e-discovery 2.0

The recent announcement of $18 million in financing for PSS Systems got me thinking about preservation.  PSS is a provider of enterprise-class preservation and litigation hold management systems with solutions starting in, from what I can tell, six figures.  Nevertheless, this begs the question, why would a Fortune 500 company need such an expensive enterprise class software application to manage legal holds?

So, let’s start from the top…

With the advent of e-discovery during the last decade an entirely new class of evidence spoliation came into existence - i.e., situations where electronically stored information (ESI), particularly back-up tapes, could inadvertently become overwritten, lost, erased, etc.  In the good old days of paper-based discovery, there was certainly an opportunity for spoliation, but paper documents didn’t routinely become lost or otherwise unavailable, unless in extreme instances of intentional spoliation.  For a particularly comprehensive tome on this type of negligent spoliation, please see this excellent piece written by Judge Scheindlin (of Zubulake fame).

Accordingly, in the past several years litigators have had to learn and then re-learn the notion that the duty to preserve ESI begins once litigation is “reasonably likely.”  Unfortunately, this duty to preserve is fraught with a number of practical challenges, including:

• When is the duty triggered?  For example, the duty is in most instances certainly in place prior to a complaint being actually served.  But, as you move upstream from that crystalline moment reasonable minds certainly can differ about when litigation is “reasonably likely.”  EEOC claims, in the HR context, are a good example of potentially early trigger points.
• Then, assuming that the duty is triggered what must then be preserved?  Is it just the ubiquitous email?  Or, as is more likely, will an increasingly broad and voluminous set of ESI be implicated, such as loose files, instant messaging, blog posts (maybe this one?), mobile or PDA/handheld data, deleted but forensically recoverable files, etc.?

Those two thorny problems aren’t the only issues that counsel needs to deal with when they embark upon issuing a legal “hold” – the decree that instructs custodians of their obligation to preserve all relevant information related to the matter at hand.  But, the duty to preserve is only the start of the challenge.  This is where folks like PSS come in, meaning that they manage the potentially complex logistical tasks associated with hold notification, monitoring, and compliance.

Here’s where I start to have a problems with large scale, complex preservation efforts.  Let’s take a somewhat common example:  a multi-national enterprise is sued for misappropriation of trade secrets.  Even prior to the complaint being filed, plaintiff’s counsel issued a demand letter, which in some cases could be held as a triggering event.  But, in either case, once the complaint hits the GC’s desk the duty to preserve is clearly in force.   Let’s then say that in consultation with outside counsel they wisely embark on a set of interviews to determine the scope of departments/locations/custodians that may be reasonably implicated.  Then, following the synthesis of this information they issue a legal hold notice to 2,500 people located throughout numerous domestic and international offices.

Now, here’s where the risk comes in…   One thing is statistically certain with that number of custodians: the legal hold will not be followed to perfection.  If I were more mathematically inclined I’d say it could be reduced to a formula along these lines:

Legal hold compliance *decreases* exponentially as you multiply:

• The number of custodians
• The length of time the legal hold is in effect
• The types and volumes of potential ESI that may be relevant
• The presence of individuals who don’t want data to be preserved due to their own perceived errors/foibles/omissions

The answer, in my mind, doesn’t lie in a better mouse trap to manage the vagaries of the legal hold process.  No, the best way to take the risk out of the legal hold process is to move very rapidly from preservation to collection.

Once ESI is collected two main things start to happen:

1. Subjective notions about the universe of data (allegedly) covered by the preservation process can be changed into objective observations that the custodians really are the right ones.  For example, in the above example the 2,500 custodian list is again almost certainly not correct.  Since the decision process was made subjectively (likely without insight into the data) the custodian list is inherently either under or over-inclusive.  However, with the advent of early case assessment solutions, the preserving party can now quickly collect and assess an initial corpus of data to ensure that exactly the right folks are in the collection/preservation process.
2. Once the ESI is collected, the risk of loss, deletion, etc. will largely have been taken out of the equation meaning that the danger of spoliation is greatly reduced.

My belief is that the larger the preservation effort the more likely there will be gaps that the opposition can use as leverage.  Scaling up the preservation effort is only one way to skin the cat.  Instead, the better practice is to start small, collect quickly, and then expand collection efforts once your legal team has objective insights into the case data.

Yes, preservation is still important. But, biting off more that you can chew simply means a statistically greater chance of failure.

