Collection

Expanded Sources of ESI May Leave You “Fit” to be Tied – eDiscovery Trends

One of the items that I bought my wife for Christmas (which she really wanted) was an UP 24™ Fitness Tracker, which is a wristband that tracks a variety of fitness metrics, including steps taken, workouts logged and calories burned (not to mention sleep cycles) and enables you to share and compare your stats with your friends via an app on your mobile device. Another example of a similar device is a Fitbit®. Based on a recent case, these devices are just another example of new devices from which relevant ESI may be collected for discovery.

In the recent Forbes article (Fitbit Data Now Being Used In The Courtroom, written by Parmy Olson), a law firm in Calgary is working on the first known personal injury case that will use activity data from a Fitbit to help show the effects of an accident on their client.

As the article notes, “The young woman in question was injured in an accident four years ago. Back then, Fitbits weren’t even on the market, but given that she was a personal trainer, her lawyers at McLeod Law believe they can say with confidence that she led an active lifestyle. A week from now, they will start processing data from her Fitbit to show that her activity levels are now under a baseline for someone of her age and profession.

It will ‘back up what she’s been saying,’ says her lawyer, Simon Muller of McLeod Law.

The lawyers aren’t using Fitbit’s data directly, but pumping it through analytics platform Vivametrica, which uses public research to compare a person’s activity data with that of the general population.”

More and more, everyday objects are able to connect to the Internet and these devices are gathering, sending and receiving data. Glasses, fitness wristbands, even your thermostat is sending and receiving data. On one hand, the “Internet of Things” is making our lives easier by enabling us to access more information than ever, but, it also increases data security and privacy risks, not to mention potentially complicates discovery from an information governance, collection and preservation standpoint. Now, in certain types of cases, we may need to collect or request data from devices never before considered as discoverable.

So, what do you think? What’s the most unusual device that you have ever had to collect potentially responsive ESI? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscoveryDaily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Three “C”s, Cowboys, Cannibals and Craig (Ball) – eDiscovery Best Practices

They say that a joke is only old if you haven’t heard it before. In that vein, an article about eDiscovery is only old if you haven’t read it before. Craig Ball is currently revisiting some topics that he covered ten years ago with an updated look, making them appropriate for 1) people who weren’t working in eDiscovery ten years ago (which is probably a lot of you), 2) people who haven’t read the articles previously and 3) people who have read the articles previously, but haven’t seen his updated takes.  In other words, everybody.

So far, Craig has published three revisited articles to his terrific Ball in your court blog. They are:

Starting Over, which sets the stage for the series, and covers The DNA of Data, which was the very first Ball in your court (when it was still in print form). This article discusses how electronic evidence isn’t going away and claims of inaccessible data and how technological advances have rendered claims of inaccessibility mostly moot.

Unclear on the Concept (originally published in Law Technology News in May of 2005), which discusses some of the challenges of early concept searching and related tools (when terms like “predictive coding” and “technology assisted review” hadn’t even entered our lexicon yet). Craig also pokes fun at himself for noting back then how he read Alexander Solzhenitsyn and Joyce Carol Oates in grade school. 🙂

Cowboys and Cannibals (originally published in Law Technology News in June of 2005), which discusses the need for a new email “sheriff” in town (not to be confused with U.S. Magistrate Judge John Facciola in this case) to classify emails for easier retrieval. Back then, we didn’t know just how big the challenge of Information Governance would become. His updated take concludes as follows:

“What optimism exists springs from the hope that we will move from the Wild West to Westworld, that Michael Crichton-conceived utopia where robots are gunslingers. The technology behind predictive coding will one day be baked into our IT apps, and much as it serves to protect us from spam today, it will organize our ESI in the future.”

That day is coming, hopefully sooner rather than later. And, you have to love a blog post that references Westworld, which was a terrific story and movie back in the 70s (wonder why nobody has remade that one yet?).

eDiscovery Daily has revisited topics several times as well, especially some of the topics we covered in the early days of the blog, when we didn’t have near as many followers yet. It’s new if you haven’t read it, right? I look forward to future posts in Craig’s series.

