Close
Enter your
text here

eDiscoveryDaily

eDiscovery Trends: CGOC Information Governance Benchmark Report

Last month, at the EDRM Mid-Year Meetings, the Information Management Reference Model (IMRM) team within EDRM presented a status report for their project (as all of the project teams do during these meetings).  As a part of that presentation, the team presented findings from the first survey conducted by the Compliance, Governance and Oversight Council (CGOC) in collaboration with the IMRM of legal, records management (RIM) and IT practitioners in Global 1000 companies.  You can request a copy of the report here.

According to the CGOC report, there was an even distribution of respondents between legal, RIM and IT.  Just a few of the very interesting findings include:

    • Ineffective Disposal of Data: 75% of respondents identified the inability to defensibly dispose of data as the greatest challenge, leaving “massive” amounts of legacy data,
  • “People Glue” Compliance Processes: 70% of respondents depend on “liaisons and people glue” to support discovery and regulatory obligations within information management (as opposed to reliable and repeatable systems and processes),
  • Disconnect Between Legal, RIM and IT: There are big gaps between retention schedule development, legal hold communication, and information management.  Some key stats:
    • 77% said their retention schedules were not actionable as is or could only be applied to paper,
    • 75% of schedules included only regulatory record keeping requirements or long-range business information,
    • 66% did not describe legal holds by the records associated with them, and
    • 50% of IT departments never used the retention schedule when disposing of data.
  • Who’s In Charge?: Legal and RIM identified RIM as the organization responsible for “information management and disposal” whereas IT considered themselves responsible for this function.

These are just a handful of findings in this report, which clearly shows that most large organizations still feel that there is still much work to be done to achieve an effective information governance program.  The CGOC (and IMRM) have done a terrific job at compiling a comprehensive and informative report that illustrates the current state of affairs of information management in the corporate world.  Request your copy of the report to learn more!

So, what do you think?  How is your organization managing information governance?  Is it facing similar issues? Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Project Management: Review the Work

Yesterday, we talked about resolving questions quickly and keeping team members informed about changes to procedures to minimize the chance for significant rework.  However, even with the best staff, mistakes happen — especially on projects that require a team of people.  There are two general types of errors you can expect:

  • Errors that are made because someone doesn’t properly understand the task.  They have misunderstood the procedures or misinterpreted a subjective component of the work.
  • Errors that are made simply because it is inevitable.  People have bad days.  They get tired.  Knowing how to do something doesn’t mean you will do it right every time.

The first type of error is easy to identify and fix.  Check initial work quickly and give immediate feedback.  I always distribute small batches of initial work at the beginning of a task – work that an individual can finish quickly.  Then I have that first initial batch for each person checked thoroughly and right away.  Misinterpretations of the procedures or the criteria are evident and can be dealt with right away, before a lot of work has been done.

Catching the second type of error is a little more difficult unless your schedule and budget permit you to check 100% of the work.  With a good staff, that’s probably overkill.  But, it’s important that work is spot-checked throughout the life of a project, and that an intelligent approach is used to isolate problems.  For example, if you find a few careless errors made by a staff member, see if you can isolate all of the work that person did on that day and check it completely.  Or perhaps you’ll identify a particular type of document or situation that caused problems, and you can take steps to isolate just those documents or situations.  Very often you can apply a systematic approach to finding and fixing errors.

What do you think?  Have you worked on projects where quality control reviews were absent or inadequate and work quality suffered?  Please share your comments or let us know if you would like more information on a topic.

eDiscovery Project Management: Resolve Questions Quickly
 

Even with the best procedures and thorough training, people who are new to a task will likely have questions.   Nuances in a document collection and unexpected situations will surface that don’t fit into your rules.  It is very important that questions are resolved quickly.  Most document work is repetitive.  Many questions, therefore, will apply to more than one document.  If a question is not resolved quickly, there is a good chance that many documents will be affected, and you may face significant rework.   This is especially the case in projects that are being handled by a team of people – for example, a document review project.  So, handle exceptions and questions as they come up and expand and modify the rules to accommodate what you are finding in practice in the document collection.

