Close
Enter your
text here

eDiscovery

Custodian Interviews: Critical to Defensible eDiscovery in the Age of Modern Communications

By Rick Clark, VP of Strategic Partnerships and Marketing at CloudNine, and Melissa Weberman, Counsel and Head of eData at Arnold & Porter

In today’s evolving corporate data landscape, custodian interviews—early interviews of key employees who hold relevant electronically stored information (ESI) —remain a cornerstone for defensible discovery. Even with today’s advanced analytics and AI tools, a thorough custodian interview can provide a major advantage in saving costs and managing discovery risks. As the volume and variety of corporate communication methods evolve—ranging from traditional email to short-messaging apps like Slack, Microsoft Teams, WhatsApp, and Signal—attorneys should consider sharpening their custodian interview techniques to identify and preserve relevant ESI. The stakes are high: poor interview and collection strategies can result in spoliation, sanctions, and reputational damage.

Start With a Clear Purpose

Custodian interviews serve multiple critical purposes in litigation, including:

  • Identify where relevant data lives, including on personal devices or unofficial “shadow IT” apps—i.e., any tool employees use for work without the company’s formal IT approval or retention controls (e.g., personal Dropbox, WhatsApp, or a private Slack workspace). This ensures no major source of evidence is overlooked early on.
  • Help preserve data and avoid spoliation, because by learning what data exists and where, counsel can promptly preserve it (for example, by issuing legal holds or suspending auto-deletion on systems). Failure to identify a source through interviews could result in data loss. For example, if a custodian uses an ephemeral messaging app, interviewing them quickly allows you to halt any auto-delete settings before relevant messages disappear.
  • Scope and focus the discovery effort, as a well-run interview arms you with information to negotiate a reasonable scope of discovery with the opposing side. You can learn which data is truly important—and what can be safely excluded—making discovery more proportional to the needs of the case. This can reduce unnecessary review of irrelevant data, saving time and money.
  • Uncover key facts and terminology, because speaking to custodians often reveals context that is not obvious from documents alone. They can explain project code names, acronyms, or unique jargon that they use, and critical date ranges and players. Knowing these details guides you in formulating better search terms or using analytics (e.g., recognizing a code word in emails that filters irrelevant documents). In turn, this improves the efficiency of downstream review and helps you spot important evidence faster.
  • Demonstrate a defensible process, as courts expect counsel to make a good-faith, thorough effort to find relevant ESI. By conducting and documenting these interviews, you can later show the court (or opposing counsel) that you took reasonable steps to identify and preserve all relevant information. This record becomes vital if there are ever challenges to your discovery process or accusations of missing data.

Being intentional can ensure the interview is productive and minimizes missed evidence. Before the interview, review the custodian’s role, potential data sources, and communication tools. Consider preparing a case-specific checklist or interview template—do not rely on a static form—to ensure you are properly prepared for the specific nature of the case and the client’s business processes.

 

Customize Based on Your Role

Successful custodian interviews and defensible collections require strong collaboration among in-house counsel, outside counsel, and service providers. In-house counsel aligns the interview process with the company’s internal policies, reassures employees, and facilitates access to systems. Outside counsel, meanwhile, brings an external perspective that shapes strategy, ensuring that questions are thorough and appropriately scoped, and keeping the process defensible. Service providers deliver the technology for efficient and secure data collection, processing, and hosting for review. They offer tools for real-time collection, develop secure workflows for managing diverse data sources, and generate detailed documentation that may prove critical if collection practices are later challenged in litigation. When all three groups—internal legal teams, external attorneys, and technology partners—work together seamlessly, the result is a defensible, efficient, and transparent discovery process that stands up to scrutiny and reduces risk.

 

Build Trust with the Custodian

Custodians are more likely to share relevant information if they understand that interviews are standard procedure and not indicative of wrongdoing (but it is important they understand that the interviewer represents the company, not the individual custodian). Establish rapport by:

  • Clearly explaining the purpose of the interview.
  • Reassuring them that the process is routine—not an accusation.
  • Emphasizing that the custodian’s cooperation protects the company and themselves.
  • Collaborating with in-house counsel to act as a bridge and underscore legitimacy.

Gaining custodian buy-in can increase cooperation and the quality of disclosures. Further, building trust early can pay dividends later when collections need to be supplemented or deposition preparation begins.

 

Modern Communications: Ask the Right Questions

Today’s employees communicate through a mix of chat apps, collaboration tools, mobile devices, and cloud platforms. Consider asking specifically about:

  • Chat applications (e.g., SMS, Slack, Teams, or WhatsApp) and whether relevant. messages sit in private channels or DMs.
  • Collaboration hubs (e.g., Confluence, SharePoint, or Google Drive).
  • Personal devices or accounts used for work.
  • Any unsanctioned “side” apps or cloud storage.

