e-discovery 2.0

There have been several recent press releases from enterprise software companies proclaiming FRCP “compliance,” which certainly sounds appealing.  But, the use of that term begs the question:  how does a search technology (or methodology) become FRCP “compliant” and is that goal even possible?

IBM launched the first salvo:

“The software will allow companies to move from scattered, point-solution approaches to a disciplined approach that controls electronic information, helps support Federal Rules of Civil Procedure (FRCP) compliance,…”

And, Autonomy quickly followed suit:

“The Autonomy pan-enterprise search platform automates the retrieval, processing, and management of all information throughout a global organization irrespective of languages, operating systems, and file types, avoiding non-FRCP compliant search techniques.”

I’m more than tolerant of both puffery and marketing-speak (though woe to those who forward such releases to Monica Bay), but this notion of “FRCP compliance” seems to take advantage of an already bombarded buying public, who have likely grown weary of FRCP articles, CLEs, and maybe even blogs posts.  Nevertheless, it seems useful to really tease out what the FRCP means and does not mean in relationship to e-discovery and enterprise search.

So, in an attempt to debunk this “compliance” myth, I thought I’d devote this blog post to demystifying some of the inaccurate notions about the FRCP.

Federal First

Initially, it’s important to note that the Rules only apply to litigation within the United States Federal court system.  State court litigation, international lawsuits, arbitrations and administrative actions (just to name a few) aren’t under the aegis of the Rules.  While it’s true that certain state courts (Minnesota for example) have selectively adopted the new discovery provisions, most have not.  So, the first step is to check your venue.  Then, assuming the Rules do apply because your organization is in Federal litigation, the impact, while still not crystal clear, does take on more definition.

Relevancy Filters

As a starting place, the discovery process (as part of litigation) is fundamentally limited by Rule 26 to information (electronic and otherwise) that is “relevant” to the case at hand (i.e., “relevant to the claim or defense of any party”).  This distinction is critical because for the most part it prevents the responding party from having to cast a company wide net for all data, a task envisioned by many content management systems.   Certainly, the ability of certain systems to access all user created data is valuable when searching for relevant data, but there are many ways to skin that cat.

No Express Retention or Preservation Duties

Legions of articles proclaim that the amended Rules create wholly new duties to retain information in general, as well as infusing new duties to preserve electronic data once litigation is anticipated.  Instead however, the new Rules expressly disavow creating truly new retention or preservation duties.  While it is undoubtedly a good practice to have a retention policy, given the welter of statutes and regulations that do create retention duties, the Rules do not mandate that a company create one ahead of litigation.

What is true, however, is that the new Rules have powerful implications for preservation once litigation is likely because of the requirements to understand, negotiate and produce relevant information early in the litigation process.  Under the new Rules, it is critical to be able to identify and retain potentially relevant data once litigation is filed (or is “reasonably likely”).  And yet, the burden of placing a legal “hold” on data, while often significant, certainly can be achieved without a formal document retention/deletion policy.  Again, the litigation “trigger” is key.

“Records” Aren’t the Focus

Continuing on this theme, but in a slightly different vector, there are differing opinions about the impact that the Rules have on “business records.”  This issue is nebulous since it is easy to confuse potentially relevant data corresponding to litigation with “business records,” which are often used in two different contexts.  Initially, there is the “business records” exception to the hearsay rule, which is quite specific and affects the admissibility of evidence in court.

The second, broader definition applies to organizations as they attempt to define a records management program to meet the numerous state, local and Federal mandates.  Commonly, as part of this complex initiative, companies will create records retention programs that specifically define official “records,” unofficial “records,” “non-records,” as well as specific retention periods for certain types of records.  Once the company’s records protocol is put into place there may be some downstream nexus with the Rules, but it won’t manifest itself until Federal court litigation arises, as described above.   The most common intersection occurs when a records retention policy prescribes a deletion event that contradicts the legal “hold” requirements for a record that is likely to be relevant to litigation.