So, what do you think? How long have you been reading articles about eDiscovery? Please share any comments you might have or if you’d like to know more about a particular topic.

Image © Metro Goldwyn Mayer

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscoveryDaily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Image Isn’t Everything, Court Says, Denying Plaintiff’s Request for Imaging on Defendant’s Hard Drives – eDiscovery Case Law

In Design Basics, LLC. v. Carhart Lumber Co., 8:13CV125 (D. Neb. Nov. 24, 2014), Nebraska Magistrate Judge Cheryl R. Zwart, after an extensive hearing on the plaintiff’s motion to compel “full disk imaging of Defendant’s hard drives, including Defendant’s POS server, secretaries’ computers, UBS devices. . .”, denied the motion after invoking the mandatory balancing test provided in FRCP Rule 26(b)(2)(C).

In this design misappropriation case, the plaintiff filed the motion to compel, arguing “that it is entitled to a full forensic image of the defendant’s server, and every computer or computer data storage device or location used by the company and any of its employees”.  The plaintiff’s counsel stated that he litigates design misappropriation cases nationwide, and he always (except perhaps in a rare case) is granted the right to image a defendant company’s entire computer system. Judge Zwart noted that, after being afforded an opportunity to brief the issue and submit further evidence, the plaintiff’s counsel cited no cases supporting this argument.

The defendant filed a motion for protective order seeking relief from that request and arguing that it had determined that the secretaries’ computers did not contain relevant information.

In issuing her ruling denying the plaintiff’s motion to compel and granting the defendant’s motion for protective order, Judge Zwart stated:

“Plaintiff’s demand for all of the defendant’s computer data is consistent with the position of its expert, but it is not consistent with the balancing required under Rule 26(b)(2)(C) of the Federal Rules of Civil Procedure.  Based on the arguments of counsel held today and the evidence of record, Defendant’s counsel has provided both electronic and paper copies of all blue prints, has performed Plaintiff’s requested search on the emails copied from the 11 computers, and has already invested many hours reviewing thousands of documents for privilege. Defense counsel offered to produce the nonprivileged emails to Plaintiff’s counsel for his review, and has provided dates for taking the deposition of Defendant’s president. Plaintiff’s counsel has neither reviewed the emails nor deposed anyone. This case is more than 18 months old.

In the end, the plaintiff failed to show good cause why additional computer data must be collected from the defendant. Taking into consideration the factors listed in Fed. R. Civ. P. 26(b)(2)(C), the court is convinced that allowing imaging of every computer or data storage device or location owned or used by the defendant, including all secretaries’ computers, is not reasonable and proportional to the issues raised in this litigation.”

So, what do you think?  Was the plaintiff overreaching in its request?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Simply Deleting a File Doesn’t Mean It’s Gone – eDiscovery Best Practices

 

I seem to have picked up a bit of a bug and I’m on cold medicine, so my writing brain is a bit fuzzy.  As a result, so I’m revisiting a topic that has come up a few times over the years that we covered early on in the blog’s history.  I should be back in the saddle with new posts next week!

Disk drives use an index or table to keep track of where each file begins and ends on the disk.  You may have heard terms such as “FAT” (file allocation table) or NTFS ({Windows} NT File System) – these filing systems enable the file to be retrieved quickly on the drive.  They’re like a “directory” of all of the active files on the disk.  When a file is “deleted” (i.e., actually deleted, not just moved to the Recycle Bin), the data for that file isn’t actually removed from the disk (in most cases).  Instead, the entry pertaining to it is removed from the filing system.  As a result, the area on the disk where the actual data is located becomes unallocated space.

Unallocated space, also known as inactive data or drive free space, is the area of the drive not allocated to active data. On a Windows machine, deleted data is not actually destroyed, but the space on the drive that can be reused to store new information. Until the unallocated space is overwritten with new data, the old data remains.  This data can be retrieved (in most cases) using forensic techniques. On MAC O/S 10.5 and higher, there is an application that overwrites sectors when a file is deleted. This process more securely destroys data, but even then it may be possible to recover data out of unallocated space.

