Bird v. Wells Fargo Bank

Filing 46

ORDER GRANTING Motion to Compel Production of Comparative Data Reports, document 30 . Order signed by Magistrate Judge Erica P. Grosjean on 6/15/2017. (Rooney, M)

Download PDF
1 o 2 3 4 5 6 7 8 UNITED STATES DISTRICT COURT 9 EASTERN DISTRICT OF CALIFORNIA 10 11 12 13 14 15 Case No. 1:16-cv-01130-DAD-EPG KIMBERLY SUE BIRD, Plaintiff, ORDER GRANTING MOTION TO COMPEL PRODUCTION OF COMPARITIVE DATA REPORTS vs. WELLS FARGO BANK, DEADLINE FOR DEFENDANT’S PRODUCTION AND REPORT TO COURT SIX WEEKS FROM DATE OF THIS ORDER Defendant. 16 (ECF No. 30) 17 18 19 20 A. Background The Court issued a discovery order on March 31, 2017 ordering defendant Wells Fargo 21 to “immediately design and implement a discovery plan to diligently and in good faith produce 22 documents consistent with this order and schedule its production on a rolling basis to conclude 23 no later than June 1, 2017.” (ECF No. 26, p. 12.) The order detailed how discovery in this case 24 had broken down, specifically set out the scope of discovery, and ordered Welles Fargo inter 25 alia to produce eleven sets of documents by June 1. (Id. 12-13.) 26 Plaintiff has filed a motion to compel and for sanctions contending that Wells Fargo 27 failed to comply with the Court’s March 31, 2017 order. (ECF No. 30.) The parties filed a joint 28 statement and declarations in support of/in opposition to the motion on May 27, 2017. (ECF 1 1 Nos. 35-27.) The Court heard oral argument on the motion on June 1, 2017. (ECF No. 38.) 2 The Court issued several discovery orders on the record during the hearing. (Id.) This order 3 addresses the remaining discovery dispute taken under advisement at the June 1 hearing: 4 information regarding the extent other Wells Fargo employees violated Wells Fargo’s security 5 6 7 8 policy. B. Remaining Discovery Dispute Discovery regarding other Wells Fargo employees who allegedly violated the Wells Fargo security policy was discussed extensively at the March 30, 2017 discovery conference. 9 Ms. Habib on behalf of Defendant Wells Fargo explained Wells' Fargo scope of discovery as 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 follows: Moving on to the -- really the final category regarding the compromised incident or data reports and the data in the Policy Works database. So there are two -- as we explained in the last joint statement, there are two types of documents that Mr. Cravens is seeking. One is I guess a – I think we call it a compromised data report. These are reports that are not consistently filled out by Wells Fargo individuals. Some employees fill them out on the compromised data team and, you know, if an item has been lost or there's a data breach. Other officers in the compromised data team do not use them at all. They're not retained in any centralized database. They're, you know, stored in a drawer, maybe not even retained at all because all of the information on these compromised data reports are in the Policy Works database which we have represented, and as we said in our joint report, the Policy Works database is a searchable database. So that will have all the information of the compromised data reports. There's no reason to, you know -- for us to produce those and frankly we can't even do so. I mean they're so scattered across the country there's no database for those reports. So getting to the Policy Works database, you know, like I said, that is searchable and as we have told plaintiff, we can search for reports that were very similar to Ms. Bird's. We can search by categories of these reports. So Ms. Bird's report fell into three categories; information taken without authorization is category one, non-electronic is category two, and burglary/robbery is category three. 26 27 (ECF No. 29, pp. 27:1-28:4, transcript of discovery conference held March 30, 2017.) In other 28 words, Ms. Habib represented to the Court that “all of the information on [Wells Fargo's] 2 1 compromised data reports are in the Policy Works database,” “the Policy Works database is a 2 searchable database. So that will have all the information of the compromised data reports,” 3 and “[Wells Fargo] can search by categories of these reports.” 4 5 6 7 8 Additionally, Wells Fargo offered to produce 52 records from the Policy Works database. (ECF No. 29, at p. 27:16-22) (“And so we have agreed to produce these reports on the Policy Works database from 2005 to the present and there are 52 reports including Ms. Bird’s and we will produce those in Excel format so we can -- the reports are quite long, so that’s the most easily maneuverable way to produce the reports and they have all the 9 information on the Policy Works database, and we will agree to produce that.”). 10 The dispute at the conference concerned the scope of categories and time period of such 11 12 13 14 data. Wells Fargo took the position that only relevant data was from 2005 to present falling within all three of the following categories: “information taken without authorization is category one, non-electronic is category two, and burglary/robbery is category three.” (ECF 15 No. 29, p. 28:2-4.) Mr. Cravens, in contrast, argued that these categories were unfairly narrow, 16 and also that Wells Fargo has not described the potential categories for a meaningful meet and 17 confer. 