e-discovery 2.0

Anyone reading today’s announcement from Kazeon could be forgiven for doing a double-take: did someone misplace the decimal point? Kazeon claims that it can perform “processing of ESI in preparation for eDiscovery matters as low as $4.30 per Gigabyte.” Assuming that’s not simply a typo, it begs an obvious question: If Kazeon really can process information at a tiny fraction of what e-discovery service providers are charging, how come every e-discovery service provider isn’t going out of business? Why wouldn’t everyone take this incredibly good deal?

The answer (in press releases, as in politics) lies in definitions. Exactly what sort of processing would you be getting for your four dollars and change?

You’ll have to ask Kazeon to get the answer to that one, but give a venti latte to a bleary-eyed e-discovery service provider who’s just pulled an all-nighter preparing for a meet-and-confer, and they’ll tell you all about the nuances, complexities, and risks inherent in e-discovery processing that may be difficult for enterprise search/information lifecycle management vendors to grasp. Quite likely, they will refer you to EDRM’s processing node overview, which outlines the basic goals of robust processing:

• Capture and preserve the body of electronic documents;
• Associate document collections with particular users (custodians);
• Capture and preserving the metadata associated with the electronic files within the collections;
• Establish the parent-child relationship between the various source data files;
• Automate the identification and elimination of redundant, duplicate data with the given dataset;
• Provide a means to programmatically suppress material that is not relevant to the review based on criteria such as keywords, date ranges or other available metadata;
• Unprotect and reveal information within files; and
• Accomplish all of these goals in a manner that is both defensible with respect to clients’ legal obligations and appropriately cost-effective and expedient in the context of the matter.

And that’s just the high-level overview. After the caffeine from the latte starts to kick in, they’ll tell you it’s also absolutely critical to:

• Provide statistical count tie-outs that reconcile every incoming email, loose file, and attachment with the processed document set
• Automatically scan critical large container files (such as PSTs) for errors and problems prior to processing
• Automatically perform custodian mapping to track ownership of all documents
• Maintain detailed reports on every anomaly encountered during processing, down to the individual email, loose file, and attachment
• Automatically handle common metadata anomalies (with logging) so that the maximum number of documents are made available for review
• Provide robust and thorough handling for container files regardless of container format
• Support non-email content types such as contacts, calendar entries, tasks, and notes
• Robustly handle embedded objects
• Provide full visibility into exceptions encountered during processing, along with an integrated exception handling process to allow repaired/decrypted data to be easily added back into the document set

All that for under five bucks? That’s quite a deal! But remember, if you drive by your corner gas station tomorrow morning and they’re advertising regular unleaded for 20 cents a gallon: It may be cheap, but it’s probably not gas you’re getting.

In his latest article, Craig Ball argues that lawyers “need to learn more about the science of search.” Craig says that at least part of the reason for this is that searching in e-discovery is challenging and different from the searching to which lawyers are accustomed.

“Lawyers believe themselves adept at keyword search in e-discovery because they’ve mastered keyword search in online legal research. The correlation is superficial at best. Unlike the crazy quilt of ESI, the language of reported cases is precise, consistent and structured. Misspellings are rare. Legal research is Disneyland. E-discovery is Baghdad.”

I had a conversation on a similar topic with Ron Friedman last month after my last post where he made a similar argument about lawyers needing to learn e-discovery search tools.¹

I think Craig and Ron make excellent points. E-Discovery search is different and it’s important for lawyers, investigators, litigation support professionals and other practitioners to understand how. The natural questions that arise from their arguments are: what is different about e-discovery search? How is it different from other familiar searches, such web search and legal research search? The answers are important because it can help guide e-discovery experts on how to train lawyers and even guide attorneys during review. It is also important for developing e-discovery best practices and e-discovery search software.

I think the first step in answering these questions is to agree on the definition of e-discovery search, or better said the types of e-discovery search since there are several. To address this appropriately would take a least another full post or a paper. As a result, I will leave the detailed discussion of these matters to another time, but for this discussion I will focus on searches used to identify potentially relevant documents for purposes of matter assessment (i.e., understanding the nature of the case: who did what, where, when and why) and for document production to the opposing party.