Depending on the type of project you are managing, you may need to be prepared to answer two types of questions:

  • Questions about the mechanics of the task.  These types of questions are usually best handled by project managers and supervisors.
  • Questions about the substance of the task.  For example, in a document review project there are likely to be questions about the relevance of topics discussed in the documents.  These types of questions are usually best handled by an attorney who is familiar with the case and with the documents.

Make sure that you have the right people on hand to make decisions and answer questions.  If those people can’t be on the project site, make sure they are easily reached and readily available.

And, have a process in place for disseminating updated procedures and criteria to a team doing the work.  If one member of a team has a question, chances are other team members will encounter similar documents and have the same question.   You need to get information quickly into the hands of those doing the work.

What do you think?  Have you worked on projects that required rework because decision makers weren’t available?  Please share your comments or let us know if you’d like more information on a topic.

eDiscovery Searching: Types of Exception Files

Friday, we talked about how to address the handling of exception files through agreement with opposing counsel (typically, via the meet and confer) to manage costs and avoid the potential for spoliation claims.  There are different types of exception files that might be encountered in a typical ESI collection and it’s important to know how those files can be recovered.

Types of Exception Files

It’s important to note that efforts to “fix” these files will often also change the files (and the metadata associated with them), so it’s important to establish with opposing counsel what measures to address the exceptions are acceptable.  Some files may not be recoverable and you need to agree up front how far to go to attempt to recover them.

  • Corrupted Files: Files can become corrupted for a variety of reasons, from application failures to system crashes to computer viruses.  I recently had a case where 40% of the collection was contained in 2 corrupt Outlook PST files – fortunately, we were able to repair those files and recover the messages.  If you have readily accessible backups of the files, try to restore them from backup.  If not, you will need to try using a repair utility.  Outlook comes with a utility called SCANPST.EXE that scans and repairs PST and OST files, and there are utilities (including freeware utilities) available via the web for most file types.  If all else fails, you can hire a data recovery expert, but that can get very expensive.
  • Password Protected Files: Most collections usually contain at least some password protected files.  Files can require a password to enable them to be edited, or even just to view them.  As the most popular publication format, PDF files are often password protected from editing, but they can still be viewed to support review (though some search engines may fail to index them).  If a file is password protected, you can try to obtain the password from the custodian providing the file – if the custodian is unavailable or unable to remember the password, you can try a password cracking application, which will run through a series of character combinations to attempt to find the password.  Be patient, it takes time, and doesn’t always succeed.
  • Unsupported File Types: In most collections, there are some unusual file types that aren’t supported by the review application, such as files for legacy or specialized applications (e.g., AutoCad for engineering drawings).  You may not even initially know what type of files they are; if not, you can find out based on file extension by looking the file extension up in FILExt.  If your review application can’t read the files, it also can’t index the files for searching or display them for review.  If those files may be responsive to discovery requests, review them with the native application to determine their relevancy.
  • No-Text Files: Files with no searchable text aren’t really exceptions – they have to be accounted for, but they won’t be retrieved in searches, so it’s important to make sure they don’t “slip through the cracks”.  It’s common to perform Optical Character Recognition (OCR) on TIFF files and image-only PDF files, because they are common document formats.  Other types of no-text files, such as pictures in JPEG or PNG format, are usually not OCRed, unless there is an expectation that they will have significant text.

It’s important for review applications to be able to identify exception files, so that you know they won’t be retrieved in searches without additional processing.  FirstPass™, powered by Venio FPR™, is one example of an application that will flag those files during processing and enable you to search for those exceptions, so you can determine how to handle them.

So, what do you think?  Have you encountered other types of exceptions?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Searching: Exceptions are the Rule
 

Virtually every collection of electronically stored information (ESI) has at least some files that cannot be effectively searched.  Corrupt files, password protected files and other types of exception files are frequent components of your ESI collection and it can become very expensive to make these files searchable or reviewable.  Being without an effective plan for addressing these files could lead to problems – even spoliation claims – in your case.

