e-discovery 2.0

Over the past 4 years, I have had hundreds of conversations with corporate counsel and “legal IT”, meaning technical folks charged with supporting the legal team. More and more of them are looking to lower their costs by bringing e-discovery in-house. But as they work through that process, there’s one question that consistently comes up, even today – namely, “When [insert name of software company] says they “do” e-discovery, what exactly does that mean?”

There has been progress towards answering this question, thanks mainly to the analyst community. George Socha and Tom Gelbmann’s EDRM framework has been immensely helpful in breaking down electronic discovery into its component steps. Other analysts, like Debra Logan at Gartner, were quick to embrace the framework, prompting every software provider to follow suit. As a result, there is today a common language that everyone uses to describe the e-discovery process.

The Electronic Discovery Reference Model (EDRM) breaks down the e-discovery process into a series of steps. Companies looking to buy e-discovery software to lower costs typically map different software products to each of these steps, to make sure that they cover the entire process.

But having a universally-agreed framework is only half the answer. To eliminate customer confusion, there also needs to be agreement on how different software products fit into the framework. This is especially important since there is no single, end-to-end solution for e-discovery which covers all aspects of EDRM. So customers are forced to think about how different software solutions fit together. And that is where things begin to fall apart.

Many software vendors feel it is advantageous to claim that they do everything, even though they do not. Customers are rightly suspicious of those claims, and so press vendors to provide more detailed information – hence the question, “when you say you do e-discovery, what exactly does that mean?”

In light of that, how can litigation support teams, corporate counsel, or legal IT people figure out which e-discovery solution best meets their needs? From observing this decision-making process hundreds of times, I have found 3 simple steps are incredibly helpful.

Step 1: Read the analyst reports

Two reports in particular make for required reading. One is Gartner’s MarketScope Report, which is available for free at certain sites; the other is the 451Group’s recent e-discovery report, which is summarized in a publicly available presentation. The helpful thing about the 451 Group’s report is that it tells you which software companies do which parts of the EDRM process. You do have to buy the report to get the full picture (it’s well worth it!), but the publicly available presentation will give you a flavor for their analyis, and I have drawn from that presentation in the figure below:

Analyst firms like the 451 Group map software vendors to the EDRM framework according to what they actually do, which is often different from what software vendors claim they do.

The 451 Group’s analysis highlights several important points. First, it shows that there is no single end-to-end solution. Even the products of giants like EMC (SourceOne), HP (IAP), and IBM (CommonStore) only solve one piece of the puzzle, information management. Second, it shows that customers have choices at each stage of the EDRM process. For example, to solve the problem of identification, collection, and preservation of electronic information, customers can choose from solutions as diverse as Guidance EnCase (forensic collection), Index Engines (back-up tapes) and Mimosa NearPoint (email archive). Third, it provides an independent assessment of what vendors do, as opposed to what they may claim. For example, Kazeon claims analysis and review capabilities, whereas the report shows its product does identification, collection, and preservation; Recommind claims its Axcelerate eDiscovery and MindServer products do processing, whereas the report finds that they do not.

Step 2: Evaluate the products prior to purchase

Just as anyone would test-drive a car prior to purchase, it’s critical to test-drive e-discovery software. Any vendor should be willing to provide their software free of charge for an evaluation on-premise. The most effective evaluations are when the customer uses the product themselves, either on a live case or test data. This is far preferable to just sending the data to the vendor who then loads it into their system, as in that scenario there are too many opportunities for the vendor to hide their product’s shortcomings.

Step 3: Check references carefully

The trick with references is to insist on relevant references. It’s not good enough for the vendor to dredge up some random person who says nice things; or even a credible knowledgeable person who is using the product in a completely different way. For example, if a company is happy with Autonomy’s IDOL for enterprise search, that does not tell you much about what Autonomy might be like for e-discovery. What really counts are references from other customers who are using the product for the same application that you are.

All this can sound like a lot of work, but I have seen people go through the process in as little as a month, and be much happier for it. A little work up front can save a lot of time (and heart-ache!) later on.

It’s been a little over a month since the news first broke that Guidance Software was the frog in an electronic discovery kettle whose water had just reached the boiling point, with the arbitrator in an employment case demanding, “I want this game-playing stopped.” We thought that, with a little time between the initial story and now, it would be worth taking a step back and looking at possible lessons learned — not so much for Guidance specifically, but for enterprises who find themselves in similar situations, as well as the electronic discovery community that serves them.

First, a quick summary. Based on published accounts, it seems like a classic discovery situation (that’s just plain old discovery, without the “e”): a party is sued and fails to produce a document that, lo and behold, surfaces via some other source, throwing the integrity of the sued party into question. After all, if one potentially incriminating document wasn’t discovered, then who knows what else could be out there?

Guidance contended that it did everything that was required of it, and that it didn’t have (or couldn’t find, despite good faith efforts) the emails in question. But, of course, that didn’t stop the litigation support community (via forums such as the Litigation Support List) from pouncing on the perceived hypocrisy.

