e-discovery 2.0

Google has publicly released the number of U.S. Government requests it had for email productions in the six months preceding December 31, 2009.  They have had to comply with 94% of these 4,601 requests.  Granted, many of these requests were search warrants or subpoenas, but many were not.  Now take 4,601 and multiply it by at least 3 for other social media sources for Facebook, LinkedIn, and Twitter.  The number is big – and so is the concern over how this information is being obtained.

What has becoming increasingly common (and alarming at the same time) is the way this electronically stored information (ESI) is being obtained from third party service providers by the U.S. Government. Some of these requests were actually secret court orders; it is unclear how many of the matters were criminal or civil.  Many of these service providers (Sonic, Google, Microsoft, etc.) are challenging these requests and most often losing. They are losing on two fronts:  1) they are not allowed to inform the data owner about the requests, nor the subsequent production of the emails, and 2) they are forced to actually produce the information.  For example, the U.S. Government obtained one of these secret orders to get WikiLeaks volunteer Jacob Applebaum’s email contact list of the people he has corresponded with over the past two years.  Both Google and Sonic.net were ordered to turn over information and Sonic challenged  the order and lost.  This has forced technology companies to band together to lobby Congress to require search warrants in digital investigations.

There are three primary laws operating at this pivotal intersection that affect the discovery of ESI that resides with third party service providers, and these laws are in a car wreck with no ambulance in sight.  First, there is the antiquated Federal Law, the Electronic Communications Privacy Act of 1986, over which there is much debate at present.  To put the datedness of the ECPA in perspective, it was written before the internet.  This law is the basis that allows the government to secretly obtain information from email and cell phones without a search warrant. Not having a search warrant is in direct conflict with the U.S. Constitution’s 4th Amendment protection against unreasonable searches and seizures.  In the secret order scenario, the creator of data is denied their right to know about the search and seizure (as they would if their homes were being searched, for example) as it is transpiring with the third party.

Where a secret order has been issued and emails have been obtained from a third party service provider, we see the courts treating email much differently than traditional mail and telephone lines.  However, the intent of the law was to give electronic communications the same protections that mail and phone calls have enjoyed for some time. Understandably, the law did not anticipate the advent of the technology we have today.  This is the first collision, and the reason the wheels have gone off the car, since the standard under the ECPA sets a lower bar for email than that of the former two modes of communication.  The government must only show “reasonable grounds” that the records would be “relevant and material” to an investigation, criminal or civil, compared to the other higher standard.

The third law in this collision is the Freedom of Information Act (FOIA).  While certain exceptions and allowances are made for national security and in criminal investigations, these secret orders are not able to be seen by the person whose information has been requested.  Additionally, the public wants to see these requests and these orders, especially if they have no chance of fighting them.  What remains to be seen is what our rights are under FOIA to see these orders, either as a party or a non-related individual to the investigation as a matter of public record.  U.S. Senator Patrick Leahy, (D-VT), the author of the ECPA, acknowledged in no uncertain terms that the law is “significantly outdated and outpaced by rapid changes in technology.”   He has since introduced a bill with many changes that third party service providers have lobbied for to bring the ECPA up to date. The irony of this situation is that the law was intended to provide the same protections for all modes of communication, but in fact makes it easier for the government to request information without the author even knowing.

This is one of the most important issues now facing individuals and the government in the discovery of ESI during investigations and litigation.  A third party service provider of cloud offerings is really no different than a utility company, and the same paradigm can exist as it does with the U.S. Postal Service and the telephone companies when looking to discover this information under the Fourth Amendment, where a warrant is required. The law looks to be changing to reflect this and FOIA should allow the public to access these orders.  Amendments to the Act have been introduced by Senator Leahy, and we can look forward to the common sense changes he proposes that are necessary.  The American people don’t like secrets. Lawyers, get ready to embrace the revisions into your practice by reading up on the changes as they will impact your practices significantly in the near future.

In the eDiscovery universe, hot trends and evolving technologies tend to capture the attention of the legal community.  Discoverable data sources have been the focus in the courtroom for quite some time, and just like the “popular kids” from high school, email has held the crown of eDiscovery darling.  Not surprisingly, the more time end-users spend in a specific medium (on Facebook, for example), the more likely data will be created – and as that data multiplies, it has the potential to become compelling in discovery.  It seems that many U.S. organizations are electing to allow social media use at work and for work, rather than blocking access.  For obvious reasons, granting this access is culturally desirable, but from an eDiscovery perspective social media use introduces new complications.  However, don’t be mystified.  There is nothing that new here.

