Print This Article

Kristin Nimsger – No longer can parties or their counsel claim to be unaware of digital data. Instead, judges are expecting e-savvy litigators in their courtrooms. Two of the easiest mistakes that lawyers can make include:

Having no electronic discovery plan or pursuing discovery of electronic evidence in a haphazard manner. Litigators who take the time to learn what e-evidence is, how to find it, how to use it, and how to avoid problems when dealing with it increase their chances of prevailing in a case and avoiding judicial sanction. This includes a comprehensive plan for collecting, analyzing, and producing digital data.

Having inexperienced people conducting well-intentioned computer-based discovery. When an incident occurs, there is a strong tendency to have the security or technical staff “take a quick look” at the computers involved in an attempt to confirm or deny suspicions. Unfortunately, the act of “taking a quick look,” if not carried out using proper protocols, most often results in unintended and unnoticed changes to the digital files. For example, simply booting a computer can destroy temporary files and change file dates/times. Information Technology (IT) professionals are well-informed about their company’s systems, data locations, media types, software use, and data retention policies. Yet, this wealth of information does not give rise to an expertise in the area of e-discovery or computer forensics. Depending on the complexity of the technology involved, intricacy of the request, judicial deadlines, exposure to liability, and diversion of internal staff, shouldering the e-evidence burden alone could place you and your client at risk for sanctions.

Lee Neubecker – The most important thing is to make sure the evidence doesn't suffer spoliation by having a non-expert look around to see what the person was doing on their computer. I can't begin to tell you how many times the IT department staff or managers begin looking at a suspect computer without first having a forensic copy of the computer’s hard drive generated. The simple act of browsing through files or copying files off a computer alters very important META data that might help an expert determine what files were stolen from the computer by a former employee. Because of this, it is important to act fast in sending a preservation letter to opposing counsel and contacting you client to ensure that no electronic evidence is destroyed once litigation has begun. Articles on these topics can be found at http://www.forensicon.com/pdfs/article_preservationletter.pdf and http://www.forensicon.com/pdfs/article_timeisessence.pdf.

Joe Kashi – The lawyer should have a strong grounding in operating system and hardware issues, quirks, and other matters that can result in "false positive" findings, basically what are termed experimental "artifacts" in the hard sciences. The first responsibility is to not introduce any systemic errors in either the computers to be discovered or in the findings.

Craig Ball – First, realize that it’s not like paper discovery. Going after data as you’ve always pursued paper records will get you in trouble. We never cared what type of file cabinet our opponents used, but we must care—and must learn—what type of information systems they have. The file room is history. Discoverable data is strewn across a patchwork of file servers, workstation hard drives, home computers, laptops, PDAs and online repositories. Our opponents don’t know where all their data resides or how to preserve and produce it. We’ve got to dig, and to educate ourselves and our opponents. Volume and cost will kill you, so be careful what you wish for. Start by dropping the “any and all” boilerplate from requests and focus on what you really need.

Rick Davey – The first step should be to get EDD professionals involved before any discovery is performed. That will avoid most of the preventable mistakes. One easy mistake that most "go for it" folks make is not learning how data must be gathered from the original data source.
Jon Sigerman - The first part of this question is a hard one. First, I think it is a mistake for a lawyer to fear that obtaining knowledge about digital evidence basics (e-mail, spreadsheets, etc) and basic forensics makes them dangerous to themselves and their clients. I think not obtaining a threshold level of knowledge (which I believe any litigator can obtain by reading publications by Joan Feldman, Mike Arkfeld and others) limits the competence of today’s litigator, because the ignorant litigator is going to unwittingly overlook valuable probative information. Also, a litigator involved with electronic evidence, who lacks a basic knowledge and sense of the processes and logistics for acquiring and reviewing electronic evidence, is vulnerable to forensic services and service bureau costs getting out of hand, not to mention a blind-siding by the opposition.

At a minimum a lawyer involved in electronic discovery should know that when an electronic document is converted to an image, or even displayed on the screen or printed by the native application (e.g. a word document displayed by Microsoft Office), they will not see all of the potentially relevant information contained in the digital file. For example, meta data, background notes, and spreadsheet formulae are not included in the printed version. Litigation support programs exist which index and search native electronic file formats such as Word files, Excel spreadsheets, Outlook .MSG files without the necessity of converting the files. Converting the files can be costly as well as result in lost information (worst of all worlds). There are advantages to converting files to images (e.g. they can be redacted, Bates stamped, labeled “CONFIDENTIAL”). However, those advantages apply to a winnowed set of documents — those that at the very least have been reviewed for threshold significance to the case before the costs of converting them are undertaken.