Because the unallocated space on a hard drive or server is that portion of the storage space to which data may be saved, it is also where many applications “temporarily” store files when they are in use. For instance, temporary Internet files are created when a user visits a web page, and these pages may be “cached” or temporarily stored in the unallocated space.  Rebooting a workstation or server can also clear some data from the unallocated space on its drive.

Since computers are dynamic and any computer operation may write data to the drive, it is nearly impossible to preserve data in the unallocated space on the hard drive and that data is not accessible without special software tools. To preserve data from the unallocated space of a hard drive, the data must be forensically collected, which basically copies the entire drive’s contents, including every sector (whether those sectors contain active data or not). Even then, data in the unallocated space may not be complete. Because the unallocated space is used to store new data, writing a new file may overwrite part of a deleted file, leaving only part of that file in the unallocated space.

Nonetheless, “deleted” files have been recovered, collected and produced in numerous lawsuits, despite efforts of some producing parties to destroy that evidence.

So, what do you think?  Have you ever recovered deleted data that was relevant to litigation?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Dealing with the Departed – eDiscovery Best Practices

 

Having addressed this recently with a client, I thought this was a good topic to revisit here on the blog…

When litigation hits, key activities to get a jump on the case include creating a list of key employees most likely to have documents relevant to the litigation and interviewing those key employees, as well as key department representatives, such as IT for information about retention and destruction policies.  These steps are especially important as they may shed light on custodians you might not think about – the departed.

When key employees depart an organization, it’s important for that organization to have a policy in place to preserve their data for a period of time to ensure that any data in their possession that might be critical to company operations is still available if needed.  Preserving that data may occur in a number of ways, including:

  • Saving the employee’s hard drive, either by keeping the drive itself or by backing it up to some other media before wiping it for re-use;
  • Keeping any data in their network store (i.e., folder on the network dedicated to the employee’s files) by backing up that folder or even (in some cases) simply leaving it there for access if needed;
  • Storage and/or archival of eMail from the eMail system;
  • Retention of any portable media in the employee’s possession (including DVDs, portable hard drives, smart phones, etc.).

As part of the early fact finding, it’s essential to determine the organization’s retention policy (and practices, especially if there’s no formal policy) for retaining data (such as the examples listed above) of departed employees.  You need to find out if the organization keeps that data, where they keep it, in what format, and for how long.

When interviewing key employees, one of the typical questions to ask is “Do you know of any other employees that may have responsive data to this litigation?”  The first several interviews with employees often identify other employees that need to be interviewed, so the interview list will often grow to locate potentially responsive electronically stored information (ESI).  It’s important to broaden that question to include employees that are no longer with the organization to identify any that also may have had responsive data and try to gather as much information about each departed employee as possible, including the department in which they worked, who their immediate supervisor was and how long they worked at the company.  Often, this information may need to be gathered from Human Resources.

Once you’ve determined which departed employees might have had responsive data and whether the organization may still be retaining any of that data, you can work with IT or whoever has possession of that data to preserve and collect it for litigation purposes.  Just because they’re departed doesn’t mean they’re not important.

So, what do you think?  Does your approach for identifying and collecting from custodians include departed custodians?  Please share any comments you might have or if you’d like to know more about a particular topic.

Image © Warner Bros.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

How Mature is Your Organization in Handling eDiscovery? – eDiscovery Best Practices

A new self-assessment resource from EDRM helps you answer that question.

A few days ago, EDRM announced the release of the EDRM eDiscovery Maturity Self-Assessment Test (eMSAT-1), the “first self-assessment resource to help organizations measure their eDiscovery maturity” (according to their press release linked here).

As stated in the press release, eMSAT-1 is a downloadable Excel workbook containing 25 worksheets (actually 27 worksheets when you count the Summary sheet and the List sheet of valid choices at the end) organized into seven sections covering various aspects of the e-discovery process. Complete the worksheets and the assessment results are displayed in summary form at the beginning of the spreadsheet.  eMSAT-1 is the first of several resources and tools being developed by the EDRM Metrics group, led by Clark and Dera Nevin, with assistance from a diverse collection of industry professionals, as part of an ambitious Maturity Model project.

