Close
Enter your
text here

Electronic Discovery

A New Calculator from EDRM and Other EDRM News: eDiscovery Trends

Does it seem appropriate for us to display a calculator on tax day? Yes, it does. 🙂

Over a year ago, we discussed budget calculators available from the Metrics section of the EDRM web site and reviewed the four calculators available at the time (here, here, here and here).

In the past couple of weeks, EDRM added a new calculator. Let’s take a look.

The EDRM Data Calculator is an Excel spreadsheet file that helps you better estimate how much data you may have in matters involving eDiscovery. The estimates are designed to help you and your organization to prepare budgets, manage workflows, and measure and improve your eDiscovery processes.

The EDRM Data Calculator consists of a Core Data Calculator and a Supplemental Data Calculator, as follows:

  • Core Data Calculator: Uses information you enter or select to prepare two sets of estimates. First, it calculates how much your data may increase in size because of steps taken to expand the data – steps such as unpacking compressed files. Second, the Core Data Calculator estimates how much the size of your data set will decrease as a result of processing steps such as the use of de-Nisting, de-duplication, search terms, and CAR (computer assisted review).
  • Supplemental Data Calculator: Uses additional information you enter to arrive at two additional sets of estimates about your data after it has been expanded and then reduced. First, it delivers four sets of estimates about three major data types: email files, structured data, and unstructured data. The sets are percentage expected (e.g., 15% of your data will be email files), estimated GBs (e.g., you will have 12 GB of email), estimated files/GB (e.g., you will have 500 files per GB), and total files (e.g., you will have 14,000 files). Second, the Supplemental Data Calculator delivers the same four sets of estimates for six subcategories of unstructured data: word processing files, spreadsheet files, presentation files, image files, PDF files, and other unstructured data.

The EDRM Data Calculator is clearly formatted and color coded to identify cells where data needs to be entered (yellow, for entries such as the number of starting GB) and cells where you select an option from a menu (gray, for entries such as selecting a process to reduce data). The spreadsheet also provides a “calculator” section for recording assumptions and a “report” section to show the results based on those assumptions. And, the calculator comes with intuitive step-by-step instructions (which are available as a nine page PDF file, with screen shots for illustration). Perhaps the spreadsheet could be better formatted for printing and it isn’t set to protect the calculated cells, so they could be inadvertently overwritten, but otherwise, it looks like a nice model for estimating data volumes.

You can get more information about the EDRM Data Calculator, as well as download the actual calculator and instructions here.

As for other EDRM news, it’s not too late to register for today’s free live EDRM and ACEDS Webinar, “The Social Media Quick Peek: Early Data Assessment.” To register, click here.

And, in less than a month, is the EDRM 2015 Spring Workshop at the Saint Paul Hotel in St. Paul, MN. This is the kickoff for the 2015-2016 EDRM year. The 2015 EDRM Spring Workshop is scheduled for May 5-6, with a reception on the evening of May 4. Click here for more information. If you’ve considered becoming an EDRM member, this is an excellent time to do so!

So, what do you think? How do you estimate your eDiscovery data? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Plaintiff Awarded Sanctions and Reimbursement of Some eDiscovery Costs: eDiscovery Case Law

In Engineered Abrasives, Inc. v. American Machine Products & Service, Inc. No. 13C7342 (N.D. Ill. Mar. 18, 2015), Illinois District Judge Sara L. Ellis awarded the plaintiff damages, attorneys’ fees and some requested costs, as well as granting the plaintiff’s motion for sanctions and ordering the defendants to reimburse the plaintiff $12,800 for the cost of conducting a forensic computer examination, which the plaintiff maintained was necessitated by Defendants’ evasive and incomplete responses and their failure to produce documents during discovery.

Case Background

The plaintiff sued the defendants, former employees of the plaintiff, claiming that the defendants were misrepresenting themselves as representatives of the plaintiff’s company and unfairly competing with EA. After the defendants failed to answer the complaint, they were found to be in default. “Extensive” discovery was conducted on the plaintiff’s damages and an evidentiary hearing was held in November 2014 on the plaintiff’s request for relief, which included monetary damages and reimbursement of attorneys’ fees and other costs, including eDiscovery costs. This opinion and order was based on the “evidence presented at that hearing and the parties’ other submissions”.

