Hide the ball is certainly not the game for an e-Discovery Team to play. Some people think that is what discovery is all about, and in the world of paper discovery, years ago, there was some truth to that. But not today, and certainly not in electronic discovery. It may be tempting to some, but if you play hide the ball in e-discovery, and get caught, you may not only lose the case, but you may lose your job, and maybe even your license. It is never worth it, just ask Qualcomm’s lawyers. Instead, an e-Discovery Team plays a series of games that culminates in throwing the ball to the other side, not hiding it.
Before you can get to the final throwing step of production of electronically stored information (“ESI”), there are a series of preliminary games to be played. Here is how I summarize the e-Discovery team playbook:
- Find the Ball
- Save the Ball
- Pick up the Ball
- Shrink the Ball
- Clean the Ball
- Aim the Ball
- Throw the Ball
The first game of find the ball is called the Identification step in the standard industry language of the Electronic Discovery Reference Model(“EDRM”). By looking at the standard EDRM model below you can quickly see how each game represents a basic step in the EDRM.
Find the Ball
Finding the ball is far easier said then done. For most companies, the problem derives from storing terabytes of data. Imagine a string of warehouses storing a billion basketballs, and you have to search through and find the one ball among them autographed by Michael Jordan. Unless the Team is well established, you probably do not have an accurate, detailed, up-to-date map of all of the warehouses. You probably have only a vague idea where this one basketball might be located. It might be somewhere in a centralized bin, or in any one of dozens of other locations, including closets in employee homes, or off-site Internet storage lockers. It might even exist only in a shrunk down version, hiding in the pocket of one of a thousand employees; perhaps in their thumb-drive, or iPhone. Moreover, ever day a thousand basketballs are destroyed (hopefully not the one with Jordan’s autograph), and twelve hundred new ones are added. Yes, it is a very challenging game indeed
To make matters worse, you are never sure exactly what balls you are looking for, especially when the game first begins. You may have to guess, from a vague complaint, what balls are relevant. As I have written before, this is one of Anne Kershaw’s pet peeves, and rightfully so. Under federal notice pleading rules, very few details are required in a complaint to state a cause of action. So defense counsel is often left speculating what ESI will be discoverable and relevant in a new case. Still, you have to start making educated guesses to try to find the right batch of balls. From the large selection first identified, you will eventually throw a few to the other side.
The way most teams do this is to analyze the dispute to try to determine what the issues will be in the case. This gives you a general idea of the types of balls that may come into play. Then you start to determine a general time line; hopefully the potentially relevant balls will be constrained by time. You may be able to know, with some certainty, that balls made before or after a certain time are not relevant and need not be searched. An e-Discovery Team will also try to limit the search to balls made or stored by certain key players. These are the people in your company that are likely to be involved as witnesses in the lawsuit. The Team’s search should be focused on the storage bins of these key players.
Save the Ball
After playing find the ball, the next game is save the ball. Here the Team devises ways to preserve most of the balls identified as potential evidence in the last game. Again, this can be a very challenging game, especially when your company has many different auto-destruct routines in place (and most companies do).
If you think it is easy to stop all of these programs, just ask Intel. They thought they had stopped deletion of excess email for all the key players in the anti-trust case against AMD, but in fact the janitor programs remained in place for the most important players, including the top officers of the company. Their email was deleted for years after the case was filed. They tried to play a very complicated game of save the ball, but failed. For a better idea of just how difficult this game can be, check out Intel’s report to the supervising district court judge on their failed attempts to preserve evidence. This mistake has supposedly already cost Intel millions of dollars to correct by forcing them to go to their backup tapes to find the deleted emails, and the meter is still running. AMD is, of course, claiming that the error was intentional. They would like the court to enter sanctions for spoliation and turn this mistake into an outright win of the whole case.
So make no mistake about it, save the ball is one of the most important games an e-Discovery Team plays. As I have discussed before, that is why most e-Discovery Teams focus on this game as soon as the Team is formed, and look for ways to improve their company’s litigation hold procedures.
Pick Up the Ball
Again, this game sounds easy enough, you just collect the relevant ESI from the data you have identified and preserved. Seems easy, but it is not. There are tricks and traps here aplenty. If you are not careful, you could collect too much or too little. Generally you do not want to simply pick up all of the balls you have saved. That will make the next games too expensive. You want to screen out the ones that are unlikely to be needed, and probably are not relevant at all, but were preserved just in case. You want to preserve more broadly than collect because you never want to play save the ball twice in the same case. Not only is that kind of do-over expensive, but it may be futile because, in the meantime, routine processes may have deleted many balls not saved in the first pass.
You also do not want to pick up too few balls, and leave behind many that are directly relevant and should later be thrown to the other side. That kind of careless collection can also be expensive. It can force you into an expensive do-over, and open you to charges of hiding the ball. See Eg. Court Disapproves Defendant’s “Hide the Ball” Discovery Gamesmanship.
