Welcome to Module 1-A. This first module is longer than the rest, so take your time studying it. Most of the modules will not take as long to complete.
Overview of the Problems Posed by e-Discovery and the Team-Based Solution
Computers and other technologies dominate the world as we know it today. This is not a passing fad; it is a new culture. An information and technology age is rapidly replacing the old ways in every field, including the law. This is particularly true for companies and attorneys involved in litigation. Since most of the evidence today is digital, litigators must not only understand the law, and the facts of a dispute, but also the parties’ computer systems and data retention practices. Without this understanding they will be unable to preserve or discover the evidence they need to prosecute or defend a case.
Next watch Professor Losey’s short video answering the question What is e-Discovery? (Most of the videos in the program are in High Definition, so please press the HD button on the upper right corner unless your connection is too slow to handle it. For a full screen view, press the arrows in the lower right corner. If you have connectivity speed problems, it may cause the video to stutter or pause. Try pausing the video so that it will get ahead in the download stream.)
The IT systems that contain digital evidence are extremely complex and technical. Most in-house legal counsel and trial lawyers are only trained in the law and paper chases. They have only a poor understanding of the technicalities required to find the needles in today’s vast system of computer haystacks. The business executives in most organizations are also ill prepared in this field, and fail to grasp the importance of information management. This has led to many well known, spectacular losses over the past decade, from Zubulake to Morgan Stanley. Zubulake v. UBS, 229 F.R.D. 422 (S.D.N.Y. 2004); Coleman (Parent) Holdings, Inc. v. Morgan Stanley & Co., Inc., 2005 WL 674885 (Fla.Cir.Ct.. 2005). The largest corporations in the country, and the top law firms that represent them, have all made huge, embarrassing errors, some of them many times.
Litigation is now more expensive and risk-filled than ever before, but not, as many believe, because of run away juries or expensive trials. Although these possibilities remain as real threats, in fact 98% of all federal court cases are resolved without trial. Litigation today is difficult primarily because of discovery. In the areas of commercial, regulatory and employment litigation, discovery can involve forced disclosure of massive amounts of internal, otherwise secret, business records and information. The most burdensome discovery today is for email and other electronic documents located on a litigant’s computers, so-called “electronic discovery” or “e-discovery.” The costs associated with e-discovery requests can be enormous, sometimes far exceeding the total amount in controversy. These same issues also apply to state and federal government investigations where no suit has been filed.
The problem of e-discovery reached such epidemic proportions that on 12/01/2006, the Supreme Court promulgated new Rules of Civil Procedure for all federal courts to follow to try to address these issues. The new Rules govern what is referred to as Electronically Stored Information (“ESI”), which includes not only all computer files, but all other electronic information, such as voice mail and videos. Although the Rules clarify certain issues, they also impose very stringent time requirements. For example, the Rules now require companies to preserve and produce within the first 100 days of the commencement of a lawsuit the relevant ESI within their employees’ computers and other storage devices (such as thumb drives and cell phones), no matter where they are located. Most U.S. businesses are ill prepared to meet these deadlines. The situation is worse for foreign companies doing business in the U.S. for a variety of reasons, including conflict of laws and the widespread dispersion of technology and ESI in different locations around the world.
The new Rules, combined with the new email and Internet-oriented culture in both business and society, create serious information management difficulties for everyone. The courts tire of mistakes and delay, and are increasing the pressure upon litigants to get their ESI house in order. Strict compliance is starting to be enforced by judges across the country who no longer tolerate the “pure heart, empty head” defense in the area of e-discovery. All litigants are now subject to severe penalties for the accidental deletion of ESI that might be relevant to a lawsuit or government investigation. Liability may accrue even if the ESI is lost before notice of the suit or investigation, if a court later determines that the proceeding should reasonably have been anticipated. Penalties will almost certainly accrue if the destruction of ESI occurs after suit is filed. Business and the legal profession are now more challenged than ever before to solve these problems.