Judge’s Opinion

After some analysis, Judge Ellis awarded the plaintiff $207,257 in monetary damages and $499,088.80 in attorneys’ fees, which included PACER costs. Of most of the other costs that Judge Ellis considered, she allowed reimbursement of the $400 filing fee for initiating the action, $165 for service of the Complaint and $55 for one hour for service of summons or a subpoena and disallowed all other requested costs.

As for the eDiscovery costs, Judge Ellis stated that Section 1920 does “not expressly provide for the recovery of e-discovery costs, meaning that the only route to recovery of these costs must pass through the strictures of 28 U.S.C. § 1920(4), which allows for the recovery of ‘fees for exemplification and the costs of making copies of any materials where the copies are necessarily obtained for use in the case.’” She also noted that “this Court will follow those courts that have found compensable the costs ‘associated with the conversion of [electronically stored information] into a readable format, such as scanning or otherwise converting a paper version to an electronic version or converting native files to TIFF’ but not the ‘costs related to the `gathering, preserving, processing, searching, culling and extracting of [electronically stored information].’”

As the plaintiff requested compensation for several charges associated with eDiscovery, including for “OCR & TIFF Conversion,” “process[ing] native files through ESI utility to allow for capturing of metadata/indexing of material,” “load[ing] into Summation,” and “prepar[ing] search filters and sav[ing] shared set to database for review team,” Judge Ellis found that “[o]nly the first $48.24 charge is properly compensable, as it involves the conversion of documents into a readable format.” (emphasis added)

Judge Ellis next considered whether the defendants could be sanctioned for their “evasive and incomplete responses and their failure to produce documents during discovery” which led to the plaintiff’s computer forensic examination. With regard to that, Judge Ellis stated: “The Court agrees with EA that Defendants’ conduct during the discovery process warrants sanctions. Defendants’ actions during the discovery process cannot be said to have been done in good faith. They unnecessarily prolonged this case, necessitating the Court’s intervention on several occasions and multiplying the costs involved in the litigation.” As a result, Judge Ellis ordered the defendants to reimburse the plaintiff $12,800 for the cost of conducting the forensic computer examination.

So, what do you think? Was the court right to grant the motion for sanctions? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Cyber Liability Insurance Policies are Becoming More Popular for Law Firms: eDiscovery Trends

Last Friday, we discussed a report in The New York Times that discussed the unwillingness of most big US law firms to discuss or even acknowledge data breaches. But, despite the unwillingness to disclose breach information, more and more law firms are apparently purchasing or considering the purchase of cyber liability insurance to protect against potential data breaches.

An article in ABA Journal from earlier this month (Cyber liability insurance is an increasingly popular, almost necessary choice for law firms, by David L. Hudson, Jr.) reported the increasing trend.

“We’ve seen a noticeable increase in the number of firms who have purchased separate cyber policies over the past 24 months,” said Chris Andrews, vice president of professional liability at AIG. “We’re probably not yet at the point where we can say it’s a common purchase, but it’s certainly trending in that direction. Many firms are consulting their clients on privacy and regulatory issues, and at the same time those clients are now asking questions as to how firms use, store and protect information. Given this heightened level of awareness, it makes sense that firms are now looking inward to make sure their own house is in order and cyber coverage is part of the solution.”

Given the fact that many law firms hold sensitive data for their clients, such as personal injury firms which take credit card payments from clients and firms handling medical-malpractice cases who could have personal health information (which is particularly valuable), those firms are prime targets for hackers.

“Law firms today are responsible for massive amounts of electronic and nonelectronic information,” said AIG’s Andrews. “Depending on a firm’s areas of practice, this information can range from personally identifiable information to protected health information to confidential corporate information, such as intellectual property, contracts, and details on mergers and acquisitions. This information represents significant liability exposure in the event of a security failure. Even if the failure doesn’t lead to an actual lawsuit, a firm may still need to deal with costs associated with notification, possible regulatory investigations, fines and penalties, forensic expenses, public relations expenses and more.”

Cyber risk policies were introduced in the 1990s but have experienced a dramatic growth in recent years, according to Washington, D.C.-based attorney Thomas H. Bentz Jr., head of Holland & Knight’s team on directors and officers and management liability insurance. “Corporate America has seen a huge increase in the purchase of cyber policies in the last three to five years. Law firms have been slower to follow,” Bentz says. “In my experience, it is still not common for law firms to purchase cyber liability coverage. I expect that this will change in the next several years as the potential exposure becomes clearer and the coverage more certain.”

