e-discovery 2.0

A famous quote from intellectual George Santayana provides an appropriate backdrop for organizations to better understand why they should deploy technology to strengthen their litigation response effort.  As Santayana explained in The Life of Reason: Reason in Common Sense, “[t]hose who cannot remember the past are condemned to repeat it.”

The “past” can be a powerful playbook in the game of eDiscovery.  Fortunately for organizations, the lessons of eDiscovery history abound.  Indeed, the decisions that courts issue every day across the United States and in other countries provide substantial guidance on what organizations should and should not do to properly prepare for the discovery phase of litigation.

One of the principal lessons that can be gleaned from American court cases in 2011 is that technology can help organizations address the demands of eDiscovery in litigation.  Technology has assumed such a significant role because it facilitates the oversight process that lawyers must engage in to ensure that pertinent documents are preserved for discovery.  This year alone, the failure to exercise that oversight has in many instances culminated in evidence destruction and sanctions.

That message was emphasized this summer by a Virginia based federal court in a hotly contested trade secret dispute.  In E.I. du Pont de Nemours v. Kolon Industries (E.D. Va. July 21, 2011), the court determined that it would issue an adverse inference jury instruction against defendant Kolon Industries as a sanction for its evidence spoliation.  The spoliation at issue occurred when Kolon deleted emails and other records relevant to DuPont’s trade secret claims.  After being apprised of the lawsuit and then receiving multiple litigation hold notices, several Kolon executives and employees met together and identified emails and other documents that should be deleted.  The ensuing destruction was staggering.  Nearly 18,000 files and emails were deleted.  Furthermore, many of these materials went right to the heart of DuPont’s claim that key aspects of its Kevlar© formula were allegedly misappropriated to improve Kolon’s competing product line.

Surprisingly, however, the court did not finger the Kolon employees as the principal culprits for spoliation.  Instead, the court laid the blame on Kolon’s attorneys and executives, reasoning they could have prevented the destruction of information through better oversight.  The hold process was particularly flawed.  The notices were either too limited in their distribution, ineffective since they were prepared in English for Korean-speaking employees, or too late to prevent or otherwise alleviate the spoliation.  Given the logistical challenges of implementing a hold in this instance, perhaps only the automated functions of technology such as archiving software might have strengthened the oversight process and obviated the spoliation that took place.

The lack of attorney oversight also factored into another pertinent sanctions order this year, this time from a federal court in Chicago.  In Northington v. H & M International (N.D.Ill. Jan. 12, 2011), the court issued an adverse inference jury instruction against a company that destroyed relevant emails and other data.  The spoliation occurred in large part because the company neglected to establish a global litigation response effort.  For example, there was no process for issuing or ensuring compliance with a litigation hold.  Nor was counsel engaged in the critical steps of preservation, identification or collection of electronically stored information (ESI).  Into this vacuum stepped rank and file employees – some of whom were accused by the plaintiff of harassment – who were tasked with identifying and collecting discoverable emails from their workstations.  Predictably, key documents were never found and the court had little choice but to promise to inform the jury that the company destroyed evidence.

The problems associated with the lack of oversight in DuPont and Northington are compelling reasons why organizations should consider using technology tools as part of their overall litigation response strategy.  One of the most helpful tools in this regard is archiving software.  Indeed, having the right archiving solution in place might have preserved the spoliated records in these actions.

For example, archiving software can be programmed to prevent employees from deleting emails and other electronically stored information.  By ingesting data into a central repository and leaving copies of the materials on local computers, employees could have access to their archived records.  They would not, however, be able to delete those documents from the software archive.  In addition, a litigation hold could have been placed on archived data to prevent automated retention rules from overwriting information.  Either of these features might have prevented much of the spoliation – and the resulting sanctions – that occurred in both the DuPont and Northington cases.

The automated functions of archiving technology can benefit a company’s litigation response in other ways.  For example, such a tool may limit the amount of potentially relevant information available for follow-on litigation.  Absent a legal hold, retention rules that are programmed into the software will ensure that ESI is expired once it reaches the end of a designated period.  In DuPont, such a feature could arguably have eliminated entire categories of older documents before a duty to preserve those materials ever ripened.  This facet not only has the potential to reduce legal exposure, but also the attendant costs associated with reviewing those documents in litigation.

DuPont, Northington and other cases from the recent past delineate the steps companies can take to address the challenges of eDiscovery.  Organizations do not have to “repeat” past mistakes that victimized clients and counsel alike.  Instead, they can implement the right technology tools as part of a thoughtful, proactive approach to litigation.  By so doing, organizations will avoid Santayana’s judgment by “remembering” the lessons of eDiscovery history.

In my last post I announced that discussions are taking place that could change the way preservation and sanctions issues are handled within the federal court system.  The next round of discussions about possible amendments to the Federal Rules of Civil Procedure (FRCP) is scheduled to take place on September 9th in Dallas, Texas as part of a “mini-conference” led by the Discovery Subcommittee – a committee appointed by the Advisory Committee on Civil Rules.  This post discusses three different rule amendment approaches that attendees have been asked to consider in order to help them prepare for the mini-conference.  A complete list of attendees, preparation materials, and questions the group will consider are included in the Advisory Committee’s June 29, 2011 memorandum to the participants.

The debate about whether or not rule amendments are even required is far from over.  A 452-page document located on the U.S. Courts’ website chronicles many of the meetings, notes, and submissions driving the current discussion.  Page 265 of the document contains a memorandum prepared by the Civil Rules Advisory Committee earlier this year, stating that:

“the Subcommittee has reached no conclusion on whether rule amendments would be a productive way of dealing with preservation/sanctions concerns, much less what amendment proposals would be useful.”

Despite concerns that amending the current rules now would amount to jumping the gun, there is an undeniable desire for more clarity around when the duty to preserve electronically stored information (ESI) is triggered, what must be preserved, and when the duty expires.  This momentum has resulted in the crafting of draft proposals that are likely to help frame the discussion on September 9th. The “proposals” are really draft approaches that have been broken down into three general categories described in the Civil Rules Advisory Committee’s memorandum, titled: “PRESERVATION/SANCTIONS ISSUES” (see page 263).  The Category 1 approach can best be described as providing a higher degree of specificity than the other approaches.  For example, the Category 1 approach provides a fairly detailed explanation of the duty to preserve evidence (Rule 26.1(a)) and details possible triggers (26.1(b)), the scope of the duty to preserve (26.1(c)), and sanctions (Rule 37).  Category 2 proposes a more general preservation rule, while Category 3 only addresses sanctions as a tool for influencing behavior.  The three categories are discussed in more detail below.