The $1.5 Billion Dollar verdict against Morgan Stanley in the Coleman case in Florida, even though preliminarily reversed on other grounds, shows how important effective preservation procedures have become. So too does the well-known Zubulake case in New York against the Swiss bank, UBS Warburg, which resulted in a $28 Million Dollar jury verdict for sexual discrimination. Most agree that UBS Warburg lost the case in large part because of sanctions for missing emails, and not the actual merits of the case. In a world where sixty billion emails are sent daily, and most large corporations have more information stored on their computers than the biggest libraries in the world, the accidental loss of ESI can easily occur. The Zubulake and Coleman cases show that these mistakes can be very costly.
For more thoughts on why electronic discovery is a significant problem today for U.S. and other modern systems of justice, watch these two short videos by Ralph Losey.
The Four Pillars of Successful Electronic Discovery Practice.
The problems of e-discovery can be solved in three ways as this online course will explain in the Modules that follow: Interdisciplinary Teams, Cooperation, and Metrics. Education is the fourth pillar of e-discovery, the one that is the cornerstone of the rest. Here is a quick summary of the four keys to successful e-discovery.
- Interdisciplinary Teams where IT, Law, and other disciplines work together on e-discovery challenges, speak a common language, and interact as a team with mutual respect, positive leadership, and goodwill.
- Cooperation on discovery issues with candor and fairness, using disclosure and transparency to avoid unnecessary technical disputes. This is the pole-star of lawyer conduct in discovery, but must also include early judicial intervention if opposing counsel refuses to cooperate.
- Metrics and Advanced Technologies where estimation, math, measurements, quality control, and advanced technologies of all kinds, especially new search and review software and methods, are used to manage e-discovery and contain costs and risks.
- Education is the foundation of successful electronic discovery practice. E-discovery team members, lawyers, paralegals, techs managers, and others must all learn a core body of knowledge on this new area of law and IT. Competence is the key and competence comes through education. Education can take many forms, including organized training programs, CLEs, and the all-important school of hard knocks, better known as learning from your mistakes, a process not well-liked by lawyers’ clients.
The first pillar, Teams, has its home on Professor Losey’s e-DiscoveryTeam.com blog and its sister site FloridaLawFirm.com. Professor Losey did not invent the idea and is not sure who did, although it looks like CISCO was the first company to roll one out. You will learn much more on all of that throughout the course. The Cooperation pillar again has its home in The Sedona Conference, an important think-tank type of organization of lawyers, judges, professors, and IT experts with an interest in e-discovery . Their recent publication, the Sedona Cooperation Proclamation, lays out the basic premises of cooperation and transparency needed to conduct e-discovery successfully. The third pillar of metrics and advanced technology is promoted by most everyone involved in the field, including especially a multi-billion dollar industry of electronic discovery vendors. They provide a confusing array of special software and hardware systems to facilitate the management, discovery and production of digital writings in the context of litigation. The key problem they all address is one of search, how to find the needle of relevant evidence in the electronic haystack of vast amounts of electronically stored information.
These three pillars are the foundation of Professor Losey’s e-discovery education program. Education is itself the fourth leg that makes it all possible, that allows for competent e-discovery practice. Education provides the stability that three legs alone can never provide. When lawyers, judges, paralegals, techs, and management all have a common body of knowledge and skill sets, the team can work efficiently and just results can be realized. With knowledge also comes the confidence and ability needed to cooperate. Many lawyers don’t cooperate because they don’t know what is important and what isn’t. Education also brings the skills needed to create and use new methods and technologies, to use measurements, numbers, and methods. This is the best way to get out of the keyword search trap and the money-pit that is now e-discovery.
If a large organization is involved in litigation, and that includes almost every large company and branch of government, then it must solve the problems of electronic discovery or risk. The consensus threshold solution to this problem is the formation of an e-Discovery Team, an interdepartmental group comprised of lawyers, IT and management. It rests on the three areas of knowledge essential to effective e-discovery: Information Science, Law and Technology.
The multidisciplinary team approach to e-discovery unquestionably works, but it is also true that these teams are notoriously difficult to set up, train and function effectively. The cultures of these three groups, even within an otherwise close-knit company, are very different, and so too are their languages and gestalt. Special efforts have to be made to bridge these gaps. For instance, members of the team should be carefully chosen and rewarded for participation, and typical team building techniques employed. But the most important components for success are training and group work on a detailed, specific set of tasks. (An overview of these tasks is shown in the standard nine step chart of e-discovery work that follows.) The group work establishes the common language and understanding that will eventually bring the members together and allow them to function as an effective team.
