e-discovery 2.0

One of the new buzz words of the last few years in computing has been Cloud Computing. After the initial hype, and the subsequent shakeout of its potential, everyone is beginning to recognize that it represents a paradigm shift in how we purchase, deploy, and utilize computing resources. The general impetus for the cloud has been its potential to reduce capital costs, offer flexibility in purchasing computing resources, and reduce operational costs in maintaining hardware resources.

A lot of what the cloud offers is achievable using existing technologies, but repurposed in new and innovative ways. Several forms of the cloud, with specific benefits to customers, are being packaged and promoted. The offerings are delivered as cloud services, such as Platform as a Service (PaaS), Infrastructure as a Service (IaaS) and Software as a Service (SaaS). Without getting into specifics, each service offering comes with a set of service agreements between the purchaser and provider of the cloud services.

As with any new initiative, there are new challenges to contend with including security and compliance with corporate policies and industry regulations.  Although these issues are substantial, for this article, let us consider the legal implications as it relates to electronic discovery. We all know that sooner or later, every organization faces litigation, and increasingly, fair number of them involves e-discovery. Traditionally, in house legal and IT teams have had an understanding of how to respond to legal requests and have focused on litigation readiness. But, how do these translate to the new cloud computing paradigm? I’ll examine some of the challenges in a series of posts on e-discovery and the cloud. For starters, let’s analyze the challenges and considerations inherent with the duty to preserve electronically stored information (ESI).

Duty to Preserve ESI

Before we get to the mechanics of electronic discovery and actual preparation for Rule 26(f) conference, the duty to preserve arises. The duty to preserve may be triggered when a legal proceeding is “reasonably anticipated” and increases in importance on receipt of pre-litigation correspondence or a similar trigger event. Traditionally, such duty to preserve is reflected by placing litigation holds. It is often the case that litigation holds are placed on at least a portion of the ESI well ahead of an actual triggering event. See Adams v. Dell as perhaps an extreme example. In fact, some organizations invest in litigation support software technologies for classifying data and placing holds on the most reasonable subset.

How does such a litigation hold translate into the cloud? As a customer of a cloud, one should craft service agreements to dedicate certain cloud-resident data, in the form of folders or other broad categories, to be preserved. If the cloud provider has deployed technology to ensure that no party within the customer’s user community can delete the preserved data, it is well and good. However, placing such restrictive access impedes normal running of the business, and becomes impractical. Essentially, data in the cloud that is available for normal course of business is in the hands of user-custodians. If they then delete the data either deliberately, or inadvertently, or through normal business functions, that data deletion is subject to spoliation claims. Even though the “safe harbor” from spoliation sanctions of Rule 37(f) applies when information is lost due to the “routine, good faith” operation of electronic information systems, when preservation order is in place, shelter under 37(f) is not possible. Thus, the actual implementation of litigation hold comes under scrutiny. Because of this, many implementations adopt preservation using a “copy and preserve” model. However, this model is at odds with live business data that is constantly evolving. Even if the latest point-in-time snapshot technology at the physical volume is employed, the result is inadequate – you end up preserving massive volumes of data in the cloud, unrelated to actual logical messages or files that need to be preserved. What is needed is some smartness in the form of an application in the cloud itself that can translate a litigation hold request into specific ESI in the cloud. Who owns and manages this application and what the service levels are for this application is a significant issue.

Now, the view from the cloud provider’s perspective is very different. In light of the flexible data management architectures available, there is a great temptation to share both data with a litigation hold and data without a litigation hold on the same physical infrastructure. As a result, the cloud provider   preserves all data from every customer that is resident on that infrastructure – a very conservative approach. As a consequence, this would preserve another customer’s ESI accidentally and that data is now discoverable, in the context of a different litigation, despite the second customer’s active management of the data. Preserving a set of live, constantly changing data in the context of a single enterprise is technically difficult; doing so across multiple customers, sharing the data infrastructure is exponentially harder.

