e-discovery 2.0

August just wouldn’t be August without lazy days at the beach spent playing in the sand, frolicking in the surf, and immersing yourself in the LTN executive summary of the latest Socha-Gelbmann Electronic Discovery report (in this case, the hot-off-the-presses 2010 edition).

Even with the lure of the big waves beckoning you out into the water, if you follow electronic discovery you likely have a hard time pulling yourself away from the report, and this year is no exception. In fact, this year’s report is especially insightful, as George and Tom seem to have done a particularly impressive job of getting the pulse of not just what’s going on in the law firm and service provider parts of the market, but the enterprise as well.

This is a big change from just a couple of years ago. Go back and review the executive summary from 2008, and you’ll notice a very different feel to the findings. In 2008, much of the talk was around the dynamics of the service provider market, with relatively little discussion of trends related to the e-discovery process and technological innovation in the space. In 2008, it felt like e-discovery was something you had other people do for you: the word “consumer” appeared 12 times in the executive summary. In 2010, two short years later? Just five times. Why? The language may be telling. “Cost” appeared seven times in the 2008 report. In the 2010 report? 16… more than twice as often.

What seems to have happened is that the recession has been something of a refining fire for the electronic discovery market. In order to reduce costs and manage risks, enterprises are behaving much less like consumers and more like real customers with skin (and money) in the game. Not surprisingly, they’ve gotten extremely aggressive about bringing  innovative cost-containing measures to bear on the process. Socha and Gelbmann highlight three:

• More targeted preservation and collection of ESI
• More focused review and analysis of the data
• More effective use of technology to speed up the efforts, improve quality, and reduce costs

This is great news for innovative software companies in the e-discovery space — and their customers. What one would expect to occur in a maturing market is that it would move from a period of rapid innovation to a lower-innovation, consolidation phase. However, that’s not the case here. While there is consolidation occurring,  what’s remarkable about e-discovery right now isn’t really all the acquisition press releases in your twitter feed (mainly from vendors saddled with prior-generation point solutions who are trying to acquire their way toward a complete offering). Rather, it’s how leading enterprises are increasingly seeking, and finding, cutting-edge solutions to solve cost, efficiency, and risk management problems associated with e-discovery that simply weren’t available prior to the meltdown.

As in-house legal and IT e-discovery spending starts to gain steam, look for enterprises purchasing in-house solutions to demand many of the innovations that have been developed over the last couple of years (most of which are highlighted by the Socha-Gelbmann survey):

• Targeted collection: Products better able to strategically target the collection of ESI, rather than attempting to boil the ocean, are more suited to the mindset and approach of cost-conscious enterprises
• Iterative discovery: Products that are able to provide “to the left” functionality while still providing enterprise-class, intuitive processing, analysis, review, and production functionality
• Support for small and big cases: In discussing “small is the new big”, Socha and Gelbmann highlight how “the aggregate of small cases dwarfs the combined large cases.” Successful products must simultaneously handle high numbers of smaller cases while still scaling to the largest matters
• Integrated analytics: Products must bring to bear powerful analytics across all stages of the e-discovery process, focused not just on document review, but also looking at aggregates of data from many different angles and allowing you to see the big picture across the entire case for effective information and cost management

Is the EDD space maturing? Yes, as Socha and Gelbmann rightfully point out. But it’s doing so in surprising, innovative ways that, when it’s all over, may well prove to be a silver lining to the cloud of challenges the industry has faced over the last two years.

One of the new buzz words of the last few years in computing has been Cloud Computing. After the initial hype, and the subsequent shakeout of its potential, everyone is beginning to recognize that it represents a paradigm shift in how we purchase, deploy, and utilize computing resources. The general impetus for the cloud has been its potential to reduce capital costs, offer flexibility in purchasing computing resources, and reduce operational costs in maintaining hardware resources.

A lot of what the cloud offers is achievable using existing technologies, but repurposed in new and innovative ways. Several forms of the cloud, with specific benefits to customers, are being packaged and promoted. The offerings are delivered as cloud services, such as Platform as a Service (PaaS), Infrastructure as a Service (IaaS) and Software as a Service (SaaS). Without getting into specifics, each service offering comes with a set of service agreements between the purchaser and provider of the cloud services.

As with any new initiative, there are new challenges to contend with including security and compliance with corporate policies and industry regulations.  Although these issues are substantial, for this article, let us consider the legal implications as it relates to electronic discovery. We all know that sooner or later, every organization faces litigation, and increasingly, fair number of them involves e-discovery. Traditionally, in house legal and IT teams have had an understanding of how to respond to legal requests and have focused on litigation readiness. But, how do these translate to the new cloud computing paradigm? I’ll examine some of the challenges in a series of posts on e-discovery and the cloud. For starters, let’s analyze the challenges and considerations inherent with the duty to preserve electronically stored information (ESI).

