In an interesting decision regarding the spoliation of evidence via a mobile device, Magistrate Judge Terry F. Moorer determined that the newly amended Federal Rule 37(e) – enacted on December 1, 2015 – did not apply to the spoliation case, as the case was filed prior to the rule’s enactment. (Morrison v. Charles J. Veale, M.D., P.C., 2017 BL 21478, M.D. Ala., No. 3:14-cv-1020-TFM, 1/25/17).
Karla Morrison, a former employee of the medical practice Charles J. Veale, M.D., P.C. sued her employer in October of 2014 alleging that the practice violated the Fair Labor Standards Act. Following the close of discovery in August of 2016, the defendant filed a motion for sanctions for spoliation of evidence alleging that Morrison logged into her office email account after her termination and deleted emails from the account. The defendant bolstered this argument by alleging that Morrison added 2-step verification to her log-in process in April 2015 – almost 6 months after her termination. Morrison admitted to accessing her office email days after her termination to “close out” items, but denied any further use of the account.
For those unfamiliar, 2-step verification is an additional security measure that confirms a user’s identity through two components, usually a password followed by a code sent to a personal device, for example. When in place, it adds an additional level of security to an account, thus making it less susceptible to hacking.
During the court’s spoliation analysis, it considered both state and federal law, and pointed to recently amended Rule 37(e) governing the application of sanctions when a party fails to preserve electronically stored information. The court interestingly did not apply Rule 37(e) to the case at hand, stating that the rule was not binding because the case was filed prior to the rule’s enactment on December 1, 2015. The court instead applied the “old” bad faith analysis – determining whether spoliation occurred, analyzing whether the spoliation occurred in bad faith, and subsequently determining appropriate sanctions.
The court analyzed the email account records and found that the account in question was accessed on April 22, 2015 and that 2-step verification was activated on the following day. Due to the nature of the 2-step verification process, the court determined that activation of 2-step verification by anyone but Morrison would have been “almost impossible” as activation and completion of the verification process required Morrison’s mobile phone in hand. The court noted that the possibility of defendant activating this process, as Morrison suggested, “defie[d] reality.” The court concluded that plaintiff did indeed set up this authentication in April 2015, and thus had access to her account at that time. Accordingly, the court concluded that it was unable to trust Morrison’s testimony due to her “misdirection and deception” regarding the email account and found that she deleted the emails in question in bad faith. The court applied sanctions in the form of an evidentiary instruction.
This case can be contrasted with Fulton v. Livingston Financial (linked here / summarized here) – where the court imposed sanctions on defendant’s attorney for citing to the pre-December 2015 amended Federal Rules (even though the case was filed in April of 2015).