Another related issue with preservation is the need for the ability to release preservation holds. Typically, when the litigation response team determines that the legal hold is not necessary, the hold is released. In the “copy and preserve” model of litigation hold, one has to verify that the released ESI does not overlap with other litigation holds and is marked for destruction. One of the benefits of the cloud is the flexibility in storing bits and pieces of data wherever data capacity is available. Applying the release can again be tricky for both cloud customer and the cloud provider.

Given these additional complexities of evidence in the cloud and the fact that the duty to preserve may arise well before the trigger event of litigation, the costs associated with the duty to preserve can add up very quickly. It’s essential to understand three critical items related to the duty to preserve in the cloud: 1) what the cloud provider would charge for ongoing preservation, 2) whether agreements with the cloud provider cover the legal issues raised by the duty to preserve and 3) what the cloud provider offers in terms of a flexible workflow for applying and releasing legal holds.

Recently, I attended the Sedona Conference’s annual meeting in Atlanta and, amongst other interesting topics, was the discussion of local rules developments and in particular the Seventh Circuit’s new Electronic Discovery Pilot Program (“Pilot Program”).  The Pilot Program was launched October 1, 2009 and seems to be a model for collaboration, since it was developed by eliciting input from a number of disparate groups:

“(a) continuing comments by business leaders and practicing attorneys, regarding the need for reform of the civil justice pretrial discovery process in the United States, (b) the release of the March 11, 2009 Final Report on the Joint Project of the American College of Trial Lawyers Task Force on Discovery (“Task Force”) and the Institute for the advancement of the American Legal System at the University of Denver (“IAALS”), and (c) The Sedona Conference® Cooperation Proclamation.”

The impetus of the Pilot Program was the “broken” nature of the electronic discovery process with the belief that better collaboration and cooperation would certain help remediate the situation.

“The goal of the Principles is to incentivize early and informal information exchange on commonly encountered issues relating to evidence preservation and discovery, paper and electronic, as required by Rule 26(f)(2). Too often these exchanges begin with unhelpful demands for the preservation of all data, which often are followed by exhaustive lists of types of storage devices. Such generic demands lead to generic objections that similarly fail to identify specific issues concerning evidence preservation and discovery that could productively be discussed and resolved early in the case by agreement or order of the court. As a result, the parties often fail to focus on identifying specific sources of evidence that are likely to be sought in discovery but that may be problematic or unduly burdensome or costly to preserve or produce.”

What I really like about the Pilot Program is that it strives to be both prescriptive and practical, which should hopefully avoid the type of ambiguity often exploited by obstreperous counsel.  For example, there is an entire section on early case assessment (ECA) principles, which require discussion of:

• Production issues
• Identification of electronically stored information (ESI)
• The scope of preservation
• The meet & confer process

There’s also the relatively novel requirement that counsel designate an e-discovery “liaison” to work with the parties to coordinate and flesh out germane e-discovery issues.  Regardless of whether the e-discovery liaison is an attorney, a third party consultant, or an employee of the party, the e-discovery liaison(s) must:

“(a) be prepared to participate in e-discovery dispute resolution;

(b) be knowledgeable about the party’s e-discovery efforts;

(c) be, or have reasonable access to those who are, familiar with the party’s electronic systems and capabilities in order to explain those systems and answer relevant questions; and

(d) be, or have reasonable access to those who are, knowledgeable about the technical aspects of e-discovery, including electronic document storage, organization, and format issues, and relevant information retrieval technology, including search methodology.”

Needless to say, this requirement alone should make marked improvements in the e-discovery dialogue, which unfortunately seems like it’s occurring (literally) among participants who both speak different languages and don’t realize it.

Finally, what makes the Pilot Program unique is that its Principles will be subjected to testing during the phases of the Pilot Program, which is scheduled to end on May 1, 2010 (for the first phase).

This project certainly seems like it’s on the right track and pending feedback from the bench and bar, it could serve as a model for local jurisdiction everywhere.