The seven sections covered by the workbook are:

  1. General Information Governance: Contains ten questions to answer regarding your organization’s handling of information governance.
  2. Data Identification, Preservation & Collection: Contains five questions to answer regarding your organization’s handling of these “left side” phases.
  3. Data Processing & Hosting: Contains three questions to answer regarding your organization’s handling of processing, early data assessment and hosting.
  4. Data Review & Analysis: Contains two questions to answer regarding your organization’s handling of search and review.
  5. Data Production: Contains two questions to answer regarding your organization’s handling of production and protecting privileged information.
  6. Personnel & Support: Contains two questions to answer regarding your organization’s hiring, training and procurement processes.
  7. Project Conclusion: Contains one question to answer regarding your organization’s processes for managing data once a matter has concluded.

Each question is a separate sheet, with five answers ranked from 1 to 5 to reflect your organization’s maturity in that area (with descriptions to associate with each level of maturity).  Default value of 1 for each question.  The five answers are:

  • 1: No Process, Reactive
  • 2: Fragmented Process
  • 3: Standardized Process, Not Enforced
  • 4: Standardized Process, Enforced
  • 5: Actively Managed Process, Proactive

Once you answer all the questions, the Summary sheet shows your overall average, as well as your average for each section.  It’s an easy workbook to use with input areas defined by cells in yellow.  The whole workbook is editable, so perhaps the next edition could lock down the calculated only cells.  Nonetheless, the workbook is intuitive and provides a nice exercise for an organization to grade their level of eDiscovery maturity.

You can download a copy of the eMSAT-1 Excel workbook from here, as well as get more information on how to use it (the page also describes how to provide feedback to make the next iterations even better).

The EDRM Maturity Model Self-Assessment Test is the fourth release in recent months by the EDRM Metrics team. In June 2013, the new Metrics Model was released, in November 2013 a supporting glossary of terms for the Metrics Model was published and in November 2013 the EDRM Budget Calculators project kicked off (with four calculators covered by us here, here, here and here).  They’ve been busy.

So, what do you think?  How mature is your organization in handling eDiscovery?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Denies Plaintiff’s Fallback Request for Meet and Confer after Quashing its Subpoena – eDiscovery Case Law

 

In Boston Scientific Corporation v. Lee, 1:13-cv-13156-DJC, (N.D. Cal., Aug 4, 2014), California Magistrate Judge Paul S. Grewal found time to preside over a case other than Apple v. Samsung and granted the motion to quash the plaintiff’s subpoena for the defendant’s laptops, refusing the plaintiff’s fallback position to meet and confer and referencing Leave it to Beaver in the process.

The defendant left the employment of the plaintiff and began working for a competitor, which caused the case to be filed against him, claiming theft of trade secrets and violation of a confidentiality agreement (by downloading confidential information onto a USB thumb drive).  The defendant’s new employer assigned him a laptop when he started his employment, which he used to both perform his job duties and communicate with his attorneys. Several weeks after the lawsuit was filed, the defendant’s employer segregated this laptop with a third party e-discovery vendor, and issued him a second one.

The defendant’s employer also produced forensic information about the contents of the first laptop to the plaintiff in the form of file listing reports, which disclose extensive metadata of the files contained on the laptop, USB reports, and web browsing history reports.  When the plaintiff pressed for more, the defendant’s employer offered to have an independent vendor review a full forensic image of the first laptop to search for pertinent information, including a review of any deleted files.  The plaintiff refused, requesting forensic discovery from both laptops and issued a subpoena, to which the defendant’s employer filed a motion to quash.

Judge Grewal began his order as follows:

“This case illustrates a recurring problem in all civil discovery, especially in intellectual property cases. A party demands the sun, moon and stars in a document request or interrogatory, refusing to give even a little bit. The meet and confer required by a court in advance of a motion is perfunctory at best, with no compromise whatsoever. But when the parties appear before the court, the recalcitrant party possesses newfound flexibility and a willingness to compromise. Think Eddie Haskell singing the Beaver's praises to June Cleaver, only moments after giving him the business in private. Having considered the arguments, the court GRANTS Nevro's motion to quash.”

