Close
Enter your
text here

Collection

Pop Quiz: Is it Possible for a File to be Modified Before it is Created? – eDiscovery Best Practices

Sounds like a trick question, doesn’t it?  The answer is yes.  And, collecting files in a forensically unsound manner can be a drag…and drop.

You know those TV shows where they say “Don’t try this at home?”  Here is an exercise you can try at home.  Follow these steps:

Open Windows Explorer and go to one of your commonly used folders – for example, your Documents folder.  Select one of the documents by clicking on it.  Then, hold down the Ctrl key on your keyboard and drag that file to another folder (preferably another of your commonly used folders).  You’ve just created a copy of that file.  BTW, be sure you hold down the Ctrl key when dragging; otherwise, you will move the file to the new folder instead of copying it.

Go to the folder containing the new copy of the file in Windows Explorer and right-click on the file, then select Properties from the pop-up menu.  You will then see a Properties window similar to the one in the graphic at the top of this blog post.  In my example, I used a blog post that I wrote about a month ago in a Word document for the post Five Common Myths About Predictive Coding.

Notice anything unusual?  The Created date and the Accessed date reflect the date and time that you performed a “drag and drop” of the file to create a copy of it in a new location.  The Modified date still reflects the date the original file was last modified – in my example above, the modified date is the date and time when I last edited that document in Word.  The file appears to have been modified one month before it was created.*

If this were an eDiscovery collection scenario and you used “drag and drop” to collect a file like this, then…congratulations! – you’ve just spoliated metadata during the collection process.  This is one reason why “drag and drop” is not a recommended approach for collecting data for eDiscovery purposes.

There are better, more forensically sound, free methods for collecting data, even if your goal is simply to perform a targeted collection of active files from within a folder.  If you wish to also collect deleted files and data from drive “slack space”, there are free methods for performing that collection as well.  Next week, we will begin discussing some of those methods.

So, what do you think?  Have you used “drag and drop” as a mechanism for eDiscovery collection?  Please share any comments you might have or if you’d like to know more about a particular topic.

* – Microsoft Office files do keep their own internal metadata date fields, so the date created would still be preserved within that field.  Other file types do not, so the “drag and drop” method would eliminate the date created completely for the new copies of those files.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Four More Tips to Quash the Cost of eDiscovery – eDiscovery Best Practices

Thursday, we covered the first four tips from Craig Ball’s informative post on his blog (Ball in your Court) entitled Eight Tips to Quash the Cost of E-Discovery with tips on saving eDiscovery costs.  Today, we’ll discuss the last four tips.

5. Test your Methods and Know your ESI: Craig says that “Staggering sums are spent in e-discovery to collect and review data that would never have been collected if only someone had run a small scale test before deploying an enterprise search”.  Knowing your ESI will, as Craig notes, “narrow the scope of collection and review with consequent cost savings”.  In one of the posts on our very first day of the blog, I relayed an actual example from a client regarding a search that included a wildcard of “min*” to retrieve variations like “mine”, “mines” and “mining”.  Because there are 269 words in the English language that begin with “min”, that overly broad search retrieved over 300,000 files with hits in an enterprise-wide search.  Unfortunately, the client had already agreed to the search term before finding that out, which resulted in considerable negotiation (and embarrassment) to get the other side to agree to modify the term.  That’s why it’s always a good idea to test your searches before the meet and confer.  The better you know your ESI, the more you save.

6. Use Good Tools: Craig provides another great analogy in observing that “If you needed to dig a big hole, you wouldn’t use a teaspoon, nor would you hire a hundred people with teaspoons.  You’d use the right power tool and a skilled operator.”  Collection and review tools must fit your requirements and workflow, so, guess what?  You need to understand those requirements and your workflow to pick the right tool.  If you’re putting together a wooden table, you don’t have to learn how to operate a blowtorch if all you need is a hammer and some nails, or a screwdriver and some screws for the job.  The better that the tools fit your workflow, the more you save.

7. Communicate and Cooperate: Craig says that “Much of the waste in e-discovery grows out of apprehension and uncertainty.  Litigants often over-collect and over-review, preferring to spend more than necessary instead of giving the transparency needed to secure a crucial concession on scope or methodology”.  A big part of communication and cooperation, at least in Federal cases, is the Rule 26(f) conference (which is also known as the “meet and confer”, here are two posts on the subject).  The more straightforward you make discovery through communication and cooperation, the more you save.

