e-discovery 2.0

The recent announcement of $18 million in financing for PSS Systems got me thinking about preservation.  PSS is a provider of enterprise-class preservation and litigation hold management systems with solutions starting in, from what I can tell, six figures.  Nevertheless, this begs the question, why would a Fortune 500 company need such an expensive enterprise class software application to manage legal holds?

So, let’s start from the top…

With the advent of e-discovery during the last decade an entirely new class of evidence spoliation came into existence - i.e., situations where electronically stored information (ESI), particularly back-up tapes, could inadvertently become overwritten, lost, erased, etc.  In the good old days of paper-based discovery, there was certainly an opportunity for spoliation, but paper documents didn’t routinely become lost or otherwise unavailable, unless in extreme instances of intentional spoliation.  For a particularly comprehensive tome on this type of negligent spoliation, please see this excellent piece written by Judge Scheindlin (of Zubulake fame).

Accordingly, in the past several years litigators have had to learn and then re-learn the notion that the duty to preserve ESI begins once litigation is “reasonably likely.”  Unfortunately, this duty to preserve is fraught with a number of practical challenges, including:

• When is the duty triggered?  For example, the duty is in most instances certainly in place prior to a complaint being actually served.  But, as you move upstream from that crystalline moment reasonable minds certainly can differ about when litigation is “reasonably likely.”  EEOC claims, in the HR context, are a good example of potentially early trigger points.
• Then, assuming that the duty is triggered what must then be preserved?  Is it just the ubiquitous email?  Or, as is more likely, will an increasingly broad and voluminous set of ESI be implicated, such as loose files, instant messaging, blog posts (maybe this one?), mobile or PDA/handheld data, deleted but forensically recoverable files, etc.?

Those two thorny problems aren’t the only issues that counsel needs to deal with when they embark upon issuing a legal “hold” – the decree that instructs custodians of their obligation to preserve all relevant information related to the matter at hand.  But, the duty to preserve is only the start of the challenge.  This is where folks like PSS come in, meaning that they manage the potentially complex logistical tasks associated with hold notification, monitoring, and compliance.

Here’s where I start to have a problems with large scale, complex preservation efforts.  Let’s take a somewhat common example:  a multi-national enterprise is sued for misappropriation of trade secrets.  Even prior to the complaint being filed, plaintiff’s counsel issued a demand letter, which in some cases could be held as a triggering event.  But, in either case, once the complaint hits the GC’s desk the duty to preserve is clearly in force.   Let’s then say that in consultation with outside counsel they wisely embark on a set of interviews to determine the scope of departments/locations/custodians that may be reasonably implicated.  Then, following the synthesis of this information they issue a legal hold notice to 2,500 people located throughout numerous domestic and international offices.

Now, here’s where the risk comes in…   One thing is statistically certain with that number of custodians: the legal hold will not be followed to perfection.  If I were more mathematically inclined I’d say it could be reduced to a formula along these lines:

Legal hold compliance *decreases* exponentially as you multiply:

• The number of custodians
• The length of time the legal hold is in effect
• The types and volumes of potential ESI that may be relevant
• The presence of individuals who don’t want data to be preserved due to their own perceived errors/foibles/omissions

The answer, in my mind, doesn’t lie in a better mouse trap to manage the vagaries of the legal hold process.  No, the best way to take the risk out of the legal hold process is to move very rapidly from preservation to collection.

Once ESI is collected two main things start to happen:

1. Subjective notions about the universe of data (allegedly) covered by the preservation process can be changed into objective observations that the custodians really are the right ones.  For example, in the above example the 2,500 custodian list is again almost certainly not correct.  Since the decision process was made subjectively (likely without insight into the data) the custodian list is inherently either under or over-inclusive.  However, with the advent of early case assessment solutions, the preserving party can now quickly collect and assess an initial corpus of data to ensure that exactly the right folks are in the collection/preservation process.
2. Once the ESI is collected, the risk of loss, deletion, etc. will largely have been taken out of the equation meaning that the danger of spoliation is greatly reduced.

My belief is that the larger the preservation effort the more likely there will be gaps that the opposition can use as leverage.  Scaling up the preservation effort is only one way to skin the cat.  Instead, the better practice is to start small, collect quickly, and then expand collection efforts once your legal team has objective insights into the case data.

Yes, preservation is still important. But, biting off more that you can chew simply means a statistically greater chance of failure.

I knew the rumors about FTI’s acquisition of Attenex were true when we received a call in early May. It was from a large Attenex partner, who said: “We need to switch out Attenex no later than the end of June.” There have been many similar calls since then; as one service provider told us the other day, “I cannot imagine any Attenex partner not looking for other alternatives.”

