In a Feb. 6, 2012 decision, the Court of Appeals for the Federal Circuit denied Google’s petition for a writ of mandamus, rejecting Google’s efforts to overturn repeated rulings by Magistrate Judge Donna M. Ryu and Judge William H. Alsup (N.D. Cal.) that an internal Google email was not privileged.  In a terse opinion, the Federal Circuit agreed with the lower court that Google had failed to make a “clear showing” that an email sent by Google engineer Tim Lindholm to Google’s Android chief Andy Rubin and a Google in-house attorney was protected by the attorney-client privilege or the work product doctrine.  In re Google, Misc. Docket No. 106 (Fed. Cir. Feb. 6, 2012).

The Lindholm Email

The Aug. 6, 2010 Lindholm email has become a centerpiece in the Oracle v. Google Java/Android litigation as the parties appear headed for a trial as early as April 2012.  In his email, Mr. Lindholm discussed technical alternatives to Java, observing:

What we’ve actually been asked to do (by Larry and Sergei) is to investigate what technical alternatives exist to Java for Android and Chrome. We’ve been over a bunch of these, and think they all suck. We conclude that we need to negotiate a license for Java under the terms we need.[1]

Although Google listed two copies of the final version of the email and one draft on its privilege log (see Figure 1 below), it produced eight “auto-save” drafts to Oracle.  Oracle attorneys read portions of a draft into the record – without objection from Google counsel – during a telephonic hearing before Magistrate Judge Ryu on July 21, 2011 and during a hearing later that day before Judge Alsup.  Judge Alsup reportedly made several comments during his hearing regarding the import of the email and its potential impact on Oracle’s claim of willful infringement, directing his observations to both Oracle’s counsel (“That’s a pretty good document for you. That ought to be big for you at trial.”) and Google’s counsel (“You’re going to be on the losing end of this document with Andy Rubin on the stand.”).

Figure 1: Excerpt from Google’s privilege log.  Source: Declaration of Fred Norton in Support of Oracle America, Inc.’s Motion to Compel Production of Documents (Aug. 15, 2011), ¶ 16 (email addresses redacted).

Google subsequently clawed back the eight drafts as inadvertently produced privileged material, maintaining that Mr. Lindholm created and sent his email at the request of Google’s general counsel and Google in-house counsel Ben Lee in order to investigate Oracle’s infringement allegations.  Oracle disagreed, arguing that the email demonstrated on its face that it was Google management who had asked Mr. Lindholm to examine technical alternatives to using Java, with the goal of strengthening Google’s bargaining position in negotiating a Java license with Oracle, and that the email was not directed to assisting Mr. Lee in investigating Oracle’s infringement claims.

The ensuing motion practice resulted in a series of five orders in which Magistrate Judge Ryu and Judge Alsup repeatedly rejected Google’s efforts to treat the draft and final versions of the Lindholm email as privileged and confidential.[2]  Undeterred, Google then turned to the Federal Circuit for relief.[3]

The Federal Circuit’s Decision

Writing for the three-judge panel, Circuit Judge Kimberly A. Moore focused on the content of the email in explaining the basis for the court’s “agree[ment] with Oracle that the email casts sufficient doubt as to Google’s privilege claim.”

• Mr. Lindholm wrote that he was responding to a request from management (“What we’ve actually been asked to do (by Larry and Sergei)”), did not mention any requests from Google’s attorneys, and explained the email’s purpose (“we’ve … been asked … to investigate what technical alternatives exist to Java for Android and Chrome.”).
• Mr. Lindholm directed the email to Andy Rubin (“Hi Andy”), head of the smartphone group, and not to in-house counsel Ben Lee.
• The discussion is “directed at a negotiation strategy” rather than a legal strategy, reflects no infringement or invalidity analysis, and does not indicate that Mr. Lindholm prepared it in anticipation of litigation or in connection with the provision of legal advice.

Slip op. at 6-7.

The court rejected Google’s argument that the lower court improperly weakened the privilege established by Upjohn Co. v. United States, 449 U.S. 383 (1981), by requiring Google to make a “clear showing” that Mr. Lindholm’s purpose in sending the email was to obtain legal advice.  There was no evidence, Google asserted, that in-house counsel Lee had both legal and non-legal responsibilities at Google, and the “clear showing” standard does not apply where in-house counsel acts only as the company’s attorney.  “We see no merit to this contention,” Judge Moore wrote.