How to Address Exception Files

The best way to develop a plan for addressing these files that is reasonable and cost-effective is to come to agreement with opposing counsel on how to handle them.  The prime opportunity to obtain this agreement is during the meet and confer with opposing counsel.  The meet and confer gives you the opportunity to agree on how to address the following:

  • Efforts Required to Make Unusable Files Usable: Corrupted and password protected files may be fairly easily addressed in some cases, whereas in others, it takes extreme (i.e., costly) efforts to fix those files (if they can be fixed at all).  Up-front agreement with the opposition helps you determine how far to go in your recovery efforts to keep those recovery costs manageable.
  • Exception Reporting: Because there will usually be some files for which recovery is unsuccessful (or not attempted, if agreed upon with the opposition), you need to agree on how those files will be reported, so that they are accounted for in the production.  The information on exception reports will vary depending on agreed upon format between parties, but should typically include: file name and path, source custodian and reason for the exception (e.g., the file was corrupt).

If your case is in a jurisdiction where a meet and confer is not required (such as state cases where the state has no rules for eDiscovery), it is still best to reach out to opposing counsel to agree on the handling of exception files to control costs for addressing those files and avoid potential spoliation claims.

On Monday, we will talk about the types of exception files and the options for addressing them.  Oh, the suspense!  Hang in there!

So, what do you think?  Have you been involved in any cases where the handling of exception files was disputed?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Project Management: Train the Team — Agenda
 

Training for a task should be thorough and aimed at teaching the team what they need to know to do the work correctly and efficiently.  It should cover project overview information, procedures for doing the work, and sample work.  Here’s a sample training agenda for a document review project that you can use as a guide:

Case Background Information

  • A description of the parties
  • A description of the events that led to the case
  • A description of the allegations and defenses
  • An overview of the expected case schedule

Project Overview

  • A description of the goals of the document review project
  • A description of the process
  • An overview of the expected project schedule

Responsive Criteria

  • Go through the criteria – point by point – to ensure the group understands what is responsive and what is privileged
  • Provide samples of documents that are responsive and documents that are not responsive

Mechanics

  • Describe the roles of individuals on the team (reviewers, quality control staff, supervisors, project managers, etc.)
  • Review the procedures for the review
  • Train the team how to use the online review tool

Samples

  • Have the team do some sample work and turn it in
  • Review the sample work and go over it as a group

The first items on the agenda  — case background and project overview information — are very important.  While they don’t directly cover the mechanics of the work the team will be doing, these topics are significant for motivating the team.   The team will “invest” more in the project if they understand the big picture and how the work they are doing fits in.  In fact, it’s always a good idea to have a senior litigation team member participate in the overview portion of the training.  This further emphasizes the importance of the work the team will be doing.

What do you think?  Have you seen the difference good training can make on a project? Do you have useful training tips to offer?  Please share your comments or let us know if you’d like more information on a topic.

eDiscovery Project Management: Train the Team — Preparation
 

As critical as procedures are, they aren’t enough.  People need to be trained in applying those procedures.  Training the staff will get your project off to a good start.

Training is especially important for tasks that require a team of people to do the work – for example, a document review project.  When a team is doing the work, train them together as a group if that’s possible.  That way, different interpretations of the rules will likely surface and team members will benefit from the questions of others.

Training should cover project overview information and a review and explanation of the procedures for doing the work.  If there’s a subjective component to the work, review the subject matter outline or criteria.  Have the team do sample work, review it right away, and go over it as a group.

Let me give you a more detailed training plan and outline, using training for a document review project as an example.

Prepare a Project Manual

As a starting point, prepare a manual for each team member.  Include this information in the manual:

  • Case Documents, such as the complaint and request for production;
  • The Document Review Criteria, which provides guidelines for determining responsiveness and privilege;
  • A List of Custodians with information about each such as his/her position in the organization, a description of his/her role in the events that are at issue, and the types of documents you expect will be found in the custodian’s files;
  • Lists of Keywords, Key Characters, Key Events and Key Dates;
  • The Review Procedures;
  • The Review Schedule;
  • Instructions for Resolving Questions;
  • Instructions for Use of the Review Tool.