8. Price is What the Seller Accepts: Craig notes that there is much “pliant pricing” for eDiscovery tools and services and relayed an example where a vendor initially quoted $43.5 million to complete a large expedited project, only to drop that quote all the way down to $3.5 million after some haggling.  Yes, it’s important to shop around.  It’s also important to be able to know the costs going in, through predictable pricing.  If you have 10 gigabytes or 1 terabyte of data, providers should be able to tell you exactly what it will cost to collect, process, load and host that data.  And, it’s always good if the provider will let you try their tools for free, on your actual data, so you know whether those tools are worth the price.  The more predictable price and value of the tools and services are, the more you save.

So, what do you think?  What are you doing to keep eDiscovery costs down?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Eight Tips to Quash the Cost of eDiscovery – eDiscovery Best Practices

By now, Craig Ball needs no introduction our readers as he has been a thought leader interview participant for the past three years.  Two years ago, we published his interview in a single post, his interview last year was split into a two part series and this year’s interview was split into a three part series.  Perhaps next year, I will be lucky enough to interview him for an hour and we can simply have a five-part “Ball Week” (like the Discovery Channel has “Shark Week”).  Hmmm…

Regardless, I’m a regular reader of his blog, Ball in your Court, as well, and, last week, he published a very informative post entitled Eight Tips to Quash the Cost of E-Discovery with tips on saving eDiscovery costs.  I thought we would cover those tips here, with some commentary:

  1. Eliminate Waste: Craig notes that “irrational fears [that] flow from lack of familiarity with systems, tools and techniques that achieve better outcomes at lower cost” results in waste.  Over-preservation and over-collection of ESI, conversion of ESI, failing to deduplicate and reviewing unnecessary files all drive the cost up.  Last September, we ran a post regarding quality control and making sure the numbers add up when you subtract filtered, NIST/system, exception, duplicate and culled (during searching) files from the collected total.  In that somewhat hypothetical example based on Enron data sets, after removing those files, only 17% of the collected files were actually reviewed (which, in many cases, would still be too high a percentage).  The less number of files that require attorney “eyes on”, the more you save.
  2. Reduce Redundancy and Fragmentation: While, according to the Compliance, Governance and Oversight Council (CGOC), information volume in most organizations doubles every 18-24 months, Craig points out that “human beings don’t create that much more unique information; they mostly make more copies of the same information and break it into smaller pieces.”  Insanity is doing the same thing over and over and expecting different results and insane review is reviewing the same documents over and over and (potentially) getting different results, which is not only inefficient, but could lead to inconsistencies and even inadvertent disclosures.  Most collections not only contain exact duplicates in the exact format (which can identified through hash-based deduplication), but also “near” duplicates that include the same content in different file formats (and at different sizes) or portions of the content in eMail threads.  The less duplicative content that requires review, the more you save.
  3. Don’t Convert ESI: In addition to noting the pitfalls of converting ESI to page-like image formats like TIFF, Craig also wrote a post about it, entitled Are They Trying to Screw Me? (discussed in this blog here).  ‘Nuff said.  The less ESI you convert, the more you save.
  4. Review Rationally: Craig discussed a couple of irrational approaches to review, including reviewing attachments without hits when the eMail has been determined to be non-responsive and the tendency to “treat information in any form from any source as requiring privilege review when even a dollop of thought would make clear that not all forms or sources of ESI are created equal when it comes to their potential to hold privileged content”.  For the latter, he advocates using technology to “isolate privileged content” as well as clawback agreements and Federal Rule of Evidence 502 for protection against inadvertent disclosure.  It’s also important to be able to adjust during the review process if certain groups of documents are identified as needing to be excluded or handled differently, such as the “All Rights Reserved” documents that I previously referenced in the “oil” AND “rights” search example.  The more intelligent the review process, the more you save.

There is too much to say about these eight tips to limit to one blog post, so on Monday (after the Good Friday holiday) we’ll cover tips 5 through 8.  The waiting is the hardest part.

So, what do you think?  What are you doing to keep eDiscovery costs down?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Fulbright’s Litigation Trends Survey Shows Increased Litigation, Mobile Device Collection – eDiscovery Trends

According to Fulbright’s 9th Annual Litigation Trends Survey released last month, companies in the United States and United Kingdom continue to deal with, and spend more on litigation.  From an eDiscovery standpoint, the survey showed an increase in requirements to preserve and collect data from employee mobile devices, a high reliance on self-preservation to fulfill preservation obligations and a decent percentage of organizations using technology assisted review.

Here are some interesting statistics from the report:

PARTICIPANTS

Here is a breakdown of the participants in the survey.

  • There were 392 total participants from the US and UK, 96% of which were either General Counsel (82%) or Head of Litigation (14%).
  • About half (49%) of the companies surveyed, were billion dollar companies with $1 billion or more in gross revenue.  36% of the total companies have revenues of $10 billion or more.