Careless collection often occurs if the Team simply delegates this function to the key witnesses, and does not properly supervise or follow-up on their ball-picking efforts. The same comment holds true to the two prior games of ball identification and preservation. The Team cannot over-delegate its responsibility to key players and then just hope for the best. These are their games, and the Team must take responsibility to see they are played correctly. That is the whole purpose of an e-Discovery Team.
For that reason, in most cases it will not suffice to simply send out a preservation letter to the key players which describes the dispute, and then leaves it to them to find the relevant balls for themselves, save them, and pick them up. Without help and supervision from the Team, the key players may not know which of their computer files are relevant, they may not know how to properly preserve this ESI, nor how to collect it. They are sure to make mistakes. Thus, when the key players in a company are called upon to take part in the games, which in itself makes a lot of sense, since they should know their own information better than anyone else, they should be given expert help and advice from the e-Discovery Team. In other words, it is perfectly all right for the Team to delegate some of this work to the key players in the litigation, but the Team must still supervise and follow-up. Ultimately the Team should be responsible, since they are trained and more experienced in collection than the key players. The Team should have personal meetings with the key players and closely monitor their activities. In many cases, the Team should also implement certain safeguarding mechanisms to supplement the key players’ efforts, such as automated copying and keyword searches.
Another common mistake made in pick up the ball is to carelessly change the ball in the very process of picking it up. You could, for instance, change the metadata of a file, such as information as to when it was last viewed, saved, or revised. This is an especially high risk when the Team attempts to rely upon key players to pick up the ball for them. Although this probably will not matter in most cases, in some cases, such as stock backdating cases, this might be very important. As a general rule, the Team tries not to change the ball too much by the act of picking it up. The Team may later strip a file of all or part of its metadata on purpose, if that facilitates later cleaning or throwing, especially if the metadata is not important in the case, or not wanted, but they never want to do it accidentally.
A final common mistake, one of my pet peeves, is to neglect to hash the ball when you collect it, and properly preserve and tie the hash into each ball thereafter. I have described the process of using hash mathematics to authenticate ESI at length in my law review article, HASH: The New Bates Stamp, 12 Journal of Technology Law & Policy 1 (June 2007). I also provide an overview of the subject in this blog. The Team may already have hashed files as part of the preservation game; but if not, it is essential that they now be hashed at the collection stage. Hashing provides a unique identifying alphanumeric value for each computer file collected. This hash value can be later checked to prove that the file has not been altered since it was collected. This is a key step in ESI authentication to allow for admission into evidence at a hearing or trial. In most cases, hashing should be a normal part of ball pickup.
Shrink the Ball
Shrink the ballis the game where the Team can save the company a lot of money. Thus, from a financial perspective, it is the most important game of all. In this culling step, you process the ESI to eliminate as much duplicate and irrelevant information as possible. Here good software and automated process are critical; so too is careful strategic thinking,
The goal is to significantly reduce the amount of ESI that must be reviewed and cleaned in the next steps. Thus, for instance, at the end of the last game you may have identified and preserved 1,000 gigabytes (1 terabyte) of ESI, and collected 500 gigabytes. To give you some idea of the amount of information we are speaking about, in some circumstances the 500 gigabytes may be equivalent to 500 truckloads of paper. It would cost a small fortune for teams of lawyers to read that much paper. We are talking about years of billable lawyer time to read that much data. It would also be a colossal waste of time because they would end up reading the same document dozens, if not hundreds of times. So it is critical to aggressively eliminate the redundant and immaterial ESI in this processing stage. In many cases the 500 gigs can be cut down to 100 or 50 gigs, resulting in tremendous savings in the expensive review games to come.
Clean the Ball
Here is where the big bucks come in, the cost to review the data for privileged, confidential, and irrelevant material. Still, most internal corporate e-Discovery Teams will not clean their own ball, they will hand it off to their caddy to do it for them, typically their outside legal counsel. A few of the more mature and well organized Teams have started to review their own data, and clean them the ESI themselves. They have teams of contract attorneys they employ to do this work at reduced rates, some even send the data to lawyers in India for review. But for most Teams, this is advanced play that they do not have the time or skill to attempt.
This is a very important and risky step in the EDRM process and companies want to be sure it is done right. You review the truckloads of email and documents that have not already been culled out in the prior games so that you can remove the files that do not have to be produced. The last thing you want to do is produce privileged materials to your adversary. You need to clean your production of these secret files and produce a log of them instead. Even with a clawback agreement, an accidental disclosure can still result in waiver of your privilege to third parties. You also want to be sure the ESI review catches all confidential materials, and that they are produced with appropriate markings and confidentiality agreements. Trade secrets can be lost forever if they become a public record by filing with a court.
