Evidence

JSON is not a document, it is data… and lots of it!

By:  Trent Livingston

Modern eDiscovery deals with much more than just documents. In 2020, people created 1.7 MB of data every second, and most of that data was likely stored in a database. Now, newer applications like Facebook, Twitter, Slack are storing copious amounts of data ranging from tweets, wall posts, and chats.

Many of these artifacts are stored with complementary data that can include file links, reactions (such as “likes”), and even geolocation information. Accessing this modern data in order to leverage it for a discovery request often requires some sort of archive process from the originating application, and that is when JSON enters the picture.

JSON stands for “JavaScript Object Notation”, but that doesn’t mean you need to know how to write JavaScript (or any code for that matter)!  If you’ve ever dealt with discovery surrounding any of the aforementioned applications, you’ve likely come across a few JSON files. In a nutshell, think of JSON as a relational spreadsheet where one column of data in one tab of your spreadsheet is defined by another column of data in another tab in another spreadsheet.

For example, you might have a column called “Address” in a spreadsheet and that column contains a series of numeric “id” values that reference another tab in that same spreadsheet. In this secondary tab, each address is broken down into values for that address that may include things like “country”, “zip”, or “street”.  All those values that have the same “id” belong to the “address” reference in the previous tab. Simply put, this is structured data. JSON data is no different. However, JSON can contain a multitude of data structures varying from simple to complex.

The problem with JSON is while there are multiple JSON viewers and formatters online, they do not understand the defined data structures within.  Each platform defines these data structures differently, and while the vehicle may be the same, the defined structure is usually different from application to application (as well as the application’s version).  Therefore, the data within the JSON often comes out in an unexpected format when using a generic formatting tool, and the relationships between the data are often lost or jumbled. (By the way, you should never use any online “free” tool to format potentially confidential or privileged information).

Therefore, it is important to work with someone who understands JSON as an eDiscovery data source.  A single JSON file just a few megabytes in size may represent hundreds, if not thousands of messages, contain numerous links to files, as well as key data relevant to your investigation or litigation. Contained within a JSON file could be any number of nested data formats, including:

  • Strings: a sequence of zero or more Unicode characters, which could include emojis in a Unicode format, usernames, or an actual text message.
  • Numbers: a numeric value that can represent a date, intrinsic value, id, or potentially a true/false value represented as “1” or “0”.
  • Objects: a series or collection of one or more data points represented as named value pairs that create meaning as a whole, such as longitude, latitude, elevation, rate of speed, and direction that make up the components of a device’s location.
  • Arrays: a collection of values or elements of the same type that can be individually referenced by using an index to a unique identifier, such as the choices of a color of a car on a website or a set of canned response values listed in a software chat application.

The thing to remember is the JSON file is actually one big “object”, which is the parent to all of the named value pairs beneath it.  Within this object, you can have more objects that contain numbers, strings, arrays, and yet even more objects. Confused yet?

Not to worry! It is understandable that all this JSON data can quickly become a source of frustration!  The question that remains is, “How do I make sense of all of this structured data and present it for review in a reasonably usable format?” 

Here are some tips:

  1. Make sure you do not overlook JSON as part of your electronic discovery protocol
  2. Leverage an experienced team to help you understand the JSON output
    • Document the source application whenever possible (some JSON include access keys that can expire or be terminated at any time, such as Slack)
    • Preserve the JSON file as you would any other evidentiary data source
    • Document the chain of custody for the JSON file (originating application and version of that application, who conducted the export, as well as any access keys that may be transitory or temporary and their date of expiration)
    • Treat each JSON file and associated content as a potential source of PII, confidential, and/or privileged information given the breadth of data that each may contain
  3. Work with a team and a product that can parse, ingest, and subsequently present JSON data in a usable format for review and production

While there is not an off-the-shelf solution for every JSON file in existence, CloudNine ESI Analyst is a platform designed for the multitude of data types that can be extracted from just about any JSON file out there. Many of which can be easily mapped to a data type construct within our SaaS application that allows for presentation, review, and production in a reasonably usable format.

