by Greg Behan, Esq.
“Once a new technology rolls over you, if you’re not part of the steamroller, you’re part of the road.” -Stewart Brand-
The information substructure of society—the way information is captured, shared, and communicated[i]—is evolving at an exponential rate and most institutions are not prepared to adapt to this rate of change. Realistically, who can blame them when the annual data volume generated by U.S. corporations is enough material to fill 10,000 Libraries of Congress?[ii] Just to put that statistic into perspective, the Library of Congress is the largest library in the world and contains 838 miles of bookshelves.[iii]
Generally, Moore’s Law describes how the processing power of hardware has exponentially increased every 18 months since the creation of the integrated circuit in 1958.[i] However, only recently have technologies evolved that enable us to make sense of the huge data volumes generated by this processing power without the necessity of hiring armies of human beings to manually review and categorize this information. Richard Susskind describes this phenomenon as Technology Lag, the difference between data processing and knowledge processing - the ability to make and move data vs. the ability to analyze and interpret it.[ii]
The data revolution in the legal industry is barely getting started, and already the Technology Lag is rapidly shrinking. Technology has disrupted nearly every industry, making many professions obsolete (think travel agents, telephone operators, and photographic lab technicians), and lawyers are not immune to this disruption. I’m a member of Generation X and even though I owned a computer when I started my first job as an Assistant Prosecutor, I was handed a Dictaphone (yes, I know) by an older colleague to dictate motions for transcription.
After I stopped practicing criminal law, I moved to Washington, D.C. and began working on large document reviews, some with hundreds of lawyers per case. As the review technology improved, and the technicians implementing it began to unlock the functionality of the software, the giant rooms filled with lawyers coding documents began to shrink. Within a few years a review project that once needed 400 lawyers could be performed with the labor of only 50. Today, the same type of complex project requires just a handful of lawyers/Subject Matter Experts (SMEs) and a sharp technician that understands and can leverage the power of the software. At this rate of advancement, what might we expect just a few short years from now?
Technology Assisted Review (TAR) will redefine the rules of discovery, the law firm business model, and even the nature of evidence itself in ways we will be unable to predict. While this technology has been around for several years, demand for it is starting to grow and soon we will see more cases related to its use and implementation. Lawyers are wired to rely on the past for guidance in the formulation of legal arguments based on precedent. This mentality can be limiting because there are no legal insights from the past that are capable of accommodating the emergence of machine / human legal determinations. This is uncharted territory and we are likely to see the momentum for adoption oscillate between skepticism and acceptance. Ultimately, the technology will be adopted widely and the firms who get there first will have an advantage with their clients in the 21st century legal market.
So, ask yourself this – are you familiar with these terms: Probability Theory, Statistical Sampling, Overturns, and Feedback mechanisms? If not, you may be “part of the road”…
 Susskin, Richard. The End of Lawyers, Rethinking the Nature of Legal Services. Oxford: Oxford University Press, 2008. Digital print.
 Susskin, Richard. The End of Lawyers, Rethinking the Nature of Legal Services. Oxford: Oxford University Press, 2008. Digital print.
TERIS Director and ESI Consultant Alexander Lubarsky will be speaking at the upcoming California Judicial Attorneys Conference May 28-29, 2013 in Santa Clara, CA. This event serves as an annual retreat for District Court and Supreme Court Justices with their research attorneys. Mr. Lubarsky’s topic will be "Electronic Evidence: The Wave Is Coming—Ride It Or Wipe Out."
Judges and Justices of the California Supreme Court will also be presenting at the conference, as well as professors of law and other attorneys. Additional topics covered will include “Brain Scans in Criminal Cases: Possible Uses”, “Ethics for Judicial Attorneys”, and much more.
Mr. Lubarsky’s course will cover an introduction to issues in the discovery of electronically stored information (ESI) in civil litigation under California’s Electronic Discovery Act (Code Civ. Proc. Sec. 1985.8) and the admissibility of electronic evidence in civil and criminal cases.
Mr. Lubarsky is the co-founder of Community Legal Centers as has litigated hundreds of matters, from deportation defense, criminal defense, civil and
bankruptcy. He is also a member of the California State Bar Solo Section Executive Committee and the San Francisco Bar Association Judicial Selection Committee.
TERIS was the only ESI vendor selected to present to the Appellate and Supreme Courts in California.