Aim the Ball
Now we come to the lawyerly game of aim the ballwhere the ESI is analyzed to see how it fits into the case at hand. Here lawyers and paralegals tag each file to an issue, typically using review software. They also make final decisions as to whether and how information is responsive to discovery requests, or otherwise must be produced (or not). The files are categorized and rated for importance. Is this email a smoking gun that could kill your case, or is it merely of marginal relevance to a secondary issue? You had better find this out, and fast, as to each computer file you are about to disclose to the other side. If your analysis of the information to be produced shows you have a strong case, you will approach the case far differently than if your analysis shows you will surely lose when all of the cards are put on the table.
Obviously this analysis stage requires the sure hand and steady aim of trusted outside counsel assigned to defend or prosecute the case. Still, the legal members of the Team should assist and be involved in the analysis and evaluation of the merits of the case. This game concludes with final decisions by legal counsel on what should be produced and what should be withheld. These decisions must be rational and made in good faith.
If analysis shows you have a losing hand, you had better fold early before the other side realizes your position. You cannot do like Qualcomm and decide to withhold evidence just because you don’t like it. You can see where hiding the ball got them – they lost the patent they sued to enforce, they paid over eight million dollars in fees to the other side, their general counsel resigned in disgrace, and their outside counsel are now fighting to retain their licenses. When you are a plaintiff and find yourself in this position, you do not file the suit to begin with or, if you discover it in midstream, you should dismiss and cut your losses. The same applies when you are in a defense position. It is not an option to try and hide the evidence that will hurt your defense. You must instead try and make the most of it and settle as best as you can. That is how the American system of justice works and all Teams have to play by these same fundamental rules. Voluntary disclosure may not be the rule in the rest of the world, especially the civil law countries in Europe, but that is how the game is played here. If you are defending or prosecuting a case in the U.S., you are going to have to reveal your data to your adversary, even if that kills your case.
Throw the Ball
The last game is the culmination of all the rest. The analysis game resulted in final decisions on what files to be produced. Now you actually make the production. Throwing the ball is not really all that hard, so long as you enlist the aid of WORMs. No, not the creepy crawly kind, but the “Write Once, Read Many” times kind, such as optical discs, CDs or DVDs. The ESI on these media cannot be altered after written onto the discs, thus providing you, and the receiving party, with a certain amount of protection that the files will not be accidentally altered. Worms help the parties maintain a permanent record of the ESI produced.
Another tricky aspect of production is deciding the form of production. Do you produce in native format with full internal metadata retained, or do you produce in a TIFF or JPEG format with a load file ready for import into review software? This should have already been worked out with opposing counsel as part of the Rule 26(f) conference, or the original production request; but if not, you have to make these decisions now.
Take the time to clearly mark and label the production media. One thing I hate is a CD production with no writing on it, or just indecipherable handwriting. Write out a full description of the CD and the date of production and name of the case. Think of chain of custody issues and do not forget to make multiple copies. Another thing I have noticed lately is the use of paper labels on CDs. That’s ok, but beware of labels that peel off. As a safeguard, it is better to use ink jet printers that print directly on the CD, instead of glue on labels. If you must use adhesive labels, put some kind of writing directly on the CD itself, just in case it peels off somewhere down the line.
Finally, if you use TIFF or other image type files where you affix Bates stamp type markings to identify individual ESI files, please consider adding a truncated hash value to the file ID. As discussed in HASH: The New Bates Stamp, this will facilitate both identification and authentication, and allow for easier comparison with the native originals.
These games are difficult. Much like golf, it is not a game of perfect. Mistakes are inevitable. Even Tiger Woods messes up from time to time, and does not win them all, so why should you be any different? Document your efforts, play it safe, and use redundant systems whenever economically feasible. Thus, when a mistake is later discovered, you may be able to cover it with a backup system. Or, if that is not possible, you can at least show to the supervising judge that you made good faith, reasonable efforts. The judge should understand and cut you a break, maybe even give you a mulligan. If the judge does not realize that mistakes are inevitable, he or she simply does not understand the game. Then it is up to you to explain it to them, or hire an expert who can.
[…] to describe the work of the team, but without the sports analogies I employed in my last article, What Game Does an e-Discovery Team Play? Friedberg focuses on the teamwork needed to create effective litigation hold procedures, new ESI […]
[…] entertaining and informative piece on the “game book” for conducting e-discovery, using the metaphor of a basketball game. Practical and specific points and tips for anyone […]
[…] EDRM model for e-discovery using a spiritual analogy. It makes my prior sport’s analogy blog, What Game Does an e-Discovery Team Play? seems pretty base! She adopted the language of Buddhist philosophy to set forth the […]
Concerning smoking gun e-mails, Ralph: Knowing e-discovery is inevitable, I argue an enterprise can use technology proactively to make its e-records more benign. What do you think? –Ben
I agree completely.
[…] the case. I have written about this unfortunate mistake several times before, including the blog What Game Does an e-Discovery Team Play? No doubt the Intel error has been good for Exterro’s business, and several other software […]