Close
Enter your
text here

EDRM

eDiscovery Searching: Types of Exception Files

Friday, we talked about how to address the handling of exception files through agreement with opposing counsel (typically, via the meet and confer) to manage costs and avoid the potential for spoliation claims.  There are different types of exception files that might be encountered in a typical ESI collection and it’s important to know how those files can be recovered.

Types of Exception Files

It’s important to note that efforts to “fix” these files will often also change the files (and the metadata associated with them), so it’s important to establish with opposing counsel what measures to address the exceptions are acceptable.  Some files may not be recoverable and you need to agree up front how far to go to attempt to recover them.

  • Corrupted Files: Files can become corrupted for a variety of reasons, from application failures to system crashes to computer viruses.  I recently had a case where 40% of the collection was contained in 2 corrupt Outlook PST files – fortunately, we were able to repair those files and recover the messages.  If you have readily accessible backups of the files, try to restore them from backup.  If not, you will need to try using a repair utility.  Outlook comes with a utility called SCANPST.EXE that scans and repairs PST and OST files, and there are utilities (including freeware utilities) available via the web for most file types.  If all else fails, you can hire a data recovery expert, but that can get very expensive.
  • Password Protected Files: Most collections usually contain at least some password protected files.  Files can require a password to enable them to be edited, or even just to view them.  As the most popular publication format, PDF files are often password protected from editing, but they can still be viewed to support review (though some search engines may fail to index them).  If a file is password protected, you can try to obtain the password from the custodian providing the file – if the custodian is unavailable or unable to remember the password, you can try a password cracking application, which will run through a series of character combinations to attempt to find the password.  Be patient, it takes time, and doesn’t always succeed.
  • Unsupported File Types: In most collections, there are some unusual file types that aren’t supported by the review application, such as files for legacy or specialized applications (e.g., AutoCad for engineering drawings).  You may not even initially know what type of files they are; if not, you can find out based on file extension by looking the file extension up in FILExt.  If your review application can’t read the files, it also can’t index the files for searching or display them for review.  If those files may be responsive to discovery requests, review them with the native application to determine their relevancy.
  • No-Text Files: Files with no searchable text aren’t really exceptions – they have to be accounted for, but they won’t be retrieved in searches, so it’s important to make sure they don’t “slip through the cracks”.  It’s common to perform Optical Character Recognition (OCR) on TIFF files and image-only PDF files, because they are common document formats.  Other types of no-text files, such as pictures in JPEG or PNG format, are usually not OCRed, unless there is an expectation that they will have significant text.

It’s important for review applications to be able to identify exception files, so that you know they won’t be retrieved in searches without additional processing.  FirstPass™, powered by Venio FPR™, is one example of an application that will flag those files during processing and enable you to search for those exceptions, so you can determine how to handle them.

So, what do you think?  Have you encountered other types of exceptions?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Searching: Exceptions are the Rule
 

Virtually every collection of electronically stored information (ESI) has at least some files that cannot be effectively searched.  Corrupt files, password protected files and other types of exception files are frequent components of your ESI collection and it can become very expensive to make these files searchable or reviewable.  Being without an effective plan for addressing these files could lead to problems – even spoliation claims – in your case.

How to Address Exception Files

The best way to develop a plan for addressing these files that is reasonable and cost-effective is to come to agreement with opposing counsel on how to handle them.  The prime opportunity to obtain this agreement is during the meet and confer with opposing counsel.  The meet and confer gives you the opportunity to agree on how to address the following:

  • Efforts Required to Make Unusable Files Usable: Corrupted and password protected files may be fairly easily addressed in some cases, whereas in others, it takes extreme (i.e., costly) efforts to fix those files (if they can be fixed at all).  Up-front agreement with the opposition helps you determine how far to go in your recovery efforts to keep those recovery costs manageable.
  • Exception Reporting: Because there will usually be some files for which recovery is unsuccessful (or not attempted, if agreed upon with the opposition), you need to agree on how those files will be reported, so that they are accounted for in the production.  The information on exception reports will vary depending on agreed upon format between parties, but should typically include: file name and path, source custodian and reason for the exception (e.g., the file was corrupt).

If your case is in a jurisdiction where a meet and confer is not required (such as state cases where the state has no rules for eDiscovery), it is still best to reach out to opposing counsel to agree on the handling of exception files to control costs for addressing those files and avoid potential spoliation claims.