It's no secret that the use of social media has skyrocketed. In 2012, according to Burson-Marsteller, eighty-seven percent of Fortune Global 100 companies used some form of social media. In 2009, more communications occurred via social networking sites than e-mail.
Increased use has created a plethora of information that quickly has become a highly-desired source for discovery. Gartner predicts that “[b]y the end of 2013, half of all companies will have been asked to produce material from social media websites for e-discovery.”
With respect to admissibility, social media information is treated the same as other forms of electronically-stored information. Among other factors, it must be authenticated and relevant.
Authentication of Social Media Data
Authenticating social media evidence raises particular issues; including false profiles, account hacking and “Photoshopping.” These issues may be offset by the electronic footprints inevitably left by social media users, however. Forensic examination of devices or corroboration by social media sites may provide a panoply of authenticating data points; including identifying the location of the post, the device or application from which the post was made, timestamps, user IDs, handles, usernames of re-posters, account IDs, recipients of a post and associated links. Key to this inquiry is engaging a partner who can provide the necessary forensic support.
Discoverability of Social Media Data
It is now well-established that social media data may be discoverable if it is relevant. If a user shares information publicly, e.g., via public postings or prior disclosure; it may be discoverable. On the other hand, private messages that are made on a social media site may be protected. Courts diverge on the scope and manner of disclosure.
In Crispin v. Christian Audigier Inc., 2010 U.S. Dist. Lexis 52832 (C.D. Cal. May 26, 2010), the court noted the distinction between private messages and postings and comments on a “wall”. Here, the court protected private e-mail messages made via Facebook and MySpace, because the Stored Communications Act, part of the Electronic Communications Privacy Act of 1986, applied. But the court remanded the issue of whether the user’s privacy settings made his postings and comments “public” and accordingly not shielded by the Stored Communications Act.
In EEOC v. Simply Storage Mgmt.., LLC, 270 F.R.D. 430 (S.D. Ind. May 2010), the court pointed out that the users’ expectation of privacy in using their Facebook and MySpace accounts did not protect communications made via those sites from discovery. The court noted that the users had “already shared” the information at issue. The court ordered production of the following communications relevant to the case: “any profiles, postings, or messages (including status updates, wall comments, causes joined, groups joined, activity streams, blog entries) and SNS [social networking sites] applications for claimants . . . .”
Preparation for Discovery
With social media data on the rise, corporations and counsel should take steps to address and prepare for certain unique issues:
Act early -- users constantly update and change data as well as privacy settings.
Determine whether relevant information resides on social media sites, weighing the costs of obtaining such information.
Use discovery requests to determine all social media sites used by the opposing party and request all relevant postings and messages.
Consider the steps necessary to authenticate the requested information, including engaging a trusted partner to provide forensic support.
Engage a trusted partner who can preserve, collect, review and produce the information in a defensible manner.
TERIS partner Nuix, and EDRM, the leading standards organization for the eDiscovery and information governance market, announced yesterday that they republished the EDRM Enron PST Data Set after cleansing it of private, health and personal financial information. Nuix and EDRM have also published the methodology Nuix's staff used to identify and remove more than 10,000 high-risk items at nuix.com/enron.
The EDRM Enron data set is an industry-standard collection of email data that the legal profession has used for many years for electronic discovery training and testing. It was sourced from the Federal Energy Regulatory Commission's investigation into collapsed energy firm Enron. In early 2012, the EDRM Enron PST Data Set and the EDRM Enron Data Set v2 became an Amazon Web Services Public Data Set, making them a valuable public resource for researchers across a variety of disciplines.
"Recently, we have been working closely with Nuix to cleanse the data set of private information about the company's former employees and make the cleansed data set readily available to the community," said George Socha and Tom Gelbmann, co-founders of EDRM. "These efforts help to protect the privacy of hundreds of individuals and we encourage anyone who finds private data that we did not remove to notify us."
Using a series of investigative workflows on the EDRM Enron PST Data Set, Nuix consultants Matthew Westwood-Hill and Ady Cassidy identified more than 10,000 items including:
60 items containing credit card numbers, including departmental contact lists that each contained hundreds of individual credit cards
572 containing Social Security or other national identity numbers—thousands of individuals' identity numbers in total
292 containing individuals' dates of birth
532 containing information of a highly personal nature such as medical or legal matters.
