The Wall Street Journal continues the saga. "In November 2004, at least six months after the backup tapes were found, Morgan Stanley's outside lawyer on the case, [Kirkland & Ellis LLP's] Thomas Clare, told the Perelman team that the tapes included 'some responsive e-mails'," the May WSJ story reports. "Morgan Stanley says most of the Brooklyn e-mails were put into the system between May and August. According to one of Judge Maass's orders, Morgan Stanley began to search the e-mails in November. The Perelman team demanded to know when the search would be complete so it could look for evidence helpful to its case.

"When Clare replied that his client could not 'accurately estimate', Judge Maass called the response 'his usual stonewall tactic'.

"For a few days in February it looked as if the firm had solved the problem," the Wall Street Journal continues. "Robert Saunders, another Morgan Stanley tech executive, said in a Florida deposition that he was confident a complete search for backup tapes had been conducted, according to court documents.

"Back in New York a day or so later, he had second thoughts and personally searched Morgan Stanley's storage areas. In one office in midtown Manhattan he spotted 129 more tapes.

"'They were not hard to find. They were just sitting on that metal shelf,' Saunders said in court. The same day he found yet more tapes, some located at Morgan Stanley's headquarters. He told the court he was 'very confident' all tapes in that building had been found.

"However, Saunders's boss, Richard Anfang, was not so sure, telling the court he decided to do his own search, which turned up yet more tapes. At the same time Nachtigal discovered software problems that prevented Morgan Stanley's system from searching e-mail attachments and from searching 7000 e-mails sent using a particular software program. Judge Maass delayed the start of the trial several times in response to the problems," the Wall Street Journal reports.

As the search continued, Morgan Stanley turned over additional e-mail, leading to more twists and turns in the saga and further displeasure from the court.

Eventually Judge Maass concluded not only that Riel's certification was false, but that this was one of many instances in which Morgan Stanley "deliberately" violated her orders to turn over documents, including some embarrassing to one of the firm's bankers.

She had some extremely harsh words to say about one of Morgan Stanley's senior IT executives, noting in a footnote to her "Order on CPH's Renewed Motion for Entry of Default Judgement": "On February 10, 2004, Robert Saunders, an executive director of IT for MS & Co, was deposed. He testified that in January, 2003, MS & Co had put into effect the e-mail archive system. When specifically asked whether the new archival system would include prior backups or only going forward backups, he testified that: 'The way it was built was for going forward backup'. He was next asked whether: 'With respect to backup dated January 2001 and previously, does Morgan Stanley have any new capabilities to restore and research e-mail?' After counsel interposed a vagueness objection, he answered: 'There are now new capabilities to search that e-mail'. That testimony was so misleading as to be false. As Saunders well knew, since he was on the team responsible, the 'live' e-mail capture of the archive was already operational. The migration of the historical data to the archive was expected to be completed by April 2004, just two months after his deposition."

The outcome of what she called Morgan Stanley's "bad faith" actions was what legal experts are calling an extraordinary legal decision: Judge Maass told the jury it should simply assume the firm helped defraud Perelman.

Peril-in-Waiting

So Morgan Stanley got into extreme hot water at least partly because of its mishandling of e-mail and other documents in the legal battle. Companies embroiled in lawsuits these days routinely find themselves trawling their electronic archives and the very success of legal battles can sometimes depend on how effectively the litigants do so, Rosenberg says. In Morgan Stanley's case, that was not very effectively at all. The company kept uncovering new backup tapes, could not perform full searches because of technology glitches and gave material to the other side that was sometimes incomplete or late.

Many companies, Rosenberg suspects, would find themselves, in similar circumstances, facing similar dilemmas.

Even more alarming from the point of view of IT professionals is that this is far from the first time Morgan Stanley has found itself in difficulties over the way it stores and turns over documents. The Wall Street Journal reports that in November 2002 Morgan Stanley was one of five firms that paid US regulators a total $US8.3 million for violating rules about retaining e-mail. On July 13, 2004, it managed to fend off a sex-discrimination trial by agreeing to pay $US54 million to settle claims in a case that featured a dispute about e-mail.

Morgan Stanley has also told the US Equal Employment Opportunity Commission that searching for e-mails in a sex-discrimination case would be too burdensome and expensive, prompting commission staffers to tell a US federal judge that the firm had a new, "easily searchable" database. A Morgan Stanley spokesperson claimed the system was not fully operational at the time because just a fraction of older e-mails had been moved over.

Further, the New York Stock Exchange is investigating Morgan Stanley's contention in arbitration cases that reams of documents were lost in the September 11 terrorist attacks. It seems Morgan Stanley told one Kansas City investor her files were destroyed even though there were no trades in her account until October. The firm blamed a "simple and honest mistake", apologized and agreed to settle.

So you would think the company might have learned some valuable lessons before it was chastised this March by Judge Maass for "bad faith" in its discovery obligations. And if it has been acting in good faith, the logical assumption is that plenty of other companies could easily find themselves in similar pickles.