Be prepared for reluctance or lack of awareness or recollection. Use visuals or demos to jog memories.

 

Coordinate With IT and Records Personnel

It is often useful to speak with IT personnel who understand the company’s systems. They can provide a high-level view of standard data sources, retention policies, and system locations. However, always verify those details with the custodian’s actual practice. For example, IT might report that “all email is on the server, none is stored locally,” but an interview reveals the employee saved archives on a local drive contrary to policy. Similarly, a policy might say employees should not use USB drives or personal devices, yet a custodian may admit they routinely did so. Use the IT interview as a starting point, then confirm details with each custodian to help avoid blind spots.

 

Leverage Real-Time Collection and Screen Sharing

Where appropriate, use technology that enables real-time review and preservation of data. Screen sharing or live data exports during the interview can:

  • Validate custodian responses in real time.
  • Capture volatile or short-lived communications before they expire.
  • Prevent spoliation by reducing the lag between identification and preservation.

Tools that allow screen sharing, cloud sync capture, or mobile device previewing are particularly effective.

 

Document the Interview Meticulously

Consider taking the following contemporaneous notes:

  • Custodian identifiers and role: Record the custodian’s full name, title/department, and location, along with a brief description of his role in the matter. This provides context for his data and helps show you identified relevant custodians in good faith.
  • Interview logistics: Note the date of the interview, method (in-person/remote), and who conducted it. Consistency here supports defensibility, showing interviews were done timely (typically soon after the legal hold) and by appropriate personnel.
  • Legal hold notice: Document that the custodian confirmed receiving the litigation hold notice and acknowledged his preservation obligations.
  • Data sources identified: List every source of potentially relevant information the custodian uses, including:
    • Devices: Work and personal devices (computers, phones, tablets, external drives).
    • Email accounts: Work email (Exchange/Office 365, etc.) and any personal or secondary accounts used for work.
    • Network locations: Shared drives, department file servers, databases, and cloud repositories (SharePoint, Google Drive, etc.).
    • Business applications: Relevant enterprise systems (CRM, HR systems, finance databases) that the custodian accesses.
  • Communications and collaboration channels: Document chat or messaging apps (Microsoft Teams, Slack, WhatsApp, SMS/iMessage, etc.), social media or direct messages if used for business, and any ephemeral messaging platforms. Note if relevant content exists and how it’s preserved. If the custodian uses apps with auto-delete or self-destruct features (e.g. Snapchat, Confide, Wickr), record this and any preservation steps taken (such as disabling auto-delete or instructing the person to save screenshots).
  • Retention policies and auto-delete settings: Capture any information about data retention or deletion that could affect the custodian’s ESI. For example, ask if the custodian’s emails auto-delete after 90 days, if chat histories are retained, or if device data is routinely wiped. Document what you learn and any preservation steps taken. If the custodian had been manually deleting relevant data, note that and instruct (and document) that such deletions cease.
  • Custodian’s actions: Document any actions the custodian has already taken regarding his data, and record if he mentions any data loss or issues.
  • Follow-up steps and outstanding items: At the end of the interview, list any follow-up actions needed and track them. This might include scheduling a forensic collection of the custodian’s device, reaching out to IT about a newly identified server, or interviewing an additional person the custodian identified. Clearly document what will be done, by whom, and when. Maintaining this as part of the interview record ensures nothing falls through the cracks and evidences a continuing, diligent effort.
  • Additional custodians or data sources named: A good interview often identifies other people or systems that might have relevant data. Document any new custodians, departments, or repositories the interviewee mentions. This guides your next steps and creates a record that you are expanding the preservation scope appropriately.

By following the above checklist, legal teams can create a defensible paper trail of their custodian interviews. In the event of a discovery dispute or motion, your team’s diligent documentation—complete with who, what, when, and how you addressed custodian data—can serve as strong evidence of your good faith and compliance with eDiscovery obligations. This not only helps in court but also keeps internal eDiscovery projects on track by tracking what has been done and what remains outstanding at each stage.

 

Best Practices Recap

  • Start early.
  • Use a standardized interview form but tailor questions case-by-case.
  • Keep the tone transparent and cooperative.
  • Involve IT and cross-check what policies say versus real-world practice.
  • Document interviews, tools used, and preservation efforts meticulously.

 

Custodian interviews are more than an information-gathering step—they are a strategic moment to protect your client and ensure discovery obligations are met. By combining interview best practices with modern collection technology, legal teams can build a defensible foundation for any case.