Jeff Spicoli, after crashing a car in Fast Times at Ridgemont High, quipped:

“It’s okay. My dad is a TV repairman. He has the ultimate set of tools. I can fix it.”

Clearly, Spicoli’s tools (no matter how “ultimate”) weren’t going to get the car repaired. Never mind the fact that he was probably under the influence and shouldn’t have been operating anything more than a Barcalounger. His quote did get me thinking about a post I read recently that probably would have advised Spicoli against talking about how good his tools were. The post in question trumpeted the value proposition of early case assessments in E-Discovery (a viewpoint I wholly endorse). And yet, during the blog the author posited an interesting viewpoint that I think needs a bit of deconstruction:

“In legal, the less information your opponent has, the better off you are. … Using commodity based early case assessment tools may introduce legal risk your company may not want to manage. For example, if the opposing counsel has foreknowledge of the products you use, such as Autonomy/Aungate, Attenex or Clearwell Systems, they know your capability to identify concepts, custodians, etc. Using software to create legal leverage without sharing to the world how you do it, can improve your competitive advantage in the early phases of litigation.”

As a former practicing litigator, I’ll be the first to admit that I’ve seen my share of scorched earth discovery tactics. And, I’m not so much of a Pollyanna to think that a certain amount of this zero sum mentality doesn’t still exist. And yet, there’s an emerging trend (some might say a nascent best practice) to increase the amount of transparency and collaboration in the E-Discovery world.

I was at the Sedona Conference’s recent “Program on Getting Ahead of the eDiscovery Curve” where one of the hot topics was how the fledgling amendments to the FRCP were playing out in practice. One key discussion area centered around how the new Rules required a much more collaborative meet and confer process:

“Rule 26(f) is about cooperation and working together. By coming together early, defining what is important and what is not, and working with your adversary, not against them, means less risk, less cost and more certainty.” [Emphasis Added]. A Practitioner’s Guide to Rule 26(f) Meet & Confer: A Year After the Amendments. John Rosenthal, Howrey LLP and Moze Cowper, Amgen Inc.

Similarly, recent case law has also championed this collaborative approach:

“Identifying relevant records and working out technical methods for their production is a cooperative undertaking, not part of the adversarial give and take. … It is not appropriate to seek an advantage in the litigation by failing to cooperate in the identification of basic evidence.” In re Seroquel Prods. Liab. Litig., 2007 WL 2412946 (M.D. Fla. Aug. 21, 2007)

As part of this proposed transparency and collaboration, the authors (above) point out that a number of topics should proactively be discussed during the meet and confer session(s) including preservation, date ranges, custodians, systems, categories or types of ESI, and the use of search terms. In my experience this level of discussion and transparency really does pay dividends. Anything that resembles a “hide the ball” approach will ultimately take up needless attorney cycles, and will in turn drive up the cost of resolving the matter.

Now, I will concede that a party shouldn’t take the transparency notion too far. For example, it’s probably not necessary to immediately discuss the brand(s) of tools that are working behind the scenes to deliver the promised results. And yet, disclosing the type of functionality that will be brought to bear on the E-Discovery process can help:

• Facilitate discussions about ESI “inaccessibility” – see FRCP 26(b)(2)(B)
• Dispel the frequent myth that one party has the type of uber tool that can instantly, cheaply and automatically grab every piece of relevant data from the most remote corners of an enterprise
• Set the stage for limitations in the E-Discovery process so that all parties (including the Court) can have their expectations firmly grounded in reality
• Eliminate “black box” technology concerns by showing the opposition how your tools work to process files, handle metadata, etc.

So, back to the Spicoli reference,… having a killer set of tools may help your enterprise (or client) achieve fast, accurate and predictable results. But, does the opponent’s knowledge of the type of tools and features you’re going to use increase your risk profile?

While there aren’t any absolutes, I’d certainly say “no.” And, even if this type of gamesmanship did yield a temporary advantage, it’s probably outweighed by a collaborative E-Discovery approach that is quickly becoming a best practice.

If we could only get the E-Discovery tools to fix Spicoli’s car…