Category 1: Specific Rule

This draft includes many different exemplary lists, alternative approaches, and footnotes that highlight the fact that one of the key challenges with drafting a specific rule is trying to foresee all of the challenges that might lie in the road ahead.  For example, the draft rule provides a long list of events that could trigger the duty to preserve evidence, including everything from serving a pleading to taking “any other action” in anticipation of litigation.   The rule also provides a list of information types that are “presumptively excluded” from the preservation duty, such as deleted data on hard drives, temporary internet files, and physically damaged media.

The lists are helpful in that they provide guidance.  However, each list also includes a “catch-all” provision to address scenarios that might not be foreseeable.  The inclusion of catch-all provisions highlights the inherent challenge of providing more clarity and certainty without creating rules that are so inflexible that they are difficult to apply to unforeseen factual scenarios or technological developments.  Some might argue that trying to provide a laundry list of examples will make passage of new rules difficult because each item on the list will stir debate.  Others contend that the lists add little value because the catch-all provisions will still require litigators to pass the sniff test of “reasonableness.”

Despite the inherent challenges related to drafting rules with specificity, most practitioners would likely support the inclusion of lists or examples that provide at least some direction.  What is likely to be far more controversial with respect to Category 1 is the use of alternative language proposing fixed limits around custodians and litigation holds.  For example, one alternative would limit data preservation requirements to a fixed number of custodians and the duty to preserve evidence would similarly expire after a fixed number of years.  Bright line rules like these may be easier to understand, but they also tend to be controversial since they lack the flexibility necessary to fairly address every conceivable situation.

Category 2: General Rule

Like the Category 1 proposal, the Category 2 proposal uses lists and outlines several alternative approaches throughout the rule.  However, the Category 2 proposal fundamentally differs from Category 1 by outlining a more general approach.  For example, one of the alternatives essentially states that the duty to preserve evidence is triggered whenever a “reasonable person” would expect to be a party to an action.  Similarly, the ongoing duty to preserve information after the duty has been triggered would be evaluated based on what is described as a “reasonable period” under the circumstances.

The beauty of this more general approach lies in its simplicity and flexibility.  The idea is that evaluating conduct based on the “reasonableness” of a person’s actions is much easier than attempting to draft bright line legal guidelines that account for every possible factual scenario.  The flip side is that reasonable minds could differ and results could be inconsistent if there are no bright line rules.  What this means in the context of the federal rule discussion is that one judge might find a party’s conduct with respect to data preservation efforts reasonable, while another judge might issue sanctions based on the same set of facts.  In large part, it is this lack of certainty and guidance in the current rules that sparked the current debate in the first place.

Category 3: Sanctions-Based Rule

Unlike the first two categories, the Category 3 approach focuses only on sanctions and would act like more of a “back-end” rule.  In other words, the rule would not contain any specific directives about preservation, but it would provide direction in the areas of when and how sanctions might be applied.

Despite the draconian image a “sanctions” based rule might conjure up, the Category 3 rule may seem surprisingly lenient to some.  For example, absent extraordinary circumstances, the court would be prohibited from imposing any of the sanctions listed in Rule 37(b)(2) or from giving an adverse-inference instruction unless:

“the party’s failure to preserve discoverable information was willful or in bad faith and caused [substantial] prejudice in the litigation.”

The sanctions based approach would almost certainly have an impact on how parties handle upstream preservation related issues.  However, the key ingredients that will impact what kind of behavior this rule drives are the severity of the threatened sanction as well as the applicable standard.  For example, a party facing severe sanctions for conduct that is either negligent, willful or in bad faith is likely to take their preservation obligations seriously.  On the other hand, if the realm of possible sanctions is trivial, parties are less likely to take their preservation related obligations seriously.

Conclusion

The three rule approaches represent very early attempts at framing possible approaches to amending the FRCP.  If the Discovery Subcommittee chooses to recommend rule amendments following the September 9th mini-conference in Dallas, the proposed language is likely to be closer to final form and easier to assess than the current proposals.  I will continue to monitor the rule making discussion and provide commentary in future posts.  Stay tuned for my next post where former US Magistrate Judge Ron Hedges explains why he thinks the rule changes are unnecessary and why the current proposals might run afoul of the Rules Enabling Act.

eDiscovery best practices, particularly practical ones, are hard to come by.  That’s why the Pilot Program of the 7th Circuit has been such a novel (and successful) undertaking.  As part of this program, judges, outside counsel and industry experts collaborated to practically deal with the many vexing eDiscovery challenges in the courtroom. By way of background, the 7th Circuit Electronic Discovery Pilot Program Committee was formed in May 2009 and was chartered to conduct a multi-year, multi-phase project to develop, implement, evaluate, and improve pretrial litigation procedures, which ideally would provide fairness and justice to all parties, while seeking to reduce the cost and burden of electronic discovery consistent with Rule 1 of the Federal Rules of Civil Procedure (FRCP).

The Committee, comprised of the most talented experts in the 7th Circuit, as well as experts in relevant fields of technology, promulgated “Principles Relating to the Discovery of Electronically Stored Information” (“Principles”) and a Proposed Standing Order by which participating judges could implement the Principles in the Pilot Program’s test cases.  Practicing lawyers wrote the Principles under the guidance of federal judges in Chicago, with the end result being a consensus from experts in the field of eDiscovery rather than a prescriptive approach dictated by the courts.  The Committee now has 80 members, including members from all 7 federal districts in the 7th Circuit and around the country, and is chaired by Chief Judge Holderman and Magistrate Judge Nolan of the Northern District of Illinois. The Principles provide a checklist of important considerations for the initial meet and confer conference, as well as even-handed rules regarding preserving and producing electronically stored information (ESI) that provide more granularity to the Federal Rules of Civil Procedure.

The 7th Circuit has been well-received, and evangelists are jumping on board in other Circuits, including the 9th Circuit.  Art Gollwitzer, a member of the 7th Circuit eDiscovery Pilot Program Committee, practices patent law, was key in the formation of the Principles notably the Preservation Principle 2.04, and now heads the National Outreach Committee for the 7th Circuit Program.  In a recent case, Joao Control & Monitoring Systems of California, LLC v. ACTI Corp., et al., Case No. SA CV10-1909-DOC, in the Central District of California, Art was pleasantly surprised to see language that he helped write in a draft ESI order handed out by the court to the parties for their consideration at the initial status conference.  “I was very happy to see the exact language that our committee drafted after many hours of discussion in the summer of 2009 in the court’s proposed order,” Art explained.  “We worked hard to reduce the cost and burden of electronic discovery and to prevent ESI discovery from turning into a game of ‘gotcha’.”

The goal of the National Outreach Committee is to spread the word about the 7th Circuit’s ESI Program and its benefits.  “We envision spreading the word through articles, speeches, and ‘grass-roots’ or word-of-mouth efforts,” says Gollwitzer. To that end, liaisons in each Circuit or even each district can talk to judges and encourage colleagues to propose that courts adopt the Committee’s principles in Rule 26(f) orders on a case-by-case basis.  “We also can describe the program and its principles at local bar associations and Inns of Court,” he explains.  “Finally, we can volunteer for local rules committees or comment on ESI proposals for local rules.”