Contact us today for a demonstration and further detail!

Three Use Cases to Navigate Modern Data in eDiscovery

In litigation, knowing the full picture is the only way to effectively represent your clients. The only problem is most of the story is often stored on electronic devices like smartphones, laptops, or tablets.

While eDiscovery can be dated back to 1981 and the first substantial use of email in litigation (Governors of United State Postal Service v. United States Postal Rate Commission), integrating newer, modern data types like text messages, computer activity, and financial data, has been a bit more challenging. These challenges relate back to how eDiscovery has historically worked and why modern data sources don’t fit nicely into that process. 

When eDiscovery was introduced with email and electronic documents as the primary source of information, simple messages and documents were sufficient to tell the story in a linear document review workflow. But, with sophisticated technology like Slack, chat applications and smartphone messaging where communications occur in real time, the conversion to documents for review hinders a proper evidence analysis.

Making sense of all that data only works when it is presented in the way it was originally communicated. The old documentation process simply doesn’t provide the insight you need to leverage modern data in litigation.

Case Study 1: Tackling Disparate Modern Data from Multiple Sources

No matter how small or large your case is, reviewing modern data can be challenging. Between smartphones, laptops, social media apps, and other connected devices, there’s a plethora of data to sift through to find the evidence you need to support your case. This process becomes even more complicated when the data is presented through the lens of traditional eDiscovery meaning, in traditional document format. What once worked for simple electronic communications no longer tells the whole story within complex, real-time and editable messaging technologies like WhatsApp, Slack and social media.

So what happens when you have to produce data from hundreds of international sources, and need it to tell the story of what actually happened? Let’s look at a case study of a construction company who had to do exactly that.

The Problem:

One of the largest construction companies in the world required the collection of modern data from 300 international sources. While the sheer number of sources was a challenge in itself, the real difficulty was working with disparate data from so many different sources.

Each business unit within the company used different technology so data had to be collected from a vast number of sources – local desktops, laptops, smartphones, tablets, and backup servers.

Plus, because so many BYOD devices were used, legal, data privacy, IT, and risk & compliance departments had to be consulted throughout the collection and review process to ensure no U.S. or international privacy laws were broken.

The Solution:

Ultimately, our client needed to understand who said or did what, and when. Basic documents with communications from readily available sources wouldn’t be enough, because they couldn’t easily identify the critical timeline of events or the intentions of each party. In the end, CloudNine ESI’s actor normalization function was the key to finding the evidence needed.

The Results:

By matching specific individuals to different aliases and phone numbers, attorneys were able to identify a handful of photos shared from the vast amount of data collected that proved the construction company was at fault. These photos were presented to the court in the form of inline bubble messaging that was easy to read and view.  To learn more about this use case, click here.

Case Study 2: Overcoming the Personal Device eDiscovery Challenge

There’s an expected, inherent trust between a company and its employees which means employees typically won’t do work that’s a conflict of interest with their current employer. Unfortunately, that trust is sometimes broken by actors that take advantage of their position.

The Problem:

When a heavy equipment manager became the target of a moonlighting case that cost his company money, attorneys were discouraged when they couldn’t find any evidence of wrongdoing. There were no documents, emails, or invoices to be found through traditional eDiscovery.

The Solution:

Fortunately, the key to the case was the manager’s smartphone.

By gaining access to his phone, attorneys were able to secure tens of thousands of text messages directly related to the case. This helped them discover how he operated his illegal side hustle. They also learned he was sharing confidential, copyrighted, and proprietary information through photos sent via text message.

The Results:

Through CloudNine ESI Analyst, attorneys were able to create conversation threads which were easy to review and produce. These threads not only helped them identify other involved parties, but let them produce messages, including embedded images, videos, GIFs, and emojis.

Without the ability to review and analyze the bad actor’s smartphone data, the case likely would not have gone forward.  

To learn more about this use case, click here.