It is beyond dispute that parties seeking to establish the privilege are required to sufficiently establish the communication at issue relates to professional legal services (as opposed to business considerations), regardless of whether the attorney had distinct non-legal responsibilities for the company.

Id. at 7.  Judge Moore was equally blunt in dismissing Google’s argument that it was entitled to a rebuttable presumption that in-house counsel Lee was acting in his legal, rather than business, capacity:

This argument misses the point.  It is not that Lee was acting outside the role of an attorney but that Google failed to demonstrate the purpose of the communication was to further his investigation into the infringement suit.  In any event, we agree with the district court that even assuming a presumption applies, the evidence overcomes that presumption.

Id. at 7-8.

Google’s work-product and confidentiality arguments fared no better.  Judge Moore agreed with the lower court’s conclusion that “the same ‘evidentiary gaps and logical inconsistencies that pervade its attorney-client privilege argument fatally impugn Google’s claim for work-product protection.’”  And as for the “Google Confidential” and “Attorney Work Product” headings in the email, the court concluded that Mr. Lindholm’s “expectations regarding confidentiality . . . do not demonstrate entitlement to the privilege in light of the remainder of the email.”  Id. at 8.

A Few Observations on Privilege-Review Protocols

Litigants often go to great (and costly) lengths in an effort to guard against the unintended production of privileged materials.  Few privilege reviews are perfect, perfection is not required, and the case law is filled with examples of imperfect privilege reviews.  Some were egregious failures, others far closer calls.[4]  While some of these decisions make for entertaining reading, their greater potential value lies in the questions they raise, and the lessons they teach, about the elements of a defensible privilege-review protocol.  As I noted when I first wrote about the Lindholm email dispute back in August, one wonders whether the eight drafts Google produced could have been identified as potentially privileged by one of the many applications that group documents based on their “similarity” (e.g., message content or other attributes).  Aided by the clarity that hindsight brings, here are a few additional observations on factors to consider when designing a privilege-review protocol.

FRE 502.  Federal Rule of Evidence 502 governs the extent to which disclosure of privileged or work-product material in federal proceedings results in waiver of the privilege or protection.

• An FRE 502(d) order (often incorporated into a protective order) can provide an important brick in your wall of protection in the event of an unintended production of privileged material, particularly if it is well drafted and integrated into your overall privilege-review protocol.  Consider whether you want to try to add clarity by defining an “inadvertent” disclosure, “reasonable steps to prevent” a disclosure and “reasonable steps to rectify the error” under FRE 502(b), but be wary of including language that defeats your intended goals.  Seek your adversary’s agreement, create a record of your efforts, and ask the court to enter the order.[5]

It appears that there was no FRE 502(d) order in the Oracle v. Google litigation.  Although the parties filed a joint stipulated protective order (which the court approved) containing a clawback provision (¶ 13), the protective order did not refer to FRE 502 or to the “automated privilege screen” permitted under the parties’ Joint ESI Agreement (discussed below) and, as to waiver, the clawback provided only that “[i]nadvertent production is itself no waiver of privilege.”

ESI Stipulation.  An ESI stipulation can significantly reduce the potential for eDiscovery-related disputes by memorializing the parties’ agreement on a range of ESI-related topics, from preservation (e.g., excluding certain categories of ESI from the duty to preserve) to production format.

• Litigants may want to consider incorporating a defined privilege-review protocol into the ESI stipulation and incorporating the protocol by reference into the FRE 502(d) order (these can be components of a single order).  Here, too, seek your adversary’s agreement, create a record, and ask the court to enter as an order.  See, e.g., Hon. John M. Facciola & Jonathan M. Redgrave, Asserting and Challenging Privilege Claims in Modern Litigation: The Facciola-Redgrave Framework, 4 Fed. Cts. L. Rev. 19, 50 (2009).
• An ESI stipulation could also address the obligation to preserve and produce “draft” documents including “auto-saves”.  For example, the ESI stipulation in U.S. v. Louisiana Generating LLC, Civil Action No. 09-100-RET-CN (M.D. La.) excludes from preservation and discovery various categories of documents including temporary files and certain types of “draft” documents.  Amended Stipulation Regarding Preservation, Review and Production of Certain Electronically Stored Information and Privileged Materials, ¶¶ 1.a.viii, 2-3 (Mar. 5, 2010).[6]