With each jurisdiction having its own local rules and each legal community having its own flavor, the exercise of bringing all stakeholders into the process to contribute to the Principles is unprecedented.  Whether each Circuit starts their own Pilot Programs, or initially adopts the 7th Circuit’s Principles and then modifies as necessary, remains to be seen.  Either way, results from the 7th Circuit have been positive thus far, generating supporters nationally.  The hope is that courts and practitioners will start with these Principles in order to avoid a patchwork of ESI rules across the country.

The general consensus of the participating judges in Phase I of the Pilot Program was that the Principles were having a positive effect both on counsel’s cooperation with opposing counsel, and on counsel’s knowledge of procedures to be followed when addressing electronic discovery issues. The judges felt that the involvement of eDiscovery liaisons required by Principle 2.02 contributed to a more efficient and cost effective discovery process. Many of the participating lawyers reported little impact on their cases, presumably mostly because of the limited 6-month duration of Phase I. Those lawyers who did see an effect from the application of the Principles in their cases overwhelmingly reported that the effect was positive in terms of promoting fairness, fostering more amicable dispute resolution, and facilitating their advocacy on behalf of their clients. The Committee intends to present its Final Report on the 2-year Phase II evaluation at the 7th Circuit Bar Association Meeting in May 2012.

While most attorneys are following the guidance of Principle 2.01 (a) and (c), Duty to Meet and Confer on Discovery and to Identify Disputes for Early Resolution, it is barely the majority.  And curiously, a significant minority of attorneys acknowledged they had not familiarized themselves with their client’s information systems or had early discussions with their opponents about ESI preservation issues even though they were applicable in the case.

What does this suggest? For one thing, the landscape is improving – but there is still a long way to go.  Why would even a single attorney with a case in the Pilot Program ignore relevant ESI issues? One of the major problems with the vagueness of the Federal Rules was a lack of clear-cut guidance. Now, even though there is a Standing Order in the case providing guidance and Principle 2.01 (d) outlining sanctions that could be imposed for failure to comply, some lawyers still do not.

Every Circuit should be forming a Committee and bringing practitioners, judges and experts together to weigh in on these important ESI issues.  Fortunately, there is a successful model available with hard data.  The 7th Circuit’s Principles and Standing Order are a good place to start.

In past years we’ve covered Gibson Dunn’s Mid-Year E-Discovery Report which is always a good read, chock full of take-aways about the eDiscovery market.  In my mind, they do an excellent job of synthesizing the ever-expanding volume of case law and comparing those trends with historical averages.  This year’s report is no exception, and for those who don’t get to read all the cases, this is a stellar way to keep up on eDiscovery trends.  Without trying to summarize the entire 23 page document, there were a number of findings that stood out and should be perused by anyone with even a passing interest in the space.

Legal Holds/Preservation. As we all know, eDiscovery sanctions (at least here in the US) are critical business/legal drivers, particularly with regard to the legal hold area (which is the riskiest part of the EDRM).  As the Gibson report points out, the actual award of sanctions has remained relatively flat (56% in the first half of 2011 versus 55% for the full year in 2010) –  but, more important than this relatively stable metric, it’s very clear that the plaintiff’s bar has caught on to the ability to win cases by revealing shoddy (or just undocumented) legal hold procedures, even in some instances where data isn’t lost.  This is why the report notes a dramatic increase in the seeking of eDiscovery sanctions – 68 at mid-year 2011 versus 31 at mid-year 2010.  This doubling of attempts to pierce an entity’s legal hold regime should be a wake-up call to in-house practitioners and chief legal officers, since the attempt and success rates will likely only increase over time.

While there is still some considerable debate, at least for those following Judge Scheindlin’s Pension Committee logic, anything less than a formal, written legal hold policy is per se negligent.  Although it’s conceivable that  a reviewing court won’t use this rigorous standard, anything less formal will strike most organizations as simply too risky.  Ongoing compliance with the legal hold process is also another difficult task for many organizations, one which is considerably easier with an automated solution that is able to track acknowledgements and send reminders over time.  It’s all too easy for companies to think that once they’ve discharged their initial legal hold duty they’re in the clear – but as these obligations morph (with more custodians/data types) and elongate (from months to years) over time, keeping on top of the legal hold processes becomes that much more important.

Sanctions. The Gibson report also importantly points out that there’s currently a split in jurisdictions where some courts can levy sanctions for bad faith, while others can merely require proof of negligence.  Here, the important take-away is that a defendant entity doesn’t typically get to forum shop and therefore they can’t really tell which type of jurisdiction they’ll end up in as a litigant.  So, they need to build their eDiscovery processes to meet the high water (i.e., most rigorous) standard.  In most cases, it’s therefore prudent to be prepared to be sanctioned for merely negligent conduct – anything less can potentially be safe but that risk calculation needs to be considered carefully.

The other perilous part of the equation is that once sanctions are deemed warranted, the court has almost unlimited discretion to levy whatever blend of sanctions it thinks is appropriate.  In Green v. Blitz, for example, the court ordered a laundry list of sanctions, some of which were pretty unfathomable:

1. Defendant had to pay plaintiff $250,000

2. Defendant had to provide a copy of the court’s order to plaintiffs “in every lawsuit proceeding against it” for the past two years

3. Defendant had to file the court’s order in every case that it is involved in for the next 5 years

The bottom line is that sanctions, despite the fear factor, can be used to drive positive proactive conduct – namely in the shape of eDiscovery best practices.

Outside Counsel Duties. Here, the Gibson report notes that outside counsel’s Zubulake duties continue to increase over time, with a number of cases continuing the trend of holding attorneys responsible for ensuring that their clients properly implement legal holds, institute sound sampling protocols and conduct sufficient quality control steps.  This line of discussion can be useful when talking to outside counsel where we’re starting to see how their increasing responsibilities can lead to malpractice exposure, as seen in the recent McDermott case.

Search/Analysis. Lately there’s been a ton of buzz about predictive coding, but (despite the hype) it still doesn’t appear ready for prime time yet.  The Gibson report noted that there were no reported cases that addressed the use of predictive coding or other advanced search technologies.  My sense is that without some semblance of judicial approval or strong client backing, outside counsel (who are concerned about their malpractice exposure, per above) aren’t quickly going to be the first ones into the pool.  Unless an enterprise client demands that they use this type of technology, most will wait for judicial approval and that’s probably still a way off.  While next generation search technologies are more promise than reality right now, there is still a mandate to implement a defensible search methodology.  These are needed initially to demonstrate transparency in the eDiscovery process and to then withstand the challenges levied by counsel in the case of an inadvertent production.