Duty to Preserve ESI

Before we get to the mechanics of electronic discovery and actual preparation for Rule 26(f) conference, the duty to preserve arises. The duty to preserve may be triggered when a legal proceeding is “reasonably anticipated” and increases in importance on receipt of pre-litigation correspondence or a similar trigger event. Traditionally, such duty to preserve is reflected by placing litigation holds. It is often the case that litigation holds are placed on at least a portion of the ESI well ahead of an actual triggering event. See Adams v. Dell as perhaps an extreme example. In fact, some organizations invest in litigation support software technologies for classifying data and placing holds on the most reasonable subset.

How does such a litigation hold translate into the cloud? As a customer of a cloud, one should craft service agreements to dedicate certain cloud-resident data, in the form of folders or other broad categories, to be preserved. If the cloud provider has deployed technology to ensure that no party within the customer’s user community can delete the preserved data, it is well and good. However, placing such restrictive access impedes normal running of the business, and becomes impractical. Essentially, data in the cloud that is available for normal course of business is in the hands of user-custodians. If they then delete the data either deliberately, or inadvertently, or through normal business functions, that data deletion is subject to spoliation claims. Even though the “safe harbor” from spoliation sanctions of Rule 37(f) applies when information is lost due to the “routine, good faith” operation of electronic information systems, when preservation order is in place, shelter under 37(f) is not possible. Thus, the actual implementation of litigation hold comes under scrutiny. Because of this, many implementations adopt preservation using a “copy and preserve” model. However, this model is at odds with live business data that is constantly evolving. Even if the latest point-in-time snapshot technology at the physical volume is employed, the result is inadequate – you end up preserving massive volumes of data in the cloud, unrelated to actual logical messages or files that need to be preserved. What is needed is some smartness in the form of an application in the cloud itself that can translate a litigation hold request into specific ESI in the cloud. Who owns and manages this application and what the service levels are for this application is a significant issue.

Now, the view from the cloud provider’s perspective is very different. In light of the flexible data management architectures available, there is a great temptation to share both data with a litigation hold and data without a litigation hold on the same physical infrastructure. As a result, the cloud provider   preserves all data from every customer that is resident on that infrastructure – a very conservative approach. As a consequence, this would preserve another customer’s ESI accidentally and that data is now discoverable, in the context of a different litigation, despite the second customer’s active management of the data. Preserving a set of live, constantly changing data in the context of a single enterprise is technically difficult; doing so across multiple customers, sharing the data infrastructure is exponentially harder.

Another related issue with preservation is the need for the ability to release preservation holds. Typically, when the litigation response team determines that the legal hold is not necessary, the hold is released. In the “copy and preserve” model of litigation hold, one has to verify that the released ESI does not overlap with other litigation holds and is marked for destruction. One of the benefits of the cloud is the flexibility in storing bits and pieces of data wherever data capacity is available. Applying the release can again be tricky for both cloud customer and the cloud provider.

Given these additional complexities of evidence in the cloud and the fact that the duty to preserve may arise well before the trigger event of litigation, the costs associated with the duty to preserve can add up very quickly. It’s essential to understand three critical items related to the duty to preserve in the cloud: 1) what the cloud provider would charge for ongoing preservation, 2) whether agreements with the cloud provider cover the legal issues raised by the duty to preserve and 3) what the cloud provider offers in terms of a flexible workflow for applying and releasing legal holds.

To me, litigation holds in electronic discovery are like Federal sentencing.  Most Federal criminal cases end in a plea agreement, so very few are ever tried in front of a jury, but sentencing must occur in 100% of the cases.  Preservation is very similar – although you are likely to collect and produce in only a subset of cases, you must preserve in 100% of the cases.  So, just as sentencing law is extremely important to the Federal criminal bar, preservation is one of the most important phases of e-discovery to corporate or litigation counsel.  Naturally, I am surprised when I talk to corporate law departments that do not have a documented, repeatable process for legal holds that also includes standard procedures for IT.  Simply emailing a hold notice to a custodian and recording the hold on a spreadsheet is not enough given Judge Shira Sheindlin’s recent opinion in Pension Committee v. Banc of America Securities.

So, what is a defensible litigation hold strategy, and how do you get it done?  It is important to remember that the ultimate goal is preservation of any and all evidence that may be relevant to the matter at hand.  There are no hard and fast rules or checklists – only opinions from the bench of what is not enough.  The keys to defensibility are consistency, standardization, documentation, and diligence.  The place to start is with standardized policies and procedures as well as a person (or a portion of a resource) designated within the enterprise as the single point of contact for all issues related to preservation of evidence (read: project management).  Technology can help, but a great preservation strategy can be developed without an expensive or vast technology investment.  So, how do you get this done?  Here are four steps you should take now:

I. Define the Process (You cannot execute a plan that does not exist):

The first step to creating a great litigation hold strategy is defining a process or set of procedures that can be followed repeatedly.  This process could include setting up tiers for ESI sources, with tier one sources always being preserved (these might include frequently requested sources like email, file servers, and perhaps computers of key custodians), tier two sources being preserved on a case by case basis (including sources that are more industry-specific to the enterprise and therefore not always relevant in routine employment litigation or contract disputes), and finally tier three sources which include everything else.  By tiering ESI sources, the enterprise can focus on developing detailed preservation protocols for the tier one and tier two sources while developing a less detailed protocol for tier three sources which would include simply naming IT subject matter experts who would be consulted in the event that those sources were ever subject to preservation requirements.  This approach would allow the enterprise to prioritize data mapping and cataloging efforts on the tier one and tier two sources first.  Data mapping can be an enormous undertaking, so the enterprise might do well to know as much as it can about the email system rather than spending critical time focusing on ESI that may never be subject to any preservation requirement.