A few companies, such as Pfizer, Halliburton and Merrill Lynch, began working on e-discovery teams years ago. They now have successful teams operating that demonstrate the enormous cost savings and risk management benefits of the internal team approach. The advice that some of the leaders of these teams provide is provided later in this course.
Although all experts I know in the field now advocate for e-discovery teams, and we already have a few success stories as guidance, the vast majority of large organizations today do not have an e-discovery team. They are either in denial about the scope and severity of the e-discovery problem, or they have not yet caught on to the fact that an internal e-discovery team is the best solution to this problem. Other companies are aware that they need an e-discovery response team, but are still in the early stages of team formation, or their early efforts are floundering for a variety of reasons. Most companies have not been able to get off the ground on this because they lack the necessary expertise or knowledge of the tasks to be performed. They are unfamiliar with the types of e-discovery protocols and procedures they need, and under estimate the challenges mentioned with bridging the different cultures of IT and Law. The few that have succeeded received help from outside attorneys with special expertise in this field, or from consultants and vendors. The best success stories have used all three. This is one reason this is such a rapidly growing field, ripe with potential for lawyers, consultants and e-discovery vendors alike.
Nine Step Process
The graphics below provide an overview of the entire e-discovery process from the organization’s perspective. The nine-step flow chart is based on the industry standard “Electronic Discovery Reference Model” now under development by a group of e-discovery experts. We highly recommend that you study the web link carefully and become familiar with all of the EDRM.net web content. This is a valuable resource to any e-discovery student, and so too are the many excellent papers on e-discovery found at the Sedona Conference website, found at www.thesedonaconference.org. This is another very important group to e-discovery that we will mention frequently throughout the program.
After the graphics below, a short synopsis is provided for each step. Under my version of the model, the first four steps are performed by the client’s internal corporate Team, as coached by a law firm or other outside expert, which below is called the “Expert Team Nodes.” The last four steps are performed by local legal counsel, with help and assistance as needed by the internal corporate Team. The middle step of Processing is begun by the outside experts with initial file filtering, but completed and supplemented by local counsel in connection with their Review and Analysis. The first chart illustrates how the volume of data decreases and the relevance increases as the work progresses. The second chart traces the life cycle of the first step, Records Management, which includes the key step of formation of the internal corporate e-discovery Team, and the next eight steps: Identification, Preservation, Collection, Processing, Review, Analysis and Production.
1. Records Management a/k/a Information Management
The first step is for the organization to establish or refine an internal e-Discovery Preparedness and Response Team. It typically consists of a one or more outside attorneys or other experts in the field of e-discovery, who serve as coach and trainer, and representatives from the client’s law department, IT department, key business units, and where applicable, records management and compliance departments.
Then the outside e-discovery experts assist in articulation of the initial tasks of the Team, which typically are as follows: a) identify and retain any outside experts and e-discovery vendors as necessary to meet the specific needs of the client; b) meet with IT and records personnel to perform a complete inventory of client’s electronic data and understand the life cycle of the records, and, in the process, obtain a clear and detailed understanding of the client’s overall IT architecture and computer systems; c) prepare a computer network and data location map and consider possible technology redesigns to facilitate preservation and production, including E-Mail Filtering and document Archiving systems; d) prepare a form affidavit on computer systems and data, costs and inaccessibility; e) establish or refine standard litigation hold procedures; and, f) totally rewrite the existing Records Management Policy Manual, addressing issues of Duplicate Management, Metadata, Storage and Disposition, and thereafter assist in implementation, ongoing audits and enforcement, and all subsequent technology upgrades. The last one is a particularly big undertaking, but very important to the long term success of the program.
The last step in Records Management, often also called Information Management, which is tied to the mentioned revision of the Policy Manual. This also involves the analysis and, where appropriate, implementation of a Rule 37(e) Safe Harbor Destruction program in accord with a records life-cycle desired by the company and in compliance with all governing laws. Most companies have enormous amounts of unneeded, redundant or legacy data that should be purged from the systems. This is a particularly difficult task, but critical to future efficient operations.