Mark Sableman – I agree that most lawyers need to learn more about electronic discovery. I am flabbergasted when I go to an electronic discovery seminar and see only a handful of attorneys in attendance. Every litigator should be attending these seminars, listening to experts and war stories about computer forensics and electronic discovery. For example, any lawyer who is counseling a client, or thinking about discovery from an adversary in litigation, should know about recovery of “deleted” files, and about the information retained as meta data on common Microsoft Office documents. It gets down to simple things like knowing not to send out your Office document to adversaries unless the meta data has been scrubbed. Ken Shear of Electronic Evidence Discovery tells a story about a lawyer who sent out a settlement letter without scrubbing the meta data – the recipient was able to find, in the meta data, the higher settlement offer that had been written in an earlier draft of the letter!

Skip Walter – One of the biggest challenges with electronic discovery is that the initial answers to all questions about a particular matter are either “I don’t know” or wrong. Underestimating the time and expense of electronic discovery is an easy mistake to make. We encountered situations where the amount of discoverable electronic information was several times more than what was expected. My advice is this: If electronic discovery is a factor, get an expert involved early in the process to help formulate a strategy. Work with vendors who have experienced project managers that understand how to manage the incoming data in all its forms to your timeline and budget.

David Goldstone – The number one mistake I have seen lawyers make is to believe vendors or techies who say that what the lawyer requests "can't be done." Computers are so powerful in part because they are so flexible. I have found very little that I wanted to do with electronic discovery that couldn't be done. A particular request may take a little bit of programming or cost some money but it certainly "can be done." And it can usually be tailored to minimize the associated time and dollar cost as well. If a person tells you that what you want "can't be done," you should keep asking "why not?" Even if you can't get exactly what you want, you will probably be able to come up with a creative way to get what you need.

Chris Kruse – Electronic discovery is challenging – there are many potential pitfalls and challenges. To be effective, a lawyer should focus on a few key issues including: (1) making certain their electronic discovery vendor and client are talking to each other to avoid improper data collection and processing errors; (2) defining the process for handling document exceptions such as corrupt files, password protected files, virus infected files, files containing electronic pointers to other files, and self-extracting archive files, for example; and (3) managing project risk and clearly identifying that part of the project that is routine and that portion which may be new ground, or not previously handled, to insure the potential for errors is minimized.

Mark Yacano – Many lawyers make two mistakes regarding e-discovery. First, they do not educate themselves regarding e-discovery until it arises in one of their cases. They are left scurrying for relevant law and advice from vendors they have just met. These lawyers learn that confronting e-discovery “on-the-fly” is tremendously costly and strategically dangerous. Instead, counsel should anticipate e-discovery. They should track and review e-discovery law and related literature, attend seminars, meet with e-discovery vendors (not just one), participate in online demonstrations and, if necessary, visit vendors’ facilities. Second, lawyers often hire their e-discovery vendor after too little investigation. Like all industries, vendors come in all shapes and sizes, with different price structures, specialties and levels of expertise. Too many vendors offer a full portfolio of e-discovery services when, in reality, they are only competent in one area. Similarly, some lawyers hire their vendor and turn them loose with their client’s computer systems and data, trusting that the vendor will produce a perfect product in two weeks. Such a result is unlikely. Counsel must be involved with the vendor’s work at each step of the process.

Chris Paskach – Most lawyers do not need to become subject matter experts on electronic discovery to effectively utilize the technology. However, it is important for them to understand that electronic discovery is best accomplished by taking a phased approach using integrated processes and technologies. To reduce risk and lower overall discovery management costs, KPMG has identified the following phases in its product offering: Preserve, Pare, Process, Produce and Prepare. By taking this phased approach, clients are benefiting from (1) the utilization of advanced, easy-to-use tools for data culling, review and mining — often in native-file format; (2) the elimination of vendor hand-off and integration issues; and (3) the ability to provide full audit-trail accountability and tracking.

Denise Howell – At minimum, a lawyer should know to hire an expert in computer forensics to help frame discovery inquiries to ferret out the places valuable data might be hiding (e.g., inadequately cleansed hard drives, employees' private e-mail accounts). One of the easiest mistakes you can make is to invest too heavily in server and desktop applications designed to manage discovery. The tools in this area improve too rapidly. The last thing you want is to get saddled with a product that's no longer state of the art that you feel you must use because you paid an arm and a leg for it. Look instead for Web based ASPs (Application Service Providers) from companies committed to constantly enhancing features and usability. That way, you'll get the best possible performance without the expense and inconvenience of perpetual upgrade rollouts.

Sharon Nelson / John Simek – A good expert will have a lengthy CV (Curriculum Vitae), full of general technical certifications, and evidencing at least one highly reputable computer forensics certification (the most well known in the private sector today is the EnCE - EnCase Certified Forensic Examiner). The CV should also indicate the number of years in the computer forensics field, as well as the number of years in the technology field. There should be a listing of courts the expert has already qualified in, and the expert should be happy to provide references who can attest to their responsiveness, their professionalism, and their ability to stay within budget, the latter being the chief complaint against experts. Nothing substitutes for talking to the expert to determine if the expert can explain technical matters in plain English — at some point, you will need the expert to do so to a judge or jury, so your own evaluation is helpful. Also, make sure you look at one of the expert's reports to judge the quality of the work as well as the command of the English language, which is often sorely lacking!