I knew the rumors about FTI’s acquisition of Attenex were true when we received a call in early May. It was from a large Attenex partner, who said: “We need to switch out Attenex no later than the end of June.” There have been many similar calls since then; as one service provider told us the other day, “I cannot imagine any Attenex partner not looking for other alternatives.”

The reason is obvious: Attenex Advantage partners – such as BDO Seidman, Deloitte & Touche, DiscoverReady, DTI Global Document Technologies, Forensic Consulting Solutions, Navigant Consulting, SPI Litigation Direct, VMAX Consulting and 10-15 others – compete directly with FTI. If they must now rely on FTI for their Attenex technology, it puts them at a massive disadvantage when competing for business. FTI could easily undercut them on price, since it no longer pays usage fees to Attenex; or, FTI could promise additional features in the Attenex product that its competition cannot match. It could certainly claim to be the world’s greatest Attenex experts (after all, who knows Attenex better than Attenex itself?). Perhaps worst of all, every time an Attenex Advantage partner works on a client using the Attenex product, it has to inform FTI at the end of the month so that it may be invoiced for usage, thus enabling FTI to track its client engagements.

Yes, FTI will likely make all sorts of promises about “Chinese Walls” and continuing to support other Attenex Advantage partners. But those promises are impossible to enforce (ask the editor of the Wall Street Journal!), and FTI could change its mind at any time, leaving service providers which depend on Attenex in the lurch. I don’t know anyone who would take that risk.

So the single greatest impact of the FTI-Attenex deal is that every other “Attenex Dis-Advantaged” partner needs to find an alternative e-discovery solution – and fast!

A second impact can be surmised from the market’s reaction to the deal. As the chart shows, FTI’s stock immediately popped 10%, adding about $300 million to its market capitalization. Partly, that’s because FTI negotiated such a great deal. It purchased Attenex for only 3.5x revenue, in a transaction that is neutral/accretive to earnings. Partly, it’s because FTI has a great track record with software acquisitions. For example, it acquired RingTail (a hosted review platform) in 2005 for $34 million, and today RingTail generates over 3 times that amount in revenue. Personally speaking, I have always been impressed by FTI’s team which is without doubt among the best in the business.

The interesting thing in this acquisition, unlike many others, is that the value will not come from selling the acquired product, since FTI is doing that already. In fact, FTI has been selling Attenex for years, and has even integrated it with RingTail. Rather, my guess is that FTI will use Attenex to grow its consulting business in several ways, such as:

1. By convincing clients to switch consulting firms, not technology. Let’s take a hypothetical example and say Ford is presently using Attenex through LECG. If LECG now uses a different e-discovery solution, then Ford is left with a choice: keep LECG and lose Attenex, or change from LECG to FTI and keep Attenex. Ford’s decision will, of course, be driven by many factors, and it will be interesting to see what happens in scenarios like this.
2. By winning a greater share of e-discovery dollars. Today, companies primarily engage FTI on life-threatening issues: stock option investigations, merger 2nd requests from the DoJ/FTC, and so on. By leveraging Attenex’s brand, FTI might extend that to also cover everyday e-discovery issues like run-of-the-mill litigation and regulatory inquiries.
3. By building an e-discovery footprint behind the enterprise firewall. Attenex has struggled to sell its product for on-premise deployment at enterprise customers in the past. Its website has no customer logos and I’m only aware of a couple of installations, neither of which is publicly reference-able. FTI’s strong consulting business might help change that and make it easier for enterprises to adopt Attenex.

I am sure there are other ways for FTI to get value from the deal that I am not smart enough to think of. My point is that, given FTI’s leadership talent and the scope of its consulting engagements, there are lots of things FTI could do with Attenex to create shareholder value far in excess of the acquisition price. That’s why I believe the second impact of the deal is that it will have a positive impact on FTI’s core business.

In Judge Grimm’s recent opinion, Victor Stanley, Inc. v. Creative Pipe, Inc., 2008 WL 2221841 (D. Md. May 29, 2008), he does a lot to instill fear into foolhardy attorneys who attempt to structure their own keyword searches for e-discovery, again quoting Equity Analytics:

“[F]or lawyers and judges to dare opine that a certain search term or terms would be more likely to produce information than the terms that were used is truly to go where angels fear to tread.”

And, while I agree with this sentiment, the notion of angels treading sounds a bit like a Christian rock band. But, I digress… on to the significance of this opinion.