Discovering Mobile Device Data: What to Expect from Your eDiscovery Solution

Discovery of data from mobile devices used to be occasional. Parties in litigation often agreed up front NOT to pursue data from mobile devices because it was so difficult and burdensome to do so. Collecting from the devices was challenging and time-consuming, as was the inconvenience to custodians who balked at giving up their mobile device for even a few hours!

In at least one case, formalizing the agreement not to pursue text messages (and other data) as an ESI stipulation came back to haunt the plaintiff when they realized the importance of those text messages and filed a motion to compel – only to have the Court deny the motion because of the stipulation to which the party had agreed. Ouch!

Today, the importance of data from mobile devices has grown to the point that they are routinely a source of discoverable data in all types of cases. The vast majority of Americans – 98% – now own a cellphone of some kind and over nine-in-ten (91%) own a smartphone. Mobile devices are just as ubiquitous at work – in a recent survey, 80% of IT executives said employees cannot do their jobs effectively without a mobile device.

That level of importance has extended to discovery of data from mobile devices, with the potential of severe sanctions for failing to preserve that data for discovery. In this case, a party received two adverse inference instruction sanctions (as well as being ordered to pay the claimants’ costs and attorneys’ fees for the sanctions motion) for failing to preserve data from five out of thirteen custodian mobile devices; while in this case, intentional deletion of text messages resulted in terminating sanctions against the plaintiff!

Mobile Device Data and Your eDiscovery Solution

The rise of importance of mobile device data (such as text messages and other short message formats) in discovery has made it critical for your eDiscovery solution to support the collection, ingestion, processing, analysis, review and production of those messages efficiently and effectively. Here’s what to look for:

Collection, Ingestion and Processing

Today, forensic and eDiscovery professionals are using a variety of tools to collect data from mobile devices. Here are three prominent providers specializing in mobile device data discovery today:

  • Oxygen Forensics: Oxygen Forensics offers Oxygen Forensic® Detective, an all-in-one digital forensic solution capable of extracting, decoding, and analyzing data from various devices, including mobile phones, computers, and cloud services. Note: Oxygen Forensics is a partner of CloudNine.
  • Cellebrite: Cellebrite is renowned for its Universal Forensic Extraction Device (UFED), a suite of tools designed for extracting and analyzing data from mobile devices. UFED supports a wide range of devices, including smartphones, drones, SIM cards, and GPS units, facilitating comprehensive data collection for forensic investigations.
  • ModeOne: ModeOne specializes in remote, targeted mobile data collection through its patented Software-as-a-Service (SaaS) framework. This solution allows for same-day collection of relevant data from smartphones without the need for physical device access or on-site personnel.

Given the popularity of all three solutions for mobile device data collection, Your eDiscovery solution must support the ability to ingest load-ready data from each of these formats efficiently and effectively.

Analysis and Review

Processing and ingesting the data from any of the three solutions above is one thing, but how that data is managed within your eDiscovery solution is just as critical. Because many eDiscovery solutions were built to support document-oriented data like emails and office files, they tend to force text and other short message formats into that same document paradigm, with little if any regard to where conversations begin and end. Doing so makes the data less useful for analysis and review.

Text and chat messages aren’t document oriented – they’re conversation oriented. Your eDiscovery solution must support the ability to analyze and review these messages in context with the rest of the conversation to determine their relevance to the case. The “rest of the conversation” could be in other text messages, email, Slack or any other communication format. And it could include images, audio, video, emojis or even geolocation data. The ability to efficiently and comprehensively analyze conversations is a must have for your eDiscovery solution today.

Production

While you may want to analyze and review the messages in a conversation format, that doesn’t mean you necessarily want to produce them that way. Most parties in litigation are still accustomed to a document format for production, so there’s no reason to “rock the boat” on those standards (at least yet). Your eDiscovery solution should support the ability to export text and other short message data into document formats for production.

Conclusion

CloudNine Review “checks all the boxes” for collection, ingestion, processing, analysis, review and production of text and other short message formats: ingestion support of all three major mobile device discovery solutions, conversation-oriented analysis and review, and production in industry-standard formats. Mobile device data is too important to your cases today to expect anything less from your eDiscovery solution.

Are you ready to take control of eDiscovery costs? Let’s talk about how CloudNine can help you save money while optimizing efficiency: Contact Us today.

ediscovery daily logo

CloudNine and eDiscovery Today Partner to Bring Fresh Education to Legal Tech Pros

We’re excited to share some big news: CloudNine is teaming up with Doug Austin and his industry-leading blog, eDiscovery Today, to launch a new educational partnership aimed at empowering legal and eDiscovery professionals.