LITIGATION TRENDS

The report showed increases in both the number of cases being encountered by organizations, as well as the total expenditures for litigation.

Increasing Litigation Cases

  • This year, 92% of respondents anticipate either the same amount or more litigation, up from 89% last year.  26% of respondents expect litigation to increase, while 66% expect litigation to stay the same.  Among the larger companies, 33% of respondents expect more disputes, and 94% expect either the same number or an increase.
  • The number of respondents reporting that they had received a lawsuit rose this year to 86% estimating at least one matter, compared with 73% last year. Those estimating at least 21 lawsuits or more rose to 33% from 22% last year.
  • Companies facing at least one $20 million lawsuit rose to 31% this year, from 23% the previous year.

Increasing Litigation Costs

  • The percentage of companies spending $1 million or more on litigation has increased for the third year in a row to 54%, up from 51% in 2011 and 46% in 2010, primarily due to a sharp rise in $1 million+ cases in the UK (rising from 38% in 2010 up to 53% in 2012).
  • In the US, 53% of organizations spend $1 million or more on litigation and 17% spend $10 million or more.
  • 33% of larger companies spent $10 million on litigation, way up from 19% the year before (and 22% in 2010).

EDISCOVERY TRENDS

The report showed an increase in requirements to preserve and collect data from employee mobile devices, a high reliance on self-preservation to fulfill preservation obligations and a decent percentage of organizations using technology assisted review.

Mobile Device Preservation and Collection

  • 41% of companies had to preserve and/or collect data from an employee mobile device because of litigation or an investigation in 2012, up from 32% in 2011.
  • Similar increases were reported by respondents from larger companies (38% in 2011, up to 54% in 2012) and midsized companies (26% in 2011, up to 40% in 2012).  Only respondents from smaller companies reported a drop (from 26% to 14%).

Self-Preservation

  • 69% of companies rely on individuals preserving their own data (i.e., self-preservation) in any of their disputes or investigations.  Larger and mid-sized companies are more likely to utilize self-preservation (73% and 72% respectively) than smaller companies (52%).
  • 41% of companies use self-preservation in all of their matters, and 73% use it for half or more of all matters.
  • When not relying on self-preservation, 72% of respondents say they depend on the IT function to collect all data sources of pertinent custodians.
  • Reasons that respondents gave for not relying on self-preservation included: More cost effective and efficient not to rely on custodian 29%; Lack of compliance by custodians 24%; High profile matter 23%; High monetary or other exposure 22%; Need to conduct forensics 20%; Some or all custodians may have an incentive to improperly delete potentially relevant information; 18%; Case law does not support self-preservation 14% and High profile custodian 11%.

Technology Assisted Review

  • 35% of all respondents are using technology assisted review for at least some of their matters.  U.S. companies are more likely to employ technology-assisted review than their U.K. counterparts (40% versus 23%).
  • 43% of larger companies surveyed use technology assisted review, compared with 32% of mid-sized companies and 23% of the smaller companies.
  • Of those companies utilizing technology assisted review, 21% use it in all of their matters and 51% use it for half or more of their matters.

There are plenty more interesting stats and trends in the report, which is free(!).  To download your own copy of the report, click here.

So, what do you think?  Do any of those trends surprise you?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Daily Is Thirty! (Months Old, That Is)

Thirty months ago yesterday, eDiscovery Daily was launched.  It’s hard to believe that it has been 2 1/2 years since our first three posts that debuted on our first day.  635 posts later, a lot has happened in the industry that we’ve covered.  And, yes we’re still crazy after all these years for committing to a daily post each business day, but we still haven’t missed a business day yet.  Twice a year, we like to take a look back at some of the important stories and topics during that time.  So, here are just a few of the posts over the last six months you may have missed.  Enjoy!

In addition, Jane Gennarelli has been publishing an excellent series to introduce new eDiscovery professionals to the litigation process and litigation terminology.  Here is the latest post, which includes links to the previous twenty one posts.

Thanks for noticing us!  We’ve nearly quadrupled our readership since the first six month period and almost septupled (that’s grown 7 times in size!) our subscriber base since those first six months!  We appreciate the interest you’ve shown in the topics and will do our best to continue to provide interesting and useful eDiscovery news and analysis.  And, as always, please share any comments you might have or if you’d like to know more about a particular topic!

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Outlook Emails Can Take Many Forms – eDiscovery Best Practices

Most discovery requests include a request for emails of parties involved in the case.  Email data is often the best resource for establishing a timeline of communications in the case and Microsoft® Outlook is the most common email program used in business today.  Outlook emails can be stored in several different forms, so it’s important to be able to account for each file format when collecting emails that may be responsive to the discovery request.