Oracle and Google filed a Joint ESI Agreement on December 17, 2010.  Among other things, the ESI agreement addressed the use of search terms for all custodian documents (¶ 1), permitted the parties to “apply an automated privilege screen to custodian documents” (¶ 3) and defined a detailed procedure for the generation of a privilege log (¶¶ 3.a-3.c).  The agreement did not address or refer to inadvertent production or FRE 502, nor did it define a detailed protocol for the automated privilege screen.

Keyword search.  Though often criticized (with good reason) for its limitations, basic keyword searching (preferably with Boolean and proximity operators) can be a valuable investment of time and effort as a component of a privilege-review protocol.

• Consider starting with a search of the text of ESI and any associated metadata fields (e.g., email addressees) for the names of inside and outside counsel, including email addresses as well as outside counsel domains (e.g., “lawfirm.com”).  Include a search for terms/phrases potentially indicative of protected communications (e.g., “work product”, “work-product” and “privile*”) — modified as necessary to exclude hits on automatically-generated language in communications (e.g., disclaimers automatically inserted as email footers).  (ESI of custodians who are inside counsel will naturally deserve particularly careful attention.)
• Documents listed on a party’s privilege log can serve as a source for targeted keyword searches.
  • In this case, for example, a search for the rather memorable phrase “they all suck” – which appeared in the final version of the Lindholm email and in the produced draft discussed at the two July 21, 2011 hearings – presumably would have identified at least that document as a draft,[7] and likely would have located the other seven drafts (all eight of which bore consecutive production numbers).  (It bears noting that this example was chosen with the benefit of hindsight and in the absence of information about the total number of entries on Google’s privilege log.  Resource availability, size of the privilege log, considerations of proportionality and other factors may affect the reasonableness and feasibility of using privilege log entries for further keyword vetting.)
  • The Lindholm email documents provide another example of the potential value of keyword search, and an approach that could be implemented without the need to manually select terms or phrases from the text of logged documents.  The final version of the Lindholm email and all drafts have the same subject line: “Context for discussion: what we’re really trying to do.”[8]  A manual search for this language across the subject field of email in the target dataset (or at least in the author’s dataset) presumably would have located all eight drafts.  This search could be automated with a script applied to all subject fields of email on the privilege log, and a similar strategy could be used for other types of logged documents.  (Sorting by relevant fields can also be useful: a sort of Mr. Lindholm’s email by subject field, for example, would also presumably have found all eight produced drafts adjacent to the three logged items.)

According to the record, Google’s privilege-review protocol relied on a combination of manual review by contract attorneys and electronic screening mechanisms or “analytics”.  Reviewers were instructed to look for phrases like “privileged and confidential” or “attorney work product” in the email text as well as names of in-house and outside counsel; and one analytic (it’s not clear whether there were others) searched email text for the same phrases as the reviewers and searched for attorney names in the “to” or “from” field.  Draft emails without those phrases and with no names in the “to” or “from” fields “likely would not be tagged as ‘privileged’” by a contract attorney or identified by the analytic “and, if tagged by a contract attorney as responsive, would be produced.”  Unlike the final version of the email and the draft identified on the privilege log, none of the produced drafts contained the phrases “Attorney Work Product” or “Google Confidential,” and none contained any recipient in the “To:,” “Cc:” or “Bcc:” fields.[9]

Algorithmic search.  A privilege-review protocol may also include one or more of the information-retrieval alternatives to keyword search that use mathematical algorithms (some of which are proprietary and thus undisclosed, a.k.a. “black-box”) to find documents in a dataset that are “similar” to already-identified documents (e.g., based on the terms in the document body and their frequency, order and proximity to one another).  Examples include predictive coding (which itself has spawned a host of alternative names), categorization, conceptual search, clustering and near-duplicate applications; some operate without user input, while others involve an iterative feedback loop in which humans help the software to “learn” (an anthropomorphic misnomer, to be sure).  The use of such applications is of great current interest and, when used properly, they can add significant value (and cost-savings) to a privilege review and to the overall eDiscovery process.