If you’ve been in the eDiscovery world for any length of time, chances are you’ve read Doug’s work. eDiscovery Today is the only daily blog covering the latest in electronic discovery, information governance, cybersecurity, data privacy, and AI. It’s a trusted go-to for legal tech pros looking to stay sharp—and now, it’s joining forces with CloudNine to take things to the next level.

A Partnership Rooted in Innovation and Experience

“I can’t think of a better time to partner with Doug Austin again, as CloudNine’s innovation in the eDiscovery market is at an all-time high,” said Rick Clark, CloudNine’s VP of Strategic Partnerships and Marketing. “With advancements in modern data analysis, artificial intelligence, and on-premise data processing, we’re excited about what’s ahead. Doug not only educates the industry but is also one of the most respected content creators in the space.”

Doug is equally thrilled to reunite with CloudNine—where his daily blogging career first began. “Working with the CloudNine team again feels like coming home,” he shared. “I’m excited to continue the tradition of educating the legal industry on leveraging eDiscovery technology and best practices to solve ever-evolving challenges.”

What to Expect

This partnership means you’ll start seeing even more content—blogs, webinars, thought leadership, and more—that focuses on practical, modern solutions for handling everything from legacy email archives to today’s fast-growing universe of collaboration and chat data. Whether you’re an eDiscovery pro or just getting started, there will be something for everyone.

About eDiscovery Today

eDiscovery Today, authored by Doug Austin, is the only daily blog serving the eDiscovery and legal tech community with updates on trends, best practices, and case law. Doug has over 30 years of experience in legal tech and has published new content every business day for nearly 15 years.

Exploring the Future of Legal Innovation at The Masters Conference: Thought Leadership in D.C. and Social Media in Discovery and Investigations

On Thursday, April 10, 2025, legal and technology professionals gathered at Arnold & Porter in Washington, D.C. for an inspiring day of discussion, collaboration, and community during The Masters Conference Thought Leadership event. Hosted at Arnold & Porter’s offices at 601 Massachusetts Ave NW, this full-day conference promised a deep dive into the latest challenges and advancements in eDiscovery, legal tech, investigations, and career development.

The conference featured a wide range of insightful sessions—covering topics from artificial intelligence, custodian interviews with modern data challenges, case law updates, and social media collection and analysis. For this blog, I’m focusing on the session that explored the power and process of social media collection and analysis, which stood out as particularly timely and impactful.

The session on social media was titled “Unlocking Social Media Data,” sponsored by SMI Aware, and examined the investigative value of social media evidence. Josh Janow and Paige Hansen (SMI Aware) walked through data preservation strategies across platforms like Facebook, Instagram, LinkedIn, TikTok, Venmo, Strava and over 500 other accounts.

This session actually kicked off at the beginning of the conference, when Josh invited volunteers to have their social media presence assessed live. Using SMI Aware’s platform, the team conducted real-time OSINT (Open Source Intelligence) research on those individuals, compiling reports to present at the 11 a.m. breakout session. Initially, only a few attendees stepped forward—but when the findings were revealed, those volunteers were genuinely surprised by what had been uncovered in just a couple of hours. The reticence on the face of many in the room underscored the power of this tool in the hands of e-discovery professionals.  What began as a novel and engaging activity quickly shifted in tone during the session, as attendees began to recognize social media research as a “must-have” component in litigation, compliance, and due diligence strategies.

Why Social Media Data Matters in Discovery

Since much of our life events are journaled online (as Paige put it), critical evidence is often found in unexpected places—Instagram posts, Venmo transactions, Reddit threads, and business collaboration tools like Slack and GitHub. The session opened with a challenge: What if your case hinges on something someone posted online—then deleted?

Social media can tell a story that contradicts a claim, verifies an alibi, or reveals patterns that shift the legal narrative. Whether it’s a workers’ comp investigation or a high-stakes wrongful termination suit, open-source data is no longer a “nice to have”—it’s a necessity.

When and Where to Search

The first key takeaway? Timing is everything.

Social media content can be altered or deleted. That’s why early case assessment should now include an OSINT component. From public Facebook profiles to lesser-known platforms like Discord or SoundCloud, relevant content often exists in plain sight—if you know where and how to look.

In one powerful case example shared, a claimant in a workplace injury lawsuit posted photos of themselves competing in a dance competition—at a time they were allegedly too injured to work. That evidence was found publicly, but only for a short window before it was removed.

The Legal and Ethical Imperatives

Attorneys and investigators have both a professional and ethical obligation to understand where potential evidence may exist, even if it lies outside traditional custodians and repositories.

