fbpx

Can Legal Tech Prove Santa is Real?: A Miracle on 34th St. Case Study

It’s the most wonderful time of the year, in part because it’s the best time to watch one of the great court cases of cinematic history. I’m referring of course to Miracle on 34th Street, a film that hinges on one lawyer’s ability to prove that Santa Claus is in fact Santa Claus.  

Our story begins when Kris gets a job playing Santa Claus at the flagship Macy’s store in Times Square. When Kris insists that he is the real Santa Claus, he’s committed to a mental institution. Kris’s friend, Fred Gailey, just so happens to be a lawyer and rushes to his rescue. Fred Gailey shocks the court when he announces that his game plan is to prove Kris’s true identity as Santa Claus.  

There’s also a cute kid who wants a house in the suburbs, but she’s not as important from a litigation support perspective.  

The original film was made in 1947, with a remake made in 1994. Needless to say, our way of storing information has changed since then, and that’s reshaped the way lawyers build court cases. How would the case in Miracle on 34th Street be different if it happened today, when records are stored electronically? Would Santa use a GPS or tag his locations on Instagram? Does he have “find my iPhone” on in case he gets stuck in a chimney again? Maybe he uses Microsoft Teams and Zoom to make sure the elves are still holding down the fort at the North Pole while he’s in New York. Let’s look at some more specific examples from the movie and how this information would be managed today.  
 

Employee Records  

One of the first indications that Kris might in fact be the real Santa Claus is his employee record at Macy’s. This lists Santa’s reindeer as Kris’s next of kin and says he’s from the North Pole. 

Today, these records would live in some kind of electronic database. Legal teams not only look at these records, but also have to think critically about how they might’ve been tampered with. That’s just the nature of electronic records vs. paper records. Honestly, who wouldn’t be suspicious if they saw a record that looks like this?:  

Kris Kringle's job application in Miracle on 34th Street | Miracle on 34th  street, 34 street, Movie quotes

Who has access to those records? Who has edit permissions? Can they access those records from personal devices as well as corporate owned devices? Is there any possible way that passwords could have fallen into the wrong hands? Those are the kinds of questions that a good forensics analyst can answer.  

To verify document integrity, analysts oftentimes look at something called “metadata.” That refers to information such as “date created,” “date last modified,” and “author.” All data comes with metadata, and since it’s not as easily editable as the records themselves, it often proves crucial in digital forensics investigations.  

Analysts can look at a hard drive and figure out if data was moved to other devices, if edit histories were deleted, etc. Assuming Macy’s had good information governance practices and required everyone with edit access to use different passwords, forensics teams could also deduce which passwords were used to make any edits. In some cases, they may even testify in court to assure judges that records are what they appear to be (or maybe that they’re not what they appear).  

Letters to Santa  

The “smoking gun” of the original 1947 movie are the thousands of letters to Santa Claus delivered to the New York City courthouse. Fred Gailey argues that the post office’s decision to deliver these letters to Kris equates to government validation of his true identity: Santa Claus.   

According to the USPS, kids still send hundreds of thousands of letters to Santa every year. The USPS even has a special address they ask people to use for such letters. This system means it’s unlikely that thousands of letters would be delivered to the courthouse like in the movie, since people have been instructed to address such letters to 123 Elf Road. 

However, snail mail is just one of numerous ways to get in touch with St. Nick these days. EmailSanta.com has been on the net since 1997. However, the site’s About Us page admits that it was built not by Santa himself, but by a man named Alan Kerr. There are also numerous Santa Claus Twitter accounts, albeit none of them have a blue checkmark.  

This is perhaps where Fred Gailey would have the biggest uphill battle if he were to try this case today. The Internet has made it infinitely easier for other people to claim they are Santa. Gailey would have to prove that 1) one of the numerous online Santa platforms is the definitive way to get in touch with the real Santa and 2) That Kris was the man behind such an account.  

Let’s assume that by 2020, Santa has gotten with the times and has a proper email account for children to email him with a parent’s supervision. Gailey wants to present Kris’s emails in court. During the Meet and Confer stage of litigation, Gailey and opposing counsel would agree on a certain amount of emails to review. This way, if Kris and Fred were trying to fake letters to Santa, opposing counsel could do their own forensic analysis and figure that out.  

Of course, since Kris really is Santa, there would be a few facts on his side. The litigation support team would be able to verify that he does receive numerous letters to Santa every year. Odds are those letters would be in various languages from all over the world. Sure, that makes it harder to put together a team for review, but it also makes it virtually impossible for opposing counsel to prove that Kris is faking it.   