II. Dedicate Resources Appropriately and Engage Them Early:

Personnel are a key concern for preservation.  Allowing too many people to initiate and manage litigation holds could lead to confusion for IT and will certainly yield different results across multiple matters.  A single person or team should be appointed to manage litigation holds for the enterprise, and that person or team should develop a sound relationship with IT, paying particular attention to the subject matter experts who manage tier one data sources.  By forging the relationship early, communication and expectations will align before mistakes are made or spoliation occurs.  Of course, consistency is a key component of defensibility, and this cannot be achieved with a reactive, undocumented approach.  IT must understand the scope and consequences of spoliation, and they must be alerted early enough to halt routine destruction of ESI from the company’s systems.  Most corporate law departments have policies in place for “opening files” when new matters occur; it would be relatively easy to include a step in this procedure for engaging the appropriate personnel to begin preserving ESI at this early stage.  Leaving it up to individual attorneys or paralegals could cause preservation procedures to get implemented at various stages in the litigation, exposing the corporation to unpredictable and varying degrees of liability.

III. Audit, Log, and then Audit the Log:

Auditing the process is also critical to defensibility.  When ESI is moved, the process must be documented (even retaining shipping receipts for ESI that must be transported), and all conversions or alterations of the ESI must be documented (preferably with a procedure for commonly-encountered issues and then in a log as performed).  Log every step along the preservation path – including correspondence with custodians, when litigation hold reminders are sent, and any action performed on the preserved ESI (throughout the duration of the litigation).

IV. Talk to Your Custodians!

Interviews with custodians can go a long way toward achieving the diligence element of defensibility.  Acknowledgment by the custodian that they understand the preservation requirement being placed upon them and that they agree to preserve ESI is critical.  Often, custodians can also provide information about additional custodians who should be contacted or ESI sources that may not have been considered.  These and other matter-specific questions should be asked of the key custodians at a minimum.  This information may also prove useful when developing keywords for early case assessment or meet and confer preparation.

As you may have noticed, I have not mentioned any technology yet.  That is because a sound preservation strategy begins with sound policy, not simply purchasing a technology solution that purports to solve all of your problems.  Invest time in analyzing your litigation history, open matters, ESI sources, and personnel.  From there, processes can be developed, and where there are processes, there are then opportunities for automation and optimization through technology.  Simply defining the process is not enough – it must be repeatable and implemented consistently.  One of the best ways to ensure that a process is repeated is to automate it, removing the potentially error-prone manual work  where it is not required.

Following these steps should help jumpstart the development of a defensible preservation strategy, and once developed, you may be surprised to find that existing technology can help automate many of the procedures you have created.  Where existing technology investments fall short, venture into the market place informed and with the keys to defensibility in mind: consistency, standardization, documentation, and diligence.

Recently, I moderated a panel at the Masters Conference with John Loveland, Sonya Thornton, and Bruce Markowitz entitled: How Defensible is Your E-Discovery Process? (Click here to read a summary of the panel.) It was well attended, and I think that the draw (aside from the esteemed panel) was that this topic still remains very vexing for most practitioners.

Initially, we started at ground zero with the notion that defensibility is in most instances equated with the “reasonableness” standard, which is pervasive across many areas of the EDRM spectrum… from preservation to production.  Instances include:

• Preservation — “[a]s soon as a potential claim is . . . identified, a party is under a duty to preserve evidence which it knows, or reasonably should know, is relevant to the future litigation.”
• FRE 502 (b) – the disclosure does not operate as a waiver in a Federal or State proceeding if the (2) the holder of the privilege or protection took reasonable steps to prevent disclosure;
• General Privilege Waiver — In SEC v. Badian, 2009 WL 222783 (S.D.N.Y. Jan. 26, 2009)(link), “there is no basis … to conclude that there were precautions [to prevent the disclosure], let alone whether they were reasonable.”
• FRCP 37(e) — Absent exceptional circumstances, a court may not impose sanctions under these rules on a party for failing to provide electronically stored information lost as a result of the routine, good-faith operation of an electronic information system.