Case Study 3: Protecting Company Data with Modern eDiscovery

The average American holds 12 jobs in their lifetime so it’s safe to say you will lose employees from time to time. Whether purposeful or accidental, the odds are good their personal devices will contain confidential or proprietary information when they walk through the door for the final time.

So what if you could examine their devices and remove all sensitive material before they left?

The Problem:

An employee spent six months working from home on a personal laptop before announcing his resignation to work for a competitor. If the employee was allowed to leave without a device review, he’d likely be leaving with documents that would benefit both him and his new employer.

Whether he would ever used those documents or not, chances are he’d find himself in the middle of a long, expensive trade secrets case which would also impact his new employer.

The Solution:

The representatives of the employee’s current company needed a way to access his personal laptop and identify any confidential or proprietary documents to be destroyed before he went to work for their competitor. They sought out a solution to easily identify these risks to protect their company, the employee and the employee’s future company.

The Results:

With CloudNine ESI Analyst, company representatives were able to access his personal laptop, create a chain of custody and review the data found on it. This allowed them to find confidential and proprietary data and remove it before the employee left for his new position, protecting all parties involved.

By doing this in advance, you preserve the data and protect it without relying on your employees to remember if they have sensitive information on their devices or not.

To learn more about this use case, click here

CloudNine ESI Analyst – A Modern eDiscovery Solution for Modern Data Review

While most law firms, corporations, and LSPs are challenged to review modern data through traditional eDiscovery tools, they struggle to pull the true value out of the data. Each text and corporate chat message are recreated as stand-alone documents, leaving you to piece them all together like a giant legal jigsaw puzzle with missing pieces and others that simply don’t fit the storyline.

With a robust and flexible modern eDiscovery tool like CloudNine ESI Analyst, you have access to alternative data to help you put the puzzle together through linear storytelling that creates a digital trail of evidence, including some of these popular sources:

  • Text messages (SMS and MMS)
  • Call logs
  • Voicemails
  • Messenger applications (Slack, Teams, WhatsApp, Messenger, etc.)
  • Computer activity
  • Financial transactions
  • Geolocation

Modernize your investigations and litigation by effectively managing the data in a single platform instead of wasting time managing a menagerie of documents in siloed systems.

Every case is unique and requires you to find the facts and context to tell the complete story. Contact CloudNine and learn how we can help you leverage all the data to get to the truth of the matter. Contact us to learn more.

Modern Data Discussions by Leading Experts at The Master’s Conference in DC

Last week, CloudNine Senior Director Rick Clark, VP Rob Lekowski and industry thought leaders convened in Washington, DC for The Master’s Conference first in-person event since early 2020. The two-day event tackled the latest challenges in eDiscovery, cybersecurity, and information governance. Managing modern data was the most popular recurrent topic with four distinct panels on the subject.

Smartphones, collaboration apps, and social media platforms all store a plethora of relevant information and is where today’s most important evidence resides. By avoiding or mismanaging this evidence, lawyers miss out on critical insights. So, how should legal teams incorporate modern data into investigations? Rick Clark addressed this question and more during the panel titled “Telling The Full Story: Leveraging the Data Between the Documents” with panelists Dave Rogers, Kroll; Kevin Albert, PAE; and Sonya Judkins, T-Mobile.

Here are three key takeaways from the panel discussion:

Modern data types can no longer be ignored – Emails and traditional documents are always going to be a part of discovery and investigations, but key data has moved away from these platforms. Conversations in Slack, MS Teams, device chat applications and text messages are additional communications needed to follow the conversation. Nowadays, modern data expands above communications into geolocation, social media posts, user activities and offer the largest insights. Recent case decisions have proven that judges are open to admitting modern data so long as the evidence is relevant and properly authenticated.

 Data shouldn’t be treated like documents – One reason why legal teams avoid modern data is linear document review. Imaging and exporting modern data leads to issues like missing metadata, families, threads, and file types. This method also requires legal teams to review evidence without any threading, deduplication, or link-analysis tools. Instead, large volumes of data are analyzed document by document. Linear document review is tedious, inefficient, and time-consuming but most important is legal teams who use linear document review also run the risk of overlooking important details. By opting for link analysis, litigants can connect various data points together to find relevant information faster.

