eDiscoveryDaily

eDiscovery Case Law: Facebook Did Not Deduce That They Must Produce

In this case, United States Magistrate Judge Howard Lloyd of the Northern District of California compelled Facebook to produce ESI that was previously produced in a converted, non-searchable format and further ordered Facebook not to use a third-party vendor’s online production software to merely “provide access” to it.  The court’s order granting the plaintiff’s Motion To Compel Production in In re Facebook PPC Advertising Litigation, 2011 WL 1324516 (N.D.Cal. Apr. 6, 2011) addressed the importance of ESI Protocols, the requirement to produce ESI in native formats, and production of documents versus providing access to them.  A copy of the order can be found here.

Several plaintiffs brought a class action against Facebook for breach of contract and violation of California’s Unfair Competition Law, suing Facebook for allegedly misrepresenting the quality of its “click filters,” which are filters used to prevent charging merchants when advertisements are inadvertently clicked.  When discovery disputes occurred, plaintiffs filed their Motion To Compel, alleging:

  1. Facebook refused to agree to an ESI Protocol to establish the manner and form of electronic production, including agreement on search words or phrases, custodians and time frames for production,
  2. Facebook uploaded its responses to discovery requests to a commercial website (Watchdox.com) in a manner that seriously limited the plaintiffs’ ability to review them.  Documents on Watchdox.com could not be printed and Facebook, citing confidentiality concerns, retained the ability to cause documents to expire and no longer be accessible after a period of time.
  3. The documents loaded to Watchdox.com, as well as others that were actually produced, were not in their native format, and thus were unsearchable and unusable.  One such document was an 18,000 page customer complaint database printed to PDF which lacked any searchable features.

With regard to the refusal to agree to an ESI protocol, Facebook argued that such a protocol would result in “forcing the parties to anticipate and address all potential issues on the form of electronic production” and “would likely have the result of frustrating and slowing down the discovery process.” The court rejected this argument, noting “The argument that an ESI Protocol cannot address every single issue that may arise is not an argument to have no ESI Protocol at all”.

In reviewing Facebook’s production protocol, the Court noted that “each of these steps make the discovery process less efficient without providing any real benefit.” and found that Facebook’s privacy concerns were unreasonable since a two tiered protective order already existed in the case as well as the fact that confidential documents could be marked as such to prevent inadvertent disclosures.  The Court held that Facebook’s use of Watchdox.com was unduly burdensome on the Plaintiffs and thus ordered Facebook to produce any documents that had been uploaded to Watchdox.com in their native searchable formats.  The Court also ordered Facebook to reproduce previously produced documents that were provided in an unsearchable format in their native searchable formats.

So, what do you think?  Is merely providing access to documents sufficient for production?  Please share any comments you might have or if you’d like to know more about a particular topic.

Working Successfully with eDiscovery and Litigation Support Service Providers: Preventing Unexpected Costs

 

Unfortunately, it’s just not possible to know up-front precisely what a litigation support or eDiscovery project will cost.  There are too many unknowns, and, therefore, too many opportunities for surprises regarding costs.  You can, however, avoid some of those surprises with good upfront communication with the vendor.

Here are some steps you can take to prevent surprises and control costs:

  • Make sure that you have a clear understanding of every unit price the vendor provides to you in an estimate.  Some tasks may be charged per-page, others per-document, others per gigabyte, and others on an hourly basis.  Make sure that you understand how the work is being charged and that you agree that the price model makes sense.
  • Require that the service provider prepare an estimate of total project costs in addition to providing unit pricing.  That estimate should be based on a reasonable estimate of the size of the collection and on assumptions about the project that you provide to the vendor.  Ask the vendor to include all incidental cost components in the estimate.  For example, it the vendor charges for project management, supplies and shipping, require that the estimate include these costs based on their experience with similar projects.
  • Before signing a contract, come to agreement on how any changes in the assumptions will affect the price.
  • Review a sample invoice and make sure that you understand its components.  You may need to verify the vendor’s invoices, so make sure that they provide an invoice you understand.  Changing the format of an invoice may not be easy for a vendor, so it’s probably not reasonable to ask them to do so.  You could, however, ask for a cover letter with each invoice explaining charges that may not be clear or evident .  It’s always better to ask for these types of “extras” before signing a contract with a vendor.
  • Find out what the vendor’s policy is on price changes or notification of such.