There are several different file types that contain Outlook emails, including:

EDB (Exchange Database): The server files for Microsoft Exchange, which is the server environment which manages Outlook emails in an organization.  In the EDB file, a user account is created for each person authorized at the company to use email (usually, but not always, employees). The EDB file stores all of the information related to email messages, calendar appointments, tasks, and contacts for all authorized email users at the company.  EDB files are the server-side collection of Outlook emails for an organization that uses Exchange, so they are a primary source of responsive emails for those organizations.  Not all organizations that use Outlook use Exchange, but larger organizations almost always do.

OST (Outlook Offline Storage Table): Outlook can be configured to keep a local copy of a user’s items on their computer in an Outlook data file that is named an offline Outlook Data File (OST). This allows the user to work offline when a connection to the Exchange computer may not be possible or wanted. The OST file is synchronized with the Exchange computer when a connection is available.  If the synchronization is not current for a particular user, their OST file could contain emails that are not on the EDB server file, so OST files may also need to be searched for responsive emails.

PST (Outlook Personal Storage Table): A PST file is another Outlook data file that stores a user’s messages and other items on their computer. It’s the most common file format for home users or small organizations that don’t use Exchange, but instead use an ISP to connect to the Internet (typically through POP3 and IMAP).  In addition, Exchange users may move or archive messages to a PST file (either manually or via auto-archiving) to move them out of the primary mailbox, typically to keep their mailbox size manageable.  PST files often contain emails not found in either the EDB or OST files (especially when Exchange is not used), so it’s important to search them for responsive emails as well.

MSG (Outlook MSG File): MSG is a file extension for a mail message file format used by Microsoft Outlook and Exchange.  Each MSG file is a self-contained unit for the message “family” (email and its attachments) and individual MSG files can be saved simply by dragging messages out of Outlook to a folder on the computer (which could then be stored on portable media, such as CDs or flash drives).  As these individual emails may no longer be contained in the other Outlook file types, it’s important to determine where they are located and search them for responsiveness.  MSG is also the most common format for native production of individual responsive Outlook emails.

Other Outlook file types that might contain responsive information are EML (Electronic Mail), which is the Outlook Express email format and PAB (Personal Address Book), which, as the name implies, stores the user’s contact information.

Of course, Outlook emails are not just stored within EDB files on the server or these other file types on the local workstation or portable media; they can also be stored within an email archiving system or synchronized to phones and other portable devices.  Regardless, it’s important to account for the different file types when collecting potentially responsive Outlook emails for discovery.

So, what do you think?  Are you searching all of these file types for responsive Outlook emails?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Craig Ball of Craig D. Ball, P.C. – eDiscovery Trends, Part 3

This is the tenth (and final) of the 2013 LegalTech New York (LTNY) Thought Leader Interview series.  eDiscoveryDaily interviewed several thought leaders at LTNY this year and generally asked each of them the following questions:

  1. What are your general observations about LTNY this year and how it fits into emerging trends?
  2. If last year’s “next big thing” was the emergence of predictive coding, what do you feel is this year’s “next big thing”?
  3. What are you working on that you’d like our readers to know about?

Today’s thought leader is Craig Ball.  A frequent court appointed special master in electronic evidence, Craig is a prolific contributor to continuing legal and professional education programs throughout the United States, having delivered over 1,000 presentations and papers.  Craig’s articles on forensic technology and electronic discovery frequently appear in the national media, and he writes a monthly column on computer forensics and eDiscovery for Law Technology News called Ball in your Court, as well as blogs on those topics at ballinyourcourt.com.

Craig was very generous with his time again this year and our interview with Craig had so much good information in it, we couldn’t fit it all into a single post.  Wednesday was part 1 and yesterday was part 2.  Today is the third and last part.  A three-parter!

Note: I asked Craig the questions in a different order and, since the show had not started yet when I interviewed him, instead asked about the sessions in which he was speaking.

What are you working on that you’d like our readers to know about?

I’m really trying to make 2013 the year of distilling an extensive but idiosyncratic body of work that I’ve amassed through years of writing and bring it together into a more coherent curriculum.  I want to develop a no-cost casebook for law students and to structure my work so that it can be more useful for people in different places and phases of their eDiscovery education.  So, I’ll be working on that in the first six or eight months of 2013 as both an academic and a personal project.

I’m also trying to go back to roots and rethink some of the assumptions that I’ve made about what people understand.  It’s frustrating to find that lawyers talking about, say, load files when they don’t really know what a load file is, they’ve never looked at a load file.  They’ve left it to somebody else and, so, the resolution of difficulties has gone through so many hands and is plagued by so much miscommunication.   I’d like to put some things out there that will enable lawyers in a non-threatening and accessible way to gain comfort in having a dialog about the fundamentals of eDiscovery that you and I take for granted.  So, that we don’t have to have this reliance upon vendors for the simplest issues.  I don’t mean that vendors won’t do the work, but I don’t think we should have to bring a technical translator in for every phone call.