On Monday, we will talk about the types of exception files and the options for addressing them.  Oh, the suspense!  Hang in there!

So, what do you think?  Have you been involved in any cases where the handling of exception files was disputed?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Project Management: Train the Team — Agenda
 

Training for a task should be thorough and aimed at teaching the team what they need to know to do the work correctly and efficiently.  It should cover project overview information, procedures for doing the work, and sample work.  Here’s a sample training agenda for a document review project that you can use as a guide:

Case Background Information

  • A description of the parties
  • A description of the events that led to the case
  • A description of the allegations and defenses
  • An overview of the expected case schedule

Project Overview

  • A description of the goals of the document review project
  • A description of the process
  • An overview of the expected project schedule

Responsive Criteria

  • Go through the criteria – point by point – to ensure the group understands what is responsive and what is privileged
  • Provide samples of documents that are responsive and documents that are not responsive

Mechanics

  • Describe the roles of individuals on the team (reviewers, quality control staff, supervisors, project managers, etc.)
  • Review the procedures for the review
  • Train the team how to use the online review tool

Samples

  • Have the team do some sample work and turn it in
  • Review the sample work and go over it as a group

The first items on the agenda  — case background and project overview information — are very important.  While they don’t directly cover the mechanics of the work the team will be doing, these topics are significant for motivating the team.   The team will “invest” more in the project if they understand the big picture and how the work they are doing fits in.  In fact, it’s always a good idea to have a senior litigation team member participate in the overview portion of the training.  This further emphasizes the importance of the work the team will be doing.

What do you think?  Have you seen the difference good training can make on a project? Do you have useful training tips to offer?  Please share your comments or let us know if you’d like more information on a topic.

eDiscovery Project Management: Train the Team — Preparation
 

As critical as procedures are, they aren’t enough.  People need to be trained in applying those procedures.  Training the staff will get your project off to a good start.

Training is especially important for tasks that require a team of people to do the work – for example, a document review project.  When a team is doing the work, train them together as a group if that’s possible.  That way, different interpretations of the rules will likely surface and team members will benefit from the questions of others.

Training should cover project overview information and a review and explanation of the procedures for doing the work.  If there’s a subjective component to the work, review the subject matter outline or criteria.  Have the team do sample work, review it right away, and go over it as a group.

Let me give you a more detailed training plan and outline, using training for a document review project as an example.

Prepare a Project Manual

As a starting point, prepare a manual for each team member.  Include this information in the manual:

  • Case Documents, such as the complaint and request for production;
  • The Document Review Criteria, which provides guidelines for determining responsiveness and privilege;
  • A List of Custodians with information about each such as his/her position in the organization, a description of his/her role in the events that are at issue, and the types of documents you expect will be found in the custodian’s files;
  • Lists of Keywords, Key Characters, Key Events and Key Dates;
  • The Review Procedures;
  • The Review Schedule;
  • Instructions for Resolving Questions;
  • Instructions for Use of the Review Tool.

You’ll use this manual as the basis for the training, and in addition it will be a useful resource for each team member throughout the project.

Tomorrow I’ll give you a sample training agenda that you can use as a guide for your own training sessions.

What do you think?  Have you seen the difference good training can make on a project? Do you have useful training tips to offer?  Please share your comments or let us know if you’d like more information on a topic.

eDiscovery Project Management: Assign the Right People

Last week, on Wednesday and Thursday, we talked about assembling an electronic discovery team.  That’s not the only team you might need.  You may need to assemble a team for a specific task — for example, for a document review.

It’s essential that you assign the right type of people to a task.  For many litigation projects, this means deciding whether attorneys or non-attorneys will do the work.

Pushing the work up to over-qualified people can be just as problematic as using under-qualified people.   I’ve seen first hand how important this is.  I once worked on two large cases simultaneously where millions of documents had to be reviewed in each case.  In one case, I convinced the client that paralegals could handle the bulk of the work.  In the other case, the client insisted that only lawyers could do the work.

I don’t have to tell you how much more the second client paid for the work.  You may be surprised, however, by the quality comparison.  Each project involved multiple law firms, and one firm was involved in both.  That firm did quality control on both projects, and found that there was significantly less re-work required in the project where paralegals did most of the work.