The second step is triggered by a law suit, subpoena or anticipation of a dispute. You begin a litigation response in the usual fashion by study of the complaint, or reasonably anticipated dispute or government investigation. You evaluate the general scope of the electronic and paper data that may fall within the discovery requirements of the dispute, including initial disclosure, and any outstanding discovery requests, retention letters, or orders. Here you analyze possible objections and defenses to unreasonable requests and formulate counter-e-discovery plans.
Next you identify all sources of discoverable information; the location of all discoverable data, including distributed data or third party data still owned or under control of the company. As part of this task you identify and directly communicate with all relevant centralized IT personnel and data custodians, and ascertain what relevant ESI they have. If you have already done a full inventory and map, this function can now proceed quickly and easily, otherwise not.
You then categorize possible relevant data sets by degree of accessibility into live, ready-archival, and back-up. Again, this is something you should have already done as part of the first step inventory. At this point you also analyze the metadata and embedded data characteristics of the identified databases and whether this may be relevant to the dispute.
At this early stage in federal litigation you prepare for and participate in the initial Rule 26(f) “Meet and Confer” sessions with opposing counsel and the Court. The outside counsel members of the Team are also involved in any subsequent hearings related to e-discovery. The purpose here is to reach agreement with opposing counsel or apply for relief from the Court early in the case as to Identification, Preservation, Collection, Processing and Production procedures, including format of production (native or TIFF), clawback and confidentiality agreements.
After you identify what ESI is at issue, you need to make sure it is preserved and protected against destruction or alteration. In general in this step you segregate and preserve ESI for later possible collection. You begin the process by preparation and circulation of a Litigation Hold written communication. It should come from senior management or in-house legal counsel, with a copy to all relevant data custodians, including witnesses. At the same time, you implement litigation holds where feasible by automated processes, and, where a large number of players are involved, by utilization of system-wide keyword searches, or more intelligent concept type searches. Preservation is done on a very broad-brush basis, and it is common to simply copy all PST files of key players, and image (fully copy) their hard drives.
At this point you also consider whether forensic data capture may be necessary. This might be appropriate if you have reason to suspect that relevant files have been deleted, written over or damaged, or if there is reason to believe there is hidden or encrypted data on a system.
As part of the preservation efforts you typically calendar the applicable backup deletion schedules and place on hold where appropriate. You also suspend or modify all “janitor programs” and related procedures that automatically delete ESI.
Generally you preserve on a very broad basis, you are more selective in the next collection step, and even more selective in production. For example, it would not be unusual to preserve 100,000 emails, but only collect 50,000, and produce 10,000.
After the ESI has been preserved, you next collect from the preserved data the information you think is most likely relevant or responsive. This is, in effect, a second round of weeding out data. ESI is narrowed for many reasons, all of which must be carefully documented and considered for reasonability. First, there will be a certain amount of ESI that you have preserved, but do not intend to further search or collect because you have identified the ESI as inaccessible under Rule 26(b)(2) (which primarily means unreasonable or disproportionate cost and effort). Other ESI may have been preserved, but you consider its relevance to be too unlikely to justify any collection efforts at this stage for a variety of reasons.
At this stage it is important to have further interviews with key players regarding key words used, and networks of people involved, so as to prepare appropriate search terms and Boolean logic, and concept searches. You also confirm date ranges, identities of witnesses, and file type inclusions.
In the Rule 26(f) conference with opposing counsel, you should try and reach agreement as to applicable search terms and deduplication parameters. At this point in the process you prepare a technical plan for the actual data gathering with significant input from outside vendors.
Next you implement the plan and begin data collection from all applicable sources (tapes, drives, portable storage devices, networks, etc.). The Team directs supervision of technician activities to confirm valid chain of custody and authenticity protocols, including full preservation of metadata, MD5 or SHA-1 Hash authentication, labeling, and identification. Meticulous record keeping and documentation as to procedures and sources is required throughout the collection process. Data sampling of backup tapes may also be required at this stage, wherein later processing will determine whether additional restoration is required.
The initial processing of the ESI collected, primarily deduplication, is performed in tandem with the collection itself to avoid unnecessary vendor search charges. In this step you reduce the overall set of data collected by filtering out files that are duplicates, or known to be irrelevant after further investigation. Files that are probably not relevant because of factors such as date, type or origin may also be excluded at this step, if they were not previously excluded. Hot files may also be flagged at this stage, including obviously adverse or potentially embarrassing materials.