Explaining his decision, Judge Grewal stated “No doubt there exists discoverable information on the two laptops, but by demanding nothing less than a complete forensic image of not just one but two laptops belonging to a direct competitor, Boston Scientific demands too much. Such imaging will disclose privileged communications related to the litigation as well as irrelevant trade secrets from a nonparty-competitor.  Boston Scientific's subpoena therefore seeks discovery of protected matter, something plainly not permitted under Rule 45, rendering the subpoena overbroad and imposing an undue burden on Nevro.”

Judge Grewal noted that the plaintiff “[a]s a fall back”, proposed what the defendant’s employer had originally proposed: the retention of an independent vendor to “review a full forensic image of the Initial Laptop to search for pertinent information, including a review of any deleted files.”  Judge Grewal closed the door on that request as well, stating “to allow Boston Scientific now to seek shelter from a fallback position that Nevro previously tendered in good faith would make a mockery of both parties' obligation to meet and confer in good faith from the start.  The time to tap flexibility and creativity is during meet and confer, not after.”

So, what do you think?  Should the plaintiff have been granted its fall back request or was it too late for compromise?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Our 1,000th Post! – eDiscovery Milestones

When we launched nearly four years ago on September 20, 2010, our goal was to be a daily resource for eDiscovery news and analysis.  Now, after doing so each business day (except for one), I’m happy to announce that today is our 1,000th post on eDiscovery Daily!

We’ve covered the gamut in eDiscovery, from case law to industry trends to best practices.  Here are some of the categories that we’ve covered and the number of posts (to date) for each:

We’ve also covered every phase of the EDRM (177) life cycle, including:

Every post we have published is still available on the site for your reference, which has made eDiscovery Daily into quite a knowledgebase!  We’re quite proud of that.

Comparing our first three months of existence to now, we have seen traffic on our site grow an amazing 474%!  Our subscriber base has more than tripled in the last three years!  We want to take this time to thank you, our readers and subcribers, for making that happen.  Thanks for making the eDiscoveryDaily blog a regular resource for your eDiscovery news and analysis!  We really appreciate the support!

We also want to thank the blogs and publications that have linked to our posts and raised our public awareness, including Pinhawk, Ride the Lightning, Litigation Support Guru, Complex Discovery, Bryan University, The Electronic Discovery Reading Room, Litigation Support Today, Alltop, ABA Journal, Litigation Support Blog.com, InfoGovernance Engagement Area, EDD Blog Online, eDiscovery Journal, e-Discovery Team ® and any other publication that has picked up at least one of our posts for reference (sorry if I missed any!).  We really appreciate it!

I also want to extend a special thanks to Jane Gennarelli, who has provided some serial topics, ranging from project management to coordinating review teams to what litigation support and discovery used to be like back in the 80’s (to which some of us “old timers” can relate).  Her contributions are always well received and appreciated by the readers – and also especially by me, since I get a day off!

We always end each post with a request: “Please share any comments you might have or if you’d like to know more about a particular topic.”  And, we mean it.  We want to cover the topics you want to hear about, so please let us know.

Tomorrow, we’ll be back with a new, original post.  In the meantime, feel free to click on any of the links above and peruse some of our 999 previous posts.  Now is your chance to catch up!  😉

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Orders Sharing of Costs for Forensic Examination of Plaintiff’s Emails – eDiscovery Case Law

In Zeller v. So. Central Emergency Med. Servs. Inc., 1:13-CV-2584 (M.D. Pa. May 20, 2014), Pennsylvania Magistrate Judge Karoline Mehalchick used the Zubulake seven factor test to rule that the costs for restoring and searching the plaintiff’s emails should be shared, up to a maximum contribution by $1,500 by the plaintiff.

In this wrongful termination case based on plaintiff’s claims of retaliation by the defendant after the plaintiff took a leave of absence under the Family and Medical Leave Act (FMLA), the parties began the eDiscovery process to recover the plaintiff’s emails and asked the Court to resolve the issue of “first review” of documents identified as a result of an agreed upon search of Plaintiff’s emails, and the matter of cost-sharing.

