Defensible Disposal and Predictive Coding Reduces (?) eDiscovery by 65%


Following Judge Peck’s decision on predictive coding in February of 2012, yet another Judge has gone in the same direction. In Global Aerospace Inc., et al, v. Landow Aviation, L.P. dba Dulles Jet Center, et al (April 23, 2012), Judge Chamblin, a state judge in the 20th Judicial Circuit of Virginia’s Loudoun Circuit Court, wrote:

“Having heard argument with regard to the Motion of Landow Aviation Limited Partnership, Landow Aviation I, Inc., and Landow & Company Builders, Inc., pursuant to Virginia Rules of Supreme Court 4:1 (b) and (c) and 4:15, it is hereby ordered Defendants shall be allowed to proceed with the use of predictive coding for the purposes of the processing and production of electronically stored information.”

This decision was despite plaintiff’s objections the technology is not as effective as purely human review (their objections can be seen here).

This decision comes on top of a new RAND Institute for Civil Justice report which highlights a couple of important points. First, the report estimated that $0.73 of every dollar spent on eDiscovery can be attributed to the “Review” task. RAND also called out a study showing an 80% time savings in Attorney review hours when predictive coding was utilized.

This suggests that the use of predictive coding could, optimistically, reduce an organization’s eDiscovery costs by 58.4%.

The barriers to the adoption of predictive coding technology are (still):

  • Outside counsel may be slow to adopt this due to the possibility of loosing a large revenue stream
  • Outside and Internal counsel will be hesitant to rely on new technology without a track record of success
  • Additional guidance from Judges

These barriers will be overcome relatively quickly.

Let’s take this cost saving projection further. In my last blog I talked about “Defensible Disposal” or in other words, getting rid of old data not needed by the business. It is estimated the cost of review can be reduced by 50% by simply utilizing an effective Information Governance program. Utilizing the Defensible Disposal strategy brings the $0.73 of every eDiscovery review dollar down to $0.365.

Now, if predictive coding can reduce the remaining 50% of the cost of eDiscovery review by 80% as was suggested in the RAND report, between the two strategies, a total eDiscovery savings of approximately 65.7% could be achieved. To review, lets look at the math.

Starting with $0.73 of every eDiscovery dollar is attributed to the review process

Calculating a 50% saving due to Defensible Disposal brings the cost of review down to $0.365. (assuming 50% of documents to be reviewed are disposed of)

Calculating the additional 80% review savings using predictive coding we get:

$0.365 * 0.2 (1-.8) = $0.073 (total cost of review after savings from both strategies)

To finish the calculations we need to add back in the cost not related to review (processing and collection) which is $0.27

Total cost of eDiscovery = $0.073 + $0.27 = $0.343 or a savings of: $1.0 – $0.343 = 0.657 or 65.7%.

 As with any estimates…your mileage may vary, but this exercise points out the potential cost savings utilizing just two strategies, Defensible Disposal and Predictive Coding.

Advertisements

With Upcoming Legislation, Cloud Storage is Looking Brighter


Back on December 30, 2009 I blogged about how cloud storage could have a problem catching on with larger enterprises because of a lesser known provision in the Patriot Act called the National Security Letters.

Under the provisions of the Patriot Act, these National Security Letters, a form of administrative subpoena used by the United States Federal Bureau of Investigation and reportedly by other U.S. Government Agencies including the Central Intelligence Agency and the Department of Defense, can be used to require “carriers” to turn over records and data concerning individual customers (corporate customers) if asked to do so by the Federal government. The letters do not require the government to get a court order, so in effect the regulation allows the government to access that information on demand.

So the question was; how many GCs of large corporations will steer their companies away from this potential legal risk?

I have found out that the congress is working on changing how this provision of the Patriot Act can be applied to better protect organization’s data stored in the cloud.

On March 30, 2009 H.R 1800, the National Security Letters reform Act of 2009, was introduced and is currently in committee. The summary of the Bill is below:

Prohibits a national security letter (letter) (a request for information sought by the Federal Bureau of Investigation (FBI) in connection with a criminal investigation) from being issued unless the issuing official certifies specific facts providing reason to believe that the information or records sought pertain to a foreign power or agent thereof. It prohibits a letter from being issued in connection with an investigation of a U.S. person solely upon the basis of activities protected by the First Amendment to the Constitution. It prohibits: (1) a letter from containing unreasonable requirements or requiring privileged matter; or (2) disclosing to a person that the FBI has sought or obtained access to information under a letter for 30 days after receipt of the FBI’s request for such information. It authorizes judicial review for the modification or revocation of a letter. Provides limited uses of information acquired through a letter. It allows persons against whom evidence obtained from a letter is to be used to file a motion to suppress. It provides a civil cause of action for the misuse of letters. It requires the authority to issue letters to revert, five years after the enactment of this Act, to that provided by law on October 25, 2001. It requires the Attorney General to: (1) undertake minimization and destruction procedures with respect to information acquired through letters; and (2) report semiannually on the number and use of letters. It requires the disposal of wrongly acquired information. And it revises requirements relating to claims of emergency in connection with certain letters.