Algorithmic search merits far more discussion than space permits here and I’ll return to the subject in future posts.  Meanwhile, readers may be interested in taking a look at the transcript of the Feb. 8, 2012 hearing before Magistrate Judge Andrew J. Peck in Da Silva Moore v. Publicis Groupe, 11 Civ. 1279 (ALC) (S.D.N.Y.) (made available by Sean Doherty of Law Technology News as part of his Feb. 14, 2012 article, Judge Peck Addresses Predictive Coding in Federal Court Order).  After detailed discussions of the parties’ proposed eDiscovery protocol, including such issues as seed set size, random sampling, confidence levels and number of iterative reviews, Judge Peck — who penned an article on computer-assisted coding last October (Search, Forward, Law Technology News (Oct. 1, 2011)) — tacitly approved a protocol that uses Recommind’s predictive coding application, Axcelerate.  Judge Peck asked the parties to finalize the protocol (“without prejudice to anyone’s rights to go to Judge Carter”) and submit it to him by Feb. 16 and noted that “[t]his may be for the benefit of the greater bar, but I may end up issuing an opinion on some of what we did today.”

Quality Control.  I can’t write about privilege-review protocols without mentioning quality control, a component of the process that, like algorithmic search (and search generally) deserves more than this brief overview.  But if I wanted to hit the highlights, I’d include . . .

• Employ good planning and project management skills and practices around a structured, well-documented workflow, including the technical components of the process (e.g., a document tagged as “privileged” cannot end up in the production dataset).
• Make sure the reviewing attorneys receive the proper substantive and technical training.  Keep them engaged and solicit their feedback.
• Use sampling (perhaps a combination of statistically random and judgmental) on both the documents identified as privileged and those that were not (e.g., production datasets before they’re produced) — check for coding errors, consistency and technical issues, and modify the review process accordingly.
• Keep a detailed record.  Hopefully you’ll never be called on to defend your review, but if you are, a detailed record can be invaluable — and will also be useful for post-review analysis and process improvement.
• Be prepared to, and do, respond promptly should you learn that any of your privileged material has been unintentionally produced.

See generally The Sedona Conference Commentary on Achieving Quality in the E-Discovery Process (May 2009 Public Comment Version).

*                    *                    *

As other observers have noted,[10] while it’s by no means unheard of for a party to challenge components of an adversary’s privilege log, there is often a reluctance to do so — the privilege log may be lengthy; a factual basis for a challenge may be difficult to come by; and a document’s association with a communication addressed to an in-house counsel might appear to bolster the claim of privilege.  Had Google identified and withheld the eight Lindholm email drafts as privileged, they might well have been described on Google’s privilege log with language no more revealing than the descriptions given for the three logged documents, remained unchallenged and — in the hypothetical absence of the rulings from Magistrate Judge Ryu, Judge Alsup and the Federal Circuit — might never have made their way into the public record.  Would this have been a good result?  A fair result?  What do you think?

---

Footnotes
[1] In his Oct. 20, 2011 order, Judge Alsup set out the full text of the body of the email as sent:

Attorney Work Product
Google Confidential

Hi Andy,

This is a short pre-read for the call at 12:30. In Dan’s earlier email we didn’t give you a lot of context, looking for the visceral reaction that we got.

What we’ve actually been asked to do (by Larry and Sergei) is to investigate what technical alternatives exist to Java for Android and Chrome. We’ve been over a bunch of these, and think they all suck. We conclude that we need to negotiate a license for Java under the terms we need.

That said, Alan Eustace said that the threat of moving off Java hit Safra Katz hard. We think there is value in the negotiation to put forward our most credible alternative, the goal being to get better terms and price for Java.

It looks to us that Obj-C provides the most credible alternative in this context, which should not be confused with us thinking we should make the change. What we’re looking for from you is the reasons why you hate this idea, whether you think it’s a nonstarter for negotiation purposes, and whether you think there’s anything we’ve missed in our understanding of the option.