There should be a corpus of competence that every litigator brings to the party, enabling them to frame basic protocols and agreements that aren’t merely parroting something that they don’t understand, but enabling them to negotiate about issues in ways that the resolutions actually make sense.  Saying “I won’t give you 500 search terms, but I’ll give you 250” isn’t a rational resolution.  It’s arbitrary.

There are other kinds of cases that you can identify search terms “all the live long day” and they’re really never going to get you that much closer to the documents you want.  The best example in recent years was the Pippins v. KPMG case.  KPMG was arguing that they could use search terms against samples to identify forensically significant information about work day and work responsibility.  That didn’t make any sense to me at all.  The kinds of data they were looking for wasn’t going to be easily found by using keyword search.  It was going to require finding data of a certain character and bringing a certain kind of analysis to it, not an objective culling method like search terms.  Search terms have become like the expression “if you have a hammer, the whole world looks like a nail”.  We need to get away from that.

I think a little education made palatable will go a long way.  We need some good solid education and I’m trying to come up with something that people will borrow and build on.  I want it to be something that’s good enough that people will say “let’s just steal his stuff”.  That’s why I put it out there – it’s nice that they credit me and I appreciate it; but if what you really want to do is teach people, you don’t do it for the credit, you do it for the education.  That’s what I’m about, more this year than ever before.

Thanks, Craig, for participating in the interview!

And to the readers, as always, please share any comments you might have or if you’d like to know more about a particular topic!

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Craig Ball of Craig D. Ball, P.C. – eDiscovery Trends, Part 2

This is the tenth (and final) of the 2013 LegalTech New York (LTNY) Thought Leader Interview series.  eDiscoveryDaily interviewed several thought leaders at LTNY this year and generally asked each of them the following questions:

  1. What are your general observations about LTNY this year and how it fits into emerging trends?
  2. If last year’s “next big thing” was the emergence of predictive coding, what do you feel is this year’s “next big thing”?
  3. What are you working on that you’d like our readers to know about?

Today’s thought leader is Craig Ball.  A frequent court appointed special master in electronic evidence, Craig is a prolific contributor to continuing legal and professional education programs throughout the United States, having delivered over 1,000 presentations and papers.  Craig’s articles on forensic technology and electronic discovery frequently appear in the national media, and he writes a monthly column on computer forensics and eDiscovery for Law Technology News called Ball in your Court, as well as blogs on those topics at ballinyourcourt.com.

Craig was very generous with his time again this year and our interview with Craig had so much good information in it, we couldn’t fit it all into a single post.  Yesterday was part 1.  Today is part 2 and part 3 will be published in the blog on Friday.  A three-parter!

Note: I asked Craig the questions in a different order and, since the show had not started yet when I interviewed him, instead asked about the sessions in which he was speaking.

I noticed that you are speaking at a couple of sessions here.  What would you like to tell me about those sessions?

{Interviewed the evening before the show}  I am on a Technology Assisted Review panel with Maura Grossman and Ralph Losey that should be as close to a barrel of laughs as one can have talking about technology assisted review.  It is based on a poker theme – which was actually Matt Nelson’s (of Symantec) idea.  I think it is a nice analogy, because a good poker player is a master or mistress of probabilities, whether intuitively or overtly performing mental arithmetic that are essentially statistical and probability calculations.  Such calculations are key to quality assurance and quality control in modern review.

We have to be cautious not to require the standards for electronic assessments to be dramatically higher than the standards applied to human assessments.  It is one thing with a new technology to demand more of it to build trust.  That’s a pragmatic imperative.  It is another thing to demand so exalted a level of scrutiny that you essentially void all advantages of the new technology, including the cost savings and efficiencies it brings.  You know the old story about the two hikers that encounter the angry grizzly bear?  They freeze, and then one guy pulls out running shoes and starts changing into them.  His friend says “What are you doing? You can’t outrun a grizzly bear!” The other guy says “I know.  I only have to outrun you”.  That is how I look at technology assisted review.  It does not have to be vastly superior to human review; it only has to outrun human review.  It just has to be as good or better while being faster and cheaper.

We cannot let the vague uneasiness about the technology cause it to implode.  If we have to essentially examine everything in the discard pile, so that we not only pay for the new technology but also back it up with the old.  That’s not going to work.  It will take a few pioneers who get the “arrows in the back” early on—people who spend more to build trust around the technology that is missing at this juncture.  Eventually, people are going to say “I’ve looked at the discard pile for the last three cases and this stuff works.  I don’t need to look at all of that any more.