First of all, it comes from Chief United States Magistrate Judge Paul Grimm, a noted e-discovery jurist, who’s authored a number of significant opinions in this area, including Hobson and Thompson. Here, in Victor Stanley, he also gets the award for footnote of the decade: Footnote 10, which is so chockablock with relevant nuggets that I thought I’d dedicate an entire post to his riveting dicta.

Judge Grimm’s entire opinion is quite lengthy (43 pages) so a summary is dangerous, but the central issue in Victor Stanley revolved around whether the defendants, who’d inadvertently produced 165 privileged electronic documents, could get them back, in the absence of a valid clawback provision. The plaintiff’s contention was that defendants waived privilege because they failed to take reasonable precautions by performing a faulty review of text-searchable files that were part of defendants’ electronically stored information (ESI) production.

In order to evaluate the reasonableness of defendants’ privilege review methodology, Judge Grimm honed in on defendant’s use of keyword search techniques. Quoting In re Seroquel, O’Keefe and Equity Analytics, Grimm used the bulk of footnote 10 to expand on this core thesis:

(”[D]etermining whether a particular search methodology, such as keywords, will or will not be effective certainly requires knowledge beyond the ken of a lay person (and a lay lawyer) . . . .”);

And, while the implications of this expert oriented approach are controversial, this much should be eminently clear to practitioners (in cascading order of obviousness):

• Discovery, except in the most bizarre case, will always involve some measure of ESI.
• ESI is proliferating both in types (blogs, databases, VOIP, IM, text messaging, etc.) and volume (multi-terabyte cases are now common).
• Even the most basic search techniques (keyword, Boolean, etc.) are required to manage exploding data volumes. But, according to Judge Grimm, in order to have a keyword search pass judicial muster one of the following two scenarios must occur:

1. Collaborative Search Approach: The parties, presumably as part of the meet and confer process must “confer with their opposing party in an effort to identify a mutually agreeable search and retrieval method. This minimizes cost because if the method is approved, there will be no dispute resolving its sufficiency, and doing it right the first time is always cheaper than doing it over if ordered to do so by the court.” I like to call this the “measure twice, cut once” method.Or, alternatively:
2. Best Practices & Data Driven Search Approach: In order to have a defensible methodology in the absence of collaboration a party needs to:a) “be aware of literature describing the strengths and weaknesses of various methodologies, such as The Sedona Conference Best Practices,…. and select the one that they believe is most appropriate for its intended task.”b) And, if their selection is challenged, then they should expect to support their position with “affidavits or other equivalent information from persons with the requisite qualifications and experience, based on sufficient facts or data and using reliable principles or methodology.”c) Finally, they should do appropriate levels of data sampling and quality assurance to test core search assumptions.

Failure to adhere to this articulate standard is an invitation for disaster:

“Use of search and information retrieval methodology,…, requires the utmost care in selecting methodology that is appropriate for the task because the consequence of failing to do so, … , may be the disclosure of privileged/protected information to an adverse party, resulting in a determination by the court that the privilege/protection has been waived.”

So, while it’s not my intent to be overly dramatic, I think we are seeing a sea change in how search is performed in practice. It used to be de rigueur for attorneys to run solo with their search protocols. But, it’s not safe to take that path any longer. Now, counsel faces a fork in the road where they can either collaborate on their search protocols or be prepared to get called to the carpet if the opposition wants to make a fuss. This might turn out to be yet another “case within a case” situation similar to how the plaintiffs’ bar has made hay by arguing about spoliation in some instances where they didn’t have much on the merits. If that happens having a defensible process, and perhaps an expert and supporting statistics will go a long way towards preventing a catastrophic privilege waiver.

Assuming that you can buy each company for the same price, which would you acquire?

Company A has been in business 3 years, has 25 customers, no brand to speak of, and did about $5 million in revenue in the prior year; or,

Company B has been in business 7 years, has over 100 customers, a strong brand in its market, and is doing $25 million in annual revenue?

“No brainer,” you say, “obviously, Company B.” So it is that FTI looks to have got a great deal buying Attenex (Company B) today for $88 million, whereas Seagate looks like it grossly overpaid for Metalincs (Company A) which it bought for $82 million in December 2007. But things are not always as they appear, and there are good reasons why Attenex has sold for a paltry 3.5x revenue, a multiple well below the 16x commanded by Metalincs or even the 5x revenue that Iron Mountain paid for Stratify.