18 Following the hearing, the Court issued a discovery order defining the scope of 19 discovery and ordering Wells Fargo produce, among other categories of documents “All 20 Compromised Data Reports regarding employees who failed to comply with Wells Fargo's 21 Information Security Policy from May 6, 2012 until May 6, 2015, along with any explanation 22 of codes or data to understand such reports.” (ECF No. 26, p. 12.) The Court explained that 23 “Defendant may not limit the reports to those involving only non-electronic data and/or 24 burglary robbery. Note that Defendant has claimed that Plaintiff was terminated for failing to 25 comply with ‘Wells Fargo's Information Security Policy’ without such limitations. See 26 27 Defendant's Response to Special Interrogatory No. 2.” (ECF No. 26, p. 12 n. 3) The Court ordered production be completed by June 1, 2017. 28 3 1 As of the deadline, Wells Fargo failed to produce any data in response to this portion of 2 the Court’s order. It did not produce the 52 reports it already agreed to produce, any 3 information from the PolicyWorks database, or a single compromised data report. Instead, it 4 explained in its joint statement to the Court that it had interpreted the Court's order to include 5 6 7 8 only the physical Compromised Data Reports, and not that exact same data to the extent reflected in the Policyworks database, despite its representations that “all of the information on these compromised data reports are in the Policy Works database.” (ECF No. 36, p. 28 (“The Court's Order makes no mention of Policyworks database reports. . . . Thus, Defendant is not 9 required to produce this data.”). Moreover, Defendant explained that it had not produced any 10 11 12 13 14 Compromised Data Reports based upon its determination that it had not yet located any that were “responsive” because “a CDR may be generated for reasons that have nothing to do with an alleged violation of the ISP.” (Id. at 33.) In other words, Defendant interpreted the Court's order to refer only to documents in a physical format, even though the data not only was easily 15 available but had been represented in Court to be available, and then Defendant engaged in a 16 process that ultimately found no responsive data, at least as of the deadline of production. 17 At the Court's hearing on June 1, 2017, the Court explained at length why Wells Fargo's 18 interpretation of the Court's order was in bad faith. (e.g. ECF No. 42, pp. 26-30.) Discovery 19 applies to the underlying data and a party cannot avoid its discovery obligations by claiming 20 that someone, and especially the Court, failed to specify the format of the data. See Reinsdorf v. 21 Skechers U.S.A., Inc., 296 F.R.D. 604, 615 (C.D. Cal. 2013) (explaining that, while the federal 22 rules do not demand perfection, “parties must impose a reasonable construction on discovery 23 requests and conduct a reasonable search when responding to the requests” and that “the 24 discovery process relies upon the good faith and professional obligations of counsel to 25 reasonably and diligently search for and produce responsive documents.” (collecting cases)). 26 Moreover, Wells Fargo's wrong interpretation had resulted in no discoverable information, 27 28 4 1 rendering it facially not a reasonable search for responsive information.1 At that hearing, Wells 2 Fargo stated that it could not provide the categories of the Policyworks database that would be 3 responsive to the Court's order. The Court ordered that such categories be provided by June 7, 4 2017. 5 6 7 8 On June 7, 2017, Wells Fargo provided the categories of the Policyworks database, containing data inputted from Compromised Data Reports. Without permission,2 Wells Fargo also included a lengthy argument why it should nevertheless not have to produce any such data, because the production was burdensome, did not provide any relevant information, contained 9 confidential information that could not be produced even under a protective order. Regarding 10 11 12 13 14 the time for production of such an excel spreadsheet “it is estimated that this process will take at least 3-5 weeks, not including the time that it will take to review and redact all sensitive information. Further, because the Policyworks database currently has technical issues which render it unable to furnish new data requests, and Defendant is currently unaware of when the 15 problem will be resolved, it may take even longer than 3-5 weeks that [sic] to pull the data.” In 16 other words, Wells Fargo once again argued it could not produce any data on any reasonable 17 time period regarding this category of discovery, as ordered by the Court. It also argued that 18 the database it previously said was searchable and contained relevant information was now 19 technically unavailable. 