Even the best predictive coding systems are not going to be anywhere near 100% accurate.  They start from human judgment where we’re not even sure what “100% accurate” is, in the context of responsiveness and relevance.  There’s no “gold standard”.  Two different qualified people can look at the same document and give a different assessment and approximately 40% of the time, they do.  And, the way we decide who’s right is that we bring in a third person.  We indulge the idea that the third person is the “topic authority” and what they say goes.  We define their judgment as right; but, even their judgments are human.  To err being human, they’re going to make misjudgments based on assumptions, fatigue, inattention, whatever.

So, getting back to the topic at hand, I do think that the focus on quality assurance is going to prompt a larger and long overdue discussion about the efficacy of human review.  We’ve kept human review in this mystical world of work product for a very long time.  Honestly, the rationale for work product doesn’t naturally extend over to decisions about responsiveness and relevance.  Even though, most of my colleagues would disagree with me out of hand.  They don’t want anybody messing with privilege or work product.  It’s like religion or gun control—you can’t even start a rational debate.

Things are still so partisan and bitter.  The notions of cooperation, collaboration, transparency, translucency, communication – they’re not embedded yet.  People come to these processes with animosity so deeply seated that you’re not really starting on a level playing field with an assessment of what’s best for our system of justice.  Justice is someone else’s problem.  The players just want to win.  That will be tough to change.

We “dinosaurs” will die off, and we won’t have to wait for the glaciers to advance.  I think we will have some meteoric events that will change the speed at which the dinosaurs die.  Technology assisted review is one.  We’ve seen a meteoric rise in the discussion of the topic, the interest in the topic, and I think it will have a meteoric effect in terms of more rapidly extinguishing very bad and very expensive practices that don’t carry with them any more superior assurance of quality.

More from Craig tomorrow!

And to the readers, as always, please share any comments you might have or if you’d like to know more about a particular topic!

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

 

Craig Ball of Craig D. Ball, P.C. – eDiscovery Trends, Part 1

This is the tenth (and final) of the 2013 LegalTech New York (LTNY) Thought Leader Interview series.  eDiscoveryDaily interviewed several thought leaders at LTNY this year and generally asked each of them the following questions:

  1. What are your general observations about LTNY this year and how it fits into emerging trends?
  2. If last year’s “next big thing” was the emergence of predictive coding, what do you feel is this year’s “next big thing”?
  3. What are you working on that you’d like our readers to know about?

Today’s thought leader is Craig Ball.  A frequent court appointed special master in electronic evidence, Craig is a prolific contributor to continuing legal and professional education programs throughout the United States, having delivered over 1,000 presentations and papers.  Craig’s articles on forensic technology and electronic discovery frequently appear in the national media, and he writes a monthly column on computer forensics and eDiscovery for Law Technology News called Ball in your Court, as well as blogs on those topics at ballinyourcourt.com.

Craig was very generous with his time again this year and our interview with Craig had so much good information in it, we couldn’t fit it all into a single post.  So, today is part 1.  Parts 2 and 3 will be published in the blog on Thursday and Friday.  A three-parter!

Note: I asked Craig the questions in a different order and, since the show had not started yet when I interviewed him, instead asked about the sessions in which he was speaking.

If last year’s “next big thing” was the emergence of predictive coding, what do you feel is this year’s “next big thing”?

I think this is the first year where I do not have a ready answer to that question.  It’s  like the wonderful movie Groundhog Day.  I am on the educational planning board for the show, and as hard as we try to find and present fresh ideas, technology assisted review is once again the dominant topic.

This year, we will see a change of the marketing language repositioning the (forgive the jargon) “value proposition” for the tools being sold continuing to move more towards the concept of information governance.  If knowledge management had a “hook up” here at LTNY with eDiscovery, their offspring would be information governance.  Information governance represents a way to spread the cost of eDiscovery infrastructure among different budgets.  It’s not a made up value proposition.  Security and regulatory people do have a need, and many departments can ultimately benefit from more granular and regimented management of their unstructured and legacy information stores.

I remain something of a skeptic about what has come to be called “defensible deletion.”  Most in-house IT people do not understand that, even after you purchase a single instance de-duplication solution, you’re still going to have as much of 40% “bloat” in your collection of data between local stores, embedded and encoded attachments, etc.  So, there are marked efficiencies we can achieve by implementing sensible de-duplication and indexing mechanisms that are effective, ongoing and systemic. Consider enterprise indexing models that basically let your organization and its information face an indexing mechanism in much the same way as the internet faces Google.   Almost all of us interact with the internet through Google, and often get the information we are seeking from the Google index or synopsis of the data without actually proceeding to the indexed site.  The index itself becomes the resource, and the document indexed a distinct (and often secondary) source.  We must ask ourselves: “if a document is indexed, does it ever leave our collection?”