In sum, the Gibson report shows the ongoing maturation of the eDiscovery space.  But, any niche market led by case law and/or attorneys deciding to adopt new technologies won’t be quick to change.  In many instances, therefore, the best practices will be decided a combination of standards bodies and vendors who are being pushed by their more forward thinking clients to get and stay on the cutting edge.

Is there a place in eDiscovery today for hard drive imaging and bit by bit copies, which collect deleted items or slack/unused hard disk space?  The answer is yes with some important limitations.  For the vast majority of matters, ESI can be collected without imaging drives or utilizing proprietary container files.  However, I occasionally still encounter folks who are victims of the dated and costly misconception that eDiscovery always requires the bit-level imaging of hard drives.

There are situations, though, where the existence of data (as opposed to its content) is central to the matter – when companies suspect employees of stealing proprietary information or when employees leave a company under suspicious circumstances.  In these and other similar situations, it may make sense to have the employee’s workstation hard drive imaged for full forensic analysis.  Even in these scenarios, I find that companies are more likely to hire an external investigator to perform this task to allay suspicions of tampering or bias, and the company generally would prefer that this investigator be the one to testify about this sensitive data acquisition.  Then, for ESI beyond the target employee’s hard drive, other collection methods may be used.  As we’re now midway through 2011 – a year in which I expect to see eDiscovery fully embraced by many corporations as a true business process – I wanted to analyze why the forensic disk image myth still exists, where it came from, and what the law really requires of an eDiscovery collections process.

Traditionally, cases that mentioned full forensic imaging of hard drives began their captions with United States v. or State v. because they were criminal matters.  In traditional civil litigation – even the behemoth eDiscovery cases that get all the bloggers blogging – forensic imaging simply is not required or needed.  In fact, in most cases, it will dramatically increase the cost associated with electronic discovery – this process adds unnecessary complexity in downstream phases of eDiscovery and leads to vast over-collection.  Why collect the Microsoft Office suite 50 times when what you are really required to preserve and collect are the files created with those programs?  When using disk imaging, program files are collected which drives up storage costs and requires the post-collection step of deNISTing (removing system files based on the NIST list).  Why not leave those system files behind and perform a targeted collection of only user-created content?    In addition, the primary rules governing civil litigation – the Federal Rules of Civil Procedure and Federal Rules of Evidence – simply do not require exact duplication of electronic files.  I am amazed that there are so many experts who are still pushing full forensic imaging and duplication in every case.  In fact, this goes against best practices published by The Sedona Conference, EDRM, and in the E-Discovery textbook co-authored by Judge Shira A. Sheindlin.

In comment 8c of the Sedona Principles, the authors call making forensic image backups of computers “the first step of an expensive, complex, and difficult process of data analysis that can divert litigation into side issues and satellite disputes involving the interpretation of potentially ambiguous forensic evidence.”  The comment goes on to say that “it should not be required unless exceptional circumstances warrant the extraordinary cost and burden.”  In a whitepaper authored for EDRM by three eDiscovery experts from KPMG, LLC, the authors discussed the high cost of forensic bit-level imaging and, instead, suggested that targeted collection of ESI would be sufficient in the vast majority of non-criminal matters.  They state, “[t]he challenge of Smart EDM [Evidence and Discovery Management] is to obtain targeted files in a forensically sound manner – chain-of-custody established, proven provenance, and metadata intact – without having to resort to drive imaging.”

In Electronic Discovery and Digital Evidence: Cases and Materials, written by Judge Shira A. Scheindlin, Daniel J. Capra, and The Sedona Conference, the authors state that,

“because imaging software is commonly available, and because the vast majority of training programs in the field of electronic discovery revolve around forensics, there is a growing tendency to want to ‘image everything.’  But unless an argument can be made that the matter at hand will benefit from a forensic collection and additional examination, there is no reason to do a forensic collection just because the technology exists to do it.”

So, with the top experts in the field saying the days of “image everything” should be over, why does it still happen?  Why are the victims of this antiquated workflow still paying the exorbitant costs of a solution that does not really meet their requirements?  Perhaps a historical perspective will be helpful in explaining.

Why Drive Imaging and Proprietary Containers?

I do not think there is any debate on the benefit of having a bit-level image of a hard drive in a criminal investigation.  However, traditionally, the investigators using these methods needed a way to get the imaged drive safely back to a lab for further analysis.  Companies or law enforcement agencies that hired third-party investigators to image drives had to transport the data, maintaining chain of custody, and preserving all contents in an un-alterable state through several phases of the investigation.  And, in criminal matters, it was especially important to maintain the integrity of the evidence when the electronic evidence was central to the government’s case.  Remember, the burden of proof in a criminal matter is “beyond a reasonable doubt” (along with a host of constitutional considerations).  Alteration of key evidence could certainly create reasonable doubt and hose the prosecution’s case (or, worse, the evidence gets tossed by the Court before the trial even begins).  The container file ensures that no matter who handles the evidence, checksums can prove that the contents were not altered since the initial imaging.

Many vendors now offer logical image containers as an alternative to doing a full bit-level image of the drive.  However, in corporate eDiscovery, this is still overkill because the tools and solutions being used downstream still have to unpack or parse these proprietary container formats for processing and analysis.  In fact, even software from the vendors who created these container formats must “crack them open” to get to the contents within.  This seems to add a layer of complexity that has not been needed since the days of the external examiner coming in with her forensic toolkit to do drive images. The format was created to solve a very specific problem, and little thought was given to the use of this format in a holistic process like what is typically seen in civil eDiscovery.   There is no longer a need for a container for portability of evidence because it is most likely going to be processed in place after collection while residing on a secure evidence store on the company’s network.  I have heard “what if our collections methods are challenged?”  And to that, I would respond that we are not in criminal court and that the requirement in civil court is reasonableness, not perfection.  Now, if an employee is suspected of wrongdoing and the potential deletion of files will dramatically alter the case, then by all means, hire a forensic investigator and follow all of the protocols established over the last several decades in computer forensic science.

Fast forward to the 21^st century

Corporations are bringing eDiscovery in-house; they are building a business process around it to minimize risk and drive enormous cost savings, and in today’s world of civil litigation, there simply is not a need for these drive images or proprietary containers.  First of all, the burden of proof in a civil matter is “by a preponderance of the evidence.”  What this means is that the burden is satisfied if there is greater than 50% chance that a proposition is true.  This is a much lower standard than in criminal cases.  But, burden of proof goes more to the weight evidence is given by the court or jury.  Before that is even considered, evidence must pass several hurdles of admissibility.  As we will explore, these standards of admissibility have also been the recipients of significant bolstering from vendors over the years.