In sum, the foregoing describes the role the FRCP plays in Federal court litigation.  It should be clear that the important, yet relatively narrow, use cases do not include any general compliance mandate in the absence of specific litigation.  I think it’s important to separate myth from reality when it comes to understanding how and when the revised Rules really do come into play.  Failure to do so can create an unpleasant scenario where your organization will either under- or over-prepare for these important litigation guidelines.

Yesterday, George Socha and Tom Gelbmann published summary results for their 2008 EDD survey. George and Tom gathered self-reported data from 85 e-discovery service providers and 40 e-discovery software companies. To help vendors resist the temptation to “exaggerate” their accomplishments, they then cross-referenced the responses against independent surveys submitted by 29 law firms and 19 corporations, and applied a healthy dose of their own good judgment. The outcome, which they will publish in-full next month, is a great snapshot of the industry, and probably the most objective ranking of e-discovery vendors that you can find.

By comparing this year’s results to the 2007 survey, you get a sense for how much has changed in the e-discovery world over the past 12 months:

Top E-Discovery Software Companies

Note: arrows show change to rankings from last year’s Socha-Gelbmann Survey

Autonomy and Clearwell move up to the Top 5, overtaking Attenex and CT Summation which slip back to the second tier. There are also 3 new names ranked 6 through 10 (Epiq, iConect and Symantec) who displace Cataphora, Doculex, ISYS, and Oracle, none of whom even make it into the top 15. In other words, 70% of the rankings have changed since last year.

If a litigation support manager were to focus only on the Top 5 in making her e-discovery software decision, she would have a choice of some very different solutions. Autonomy positions itself as a high-end (expensive) platform for corporations, while Lexis offers a comprehensive toolset for law firms. Guidance and Clearwell are complementary in that both provide best-of-breed solutions for parts of the EDRM model: Guidance is the leader in collection and preservation, while Clearwell is the leader in processing, analysis and review. Finally, FTI takes a services-based approach which centers around RingTail, its hosted review application.

Looking lower down the list, there were some other interesting results, primarily around which companies were NOT ranked. Kazeon made it into the third tier (ranked 11-15) whereas StoredIQ, its main competitor, did not. Nor did Recommind break into the rankings, despite making a major push into e-discovery from knowledge management over the past year. But the most striking absentees are PSS Systems and Exterro, which have pioneered litigation hold management for Fortune 100 companies. I can only guess that they cover too much of niche market to warrant inclusion in an industry-wide report.

Top E-Discovery Service Providers

In contrast to the world of software, e-discovery services saw much less movement in this year’s rankings:

Note: arrows show change to rankings from last year’s Socha-Gelbmann Survey

There was only one change to the top 5: Fios moved up, displacing Guidance which plummeted 10-20 places down to a 16-25 ranking. In addition, there were two new players in the top 10, Epiq and Huron, who edged out Electronic Evidence Discovery and Ernst & Young.

Conclusion

Changes to the software rankings reflect broader changes in the e-discovery market. As e-discovery has moved in-house, corporations have become a major driver of purchase decisions that were previously left to law firms. Many software companies, such as Attenex, have struggled to make this transition, while others, such as Clearwell, have capitalized on it. There has been no such change in the service provider world and, as a result, the rankings are relatively stable.

It will be interesting to see what happens next year. Every other software space is dominated by a small number of players, like Oracle for databases or VMWare for virtualization. If the same is true for e-discovery, then we can expect many fewer changes to the software rankings in future surveys as the leaders pull away from the pack.

The recent announcement of $18 million in financing for PSS Systems got me thinking about preservation.  PSS is a provider of enterprise-class preservation and litigation hold management systems with solutions starting in, from what I can tell, six figures.  Nevertheless, this begs the question, why would a Fortune 500 company need such an expensive enterprise class software application to manage legal holds?