Michael Kraft – When a given case opens up issues into a new area of knowledge, most lawyers consider it good practice to familiarize themselves with the new area whether it be medical, engineering, transportation, city by-laws. Unfortunately, the underlying technology that permeates almost every case they are going to handle has not been an area of interest for many lawyers and paralegals (This is an important point because most senior litigators will tell you that they rely on their paralegals for this). Put simply, electronic documents have multiple dimensions. Unless you understand this and your team has the ability to properly open up and see the other dimensions that can be very informative, you are at a disadvantage.

Derek Schueren – I believe it is most important to understand how e-discovery fits into the general strategy of your firm and your service to your clients. Talking to peers and other law firms who have successfully used e-discovery in their cases would be the most effective way to get informed. In addition, many service and software providers are anxious to demonstrate their capabilities – let them show you how e-discovery can work on your cases – it is a great way to learn and share ideas across your firm. This is a time when everyone is still learning and e-discovery is evolving, so there are no right answers yet. The key is to find what works for you and your client. You are your best advocate.

Art Smith – Probably the biggest mistake a lawyer can make is asking for too much when he asks for electronic discovery, especially when dealing with a large corporation. A lawyer needs to know his objective before setting out to engage in e-discovery. That means understanding the opponents computer systems and the way the key executives use those systems. If the lawyer doesn't speak fluent "computer-ease" then he needs a translator at his side as he first structures his discovery and then unleashes it.

Alex Lubarsky – There is one critical piece of knowledge that the attorney just starting on her EDDucation must know.... the phone number of a competent and trusted vendor. Sure, the attorney should be familiar with some of the seminal cases and statutes pertaining to the art of electronic discovery, but if counsel is wise enough to understand that EDD can win (or defend) her client's case, then the next step is to bring in the expert to help identify, harvest, cull, review, and categorize that electronic data. Hey, when it's clear to me that my brakes are starting to wear, I don't enroll in auto mechanic school nor do I start stuffing slapping silly putty on the disks... I call Midas.

Jon Sigerman – Some of the cautions I have heard as a seminar panelist about spoliation, facing sanctions, or other catastrophic events any time someone other than a forensic expert touches a computer oftentimes seem to me to be a bit on the extreme side. I don’t know how to elaborate on this area, except to recommend that litigators keep abreast of the case law in this area. Many Web sites provide case synopses.

David Goldstone – By the way, I take issue with the premise of your question: I don't think a litigator really needs an especially "high level of expertise" to not be dangerous. He or she just has to be willing to spend some time focusing on the key issues in the matter at hand and utilizing the critical reasoning skills that have served him or her well in the past. Good litigators have a natural curiosity and ability to quickly learn. One basic fact that litigators should have at their fingertips is that a gigabyte is equivalent to 1,000 megabytes. If a gigabyte translates to on average about 100,000 printed pages, then a megabyte of computer data translates to just 100 printed pages. This is a huge difference in review. It amazes me how many attorneys that throw around the words "megabyte" and "gigabyte" as though they are interchangeable, when they are actually three orders of magnitude apart.

Michael Kraft – First lawyers need a primer course as to what is involved in the field. It is almost like giving them a "101" type course so that they can get a general idea of the overall opportunities and pitfalls surrounding the area. Many have no understanding of the benefit to viewing native files and they look at documents or spreadsheets in image form and miss the "meta data" that may also be pertinent to their issues. In fact, most practitioners have very little understanding of "meta data" at all. The result is that giving the other side back-up tapes without proper review or understanding of what can be attained from this media can be particularly dangerous. A client called to ask about a forensic report that the government claimed clearly indicated that their client had read and was privy to a certain document that was focal point of the government's case. We instructed the client to ask for a copy of the tape to ascertain how the document came to be in their client's e-mail. Was it put there by an administrator, did target client really see this document and deliver it as claimed or was it just something that was in the e-mail without the person's knowledge?

Sharon Nelson / John Simek – With rare exceptions, lawyers will never pass a certain level of understanding when it comes to e-discovery. Therefore, one of the most pivotal decisions they will make is the engagement of experts to assist them. If their problem is the management and sifting through electronic evidence, there are many companies competent to assist them. The greater challenge is finding a computer forensics expert. In the mega-cases, lawyers generally turn to the mega-firms, such as Deloitte & Touche, Ernst & Young, Kroll Ontrack, etc. In general, the larger the firm, the larger the expense and (frequently), the slower the response time. There is also the tendency, legendary to larger companies, to put six people on a case where one would do. The problem at the smaller firm end is that you have to be doggone careful. Many folks have simply hang out their shingle and declared that they do "computer forensics."

Virtual Roundtable Discussion Continued:
« Previous 1 2 3 4 5 6 Next »