Cyber liability insurance can coverage can include data breaches and privacy crisis management, as well as multimedia, extortion, and network security liability. Like, with any insurance policies, it’s important to understand the parameters of the policy and also what you can do to not only reduce the risk of a breach, but also the cost for the policy premium. For example, it’s important to understand security controls you can put into place that will reduce the premium, will you get a reduction for each year you do not file a claim and if you do file a claim, how will that affect your premiums.

So, what do you think? Does your organization have, or is considering, a cyber liability insurance policy? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscoveryDaily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Has the Law Firm Holding Your Data Ever Suffered a Breach? You May Never Know.: eDiscovery Trends

In February, we discussed a report about data breach trends in 2014 and how those trends compared to data breaches in 2013. That report provided breach trends for several industries, including the healthcare industry, which suffered the most breaches last year (possibly because stolen health records are apparently worth big money). But, according to a recent report, you won’t see any trends for law firms because the legal profession almost never publicly discloses a breach.

According to a recent article in The New York Times (Citigroup Report Chides Law Firms for Silence on Hackings, written by Matthew Goldstein), the “unwillingness of most big United States law firms to discuss or even acknowledge breaches has frustrated law enforcement and corporate clients for several years.” This information was according to a recent internal report from Citigroup’s cyberintelligence center that warned bank employees of the threat of attacks on the networks and websites of big law firms.

“Due to the reluctance of most law firms to publicly discuss cyberintrusions and the lack of data breach reporting requirements in general in the legal industry, it is not possible to determine whether cyberattacks against law firms are on the rise,” according to the report, a copy of which was reviewed by The New York Times and discussed in Goldstein’s article.

Issued in February, the report (according to Goldstein’s article) included several observations, such as:

  • It is “reasonable to expect law firms to be targets of attacks by foreign governments and hackers because they are repositories for confidential data on corporate deals and business strategies”;
  • Bank employees “should be mindful that digital security at many law firms, despite improvements, generally remains below the standards for other industries”;
  • Law firms are at “high risk for cyberintrusions” and would “continue to be targeted by malicious actors looking to steal information on highly sensitive matters such as mergers and acquisitions and patent applications.”

According to the article, the bank’s security team also “highlighted several ways hackers had intruded on law firms, by directly breaching their systems, attacking their websites or using their names in so-called phishing efforts to trick people into disclosing personal information”. As a result, Wall Street banks are putting pressure on law firms to do more to prevent the theft of information and are also demanding more documentation from them about online security measures before approving them for assignments.

The report mentioned a handful of law firms who had suffered reported hacks, which apparently led to Citigroup’s distancing itself from the report and stop distributing it.

“The analysis relied on and cited previously published reports. We have apologized to several of the parties mentioned for not giving them an opportunity to respond prior to its publication in light of the sensitive nature of the events described,” said Danielle Romero-Apsilos, a Citigroup spokeswoman.

While law firms apparently aren’t publicly disclosing breaches, they are apparently choosing cyber liability insurance at an increased rate. We will discuss that on Monday.

Thanks to Sharon Nelson and her always excellent Ride the Lightning blog for the tip – her post regarding the story is here.

So, what do you think? How much information do you know about your outside counsel’s security measures? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscoveryDaily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Ten Years Later, The Impact of the Zubulake Case is Still Huge: eDiscovery History

It’s hard to believe, but ten years ago this past Monday, the verdict was rendered in the Zubulake v. UBS Warburg LLC case. Let’s take a look back at the case and see what Laura Zubulake is doing today.

The Zubulake case is certainly still the most famous case from an eDiscovery standpoint – if you work in this industry, you’re probably already fully aware of the key decisions issued by Southern District of New York Judge Shira Sheindlin and their huge impact on discovery of electronic data. If you’re not fully aware, you should be. Three years ago, we took a look back at the case and its landmark decisions here.

Today, the eDiscovery industry is a multi-billion dollar industry and still growing at a double-digit rate per year, according to estimates. Part of that is due to the explosion of big data, but obligations for managing discovery of that data was, in part, shaped by the Zubulake opinions. A recent blog post by Robert Half Legal lists “eDiscovery professional” as a legal career that didn’t even exist ten years ago. That seems to be more than a coincidence.