So, let’s start from the top…

With the advent of e-discovery during the last decade an entirely new class of evidence spoliation came into existence - i.e., situations where electronically stored information (ESI), particularly back-up tapes, could inadvertently become overwritten, lost, erased, etc.  In the good old days of paper-based discovery, there was certainly an opportunity for spoliation, but paper documents didn’t routinely become lost or otherwise unavailable, unless in extreme instances of intentional spoliation.  For a particularly comprehensive tome on this type of negligent spoliation, please see this excellent piece written by Judge Scheindlin (of Zubulake fame).

Accordingly, in the past several years litigators have had to learn and then re-learn the notion that the duty to preserve ESI begins once litigation is “reasonably likely.”  Unfortunately, this duty to preserve is fraught with a number of practical challenges, including:

• When is the duty triggered?  For example, the duty is in most instances certainly in place prior to a complaint being actually served.  But, as you move upstream from that crystalline moment reasonable minds certainly can differ about when litigation is “reasonably likely.”  EEOC claims, in the HR context, are a good example of potentially early trigger points.
• Then, assuming that the duty is triggered what must then be preserved?  Is it just the ubiquitous email?  Or, as is more likely, will an increasingly broad and voluminous set of ESI be implicated, such as loose files, instant messaging, blog posts (maybe this one?), mobile or PDA/handheld data, deleted but forensically recoverable files, etc.?

Those two thorny problems aren’t the only issues that counsel needs to deal with when they embark upon issuing a legal “hold” – the decree that instructs custodians of their obligation to preserve all relevant information related to the matter at hand.  But, the duty to preserve is only the start of the challenge.  This is where folks like PSS come in, meaning that they manage the potentially complex logistical tasks associated with hold notification, monitoring, and compliance.

Here’s where I start to have a problems with large scale, complex preservation efforts.  Let’s take a somewhat common example:  a multi-national enterprise is sued for misappropriation of trade secrets.  Even prior to the complaint being filed, plaintiff’s counsel issued a demand letter, which in some cases could be held as a triggering event.  But, in either case, once the complaint hits the GC’s desk the duty to preserve is clearly in force.   Let’s then say that in consultation with outside counsel they wisely embark on a set of interviews to determine the scope of departments/locations/custodians that may be reasonably implicated.  Then, following the synthesis of this information they issue a legal hold notice to 2,500 people located throughout numerous domestic and international offices.

Now, here’s where the risk comes in…   One thing is statistically certain with that number of custodians: the legal hold will not be followed to perfection.  If I were more mathematically inclined I’d say it could be reduced to a formula along these lines:

Legal hold compliance *decreases* exponentially as you multiply:

• The number of custodians
• The length of time the legal hold is in effect
• The types and volumes of potential ESI that may be relevant
• The presence of individuals who don’t want data to be preserved due to their own perceived errors/foibles/omissions

The answer, in my mind, doesn’t lie in a better mouse trap to manage the vagaries of the legal hold process.  No, the best way to take the risk out of the legal hold process is to move very rapidly from preservation to collection.

Once ESI is collected two main things start to happen:

1. Subjective notions about the universe of data (allegedly) covered by the preservation process can be changed into objective observations that the custodians really are the right ones.  For example, in the above example the 2,500 custodian list is again almost certainly not correct.  Since the decision process was made subjectively (likely without insight into the data) the custodian list is inherently either under or over-inclusive.  However, with the advent of early case assessment solutions, the preserving party can now quickly collect and assess an initial corpus of data to ensure that exactly the right folks are in the collection/preservation process.
2. Once the ESI is collected, the risk of loss, deletion, etc. will largely have been taken out of the equation meaning that the danger of spoliation is greatly reduced.

My belief is that the larger the preservation effort the more likely there will be gaps that the opposition can use as leverage.  Scaling up the preservation effort is only one way to skin the cat.  Instead, the better practice is to start small, collect quickly, and then expand collection efforts once your legal team has objective insights into the case data.

Yes, preservation is still important. But, biting off more that you can chew simply means a statistically greater chance of failure.

I knew the rumors about FTI’s acquisition of Attenex were true when we received a call in early May. It was from a large Attenex partner, who said: “We need to switch out Attenex no later than the end of June.” There have been many similar calls since then; as one service provider told us the other day, “I cannot imagine any Attenex partner not looking for other alternatives.”