The presentation emphasized that collecting this data isn’t about “digging for dirt”—it’s about diligence. When done properly, it involves secure data collection methods, legal defensibility, and a clear chain of custody. Not doing so could mean missing key facts, or worse—compromising the admissibility of your findings.

Challenges and Limitations

Despite its power, social media evidence isn’t without hurdles:

  • Deleted or ephemeral content (think Stories or temporary posts)
  • Private settings that restrict access
  • Platform-specific restrictions on what can be scraped or reviewed

This is where specialized tools and experienced teams like SMI Aware’s come in. Their approach combines automated tools with human analysis to ensure data is gathered ethically, interpreted contextually, and structured into actionable insights with a deliverable of a report and the structured data that can then be imported into a review platform like CloudNine Review.

Real-World Impact: Case Studies in Action

The session walked attendees through several real-world investigations, including:

  • Workers’ Compensation fraud
  • Wage and hour disputes
  • Wrongful termination claims
  • Workplace compliance investigations
  • Pre-employment screening

Each case underscored the same point: social media and OSINT data can change the course of an investigation—or the outcome of litigation.

Key Takeaways

  • Social media is critical to modern discovery. If you’re not using it, you’re behind.
  • Data disappears quickly. Timely collection is key.
  • You need technical tools and expert interpretation to turn raw data into usable evidence.
  • Ethical and professional rules require attorneys to understand how OSINT fits into their duty of competence.
  • The report generated from SMI Aware’s software and service is a ready for an expert and is the main use, but also can create the proper load files for review in an eDiscovery review platform.

This conference was yet another testament to the evolving digital landscape of discovery—where artificial intelligence, modern data collection, and advanced review technologies are increasingly aligned to meet today’s challenges.

Are you ready to take control of eDiscovery costs? Let’s talk about how CloudNine can help you save money while optimizing efficiency: Contact Us today.

data culling in eDiscovery

The CFO’s Perspective: Why Culling Data First in eDiscovery Saves Big Money

By Abhishek Jhaver, CloudNine GM and CFO

As a CFO, managing costs without sacrificing efficiency is always a priority. One of the biggest cost drivers in eDiscovery is data volume —the more data you have, the more expensive it is to process, host, and especially review. That is why culling data before review isn’t just a best practice — it’s a financial imperative.

The High Cost of Excess Data

The traditional approach often involves collecting terabytes of data, much of which is irrelevant or redundant. Legal teams then spend significant resources on processing, hosting, and reviewing data that isn’t needed.

Industry studies show that document review can account for up to 70% of total eDiscovery costs. If we can significantly reduce the volume of data before review, we can directly impact the bottom line. The key is leveraging technology to remove unnecessary data early in the process before it becomes a cost burden. This culling process is typically called Early Data Assessment or Early Case Assessment.

CloudNine LAW: The Smarter Way to Cull Data Early

CloudNine LAW is a powerful solution designed to dramatically reduce data volume before review. By using its robust deduplication, filtering, and processing capabilities of over 5,000 file types, organizations can cut down on avoidable data, saving time and money in the process. Here’s how LAW helps make the corporate legal finance teams happy:

  • Deduplication: A significant percentage of collected data consists of duplicate files. LAW automatically identifies and removes redundant documents, ensuring legal teams aren’t reviewing the same information multiple times.
  • Filtering by Date, Custodian, and Keywords: LAW allows legal teams to filter data based on date ranges, specific custodians, and relevant keywords—removing unnecessary files before they ever reach review.
  • DeNISTing: System files and other non-relevant data clog up eDiscovery workflows. LAW uses DeNISTing to eliminate these non-user-generated files, reducing overall data volume.
  • Efficient Processing for Faster Turnaround: LAW processes large data sets efficiently, enabling legal teams to move to review with only the most relevant data.

 

The Financial Impact of Early Culling

By culling data early with CloudNine LAW, organizations can realize substantial cost savings. Fewer documents to review mean lower processing, hosting, and attorney review costs—potentially cutting review-related expenses by 30-50%. Additionally, streamlined processes allow legal teams to work faster while reducing billable hours and improving case timelines.

For CFOs, the equation is simple:

More data = higher costs.

Relevant data = Significant savings in cost, time, and resources.

 

A CFO’s Call to Action

If your legal team is not leveraging early-stage culling through tools like CloudNine LAW, you are likely overspending. Investing in proactive data reduction is one of the smartest financial decisions you can make in eDiscovery—because in the end, the best way to cut eDiscovery costs is to cut the irrelevant data first.

Are you ready to take control of eDiscovery costs? Let’s talk about how CloudNine LAW can help you save money while optimizing efficiency: Contact Us today.

