SAN ANTONIO – What you don't  know can hurt you, and what you do know but aren't telling can maybe hurt even more, according to an attorney and legal technologist who specialists in e-discovery.

Gregory Johnson is with the Spokane, Wash., practice of Paine Hamblen LLP and spoke Tuesday at the CUNA Operations & Service Council/CUNA Technology Council combined conference at the Marriott Rivercenter in San Antonio.

Johnson told a breakout session that the discovery process in a lawsuit against a credit union now can include everything from emails, texts and social media postings to electronically stored documents – including versions with comments and revisions – and Web browsing histories.

And just as the technology itself, case law, in fact, is building rapidly in the area, he said, and so are the cases. “Where we might see one or two recovery cases each quarter in the case law, now we see four or five a week,” he said.

Johnson's talk included a number of practical tips, such as a reminder that copy machines have hard drive memories and they should be erased before leased machines are turned in, and he especially drove home the point that not being transparent with attorneys for both sides about what's available can be costly.

“Federal courts require you to let the other side know what information exists, and without waiting for a request,” he said. “So when someone like me comes to you, to represent your side, and I start asking you for all these things, and it turns out it was there and you didn't tell, there can be sanctions. They've been known to reach a couple million dollars.”

He said he tells his clients to “preserve, preserve, preserve, and tell me about it. We can always fight later about what we're going to give to the other side. But they have the right to know it exists.”

The best defense is a good defense, he added. Credit unions should have very clear policies about employee use of company computers, and they need to be as concerned about inside jobs as outside hackers.

“Companies spend a large amount of money monitoring what's going on on the outside, but not so much on the inside. There are ways to identify, trap and block information going out that you should be using,” he said.

Another good way to protect potentially sensitive information, he said, is not put it in writing at all when possible.

“Walk down the hall. Don't e-mail if you don't have to,” he said. “Same with voice mail.”