I also think eDiscovery education is changing and I am cautiously optimistic.  But, people are getting just enough better information about eDiscovery to be dangerous.  And, they are still hurting themselves by expecting there to be some simple “I don’t really need to know it” rule of thumb that will get them through.  And, that’s an enormous problem.  You can’t cross examine from a script.  Advocates need to understand the answers they get and know how to frame the follow up and the kill.  My cautious optimism respecting education is function of my devoting so much more of my time to education at the law school and professional levels as well as for judicial organizations.  I am seeing a lot more students interested in the material at a deeper level, and my law class that just concluded in December impressed me greatly.   The level of enthusiasm the students brought to the topic and the quality and caliber of their questions were as good as any I get from my colleagues in the day to day practice of eDiscovery.  Not just from lawyers, but also from people like you who are deeply immersed in this topic.

That is not so much a credit to my teaching (although I hope it might be).  The greatest advantage that students have is that they have haven’t yet acquired bad habits and don’t come with preconceived notions about what eDiscovery is supposed to be.  Conversely, many lawyers literally do not want to hear about certain topics–they “glaze” and immediately start looking for a way to say “this cannot be important, I cannot have to know this”.  Law students don’t waste their energy that way. If the professor says “you need to know this”, then they make it their mission to learn.  Yesterday, I had a conversation with a student where she said “I really wish we could have learned more about search strategies and more ways to apply sophisticated tools hands on”.  That’s exactly what I wish lawyers would say.

I wish lawyers were clamoring to better understand things like search or de-duplication or the advantages of one form of production over another.  Sometimes, I feel like I am alone in my assessment that these are crucial issues. If I am the only one thinking that settling on forms of productions early and embracing native forms of production is crucial to quality, what is wrong with me?

I am still surprised at how many people TIFF most of their collection or production.

They have no clue how really bad that is, not just in terms in cost but also in terms of efficiency.  I am hoping the dialogue about TAR will bring us closer to a serious discussion about quality in eDiscovery.  We never had much of a dialogue about the quality of human review or the quality of paper production.  Either we didn’t have the need, or, more likely we were so immersed in what we were doing we did not have the language to even begin the conversation.

I wrote in a blog post recently about an experiment discussed in my college Introductory Psychology course where this cool experiment involved raising kittens such that they could only see for a few hours a day in an environment composed entirely horizontals or verticals.  Apparently, if you are raised from birth only seeing verticals, you do not learn to see horizontals, and vice-versa.  So, if I raise a kitten among the horizontals and take a black rod and put it in front of them, they see it when it is horizontal.  But, if I orient it vertically, it disappears in their brain.  That is kind of how we are with lawyers and eDiscovery.

There are just some topics that you and I and our colleagues see the importance of, but lawyers have been literally raised without the ability to see why those things matter.  They see what has long been presented to them in, say, Summation or Concordance, as an assemblage of lousy load files and error ridden OCR and colorless images stripped of embedded commentary.  They see this information so frequently and so exclusively that they think that’s the document and, since they only have paper document frames of reference (which aren’t really that much better than TIFFs), they think this must be what electronic evidence looks like.  They can’t see the invisible plane they’ve been bred to overlook.

You can look at a stone axe and appreciate the merits of a bronze axe – if all that you’re comparing it to are prehistoric tools, a bronze axe looks pretty good.  But, today we have chainsaws. I want lawyers demanding chainsaws to deal with electronic information and to throw away those incredibly expensive stone axes; but, unfortunately, they make more money using stone axes.  But, not for long.  I am seeing the “house of cards” start to shake and the house of cards I am talking about is the $100 to $300 (or more) per gigabyte pricing for eDiscovery.  I think that model is not only going to be short lived, but will soon be seen as negligence in the lawyers who go that route and as exploitive gouging by service providers, like selling a bottle of water for $10 after Hurricane Sandy.  There is a point at which price gouging will be called out.  We can’t get there fast enough.

More from Craig tomorrow!

And to the readers, as always, please share any comments you might have or if you’d like to know more about a particular topic!

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

 

Alon Israely, Esq., CISSP of BIA – eDiscovery Trends

This is the sixth of the 2013 LegalTech New York (LTNY) Thought Leader Interview series.  eDiscoveryDaily interviewed several thought leaders at LTNY this year and generally asked each of them the following questions:

  1. What are your general observations about LTNY this year and how it fits into emerging trends?
  2. If last year’s “next big thing” was the emergence of predictive coding, what do you feel is this year’s “next big thing”?
  3. What are you working on that you’d like our readers to know about?