The reason is obvious: Attenex Advantage partners – such as BDO Seidman, Deloitte & Touche, DiscoverReady, DTI Global Document Technologies, Forensic Consulting Solutions, Navigant Consulting, SPI Litigation Direct, VMAX Consulting and 10-15 others – compete directly with FTI. If they must now rely on FTI for their Attenex technology, it puts them at a massive disadvantage when competing for business. FTI could easily undercut them on price, since it no longer pays usage fees to Attenex; or, FTI could promise additional features in the Attenex product that its competition cannot match. It could certainly claim to be the world’s greatest Attenex experts (after all, who knows Attenex better than Attenex itself?). Perhaps worst of all, every time an Attenex Advantage partner works on a client using the Attenex product, it has to inform FTI at the end of the month so that it may be invoiced for usage, thus enabling FTI to track its client engagements.

Yes, FTI will likely make all sorts of promises about “Chinese Walls” and continuing to support other Attenex Advantage partners. But those promises are impossible to enforce (ask the editor of the Wall Street Journal!), and FTI could change its mind at any time, leaving service providers which depend on Attenex in the lurch. I don’t know anyone who would take that risk.

So the single greatest impact of the FTI-Attenex deal is that every other “Attenex Dis-Advantaged” partner needs to find an alternative e-discovery solution – and fast!

A second impact can be surmised from the market’s reaction to the deal. As the chart shows, FTI’s stock immediately popped 10%, adding about $300 million to its market capitalization. Partly, that’s because FTI negotiated such a great deal. It purchased Attenex for only 3.5x revenue, in a transaction that is neutral/accretive to earnings. Partly, it’s because FTI has a great track record with software acquisitions. For example, it acquired RingTail (a hosted review platform) in 2005 for $34 million, and today RingTail generates over 3 times that amount in revenue. Personally speaking, I have always been impressed by FTI’s team which is without doubt among the best in the business.

The interesting thing in this acquisition, unlike many others, is that the value will not come from selling the acquired product, since FTI is doing that already. In fact, FTI has been selling Attenex for years, and has even integrated it with RingTail. Rather, my guess is that FTI will use Attenex to grow its consulting business in several ways, such as:

1. By convincing clients to switch consulting firms, not technology. Let’s take a hypothetical example and say Ford is presently using Attenex through LECG. If LECG now uses a different e-discovery solution, then Ford is left with a choice: keep LECG and lose Attenex, or change from LECG to FTI and keep Attenex. Ford’s decision will, of course, be driven by many factors, and it will be interesting to see what happens in scenarios like this.
2. By winning a greater share of e-discovery dollars. Today, companies primarily engage FTI on life-threatening issues: stock option investigations, merger 2nd requests from the DoJ/FTC, and so on. By leveraging Attenex’s brand, FTI might extend that to also cover everyday e-discovery issues like run-of-the-mill litigation and regulatory inquiries.
3. By building an e-discovery footprint behind the enterprise firewall. Attenex has struggled to sell its product for on-premise deployment at enterprise customers in the past. Its website has no customer logos and I’m only aware of a couple of installations, neither of which is publicly reference-able. FTI’s strong consulting business might help change that and make it easier for enterprises to adopt Attenex.

I am sure there are other ways for FTI to get value from the deal that I am not smart enough to think of. My point is that, given FTI’s leadership talent and the scope of its consulting engagements, there are lots of things FTI could do with Attenex to create shareholder value far in excess of the acquisition price. That’s why I believe the second impact of the deal is that it will have a positive impact on FTI’s core business.

To the long list of reasons why e-discovery companies should be good to their customers, we can now add one more: because if you don’t, they might blog about you and say nasty things. That’s what has happened to Metalincs on this blog Which carries the intriguing description of “legal software whistle-blower” in its web page address.

I have no idea who this person is, but their comments about Clearwell’s e-discovery solution are well-informed and accurate.