CloudNine & United Litigation: Tackling Even the Trickiest eDiscovery Data

United Litigation is a fast-growing legal services firm founded 15 years ago, with national and global reach through its offices in Los Angeles, San Francisco, and Taiwan, offering 24/7 support. They pride themselves on having a stable of industry veterans on staff to handle eDiscovery and other litigation support services for their law firm and corporate clients.

For over 20 years, eDiscovery teams at United Litigation have relied on CloudNine and its CloudNine LAW to provide fast eDiscovery processing for its clients, with the ability to handle 4500+ file types with built-in OCR, scanning and printing capabilities, email threading, deduplication and more. Morgan Caparaz, President, and CEO of United Litigation, also spoke to CloudNine LAW’s unique flexibility in accommodating general use cases as well as exceptions, which can make up to 90% of United Litigation’s work. “LAW handles the data exceptions for us,” Caparaz said. “We use it as is but also have access to the back end and can write custom automation scripts and databases that help us to handle exceptions. It’s the only solution around for us to use when data is suspect or bad. No matter the issue, I am confident we can handle it with LAW.”

Caparaz also spoke about CloudNine LAW’s Turbo module. Turbo is an ingestion engine designed to handle data with a reduced infrastructure and allows for the ability to process data up to 25% faster. “Turbo is a sledgehammer when it comes to tackling large amounts of complex data but also allows us to get surgical on the data with the metadata. It’s this combination of large-scale processing and granular metadata analysis that sets it apart from other solutions. With LAW and its Turbo module, we gain tremendous efficiencies and can process terabytes of data every month with a lean team,” explained Caparaz.

CloudNine LAW is available in an on-premise. To learn more about how we can scale your team’s work, contact us today.

hidden money

7 Hidden Costs of On-Premise Software

The well-documented benefits of moving to the Cloud include speed, security, and scale, but none may impact your business more than cost recovery. To help you analyze how you can enhance your bottom line, we’ve compiled this list of the hidden costs of on-premise software.

  1. Infrastructure – When an organization wants to run a platform within its own environment, there are infrastructure costs that the organization will incur up front, and some will continue over time. Keeping on top of suitable hardware is not only expensive but makes it difficult to scale. A SaaS model makes it easy for companies of all sizes to invest in new technology and expand capacity as needed.
  2. Equipment Constraints – The equipment an organization purchases, leases, or otherwise managers will age over time, and will have to be replaced. Sometimes the replacement will be because of failure related to age. Sometimes the replacement will be due to increasing needs around speed and horsepower for the equipment that is hosting the organization’s platform and data. Sometimes, the equipment you need is on backorder and you are at the mercy of availability. In contrast, there are no infrastructure costs for an organization using a Cloud environment like AWS; this becomes the Cloud provider’s responsibility.
  3. “Always On” – Another infrastructure challenge is that the equipment uses power and energy constantly. Even in highly virtualized environments, customers who want to host their own platforms must pay for the power consumption of computing and storage in their data center. The organization pays for that power whether people are using the platform or not. In a Cloud environment, costs are easier to manage because parts of the environment can be “spun down” and “spun up” depending on user demand, in real-time.
  4. Staffing – A team of highly skilled workers is necessary to maintain an on-premises application or platform. The infrastructure must be maintained physically, security designed and monitored, and you need to deploy and control the systems and networks that allow users and systems to communicate with each other. On top of these resources, staff who have deep technical knowledge of how the platform works behind the scenes may also be necessary.
  5. Database Administrators – Database administrators design and deploy the database that serves as the backbone of many platforms in eDiscovery. Databases such as SQL are often the domain of these administrators. In a Cloud environment, database administration is often provided by the organization offering the Cloud. An organization can still choose to employ its own DBA team, but there are options that can avoid this expense.
  6. Network and System Administrators – Network and system administrators control permissions to various systems, such as folders, servers, and individual workstations. In an on-premises setup, the network or system administrator must design user groups and assign people to those groups – or remove them if needed. In a Cloud-based scenario, this access is handled at the provider level for folder and machine access but can be managed by the organization within individual platforms or databases.
  7. Platform Specialists – Complex platforms can require specialists to operate them to maximize the return on what the platform can do for the organization. These specialists are in high demand, so they command a high salary. This adds to the people costs of an organization. In contrast, in a Cloud environment, platforms are designed to be easy to operate by everyday users, and the “power user” tasks are performed by the platform developers themselves, or by partner organizations that can provide this as a service. This keeps expensive employees off the books of organizations.

To read more about understanding and managing eDiscovery costs, click here.

To use our ESI cost budget calculator and help manage costs, click here.

