archive stored at a third party was reportedly deleted in January. This deleted e-mail may be recoverable at this time, depending upon the archiving system. Also, larger companies typically have many generations of data backups, one or more of which may contain the e-mails in question.”

Even if the data is recoverable, NewsCorp’s lawyers are going to be very busy explaining why it was deleted in the first place.

Dawn Lomer
Dawn Lomer

Manager of Communications

Dawn Lomer is the Manager of Communications at i-Sight Software and a Certified Fraud Examiner (CFE). She writes about topics related to workplace investigations, ethics and compliance, data security and e-discovery, and hosts i-Sight webinars.

Book A Demo

To our customers: We’ll never sell, distribute or reveal your email address to anyone. Privacy Policy

Want to conduct better investigations?

Sign up for i-Sight’s newsletter and get new articles, templates, CE eligible webinars and more delivered to your inbox every week.