Recently, Symantec issued the findings of its second annual Information Retention and eDiscovery Survey, which examined how enterprises are coping with the tsunami of electronically stored information.  Having lost some popularity, email came in third place (58%) to files/documents (67%) and database/application data (61%) when respondents were asked what type of documents were most commonly part of an eDiscovery request.  The new kid on the block for data sources is social media, reported by 41% of those surveyed.  Social media is in essence no different than any other data type in the eDiscovery process, it’s just the newest.  Said another way; social media is the new email.

Of course, it’s no longer news to proclaim that communications from social networking sites are discoverable.  What is newsworthy is the question of how to effectively store, manage and discover these communications which come in such varying forms, making the logistics of doing so for social media different than for traditional mediums.  Like email, social media is used by everyone (ubiquitous), is viral (fast), has mixed uses (professional and personal) and there is a lot of it (high volume).  Unlike email, social media comes in many different forms (Facebook, LinkedIn, Twitter, etc.), is not controlled within an organization’s firewalls (custody, possession and control issues), and has more complex requirements within the information governance lifecycle (technology is needed to ingest social media into an archive).

The two main areas to examine in relation to social media use and an organization’s policies are: 1) the legal issues that apply specifically to the organization, and 2) the logistical and technical requirements for preservation and collection.  Essentially, what is the organization’s policy surrounding social media use, and how can the information be accessed if need be? Luckily, technology exists that is nimble enough to be able to ingest social media and archive it in accordance with an organization’s policy, should one exist.  Organizations that have recognized social media as the newest kid on the block have, ideally: developed a social media policy, purchased (or deployed) collection and retention technology, and instituted training for their employees.  They have also integrated social media into their information governance strategy and document retention policy. Remember, not all organizations will have to archive social media, but all should address social media with a policy and training.

Other organizations have not accepted social media as part of the evolutionary process of eDiscovery.  They proceed at their own peril – as did the organizations that did not control their email some ten years ago!

These organizations will be in crisis when they need to collect social media for litigation and will most likely have a large lesson in damage control, as well as an equally large bill.  They will be uneducated, ill-prepared and overwhelmed about how to discover social media.  Without a policy, they will have to over collect by default, which will drive up the costs for collection and possibly for downstream review.  Given that the aforementioned survey found nearly half of the respondents did not have an information retention policy in place, and of this group, only 30% were discussing how to do so, it is likely that many of these organizations do not yet have a social media policy either.

With this background in mind, organizations should evaluate which laws and regulations apply to their organization, develop a policy and train their employees on that policy.  Plus ça change, plus c’est la même chose.

For more information about how IT and Legal can manage the impact of social media on their organization and to learn how archiving social media can be accomplished, please join this webcast from Symantec.

Symantec today issued the findings of its second annual Information Retention and eDiscovery Survey, which examined how enterprises are coping with the tsunami of electronically stored information (ESI) that we see expanding by the minute.  Perhaps counter intuitively, the survey of legal and IT personnel at 2,000 enterprises found that email is no longer the primary source of ESI companies produced in response to eDiscovery requests.  In fact, email came in third place (58%) to files/documents (67%) and database/application data (61%).  Marking a departure from the landscape as recently as a few years ago, the survey reveals that email does not axiomatically equal eDiscovery any longer.

Some may react incredulously to these results. For instance, noted eDiscovery expert Ralph Losey continues to stress the paramount importance of email: “In the world of employment litigation it is all about email and attachments and other informal communications. That is not to say databases aren’t also sometimes important. They can be, especially in class actions. But, the focus of eDiscovery remains squarely on email.”   While it’s hard to argue with Ralph, the real takeaway should be less about the relative descent of email’s importance, and more about the ascendency of other data types (including social media), which now have an unquestioned seat at the table.