With these new protections (if H.R. 1800 is passed into law eventually) on how the National Security Letters can be used, I believe many of the larger organizations will embrace these new protections and speed up their adoption of cloud storage offerings.

eDiscovery ROI and ESI Archiving


The Cost of Collection:

Medium to large sized organizations are being driven to lower their overall litigation costs by bringing more of the eDiscovery processes in-house. To do this, organizations need to understand and proactively plan for the eDiscovery process. The most cost effective way to quickly lower eDiscovery costs are to prepare for the collection phase by putting in place an ESI archive to capture and manage those ESI silos that are most requested…Email, File System and SharePoint ESI.

The average cost to acquire all potentially responsive ESI from all corporate infrastructure locations including email servers, file shares, SharePoint systems, as well as from all custodian locations including desktop/laptops, local external storage devices, portable media such as USB thumb drives, CDs and DVDs in a defensible manner is between $1000 and $2000 per custodian discovered.

Realistically, the cost of eDiscovery can be reduced dramatically if your organization understands the eDiscovery process and proactively plans for it. Some areas to look at include:

  1. The number one way to reduce e-discovery expense (besides not getting sued/investigated) is having less data to collect/review
  2. Create, follow and enforce an ESI records retention policy to control legacy data including backup retention which should be in sync with the retention ESI retention policies
  3. Eliminate custodian PSTs. These little bombs are the biggest contributor to the cost of collection and review
  4. Develop and implement a litigation hold policy and have all custodians review and signoff on it
  5. For medium to large organizations, the most effective cost and risk reducer, besides reducing the amount of ESI in your organization, is to put a centrally managed ESI archive in place with centrally managed ESI retention policies. If, for example, you have an ESI archive which collects and manages your email data, file system data and your SharePoint data, the most requested ESI data types in discovery, then for those data types, you no longer have to search every custodian’s workstations, removable media, etc. A simple query of the archive will let you find, place legal holds, cull, review and export responsive ESI in a fraction of the time you normally take.

Employer’s Email Use Policy an Important Factor in Privilege


In a recent article in Law Technology News written by Anthony E. Davis titled “More Privilege Issues With Employee Email”, an interesting issue was posed: Should an employee expect that emails between themselves and their attorney be privileged when using the company’s email system?

Mr. Davis pointed to a case, Leor Exploration & Production LLC, et al., v. Aguiar, 2009 WL 3097207 (S.D. Fla.)(doc), where the court considered this question. The court cited another case, In Re Asia Global Crossing, Ltd., 322 B.R. 247, 257 (SDNY 2005), where four factors were listed:

  1. does the corporation maintain a policy banning personal or other objectionable use,
  2. does the company monitor the use of the employee’s computer or email,
  3. do third parties have a right of access to the computer or e-mails, and
  4. did the corporation notify the employee, or was the employee aware, of the use and monitoring policies?”

In this case, if the answer was yes, then the employee should have had no reasonable expectation of privacy. This highlights the need to a corporate email use policy with documented processes. If through widely disseminated policies, the company did notify the employee of potential monitoring of email and stated that the corporate email system should not be used for personal use, then attorney client privilege is hard to prove.

Companies in the U.S. need to prepare themselves for the eDiscovery process by proactively collecting ESI including employee email so that they can quickly and effectively place legal holds and query that ESI archive for eDiscovery responce.

What should companies do to better protect themselves? Obviously they should develop email use policies that plainly state the above practices and train their employees on the email use policy.

Can SharePoint be an effective eDiscovery Repository?


Microsoft positions SharePoint as a document and information sharing platform for companies. SharePoint Team Services provides templates for setting up a Web site so that workgroups can share documents, calendars, announcements, postings, host blogs and wikis among other things. SharePoint Portal Server is used to build intranet portals and share documents. The SharePoint system is a very powerful platform that will become a staple for most business entities.

One perceived problem with SharePoint adoption is that because a SharePoint system can contain so much information, some in the legal community aren’t sure if and how easy a SharePoint solution could be “discovered” and an even more important point, how data within the SharePoint system can be secured under a litigation hold.

With a little planning and an addition, a SharePoint solution can be an extremely valuable tool for your company as well as a litigation-ready eDiscovery repository.

The addition of an archive that can capture, index and secure all SharePoint data, not just the documents but everything, would remove the eDiscovery liability with a SharePoint system as well as drive down the costs and risks of eDiscovery.

eDiscovery Abuse and Backup Tapes


The eDiscovery case referenced below is a prime example of the how email server backup tapes are still a major target in Discovery and can be extremely costly to produce. When asked to discover two email server backup tapes, the defendants strongly opposed and indicated that searching the two tapes would cost more than $600,000.

Now I find this to “cost” to be beyond the realm of common sense. There are many federal civil cases that have established the cost of backup tape restoration to be between $2300 and $4500 per tape.