These are easy steps that don’t take much time.  This extra effort up-front, however, can avoid surprises and disagreements down the road.

What steps do you take to prevent cost problems with vendor work?  Please share any comments you might have and let us know if you’d like to know more about an eDiscovery topic.

Working Successfully with eDiscovery and Litigation Support Service Providers: Monitoring Work and Preventing Problems

 

So many law firm litigation support folks that I know have an unpleasant war story or two about a project they did with a vendor.  I usually find these frustrating, because more often than not, the problems could have been avoided.  Taking a few preventative steps early on, and doing a good job of monitoring project activity can make all the difference.   In the next few posts in this series, we’re going to look at ways to make the projects you do with vendors run smoother.

First, let’s look at the potential problem areas.  There are three:

  • Unexpected project costs
  • Missed deadlines
  • Poor work quality

Very often, the problems in these areas result from poor communication between the litigation team and the service provider.  Sometimes, the problems stem from poor up-front communication, which results in a misunderstanding of requirements, priorities and expectations.  Other times, the problems arise because of poor communication during the project itself.

There are several steps you can take up-front to minimize the potential for problems.  These steps will foster a good understanding of expectations and requirements and build lines of communication into the process.  Constant communication with the service provider throughout the life of the project is likewise important.  If you are in frequent communication you are likely to catch problems before they get out of hand and before they turn into major headaches.

The next several blog posts will cover steps you can take to minimize the potential for problems with unexpected project costs, problems with meeting deadlines, and problems with sub-standard work quality.

What steps do you take to prevent problems with vendor work?  Please share any comments you might have and let us know if you’d like to know more about an eDiscovery topic.

eDiscovery Best Practices: Checking for Malware is the First Step to eDiscovery Processing

 

A little over a month ago, I noted that we hadn’t missed a (business) day yet in publishing a post for the blog.  That streak almost came to an end last week.

As I often do in the early mornings before getting ready for work, I spent some time searching for articles to read and identifying potential blog topics and found a link on a site related to “New Federal Rules”.  Curious, I clicked on it and…up popped a pop-up window from our virus checking software (AVG Anti-Virus, or so I thought) that the site had found a file containing a “trojan horse” program.

The odd thing about the pop-up window is that there was no “Fix” button to fix the trojan horse.  There were only choices to “Ignore” the virus or “Move it to the Vault”.  So, I chose the best available option to move it to the vault.

Then, all hell broke loose.

I received error messages that my hard drive had corrupted, that my RAM was maxed – you name it.

Turns out the trojan horse has provided a “rogue” pop-up window, designed to look like AVG Anti-Virus, to dupe me into activating the program by clicking on a button.  If you studied the Trojan War in school, you know that’s why they call it a “trojan horse” – it fools you into letting it into your system.

While its common to refer to all types of malware as “viruses”, a computer virus is only one type of malware.  Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, scareware, crimeware, most rootkits, and other malicious and unwanted software or program.  A report from Symantec published in 2008 suggested that "the release rate of malicious code and other unwanted programs may be exceeding that of legitimate software applications”.

I’ve worked with a lot of clients who don’t understand why it can take time to get ESI processed and loaded into their review platform.  Depending on the types of files, several steps can be required to get the files ready to review, including “unarchiving” of container files, OCR (of image only files) and, of course, indexing of the files for searchability (among other possible steps).  But, the first step is to scan the files for viruses and other malware that may be infecting the files.  If malware is found in any files, the files have to be identified.  Then, those files will either be isolated and logged as exceptions or the virus software will attempt to remove the malware.  While it may seem logical that the malware should always be removed, doing so is technically altering the file, so counsel need to agree that malware removal is acceptable.  Either way, the malware needs to be addressed so that it doesn’t affect the entire collection.