Click here to schedule a free consultation on how you can quickly and effectively move to the Cloud and save money!

 

Have you considered the implications of time zones when it comes to your litigation needs?

by: Trent Livingston, Chief Technology Officer

Most of today’s legal technology platforms require that a time zone be selected at the time of ingestion of data. Or, in the case of forensic software, the time stamp is displayed with a time zone offset based upon the device’s time zone setting. However, when conducting a review, the de facto time zone setting for your litigation is often determined ahead of time, often based upon subjective information. This is likely the region in which the primary custodian resides. Once that time zone is selected, everything is adjusted to that time zone. It is “set in stone” so to speak. In some cases, this is fine, but in others, it can complicate things, especially if you want to alter your time zone mid-review.

Let’s start by understanding time zones, which immediately begs the question, “how many time zones are there in the world?” After all, it can’t be that many, right? Well, don’t start up your time machine just yet! To summarize a Quora answer (https://www.quora.com/How-many-timezones-do-we-have-in-the-world) we arrive at the following confusing mess.

Spanning our globe, there are a total of 41 different time zones. Given the number of time zones, “shifting time” (so to speak) can be of the utmost importance when examining evidentiary data.

If everything is set to Eastern Standard Time but does not properly allocate for time zone changes, a software application could arbitrarily alter a time stamp inconsistently, and consistency is what really matters! What happens if two of the parties to a matter are in New York while two of the parties are in Arizona? Arizona does not observe Daylight Saving Time. This could result in a set of timestamps being thrown off by an hour spanning approximately five months of the data set (based upon Daylight Saving Time rules). Communication responses that may have happened within minutes now seemingly occur an hour later (or earlier depending on how to look at it). Forensic records could fall out of sync with other evidentiary data and communications or, worse yet, sworn testimony. The key is to ensure consistency to avoid confusion.

CloudNine’s ESI Analyst (ESIA) normalizes everything to Coordinated Universal Time (UTC) upon ingestion, leveraging the original time zone or offset. By doing this, ESIA can display the time zone of the project manager’s choosing (either set at the project level or by the specific user’s account time zone setting). This allows for the time stamp display of any evidence to be changed at any time to the desired time zone across an entire project, allowing for the dynamic view of time stamps. Not only can it be changed during a review, but also set at export. All original metadata is stored, and available during export so that the adjusted time stamp can be leveraged for timelines, while the original time stamp and time zone settings are preserved for evidentiary purposes.

When performing analysis of disparate data sets, this methodology allows users to adjust data to see relative time stamps to a particular party involved in that specific investigation. For example, an investigation may involve multiple parties that are all located in different time zones. Additionally, these users may be traveling to different countries. Adjusting everything to Eastern Time may show text messages arriving and being responded to in the late hours of the day not accounting for the fact that perhaps the user was abroad and was actually responding during normal business hours.

While seemingly innocuous, it can make a big difference in how a jury perceives the action of the party, depending on the nature of the investigation.

As they say… “timing is everything!” especially when it comes to digital evidence in today’s modern era.

Now, where did I leave my keys to my DeLorean?

Learn more about CloudNine ESI Analyst and its ability to deduplicate, search, filter, and adjust time zones across all data types at once here.

BlueStar Accelerates Modern eDiscovery with ESI Analyst – CloudNine Podcasts

It’s a challenge to produce relevant evidence for large cases, especially when they feature non-traditional data types. JSON and PST formats simply don’t do modern data justice. The unwieldy files don’t possess threading or deduplication options. Instead, large amounts of irrelevant data are stretched across a multitude of pages and folders. Finding a team to manually review that data slows production speeds and raises discovery costs. It’s time to stop forcing a square peg into a round hole.

As the CTO and Managing Partner at BlueStar, Jeremy Schaper has seen an uptick of non-traditional data in the last five years. He and his team found CloudNine’s ESI Analyst while searching for an eDiscovery solution to process both traditional and modern data types. Jeremy joined Rick Clark for our CloudNine 360 Innovate Podcast to discuss how BlueStar leveraged ESI Analyst in large cases involving SMS, Slack, and Microsoft Teams data.
Click here to listen to the podcast and learn more.

Generate More Revenue For Your Law Firm with Modern eDiscovery

One of the biggest challenges for any business is discovering new revenue streams once your growth reaches its zenith. For most law firms, this creates a welcome opportunity to offer new and better solutions while bringing more revenue into the organization.

As technology evolves, so does the diversity of new data types.  By expanding your firm’s ability effectively and accurately collect and analyze emerging data types, you create new opportunities to meet the changing needs of your clients.