– Tim and Dan

Order Denying Motion for Relief from Non-Dispositive Pretrial Order of Magistrate Judge (Oct. 20, 2011) at 3; see also In re Google, Misc. Docket No. 106, slip op. at 2-3. 

Judge Alsup also described other attributes of the final version, and the nine drafts, of the email:

The final version of the email was sent at 11:05 a.m. on August 6, 2010. In addition to the final version, nine different drafts were saved automatically by Mr. Lindholm’s computer while he wrote the email between 11:01 and 11:05 that morning. The nine drafts saved during this four-minute period were stored by the computer without specific direction from Mr. Lindholm.

The “To:,” “Cc:,” and “Bcc:” fields of all the drafts were blank. The “To:” field of the final version listed Andy Rubin, who was the Google Vice President in charge of Android, and Attorney Lee. The “Cc:” field listed Dan Grove, who was another Google engineer, and Mr. Lindholm himself. The “Bcc:” field was blank. The final version of the email and the last draft also included two headings within the body of the email which were not present in any of the earlier drafts. These headings labeled the email as “Attorney Work Product” and “Google Confidential.”

The “Subject:” field of the final version and all drafts of the email read, “Context for discussion: what we’re really trying to do.”  . . .

Oct. 20, 2011 order at 2 (footnote omitted).

[2] See Aug. 1, 2011 order (Judge Alsup); Aug. 4, 2011 order (Judge Alsup); Aug. 26, 2011 order (Magistrate Judge Ryu); Oct. 20, 2011 order (Judge Alsup); and Nov. 2, 2011 order (Judge Alsup). In addition, in a Jan. 4, 2012 order, Judge Alsup denied Google’s motion in limine, rejecting Google’s argument that the email should be excluded because its relevance was outweighed by the risk of unfair prejudice.

[3] On Nov. 8, 2011, the Federal Circuit issued an order acknowledging Google’s petition for a writ of mandamus and directing Oracle to respond by Nov. 28, 2011.  Alison Frankel, who has provided stellar coverage of the Lindholm email saga in her On The Case blog, has obtained and made available copies of Google’s Nov. 4, 2011 mandamus petition, Oracle’s Nov. 28, 2011 response, and a Jan. 5, 2012 letter to the Federal Circuit from Google’s counsel informing the court of the district court’s Jan. 4, 2012 denial of Google’s motion in limine to exclude the Lindholm email.

[4] See, e.g., Williams v. District of Columbia, No. 06-02076 (CKK), 2011 WL 3659308 (D.D.C. Aug. 17, 2011); Thorncreek Apartments III, LLC v. Vill. of Park Forest, 2011 WL 3489828 (N.D. Ill. Aug. 9, 2011); Mt. Hawley Ins. Co. v. Felman Prod., Inc., 2010 WL 1990555 (S.D. W. Va. May 18, 2010); Victor Stanley, Inc. v. Creative Pipe, Inc., 250 F.R.D. 251 (D. Md. 2008).

[5] For examples of protective orders incorporating FRE 502(d) provisions, see, e.g., Newcal Indus., Inc. v. Ikon Office Solutions, Inc., Civil No. 04-2776 JSW (N.D. Cal.), Stipulated Protective Order for Related Cases, ¶ 11 (Aug. 26, 2011); Bakhit v. Polar Air Cargo Worldwide, Case No. CV-10-01927-BZ (N.D. Cal.), Stipulation for Protective Order and Order Thereon, ¶ 11 (Mar. 14, 2011); Townsley v. Hydro Int’l LLC, Case No. CV10-2212 AHM (RZx) (C.D. Cal.), Stipulated Protective Order, ¶ 20 (Aug. 13, 2010).  See generally Paul W. Grimm, Lisa Yurwit Bergstrom & Matthew P. Kraeuter, Federal Rule of Evidence 502: Has It Lived Up to Its Potential?, XVII RICH. J.L. & TECH. 8 (2011).