Why?  We gave the paralegals objective criteria that didn’t require a law degree to understand, and they were far more attentive to work that made the lawyer’s eyes glaze over.  The lawyers — who were responsible for making decisions, answering questions, and reviewing work — were able to stay attentive to the more substantive work.

This is where breaking a task into components can help.  Here’s an example.  Everyone knows that determining privilege is an attorney task.  That doesn’t mean, however, that only attorneys can work on the project.  In every collection there are types of documents that will never be privileged unless they bear privileged annotations (published materials, annual reports, case-specific documents like routine manufacturing and quality control reports, etc.).  A trained paralegal using good criteria can do an initial review to identify potentially privileged documents for attorney review.

A project handled like this will certainly cost less, and will probably result in more consistent, higher quality work.

Have you worked on projects where the wrong people did the work?  Please share your comments or let us know if you’d like more information on a topic.

eDiscoveryJournal Webinar: More on Native Format Production and Redaction

As noted yesterday, eDiscoveryJournal conducted a webinar last Friday with some notable eDiscovery industry thought leaders regarding issues associated with native format production and redaction, including George Socha, Craig Ball and Tom O’Connor, and moderated by Greg Buckles, co-founder of eDiscoveryJournal, who has over 20 years experience in discovery and consulting.

What follows is more highlights of the discussion, based on my observations and notes from the webinar.  If anyone who attended the webinar feels that there are any inaccuracies in this account, please feel free to submit a comment to this post and I will be happy to address it.

More highlights of the discussion:

  • Redaction – Is it Possible, Practical, Acceptable?: George said it’s certainly possible and practical, but the biggest problem he sees is that redaction is often done without agreement between parties as to how it will be done.  Tom noted that the knee jerk reaction for most of his clients is “no” – to do it effectively, you need to know your capabilities and what information you’re trying to change.  Craig indicated that it’s not only possible and practical, but often desirable; however, when removing information such as columns from databases or spreadsheets, you need to know data dependencies and the possibility of “breaking” the file by removing that data.  Craig also remarked that certain file types (such as Microsoft Office files) are now stored in XML format, making it easier to redact them natively without breaking functionality.
  • How to Authenticate Redacted Files based on HASH Value?:  Craig said you don’t – it’s a changing of the file.  Although Craig indicated that some research has been done on “near-HASH” values, George noted that there is currently no such thing and that the HASH value changes completely with a change as small as one character.  Tom noted that it’s “tall weeds” when discussing HASH values with clients to authenticate files as many don’t fully understand the issues – it’s a “where angels fear to tread” concern.
  • Biggest Piece of Advice Regarding Redaction?: Craig said that redaction of native files is hard – So what?  Is the percentage of files requiring redaction so great that it needs to drive the process?  If it’s a small percentage, you can always simply TIFF the files requiring redaction and redact the TIFFs.  George indicated that one of the first things he advises clients to do is to work with the other side on how to handle redactions and if they won’t work with you, go to the judge to address it.  Tom indicated that he asks the client questions to find out what issues are associated with the redaction, such as what the client wants to accomplish, percentage of redaction expected, etc. and then provides advice based on those answers.
  • Redaction for Confidentiality (e.g., personal information, trade secrets, etc.): George noted that, while in many cases, it’s not a big issue; in some cases, it’s a huge issue.  There are currently 48 states that have at least some laws regarding safeguarding personal information and also efforts underway to do so at a national level.  We’re a long way from coming up with an effective way to address this issue.  Craig said that sometimes there are ways to address programmatically – in one case where he served as special master, his client had a number of spreadsheets with columns of confidential data and they were able to identify a way to handle those programmatically.  Tom has worked on cases where redaction of social security numbers through search and replace was necessary, but that there was a discussion and agreement with opposing counsel before proceeding.
  • How to Guarantee that Redaction Actually Deletes the Data and Doesn’t Just Obscure it?: Tom said he had a situation on a criminal case where they received police reports from the Federal government with information on protected witnesses, which they gave back.  There is not a “cookie-cutter” approach, but you have to understand the data, what’s possible and provide diligent QC.  Craig indicated that he conducts searches for the redacted data to confirm it has been deleted.  Greg noted that you have to make sure that the search tool will reach all of the redacted areas of the file.  George said too often people simply fail to check the results – providers often say that they can’t afford to perform the QC, but law firms often don’t do it either, so it falls through the cracks.  Tom recommends to his law firm clients that they take responsibility to perform that check as they are responsible for the production.  As part of QC, it’s important to have a different set of eyes and even different QC/search tools to confirm successful redaction.