As for me, as soon as the infection was evident, I turned my laptop off and turned it over to our support department at Trial Solutions.  By the end of the day, I had it back, good as new!  Thanks, Tony Cullather!

So, what do you think?  How do you handle malware in your collections?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Best Practices: 4 Steps to Effective eDiscovery With Software Analytics

 

I read an interesting article from Texas Lawyer via Law.com entitled “4 Steps to Effective E-Discovery With Software Analytics” that has some interesting takes on project management principles related to eDiscovery and I’ve interjected some of my thoughts into the analysis below.  A copy of the full article is located here.  The steps are as follows:

1. With the vendor, negotiate clear terms that serve the project's key objectives.  The article notes the important of tying each collection and review milestone (e.g., collecting and imaging data; filtering data by file type; removing duplicates; processing data for review in a specific review platform; processing data to allow for optical character recognition (OCR) searching; and converting data into a tag image file format (TIFF) for final production to opposing counsel) to contract terms with the vendor. 

The specific milestones will vary – for example, conversion to TIFF may not be necessary if the parties agree to a native production – so it’s important to know the size and complexity of the project, and choose only an experienced eDiscovery vendor who can handle the variations.

2. Collect and process data.  Forensically sound data collection and culling of obviously unresponsive files (such as system files) to drastically decrease the overall review costs are key services that a vendor provides in this area.  As we’ve noted many times on this blog, effective culling can save considerable review costs – each gigabyte (GB) culled can save $16-$18K in attorney review costs.

The article notes that a hidden cost is the OCR process of translating extracted text into a searchable form and that it’s an optimal negotiation point with the vendor.  This may have been true when most collections were paper based, but as most collections today are electronic based, the percentage of documents requiring OCR is considerably less than it used to be.  However, it is important to be prepared that there are some native files which will be “image only”, such as TIFFs and scanned PDFs – those will require OCR to be effectively searched.

3. Select a data and document review platform.  Factors such as ease of use, robustness, and reliability of analytic tools, support staff accessibility to fix software bugs quickly, monthly user and hosting fees, and software training and support fees should be considered when selecting a document review platform.

The article notes that a hidden cost is selecting a platform with which the firm’s litigation support staff has no experience as follow-up consultation with the vendor could be costly.  This can be true, though a good vendor training program and an intuitive interface can minimize or even eliminate this component.

The article also notes that to take advantage of the vendor’s more modern technology “[a] viable option is to use a vendor's review platform that fits the needs of the current data set and then transfer the data to the in-house system”.  I’m not sure why the need exists to transfer the data back – there are a number of vendors that provide a cost-effective solution appropriate for the duration of the case.

4. Designate clear areas of responsibility.  By doing so, you minimize or eliminate inefficiencies in the project and the article mentions the RACI matrix to determine who is responsible (individuals responsible for performing each task, such as review or litigation support), accountable (the attorney in charge of discovery), consulted (the lead attorney on the case), and informed (the client).

Managing these areas of responsibility effectively is probably the biggest key to project success and the article does a nice job of providing a handy reference model (the RACI matrix) for defining responsibility within the project.

So, what do you think?  Do you have any specific thoughts about this article?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: Apple Responds to the iPhone/iPad Location Controversy

 

Yesterday, we talked about the latest litigation for Apple, which was sued for alleged privacy invasion and computer fraud by two customers in a federal complaint in Tampa, Florida who claim the company is secretly recording and storing the location and movement of iPhone and iPad users.  Yesterday, Apple issued a press release response to questions regarding this controversy, published here on Business Wire.

Highlights:

  • Apple reiterated that they are “not tracking the location of your iPhone. Apple has never done so and has no plans to ever do so.”
  • Instead, according to Apple, the iPhone is “maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone, to help your iPhone rapidly and accurately calculate its location when requested.”
  • Apple says that the “database is too big to store on an iPhone, so [they] download an appropriate subset (cache) onto each iPhone. This cache is protected but not encrypted, and is backed up in iTunes whenever you back up your iPhone.”
  • Geo-tagged Wi-Fi hotspot and cell tower data is sent to Apple in an anonymous and encrypted form” and “ Apple cannot identify the source of this data.”
  • The reason the iPhone stores up to a year’s worth of location data is “a bug we uncovered and plan to fix shortly”.  “We don’t think the iPhone needs to store more than seven days of this data.”
  • The iPhone sometimes shouldn’t continue updating its Wi-Fi and cell tower data when Location Services is turned off.  “This is a bug, which we plan to fix shortly”.
  • Apple also noted that they will release a free iOS software update “sometime in the next few weeks” that: “reduces the size” of the database cached on the iPhone, “ceases backing up the cache”, and “deletes this cache entirely when Location Services is turned off”.