In 2012, Laura published a book titled Zubulake’s e-Discovery: The Untold Story of my Quest for Justice, previously discussed on this blog here, here and here. The book provides the “backstory” that goes beyond the precedent-setting opinions of the case, detailing her experiences through the events leading up to the case, as well as over three years of litigation. Our colleague, Jane Gennarelli, also collaborated with Laura on a nine part case study regarding the Zubulake case that we covered on our blog in 2013.

So, where is Laura Zubulake today?

Today, Laura is a licensed salesperson with Sotheby’s International Realty in their Southampton, NY office.

Looking back on the case, Laura remembers April 6, 2005, the date of the jury verdict, as a day of personal vindication and justice. “Never did I imagine that the Zubulake opinions would be relevant ten years later”, she said. “I never envisioned the opinions transforming the practice of law, influencing amendments to the FRCP, and becoming the subject of law school lectures. And, never did I dream that my case would provide the foundation for a multi-billion dollar e-discovery industry that created thousands of jobs and also provided the foundation for Information Governance”.

While real estate has become Laura’s “day job” she still keeps up with and speaks about developments and trends in eDiscovery and Information Governance. “I can especially relate to current debates about servers, email retention policies, email preservation practices, and whether deleted emails can be restored or not”, she said. “And, lately, I’ve been following the breaking news about the email practices of politicians at the highest level and allegations of gender discrimination in Silicon Valley with particular interest.”

Overall, Laura is satisfied that her quest for fairness and efforts to right a perceived wrong made a difference, even ten years later.

So, what do you think? What do you think the impact of the Zubulake case has been for you? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Managing Email Signature Logos During Review: eDiscovery Best Practices

Yesterday, we discussed how corporate logo graphic files in email signatures can add complexity when managing those emails in eDiscovery, as these logos, repeated over and over again, can add up to a significant percentage of your collection on a file count basis. Today, we are going to discuss a couple of ways that I have worked with clients to manage those files during the review process.

These corporate logos cause several eDiscovery complications such as slowing page refreshes in review tools and wasting reviewer time and making review even more tedious. I’ll focus on those particular issues below.

It should be noted that, as VP of Professional Services at CloudNine, my (recent) experience in assisting clients has primarily been using CloudNine’s review platform, so, with all due respect to those “technically astute vendor colleagues” that Craig Ball referred to in his excellent post last week, I’ll be discussing how I have handled the situation with logos in Outlook emails at CloudNine (shameless plug warning!).

Processing Embedded Graphics within Emails

I think it’s safe to say as a general rule, when it comes to processing of Outlook format emails (whether those originated from EDB, OST, PST or MSG files), most eDiscovery processing applications (including LAW and CloudNine’s processing application, Discovery Client) treat embedded graphic files as attachments to the email and those are loaded into most review platforms as attachments linked to the parent email. So, a “family” that consists of an email with two attached PDF files and a corporate logo graphic file would actually have four “family” members with the corporate logo graphic file (assuming that there is just one) as one of the four “family” members.

This basically adds an extra “document” to each email with a logo that is included in the review population (more than one per email if there are additional logo graphics for links to the organization’s social media sites). These files don’t require any thought during review, but they still have to be clicked through and marked as reviewed during a manual review process. This adds time and tedium to an already tedious process. If those files could be excluded from the review population, reviewers could focus on more substantive files in the collection.

In Discovery Client, an MD5 hash value is computed for each individual file, including each email attachment (including embedded graphics). So, if the same GIF file is used over and over again for a corporate logo, it would have the same MD5 hash value in each case. CloudNine provides a Quick Search function that enables you to retrieve all documents in the collection with the same value as the current document. So, if you’re currently viewing a corporate logo file, it’s easy to retrieve all documents with the same MD5 hash value, apply a tag to those documents and then use the tag to exclude them from review. I’ve worked with clients to do this before to enable them to shorten the review process while establishing more reliable metrics for the remaining documents being reviewed.

It should be noted that doing so doesn’t preclude you from assigning responsiveness settings from the rest of the “family” to the corporate logo later if you plan to produce those corporate logos as separate attachments to opposing counsel.