Today’s thought leader is Alon Israely.  Alon is a Manager of Strategic Partnerships at Business Intelligence Associates (BIA) and currently leads the Strategic Partner Program at BIA.  Alon has over seventeen years of experience in a variety of advanced computing-related technologies and has consulted with law firms and their clients on a variety of technology issues, including expert witness services related to computer forensics, digital evidence management and data security.  Alon is an attorney and Certified Information Security Specialist (CISSP).

What are your general observations about LTNY this year and how it fits into emerging trends?

{Interviewed on the second afternoon}  Looking at the show and walking around the exhibit hall, I feel like the show is less chaotic than in the past.  It seems like there are less vendors, though I don’t know that for a fact.  However, the vendors that are here appear to have accomplished quite a bit over the last twelve months to better clarify their messaging, as well as to better fine tune their offerings and the way they present those offerings.  It’s actually more enjoyable for me to walk through the exhibit hall this year – last year felt so chaotic and it was really difficult to differentiate the offerings.  That has been a problem in the legal technology business – no one really knows what the different vendors really do and they all seem to do the same thing.  Because of better messaging, I think this is the first year I started to truly feel that I can differentiate vendor offerings, probably because some of the vendors that entered the industry in the past few years have reached a maturity level.

So, it’s not that I am not seeing new technologies, methods or ways of doing things in eDiscovery; instead, I am seeing better ways of doing things.  As well as vendors simply getting better at their own pitch and messaging.  And, by that, I mean everything involved in the messaging – the booth, the sales reps in the booth, the product being offered, everything.

If last year’s “next big thing” was the emergence of predictive coding, what do you feel is this year’s “next big thing”?

I think this year’s “next big thing” follows the same theme as last year’s “next big thing”, only you’re going to see more mature Technology Assisted Review (TAR) solutions and more mature predictive coding.  It won’t be just that people provide a predictive coding solution; they will also provide a work flow around the solution and a UI around the solution, as well as a method, a process, testing and even certification.  So, what will happen is that the trend will still be technology assisted review and predictive coding and analytics, just that it won’t be so “bleeding edge”.  The key is presentation of data such that it helps attorneys get through the data in a smarter way – not necessarily just culling, but understanding the data that you have and how to get through it faster and more accurately.  I think that the delivery of those approaches through solution providers, software providers and even service providers seems to be more mature and more focused.  Now, there is an actual tangible “thing” that I can touch that shows it is not just a bullet point – “Hey, we do predictive coding!” – instead, there is actually a method in which it is deployed to you, and to your case or your matter.

What are you working on that you’d like our readers to know about?

BIA is really redefining eDiscovery with respect to how the corporate customer looks at it.  How does the corporation look at eDiscovery?  They look at it as part of information security and information management and we find that IT departments are very much more involved in the decision making process.  Having information security roots, BIA is leveraging our preservation technology and bringing in an eDiscovery tool kit and platform that a company can use that will get them where they need to be with respect to compliance, defensibility and efficiency.  We also have the only license model for eDiscovery in the business with respect to the kind of corporate license model, the per seat model that we offer.  We are saying “look, we have been doing this for 10 years and we know exactly what we are doing”.  We use cutting edge technology and while other cloud providers have claimed that they are leveraging utility computing, we are not only saying that, we are actually doing it.  If you don’t believe us, check it out and bring your best technology people and they will see we are telling the truth on that.  We are leveraging our technology for what happens from the corporate perspective.

We are not a review tool and you cannot produce documents out of our software, but that is why clients have software products like OnDemand®; with it, they can do all the different types of review they want and batch it out and use 100 reviewers or 10 reviewers or whatever.  BIA supports the corporations who care about legal hold and preservation and collections and insuring that they are not sending millions of gigs over for costly review.  We support from the corporate perspective, whether you want to call it on the left side of the EDRM model or not, what the GC needs.  GCs want to make sure that they have not deleted some piece of data that will be needed in court.  Notifying clients of that requirement, taking a “snap shot” of that data, locking it down, collecting that data and then insuring that our clients are following the right work flow is basically what we bring to the table.  We have also automated about 80% of the manual tasks with TotalDiscovery, which makes the GC happy and brings that protection to the organization at the right price.  Between TotalDiscovery and a review application like OnDemand, you don’t need anything else.  You don’t need twenty applications for a full solution – two applications are all you need.

Thanks, Alon, for participating in the interview!

And to the readers, as always, please share any comments you might have or if you’d like to know more about a particular topic!

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.