You’ll use this manual as the basis for the training, and in addition it will be a useful resource for each team member throughout the project.

Tomorrow I’ll give you a sample training agenda that you can use as a guide for your own training sessions.

What do you think?  Have you seen the difference good training can make on a project? Do you have useful training tips to offer?  Please share your comments or let us know if you’d like more information on a topic.

eDiscovery Case Law: Discovery Compelled for Social Media Content

Discoverability of social-media usage continues to be a hot topic for eDiscovery.  Information for litigants’ LinkedIn, Facebook, Twitter and MySpace accounts can be the “smoking gun” for litigators looking to pursue or defend a claim.

In McMillen v. Hummingbird Speedway, Inc., No. 113-2010 CD (C.P. Jefferson, Sept. 9, 2010), defendant Hummingbird Speedway, Inc. sought to compel discovery of the plaintiff’s social network account log-in names, and passwords.  A copy of the opinion granting that Motion to Compel is available here.

The plaintiff was allegedly injured during a stock car race in the summer of 2007.  During the litigation that followed, defendant Hummingbird Speedway, Inc. requested production of plaintiff’s user names, log-in names, and passwords for any social network accounts – to which the plaintiff objected, arguing that the information was confidential.  Based on information in the public sections of the plaintiff’s social network accounts, the defendant filed a Motion to Compel.

In his opposition to the motion, the plaintiff argued that communications with friends via social media sites were private and protected from disclosure. The court disagreed, indicating that the plaintiff was essentially asking the court to recognize an evidentiary privilege for such communications, but that there is no “social media privilege” recognized by Pennsylvania’s court or legislature.

The court also noted that those communications were not privileged based on “Wigmore’s test for privilege”, which requires the plaintiff to establish four factors:

  • “His communications originated in the confidence that they would not be disclosed”;
  • “The element of confidentiality is essential to fully and satisfactorily maintain the relationship between the affected parties”;
  • “Community agreement that the relationship must be sedulously fostered”; and
  • “The injury potentially sustained to the relationship because of the disclosure of the communication outweighs the benefit of correctly disposing of litigation”.

Because the plaintiff failed to establish these factors, the court ultimately ruled that “Where there is an indication that a person’s social network sites contain information relevant to the prosecution or defense of a lawsuit…and the law’s general dispreference for the allowance of privileges, access to those sites should be freely granted”.

So, what do you think?  There have been other cases where the discoverability of social media was called into question – have you experienced any?  Please share any comments you might have or if you’d like to know more about a particular topic.

P.S. – For those (like me) who didn’t know what the word “sedulously” meant, I’ve provided a link to the definition above… 🙂

eDiscovery Case Law: Adverse Interference Sanction for Lost Text Messages

As the sources of electronic files continue to become more diverse, case law associated with those different sources has become more commonplace.  One ruling in a case last month resulted in an adverse instruction against the US Government for failing to preserve text messages.

In United States v. Suarez, (D.N.J. Oct. 21, 2010), United States District Judge Jose L. Linares considered adverse inference sanctions related to the Government’s failure to preserve text messages.  In this case, the F.B.I. should have retained text messages between a cooperating witness and F.B.I. agents because it was reasonably foreseeable that the text messages would be discoverable by defendants in later criminal proceedings. However, given the lack of evidence of Government bad faith in failing to impose a litigation hold on the text messages until seven months after its investigation ended, the court imposed the “least harsh” spoliation adverse inference instruction that would allow but not require the jury to infer that missing text messages were favorable to defendants.

A cooperating witness posed as a developer and, as instructed by Federal Bureau of Investigation agents, offered payments to local public officials in exchange for expediting his projects and other assistance. During the F.B.I. investigation, the witness exchanged Short Message Service electronic communications (text messages) with F.B.I. agents. In later criminal proceedings, the government notified the court that it had incorrectly stated that no text messages were missing. The court held a hearing at which F.B.I. agents and information technology specialists described F.B.I. procedures to preserve and retrieve data generated by handheld devices. Despite an F.B.I. Corporate Policy Directive on data retention and litigation hold policies, no litigation hold was in place when the cooperating witness was “texting” with agents.