In processing you need to consider the relationships between the files or documents obtained to better understand what data has been collected, and determine whether additional data extraction may be required. All of these steps may in some circumstances have to be employed on an iterative basis, which means to make changes to the prior task and do it again.
Again, in this step, as before, you prepare reports to document the reduced set of computer files to be transferred to counsel; marking what has been filtered out and why. To the extent necessary, you may also convert electronically stored information from the native form in which it was used, to another format required by counsel or the court.
The e-Discovery Team should maintain a full copy of all data collected, and maintain originals of any media as necessary, including backup tapes. After the Team’s initial processing, a full duplicate set of the culled data is delivered to local counsel and vendors for further deduplication, processing, review, analysis, production and presentation. Quality control is important throughout the processing and review phases to avoid spoliation or other problems. The back-up set in the Team’s custody will serve as a safeguard should any such problems arise.
The ESI collected now has to be studied. You review for relevance, confidentiality and privilege, and related activities such as redaction. Appropriate search techniques and strategies often vary, but can include keyword, Boolean, proximity and again, concept searching. Segregate all privileged and confidential documents located and prepare a Privilege Log. Large attorney teams may be involved in this stage to review large quantities of documents. Suffice it to say that over half of the expenses of e-discovery are incurred in the step.
Analysis is the process of evaluating the data reviewed to determine relevant summary information, such as key issues, witnesses, specific vocabulary and jargon, and important individual documents. Typically, this step involves integration of the data into trial preparation software. Analysis is performed throughout the remainder of the process as new information is uncovered and issues of the case evolve. This is a traditional legal step that competent trial lawyers are already qualified to perform. Only the large quantities of ESI, and their unusual forms and authentication issues, will pose special challenges for analysis, and in the last steps of Production and Presentation.
Here, if not before, you perform hash marking and labeling of all ESI culled for production. Then you deliver the ESI to opposing counsel and various other recipients (co-counsel, corporate legal department, service providers, etc.) on various types of media (CD, DVD, tape, hard drive, portable storage device, other). You may also deliver the ESI to other members of your Team for use in other systems (automated litigation support system, web-based repository, etc.). Before production to opposing counsel you should verify proper execution of clawback and confidentiality agreements.
Although this is the last stage, you should always keep in mind possible methods to effectively present the ESI at depositions, hearings and trial. Will you use projections of a computer screen, video, still image shows, etc?
READING ASSIGNMENTS. Read the two cases cited here, Zubulake and Morgan Stanley. (You can skim-read much of the lengthy Coleman v. Morgan Stanley opinion.) If you are a tuition paid student, write Ralph Losey r other designated professor with two things in each opinion that struck you as odd and unusual. Keep these emails short, usually a paragraph per question is fine. Next, click on all of the links in the above materials, if you have not already, and look around at these two important reference sites. Let us know which of the many papers published and available online at The Sedona Conference appears to be the most interesting for you and why. Next, which of the nine steps in the EDRM do you think you will find the most interesting to study and why. Point to a fact or comment on the EDRM website that helps explain why you find that particular step intriguing and include the hyper-link with your email to the page that contains this fact or comment.
EXERCISE. Find the names of the current participating organizations in EDRM and the current law firm and corporate sponsors of The Sedona Conference. Send an another email to us with the names or link to the web pages that contain the answers.
Discretionary Bonus Exercise (not required): See if you can find out who wrote: Boredom is the enemy of education and imagination and creativity are its friends. Yes, the answer to this and all other questions posed in this course can be found online somewhere. By the way, do you know approximately how many websites Google indexes and searches? If you are a tuition paid student, Ralph or his assistants will let you know if you get these questions right.
If you have any questions or comments on this material, contact Ralph (firstname.lastname@example.org) or your other assigned teacher.
Confidential Online Instruction Program
Do Not Disclose, Publish, or Circulate Without the Written Consent of Ralph C. Losey
ALL RIGHTS RESERVED
Copyright Ralph Losey 2011
Students are invited to leave a public comment below. Insights that might help other students are especially welcome. Let’s collaborate!