Jump to Navigation | Jump to Content
 
  |  Join ABA  |  Media  |  Contact
Advanced Search
Topics A-Z
 

 

Font Size: Increase Font Increase | Decrease Font Decrease
ABA Law Practice Managment Section
Law Technology Today (EDD, Litigation, and Law Office Technology)

VOL 1 NO 6   In this Issue of Law Technology Today :: August 2007

eDiscovery Sanctions - Staying out of Harms Way

By John Bennett & Gerard Britton

The discovery process of electronic data, which is largely “unstructured,” carries many risks and challenges. In the future, more technologies will be created to help manage this data . What can you do to avoid complications? Stay abreast of the evolving rules of procedure and the newest solutions.

1970 was an historic year. The Beatles broke up, Joplin and Hendrix died; there was Kent State, My Lai and Apollo 13; the Concorde broke the sound barrier and there was the first Earth Day. For those of us who practiced law at that time, a lesser-known event occurred. It in no way had the impact or world shattering importance of the others, but it controls the way you practice law these thirty-seven years later.

In 1970, the Federal Rules of Civil Procedure incorporated the concept of "data compilations from which information can be obtained" into its text. From that moment on, digital documents on computers were available for discovery. Now, in 1970, these kinds of document sets were tiny by comparison to today. In fact, more digital information will be developed and stored worldwide in the time it takes you to read this article than was created in all of that momentous year. None-the-less, the impact on your practice, and your client's day-to-day work, can be directly traced back to that year.

Today, most companies (clients) are diligently working on efforts to control the information risks housed inside of their much advanced computer systems. Gone are the days of the IBM Selectric, carbon paper and metal filing cabinets, and here are the days of the Tera-byte electronic storage systems. One of the largest caches of data is reflected in e-mail systems. Companies are archiving e-mails, categorizing them and indexing them so that they'll be ready to respond appropriately to any audit or litigation eDiscovery request.

Gaining control of the e-mail system is not only prudent and necessary, but also offers many benefits to the organization. They include reduced audit and discovery costs (by allowing a company to discover e-mails rapidly and accurately) and enhanced knowledge of custodial information (by documenting when and where a person e-mailed what knowledge). However, the e-mail system is not the only critical risk an organization must mitigate, it's simply the first. There exists another system that houses critical corporate information. That system is the File System, a massive system housing many of the corporation's memos, strategic presentations, financial spreadsheets, corporate intellectual property and plenty of other critical digital assets. Relative to eDiscovery, that system is virtually unprotected, unmanaged, and unaudited. The new Rules of eDiscovery (December 1, 2006) require the disclosure of all readily accessible data, and now exposes all the information risk housed in this “unstructured” data of the file system. Compounding this exposure are archived e-mails that contain references to particular files via attachments or within the e-mail body text itself. Companies are challenged in trying to discover specific files for discovery, without exposing privileged and out-of-scope files.

Today's file systems, and the way businesses use them, creates untenable and costly situations for businesses engaged in eDiscovery. File meta-data, the elements of information describing bits of the file such as author, creation date, modified date, are unreliable, easy to change and only store last updated values. Answering a question such as “Has John, the CEO, modified or read this file between January and March” is impossible, yet critical for being able to collect appropriate and precise information during the collection phase of a response. As well, the file system doesn't allow for manual attachment of meta-data. So, marking a live document a part of an investigation and assigning controls on the file because of this designation is nearly impossible. The result of all this is unnecessary added risk. Had there been accurate meta-data, documents that would have been excluded from a search are now contained in a collection. This not only adds expense to the review process, but it also heightens corporate exposure if they slip through.

The inability of the file system to fingerprint each file for uniqueness is another issue. Meaning, if one saves the same file a hundred times, each time using a different name or extension, or in a different folder, the file system stores the file a hundred different times. This not only takes up space, but also drastically increases the amount of files that must be analyzed in an eDiscovery. While plenty of software can "de-dupe" during an off-site post-collection phase, wouldn't it be nice if the file system did this automatically? Fingerprinting also leads to other real-time benefits such as logging if a user tries to hide a Word document by changing its extension type. Obviously, there's often a large reduction in storage utilization, as duplicate file data is automatically removed.

Even with networked storage, today's file systems are still massively distributed across many locations and machines. That makes collection, control, and analysis of files difficult -- and costly. Unlike e-mail, which usually funnels through just one or two focal points, the distributed nature of documents make responding to eDiscovery requests a far trickier task. Yet, that's precisely what is being asked of the courts.

Ultimately, finding an ideal solution that can automatically find precise matching data to the specifications set forth during the meet-and-confer phase of a discovery request becomes critical. It reduces the risk, such as potential punitive judgments, associated with accidentally providing out-of-scope and privileged files to the other side. And, of course, it reduces the number of files that must be culled and reviewed. An ideal solution would enable files to operate in a state of Active eDiscovery Readiness. This state implies that as users operate on files, the files would automatically inherit appropriate meta-data to facilitate the eDiscovery processes, an audit trail would be created, and file activity could be controlled via policy – all in real time.

There are many things that attorneys can do for their clients to help them navigate the intricacies of this new eDiscovery regime, and the mass of discoverable documents. One way is by helping clients establish documents and records retention policies. On top of that, clients should install one of the numbers of electronic records management appliances or solutions that are now on the market. Once in place, an organization can immediately derive benefits from more effective collection, preservation and processing of electronic records, resulting in dramatically fewer records for review. In so doing, eDiscoveries can be done more rapidly and predictably with search, optimized to leverage meta-data and an audit trail. As such, complete and precise discovery results can be achieved by reducing the collection of files strictly limited to those files that satisfy the meet-and-confer search parameters, such as user id, time-frame, activity-type, file version history and content.