The reason is obvious: Attenex Advantage partners – such as BDO Seidman, Deloitte & Touche, DiscoverReady, DTI Global Document Technologies, Forensic Consulting Solutions, Navigant Consulting, SPI Litigation Direct, VMAX Consulting and 10-15 others – compete directly with FTI. If they must now rely on FTI for their Attenex technology, it puts them at a massive disadvantage when competing for business. FTI could easily undercut them on price, since it no longer pays usage fees to Attenex; or, FTI could promise additional features in the Attenex product that its competition cannot match. It could certainly claim to be the world’s greatest Attenex experts (after all, who knows Attenex better than Attenex itself?). Perhaps worst of all, every time an Attenex Advantage partner works on a client using the Attenex product, it has to inform FTI at the end of the month so that it may be invoiced for usage, thus enabling FTI to track its client engagements.

Yes, FTI will likely make all sorts of promises about “Chinese Walls” and continuing to support other Attenex Advantage partners. But those promises are impossible to enforce (ask the editor of the Wall Street Journal!), and FTI could change its mind at any time, leaving service providers which depend on Attenex in the lurch. I don’t know anyone who would take that risk.

So the single greatest impact of the FTI-Attenex deal is that every other “Attenex Dis-Advantaged” partner needs to find an alternative e-discovery solution – and fast!

A second impact can be surmised from the market’s reaction to the deal. As the chart shows, FTI’s stock immediately popped 10%, adding about $300 million to its market capitalization. Partly, that’s because FTI negotiated such a great deal. It purchased Attenex for only 3.5x revenue, in a transaction that is neutral/accretive to earnings. Partly, it’s because FTI has a great track record with software acquisitions. For example, it acquired RingTail (a hosted review platform) in 2005 for $34 million, and today RingTail generates over 3 times that amount in revenue. Personally speaking, I have always been impressed by FTI’s team which is without doubt among the best in the business.

The interesting thing in this acquisition, unlike many others, is that the value will not come from selling the acquired product, since FTI is doing that already. In fact, FTI has been selling Attenex for years, and has even integrated it with RingTail. Rather, my guess is that FTI will use Attenex to grow its consulting business in several ways, such as:

1. By convincing clients to switch consulting firms, not technology. Let’s take a hypothetical example and say Ford is presently using Attenex through LECG. If LECG now uses a different e-discovery solution, then Ford is left with a choice: keep LECG and lose Attenex, or change from LECG to FTI and keep Attenex. Ford’s decision will, of course, be driven by many factors, and it will be interesting to see what happens in scenarios like this.
2. By winning a greater share of e-discovery dollars. Today, companies primarily engage FTI on life-threatening issues: stock option investigations, merger 2nd requests from the DoJ/FTC, and so on. By leveraging Attenex’s brand, FTI might extend that to also cover everyday e-discovery issues like run-of-the-mill litigation and regulatory inquiries.
3. By building an e-discovery footprint behind the enterprise firewall. Attenex has struggled to sell its product for on-premise deployment at enterprise customers in the past. Its website has no customer logos and I’m only aware of a couple of installations, neither of which is publicly reference-able. FTI’s strong consulting business might help change that and make it easier for enterprises to adopt Attenex.

I am sure there are other ways for FTI to get value from the deal that I am not smart enough to think of. My point is that, given FTI’s leadership talent and the scope of its consulting engagements, there are lots of things FTI could do with Attenex to create shareholder value far in excess of the acquisition price. That’s why I believe the second impact of the deal is that it will have a positive impact on FTI’s core business.

There is no bigger idea in enterprise technology than the idea of “cloud computing“. What does it mean? Simply put, the idea is that enterprises will cease to buy hardware, software, and all the headaches that come with them. Instead, companies will rent whatever applications they need and access them over the internet. Software vendors will keep their applications on a pool of shared infrastructure (the “cloud”), which will automatically allocate resources between applications according to demand. Using a common analogy, we will move from today’s world where companies are buying and building their own electricity generators, to a world where there are power companies distributing electricity over a grid.

To get a sense for how this might happen, just take a look at the CRM market. Ten years ago, Siebel and other packaged software vendors were among the fastest growing companies in America. Today, they are shrinking as customers migrate en masse to, for example, salesforce.com’s cloud-based approach. One Wall Street analyst I spoke to last week forecast that hosted (i.e., cloud-based) applications will grow their market share from 12% to 21% by 2011, and account for all growth in the market.

E-discovery is no exception to this mega-trend, and I expect a portion of the e-discovery software business to move to the cloud. How quickly this happens depends on how easy it is for companies to adopt cloud-based e-discovery solutions, which is why Google’s recent moves into e-discovery are so significant.

Google is by far the largest cloud computing company in the world. Its cloud-based Google Apps suite of applications was only launched in 2007, but is already being used by several hundred thousand businesses and, Google tells me, 2,000 new businesses sign up every day. Today, the customers are mainly small to medium sized businesses (500-5,000 employees). But as its functionality improves, larger companies will increasingly start asking why they should pay for Microsoft Office when cheaper alternatives exist.