While the foregoing isn’t exhaustive it does highlight the persistent nature of the reasonableness standard as practitioners seek a defensibility sanctuary.  The good news is that the law doesn’t require perfection and there are also a number of ways to obtain reasonable defensibility:

• Demonstrable acceptance by the opposition – here the notion is that collaboration with the opposition allows the parties to comfortably move ahead with their discovery process and even if it’s not objectively reasonable, the parties consent to the protocol will in most instances carry an imprimatur of reasonableness.
• Auditing / process transparency.  Similar to the first bullet, auditing the process and giving the opposition visibility into the process steps will often make it hard for them to lodge successful downstream challenges.
• Adherence to Local Rules (See 7th Circuit Pilot Program) or judicial order.  Another avenue than can provide some degree of safety is compliance with a discovery protocol mandated by local rules, although that compliance may ultimately be challenged.
• Statistical confidence intervals / sampling – the use of statistics as a way to bolster process defensibility is starting to come to maturity and in the future I think that detailed precision, recall and other statistical indicates will play a large role in e-discovery defensibility.

None of these steps can be guaranteed to really get you off the hook from a rapid opposing party calling foul, but using them in a “belt and suspenders” fashion will certainly help buttress any discovery process.

For more illumination on the topic please see the following video of my interview with John Loveland, who’s waxing poetically about discovery defensibility.

On of August 14, 2009, the California Judicial Counsel amended their Rules of Court to augment discussion of electronic discovery issues during the meet and confer process.

Rule of Court 3.724 was amended to require discussion of “Any issues relating to the discovery of electronically stored information” no later than 30 calendar days before the date set for the initial case management conference.  The broad language (i.e., “any”) was augmented by eight specific categories that must be expressly discussed:

(A) Issues relating to the preservation of discoverable electronically stored information;

(B) The form or forms in which information will be produced;

(C) The time within which the information will be produced;

(D) The scope of discovery of the information;

(E) The method for asserting or preserving claims of privilege or attorney work product, including whether such claims may be asserted after production;

(F) The method for asserting or preserving the confidentiality, privacy, trade secrets, or proprietary status of information relating to a party or person not a party to the civil proceedings;

(G) How the cost of production of electronically stored information is to be allocated among the parties;

(H) Any other issues relating to the discovery of electronically stored information, including developing a proposed plan relating to the discovery of the information;

Many of these issues track FRCP language (including forms of production, preservation, privilege issues, etc.).  However, section G seems somewhat novel given the historical “American Rule” where the producing party is required to bear all necessary costs of production.

Curiously missing, in comparison with FRCP 26 B(2)(b), is the need to discuss the handling of “inaccessible” ESI, although this could easily be subsumed in the “any other issues” language of section H.  Also missing is a discussion about proposed searching and/culling protocols (aka “keyword negotiations”) which are often part of the core meet and confer topics in Federal court.

Nevertheless, the scope is broad enough to require *a* discussion of all likely relevant electronic discovery issues, which was often lacking historically.  Once that discussion starts, reasonably savvy counsel should be able to flesh out most of the significant issues.  And, given this broad language a judge would presumably give them a hard time for any material omissions.

In the post, E-Discovery 911: Reducing E-Discovery Costs in a Recession, we analyzed the question: which electronic discovery activities are the most costly today and thus have the greatest room for cost reductions? An analysis of a typical, hypothetical case demonstrated that the bulk of e-discovery costs reside in the processing and review stages. In this post, we want to look at the different ways of reducing e-discovery costs and which are likely to be the most effective, especially given processing and review costs are the largest sources of expense.

Corporations have the following options for reducing e-discovery costs. Some of these approaches are aimed at changing the overall way e-discovery is performed. And some of these are aimed at improving the results of a particular step within a typical e-discovery process. None of the options are mutually exclusive.

• Retain less data through information management: one of the methods that corporations can undertake to reduce e-discovery costs even before e-discovery has begun is to adopt a data or document retention policy. Such a policy can, for example, stipulate that the corporation deletes all documents not required for specific business, legal or compliance reasons after a fixed period of time, such as 90 days. As a result, a properly implemented document retention policy has the potential to significantly reduce the amount of data that is identified and collected during electronic discovery.

• Better assess your case and your discovery issues: another approach to reducing the overall costs of litigation including discovery is to perform an early case assessment. Pioneered by Dupont and others, the objective of this approach is to understand all the key case facts within a short period of time so that the litigation team can make better decisions quicker. Because costs always rise over time, quicker resolution of litigation reduces costs. While early case assessment was originally an overall approach to litigation, there is now an equivalent in electronic discovery. The goal is to identify all the potentially discoverable data, but only collect, process, and analyze a prioritized portion of this data in order to inform an understanding of the case AND calculate an estimate of the ultimate potential e-discovery costs.

• Bring e-discovery in-house: another holistic method for reducing electronic discovery costs is to manage all or a portion of the e-discovery process in some or all matters inside the Enterprise as opposed to outsourcing it to law firms or litigation service providers. While bringing e-discovery in-house has other benefits, such as improved security and control, the principal benefit is to convert variable service costs, typically priced on a per Gigabyte basis, into fixed software costs thus producing a return on the investment to manage e-discovery in-house.

• Preserve and collect less data: in addition to holistic approaches, e-discovery costs can be reduced at each step in the e-discovery process. One way to reduce e-discovery costs would be to preserve and collect less data. Reducing the amount of preserved and collected data not only reduces the cost of each of these steps but also reduces the cost of each downstream step. There are pros and cons to this approach which I will discuss in a later post.