The Path to Admissibility

There are several hurdles to admissibility for any type of evidence, and because they are not within the scope of this post, I will forego any discussion of relevance, FRE 403, or the hearsay rules.  I will focus on the issues that tend to be associated with electronic evidence: authentication and the “best evidence rule”.  There are some examiners and perhaps even vendors that would argue electronic evidence is simply not admissible if not collected using bit-level imaging (and sometimes 2 copies – one that is referred to by examiners as the “best evidence” copy and another “working copy” to be analyzed).  This is simply not true.  What we will find is that the collection method will go more to the weight of the evidence rather than the minimum showing needed for admissibility (hence, the discussion of burden of proof above).

All evidence must be authenticated pursuant to FRE 901.  This is a “don’t pass Go” threshold requirement for admissibility.  FRE 901 is satisfied by “evidence sufficient to support a finding that the matter in question is what its proponent claims.”  Notwithstanding a “self-authenticating” piece of evidence pursuant to FRE 902, the proponent must establish the identity of the exhibit by stipulation, circumstantial evidence, or the testimony of a witness with knowledge of its identity and authorship.  Typically, objections to this process would tend to go toward whether the exhibit is an original, was altered, or the witness with whom the proponent is attempting to authenticate the exhibit is not able to so based on lack of personal knowledge or some other defect.  Mostly these objections deal with the authenticity of the contents of the exhibit, and the rules in Article X of the FRE are helpful here.  Rule 1001 defines an “original” with respect to data stored in a computer or similar device as “any printout or other output readable by sight, shown to reflect the data accurately.”  This is a far cry from a bit-by-bit forensic image!  Rule 1002 – often referred to as the “Best Evidence Rule” – requires that “[t]o prove the content of a writing, recording, or photograph, the original writing, recording, or photograph is required, except as otherwise provided in these rules or by Act of Congress.”  Not only do these rules not require exact duplication of the electronic files, but they do not require imaging the entire 80GB hard drive to collect the 100MB of files that are potentially relevant to the case.  What they do require, though, is the ability to show that a document being proffered is the same document that was originally created.  In Re Vee Vinhnee, 336 B.R. 437, 444 (B.A.P. 9th 2005). Also, Judge Grimm sets out an extremely comprehensive analysis of what is required for the admissibility of electronic evidence in civil litigation in Lorraine v. Markel American Insurance Company, 241 F.R.D. 534 (D.Md. May 4, 2007).  In Lorraine, he notes that In Re Vee Vinhee may set out the most demanding test for admissibility of ESI.

Maintaining Forensic Integrity

So, how do I combat the claims that “they must have altered that document” or “Your, honor, I swear that line about ‘acceptable losses’ was not in the safety memo when I created it”?  This is where hash value becomes a wonderful thing.  Computing the hash of an electronic file, or computing a hexadecimal checksum based on analysis of the contents of an electronic document, is essentially like recording the DNA of an electronic file.  If the file is altered, its hash value would be different.  So, by computing the hash value at the source, in transit, and at the destination, I can ensure that the electronic file is in exactly the same state as it was at the source (or, that the collected document is the same as the document originally created).  Now, add the ability to report on that information and those container files and full forensic disk images really do become extreme overkill.

The important distinction here is that the term “forensic” does not refer to a type of technology or the products of a specific vendor – despite claims and propaganda to the contrary.  Forensic refers to the methodology used by the person collecting the evidence – whether it is finger prints from a weapon or electronic files from an employee’s laptop.  Forensic imaging, however, refers to the process by which an entire hard disk is copied bit by bit to create an exact duplicate of that hard drive in a forensic manner.  It is entirely possible for a collection of ESI to be “forensically sound” by simply employing the technique described above of taking hash values at each stage of the process to be able to prove that the files were not altered during collection.  As long as chain of custody is also maintained (much easier to do now that we are not using multiple tools, vendors, locations, and people to do the job), then the process should meet the threshold admissibility requirements of the Federal Rules of Evidence.

Opponents will still bring up claims that the evidence must have been altered, or the expert familiar only with forensic imaging technologies will try to use the argument that only vendor X’s technology is “court vetted,” so any other method is not acceptable.  But, to these opponents, I would argue two points:

1. No technology is “court vetted”.  The operator’s use of the technology in the specific case (in a specific jurisdiction) was acceptable to the court to meet the threshold showings required by FRE 901, 1001, and 1002 – as well as any rules of procedure governing the production of discovery in either a civil or criminal matter.  Wow – that would be a very long footnote on a marketing slide…probably why it is not usually mentioned.
2. The process is forensically sound, and you can prove that the documents were not altered from collection through production by referencing the hash value and maintaining copies of the original native files analyzed on a secured preservation store.  This would exceed the requirements of FRE 901, 1001, and 1002 – but would provide protection against claims going to the “weight” of the evidence by opponents who would cry foul.

What Now?

So, where does all of this leave us?  First, in the vast majority of civil litigation matters where electronic discovery is being performed, forensic bit by bit imaging of computer hard drives is simply not required.  Vendors have promoted this practice over the years, but all this has done is over-complicate the eDiscovery process for many unsuspecting litigants and dramatically increase costs because the model simply does not scale.  Moreover, the effort and cost required to deal with these full drive images downstream in the process is often overlooked by these vendors and overzealous consultants.  Next, we now know there is a better way – targeted, forensically-sound collection of ESI using streamlined and automated solutions that maintain custodian relationship – even for shared data sources – throughout the eDiscovery lifecycle, preventing form of production disputes and other calamities that have plagued this industry for the last decade.  There is a better way to collect ESI that will provide exponential cost savings all the way to production.

Today, I am delighted to report that Clearwell Systems has become part of Symantec. We have, of course, been working closely together since obtaining regulatory approval for the acquisition last month, but this makes it official: Symantec can now offer customers Clearwell’s market-leading eDiscovery platform as well as its market-leading Symantec Enterprise Vault archiving solution. We are excited to be part of the Symantec team, and to work alongside so many talented people to create the next generation of eDiscovery and information governance solutions.

There are already a large number of joint customers using the Clearwell and Symantec solutions as part of an integrated eDiscovery and archiving workflow, and we are well underway towards building more robust integration between Clearwell and Symantec Enterprise Vault. In updating our product roadmaps, all our decisions are guided by feedback from customers who have told us over and over again that they want to:

• Reduce costs across all phases represented in the Electronic Discovery Reference Model, from information management through review and production
• Reduce risk by improving the defensibility and repeatability of their archiving and eDiscovery processes
• Streamline their end to end archiving and eDiscovery lifecycle to meet legal and regulatory deadlines
• Start managing information and conducting eDiscovery in as little as one day; whether on-premise, as a hosted solution or in the cloud
• Meet their enterprise-wide archiving and eDiscovery needs, whether they have less than 25 to more than one million users

As we’ve discussed before, our plan as part of Symantec is to deliver a seamless, integrated archiving and eDiscovery management workflow that benefits all our customers. To keep everyone in the loop, we will continue to post updates and answer questions on the integrated product portfolio here and on the Symantec eDiscovery blog.