Viewing Emails with Embedded Logos

Embedded logos and other graphics files can slow down the retrieval of emails for viewing in some document viewers, depending on how they render those graphics. By default, Outlook emails are already formatted in HTML and CloudNine provides an HTML view option that enables the user to view the email without the embedded graphics. As a result, the email retrieves more quickly, so, in many cases, where the graphics don’t add value, the HTML view option will speed up the review process (users can still view the full native file with embedded graphics as needed). In working with clients, I’ve recommended the HTML view tab as the default view in CloudNine as a way of speeding retrieval of files for review, which helps speed up the overall review process.

So, what do you think? Do you find that corporate logo graphics files are adding complexity to your own eDiscovery processes? If so, how do you address the issue? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Email Signature Logos are a Sign That Discovery Will be More Complicated: eDiscovery Best Practices

Many, if not most of us, use some sort of graphic in our email signature at work that represents our corporate logo and many organizations have created a standard email signature for their employees to use when corresponding with others. It’s another subtle way of promoting brand recognition. But, those logos can add complexity when managing those emails in eDiscovery.

Craig Ball, in his excellent blog Ball in your Court, takes up the issue in his latest post (ESI Observations on a Pretty Good Friday), where he analyzes about 500GB of email containers associated with matters in which he has served as ESI Special Master. As he observes:

“Just three-fifths of the way through the data, I see 1,371,516 messages have been processed, and these messages have thrown off 1,262,552 GIF images. The great majority of these images will prove to be logos in the signature blocks of the messages, and account for 29% of the item count extracted from the data set so far.

Most of the GIF logos I see in this data are just 2.2KB; so, despite their numerousity, they account for only about ten percent of the volume of single messages (extracted MSGs) sans attachments.” (emphasis added)

As a consultant who has dealt with the corporate logo graphic issue many times in projects with my clients, I thought I would do my own quick analysis to see how some of our projects compare. As I have observed that logos are often in JPEG and PNG file formats as well, I compared the counts of email messages to GIF, JPG and PNG files in three recent different sized projects in CloudNine’s review platform, which provides a handy file type breakdown in its Analytics module.

Here’s the breakdown:

  • Small project: Emails – 13,487; GIF/JPG/PNG – 10,492; 77.8% of emails.
  • Medium project: Emails – 98,818; GIF/JPG/PNG – 66,205; 67.0% of emails.
  • Large project: Emails – 443,350; GIF/JPG/PNG – 414,242; 93.4% of emails.

While clearly not all of these are corporate logo graphics (many are other embedded graphics, attached pictures, etc.), you do get the idea that these logos, repeated over and over again, can add up to a significant percentage of your collection on at least a file count basis.

Craig notes the eDiscovery complications these logos cause, including: adding data volumes throughout discovery, slowing page refreshes in review tools, wasting reviewer time and making review even more tedious as well as unnecessarily driving up the number of documents that have color and complicating identification of evidentiary documents where color needs to be preserved for its potential evidentiary value. He also notes that his “technically astute vendor colleagues may counter that there are programmatic methods to minimize the static and friction of corporate logos”, that “probably only a weirdo like me frets about corpulent GIF logos” and notes that “your corporate conceit isn’t ‘free.’”

Without a doubt, organizations don’t think about eDiscovery when crafting their corporate email signature standards and, as much as I can understand Craig’s question as to whether these color logos are worth it, I doubt that they’re going away any time soon. At CloudNine, our own email signature standards include our logo on new emails as we can’t resist any opportunity to show the “nine clouds” (eight white, one blue – the ninth cloud, get it?) in our admitted attempt to build brand recognition any way we can (at least our reply email signature standard is logo free). Try fighting the marketing guys on that.

Nonetheless, as certainly a “weirdo” who also likes to think of myself as a “technically astute vendor colleague”, I have dealt with these logos time and time again in client projects. So, tomorrow, we’ll talk about a couple of those techniques we have used to minimize the effect on our client projects.

So, what do you think? Do you find that corporate logo graphics files are adding complexity to your own eDiscovery processes? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscoveryDaily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Defendant Does Not Take the Fall for Spoliation in Slip and Fall Case: eDiscovery Case Law

In Harrell v. Pathmark et al., Civil Action No. 14-5260 (E.D.Penn. Feb. 26, 2015), Pennsylvania District Judge Gene E. K. Pratter, after a hearing to consider whether to draw an adverse inverse instruction due to the defendant’s possible spoliation of video evidence, determined that “a spoliation inference would not be appropriate here”. Finding that the plaintiff had presented no evidence that the defendant had constructive notice of a dangerous condition resulting in her slip and fall, Judge Pratter also granted the defendant’s motion for summary judgment.