Thanks to eDiscoveryJournal for a very informative webinar!

So, what do you think?  Do you have any other questions about native format production and redaction?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscoveryJournal Webinar: Debate on Native Format Production and Redaction
 

eDiscoveryJournal conducted a webinar last Friday with some notable eDiscovery industry thought leaders regarding issues associated with native format production and redaction.  The panel included George Socha of Socha Consulting, LLC and co-founder of EDRM, Craig Ball of Craig D. Ball, P.C. and author of numerous articles on eDiscovery and computer forensics, and Tom O’Connor, who is a nationally known consultant, speaker and writer in the area of computerized litigation support systems.  All three panelists are nationally recognized speakers and experts on eDiscovery topics.  The panel discussion was moderated by Greg Buckles, co-founder of eDiscoveryJournal, who is also a recognized expert with over 20 years experience in discovery and consulting.

I wrote an article a few years ago on review and production of native files, so this is a subject of particular interest to me.  What follows is highlights of the discussion, based on my observations and notes from the webinar.  If anyone who attended the webinar feels that there are any inaccuracies in this account, please feel free to submit a comment to this post and I will be happy to address it.

Having said that, here are the highlights:

  • Definition of Native Files: George noted that the technical definition of native files is “in the format as used during the normal course of business”, but in the application of that concept, there is no real consensus.  Tom, who has worked on a number of multi-party cases has found consensus difficult as parties have different interpretations as to what defines native files.  Craig noted that it’s less about format than it is ensuring a “level of information parity” so that both sides have the opportunity to access the same information for those files.
  • “Near-Native” Files: George noted that there is a “quasi-native” or “near-native” format, which is still a native format, even if it isn’t in the original form.  If you have a huge SQL database, but only produce a relevant subset out of it in a smaller SQL database, that would be an example of a “near-native” format.  Individual Outlook MSG files are another example that, as Craig noted, are smaller components of the original Outlook mailbox container for which individual message metadata is preserved.
  • Position of Producing Native Files: Craig noted that the position is often to provide in a less usable format (such as TIFF images) because of attorneys’ fear that the opposition will be able to get more information out of the native files than they did.  George noted that you can expect expert fees to double or even quadruple when expecting them to work with image files as opposed to native files.
  • Negotiation and Production of Metadata: Tom noted that there is a lack of understanding by attorneys as to how metadata differs for each file format.  Craig noted that there is certain “dog tag” metadata such as file name, path, last modified date and time, custodian name and hash value, that serve as a “driver’s license” for files whereas the rest of the more esoteric metadata complete the “DNA” for each file.  George noted that the EDRM XML project is working towards facilitating standard transfer of file metadata between parties.
  • Advice on Meet and Confer Preparation: When asked by Greg what factor is most important when preparing for meet and confer, Craig said it depends partly on whether you’re the primary producing or requesting party in the case.  Some people prefer “dumbed down” images, so it’s important to know what format you can handle, the issues in the case and cost considerations, of course.  George noted that there is little or no attention on how the files are going to be used later in the case at depositions and trial and that it’s important to think about how you plan to use the files in presentation and work backward.  Tom noted it’s really important to understand your collection as completely as possible and ask questions such as: What do you have?  How much?  What formats?  Where does it reside?  Tom indicated that he’s astonished how difficult it is for many of his clients to answer these questions.

Want to know more?  Tune in tomorrow for the second half of the webinar!  And, as always, please share any comments you might have or if you’d like to know more about a particular topic.

Sanctions and Other Things that Go Bump in the Night

Sunday is Halloween, so it seems appropriate to try to “scare” you before the big day.  Does this scare you?

“pervasive and willful violation of serial Court orders to preserve and produce ESI evidence be treated as contempt of court, and that he be imprisoned for a period not to exceed two years, unless and until he pays to Plaintiff the attorney’s fees and costs that will be awarded to Plaintiff as the prevailing party”

What about this?

“From this Court’s perspective, a monetary sanction of $150,000 should be sufficient to compensate Plaintiffs for their added expense and deter SanDisk from taking shortcuts.”