For more on the acquisition, and the response from our customers, partners and the industry at large, visit: http://www.symantec.com/clearwell.

Very soon, Clearwell Systems will become part of Symantec and cease to exist as an independent company. This will bring to a close 6 ½ wonderful years, during which Clearwell has grown from the two founders into a profitable, 240-person company. All told, our team has shipped 6 major versions of the Clearwell E-Discovery Platform, signed over 400 customers and 75 partners in 14 different countries, and become widely recognized as leaders in our industry. As a result, Clearwell’s valuation has increased from effectively zero to the $410 million which Symantec is paying our shareholders to acquire the company, making this by far the largest acquisition of an e-discovery software company to date.

For 6 of Clearwell’s 6 ½ years in existence, it has been my privilege to lead the company as its CEO. These have been, by far, the most rewarding, stressful, exhausting, and exhilarating years of my career. So in this, my final blog post, I would like to reflect on how we got here, and take this opportunity to thank some of the many people who made it possible.

***

In my view, there’s no single thing that makes a company successful. Rather, it’s a distinctive mixture of the right idea at the right time, executed the right way, by the right team, which gets the right lucky breaks and is propelled forward ahead of the competition by surging customer demand. That, in summary, is the story of Clearwell.

Right idea at the right time:

In the early days of a company’s life, when there’s no product and no hint of a customer, the only thing that you have is the idea. This is not the specific idea of what the company will do (that comes later); it’s the idea that there’s a huge change, a shift in the tectonic plates, that creates the opportunity to build a substantial new company. Much of this is about timing. Many changes are obvious over a 10-year timeframe, but it’s very hard to gauge which of them will occur in the 2-4 years that investors are willing to fund a startup venture.

The founding team at Clearwell was attracted by two big trends which combined to produce a profound change. One trend was that, by the mid-2000s, almost all communication within an organization had started to flow through email, as opposed to voicemail, memos, or hallway conversations. The other was that storage costs had fallen to the point where it was almost free to store all the email that people were generating. We realized that these two trends in combination had resulted in the creation of a user-generated written record of everything happening within an organization – something which had never existed before. Our hunch was that there had to be some way of unlocking value from this written record, while still respecting privacy.

Executed the right way:

We came to Clearwell with very specific ideas about how to build a world-class software company. These are too numerous and varied to capture here, but I will give you a few examples. In product development, we have always sought to build our enterprise products as if they were consumer products, so we made sure that they are intuitive and easy to use without any training. We designed them with the sales process in mind, by making them very easy to install and evaluate, so that prospects can try them out for free prior to purchase.  When it comes to marketing, we sought to promote a better way of doing e-discovery, rather than just pitch features, by championing the importance of early case assessments (ECA). With respect to pricing, we made the entry-point price as low as possible to encourage adoption, and pegged it to a metric that scales in line with value.  Strategically, we chose processing, analysis, and review as our entry point into the e-discovery market, because that’s where software provides the biggest, most immediate ROI.

In every area of the business, we brought a distinctive approach, all centered around our view of the ideal customer experience – the experience we would want to have, if we were our customers.

Right team:

The standard playbook for recruiting is to hire people who have done it before, ideally in the same domain. We took a different approach, and instead hired primarily based on personal qualities. Some of our team had no prior experience in enterprise software; many (including me) had never worked in e-discovery before coming to Clearwell. But we all share one thing in common: a relentless drive to win in the marketplace by building better products and providing better service than anyone else.

That hunger to win will trump experience every time. It’s the reason why engineers work through the weekend to resolve customer issues without being asked, or why a salesperson will travel 4 days out of every week to call on customers. It’s something that gets built into the company culture and then self-perpetuates. Our team tripled in size in the space of 18 months, and I never cease to be impressed by the fresh ideas and boundless energy coming from the new generations of “first-timers”.

Right lucky breaks:

Every successful company needs the rub of the green, and there have been many occasions when I’ve marveled at our good fortune. But perhaps our biggest break was that the Federal Rules of Civil Procedure (FRCP) changed for the first time in 38 years in December 2006, defining rules for the treatment of electronic information in the courts. This accelerated the movement from paper to electronically stored information and coincided perfectly with our entry into the market, drawing us into the electronic discovery domain.

Surging customer demand:

It’s an amazing feeling when you achieve “product/market fit”, as we did at the beginning of 2009. The user community among law firms and litigation support firms embraced our technology for ECA, taking our user base from hundreds to thousands. Enterprises woke up to the money that could be saved by bringing electronic discovery in-house, proactively issuing RFPs and creating new positions specifically responsible for e-discovery. Federal agencies began to adopt e-discovery solutions to sift through the vast quantities of data coming to them as part of their regulatory and investigative duties. Essentially, e-discovery became a core business process, just like finance, sales or HR – it became something that every organization had to do. And just as other departments use applications like salesforce.com (sales), Success Factors (HR), or NetSuite (finance) to manage those business processes, so it was that legal departments realized that they needed an application like Clearwell to manage the e-discovery process.

All of a sudden, the business accelerated, sales took off, and we felt ourselves being pulled in every direction at once. In response, we expanded our platform, moving from 1 product to an integrated platform of 4 products; and, we increased our geographic coverage by building out the sales team across North America and establishing beachheads in Europe and Asia. The Clearwell team worked around the clock to respond to customer demand, while at the same time recruiting and training as we added people at a furious pace. We learned that hyper-growth can be painful, but in a good way.

***

When things go well, the CEO often takes a disproportionate share of the credit. I must confess, it would be nice to think that the company’s success is due to some kind of brilliance or magic touch on my part, but the reality is quite different. This has been a team effort from beginning to end and there is a very long list of people who deserve recognition. It’s impossible to capture them all, but I’m going to do my best, by saying a heart-felt “thank you” to:

• Venkat Rangan and Charu Rudrakshi who started the company, raised the first round of funding, and set the DNA of the engineering team;
• Jim Goetz at Sequoia Capital who acted more as co-founder than investor in the company’s first year, and has since been incredibly supportive of the management team;
• Tom Dyal at Redpoint Ventures for his support and insightful advice on strategy; Bill Coughran at Google for helping us think through how best to scale engineering; John Dillon at EngineYard for teaching me what it means to sell software; and, Scott Dettmer at Gunderson Dettmer for his finesse and deft touch in managing the most delicate negotiations;
• Andy Byrne, Anup Singh, Kamal Shah, Ryan Snyder, Soumitro Tagore, Trevor Eddy, and Venkat Rangan for creating a truly outstanding management team built on trust and mutual understanding – it is quite remarkable that in 6 years, the company has only ever had 1 VP Business Development, 1 CFO, 1 VP Marketing, 1 VP Sales, and 1 CTO;
• Amar Laud, Amy Johnson, Andy Kashyap, Aruna Mantripragada, Bill Duffy, Brandon Cook, Cat Lee, Chitrang Shah, Cris Barrett, Dave Fraleigh, David Speicher, Dean Gonsowski, Donna Hui , Doug Kaminski, Ed Hinton, Jason Montgomery, Jason Reeve, Joe Schwartz, Krista Jones, Kurt Leafstrand, Malay Desai, Manish Sampat, Mark Wentworth, Mike Lee, Peter McLaughlin, Sangeeta Relan, Sean Wilcox, Steve Rapp, Subbu Gooty, Teddy Cha, Tom Kennedy, Tom Wells and Umair Hamid for being the leaders who have really defined the company, and without whom we would never have got anything done;
• Clearwell “Class of 2005” for their super-human efforts in shipping Version 1 and launching the company; Clearwell “Class of 2006, 2007 and 2008” for tirelessly iterating until we cracked the code for a profitable business model; and, Clearwell “Class of 2009, 2010, and 2011” for driving the huge expansion of our operations, both in the US and overseas;
• John Petruzzi from Constellation Energy, Joe Tawasha from Charles Schwab, Don McLaughlin from Qwest, Pallab Chakraborty at Oracle, Jesse Hartman at the Department of Health and Human Services, and Ron Best at MTO for being bleeding edge customers who took a chance on a fledgling technology;
• Jeff Fehrman from Onsite; Greg Mazares, Keith Lieberman and the infamous Taylor brothers at Encore; and Paul Tombleson at KPMG UK – for being the first service providers to embrace Clearwell’s technology;
• Debra Logan and John Bace at Gartner; Barry Murphy and Greg Buckles at eDiscovery Journal; Brian Babineau and Katey Wood at ESG; Brian Hill at Forrester; Chris Dale of the eDisclosure Information Project; George Socha and Tom Gelbmann; Nick Patience at 451Group; and Vivian Tero at IDC – for doing so much to help define e-discovery software as a space and make it intelligible to end-customers;
• Deepak Mohan and Brian Dye at Symantec for sponsoring an acquisition that will massively accelerate the adoption of Clearwell’s technology; and,
• Finally, Enrique Salem and the entire Symantec M&A and Integration Teams for giving us such a warm welcome into the Symantec family.

***

It has been a remarkable journey. I feel proud, and humbled, to have been a part of it.

Clearwell just announced major enhancements to our Identification and Collection Module that together usher in a new generation of targeted collection capabilities for e-discovery. Why are we excited about this? Because it promises to provide our customers with a dramatic increase in their ability to perform quick and efficient collections across the enterprise with a small fraction of the cost and effort traditionally required.

Before Clearwell, vendors could only rely on building their own indexes when attempting to collect content by keyword from unstructured document sources. They did this in one of two ways.

The first method was to build one-off indexes with each collection, indexing content and then discarding the index after collection is complete. This minimized the amount of infrastructure required to maintain the index, but was painfully slow and wasteful of computing and network resources. These sorts of solutions came from vendors who originally focused on the forensic investigation side of the world, whose tools had been designed around small-scale collection from individual devices and hard drives. Unfortunately, they simply don’t scale to meet the demands of today’s large enterprises with their ever-increasing data volumes.

The second method was to attempt to create an uber-index of all of the information in an enterprise and keep it continually updated so that it would be ready at a moment’s notice for your collection needs. This approach proved to be incredibly challenging to implement, required a huge amount of infrastructure to maintain, and, worst of all, didn’t really work: creating the uber-index, as it turns out, was uber-difficult.

In talking with hundreds of customers over the last couple of years, we realized that there was a better “third way,” which combined the lightweight nature of the first method with the comprehensiveness of the second. How? By leveraging the indexes that enterprises already have in place. From comprehensive, robust archiving solutions like Symantec Enterprise Vault to the fully-searchable indexes found on Microsoft SharePoint, Exchange, and file servers, the way of finding the information you need quickly for e-discovery is, by and large, already out there. It’s simply a matter of building an e-discovery platform sophisticated enough to leverage those indexes and, when necessary, be intelligent enough to build its own when not available from another source. That’s exactly what we’ve done with Clearwell’s targeted keyword collection feature.

One of the most exciting things about this approach is that, while it works great for today’s enterprise information infrastructure, it is perhaps even more powerful in tomorrow’s. As your company’s information stores gradually shift toward the cloud, leveraging the indexes in the cloud becomes essential to being able to access the information that lives there in a fast and efficient manner. It’s simply not feasible to be able to use the “one-off” or “uber-index” approaches when data is living in a cloud infrastructure, since data access rates are often slower because they are occurring over a wider-area network.  Last year, Clearwell was the first e-discovery platform to support direct access of cloud Exchange and SharePoint environments, and now with keyword collection we have made another great stride forward in achieving our customer’s vision for next generation e-discovery. And there’s still more to come as we accelerate our product development by integrating with Symantec’s world-class information management team. Stay tuned!

The electronic discovery world is buzzing about the malpractice case filed again Amlaw 100 firm McDermott Will & Emery.  There are a few good summaries here and here, but the gist of the complaint is that McDermott failed to properly supervise the electronic discovery efforts for their client J-M Manufacturing (J-M) in response to a qui-tam investigation.  According to a lawsuit filed by J-M in a California state court, McDermott inadvertently produced 3,900 privileged documents that were handed over to the federal government (and subsequently to a 3^rd party).

In terms of the nitty-gritty, the complaint alleges that McDermott used electronic discovery vendor Stratify (formerly part of Iron Mountain, now absorbed into Autonomy) to process and host the data.  Then, McDermott apparently retained a bevy of contract attorneys to review collected ESI from the 160 custodians, ultimately producing 250,000 documents that were presumably relevant, but not privileged.  The complaint contains the following particulars:

“12. Defendants owed PLAINTIFF a duty to render legal services competently. Defendants breached that duty by, inter alia, producing privileged documents to parties adverse to JME in litigation without obtaining its informed consent, failing to supervise attorneys and vendors MWE contracted with to perform the review and production of documents, and charging JME fees and costs for performance of such work that was not properly performed, or not performed at all.”

Surprisingly, this entire discussion is about a mere complaint filed against a large firm, who assuredly will wage numerous procedural challenges.   Thus, it’s questionable whether this case even sees the light of day.  So, why is it showing up on the radar of so many experts and pundits?  First of all, as Ralph Losey notes:

“This malpractice suit is an important and widely talked about event because it represents the first time, to my knowledge, that a law firm has been sued for e-discovery malpractice. We have all been waiting for this to happen. It was inevitable.”