Three forces reduced Attenex’s acquisition price. The first is that FTI accounted for a large proportion of Attenex’s revenue. That gave FTI leverage over Attenex since it could say, “sell to us for $88 million, or we will take our business elsewhere, your revenue will plummet, and the value of your business will be greatly reduced.” This power that FTI had over Attenex made it the only logical acquirer, so there could be no pressure from other bidders to raise the purchase price.

The second force depressing Attenex’s valuation is that its revenue will likely decline post acquisition as Attenex’s partners (who compete with FTI) switch from Attenex to other solutions. Software investors value growth above all else – and are willing to pay up for it. For example, Bladelogic, an unprofitable software company, went public last year at a $500 million valuation with less trailing revenue than Attenex. But it did $62 million in revenue the following year (Bladelogic sold to BMC Software for $800 million in April 2008). Attenex, by contrast, will see declining revenue in the next 12 months.

Finally, acquirers worried that, since Attenex’s revenue comes almost entirely from its hosted offering via service providers, its revenue was more volatile than enterprise-oriented e-discovery software companies. This is due to the fact that customers (typically, law firms) purchase Attenex-powered services on a case-by-case basis and can switch away at any time. Enterprises, in contrast, purchase long-term software contracts that will not vary based on short-term changes in case volume.

Once these factors are taken into account, the price and the multiple start to look a lot better. Attenex’s founders, who are some of the pioneers of the e-discovery industry, get some well-earned liquidity; the venture investors make a decent return; and, employees get to join a professionally-run company that compensates its people well. My congratulations to the Attenex team, and to FTI which has negotiated a great deal.

Of course, all this says nothing about the deal’s impact on the broader e-discovery market. That will be the subject of my next post.

Last month, Gartner updated its Magic Quadrant for Email Active Archiving. I have spoken to the analysts (Carolyn DiCenzo and Ken Chin) many times, and have found them to be keen observers of the archiving market. So, it’s interesting to read what they’ve concluded from all their customer interviews, and track what’s changed in the past 12-24 months. Comparing this year’s report to those from 2007 and 2006, I was struck by 3 observations, leading to 1 simple conclusion.

Observation #1: The Status Quo Is Alive And Well
Despite the thousands of hours that I’m sure vendors have spent trying to influence Gartner, about 80% of vendors in the report have seen no meaningful change in their rankings since last year. Most notably, Symantec is still the only company in the “Leaders” quadrant, while Autonomy/ZANTAZ remains rooted in the “Visionary” quadrant where it has been stuck for the past 2 years. Unlike Forrester, Gartner does not believe that Autonomy’s acquisition of ZANTAZ has made a shred of difference to ZANTAZ’s “ability to execute”, which is the main criterion by which it trails Symantec.

Observation #2: To Move Up, You Have To Differentiate
Only two vendors have significantly improved their positions over the past 2 years. One is Mimosa, which has separated from the pack by moving up from “Niche Player” to “Visionary”, primarily because it is “easy to deploy and manage” and offers “near continuous data protection and recovery features”. The other is CommVault, which has overtaken 8 other vendors. Gartner attributes CommVault’s rise to its new release which “supports the archiving of SharePoint and files, and dramatically improves search, single instance store, and ease of use”. In both cases, vendors are only able to improve their ranking by differentiating their products and offering something new.

Observation #3: E-Discovery Is A New Way To Differentiate
Each year, Gartner emphasizes that e-discovery functionality is becoming increasingly important to archive purchase decisions. In 2006, it advised vendors to “integrate with tools to manage the discovery process”. In 2007, it added that vendors must “offer more than just search and packaging, but also provide tools for review and case management.” This year, Gartner expanded its comments by also saying:

“Discovery tools are fast becoming a requirement to play in the enterprise part of the market. Robust search, review and export features are not only required but are the focus for most scalability concerns… many archiving vendors are partnering with e-discovery vendors to provide multiple options.”

To reinforce the point, Gartner moves EMC down from “Challenger” (top left) to “Niche Player” (bottom left), and cites the fact that EMC has “no e-discovery beyond search” as a major factor in its decision.

Conclusion
As the archiving market matures, it’s becoming increasingly hard for vendors to improve their rankings. Symantec is the runaway leader and the only way for someone to catch them is to find new ways to differentiate. Mimosa and CommVault are making progress because that’s exactly what they have done, but everyone else is either stuck or, in EMC’s case, slipping backwards. As those vendors consider how to move up and to the right, they should take a close look at e-discovery as an area of growing importance where meaningful differentiation is possible.