I have observed five major characteristics of e-discovery search that as a whole differentiate it from other searches. I would be interested to hear additional views on what is different about e-discovery search, so please comment on this post.

Recall
First, the cost of missing a relevant document, or low recall, can be very high in e-discovery. Missing a document that you should have produced could result in sanctions and adversely impact the case outcome. Missing key documents could also affect your legal strategy causing you to make sub-optimal decisions. Missing relevant documents can be costly in other searches as well. For example, in legal research, not identifying case law that is critical to your case could also have a detrimental impact on your legal strategy. However, low recall is on average costlier and more likely in e-discovery. In contrast to e-discovery and legal searchers, web search users are typically not very concerned with missing relevant documents. For the most part, they are interested in the most relevant documents, not all of the relevant documents. This is why Google rarely actually provides all the results for a search (you can try this yourself by paging to the end).

Precision
Second, the cost of returning false positives, otherwise known as low precision, in e-discovery searches is high. The results of e-discovery searches including false positives are typically produced and reviewed by humans at costs as high as several dollars per document. On the other hand, false positives have a minimal cost in web search because users either won’t see them if they are ranked low or will ignore them after minimal review. False positives can be costly during legal research in certain scenarios, such as when the stakes and nature of case are such that many search results need to be exhaustively reviewed, but typically the costs are lower.

Varied Language
Third, documents searched during e-discovery often include personal emails and files and frequently use varied language including jargon, slang, abbreviations, technical terminology, misspellings, and machine-created junk. This is Craig’s “Baghdad” point. In contrast, as Craig points out, documents searched during legal research, such as opinions, motions, etc. are typically well-structured documents with no misspellings, relatively consistent language etc. Even web sites are generally “cleaner” than typical e-discovery documents.

Complexity
Fourth, users are often looking for different information when performing searches during discovery. E-Discovery searches are often aimed at comprehensively understanding “who did what, when, where and why” in a matter where the people involved may be trying to hide this information and where there may be no single “starting point”. As a result, e-discovery searchers often adopt strategies that involve large numbers of queries, and will follow the evidence and iteratively refine their searches for combinations of topics, people, places, etc. Legal searches can also be fairly complex, but as with other differences this is one of degree. These searches typically don’t involve hundreds of queries and terms, are often more narrowly defined and have a “starting point”. Web searches tend to be even simpler. Most are one or two words.

Transparency
Finally, e-discovery search is part of a legal process. The searches themselves are subject to negotiation with and review by opposing counsel and the court. This process can also take place over long time frames. As such, there is a great need for transparency in the development and execution of e-discovery searches. It is also important for e-discovery searchers to develop a defensible audit trail to prove what searches were run and what results were produced when. This is not the case in web or legal research.

These differences have a number of implications for e-discovery search best practices, training, software and more. I will discuss these in more detail in future posts. However, I think these differences make clear why Craig and Ron are right to suggest that people who are new to e-discovery can benefit from specialized training and tools. Similarly for those of us who are deeply involved in e-discovery, I believe these differences point to the fact that there is still a lot of work to be done in developing best practices and software to make it easier for lawyers and other users to perform e-discovery searches effectively.

¹ Ron also wrote another interesting post on this topic which can be found at PrismLegal.com.

In a time before e-discovery, I toiled away alongside a partner at Chapin, Fleming and Winet – Larry Shea. While not reducing his legal sagacity to one pithy catch phrase, his “no ask-y, no get-y” line is nevertheless a truism I often ponder.⁽ⁱ⁾

As a green associate, fresh out of law school, I had a number of idealistic (read: naïve) assumptions about how litigators wrangled over discovery disputes. One day, while dealing with a particularly thorny electronic discovery problem, I came to Larry and told him what I thought we wanted and why we needed it in a specific format. I knew that the opposition wasn’t likely to grant our e-discovery request, partially because they’d surely intuit how badly we needed it. Larry simply responded with his truism and explained that if we didn’t express our wishes we’d (a) likely not get what we wanted and (b) would not have established our position if push came to shove with the judge.

Well, I just read a recent case (Autotech Techs. Ltd. P’ship v. Automationdirect.com, Inc., 2008 WL 902957 (N.D. Ill. Apr. 2, 2008)) and it showed me that no matter how evolved the legal discovery process has become, the basic “no ask-y, no get-y” notion still applies.