We’ll see how this press release impacts the litigation and various regulatory investigations.

So, what do you think?  Have you been involved in a case where GPS location data was relevant?   Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: It’s 10 PM, Does Apple Know Where You Are?

 

Over 30 years ago, local TV stations across the country ran this ad, asking the question “It’s 10 PM, do you know where you children are?”

Today, they could ask the question of many iPhone and iPad users, “It’s 10 PM, does Apple know where you are?”

According to Bloomberg on Monday, “Apple Inc. (AAPL) was sued for alleged privacy invasion and computer fraud by two customers who claim the company is secretly recording and storing the location and movement of iPhone and iPad users, according to a federal complaint filed…in Tampa, Florida.”

Vikram Ajjampur, an iPhone user in Florida, and William Devito, a New York iPad customer, sued April 22 in federal court in Tampa, Florida, seeking a judge’s order barring the alleged data collection and requesting refunds for their phones.

The lawsuit references a report from two computer programmers who indicated that “those of us who own either an iPhone or iPad may have been subjected to privacy invasion since the introduction of iOS 4.0” (operating system).  The report claims that Apple’s iOS4 operating system is logging latitude-longitude coordinates along with the time a spot is visited, is collecting about a year’s worth of location data, and logs location data to a file called "consolidated.db", which is unencrypted and unprotected.

“We take issue specifically with the notion that Apple is now basically tracking people everywhere they go,” Aaron Mayer, an attorney for the plaintiffs, said. “If you are a federal marshal, you have to have a warrant to do this kind of thing, and Apple is doing it without one.”

In addition to the Florida lawsuit, the Illinois Attorney General has asked to meet with Apple executives to discuss these reports and French, German, Italian and South Korean regulators are also investigating the alleged location collection feature as a result of the programmers’ report.

So far, Apple has not commented – officially.  However, MacRumors reports that Steve Jobs has responded to one emailer who requested “Maybe you could shed some light on this for me before I switch to a Droid. They don't track me.”  To which Jobs allegedly responded, “Oh yes they do. We don't track anyone. The info circulating around is false.  Sent from my iPhone.”

True or False?  We’ll hopefully see.  It seems that every week there is a new type of data that can be relevant to the eDiscovery process, doesn’t it?

So, what do you think?  Have you been involved in a case where GPS location data was relevant?   Please share any comments you might have or if you’d like to know more about a particular topic.

Working Successfully with eDiscovery and Litigation Support Service Providers: Questions to Ask when Checking References, Part 3

 

Last week, we started and continued a list of questions to ask when you are doing a reference check.  So far, the list includes general project questions, questions about communicating with the vendor, questions about costs, and questions aimed at evaluating the quality of a vendor’s work. Today we’ll complete the list with questions about the vendor’s ability to meet schedule requirements, and questions aimed at assessing the vendor’s overall performance. 

Questions regarding schedule requirements, meeting deadlines, and flexibility:

  1. Did you establish a schedule with milestones and deadlines for the vendor?
  2. Did they meet your milestones and deadlines?  If not, why was there a problem?
  3. Did the scope of the project – in terms of volume – change after the project started?  How did the vendor handle that? 
  4. Did the vendor need to add additional resources to your project to meet deadlines?  If not, should they have?
  5. If deadlines were missed, how much advance notice were you given?
  6. Did you change priorities that required adjustments to work flow during the project?  If so, how did the vendor handle that?  Were they able to accommodate changing needs?