The best way for Gailey to build a case is similar to the way many complex litigations happen now: build a narrative from both electronically stored information and real-life events. Imagine if Gailey could prove that 1) children asked for certain gifts in emails to Kris and 2) they actually received those same gifts and 3) those gifts didn’t come from parents or other relatives “playing Santa.”  

With presumably thousands of emails to Santa to choose from, this shouldn’t be that difficult. Platforms such as Relativity help review teams search for keywords in different emails. They could search for particularly high demand toys that parents would have trouble finding on their own. After finding such emails in review, Gailey could cross-reference them with Kris’s records of which children got which gifts, because obviously Santa knows the importance of maintaining such records. Nothing gets you on the naughty list as quickly as bad information governance.  Gailey could reach out to families and get them to testify on the stand that they did not know where these gifts came from.   

Exploring these sorts of cases helps us understand how people in this space think on a day-to-day basis. Legal tech has to be about more than fast processing and aesthetically pleasing interfaces, though those certainly don’t hurt. It’s also about having the right people who understand how to build a case and know what to look for in discovery. If you were Fred Gailey, what would your discovery strategy be? How could you verify Kris’s identity and what kind of technology would make it easier? Let us know!  

A Trick-or-Treater’s Guide to the EDRM

The Electronic Discovery Reference Model, or EDRM, is a framework for dealing with documents that could be relevant to a legal investigation or litigation. Those who work within this framework on a daily basis understand it like the back of their hand. Such people are familiar with an all too common experience: having a stranger ask “What do you do?” and watching that stranger’s eyes glaze over as they try to explain the ins and outs of eDiscovery.

Luckily, the EDRM is more relatable than some might think. This time of year, many of us have fond memories of collecting something and making decisions about to do with what we collect.

That’s right. We’re going to explain the EDRM through trick-or-treating. We’re going to reflect on how the EDRM might’ve helped us make better decisions about what candy to collect and make the best kinds of candy last longer. As a quick refresher, here’s what the EDRM looks like.

A diagram of the Electronic Discovery Reference Model

Step 1: Identify 

First, legal teams have to identify potential sources of relevant electronically stored information (ESI). Miss a source, and they could miss out on valuable information that could help their case.

Trick-or-treaters need to be similarly strategic. Just like a pending court deadline, there’s only so much time to gather candy. Are you better off going to a neighborhood where the houses are closer together and you can go to more of them? But then what if that neighborhood doesn’t have as many kids, and so a lot of the houses turn their lights out and don’t give out candy? Alternatively, some neighborhoods might have bigger houses that require more walking, but then give out more candy per house. Maybe you can strike the real pay dirt of trick-or-treating: the full size candy bar. What’s the best strategy?

Well, that depends on the trick-or-treater’s objective. Maybe Sally just wants to get as many pieces of candy as possible, while her sister Susie only likes chocolate candy and wants to focus on houses that have given out chocolate in the past.

In a similar fashion, every legal case is different. Some require casting a broad net to get as much information as possible, others required a narrowly tailored approach looking for more specific details. Experienced eDiscovery practitioners know when to pick which strategy.

Step 2a: Preserve

Preservation is one of the most important parts of the EDRM. When it’s time to present in court, you need to be able to prove that any documents you present are still in their original state. While preservation is one of the earlier steps of the EDRM, these things aren’t entirely linear. Preservation needs to be a priority for every other step of the EDRM as well. As case teams dive deeper and deeper into the discovery process, they have to maintain the integrity of the original documents.

This is similar to how trick-or-treaters should not eat any candy until someone verifies that everything is sealed in its original packaging. Even as a kid, I knew not to start eating candy while out and about in the “collection” phase. Instead, I had to bring my candy in and let a parent double check to make sure that everything was what it claimed to be. If something was partially unwrapped and we couldn’t be fully confident about what it was, we threw it out. I could only start eating candy AFTER we confirmed that candy’s integrity.

Step 2b: Collect 

No alt text provided for this image

This is it! The big night. Actually collecting that candy. We’ve figured out a strategy, and now we can go get all our candy. Each house is a source that gives us something slightly different. It’s also probably the most straightforward trick-or-treating to EDRM comparison so I won’t dwell on it too long.

In eDiscovery, practitioners obviously have to collect data before they can do much of anything else with it. Sometimes that means tracking down deleted data, or looking in places where other people wouldn’t think to look. Sometimes they do this collection remotely, other times onsite. Once teams have gone to all the right sources and gathered as much information as possible, they can start processing that information and help legal teams reach important conclusions.