In Autotech, the issue surrounded the production of electronically stored information (ESI) per Fed.R.Civ.P. 34(b)(2)(E) which basically says that court documents must be produced as they are kept in the “usual course of business” or in a “reasonably usable form.” Significantly, section (iii) also states that a party need not produce the same ESI in more than one form.

Unfortunately, the requesting party (ADC) didn’t specify a form for the production of the document at issue, so “Autotech had the option of producing it in the form in which it was ordinarily maintained, or in a reasonably usable form.” Similarly, ADC did not specify that it wanted metadata as a part of the responsive document production. The court was not sympathetic to ADC’s requests: “It seems a little late to ask for metadata after documents responsive to a request have been produced in both paper and electronic format.” The court ultimately found that “ADC was the master of its production requests; it must be satisfied with what it asked for.”

In other words, “no ask-y, no get-y.”

Yes, this all seems so simple, but parties still are routinely stepping in this same pothole. Useful e-discovery best practices to avoid this predicament follow along these lines:

1. Determine what format of ESI production you’re going to require. This sometimes isn’t as easy as it sounds since there are a number of permutations of review environments, even for common platforms such as Concordance [s1]and Summation Work backwards with the attorney review team and their litigation support personnel to figure out what you’ll need and the type of “load files” that are required.
2. Determine if you’ll likely want metadata. In lieu of any specific guidance, it’s fair to assume you’ll want metadata for spreadsheets (to calculate formulas), in cases involving computer forensics and for matters involving granular document authenticity/chain of custody, to name a popular few. The challenge is that you may not know about some of these issues at the time of the early Meet and Confer conferences. This is particularly important since there is a “modest legal presumption in most cases that the producing party need not take special efforts to preserve or produce metadata.” Williams, 230 F.R.D. at 651 (quoting The Sedona Principles, Comment 12a). So, the opposition may be on pretty solid footing if they claim that they had no duty to keep the metadata if you don’t make your needs known early on.
3. Ask for what you want. Here, you’ll want to get specific, especially if you’re wisely carving out certain data types for different handling. Documenting your requests is a good practice too.
4. Prepare to substantiate your needs for #1 & #2. Courts aren’t very willing to entertain overly broad requests for metadata if there isn’t a showing of need. So, be prepared to be challenged and have a solid rationale for the e-discovery request.

⁽ⁱ⁾ His saying, “if ‘its’ and ‘buts’ were candy and nuts it would be Christmas all year long” is another great pearl, but I couldn’t find a good case law tie-in.

Jeff Spicoli, after crashing a car in Fast Times at Ridgemont High, quipped:

“It’s okay. My dad is a TV repairman. He has the ultimate set of tools. I can fix it.”

Clearly, Spicoli’s tools (no matter how “ultimate”) weren’t going to get the car repaired. Never mind the fact that he was probably under the influence and shouldn’t have been operating anything more than a Barcalounger. His quote did get me thinking about a post I read recently that probably would have advised Spicoli against talking about how good his tools were. The post in question trumpeted the value proposition of early case assessments in E-Discovery (a viewpoint I wholly endorse). And yet, during the blog the author posited an interesting viewpoint that I think needs a bit of deconstruction:

“In legal, the less information your opponent has, the better off you are. … Using commodity based early case assessment tools may introduce legal risk your company may not want to manage. For example, if the opposing counsel has foreknowledge of the products you use, such as Autonomy/Aungate, Attenex or Clearwell Systems, they know your capability to identify concepts, custodians, etc. Using software to create legal leverage without sharing to the world how you do it, can improve your competitive advantage in the early phases of litigation.”

As a former practicing litigator, I’ll be the first to admit that I’ve seen my share of scorched earth discovery tactics. And, I’m not so much of a Pollyanna to think that a certain amount of this zero sum mentality doesn’t still exist. And yet, there’s an emerging trend (some might say a nascent best practice) to increase the amount of transparency and collaboration in the E-Discovery world.