SIDEBAR: Valuable Lessons

by Elizabeth Charnock

In fact above all else, Morgan Stanley's attempts to collect and produce responsive e-mails to Ronald Perelman and the eventual $US1.58 billion judgement against the company show that keeping e-mails is now a must as US courts - with other jurisdictions hot on their heels - impose increasingly harsh punishments on corporations that fail to comply with orders to produce e-mail documents. There was a time when judges were prepared to consider arguments that incompetence or computer problems might be to blame if companies were unable to produce e-mails on demand. In the Morgan Stanley case, Judge Maass showed that such patience - at least in the US - is now at an end and that these days courts can and will instead consider non-compliance as proof that the company has something to hide.

"The judge made this ruling that foreclosed Morgan Stanley from being able to contest its liability in the jury and left to Morgan Stanley only to defend on the damages, and on the question of whether the other side had been misled by what it supposedly had done," Rosenberg says. "The result was a jury verdict of $US1.4 billion dollars against Morgan Stanley. They will appeal, and the most important issue will be the judge's ruling on the question of whether her decision that Morgan Stanley had failed to be truthful in its production of electronic documents justified a determination that foreclosed Morgan Stanley from being able to contest certain facts."

However, Rosenberg says that whatever the outcome of the inevitable appeal, the case makes clear the days when companies could plead incompetence with regard to e-mail retention are gone. And he says the case and other recent judicial decisions also highlight the dangers of retaining e-mails without training employees on the legal implications of the e-mails they send, and of introducing document retention systems that retain too much.

For instance New York Attorney-General Eliot Spitzer, investigating the research divisions of Wall Street firms five years ago, fined Morgan Stanley almost $US10 million for not having a proper e-mail retention policy in place. But Merrill Lynch, which had good backup systems and could produce relevant e-mails, was forced to pay 10 times as much, or more than $US100 million, because some e-mails contained compromising material. "I guess I would put it as, 'no good deed went unpunished'," Rosenberg says.

Content is therefore key, since saved documents will be examined very closely. And that means CIOs need to think very carefully about which new technologies "make sense" and which should be avoided because of hidden costs. Take the complications that can arise if voicemail delivered via e-mail becomes part of a discovery process.

"If that system of voicemail delivery is adopted, when e-mails are sought by a litigation adversary, a careful litigator will require transcription of each requested voicemail before it is turned over, driving legal costs and potential liability even higher. I would strongly advise that no company put that kind of system in before making sure that the legal side is aware of it and wants it," Rosenberg says.

This especially applies to companies in industries that are subject to statutory or regulatory provisions about how long e-mails must be saved (for most of the financial industry that means three years, and includes the mandatory saving of attachments). A company implementing a system that delivers voicemail as an attachment to an e-mail is therefore creating a huge rod for its own back, by creating a three-year record of voice-mails that must be stored. And since voicemail is electronic, there is no way to know what it contains without transcribing it. The cost of transcription is prohibitive when compared to the cost of electronic search, Rosenberg points out.

The same caution applies to any system that delivers too much metadata. Any system that allows you to go back to earlier drafts and see the changes made to the document over time - in fact anything that allows you to create a keystroke history - has the potential to create serious legal difficulties.

"You know, there's this tension between the technology and the law in this sense: technology was born on making sure that you never have a failure, that you always have a system up, and that if the current version isn't there that you can recover a version," Rosenberg says. "And that resulted ultimately in this system of basically the entire history of the creation of a document being recoverable. There have been times when there have been issues as to whether individuals saw and revised certain documents, and where - let's say - drafts would be produced and recovered to show that they had actually done some keystroking."

The case highlights other issues too. For instance, when lawsuits or investigations are in prospect, the CIO and the lawyers immediately should begin considering the issue of retention, since the organization then faces a burden of preserving things that otherwise it normally would not have preserved. There is a growing tendency for the legal team to designate somebody to be responsible for making sure that the retention efforts are not only thorough, but are treated with appropriate urgency. (Witness Nachtigal's failure to appreciate the urgency of retention efforts, and her decision to put the chore near the bottom of a long list because she did not know there was a lawsuit going on.)

It is also important for there to be regular internal audits of the retention. "Sometimes technology doesn't actually retain things the way the written plan says it does," Rosenberg says.

For example, during the 1996 NASDAQ Market-Makers Antitrust Litigation - eventually settled for $US1 billion - tape recordings of market traders were subpoenaed. Most brokerage firms had a policy of keeping such recordings for somewhere between 30 and 50 days. Unfortunately for Payne Webber, which also had such a policy, it found out during the course of discovery that it had actually saved the tapes for two years because those in charge of the tapes had been using a new tape every day instead of recycling the old ones. That turned out to be not only embarrassing, but massively expensive, since the company was then required to transcribe all of those recordings.

"I think it is very important that the CIOs make sure that the retention policies are being followed and that additional material isn't being saved," Rosenberg says. "I would say that part of the CIOs' budget must be for the auditing of the retention policy, if only because retention involves the acts of real people doing real things, like this person who was supposed to recycle tapes."