• Process less data: more data is frequently preserved and collected than needs to be processed for analysis and review. This excess data can be filtered out prior to processing thus reducing processing and all other downstream costs. The techniques used to do this are often referred to as pre-filtering, pre-processing or early data analysis.

• Process differently and review native: historically, most electronic data was converted to an image format, such as TIFF, prior to review. This process is computationally intensive and expensive. In recent years, e-discovery practitioners have been processing and reviewing more documents in a native or near-native format and avoiding the cost of converting documents to an image format until later in the process.

• Review less data: data can also be reduced after processing and prior to review and production. Much has been written in the e-discovery community about this process, often called “cull-down,” and the different search and analysis techniques that can be used as part of this process, such as keyword search, concept search, de-duplication, and others. The fewer documents requiring processing and review, which as we have seen is a substantial portion of the overall costs, the lower the overall costs.

• Review data faster: in addition to reducing less data, the electronic discovery community has pioneered new methods of reviewing data faster including data clustering, near de-duplication, and other more automated review techniques. The faster documents are reviewed, the lower the attorney review costs.

While all of these approaches have the potential to reduce the costs of electronic discovery, some are going to be more effective than others. Each approach can be implemented using a multitude of techniques or practices and each of these techniques has their pros and cons. For example, some techniques may have a greater risk of raising defensibility issues from the court or opposing side than others. Other practices may be less expensive initially, but, over the course of a changing and iterative e-discovery, may prove to be more costly overall. In a series of future posts, we’ll review the different practices used as part of these approaches and analyze the pros and cons of each to understand which may be the most effective for your organization.

Over the past 4 years, I have had hundreds of conversations with corporate counsel and “legal IT”, meaning technical folks charged with supporting the legal team. More and more of them are looking to lower their costs by bringing e-discovery in-house. But as they work through that process, there’s one question that consistently comes up, even today – namely, “When [insert name of software company] says they “do” e-discovery, what exactly does that mean?”

There has been progress towards answering this question, thanks mainly to the analyst community. George Socha and Tom Gelbmann’s EDRM framework has been immensely helpful in breaking down electronic discovery into its component steps. Other analysts, like Debra Logan at Gartner, were quick to embrace the framework, prompting every software provider to follow suit. As a result, there is today a common language that everyone uses to describe the e-discovery process.

The Electronic Discovery Reference Model (EDRM) breaks down the e-discovery process into a series of steps. Companies looking to buy e-discovery software to lower costs typically map different software products to each of these steps, to make sure that they cover the entire process.

But having a universally-agreed framework is only half the answer. To eliminate customer confusion, there also needs to be agreement on how different software products fit into the framework. This is especially important since there is no single, end-to-end solution for e-discovery which covers all aspects of EDRM. So customers are forced to think about how different software solutions fit together. And that is where things begin to fall apart.

Many software vendors feel it is advantageous to claim that they do everything, even though they do not. Customers are rightly suspicious of those claims, and so press vendors to provide more detailed information – hence the question, “when you say you do e-discovery, what exactly does that mean?”

In light of that, how can litigation support teams, corporate counsel, or legal IT people figure out which e-discovery solution best meets their needs? From observing this decision-making process hundreds of times, I have found 3 simple steps are incredibly helpful.

Step 1: Read the analyst reports

Two reports in particular make for required reading. One is Gartner’s MarketScope Report, which is available for free at certain sites; the other is the 451Group’s recent e-discovery report, which is summarized in a publicly available presentation. The helpful thing about the 451 Group’s report is that it tells you which software companies do which parts of the EDRM process. You do have to buy the report to get the full picture (it’s well worth it!), but the publicly available presentation will give you a flavor for their analyis, and I have drawn from that presentation in the figure below:

Analyst firms like the 451 Group map software vendors to the EDRM framework according to what they actually do, which is often different from what software vendors claim they do.

The 451 Group’s analysis highlights several important points. First, it shows that there is no single end-to-end solution. Even the products of giants like EMC (SourceOne), HP (IAP), and IBM (CommonStore) only solve one piece of the puzzle, information management. Second, it shows that customers have choices at each stage of the EDRM process. For example, to solve the problem of identification, collection, and preservation of electronic information, customers can choose from solutions as diverse as Guidance EnCase (forensic collection), Index Engines (back-up tapes) and Mimosa NearPoint (email archive). Third, it provides an independent assessment of what vendors do, as opposed to what they may claim. For example, Kazeon claims analysis and review capabilities, whereas the report shows its product does identification, collection, and preservation; Recommind claims its Axcelerate eDiscovery and MindServer products do processing, whereas the report finds that they do not.

Step 2: Evaluate the products prior to purchase

Just as anyone would test-drive a car prior to purchase, it’s critical to test-drive e-discovery software. Any vendor should be willing to provide their software free of charge for an evaluation on-premise. The most effective evaluations are when the customer uses the product themselves, either on a live case or test data. This is far preferable to just sending the data to the vendor who then loads it into their system, as in that scenario there are too many opportunities for the vendor to hide their product’s shortcomings.