I was at the Sedona Conference’s recent “Program on Getting Ahead of the eDiscovery Curve” where one of the hot topics was how the fledgling amendments to the FRCP were playing out in practice. One key discussion area centered around how the new Rules required a much more collaborative meet and confer process:

“Rule 26(f) is about cooperation and working together. By coming together early, defining what is important and what is not, and working with your adversary, not against them, means less risk, less cost and more certainty.” [Emphasis Added]. A Practitioner’s Guide to Rule 26(f) Meet & Confer: A Year After the Amendments. John Rosenthal, Howrey LLP and Moze Cowper, Amgen Inc.

Similarly, recent case law has also championed this collaborative approach:

“Identifying relevant records and working out technical methods for their production is a cooperative undertaking, not part of the adversarial give and take. … It is not appropriate to seek an advantage in the litigation by failing to cooperate in the identification of basic evidence.” In re Seroquel Prods. Liab. Litig., 2007 WL 2412946 (M.D. Fla. Aug. 21, 2007)

As part of this proposed transparency and collaboration, the authors (above) point out that a number of topics should proactively be discussed during the meet and confer session(s) including preservation, date ranges, custodians, systems, categories or types of ESI, and the use of search terms. In my experience this level of discussion and transparency really does pay dividends. Anything that resembles a “hide the ball” approach will ultimately take up needless attorney cycles, and will in turn drive up the cost of resolving the matter.

Now, I will concede that a party shouldn’t take the transparency notion too far. For example, it’s probably not necessary to immediately discuss the brand(s) of tools that are working behind the scenes to deliver the promised results. And yet, disclosing the type of functionality that will be brought to bear on the E-Discovery process can help:

• Facilitate discussions about ESI “inaccessibility” - see FRCP 26(b)(2)(B)
• Dispel the frequent myth that one party has the type of uber tool that can instantly, cheaply and automatically grab every piece of relevant data from the most remote corners of an enterprise
• Set the stage for limitations in the E-Discovery process so that all parties (including the Court) can have their expectations firmly grounded in reality
• Eliminate “black box” technology concerns by showing the opposition how your tools work to process files, handle metadata, etc.

So, back to the Spicoli reference,… having a killer set of tools may help your enterprise (or client) achieve fast, accurate and predictable results. But, does the opponent’s knowledge of the type of tools and features you’re going to use increase your risk profile?

While there aren’t any absolutes, I’d certainly say “no.” And, even if this type of gamesmanship did yield a temporary advantage, it’s probably outweighed by a collaborative E-Discovery approach that is quickly becoming a best practice.

If we could only get the E-Discovery tools to fix Spicoli’s car…

Two announcements from Google caught my eye on Tuesday: one that would make investigators’ life more difficult, and another that would make it easier. Since the first is more humorous, it appears to have got more attention; but it’s the second that’s much more significant.

In his post introducing Google Message Discovery, Bill Kee explains that it’s a hosted email archiving service that captures every message, enforces retention policies, and (no surprise!) provides comprehensive search functionality. It comes included in Google Apps Premier Edition, and its cost starts at $25 per mailbox per year.

This is an interesting move when viewed in a broader context. In the enterprise market, Google Apps is seeking to do to Microsoft Office/Exchange what salesforce.com did to Siebel – i.e., provide 80% of the functionality at 20% of the cost. The beach-head for Google into the enterprise is Gmail: if enterprises adopt that as their email platform, then adoption of other Google applications will quickly follow. But enterprises are reluctant to embrace Gmail until it provides enterprise class security, anti-spam, anti-virus, etc. What Google is saying with Message Discovery is that “must-have” list of functionality also includes email archiving.

My view is that the list of functionality that enterprises expect from their email systems also includes e-discovery. It’s great to have keyword search on an archive, but that only gets you a first cut of the data that’s potentially responsive to a case. If your only choice is to then send all of that to a service provider for processing, then you will likely give up the cost savings that prompted you to adopt Gmail in the first place. Conversely, if you can de-duplicate, filter, analyze, and review the information to cull it down to only the small set of relevant data prior to exporting it out of Gmail, then you build on the cost and functionality advantages that Gmail has over its competitors.

My guess is that the clever folks at Google already know this. After all, why else would they call their new email archive “Google Message Discovery” as opposed to “Google Message Archiving”?