A Case Study
A young student has had enough. After months of relentless and cruel cyberbullying and internet harassment, the girl, in a moment of despondency and depression, ends her life. In the unthinkably sad aftermath, parents, teachers, and loved ones wonder what could have been done to prevent this senseless nightmare. Teachers and middle school administrators are accused, in a lawsuit filed by the dead girl’s parents, of missing obvious signs of trouble and failing to act on well-documented reports of cyberbullying on school property. Did the school district fail in its obligation to provide a safe and secure environment for this girl? Do certain school district employees or board members share in any liability for this tragic death? We have seen a few of these cases play out nationally over the last several years, and they provide an unwelcome, yet timely opportunity for reviewing a school district’s incident response plan.
Once a lawsuit involving a school related incident is filed, school district officials and their lawyers will engage in an often frenzied attempt to prepare for discovery. Naturally, digital evidence will play a prominent role. School officials have a legal requirement to consider the sources of Electronically Stored Information (ESI) and they must take reasonable steps to preserve it. Unfortunately, critical digital evidence is often overlooked and the consequences of failure to examine this important information can have devastating effects. You do not usually get a second chance to preserve important ESI that was overlooked during the initial moments of an event.
The Sources of ESI
School districts, of course, manage a wide-array of ESI. Some of that information, like medical records, for example, is highly regulated. Most school officials recognize the need to preserve electronic school records in a post-event situation, but some sources of ESI which can prove to be relevant to a case and are often not considered. For example:
- Text Messages. Many school employees use text messages as a frequent and natural method of instant communication. Relatively new applications such as Slack and others have become the communication tool of choice, even surpassing e-mail in volume. Text messages (even deleted ones) can be relevant to your investigation, can be recovered, and should be preserved.
- Social Media. We live in a world in which many of life’s events are discussed and shared in a spontaneous and real-time fashion (complete with photos and videos), particularly by young people. In the event of an incident, have you taken steps to locate and preserve this potentially critical source of ESI that may have been generated by students, parents, or school district employees? You should.
- E-mail. E-mail chatter about particular students or any event is important and, of course, discoverable. Make sure you preserve this ESI whenever an investigation or litigation is possible. Discontinue the district’s established IT processes which automatically delete e-mail communications after a particular period of time when you have reason to believe litigation is imminent.
- Databases and Server Stores. Student disciplinary, attendance, counseling, and medical records are frequently requested by lawyers after a school incident. Talk to your district’s IT department and confirm that this important data is being backed-up and can be easily preserved and produced.
School districts are aggregators of highly sensitive and often-regulated data, and most of this information is digitally stored. Will you be able to locate and preserve important ESI when the stakes are high and the clock is ticking? Do you have resources identified that can help you preserve and secure this ESI in a forensically sound fashion? Will your digital evidence be admissible if necessary? Make sure your district has a plan in place for collecting, preserving, and analyzing potentially relevant ESI in cases like these:
- Internal Investigations. Matters involving employment (employee harassment, sexual harassment, discrimination, bullying, etc.)
- Teacher Misconduct. Cases involving reported inappropriate behavior between teachers and students.
- Board or Official Misconduct. Cases related to potential breach of fiduciary responsibility, financial misconduct, or conflict of interest by board members or school officials.
- Data Breach. Outside hackers can seize critical school district data and demand a ransom. Are your systems backed up? Do you have an incident response plan for mitigating these risks?
- Internet / Social Media Threats. Social media content postings that suggest a threat to a school should be reported to law enforcement and the content of those threats must be captured, preserved, and investigated.
- Assaults. Real or threatened violence between students or school employees can expose school officials to risks related to whether or not these events were foreseeable or preventable. Digital evidence can help a school district defend accusations or mitigate claims. For example, did any electronic records exist which suggest a student was prone to violence? Are these records preserved? Were these records altered or modified in any way?
- Pornography. A school district IT professional notices what appears to be pornography on a teacher’s computer when installing a routine software upgrade. What do you do? Who do you call?
School board officials and their attorneys have a considerable responsibility to have a strategy for identifying, preserving, and collecting digital information involving incidents related to notices of litigation, internal investigations, and data breach events. Failure to preserve this data can have serious consequences which can include spoliation claims, legal exposure, and regulatory inquiries. Make sure your clients recognize this and have a thoughtful and defensible incident response plan in place.