Step 3: Check references carefully

The trick with references is to insist on relevant references. It’s not good enough for the vendor to dredge up some random person who says nice things; or even a credible knowledgeable person who is using the product in a completely different way. For example, if a company is happy with Autonomy’s IDOL for enterprise search, that does not tell you much about what Autonomy might be like for e-discovery. What really counts are references from other customers who are using the product for the same application that you are.

All this can sound like a lot of work, but I have seen people go through the process in as little as a month, and be much happier for it. A little work up front can save a lot of time (and heart-ache!) later on.

Cheesy Successories posters aside (for an alternative take, go here), the need to work together is much more than just a cliché in today’s environment.

In its recent brief on the five major trends that will shape business technology in 2009, leading management consultancy McKinsey and Company noted one trend in particular which highlights the urgent need for an organization’s IT and legal groups to forge better, faster, and more efficient ways of collaborating on electronic discovery issues:

Regulators demand more from IT

Government scrutiny of business will intensify in many developed countries. Already, in the United States, the Office of the Comptroller of the Currency weighs in on the resiliency of banking systems, the Food and Drug Administration (FDA) requires that many pharmaceutical systems be “validated,” and Sarbanes-Oxley drives decisions about accounting systems in every industry. In the future, policy makers and regulators will probably demand that IT systems capture more and better data in order to gain greater insight into and control over how banks manage risk, pharma companies manage drugs, and industrial companies affect the environment. Government officials also will monitor many legal and business rules more closely to ensure compliance with mandates. Successful CIOs should enhance their relationships with internal legal and corporate-affairs teams and be prepared to engage productively with regulators. They will need to seek solutions that meet government mandates at manageable cost and with minimal disruption.

- McKinsey Quarterly, February 2009

The current economic environment is creating a “Double Whammy” within almost every enterprise that has ongoing or pending electronic discovery issues (and are there many organizations left out there that don’t?):

• As the McKinsey article notes, regulators will increasingly be demanding more from IT as government scrutiny of business intensifies. Just look at the just-launched recovery.gov site to see the level of transparency and accountability that the government is aiming for with regard to the stimulus package. The bailout will not directly affect every business, but there is a new sheriff in town who will likely set the tone across the entire business landscape.
• At the same time, there is relentless pressure on controlling costs. When times are tough, dollars that can be saved on the expense side are much more valuable that top-line revenue, since 100% of every dollar of cost savings goes directly to the bottom line.

The net-net: Enterprises will be forced to do more, with less.

How? With regard to electronic discovery, there is a lot of low-hanging fruit to be picked in the area of IT and legal cooperation:

• In-house legal teams should meet with IT (if they aren’t already) to help them better understand the nature of electronic discovery, particularly as it applies to the more “upstream” parts of the process (specifically, identification, preservation, and collection) which IT tends to be more responsible for. Through a better understanding of the nature of electronic discovery, IT can improve its ability find the right documents, avoiding over-collection and reducing downstream processing costs. In addition, new electronic discovery technologies are making it increasingly easy for legal to own more of the process, reducing the electronic discovery burden on IT.
• Conversely, IT should coordinate with in-house legal teams to provide advice and mentoring as legal seeks to bring e-discovery platforms in-house to assist with early case assessment, search, culling, and analysis. To many legal teams, bringing e-discovery in-house may seem like a daunting proposition, but enterprise software has been around for a long time, and learning from IT’s experiences can make the process far less intimidating.

Yes, regulators are going to be far more demanding in the future than they have been in the past. But some simple collaboration and coordination between IT and legal will go a long way toward lightening the regulatory burden, especially as it pertains to electronic discovery.

I was recently asked: “what are the first things you do when your client calls you about a case requiring e-discovery?”  So, for the benefit of all, I’ll post my answer.

My first caveat to the advice was context.  Since, while a lot of attorneys have attended CLEs or have read about e-discovery, it’s not the same in the real world.  As the old Spanish Proverb goes:

It’s not the same to talk of bulls as to be in the bullring.

Keeping in mind that reality may differ significantly from academics, here are some things to consider when the next e-discovery case comes up.   Please also keep in mind that these steps (like the EDRM workflow) aren’t linear and may in fact occur cyclically or in parallel:

1. Preserve, preserve, preserve

Nothing is more important than meeting the initial preservation obligation, which begins when litigation is “reasonably likely” – as opposed to just when the complaint is filed.  This first step in the long journey can easily be a trap for the unwary/unprepared.

The challenge once you’re past the trigger issue is to then identify the boundaries of the duty to preserve, i.e., what evidence must be preserved?   This inquiry is often initially comprised of identifying key players, date ranges and data types.

Another significant challenge in this step is to monitor and update the legal hold process.  And, given that litigation more often than not spans years, it’s easy to initially succeed at the preservation effort, but then later fail on execution.  The best way to minimize risk in this step is to move quickly from preservation to collection.  See Is Preservation in E-Discovery Overrated?

2. Work backwards

Once preservation (and ideally collection) is adequately covered, the next step is to start thinking about the end of the process and what success (or lack of failure) looks like.  The exposure and profile of the matter are important to consider when you embark upon an e-discovery project since it’s critical to scale discovery efforts appropriately.