Or this?

“For his misconduct, Peal has already received a severe sanction in having his complaint dismissed with prejudice.”

How about this?

A party does not need formal notice to know that spoliation of evidence and misrepresentations may lead to dismissal.”

Scary, huh?  If the possibility of sanctions keep you awake at night, then the folks at eDiscovery Daily will do our best to provide useful information and best practices to enable you to relax and sleep soundly, even on Halloween!

Of course, if you really want to get into the spirit of Halloween, click here.

What do you think?  Is there a particular eDiscovery issue that scares you?  Please share your comments and let us know if you’d like more information on a particular topic.

Happy Halloween!

eDiscovery Project Management: Finding the Right People for Your Team

Yesterday, we talked about the skill sets and areas of expertise that are required to effectively handle an electronic discovery project.  Those skills and expertise are diverse and you won’t find everything you need in a single person.  You need to put together a team.  So, where do you find the right people for your team?    Most likely your team can be made up of individuals from these sources:

Law Firm Personnel

  • Partners, associates and paralegals working on the case will have knowledge of the facts at issue and the strategy for using documents.  They will know what documents are responsive, privileged, significant, helpful and harmful.  They will also have knowledge of the litigation process and the rules of civil procedure.  Paralegals are also likely to have a very good handle on the document collection as the case moves forward.
  • Law firm litigation/practice support and technical staff will have knowledge of the electronic discovery process, electronic discovery tools and electronic discovery service providers.  They also may have skills in collecting forensically sound data.  And, litigation support professionals will have project management skills.

Client Personnel

  • Members of the corporate legal department will have knowledge of the issues in the case, the case strategy and goals, the documents, and the business operations and key characters at issue.
  • Corporate IT and records management personnel will have knowledge of the computer systems in use at the client’s offices, knowledge of document retention, computer use, backup and disaster recovery policies and practices, and how and where documents are stored and accessed.
  • Client personnel who are familiar with the business units, facts and events that are at issue in the case, and the relevant documents that are likely to exist.

External Resources

Depending on what tasks need to be done and on what computing resources /expertise you require, you may need to add electronic discovery consultants, service providers, and forensics experts to your team.  You may not need to involve them right away.  You might get the rest of the team in place and have the team determine what external resources are needed.  If, however, you are inexperienced with electronic discovery, involving a consultant early can be invaluable.

What do you think?  Who do you include on your electronic discovery teams?  Please share your comments and let us know if you’d like more information on a particular topic.

eDiscovery Project Management: Assemble the Right Team
 

There are lots of tasks associated with a large electronic discovery project.  A number of skill sets and areas of expertise are required to do them all well.  It’s not likely that all of those skills and knowledge will reside in a single person.  You need to create the right electronic discovery team to ensure that there are no glitches.

Under a common case scenario that involves collecting electronic discovery, processing, analyzing/culling, review, and production, you should have all of these areas covered:

  • Knowledge of electronic discovery:  Knowledge of the process, technology tools, and service providers.
  • Technical knowledge and skills:  Skills in collecting forensically sound and defensible data and knowledge of your client’s technology systems and practices.
  • Knowledge of your client’s document policies and practices:  Knowledge of document retention policies and practices and knowledge of what types of files exist and how and where they are stored and accessed.
  • Knowledge of the facts at issue in the case, and the strategy for using documents in the case:  You need someone who can make decisions on what document content is responsive, privileged, significant, helpful, and harmful.
  • Familiarity with the cast of characters and knowledge of who is likely to have documents and knowledge about what.
  • Knowledge of the litigation process and the rules of civil procedure that apply to electronic discovery.
  • Expertise in search technology, techniques and strategies.
  • Project management skills and experience.

It is critical that a project manager is identified early on.  There are lots of steps in the process that will require continuous oversight and monitoring.  The project manager will be responsible for creating project plans, creating budgets and schedules, identifying required resources, ensuring that decisions are made by the right people, ensuring that deadlines are met, and so on.  On a case with a large electronic discovery collection and a short schedule, this is a full-time job.

Tomorrow, we’ll talk about what types of people are likely to have the right skill sets, and then we’ll move on to assembling the right team for a specific task that requires significant numbers of people.

What do you think?  Who do you include on your electronic discovery teams?  Please share your comments and let us know if you’d like more information on a particular topic.