Questions aimed at assessing overall performance

  1. Will you use this vendor again?
  2. Are there changes you would make to the way in which you work with this vendor?  Or changes you would request regarding their services?
  3. Are there project thresholds under which you wouldn’t use this vendor (for example, not for a collection above a certain size, or not for a rush project)?
  4. What do you believe is this vendor’s greatest strength?  Weakness?
  5. What is the one thing you would change about this vendor if you could?
  6. How would you rank this vendor against other vendors you have used?  Are they on your list of preferred vendors for future projects?  Under what circumstances might you choose another vendor over this vendor?

The list of questions we’ve compiled in the last several posts should be a good starting point for you!  Remember, though, that a good reference check session will be interactive.  Some of the answers you get will prompt additional questions.  Don’t be afraid to do some digging to uncover what you need to know.

Do you get good information when you check vendor references?  What questions do you ask?  Please share any comments you might have and let us know if you’d like to know more about an eDiscovery topic.

eDiscovery Trends: Thought Leader Interview with Jeffrey Brandt, Editor of Pinhawk Law Technology Daily Digest

 

As eDiscovery Daily has done in the past, we have periodically interviewed various thought leaders in eDiscovery and legal technology to provide insight as to trends in the industry for our readers to consider.  Recently, I was able to interview Jeffrey Brandt, Editor of the Pinhawk Law Technology Daily Digest and columnist for Legal IT Professionals.

With an educational background in computer science and mathematics from the University of Pittsburgh, Jeff has over twenty four years of experience in the field of legal automation working with various organizations in the United States, Canada, and the United Kingdom.  As a technology and management consultant to hundreds of law firms and corporate law departments he has worked on information management projects including: long range strategic planning, workflow management and reengineering, knowledge management, IT structure and personnel requirements and budgeting. Working as a CIO at several large law firms, Jeff has helped bring oversight, coordination and change management to initiatives including: knowledge management, library & research services, eDiscovery, records management, technology and more. Most recently, he served as the Chief Information and Knowledge Officer with an AMLaw 100 law firm based out of Washington, DC.

Jeff has also been asked to serve on numerous advisory councils and CIO advisory boards for key vendors in the legal space, advising them on issues of client service and future product direction.  He is a long time member (and former board member) of the International Legal Technology Association (ILTA) and has taught CLE classes on topics ranging from litigation support to ethics and technology.

What do you consider to be the current significant trends in eDiscovery in 2011 and beyond on which people in the industry are, or should be, focused?

I would say that the biggest two are the project management component and, for lack of a better term, automated or artificial intelligence.

The whole concept and the complexities of what it takes to manage a case today are more challenging than ever, including issues like the number of sources, the amount of data in the sources, the format in which you’re producing, where can the data go and who can see it.  I remember the days when people used to take a couple of bankers boxes, put them in their car and go home and work on the documents.  You simply cannot do that today – the amount of information today is just insane.

As for artificial intelligence, as was discussed in the (Pinhawk) digest recently, you’re seeing the emergence of predictive coding and using computers to cull through the massive amounts of information so that a human can take the final pass.  I think more and more we’re going to see people relying on those types of technologies – some because they embrace it, others because there is no other way to humanly do it.

I think if there’s any third trend it would probably be where do we go next to get the data?  In terms of social media, mining Facebook and Twitter and all the other various sources for additional data as part of the discovery process has become a challenge.

You recently became editor of the Pinhawk Law Technology Daily Digest.  Tell me about that and about your plans for the digest.

Well, I think there are several things going forward.  My role is to keep up the good work that Curt Meltzer, the founding editor, started and fill the “big shoes” that Curt left behind.  My goal is to expand the sources of information from which Pinhawk draws.  There are about 400 sources today and I think by the time my sources (and possibly a few others) are added in, there will be over 500.  We’ve also talked about going to our readership and asking them “what are your go-to and must read sources?” to include those sources as well.  We’ll also be looking to incorporate social media tools to hopefully make the experience much more comprehensive and easier to participate in for the Pinhawk digest reader.

And, what should we be looking for in your column in Legal IT Professionals?