One thing, in particular, that is very important to consider early in the process is the type of production format that will be preferred by reviewing counsel and the opposition.  TIFF-based image productions (which are historically well accepted) are often pitted against native file ESI reviews.  Either format may or may not be acceptable given the situation and the applicability of FRCP Rule 34.

3. Understand the technical landscape

Most attorneys, but for a rare few, aren’t capable of really comprehending technical nuances of the complex and interrelated IT systems found at most Fortune 2,500 enterprises.  Fortunately, they are quite adept at working with experts (either consulting or testifying) to help them get to the bottom of difficult to comprehend and explain issues.  The key is find the right technical people who understand IT systems and who can explain it to judges, juries, and attorneys alike, especially for some of the most common ESI repositories like: email servers, archival systems, shared network drives, instant messaging servers, archival repositories (e.g., tape libraries, real time back-up systems, etc.), records management systems, knowledge management systems, proprietary, but highly leveraged, internal applications, offsite repositories (e.g., hosted IT or email systems) and significant partner or subsidiary data stores.  In many instances it will make sense to leverage or create a map of the data universe so that nothing is missed and inaccessibility arguments can be cogently detailed.

4. Get your lingo straight

Assumptions, whether in e-discovery or not, are often dangerous.  In the complex undertaking where multiple parties are handling ESI it’s critical to make sure that everyone is on the same page especially since every company handles IT, records management, ILM and information security differently.  So, when working with these disparate constituents the outset of an engagement is the right time to make sure everyone is on the same page.  Therefore, standardize on a set of commonly used terms. Examples of potentially ambiguous topics include “imaging” ,“archive”, and “records.”

5. Don’t assume your client will really be helpful

I’ve been involved with hundreds of e-discovery engagements and I’ve found that almost universally the end client professes a profound willingness to help out.  And yet, actual “help” is relatively rare.  To qualify this, it may be prudent to ask several additional questions:

• Does the Client have the time to actually help?  Everyone at the client’s site has a day job that they’re tasked with above and beyond transient e-discovery needs.  So, while bandwidth generally is important, what’s more critical is the ability to comply with aggressive judicial deadlines.
• Are the people helping the ones you’d want to see on the stand?  It’s often not realistic to have internal folks (especially IT and Records Managers) stay isolated during the various pre-trial events – meet & confer conferences and potentially 30(b)(6) depositions so it’s important to evaluate how a given witness will fare when providing testimony.
• How likely is it that you client would throw you under the bus if things went wrong?  In my opinion, there is now more reason for outside counsel to manage the risks of an e-discovery project going awry.  See, Sullivan and Cromwell’s suit against EED.  Some will wisely bring in 3rd party consultants/experts to have a neutral, unbiased constituent in the process.

6. Build a budget and team (internal/external)

Everyone is probably now aware of how expensive e-discovery can be if managed improperly.  This makes it all that more imperative to work quickly to get a rough sense of the scope (which will lead to a budget) and the client’s willingness to absorb associated charges.  The most important step is to right-size the e-discovery effort with the risks inherent in the corresponding litigation/investigation.  Otherwise, there’s a high likelihood that e-discovery process will be over-engineered (too expensive) or under-scoped (cutting dangerous corners).

7. Figure out your risk profile

Similar to right-sizing the budget, it also makes sense to adopt a “horses for courses” approach to e-discovery since there is no singular way to handle a given matter.  For example, in one case you make take forensic images, restore backup tapes, capture instant messaging data, harness metadata, or decide to do an automated review with a with a “clawback” provision. In either case, the only mistake is to assume that an approach from another, dissimilar matter is warranted in the instant case.

8. Assume the opposition is better informed than you are

While this actually may not be the case, it’s a safer bet that assuming a level of naiveté that may not exist.  What is certain is that the Plaintiff’s bar is increasingly well informed and can be very aggressive.  They’ve seen the playbook that calls for baiting the opposition into a discovery misstep that can result in significant, case altering sanctions.  According to a recent survey, 63% of the polled attorneys said that e-discovery is being abused by counsel, so it’s important to be wary initially.

It’s also important to consider the potential reciprocity of a given matter and adjust your position accordingly.  In many instances it’s easy to consider your role only as a producing party, but with cross/counter claims it may be possible to simultaneously be propounding discovery and in the opposition’s shoes.