After all, how could a leading, publically-traded electronic discovery company get caught up in such a mess? How could their cutting-edge electronic discovery technology not have saved them? Or their (hopefully) best-in-class internal electronic discovery processes? If the electronic discovery companies don’t have their acts together, what about all the other poor souls who lack their knowledge and expertise?

That last question is a scary one, particularly given today’s environment, and it’s why the situation has stirred up so much chatter out in the electronic discovery blogosphere. Almost without exception, commenters have jumped to one of two conclusions. Either (a) Guidance has not followed proper e-discovery best practices, or (b) Guidance has willfully chosen to hide relevant documents that it could have produced, because they would be detrimental to its case.

Let’s explore each of those conclusions in a little more detail.

First, is there any direct evidence that Guidance did not follow electronic discovery best practices? The answer there is murky. Certainly, from Guidance’s perspective, the answer is a resounding “no”. They continue to claim that the emails that were produced from another source did not exist on the various laptops, desktops, and servers that were part of the initial discovery request, and it is certainly possible that that is true. Perhaps Guidance had a 1-year retention policy for emails, and the emails in question were outside of that policy. Perhaps the individuals involved had legitimately deleted the emails in question prior to receiving a litigation hold notice, without thinking that they would ever be relevant to a legal matter. Certainly an independent observer has grounds for incredulity here, but it does not necessarily follow that Guidance did not follow electronic discovery best practices for a company of their size and resources. Certainly, from the reports, they did not exactly act in a way that earned much confidence from or favor with the arbitrator. However, that’s a completely different issue, and one which may be a legitimate tactical decision by Guidance (to avoid, for example, the high cost of recovering the corrupt backup tapes).

Second, what if Guidance willfully chose to hide relevant documents? At this point, there is no evidence that this is the case. And, you would think that of all of the companies out there, Guidance would be keenly aware of the extremely high level of risk associated with this strategy. A company well-versed in computer forensics understands keenly that the odds of any potentially negative emails not being out there, somewhere, in cyberspace are incredibly small. Thus there is little incentive to intentionally hide documents. If, however, a company did make such a perilous and unethical decision, it has nothing to do with a lack of e-discovery best practices or technology: it simply has to do with a lack of ethics.

So, has the coverage of the Guidance situation been nothing more than an electronic discovery witch hunt? Far from it… even if both of the “conventional wisdom” conclusions are in fact wrong.

Why? Because even if Guidance has its electronic discovery house in order and is acting with complete integrity, if there’s one thing that anyone in the electronic discovery business should have taken away from the last 5 years of court rulings, it’s that perception and transparency in electronic discovery is everything. Electronic discovery is technically complex and fraught with challenges, and companies – particularly those who are perceived as having vast expertise in the space, whether as vendors (i.e. Guidance) or institutions (i.e. pick your favorite TARP recipient) – have to act in such a way as to appear spotless before the court of law and the court of public opinion.

Assuming you already have your electronic discovery house in relative order (a baseline, fundamental requirement for doing business today), perhaps the most important take-away from Guidance is how carefully you need to consider how minor electronic discovery slip-ups, whether real or perceived, can bite, big time. The legal and media environment is primed to pounce on any hint of a cover-up or conspiracy, and enterprises must go the extra mile (or two, or three…) to ensure that their e-discovery efforts are, and will be perceived, as upright, ethical, and above reproach – or be ready and willing to pay the price in sanctions or loss of public confidence.

To the casual observer, it is surprising that a small private company (AccessData) could even think of acquiring a larger, public one (Guidance Software). But that’s exactly what AccessData publicly proposed to Guidance’s shareholders on November 6, after Guidance’s board had rejected its offer of $4.50 per share.

Leaving aside the personalities involved, and the history of bitter rivalry between these two companies, it’s easy to see why Guidance’s board rejected the offer. First, it’s only a 19% premium over Guidance’s share price on October 6, the date that the offer was made. Second, given 23 million shares outstanding, AccessData is offering a total price of just over $100 million for a company with $90 million in revenue and about $25 million in cash. Compare that to other e-discovery acquisitions, such as FTI’s $88 million purchase of Attenex or Iron Mountain’s $158 million deal for Stratify, each of which only had about 30% of Guidance’s revenue, and you cannot help feeling that the price is very low. Third, there’s the question of where AccessData will come up with the money. It’s hard to believe they happen to have $100 million in cash lying around and, with the recent market meltdown, debt is much less of an option than it used to be.

Still, this is not necessarily bad news for Guidance Software. Since its IPO in October 2006, the stock has fallen from a high of $17 per share to a low of $2 per share. The public markets are very unforgiving to small software companies. Guidance has recently made some bold moves, announcing usage-based pricing for its e-discovery product and several notable customer wins, but nothing has moved the stock. So an acquisition offer may be just the ticket to boost the share price, especially if it encourages other, more attractive acquirers to throw their hats into the ring.

Stay tuned, this might get interesting.