Well, I like to dabble in multiple areas – in the small consulting practice that I have, I do a little bit of everything.  I’ve recently done some very interesting work in communities of practice, using social media tools, focusing them inward in law firms to provide the forum for lawyers to open up, share and mentor to others.  I like KM (Knowledge Management) and related topics and we had a recent post in Pinhawk talking about the future of the law firm.  To me, those types of discussions are fascinating.

You take the extremes and you’ve got the “law factory”, you take the high-end and you’ve got the “bet the farm” law firm.  How technology plays a role in whatever culture, whatever focus a law firm puts itself on is interesting.  And then you watch and see some of the rumblings and inklings of what can be done in places like Australia, where you have third-party investment of law firms and the United Kingdom, where they are about to get third-party investment.  There was a recent article about third-party ownership of law firms in North Carolina.  You look at examples like that and you say “is the model of partnership alive?”  When you get into “big law”, are they really partnerships?  Where are they in the spectrum of a thousand sole practitioners operating under one letterhead to a firm of a thousand lawyers?  That’s where I think that communities of practice and social media tools are going to help lawyers know more about their own partners and own firms. 

It’s sad that in some firms the lawyers on the north side of the building don’t even know the lawyers on the south side of the building, let alone the people on the eighth floor vs. the tenth floor.  It’s a changing landscape.  When I got into legal and was first a CIO at Porter, Wright, Morris & Arthur, 250 lawyers in Columbus, Ohio was the 83rd largest law firm in the US – an AMLAW 100 firm.  Today, does that size a firm even make it into the AMLAW 250?

In my column at Legal IT Professionals, you’ll see more about KM and change management.  Another part of my practice is mentoring IT executives in how to deal with business problems related to the business of law and I think that might be my next post – free advice to the aspiring CIO.

This might sound odd coming from a technologist, but…it’s not really about the technology.  From a broad standpoint, you can be successful with most software tools.  A law firm isn’t going to be made or broken whether it chose OpenText or iManage as a document management tool or chose a specific litigation support tool.  It is more about the people, the education and the process than it is the actual tool.  Yes, there are some horrible tools that you should avoid, but, all things being equal, it’s really more the other pieces of the equation that determine your success.

Thanks, Jeff, for participating in the interview!

And to the readers, as always, please share any comments you might have or if you’d like to know more about a particular topic!

Working Successfully with eDiscovery and Litigation Support Service Providers: Questions to Ask when Checking References, Part 2

 

Yesterday, we started a list of questions to ask when you are doing a reference check.  That list included general project questions, questions about communicating with the vendor, and questions about costs. Here are some questions aimed at uncovering information on the quality of the vendor’s work:

  1. Were you satisfied with the quality of the vendor’s work and did it meet your expectations?
  2. Were you involved in initial project training of the vendor’s staff?  Do you recommend that with this vendor?
  3. Did you do quality control checks of the vendor’s work?  How did you check the work?  How much of the work did you check?
  4. Did you spend time checking work at the vendor’s facility?  Do you recommend that with this vendor?
  5. Did you provide feedback to the vendor on quality?  How was that received?  Did the vendor incorporate your feedback and did the work quality improve?
  6. If there were quality problems, were they dealt with quickly?  Was it necessary to escalate problems above the project manager to get them resolved?
  7. Do you know what quality control procedures the vendor used?  How much work did they check?  What quality control was done manually?  What automated checks were done?
  8. Do you know if the vendor needed to do rework?  Was rework precipitated by issues you brought to their attention?  Did you have to ask the vendor to do any work over?
  9. If you had the technology tools and resources to do this work yourself, do you think you could have done a better job?  If so, in what way?
  10. Do you feel that the vendor had a good grasp on your requirements and the experience to do the work efficiently?
  11. Did the project manager have the right background and experience to handle your project?

In the next issue, we’ll continue this list with questions aimed at getting a handle on a vendor’s ability to meet schedule requirements and some closing questions aimed at assessing overall performance.

Do you get good information when you check vendor references?  What questions do you ask?  Please share any comments you might have and let us know if you’d like to know more about an eDiscovery topic.

In observance of Good Friday, eDiscovery Daily will not publish a new post tomorrow.  See you Monday!