20 Instead, Wells Fargo mentioned yet another system, never before discussed, that it now 21 represented contained responsive information. “(1) Defendant is in the process of collecting 22 information from the system of record utilized by Human Resources to record consultations 23 relating the employees who have violated the ISP from May 6, 2012 to May 6, 2015. Within 24 one week of producing the information regarding how many individuals there are, Defendant 25 26 27 28 1 Where discovery avoidance is found to be purposeful and in bad faith, serious sanctions can be imposed. See, e.g., Connecticut Gen. Life Ins. Co. v. New Images of Beverly Hills, 482 F.3d 1091, 1095 (9th Cir. 2007) (imposing terminating sanctions after finding that party’s improper discovery responses “amounted to avoidance, not compliance, with discovery obligations.”) 2 At the June 1 hearing, the Court instructed Wells Fargo to submit the categories and clearly did not invite it to submit argument. (ECF No. 42, p. 38:18-22.) 5 1 can provide an estimate as to when it will be able to produce their corresponding Policyworks 2 reports, to the extent they exist; and (2) Defendant submits that the Human Resources system is 3 the appropriate system of record to search for records responsive to Plaintiff's request, and not 4 the Policyworks database.” 5 6 7 8 Wells Fargo's repeated use of narrow definitions to evade any production of relevant information, concealment of locations of responsive information, use of belated and conflicting reasons to fail to produce ordered information, and continued failure to provide any assurances of a reasonable and timely production call into question Wells Fargo's good faith compliance 9 with its discovery obligations and this Court's order. There is already one sanctions motion 10 11 12 13 14 15 pending and this conduct provides further support for discovery sanctions. After all, this is a case where Plaintiff claims that Wells Fargo's purported reason for termination, which was an alleged violation of the Wells Fargo Information Security Policy, was a pretext. Yet, Wells Fargo has so far avoided all production related to any other employee for violated that security policy in order to make legally relevant comparisons. 16 C. Conclusion and Order 17 Accordingly, the Court ORDERS as follows:3 18 1. Within six weeks from today, Wells Fargo shall complete the following production. 19 Wells Fargo shall also submit a statement of compliance with the Court, along with 20 an explanation of any failure to comply;4 21 2. Wells Fargo shall produce all data regarding employees who failed to comply with 22 Wells Fargo's Information Security Policy from May 6, 2012 until May 6, 2015 23 using the method proposed in Wells Fargo's email of June 7, 20175: 24 25 26 27 28 3 This order supplements and adds to the Court's March 31 order, ECF No. 26. This statement of compliance is due separately and in addition to the report certifying completion discovery ordered on June 8, 2017, ECF No. 43. 5 “Defendant is in the process of collecting information from the system of record utilized by Human Resources to record consultations relating the employees who have violated the ISP from May 6, 2012 to May 6, 2015. Within one week of producing the information regarding how many individuals there are, Defendant can provide an estimate as to when it will be able to produce their corresponding Policyworks reports, to the extent 4 6 1 3. Wells Fargo shall also produce the 52 records from the Policyworks database, which 2 it already agreed to produce, as discussed in the March 30, 2017 hearing; 3 4. Wells Fargo shall provide Plaintiff with a sworn statement regarding the total 4 number of records in the Policyworks database falling under each category in the 5 Policyworks database, including each category identified under Category Levels 1, 6 2, and 3 from May 6, 2012 until May 6, 2015. This document should list the name 7 of each category and the corresponding number of entries associated with that 8 category for this time period;6 9 5. After six weeks, Plaintiff has leave to file a renewed motion to compel and/or 10 motion for sanctions regarding data relating to other Wells Fargo employees who 11 violated Wells Fargo's Information Security Policy if it believes that the data 12 remains insufficient to determine its claims, in light of the burden involved in 13 production, or if Wells Fargo fails to comply with this order; and 14 15 6. To the extent that a party interprets any ambiguity as to this order, the parties shall 16 promptly contact the Court to arrange an informal discovery conference to resolve 17 any such ambiguity without delay. 18 19 20 IT IS SO ORDERED. Dated: June 15, 2017 /s/ UNITED STATES MAGISTRATE JUDGE 21 22 23 24 25 26 27 28 they exist; and (2) Defendant submits that the Human Resources system is the appropriate system of record to search for records responsive to Plaintiff's request, and not the Policyworks database.” 6 The Court is not ordering production of all underlying data at this time. It is ordering the total numbers of entries for each category in a sworn and admissible form. 7

Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.


Why Is My Information Online?