Step 3a: Process

I mentioned earlier how when I was a kid, my parents would throw out any candy if it wasn’t fully sealed in its original packaging. Oftentimes in eDiscovery, that’s not a realistic option. There can be millions of dollars on the line, and legal teams can’t afford to simply “throw out” any evidence that has questionable integrity.

So how does a legal team reconcile this? They need defensible data, but some of the most important evidence to their case could be from deleted, edited, or corrupted files. Have no fear. Forensics and processing teams are here.

Let’s imagine that one neighbor decided to make homemade treats for trick-or-treaters. And let’s say that treat was easily THE best treat that either Sally or Susie collected in their entire stash. We’ll say it’s a chocolate cookie with a gooey caramel filling meticulously decorated to look like a unicorn. It would break Sally and Susie’s heart if they had to throw it out.

However, mom and dad are a little wary about letting Sally and Susie eat a homemade treat. There’s no ingredient label like there would be on a mass-produced piece of candy, and they don’t really know this neighbor well enough to trust them. What can they do to make sure these treats are safe?

Well if you’re my mother, you might suggest looking at the treats under a microscope to try and figure out what’s in them. Technically, there are actual food science labs that would be able to take that unicorn cookie apart and determine for sure if there’s anything suspect in it.

Data engineers in digital forensics are the eDiscovery equivalent of such a lab. Those who specialize in data processing can deduce information that lay people can’t. They can use metadata to figure out which documents are the unicorn cookie-equivalents that need to be elevated for review. If there are corrupt files, they can intervene and potentially restore documents to their original state in a defensible way. If some documents are in older file formats than many modern computers wouldn’t recognize, they can convert them into more user-friendly formats.

Such experts are able to save “treats” that an ordinary mom and dad might’ve just thrown out. More importantly, they’re able to do this in a way that preserves document integrity, and oftentimes find metadata that helps them better organize documents prior to review.

Step 3b: Review

Sure, a lot of us probably just kept our trick-or-treating haul in one big stash and ate candy whenever we felt like it. But if you wanted to be strategic, you could also introduce a “review” step into things. Remember Susie, our trick-or-treater who only cared about chocolate candy? She might decide to sort her stash into different types of candy so she wouldn’t eat all the best kinds too quickly. Maybe she’ll try to trade the non-chocolate candies she doesn’t like for chocolate.

In the EDRM, Document Review is all about going through documents and coding them as relevant or irrelevant to litigators. They can also implement issue coding to organize relevant documents based on topic, similar to sorting chocolate candy based on sub categories like caramel or peanut butter. With a review team sorting information into the appropriate buckets, litigators can focus their attention on documents that actually matter.

Step 3c: Analyze

Okay. You have your pile of candy. You know exactly how many pieces you have, and how much of each kind you have. Now you can actually start making some strategic decisions. Maybe Susie will decide to trade some of her gummy worms for chocolate. Maybe Sally will decide to ration her candy to a certain number of pieces each week so it lasts longer. (Okay, she probably won’t, but she could!)

This is similar to the analysis phase of the EDRM, when you can start making decisions with full confidence that those decisions are based on reliable data. The review stage was all about figuring out what’s relevant, but the analysis stage goes beyond that. This is where relevant documents become an actual case. Review teams work alongside litigators to find important patterns and thread documents together into narratives that can sway a judge in their favor.

Step 4: Produce

Now that we have a real plan for what kinds of candy we’re going to eat when, and where we maybe have opportunities to improve our haul, we can work with other people who ALSO have candy hauls (and maybe didn’t put as much thought into review and analysis as we did!). We can try to trade some of the candy we don’t like for candy we do like, or maybe Sally will agree to take on Susie’s chores for a week if Susie gives over all her peanut butter cups.

In the litigation process, the “production” step is all about getting the relevant documents you’ve selected ready for the final step, presentation. They have to be in whatever formats were previously agreed upon and they have to be delivered by the previously agreed upon deadlines. 

Step 5: Present

Here it is. The moment everyone’s been waiting for: actually eating the candy! After putting so much thought into collecting and organizing this candy, we actually get to reap the benefits of that hard work. We can eat our favorite kinds without going through it too quickly, and knowing all our treats are exactly what they were supposed to be. If we REALLY wanted to, we could even store data about what candy we got from what houses so we make even more informed decisions next year. (It’s never too early to start teaching your kids about the importance of information governance!)

The final stage of the EDRM is presenting. Because we took careful consideration through each of the earlier stages of the EDRM, we can present a strong case in court. We can easily defend the integrity of our documents and the process we used to obtain that information. We were efficient enough to meet our deadlines. At the same time, we also didn’t let any relevant documents slip through the cracks, so opposing counsel can’t surprise us.