Custodial Self-Discovery and Common Sense


The eDiscoveryJournal, recently ran an article about desktop collection for eDiscovery and mentioned the case of Roffe v Eagle Rock, a case involving custodial self-discovery and expectations from the Judge. The transcript from the conversation between the Judge and both parties of the case can be seen here.

This transcript is interesting in that the judge clearly explains his (and most judges) expectations of the discovery process especially in dealing with custodian’s email accounts and personal computers. In the exchange, one of the defendant’s attorneys explains that he has received some potentially responsive emails from the defendants and is still waiting for some more. To clarify, the Judge asks;

Am I correct that you have been relying on, for the other two committee members, what they self-selected to put in their transaction files, in terms of what you obtained and produced?

The defense attorney answers;

That’s correct, your Honor. I was told that they uniformly would put all of their Eagle Rock e-mails into that folder. I have not checked, and I don’t know whether that is true or whether that is accurate. I believe they are telling the truth, but I don’t know if that is accurate.

In the defense attorney’s answer it becomes obvious that he is relying on the defendants to find and turnover all responsive emails to him and that he has not done any supervisory direction or auditing of the discovery process.

The Judge immediately responds to the defense attorney;

Then here is my ruling. This is not satisfactory. From what you have described to me, you are not doing what you should be doing. First of all, you do not rely on a defendant to search their own e-mail system. Okay? There needs to be a lawyer who goes and makes sure the collection is done properly. So both as to the two directors who already have produced — we don’t rely on people who are defendants to decide what documents are responsive, at least not in this Court. And you certainly need to put somebody on a plane to go out and see Mr. Smith.

So the question for me would be, one, how fast can you do this right? And that means not only the e-mails from Mr. Smith. As I say, somebody should have been on a plane a long time ago to go through his e-mails. And if he chose to use his personal computer, well, that was his bad choice. All right? And if he has it mixed in other stuff that he gets, 150 e-mails a day, or whatever, that was his bad choice. That makes it all the more essential that a lawyer get on a plane, and go and sit down with Mr. Smith, and go through his e-mail and make sure that what is produced is — what is responsive is appropriately produced. And whoever it is better check his auto-delete settings, and they had better find out if these things have been auto-deleting every 30 days or 60 days or 90 days, and they better think through, as somebody properly should have done, whether there needs to be some type of, again, image and forensic check, to make sure that something hasn’t been lost in what sounds to me to be a lackadaisical, unsatisfactory process.

In this exchange, the Judge clearly states; we don’t rely on people who are defendants to decide what documents are responsive. Custodial self-discovery is like the wolf guarding the chicken coop. So for large matters with many custodians with potentially responsive ESI, what can an organization do?

First, the defense attorney should be overseeing the discovery process to ensure it is accomplished correctly. In most courts, the attorney has to certify that the discovery process was done correctly and what attorney wants to do that if they didn’t really manage it?

Second, relying on defendants to find and turn over potentially responsive ESI can be problematic. Most of them will attempt to do what’s right, to the best of their understanding. Those few that could have something to hide may find ways to do a subpar job in the discovery process. If I am the opposing counsel, I am going to want to know if self discovery was relied on. There are a couple of ways to accomplish a custodian-centric discovery. You can image all custodians workstations etc and filter the images for responsive ESI. You can conduct one on one interview with custodians and run search applications on their workstations. Both of these processes are expensive and time consuming.

Backups are an effective eDiscovery resource, if it’s the right backup


I have always been told relying on backups for eDiscovery purposes is a costly and time consuming mistake.

Searching through backup tapes or even a disk-based backup for eDiscovery is difficult. Imagine restoring 22 200 GB backup tapes of your employee workstations and

Consider an eDiscovery request which asks for any files on 73 custodian workstations which contain the terms “Mimosa” and “Iron Mountain” that were created or accessed between Feb 19 2008 and June 3 2010, all the while meeting a 30 day deadline from the court to produce. How would you quickly determine what if any responsive content exists on those 73 custodians laptops/desktops?

The scenario I laid out above is not a corner-case, made-up situation. I have seen this many times. Many of you will recognize a situation very close to this.

Now consider one additional requirement to the above scenario… you must insure any responsive ESI on those workstations are secure and not deleted (litigation hold) by the custodian starting right now.

Active content on custodian workstations and laptops is the single biggest risk when facing litigation hold and eDiscovery responsibilities for most organizations. The usual processes most organizations follow for custodian resource collection is either:

  1. Custodian led collection: the organizations legal department sends out a detailed email to all custodians’ involved asking them to search for specific content on their system (including any PSTs) and forward any results to the legal department. Many opposing counsel’s have a problem with this process

or

  1. The legal department creates collection teams which consist of a legal department employee and an IT employee to visit each custodian’s workspace to look for responsive ESI, usually including the imaging of the custodian’s hard disks. This imaging of the custodian’s hard disk takes hours and then has to be filtered somewhere else to look for responsive content.

What if you could utilize your centrally managed custodian workstation/laptop backup process for eDiscovery purposes?

Iron Mountain has addressed this major eDiscovery risk and cost with its newly announced Connected® Classify & Collect, a solution which simplifies the collection process for distributed PC ESI to comply with a legal hold request as well as discovery. The Connected Classify & Collect offering helps businesses to quickly find relevant data on laptop and desktop computers to meet litigation and compliance requirements.

The Connected® Classify & Collect offering makes laptop and desktop data easily visible, searchable and usable. It also protects data and prevents accidental deletion to support eDiscovery or internal investigations. Its enterprise-class data-classification capabilities give administrators visibility into vast amounts of data stored on enterprise PCs and allow them to lower eDiscovery costs by quickly collecting relevant information to be used for early-case assessments and first-pass reviews.

An interesting twist to this capability is the fact that even if the custodian is disconnected from the network, Classify & Collect can discover against the existing centrally managed backup of each custodian’s workstation or laptop. The next time the custodian connects to the network, additional searching will be accomplished automatically in the background on the custodian laptop.

Additionally, the Connected Classify & Collect offering helps businesses establish a thorough and defensible collection process with its ability to track all activities, including the search terms and documents returned to support internal reviews.