In a “not-for-publication” decision, the court pointed out that the Government’s obligation under Fed. R. Crim. P. 16 to disclose information was more limited than its obligation under civil discovery rules. However, the text messages with the witness were “statements” under the Jencks Act that should have been preserved by the Government. The F.B.I. was “well-equipped” to preserve documents, and the U.S. Attorney “was aware of the importance of preserving documents relevant to the litigation and could have requested a litigation hold on the text messages from the inception of the investigation.” The request for a litigation hold was not made until seven months after the investigation ended and three months after the F.B.I. began searching its servers for missing text messages.

In determining sanctions, the court considered precedents in the civil cases of MOSAID Techs. Inc. v. Samsung Elecs. Co., 348 F. Supp. 2d 332 (D.N.J. 2004), and Pension Comm. of the Univ. of Montreal Pension Plan v. Banc of Am. Sec., LLC, 685 F. Supp. 2d 456 (S.D.N.Y. 2010). The court concluded there was “little evidence” of Government bad faith leading to loss of the text messages. On the other hand, evidence indicated the defense was prejudiced by the loss of text messages with the cooperating witness, whose credibility was “of paramount importance.” The court thus denied defendants’ request for the “relatively severe” sanction of suppression of the witness’s testimony and all tape recordings in which he was a party. However, an adverse inference instruction was appropriate under MOSAID criteria. The text messages had been within the Government’s control and were intentionally deleted by F.B.I. agents, and the U.S. Attorneys’ Office failed to take steps to preserve the messages. The messages were relevant to claims or defenses, and it was reasonably foreseeable by the Government that the messages would later be discoverable. The court concluded that the “least harsh” spoliation adverse inference jury instruction described in Pension Committee would be issued because Government bad faith had not been shown. Such an instruction would allow but not require the jury to infer that missing text messages were favorable to defendants.

So, what do you think?  Have you encountered a case where preservation of text messages was a critical component?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case Summary Source: Applied Discovery (free subscription required).  For eDiscovery news and best practices, check out the Applied Discovery Blog here.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

SaaS and eDiscovery: Load Your Own Data

Software as a Service (SaaS) applications hosted “in the cloud” are continuing to become more popular.  A new IDC study forecasts the SaaS market to reach $40.5 billion by 2014, an annual growth rate of 25.3%.  Also by 2014, about 34% of all new business software purchases will be via SaaS applications, according to IDC.

If you haven’t used a SaaS application, you haven’t used the Internet.  Amazon, Facebook, Twitter, eBay and YouTube are all examples of SaaS applications.  Ever shared a document via Google Docs with a colleague or business partner?  Use SalesForce.com for Customer Relationship Management (CRM)?  These are SaaS applications too.

Like any software application, SaaS applications are driven by data.  Many enable you to upload your own data to use and share via the Web.  Facebook and YouTube enable you to upload and share pictures and videos, Google Docs is designed for sharing and maintaining business documents, and even SalesForce.com allows you to upload contacts via a comma-separated values (CSV) file.

eDiscovery SaaS Applications

SaaS applications have also become increasingly popular in eDiscovery (especially for review and production of ESI) with several eDiscovery SaaS applications available that provide benefits including: no software to install, intuitive browser-based interfaces and ability to share the collection with your client, experts, and co-counsel without distributing anything more than a login.

However, most eDiscovery SaaS applications do not enable the user to upload their own data.  Or, if they do, it can be costly.

One exception is OnDemand™, which has now rolled out the new SelfLoader™ module in beta to enable clients to load their own data.  With SelfLoader, clients can load their own images, OCR text files, native files and metadata to an existing OnDemand database using an industry-standard load file (IPRO’s .lfp or Concordance’s .opt) format.

The best part?  You can load your data for free.  With SelfLoader, OnDemand provides full control to load your own data, add your own users and control their access rights.

Is this a start of a trend in eDiscovery?  Will more eDiscovery SaaS providers provide self-loading capabilities?  What do you think?  Please share any comments you might have or if you’d like to know more about a particular topic.