“There just isn’t a good solution out there” – NOT TRUE – Four panels at the Master’s Conference discussed the challenges of modern data, but only Rick Clark’s panel offered a solution. CloudNine ESI Analyst is the only software that renders modern data in a near-native state. The platform uniquely offers users the ability to ingest and investigate multiple data sources within a single platform. Attendees of the CloudNine breakout session were given a full demonstration of ESI Analyst’s capabilities. Through timelines and 24-hour threads, ESI Analyst enables native analysis of communications, transactions, and computer activities.

Missed the Washington, DC event? Join us May 18th, 2022 for the next Master’s Conference in Chicago, Illinois.

Click here to learn more about how CloudNine ESI Analyst can help you manage your modern data.

BlueStar Accelerates Modern eDiscovery with ESI Analyst – CloudNine Podcasts

It’s a challenge to produce relevant evidence for large cases, especially when they feature non-traditional data types. JSON and PST formats simply don’t do modern data justice. The unwieldy files don’t possess threading or deduplication options. Instead, large amounts of irrelevant data are stretched across a multitude of pages and folders. Finding a team to manually review that data slows production speeds and raises discovery costs. It’s time to stop forcing a square peg into a round hole.

As the CTO and Managing Partner at BlueStar, Jeremy Schaper has seen an uptick of non-traditional data in the last five years. He and his team found CloudNine’s ESI Analyst while searching for an eDiscovery solution to process both traditional and modern data types. Jeremy joined Rick Clark for our CloudNine 360 Innovate Podcast to discuss how BlueStar leveraged ESI Analyst in large cases involving SMS, Slack, and Microsoft Teams data.
Click here to listen to the podcast and learn more.

Inaugural Symposium on eCrime – Dealing with Multiple Data Sources

Studies show that the average person generates about 100 megabytes of data per minute. While most people leverage technology for work and personal activities, it can also be a tool for criminal offenses. On February 28, 2022, the Henry C. Lee Institute of Forensic Science held a virtual symposium on e-crime. The symposium covered topics such as cell phone forensics, email investigations, and deep fakes. CloudNine Senior Director Rick Clark was featured on a panel alongside Amber Schroader, CEO of Paraben Software, and Christa Miller, managing editor at Forensic Focus. The panel addressed how data from multiple sources can aid an investigation or discovery workflow.

Panel Discussion Points:

  • Concerns from stakeholder perspectives (particular focus on HR, legal, and IT teams)
  • Case studies involving modern data in criminal cases
  • Data privacy and ownership
  • The “human” element of the generation and interpretation of data

Managing multiple data sources doesn’t have to be stressful. To address your concerns in anticipation of your next investigation, click here.

Discover the Power of ESI Analyst During LegalWeek 2022

The past two days have been a blast for the CloudNine team. From now until Friday, March 11, CloudNine is offering in-person and virtual demos while we visit New York during LegalWeek 2022. We would love to see you there as we reconnect with long-time clients and welcome new faces. The CloudNine team is also eager for the opportunity to showcase our latest eDiscovery innovation, ESI Analyst.

Modern discovery is more than documents, it’s about telling the story. Nowadays, emails and Microsoft Office files aren’t enough to piece a narrative together. Large amounts of information can be obtained from financial transactions, geolocation data, social media activity, text messaging, and more. Through customer feedback and client experiences, we recognized how taxing modern data types could be without the right tools. As an emerging solution for modern investigations, ESI Analyst uniquely offers users the ability to ingest and investigate multiple data sources within a single platform. CloudNine’s recent acquisition of ESI Analyst allows us to provide our customers with an in-depth solution for collecting, processing, and reviewing modern data.