Talking to Bill Kee, a product marketing manager at Google, it’s clear the biggest gap in Google Apps’ functionality was the lack of enterprise features around security, compliance, and e-discovery. That’s why Google acquired Postini, a leader in messaging security. It’s why Google recently launched Message Discovery, a hosted archive that comes bundled into Google Apps Premier Edition. And it’s why Google is collaborating with Clearwell to educate the market on cloud-based e-discovery solutions.

If you are interested in learning more about “e-discovery in the cloud”, register for a free webinar which we are hosting with Google on June 3.

Yesterday’s post about the top e-discovery software vendors prompted a couple of interesting comments. George Socha posted a response here, disagreeing with my conclusions; and someone else (“top8”, whoever that is) asked whether one should “always listen to the top 5-10 songs on the list…[or] use the top 5 software products, regardless of one’s situation.”

To clarify, I whole-heartedly agree with George that there is no such thing as a “best” e-discovery service provider – as George says, it really does depend on your situation and I can think of many cases where a smaller, less well-known firm is a better choice than a national brand.

But e-discovery software is different for 2 reasons. First, and most importantly, in software there are increasing returns to scale which do not exist for service providers. The more companies that use a particular software product, the better that product becomes. Speaking from personal experience, when you have a large number of demanding customers, they force you to make your product better – and give you the money to do it. That’s why most technology markets are incredibly concentrated: everything from databases (Oracle) to search engines (Google) have a single dominant player. We are still in the early days of the e-discovery software market, but ultimately I expect it will follow suit and consolidate around a very small number of players.

The second difference between e-discovery software and service providers is that enterprises cannot change their software vendors as easily as they can change their service providers. Once software is deployed behind the firewall, it is fiendishly difficult to get it out, requiring enterprises to pick a single product for all cases. By contrast, it is easy to change service providers, so enterprises can pick the most relevant expertise on a case-by-case basis.

To answer the question posed by “top8”, I am not suggesting that everyone should only read Harry Potter, watch American Idol, and (Heaven forbid!) listen to Britney Spears. Those are matters of personal taste where diversity is what makes for a rich, vibrant society. But there are very good reasons why so many corporations rely on Veritas for backup software, Oracle for databases, Symantec/McAfee for anti-virus, IBM for developer tools, and so on. In software, the best products only get better. That’s why, 5 years from now, the list of top e-discovery software vendors will be even shorter.

There are two independent analyst reports identifying the top e-discovery software vendors.

The first, published in June 2007, is the Socha-Gelbmann Annual Electronic Discovery Survey. The authors, George Socha and Tom Gelbmann, probably know more about e-discovery than anyone else you are likely to meet. As someone who has filled out their 178-page survey, I can tell you it is excruciating in its detail and incredibly rigorous. According to the report, George and Tom contacted nearly 1,000 individuals and collected detailed data from 115 organizations.

The second analyst report is Gartner’s MarketScope, which is published today (December 2007). Its author, Debra Logan, is fast emerging as one of the leading lights of e-discovery and has great instincts about the market. For her report, Debra tells me that surveyed 30 vendors and checked over 90 customer references.

The results from the two reports are as follows:

(1) Companies listed as “Top Electronic Discovery Software Providers Based on 7 Criteria” (Table 19 and 20), listed in alphabetical order. (2) Companies awarded ratings of “Positive” or “Strong Positive” (Figure 1), listed in alphabetical order.

Why are the lists so different? Primarily because of two main factors:

1. Gartner’s list mixes service providers and software companies whereas Socha breaks them out separately. The Socha report has an entirely separate list for service providers.
2. Socha’s report was completed 6 months earlier than Gartner’s. In that intervening period, several new players entered the e-discovery market. For example, Kazeon was ranked by Gartner earlier this year a “niche player” (lower left quadrant) in the enterprise search market, and has not been in e-discovery long enough to participate in the Socha study (or, if they did participate, they did not have enough e-discovery customers to gain a high ranking).

Conclusions

The first conclusion to draw from these lists is that any vendor not in them is probably not worth considering for e-discovery. If neither Socha nor Gartner ranked them highly, then the vendor either could not provide compelling customer references or has lost competitive bake-offs to someone who is on the list. Either way, they are best avoided.

The second thing that stands out is how different these lists are. Of the 21 vendors identified by Socha and Gartner, only 5 are ranked as top e-discovery software vendors by both of them. Those 5 are Attenex, Clearwell, FTI, Guidance, and LexisNexis. So, if you are an enterprise looking for an e-discovery solution, it is clear who you should call first.

Finally, it is worth noting that both these analyst reports are relatively new. This is the third annual survey for Socha, and the first MarketScope for Gartner. That speaks to the fact that e-discovery software is a new, fast-growing product area. More and more enterprises are adopting e-discovery software solutions, and asking analysts about them, because they offer such a compelling ROI.