9. Prepare for an early case assessment

A recent industry survey found that effective early case assessment (ECA) approaches reduced overall litigation in half of the cases evaluated, and resulted in favorable outcomes for 76 percent of the cases.   The key to this methodology is to use the available next generation case analysis solutions earlier in the process, not just to review data for relevancy and privilege, but to:

• Identify the key players. This is critical in order to have a defensible legal hold process
• Evaluate the posture of the case to determine how it looks on the merits
• Diagnose potential outliers in the e-discovery process to facilitate meet and confer discussions and help create “inaccessibility” arguments
• Conduct a search term analysis for keyword negotiations during meet and confer discussions.  Objectively demonstrating the results of proposed search queries can go a long way in speeding up keyword negotiations

10. Don’t take search for granted

For many attorneys, e-discovery search is just like Lexis or Google.  Unfortunately, that isn’t the case.  Instead, it’s become highly complex and is now receiving significant judicial scrutiny.  In Victor Stanley v. Creative Pipe Judge Grimm suggested that attorneys need to rethink how they’ve traditionally managed the search process:  “[F]or lawyers and judges to dare opine that a certain search term or terms would be more likely to produce information than the terms that were used is truly to go where angels fear to tread.”  It’s now important to devise (and share at early meet & confer conferences) a defensible search strategy that can withstand judicial scrutiny.

The recent announcement of $18 million in financing for PSS Systems got me thinking about preservation.  PSS is a provider of enterprise-class preservation and litigation hold management systems with solutions starting in, from what I can tell, six figures.  Nevertheless, this begs the question, why would a Fortune 500 company need such an expensive enterprise class software application to manage legal holds?

So, let’s start from the top…

With the advent of e-discovery during the last decade an entirely new class of evidence spoliation came into existence – i.e., situations where electronically stored information (ESI), particularly back-up tapes, could inadvertently become overwritten, lost, erased, etc.  In the good old days of paper-based discovery, there was certainly an opportunity for spoliation, but paper documents didn’t routinely become lost or otherwise unavailable, unless in extreme instances of intentional spoliation.  For a particularly comprehensive tome on this type of negligent spoliation, please see this excellent piece written by Judge Scheindlin (of Zubulake fame).

Accordingly, in the past several years litigators have had to learn and then re-learn the notion that the duty to preserve ESI begins once litigation is “reasonably likely.”  Unfortunately, this duty to preserve is fraught with a number of practical challenges, including:

• When is the duty triggered?  For example, the duty is in most instances certainly in place prior to a complaint being actually served.  But, as you move upstream from that crystalline moment reasonable minds certainly can differ about when litigation is “reasonably likely.”  EEOC claims, in the HR context, are a good example of potentially early trigger points.
• Then, assuming that the duty is triggered what must then be preserved?  Is it just the ubiquitous email?  Or, as is more likely, will an increasingly broad and voluminous set of ESI be implicated, such as loose files, instant messaging, blog posts (maybe this one?), mobile or PDA/handheld data, deleted but forensically recoverable files, etc.?

Those two thorny problems aren’t the only issues that counsel needs to deal with when they embark upon issuing a legal “hold” – the decree that instructs custodians of their obligation to preserve all relevant information related to the matter at hand.  But, the duty to preserve is only the start of the challenge.  This is where folks like PSS come in, meaning that they manage the potentially complex logistical tasks associated with hold notification, monitoring, and compliance.

Here’s where I start to have a problems with large scale, complex preservation efforts.  Let’s take a somewhat common example:  a multi-national enterprise is sued for misappropriation of trade secrets.  Even prior to the complaint being filed, plaintiff’s counsel issued a demand letter, which in some cases could be held as a triggering event.  But, in either case, once the complaint hits the GC’s desk the duty to preserve is clearly in force.   Let’s then say that in consultation with outside counsel they wisely embark on a set of interviews to determine the scope of departments/locations/custodians that may be reasonably implicated.  Then, following the synthesis of this information they issue a legal hold notice to 2,500 people located throughout numerous domestic and international offices.

Now, here’s where the risk comes in…   One thing is statistically certain with that number of custodians: the legal hold will not be followed to perfection.  If I were more mathematically inclined I’d say it could be reduced to a formula along these lines:

Legal hold compliance *decreases* exponentially as you multiply:

• The number of custodians
• The length of time the legal hold is in effect
• The types and volumes of potential ESI that may be relevant
• The presence of individuals who don’t want data to be preserved due to their own perceived errors/foibles/omissions

The answer, in my mind, doesn’t lie in a better mouse trap to manage the vagaries of the legal hold process.  No, the best way to take the risk out of the legal hold process is to move very rapidly from preservation to collection.

Once ESI is collected two main things start to happen:

1. Subjective notions about the universe of data (allegedly) covered by the preservation process can be changed into objective observations that the custodians really are the right ones.  For example, in the above example the 2,500 custodian list is again almost certainly not correct.  Since the decision process was made subjectively (likely without insight into the data) the custodian list is inherently either under or over-inclusive.  However, with the advent of early case assessment solutions, the preserving party can now quickly collect and assess an initial corpus of data to ensure that exactly the right folks are in the collection/preservation process.
2. Once the ESI is collected, the risk of loss, deletion, etc. will largely have been taken out of the equation meaning that the danger of spoliation is greatly reduced.

My belief is that the larger the preservation effort the more likely there will be gaps that the opposition can use as leverage.  Scaling up the preservation effort is only one way to skin the cat.  Instead, the better practice is to start small, collect quickly, and then expand collection efforts once your legal team has objective insights into the case data.

Yes, preservation is still important. But, biting off more that you can chew simply means a statistically greater chance of failure.