Ready to learn more about our latest updates and solutions? There’s still time to schedule a demo. Virtually or in-person, our team is excited to provide demonstrations on the latest integration between CloudNine Review and ESI Analyst. Meetings will also feature updates on CloudNine Review’s other integrations with LAW, Concordance, and Explore via CloudNine’s Discovery Portal. Click here to book a demo before the end of LegalWeek. Or click on the banner below to request a virtual demo later this month.

Kroll Leverages ESI Analyst for Case Insights: CloudNine Podcasts

Without the right tools, sorting through a large dataset is akin to stumbling in the dark. Before deep-diving into voluminous data, legal teams need to know what to look for. The sooner those insights are found, the better. For years, attorneys uploaded data to traditional review platforms to win their clients and firm a head start. Since the platforms offered minimal searching tools, attorneys meticulously combed through mobile device data text by text. This process is not only time-consuming but also inefficient. Valuable case insights are easy to miss when hidden amongst other information.

CloudNine Senior Director, Rick Clark, kicks off the new 360 Innovate Podcast through an interview with Phil Hodgkins, Director of Data Insights and Forensics at Kroll. As a growing global practice, Kroll is well-versed in managing data-heavy projects involving compliance, investigations, and litigations. While conducting an internal investigation, Kroll learned how ESI Analyst’s capabilities surpassed those of two traditional review platforms. Through its various identification and visualization features, ESI Analyst yielded larger insights at a much faster rate. To learn how the Kroll team utilized ESI Analyst to strategically navigate through a broad dataset, visit this link: https://cloudnine.com/webcasts/kroll-innovate/?pg=ediscoverydaily/searching/kroll-leverages-esi-analyst-for-case-insights-cloudnine-podcasts

Four Times Self-Collection Went Wrong

Per FRCP Rule 26(g), attorneys must sign discovery requests, responses, and objections. To the best of the attorney’s knowledge, the signature certifies three factors: 1) the document is compliant with existing rules and regulations; 2) it has no improper purpose such as slowing litigation; 3) it is not unreasonably burdensome to the producing party. This may become an issue if your client opts for self-collection. If counsel does not oversee or supervise the collection process, they have violated the rule and will be sanctioned accordingly. [1] During self-collection, custodians are responsible for identifying and gathering potentially relevant ESI on their own. When conducted carefully, self-collection may be adequate and cost-effective for small cases. However, there are several risks involved. The client may lose valuable metadata if their collection is done incorrectly. Additionally, they may purposely or accidentally omit incriminating evidence. Overall, if the self-collection process is not defensible and well-documented, the evidence will be rejected, and sanctions will follow. [2]

Self-Collection Cases and Sanctions

  • EEOC v. M1 1500 Group is a well-known age discrimination case in which two of the defendant’s employees collected ESI without any counsel supervision. Counsel signed the discovery response despite their hands-off approach. The plaintiffs moved to compel after counsel admitted to their negligence and the defendants produced less evidence than expected. Judge Matthewman granted the defendants a second chance but required both parties to collaborate in a robust meet and confer. The court also issued sanctions and advised counsel to seek the assistance of an ESI vendor. [3]
  • Over a year after the case ended, Green v. Blitz reopened once the court discovered that the defendant destroyed and omitted relevant email evidence. Only one employee oversaw the collection process, and he described himself in court as “computer illiterate.” After confirming the relevance of the missing emails, the court imposed civil contempt sanctions worth $250,000. The defendants also faced a $500,00 purging sanction unless they provided a copy of the order to all litigants who filed against them within the past two years. As the final sanction, Blitz USA was ordered to file a copy of the order when filing any lawsuit within the next five years. [4]
  • Nat’l Day Laborer Org. v. U.S. Immigration and Customs Enforcement Agency involved various government agencies who lacked a uniform collection plan. The agencies also failed to properly document their differing collection processes. Consequently, the agencies were sanctioned for relying too heavily on self-collection. They were also reprimanded for their undocumented and uncoordinated efforts.
  • In Suntrust Mortgage Inc. v. AIG United Guaranty Corp., the defendant chose not to seek the help of any forensic experts or ESI vendors. One employee was in charge of the identification and collection process. By copying and pasting different emails together, the employee tampered with the evidence before production. The fabrication resulted in court issued financial sanctions. [2]

Avoid self-collection pitfalls by utilizing CloudNine’s Collection Manager, a breakthrough extraction solution for Office 365 emails and OneDrive files. To learn more information or request a demo, visit: https://cloudnine.com/software/cloudnine-collection-manager/

 

[1] Gretchen E. Moore, “The Perils of Self-Collection of Electronically Stored Information,” The National Law Review, April 28, 2021.