There are some unique design considerations that your clients should look for when evaluating a solution having Active eDiscovery Readiness abilities. An ideal solution would enable automated enforcement of policies, such as retention policies, to ensure that only files within active retention periods exist on the storage system, It would preserve those files to prevent spoilage, and so that new files are preserved on an ongoing basis. Also:

  • No impact on users – if users are required to change their workflow, they will not use the solution. If a user must manually insert document tags, passwords and other meta-data attributes, chances are that the users will find ways around the system, or worst, not use the system at all.
  • Manageable by organization – the easier a system is to install and manage, the more likely it will be used. In the past few years, a cottage industry of eDiscovery technical and process consultants have emerged, promising to assist a company in establishing an eDiscovery eco-system. The true innovation, and therefore the solution, is one that requires little or no outside help to install, configure, maintain, and to use.
  • Deployable in phases – few organizations can, or would want to install the full measure of a system at once, across all departments. Look for the systems that don't have to have the entire enterprise coverage before beginning to work. Look for one that can migrate particular users, file servers, or departments one-at-a-time. As well, can easily migrate from simple monitoring (just audit) to active control (enforced policy).
  • Defensible Audit -- the solution needs to be forensically sound by maintaining traceability of data and events. In short, the reports and records that point to documents and the process of records recording should be straightforward and easy to deliver (in case the court asks for them - and it will). In so doing, it should be present files in a native format, while maintaining file integrity.

Let's examine a typical eDiscovery process and see how you can help your client with solutions:

Pre-Discovery -- This is the time before a lawsuit is initiated. A corporation should tag documents with fingerprint, maintain meta-data, audit results and policies in real-time. Ask the following questions -

  • Can I rapidly produce search results and reports based upon many criteria (author, date, group, matter)?
  • Can I pro-actively have files deleted based upon retention policies that we have set up?
  • Can I pro-actively have permissions set based upon document confidentiality status?
  • Does this solution reduce the time and cost for finding documents that belong to an investigation?
  • Does it keep active file sets accurate, reduced and organized?

Post filing -- The first filings have taken place. The major portion of the eDiscovery search and compilation activity takes place here. Automated tools, already in place better prepares the company for what can reasonably be delivered in an eDiscovery request.

  • Prepare for Meet & Confer
  • More immediate knowledge can dictate better legal course of direction.
  • Data Collection, using a more accurate set of matching files and summary reports.
  • Reduction in amount of files needed to manually classify and review for relevance.
  • Indexed set can remove privileged files.

Data Management -- Real time tagging creates a fingerprint "Hash Code" for each file. Applications should apply policies to files marked for preservation.

  • Cull Data
  • Can rapidly select documents to preserve directly on the active document.
  • Assures that the selected version of the document always remains in the evidence set.
  • Can rapidly remove duplicate files, and thereby reduces storage requirements – no duplicate documents in result set or copied to another data store in order to work.
  • Reduces costs and risks associated with copying to off-line storage.
  • Preserve Data
  • Explicit versions of a file can be marked as being part of an investigation and therefore can be assured that a particular document ends up in the end collection.
  • Reduces spoilage of preservation data set by ensuring integrity of file content and meta-data.
  • Ability to produce audit log showing that files within preservation set have NOT been altered in anyway.

Legal review -- Meta-tagging enables a user to tag files as being an active part of an investigation. Parties can review files in place without altering original custodial meta-data such as author, create date, etc.

  • Produces search criteria for a search that will selectively isolate matching files into a working result set.
  • Ability to review files in their native format without destroying file content integrity.
  • Concise and precise data sets can be delivered to forensic and E-Discovery applications, limiting costs associated with processing too many files.
  • Accurate list of files ensures that no document outside the confines of the E-Discovery scope are exposed and thus submitted as evidence.
  • Frozen Redacted PDF files used for case evidence.
  • Redacted PDFs are protected against spoilage.

In the 21st century, more data will continue to be produced in corporate settings then ever before. Beyond "written" communication, audio, video and fully multi-media data will be consistently and easily produced, stored, and therefore discoverable. We can expect that process tools and technologies will be created that courts will rely on to help streamline litigation. Through litigation, courts endeavor to analyze the facts in order to arrive at decisions. Those "facts" will be increasing evident, and complex. As your clients continue to operate in this environment, your best course of action is to not only stay abreast of the evolving rules of procedure, but to also stay up to date with the newest solutions that can help your clients (and you) stay out of harms way.

About the Author

John Bennett is the Director of Research for Constantine & Aborn Advisory Services LLC.

Gerard J. Britton is the Director of Investigative and Compliance Services for Constantine & Aborn Advisory Services LLC where he manages the design and implementation of monitoring and compliance programs and oversees the firm's investigative services. Mr. Britton also works closely with the firm's police and criminal justice consultancies. Britton is also Of Counsel to Constantine Cannon LLP.

Back to Top

Subscribe to the Law Technology Today RSS Feed

Choose Your RSS Feed Reader RSS Add to Google Add to My AOL Subscribe in NewsGator Online Subscribe in Bloglines Add to Plusmo