The main points to consider here is that backup tapes are discoverable and therefore subject to a litigation hold and backup tapes are expensive to discover. If you were to have an ESI archive, and applied a backup tape recycling policy that is shorter than your ESI archive retention policy, than your backup tapes would almost never be asked for in discovery.

Finding Defendants’ Behavior “a Textbook Case of Discovery Abuse,” Court Orders $1,022,700 in Monetary Sanctions

From eDiscoverylaw.com

In this constructive transfer and fraud case arising out of the 2003 bankruptcy of Magnatrax Corporation, plaintiff alleged numerous discovery abuses on the part of defendants and sought sanctions accordingly. Among the abuses described were several allegations related to defendants’ failure to produce information stored on backup tapes, even upon being ordered to do so, and other various and related misdeeds. Calling defendants actions a “textbook case of discovery abuse,” the court found in favor of plaintiff but declined to strike defendants’ answer, as requested, and ordered defendants to pay plaintiff $1,022,700 in monetary sanctions.

In his motion for sanctions, the plaintiff established six categories of alleged discovery abuses, including the category “electronic or email discovery.” Details of the alleged discovery abuses in this category revolved around the question of defendants’ obligation to restore and produce responsive information stored on backup tapes. The question arose in light of the notable lack of email identified as responsive following defendants’ initial search of their electronic systems and in light of another party’s production of emails that should also have been produced by defendants, but were not. Defendants explained that the emails were likely stored on email backup tapes. Defendants further indicated their belief that they were not required to bear the burden and expense of restoring and searching the tapes but agreed to consider such action if plaintiff would pay.

Addressing plaintiff’s allegations surrounding the backup tapes, the court indicated its understanding of defendants’ initial refusal to produce electronic discovery from its backup tapes, but went on to condemn defendants’ subsequent behavior including their “blatant misrepresentations about the value of e-mail discovery in this case in an effort to influence the court’s ruling…and for behaving as if they, and not the court, got to decide what…was relevant…and what was not.”

Read the entire case description at eDiscoverylaw.com

Courts Smack Down Lack of Coherent Retention Policy


An interesting court decision just appeared that highlights several eDiscovery questions that I have heard in the past raised by corporate counsel. The case in question is Phillip M. Adams & Assoc., LLC v. Dell, Inc., 2009 WL 910801 (D. Utah Mar. 30, 2009) and highlights several points having to do with when notice of litigation is received, litigation hold responsibilities and records retention policies.

The first question addressed by the court was when was the defendants responsibility to start securing potentially responsive records triggered. The defendant argued that their duty to preserve started in 2005 when they received notice of litigation.  Instead, the court determined that the duty to preserve arose “in the 1999-2000 environment” in which multiple lawsuits related to the technology were ongoing. A notice of litigation does not have to be received to trigger your responsibility to preserve.

The second question that the court addressed was that of “Safe Harbor”. The defendant argued that it should find safe harbor against sanctions because of the rule providing protection against sanctions where electronically stored information is lost as the result of the “routine, good faith operation of an electronic information system.” The court disagreed, noting the absence of evidence supporting the assertion of reasonableness or good faith in ASUS’ document management and highlighting the reliance on individual employees.

The court noted: [U]tilizing a system of record-keeping which conceals rather than discloses relevant records, or makes it unduly difficult to identify or locate them, [renders] the production of the documents an excessively burdensome and costly expedition. To allow a defendant whose business generates massive records to frustrate discovery by creating an inadequate filing system, and then claiming undue burden, would defeat the purposes of the discovery rules.

Relying on employees “good faith” to do the right thing with records usually will not meet the “Safe Harbor” requirement. Many judges and attorneys now believe an archiving system that meets these requirements is a requirement for the “Safe Harbor” defense.

The third question addressed by the court was that of the defendant’s retention policies. The court noted: “An organization should have reasonable policies and procedures for managing its information and records.” [Citation omitted.] “The absence of a coherent document retention policy” is a pertinent factor to consider when evaluating sanctions. [Citation omitted.] Information management policies are not a dark or novel art. Numerous authoritative organizations have long promulgated policy guidelines for document retention and destruction.

These days there is an expectation that an organization will have a well thought out records retention policy that is put into effect to manage the information resources of the organization, not put in place to hide or destroy information.

The lessons learned from this very important case are:

1.      The litigation hold requirement can be triggered, not just by a notice of litigation but also by actions, news stories, precedent etc.

2.      Relying on a “Good Faith” manual process for ESI records retention can be a risky practice. The expectation of automation to assist or manage the records retention process  is becoming real.

3.      An organization needs to create and enforce records retention policies that make sense for the business as well as allows them to meet their legal requirements.

This case decision can be viewed at eDiscoverylaw.com: http://www.ediscoverylaw.com/2009/04/articles/case-summaries/reliance-on-employees-judgment-in-document-retention-policy-results-in-finding-of-culpability-for-spoliation-where-documents-were-not-preserved/