[2] FindLaw Attorney Writers, “Self-Collection: The Good, the Bad, and the Ugly,” FindLaw, June 20, 2016.

[3] Kelly Twigger, “Beware of the Perils of Allowing Self-Collection,” eDiscovery Assistant, July 9, 2020.

[4] Peter Vogel, “Another Trap is Sprung: The Danger of Self-Collection,” Foley & Lardner LLP, June 20, 2011.

Do’s and Don’ts of Text Message Discovery

Discovery requests of the past had little reason to include text messages as a form of evidence. Emails were the primary concern since they held the bulk (if not all) of business communications. Finding relevant corporate emails was rather simple. Corporate servers stored the data, regardless of how the email was sent or received (via mobile device or work computer). Consequently, companies were able to locate ESI without the assistance of forensic experts. As text messages became the preferred method for informal communications, their usage in the business world also grew. [1] In 2015, research showed that 80% of professionals conducted business communications through texts. This percentage has likely skyrocketed in recent years due to the shift to remote work during the pandemic. Today, some industry experts refer to texts as the new email, citing them as the main source of relevant information. Litigants, however, must remember that phone carriers aren’t obligated to permanently preserve message records. Unless subpoenaed, they may refuse to participate in discovery investigations. Instead of depending on carriers, text messages must be preserved and obtained from the device itself. [2]

Text Message Spoliation Sanctions

  • Stinson v. New York City: The plaintiffs in this suit alleged that the NYPD was issuing summonses without probable cause. The court imposed an adverse inference sanction against New York City for failing to preserve and collect relevant text evidence.
  • Timms v. LZM, LLC: Plaintiff Heather Timms sued her employer for failing to compensate her overtime hours, but she removed text messages and a messaging app before submitting her cell phone as evidence. Consequently, attorney fees were issued, and the case was terminated.
  • First Fin. Sec. Inc. v. Lee: FFS, an insurance broker, requested the production of all written communication after the defendants violated their contract by sharing company information after termination. After failing to produce text message evidence, the Court arranged attorney fees and an adverse inference sanction against the defendant. [3]

Text Message Do’s

  • Develop policies about business messaging. Some companies may go as far as banning all employees from discussing work affairs over text. Others companies may impose regulations on who and how work messages are sent. If your company permits any kind of text-based business communications, set up retention policies and collection plans. Through the policies, ensure that the data is preserved if needed for litigation.
  • Once your retention policies are established, consistently enforce them. Update your employees on any changes that the policies undergo. Poorly enforced policies are no better (and sometimes worse) than having no policy at all.
  • Train employees on how to appropriately send work texts. Also, inform them of the risks associated with deleting potentially relevant information.
  • Issue litigation holds when anticipating litigation. In the litigation hold letter, remind employees to disable any automated deletion features. Companies should also specify if message preservation is required for company devices, personal devices, or both. [4]

Text Message Don’ts

  • Rely on screenshots alone as a way to create records. Text messages can be easily manipulated, so screenshots are not enough to validate their authenticity. Find additional means of proof such as witness or expert testimony. As a better alternative, companies can find a discovery solution to produce the evidence through native or near-native files.
  • Rely on phone carriers to preserve the messages. As stated above, carriers will only store the data for short periods of time. Take ownership of your preservation duties by establishing retention policies in advance.
  • Delete messages or conversation histories when anticipating litigation.
  • Manually preserve text messages by copying and pasting them into other sources. Manual efforts include forwarding text messages to email and exporting texts to Excel files. These methods are time-consuming and harder to authenticate in court. [5]

 

[1] Nicole Allen, “Text Messages: Preservation Lessons for Mobile E-discovery,” LitSmart E-Discovery, December 20, 2017.