The plaintiff asserted that he is entitled to a “first review” of all documents to be produced while the defendants asserted that after forensic retrieval of emails from Plaintiff’s email account, all non-potentially privileged documents should be forwarded directly to the defendants to save time.  Noting that “Plaintiff has no obligation to produce emails that are wholly irrelevant to either party’s claim or defense” and that broad search terms such as the plaintiff’s wife’s name was used, Judge Mehalchick ruled that the plaintiff was entitled to a “first review” of the results of the forensic examination of his email account.

Regarding the cost sharing request by the defendants, Judge Mehalchick referenced Fed. R. Civ. P. 26(b)(2)(B) and determined that the data requested was inaccessible without the forensic examination and used the seven factor balance test below for cost-shifting from Zubulake v. UBS Warburg to decide whether forensic examination costs should be shifted.  The factors are:

  1. The extent to which the request is specifically tailored to discover relevant information;
  2. The availability of such information from other sources;
  3. The total cost of production, compared to the amount in controversy;
  4. The total cost of production, compared to the resources available to each party;
  5. The relative ability of each party to control costs and its incentive to do so;
  6. The importance of the issues at stake in the litigation; and
  7. The relative benefits to the parties of obtaining the information.

Judge Mehalchick stated that “the parties were unable to identify the total cost of production of the search, compared to the amount in controversy and the resources to each party”.  However, with regard to the other five factors, she ruled that “the request is specifically tailored to discovery relevant information”, that “there is no other source which could possibly be available”, that since the parties have agreed on a forensic examiner “neither party has any more ability than the other to control the cost”, that “the information sought is important to the issues at stake in the litigation” and that “it is to the benefit of both parties to obtain the information sought”.

As a result, Judge Mehalchick found “that some cost-shifting is appropriate” and ruled “Plaintiff and Defendant should share equally in the cost of restoring and searching Plaintiff’s emails, up to a maximum contribution by Plaintiff of One Thousand Five Hundred Dollars ($1500.00).”

So, what do you think?  Was the Zubulake test applied appropriately?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

The Pitfalls of Self-Culling and Image Files – eDiscovery Best Practices

This topic came up with a recent client, so I thought I would revisit it here on this blog.

There’s a common mistake that organizations make when collecting their own files to turn over for discovery purposes.  Many attorneys turn over the collection of potentially responsive files to the individual custodians of those files, or to someone in the organization responsible for collecting those files (typically, an IT person) and the self-collection involves “self-culling” through the use of search terms.  When this happens, important files can be missed.

Self-culling by custodians, unless managed closely, can be a wildly inconsistent process (at best).  You’re expecting each custodian to apply the same search terms consistently and, even if IT performs the self-culling, the process may have to be repeated if additional search terms are identified later on.  Even worse, potentially responsive image-only files will be missed with self-culling.

It’s common to have a number of image-only files within any collection, especially if the custodians frequently scan executed documents or use fax software to receive documents from other parties.  In those cases, image-only PDF or TIFF files can often make up as much as 20% of the collection.  When custodians are asked to perform “self-culling” by performing their own searches of their data, these files, which could contain information responsive to the case, will certainly be missed.

With the possibility of inconsistent self-culling, the possibility of additional search terms identified later and the (almost certain) presence of image-only files, I usually advise against self-culling by custodians.  I also don’t recommend that IT perform culling on behalf of the custodians, unless they have the ability to process that data to identify image-only files and perform Optical Character Recognition (OCR) to capture text from them.  If your IT department has the capabilities and experience to do so (and the process and chain of custody is well documented), then that’s great.  However, most internal IT departments either don’t have the capabilities or expertise (or both), in which case it’s best to collect all potentially responsive files from the custodians and turn them over to a qualified eDiscovery provider to perform the culling (performing OCR as needed to include responsive image-only files in the resulting responsive document set).  Unless the case requires supplemental productions, there is also no need to go back to the custodians to collect additional data with the full data set available.

So, what do you think?  Do you self-collect data for discovery purposes?  If so, how do you account for image-only files?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.