Case Background

The plaintiff filed suit claiming the defendant’s negligence “resulted in her slipping on a dangerously slick surface” in the defendant’s store in May 2013. The defendant moved for summary judgment arguing that the plaintiff failed to prove that the defendant had actual or constructive notice of the wet condition of the floor.

The plaintiff’s memorandum opposing the summary judgment noted that the defendant had working security cameras in the store, but the video footage from the time and date of the accident was recorded over and not preserved. As a result, the Court sua sponte scheduled a hearing to prompt the parties to address the issue on whether the Court could or should draw an adverse spoliation inference due to the absence of video evidence.

Judge’s Opinion

Stating that “Ms. Harrell has not presented the Court with evidence from which a reasonable jury could infer that Pathmark had constructive notice of the wet condition of the floor”, Judge Pratter turned to the potential spoliation of video evidence, noting that “although Ms. Harrell does not specifically invoke the issue, one could read the concluding paragraphs of her Memorandum opposing summary judgment as contending that the Court should draw an adverse spoliation inference against Pathmark.”

Judge Pratter found that the plaintiff “has not satisfied her burden of demonstrating that the video footage would have been relevant” and also determined that the court “cannot conclude based on the evidence before it that the video evidence was actually suppressed or withheld. Nor can it conclude that litigation was reasonably foreseeable at a time when the video footage presumably still existed.” His ruling quoted Bull v. United Parcel Service, Inc., 665 F.3d 68, 77 (3d Cir. 2012) as follows:

“Ordinary negligence does not suffice to establish spoliation. The party asserting spoliation must prove that evidence was intentionally withheld, altered, or destroyed. Thus, no unfavorable inference of spoliation arises if the evidence was lost, accidentally destroyed, or where the failure to produce it is otherwise properly accounted for.”

With regard to this case, Judge Pratter remarked “Here, Ms. Harrell has not presented evidence of bad faith. Even in a highly litigious community or culture, just because a person falls in a grocery store does not mean that litigation is imminent. Here, the lawsuit was not filed until August 2014, over a year after the incident and far past the maximum of about 90 days that the video footage would have survived before being automatically re-recorded. While the incident itself did cause Mr. Lewis to create an incident report, nothing about it was so immediately dramatic to create an objectively foreseeable likelihood of litigation…Pathmark’s actions, in this context, appear to the Court to be at the very most mere inadvertent negligence.”

Therefore, Judge Pratter determined that “a spoliation inference would not be appropriate here” and with no evidence to support the plaintiff’s claim, granted the defendant’s motion for summary judgment.

Click here and here for a couple of previous slip and fall cases we’ve covered where potential spoliation of video evidence was debated.

So, what do you think? Was the court right to grant the motion for summary judgment? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

You Should Check the Level of Your Fuzzy When Searching: eDiscovery Best Practices

If the title seems odd, let me clarify. I’m talking about “fuzzy” searching, which is a mechanism by finding alternate words that are close in spelling to the word you’re looking for. Fuzzy searching will expand your search recall, but too much “fuzzy” will leave you reviewing a lot of non-responsive hits.

Attorneys may know what terms they’re looking for, but those terms may not always be spelled correctly. Let’s face it, we all make mistakes. For example, if you’re searching for emails that relate to management decisions, can you be certain that “management” is spelled perfectly throughout the collection? Unlikely. It could be spelled “managment” or “mangement”. Also, you may have a number of image only files that require Optical Character Recognition (OCR), which is usually not 100% accurate. Without an effective search mechanism, you could miss key documents.

That’s where fuzzy searching comes in. Fuzzy searching enables you to find not just the exact matches of the word or words you’re seeking, but also alternate words that are close in spelling to the word you’re looking for (usually one or two characters off). For example, if you’re looking for the term “petroleum”, you can find variations such as “peroleum”, “petoleum” or even “petroleom” – misspellings, OCR errors or other variations (such as the term in a foreign language) that could be relevant.

However, fuzzy searching can also retrieve other legitimate words that are not relevant. Let’s take the term “concept” – if you perform a fuzzy search which retrieves words that are up to two characters off, you’ll get variations like “consent”, “content” and “concern”. So, it’s important to test your results to evaluate your level of precision vs. recall.