[2] Bill Kammer, “In eDiscovery, Texts are the New Email,” SDCBA Blawg 401, January 7, 2020.

[3] Zac Muir, “Failure to Produce Text Messages in eDiscovery,” Microfocus, October 16, 2012.

[4] Anthony J. Diana, Catherine Bernard, and Therese Craparo, “Managing The Risks And Costs Of Text Messaging (Electronic Discovery & Records Management – Tip Of The Month),” April 3, 2013.

[5] “How Federal Agencies Can Capture Text Messages for E-Discovery,” February 4, 2021.

TIFFs, PDFs, or Neither: How to Select the Best Production Format

Through Rule 34(b) of the FRCP, the requesting party may select the form(s) of production based on the needs of the case. Though this flexibility better serves the client, it also begs a few important questions: What is the best form of production? Is there one right answer? Since there are multiple types of ESI, it’s hard to definitively say that one format type is superior. Arguably, any form is acceptable so long as it facilitates “orderly, efficient, and cost-effective discovery.” Requesting parties may ask for ESI to be produced in native, PDF, TIFF, or paper files. Determinations typically consider the production software’s capabilities as well as the resources accessible to the responding party. [1] The purpose of this article is to weigh the advantages and disadvantages of each type so that legal teams can make informed decisions in the future.

Production Options

  1. Native – As the often-preferred option, native files are produced in the same format in which the ESI was created. Since native files require no conversions, they save litigants time and money. True natives also contain metadata and other information that TIFF and PDF files may lack. Litigants may also be interested in native files for their clear insights into dynamic content (such as comments and animations). TIFFs and PDFs can only process dynamic content through overlapping static images. This cluttered format is often confusing and hard to decipher. Though useful, litigants must be careful with the metadata and dynamic content because they may contain sensitive or privileged information. [2] Native files may seem like the superior choice, but they aren’t always an option. Unfortunately, some ESI types cannot be reviewed unless they are converted into a different form. Additionally, reviewers utilizing this format are unable to add labels or redactions to the individual pages.
  2. TIFF – TIFFs (tagged image format files) are black and white, single-paged conversions of native files. Controllable metadata fields, document-level text, and an image load file are included in this format. Though TIFFs are more expensive to produce than native files, they offer security in the fact that they cannot be manipulated. Other abilities that differentiate TIFFs include branding, numbering, and redacting information. [3] To be searchable, TIFFs must undergo Optical Character Recognition (OCR). OCR simply creates a text version of the TIFF document for searching purposes.
  3. PDFs – Similar to TIFFs, PDFs also produce ESI through static images. PDFs can become searchable in two ways. The reviewer may choose to simply save the file as a searchable document, or they can create an OCR to accompany the PDF. However, OCR cannot guarantee accurate search results for TIFFs or PDFs. [1] Advocates for PDFs cite the format’s universal compatibility, small file size, quick download speeds, clear imaging, and separate pages. [4]
  4. Paper – As the least expensive option, paper production may be used for physical documents or printing digital documents. Many litigants prefer to avoid paper productions because they don’t permit electronic review methods. All redactions and bates stamps must be completed manually. This may be okay for a case that involves a small amount of ESI. However, manually sorting and searching through thousands of documents is time-consuming and exhausting. Litigants who opt for this format also miss out on potentially relevant metadata. [3]

 

[1] Clinton P. Sanko and Cheryl Proctor, “The New E-Discovery Battle of the Forms,” For The Defense, 2007.

[2] “Native File,” Thomas Reuters Practical Law.

[3] Farrell Pritz P.C. “In What Format Should I Make My Production? And, Does Format Matter?” All About eDiscovery, May 30, 2019.

[4] “PDF vs. TIFF,” eDiscovery Navigator, February 13, 2007.