But, novelty alone doesn’t usually make headlines, unless where there’s also smoke there’s probably fire.  Given the rise in electronic discovery sanctions against counsel, it has long been a fait accompli that a corporate client who experienced spoliation sanctions or an inadvertent production would start pointing fingers at other participants in the process, including the law firm that directed the e-discovery effort or the service provider who hosted the review process.  A recent Duke article noted that “[c]onsistent with the overall increase in sanction cases,…counsel sanctions for e-discovery have steadily increased since 2004.”  The article identified various levels of misconduct as the basis for counsel sanctions — “four cases involved negligence, seven cases involved gross negligence, nine cases involved reckless disregard, and ten cases involved intentional conduct or bad faith.”  Significantly, the article also noted that sanctions can be based on the “counsel’s personal execution of discovery tasks or on the counsel’s role in coordinating and overseeing the client’s discovery.”  That latter element seems to be the case with the claims against McDermott, and coupled with an inadvertent production (the third rail of electronic discovery) it doesn’t seem too shocking that a malpractice action would get filed.

This lawsuit does serve as a cautionary tale for those firms that continue to do things the old fashioned (i.e., 1.0) way.  While not an exhaustive list, this means some or all of the following: employing custodian self collections, using blind key word searches, failing to do sufficient data sampling (at the search and production phases), opting to not utilize early case assessment approaches, lack of search strategy and iteration, failing to optimize the review process, etc.  Surprisingly, old school approaches to electronic discovery are staggeringly common.  In fact, I’ve recently talked to some well traveled practitioners who’ve actually felt like their firms have gone backwards in recent years as prices for basic, block and tackling e-discovery services have plummeted.

If nothing else, we know that attorneys are hyper vigilant about their malpractice insurance.  And, it’s not too hard to see how premiums may go up with increasing e-discovery claims, successful or not.  So, while it’s unclear what will happen to McDermott, if it can happen to an Amlaw 28 firm (with roughly 1,000 lawyers) it can probably happen to any firm who’s not being as diligent as they should.

As a final note of supreme irony, McDermott will likely have to conduct electronic discovery as they defend their electronic discovery malpractice claims.  I wonder if they’ll use Stratify and outside contract attorneys.  I’d guess not.

According to a complaint filed by the U.S. government, the FBI secretly recorded an employee at one of Apple’s suppliers passing confidential information about the soon to be released Apple iPad in an October, 2009 telephone conversation.  The recording, along with other evidence, led to the arrest of the employee and others on charges on of wire fraud and conspiracy to commit securities fraud on December 16, 2010 as part of a major insider-trading investigation.  In the conversation, a director for Flextronics named Walter Shimoon is heard saying:

“they [Apple] have a code name for something new … It’s … It’s totally … It’s a new category altogether… It doesn’t have a camera, what I figured out. So I speculated that it’s probably a reader. … Something like that. Um, let me tell you, it’s a very secretive program … It’s called K, K48. That’s the internal name. So, you can get, at Apple you can get fired for saying K48.”

Four months later, the first Apple iPad, code named K48, was unveiled to the public.    To read more about the case background, read the press release issued by the U.S. Attorneys’ Office on December 16, 2010.

The case is interesting from an eDiscovery standpoint because it highlights challenges related to finding critical evidence as part of an investigation or lawsuit when people are intentionally using code words to hide information.  Finding or overlooking important documents that have been disguised can make or break your case, so determining whether or not key players are using code words is an important part of a thorough investigation.  Equally important to the investigation is segregating relevant and irrelevant documents quickly before key evidence is lost or destroyed without being required to conduct a painstaking page by page review of each document.

How Does Technology Help?

The good news is that even though technology innovation has resulted in massive data growth requiring the review and analysis of more documentary evidence during lawsuits and investigations, advances in eDiscovery technology have also made sifting through this information faster and easier.  In other words, technology can help solve the data growth problem technology created.

One of the newest advances is the use of “transparent concept search” technology to find important electronic files in lieu of basic “keyword” or “traditional” concept searching technology.  In many situations investigators or lawyers simply aren’t aware code words are being used to hide activity, so critical evidence is often overlooked.  For example, in the present case assume the investigator is unaware that “K48” is the internal code name used for the first iPad.  A simple keyword search for the term “iPad” may not retrieve critical documents about the “iPad” because the code name K48 is being used to disguise the product name.  If this is the only search methodology used, information could easily be overlooked during the investigation due to the limitations of simple keyword search technology.

On the other hand, running the same search using a traditional concept searching tool is likely to retrieve documents containing the word “iPad” as well as other conceptually related documents.  The problem is that the user has no ability to control the breadth of the search using traditional concept searching technology.  That means even though a traditional concept search for the term “iPad” is likely to include documents containing the term “K48” and “iPad,” it is also likely to retrieve a large number of irrelevant documents containing terms like “iPod, iTouch and iTunes that may appear to be conceptually related to the search term “iPad.”  The problem may seem trivial initially, but when investigators are required to read hundreds or thousands of irrelevant documents about the iPod, iTouch or iTunes in an effort to find relevant documents about the iPad, the time and cost of the investigation can skyrocket.

Next Generation Transparent Concept Search Technology

To solve this problem, next generation transparent concept search technology takes traditional concept searching a step further by empowering investigators to reap the advantages of traditional concept searching while actually reducing instead of increasing e-discovery expenses.  The secret is that transparent concept searching technology significantly reduces the time and expense resulting from over-inclusive document retrieval by allowing users to eliminate documents containing concepts that are not relevant to the intended search.  This is accomplished by providing a transparent view of concepts related to a search so that users can actually visualize and select (or deselect) the range of concepts to be included in a search before the search is executed.

For example, using transparent concept search technology to search for the term “iPad” would reveal conceptually related terms like “K48” just like traditional concept searching.  However, a transparent concept search would also provide a list of all concepts related to the keyword “iPad” prior to the search such as “K48, iPod, iTouch, Shimoon, iTunes, etc.  Prior to executing the search, the user could de-select irrelevant concepts and limit the search to “iPad”, “Shimoon”, “internal” and “K48” to make sure only the most relevant documents are retrieved. (See Figure 1).  In addition to decreasing the cost associated with segregating relevant and irrelevant documents, the transparent approach to concept searching results in strategic advantages for investigators and legal teams because the most relevant evidence is found quickly so cases can be assessed faster, with more accuracy, and before evidence disappears.

Figure 1: Transparent concept search reveals all concepts related to the keyword “iPad” so users can not only identify key documents they may have otherwise overlooked, but they can also select which concepts (“internal” “K48” “Shimoon”) to include in the search so only the most relevant documents are retrieved.

Conclusion

Not knowing what to search for as part of eDiscovery or investigations is often the biggest organizational challenge that basic keyword and traditional concept search technology has not been able to solve.  Next generation transparent concept search technology overcomes the inherent limitations of basic keyword and traditional concept searching technology by empowering users to uncover, assess, and review evidence faster and with more accuracy, thereby giving litigators or investigators new strategic advantages on every case.