In CloudNine’s review platform, our search interface provides a check box to apply fuzzy searching to the entire term, along with a drop down to select the level of “fuzzy” (from 1 to 10, the higher the number, the more “fuzzy” the search results). But, we also enable the user to apply “fuzzy” to individual terms via the ‘%’ character, used generally after the first character to represent words that are one or two characters off. This enables you to perform a search to find documents with only fuzzy hits. Here are a couple of text search examples using an Enron demo set of over 117,000 documents:

  • p%%etroleum and not petroleum: Retrieves all documents that have words within two characters of “petroleum”, but not the word “petroleum” itself. In this case, 59 total documents were retrieved and the variations retrieved included words like “petróleos”, “petróleo” and “pertroleum”. The first two variations are Spanish language variations of “petroleum”, the third appears to be a misspelling. All of these terms appear responsive, so the precision is still good at this level and we retrieved 59 additional documents that are likely responsive that we wouldn’t have retrieved without fuzzy searching.
  • c%%oncept and not concept: Retrieves all documents that have words within two characters of “concept”, but not the word “concept” itself. In this case, 5,304 total documents were retrieved and the variations retrieved included words like “consent”, “Concast”, “content” and “concern”. We retrieved a high number of documents with clearly non-responsive terms, so this search is proving to be over broad and we may need to dial it back. If we reduce it to one character of “concept”, but not the word “concept” itself, we get 291 total documents retrieved and a number of those non-responsive variations are eliminated, giving us a more precise search.

Think of fuzzy searching as a “dial”. If you “dial” it up a little bit, you can retrieve additional responsive hits without sacrificing precision in your search. If you “dial” it up too much, you’ll be reviewing a lot of non-responsive hits and documents. Test your results to play with the “dial” until you get the most appropriate balance of recall and precision in your search.

So, what do you think? Does your keyword search strategy include the use of fuzzy searching? Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Daily will return on Monday. Have a nice Easter!

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscoveryDaily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Simply Deleting an Email Doesn’t Mean It’s Gone, Even When It’s Hillary Clinton’s Emails: eDiscovery Trends

Early in the life of this blog, we published a blog post called eDiscovery 101: Simply Deleting a File Doesn’t Mean It’s Gone to try to help our readers understand how disk drives keep track of files and how “deleted” files often can still be recovered. Something tells me that basic forensic concept will become a big issue in the coming weeks and months regarding Hillary Clinton’s deleted emails.

As reported by Politico in Hillary’s emails: Deleted but not gone (by Joseph Marks and Rachael Bade), Clinton’s attorney David Kendall on Friday wrote Benghazi Committee Chairman Rep. Trey Gowdy (R-S.C.), declining the committee’s request for the personal server that she used for emails while she was Secretary of State (which we discussed previously here) to be turned over to an independent third party. The committee said it wants a third party to verify that all Benghazi-related emails were in fact turned over to the panel – especially after Clinton acknowledged deleting anything determined to be “personal” messages. Kendall called the request pointless, saying Clinton’s IT staff had confirmed to him the messages are gone for good (Gowdy, in a statement, said that Clinton “unilaterally decided to wipe her server clean and permanently delete all emails from her personal server”).

But, are the emails really gone? According to my colleague, Michael Heslop, Vice President of Computer Forensics at CloudNine, that depends on what they mean by “wiped”. “If they forensically wiped the server, then it’s likely not recoverable from there”, said Heslop. “But, the data might still be available via other sources, such as backups or an offline storage table (OST) file on the computer that was used for email.”

As an example, the Politico article references the case of former Internal Revenue Service official Lois Lerner, who came under scrutiny over charges that the IRS targeted tea party groups for heightened scrutiny, after the IRS said that a 2011 hard-drive crash rendered her emails irretrievable. The agency trashed the hard drive and said it had over-written back-up tapes, yet other recovered back-up tapes appears to have yielded the missing emails.

Not surprisingly, the conservative group Freedom Watch has filed a racketeering lawsuit against Clinton that accuses her of failing to produce documents under the Freedom of Information Act (FOIA). So, expect efforts to scrutinize the deletion of Clinton’s emails to intensify. And, that’s no April Fools joke.

So, what do you think? Have you ever had to recover deleted emails? Were you successful in doing so? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscoveryDaily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.