The primary ramification is that organizations need to prepare for eDiscovery and governmental inquires by casting a wider ESI net, including social media, cloud data, instant messaging and structured data systems.  Forward-thinking companies should map out where all ESI resides company-wide so that these important sources do not go unrecognized.  Once these sources of potentially responsive ESI are accounted for, the right eDiscovery tools need to be deployed so that these disparate types of ESI can be defensibly collected and processed for review in a singular, efficient and auditable environment.

The survey also found that companies which employ best practices such as implementing information retention plans, automating the enforcement of legal holds and leveraging archiving tools instead of relying on backups, fare dramatically better when it comes to responding to eDiscovery requests. Companies in the survey with good information governance hygiene were:

• 81% more likely to have a formal retention plan in place
• 63% more likely to automate legal holds
• 50% more likely to use a formal archiving tool

These top-tier companies in the survey were able to respond much faster and more successfully to an eDiscovery request, often suffering fewer negative consequences:

• 78% less likely to be sanctioned
• 47% less likely to lead to a compromised legal position
• 45% less likely to disclose too much information

This last bullet (disclosing too much information) has a number of negative ramifications beyond just giving the opposition more ammo than is strictly necessary.  Since much of the eDiscovery process is volume-based, particularly the eyes-on review component, every extra gigabyte of produced information costs the organization in both seen and unseen ways.  Some have estimated that it costs between $3-5 a document for manual attorney review – and at 50,000 pages to a gigabyte, these data-related expenses can really add up quickly.

On the other side of the coin, there were those companies with bad information governance hygiene.  While this isn’t terribly surprising, it is shocking to see how many entities fail to connect the dots between information governance and risk reduction.  Despite the numerous risks, the survey found nearly half of the respondents did not have an information retention plan in place, and of this group, only 30% were discussing how to do so.  Most shockingly, 14% appear to be ostriches with their heads in the sand and have no plans to implement any retention plan whatsoever.  When asked why folks weren’t taking action, respondents indicated lack of need (41%), too costly (38%), nobody has been chartered with that responsibility (27%), don’t have time (26%) and lack of expertise (21%) as top reasons.  While I get the cost issue, particularly in these tough economic times, it’s bewildering to think that so many companies feel immune from the requirements of having even a basic retention plan.

As the saying goes, “You don’t need to be a weatherman to tell which way the wind blows.”  And, the winds of change are upon us.  Treating eDiscovery as a repeatable business process isn’t a Herculean task, but it is one that cannot be accomplished without good information governance hygiene and the profound recognition that email isn’t the only game in town.

For more information regarding good records management hygiene, check out this informative video blog and Contoural article.

As the saying goes, “I’ve seen the future and the future is now.”  This was my first reaction after analyzing two recent surveys regarding social media and eDiscovery.  The first one was from Clearwell (now a part of Symantec) and the Enterprise Strategy Group, entitled: “Trends in E-Discovery: Cloud and Collection.”  Beyond examining cloud issues it also queried respondents about the growing impact of social media on electronic discovery.  While many of the responses struck me as intuitive, I was taken by the fact that we seem to have crossed over the chasm of social media to the point that this content simply cannot be ignored any longer.  For ages, and perhaps some still today, email was the 800 pound gorilla in the eDiscovery context, often to the dangerous exclusion of other forms of electronically stored information (ESI).

But, in 2011 we’ve now reached the tipping point – with 58 percent of respondents of the ESG survey expecting to manage social media applications as part of eDiscovery, more than double the 27 percent who did so in 2010.  That’s not only a massive increase in one year, but it also moves social media from a fringe element to a mainstream source of ESI.  When asked what types of social media applications would be the most relevant for eDiscovery, 79 percent of survey respondents named Facebook, followed by Twitter (64 percent) and LinkedIn (55 percent).

Similarly (and coincidentally), Applied Research and Symantec (who just acquired Clearwell) queried 1,225 senior enterprise IT professionals around the world in a Social Media Flash Poll.  In one of the main findings, the Flash Poll found that social media is extremely ubiquitous in the enterprise environment, with 45 percent of respondents using it for personal uses and 42 percent using it for business reasons.  Rating highly were a number of disparate social media devices including blogs, multimedia sharing, business forums and, of course, social networking – both personal (e.g., Facebook) and business (e.g., LinkedIn).

The impact on eDiscovery, while somewhat obvious, is nevertheless a significant challenge for many enterprises.