Hit the eDiscovery Bullseye: The Latest Trends in Data Types

Electronically stored information (ESI) evolves every time new software is created. Whether it’s an updated version of current data or an entirely new data type, ESI is constantly changing.

To operate successfully, your law firm needs the ability to effectively process these modern data types. Consider the following statistics from two popular messaging applications – Microsoft Teams and Slack:

  • Teams has 145 million daily active users
  • Teams is used by more than 500,000 organizations as their default messaging platform
  • Slack has 10 million daily active users
  • Slack is used by 43% of Fortune 100 businesses

The sheer volume of modern data users creates an unmatched treasure trove of data vital to your client’s litigation. Other popular communication platforms like Google Meet, Zoom, GoToMeeting, and WhatsApp also contribute to the unparalleled growth of modern data types.

However, only recently have legal professionals begun to see the benefits of reviewing these data types since their reliance on traditional data types was easy and typically, sufficient.

Everyone in the legal profession can benefit from the ability to collect and analyze messages and metadata from communication platforms.  However, law firms and forensics companies in particular now understand the true value of other modern data like computer activity, geolocation, and financial transactions because it’s critically important to the success of their investigations.

Read a case study to learn how CloudNine is helped reconstruct conversations across multiple file types.

Why Modern Data Doesn’t Work Well with Traditional eDiscovery Platforms

Traditional data is typically straightforward in the form of Word documents, spreadsheets, and emails converted into PDF. The biggest issue with collecting and analyzing modern metadata on a traditional eDiscovery platform is compatibility.

Modern data transmitted by web clients and web servers is usually found within JavaScript Object Notation (JSON) files. JSON files are the preferred format for almost every public web service available today, including Teams and Slack.

HTML is another popular file type used by websites and social media applications like Facebook and Twitter to create individual pages.

JSON and HTML cause problems with traditional eDiscovery because traditional platforms cannot extract the content and metadata and organize it into an easy-to-review format. The result is usually very difficult to read, let alone review for eDiscovery.

Another challenge is simply the cost. In Zubulake v USB Warburg, the courts found the defendants were required to provide all relevant data files related to the case at their own expense. If your client is a large corporation, this could mean a large volume of devices to be collected for eDiscovery, which will naturally raise costs.

Tip the Scales of Justice with a Modern eDiscovery Platform

As applications like Teams and Slack make modern data more common, it has become more acceptable to be used in litigation. In the past, attorneys would argue to have modern data dismissed, and more often than not, the judge would allow it. Today’s judges have a better understanding of the value of emerging data so they require it for eDiscovery.

Modern eDiscovery platforms can collect a variety of modern data and accurately prepare it for review. Data types under this umbrella include:

  • Communication from messaging applications
  • File sharing applications
  • Metadata from video conferences
  • Mobile messaging including text, SMS, and MMS
  • Computer activity including the movement and alteration of files
  • GeoLocation
  • Social media posts
  • Financial transactions

In addition, by leveraging a modern data review platform, you can collect communication across multiple applications and devices. Based on the metadata, you can create pristine communication threads that flow from one platform to another, giving you a more complete picture and the context to understand how people were behaving and why. That simply isn’t possible in a traditional eDiscovery platform.

Stay up to date on how CloudNine is revolutionizing eDiscovery by signing up for our regular eDiscovery updates and best practices.

How Law Firms Use Modern eDiscovery to Offer Better Solutions

When you have the ability to review modern data, you can manage your case more effectively and efficiently by consolidating the workflows of multiple processes using a single SaaS platform.

  • Early Case Assessment. With CloudNine’s people and platforms, you are enabled to collect, cull, process and organize large amounts of modern data, to provide the needed insight to your case investigations to predict costs more accurately.
  • Unified Review Workflows. A simplified and consolidated workflow allows you to process, sort, review, tag, and produce traditional and modern data quickly and accurately.
  • Higher Level of Data Organization. By leveraging the metadata and conversation content, you can analyze and review all data types easier and more efficiently. This “Data NOT Documents” approach allows you to quickly narrow in on key conversations faster than traditional document review.
  • Context to Understand the Whole Story. Following digital conversations across multiple platforms along with computer activity, geolocation, social media and financial transactions, you create a more complete narrative to add the context needed to understand the whole story.

With these benefits, you can now demonstrate maximum efficiency and offer unparalleled service to your clients.

Your clients are looking to you to provide the best legal advice and management of their data, regardless of data types, modern or traditional.

By offering a solution giving them equal access to both traditional and modern data types with CloudNine eDiscovery solutions. Request a free demo and let us show you how CloudNine can help you generate more revenue while better preparing your clients for litigation.