Earlier this month, Magistrate Judge Andrew J. Peck made some interesting comments about FRE 502(d) orders toward the end of a hearing involving eDiscovery disputes and the parties’ proposed use of predictive coding in Da Silva Moore v. Publicis Groupe, 11 Civ. 1279 (ALC) (S.D.N.Y.).  In the course of discussing the protocol proposed for implementation of the predictive coding application (Recommind’s Axcelerate), Judge Peck informed counsel that

[y]ou can do one [an FRE 502(d) order] that says if you do the following 52 steps, then we should be covered under 502(d).  That’s great, but when step 49 got screwed up somewhere, you’ve lost your protection.  It seems to me that 502(d) can say that unless you intended to waive the privilege, whether you were sloppy or careful, you retain the privilege and you get the clawback.  I’m happy to sign an order that says exactly that.  If you all want to do it a different way –

What I dislike and what I usually refuse to sign are orders that purport to be 502(d) orders that really do nothing better than repeat the language of 502(b), as in “boy,” which is already a federal rule in place.

. . .

. . .  I’m happy to give you the plain vanilla protected against anything except an intentional waiver 502(d) order.  That is almost all it has to say.  Write it up as a separate . . . document and submit it to me, preferably by consent.  I can’t imagine why there would be any objection.

Transcript of Feb. 8, 2012 hearing at 90:1-24 (made available by Sean Doherty of Law Technology News as part of his Feb. 14, 2012 article, Judge Peck Addresses Predictive Coding in Federal Court Order).

[6] Of course, the benefits of such an exclusion are available only to the extent a party can determine what documents are covered by the exclusion.  In this case, for example, the Lindholm email draft withheld as privileged appears on the privilege log immediately before a copy of the final version, suggesting they were recognized as related during the review process, and the eight produced drafts bore consecutive production numbers (GOOGLE-12-00039558 through GOOGLE-12-00039565), suggesting they were recognized as related to one another.  See Magistrate Judge Ryu’s Aug. 26, 2011 order at 1 n.1.  Nonetheless, while we know that the “auto-saves” were saved in Mr. Lindholm’s “Drafts” folder and collected (along with sent emails) through use of a script, Declaration of Kristin Zmrhal Concerning the August 6, 2010 Email and Drafts Thereof (Aug. 12, 2011), ¶¶ 3, 5, the record doesn’t reflect whether the eight produced “auto-saves” were stored or otherwise identified in a manner (e.g., through a common document ID) that would have enabled Google to recognize them as drafts of the final version or whether additional steps (e.g., some form of search) would have been necessary.

[7] Although it appears that copies of the eight produced drafts have not been made public, we can glean some information from the docket.  According to Oracle’s counsel, the draft email discussed at the July 21, 2011 hearings bore production number GOOGLE-12-00039565, Declaration of Fred Norton in Support of Oracle America, Inc.’s Motion to Compel Production of Documents (Aug. 15, 2011), ¶ 5; and the transcripts reflect that the language from the draft email read into the record at both hearings included “they all suck”.  See Transcript of July 21, 2011 telephonic hearing before Magistrate Judge Ryu at 33:6-9; Transcript of July 21, 2011 hearing before Judge Alsup at 23-24, 40.

[8] See footnote 1 (quoting from Order Denying Motion for Relief from Non-Dispositive Pretrial Order of Magistrate Judge (Oct. 20, 2011) at 2).

[9] Declaration of Kristin Zmrhal Concerning the August 6, 2010 Email and Drafts Thereof (Aug. 12, 2011), ¶¶ 10-13; Order Denying Motion for Relief from Non-Dispositive Pretrial Order of Magistrate Judge (Oct. 20, 2011) at 2.

[10] Since my Aug. 9, 2011 post, the Lindholm email dispute has been addressed in a number of other articles and blog posts, including three that touch on the privilege-review protocol: James Niccolai’s Oct. 28 article, How Google Was Tripped up by a Bad Search; Venkat Rangan’s Dec. 1 post, When Is A Draft Note Discoverable?; and a Dec. 12 post by Jim Eidelman and Bob Ambrogi, In E-Discovery, Even Google Needs Help with Search: Oracle Case is Lesson in the Complexity of Privilege Search.  All are well worth reading.  Groklaw also deserves kudos for its extensive coverage of the Oracle-Google litigation and its publication of many of the documents from the court’s docket; Florian Mueller of FOSS Patents has covered the Lindholm email developments (and many other aspects of the litigation) thoroughly and thoughtfully; and, as I mentioned above, Alison Frankel’s On The Case blog is an invaluable resource.