Initially, the increased use of social media intrinsically means that email isn’t likely to be the sole source of responsive information pertaining to a lawsuit (or governmental inquiry).  While this hasn’t really been the case for a while, it’s time for the attorneys scoping eDiscovery matters to face facts and abandon old school notions that email axiomatically equals eDiscovery.  For good or ill, our world of potentially responsive ESI simply isn’t that homogenous.

The Flash Poll also honed in on how this increased use of social media is impacting IT professionals.  While information governance concepts (compliance with regulations and retention polices – both at 45 percent) rated higher on their risk index, the management of eDiscovery was still a significant (and growing) concern at 37 percent.  And, while IT folks are increasingly concerned, it’s safe to say that their attorney counterparts (who have a heightened sense of risk profiling) are even more worried about the impact of social media on the already complex eDiscovery process.

So, what can be done in the face of this changing eDiscovery landscape that used to be dominated by email?  First and foremost, it’s imperative to understand your unique regulatory and legal requirements.  This facilitates the mapping of new social media technologies and content to the requisite policies that address data mapping and the retention of social media content, either in a proactive sense (i.e., archiving) or in a reactive sense (i.e., litigation hold).

As Glenn Close frighteningly said in her 1987 thriller, Fatal Attraction, “I will not be ignored.”  That warning fits the entire social media genre as it relates to eDiscovery in 2011.  And, just like ignoring Glenn Close, failing to pay proper attention to social media is done at significant peril to both IT professionals and attorneys alike.

It’s a new year in legal technology, and the visions of sugarplums dancing in our heads quickly give way to visions of LegalTech 2009. After all, who can help but dream about another opportunity to brave the icy streets of New York City in February? Fond memories of attempting to wolf down a stale croissant and cold cup of coffee while jostling for an uptown cab outside the New York Hilton can set even the most jaded litigation support manager’s heart aflutter.

The weather and the Manhattan traffic may remain the same, but, as we’re all painfully aware, this year’s show takes place in the context of a dramatic global recession that is having a huge impact on the legal industry’s use of technology, particularly electronic discovery. It’s in challenging times that innovation often thrives the most, so this year’s LegalTech may actually yield a surprising number of new ideas and technologies.

Innovation aside, this year’s LegalTech will likely have a bit of a different “look and feel” from last year:

Some things, of course, never change. Fortunately, the team at Incisive Media has been working overtime to put together a stellar lineup of practitioners, legal experts, and judges to provide insight into some of the key issues of legal technology. While electronic discovery is top-of-mind for many, there’s a lot of more than that on tap. Key sessions include:

• Patrick Oot, Director of Electronic Discovery and senior litigation Counsel at Verizon will lead the first-ever LegalTech Town Hall meeting, to be featured on YouTube. The Town Hall will be an interactive discussion where participants will be able to submit questions in real-time to a panel of experts for immediate feedback and insight on the topics that are of top concern.
• John W. Woods, a partner at Hunton and Williams, will deliver a keynote on “How eDiscovery is Changing the Relationship Between Law Firms and their Corporate Clients”. Clearly there’s a sea change going on here, which seems to be being accelerating by the economy, and it will be very interesting to hear what John has to say.
• Finally, LegalTech would not be complete without a contribution from a leading light of the bench. And this year, none other than United States Magistrate Judge John M. Facciola of Peskoff v. Faber and United States v. O’Keefe will be presiding. Ralph Losey said he’s “just about my favorite judge of all time” and it’s sure to be a fantastic session to get up to speed on the cutting edge of electronic discovery law.

The fantastic speaker lineup, of course, just scratches the surface. LegalTech is also an incredible networking opportunity to meet with fellow practitioners and vendors. However, it can be a little overwhelming, particularly to first-time attendees. So, we thought we’d close with a video that Monica Bay put together last year that provides a quick “how-to” guide for making the most of your time at LegalTech.

As a final note, I’ll be attending the E-Discovery 2.0 LinkedIn Happy Hour before B-Discovery’s LegalTech event.  It’s at the Hilton’s Bridges Bar from 8:00 – 9:00pm on Monday February 2^nd.  Come by and say hello.  If you are not a member of the E-Discovery 2.0 LinkedIn group, sign up here.  See you at the show!