Many items contained multiple instances and types of information. This included departmental contact list spreadsheets with dates of birth, credit card numbers, Social Security numbers, home addresses and other private details of dozens of staff members.
The investigative team also clearly demonstrated that these items did not stay within the Enron firewall. For example, some staff emailed "convenience copies" of documents containing private data to their personal addresses.
"Nuix and our partners have conducted sweeps for private and credit card data for dozens of corporate customers and we are yet to encounter a data set that did not include some inappropriately stored personal, financial or health information," said Eddie Sheehy, CEO of Nuix. "The increasing burden of privacy and data breach regulations, combined with the strict requirements of credit card companies, make this an unacceptable business risk.
"Using the methodology we are publishing alongside the cleansed EDRM Enron data, organizations can identify private and financial data, find out if it has been emailed outside the firewall and take immediate steps to remediate the risks involved."
Nuix is currently applying the same methodology to the EDRM Enron Data Set v2, which it will also republish at nuix.com/enron.
Nuix will host a Twitter chat to discuss the release of the cleansed EDRM Enron PST Data Set on Thursday, May 23rd 2pm – 3pm ET. Nuix experts will describe the process of identifying unsecured financial, health and personally identifiable information in corporate data. Follow the hashtag #NuixChat and send in your questions beforehand to @nuix.
Download the latest TERIS white paper:
By Alexander Lubarsky, Esq.
Just when we thought that we were beginning to grow familiar with the 2009 Electronic Discovery Act, the State of California had to go and promulgate some new rules pertaining to ESI to keep us E-Disco dancers moving to that changing beat.
On January 1, several new changes went into effect for the California Code of Civil Procedure. The approved amendments address the production and discovery of ESI (electronically stored information) and protections for privileged communications. Understanding these important changes is critical to ensuring best practices for in-house counsel, and effective collaboration with outside counsel. Furthermore, having a firm grasp of the new rules always makes one appear more prepared and persuasive before the judge at a status conference or when arguing a motion - and similarly allows the ESI-rule-enlightened counsel to present himself or herself as a more fearsome adversary at the California EDA required Rule 3.724 meet and confer/status conference.
In California, it has long been the standard practice to maintain a log of all privileged documents. Although many California courts have requested production of this privilege log, the new additions to the Code of Civil Procedure now require that these logs be maintained and produced by law. Additionally, if an objection to the claim of privilege is filed, the withholding party must supply sufficient proof that the claims are merited.
The question of what constitutes “sufficient factual information” remains unanswered by California case law. However, a privilege log may be able to fulfill this requirement, according to the recent amendment.
ESI: Production and Discovery
Modern business practices call for new legislative changes; the old guidelines relating to physical documentation are insufficient to address the many issues that arise when handling electronically stored information. To this end, several provisions of California’s Code of Civil Procedure were amended specifically to address the production and discovery of ESI.
ESI now falls under the scope of items that must be produced upon subpoena. Previously, only physical items were bound by these laws. This marks a dramatic shift for future litigation; subpoenas may now request access to databases and computers in order to retrieve relevant ESI.
The new amendments also provide guidelines for objections if the source material were not reasonably accessible, or if responding to such a subpoena would cause undue cost burdens. In this case, the court may order evidence production and allocate the expenses to the requesting party.
Also, while the court has always been allowed the order of sanctions for parties who fail to comply with these discovery requests, the new amendments specify that sanctions cannot be issued for failure to produce ESI if the data in question has been altered, overwritten, damaged or lost due to routine maintenance when operating in good faith.
A court generally has the discretion to issue sanctions for the failure to comply with discovery requests. Under the new amendments, however, a court may not issue sanctions for the failure to produce electronically stored information that has been lost, damaged, altered or overwritten as the result of routine, good faith operation of an electronic information system.
Although it’s taken six years for them to catch up, California’s updated Civil Procedures now more closely mirror the Federal Rules of Civil Procedure. A new appreciation for the central role of ESI both in daily operations and during litigation is establishing new precedents for future legal proceedings.
TERIS has the tools and experience needed to create Privilege Logs, utilizing customized review tools to automate the process that meet the requirements of California’s State and Federal rules.
In March 2013, an analyst and data company called 451 Research released a report on eDiscovery practices. This report surveyed 2,320 respondents who represented a combination of large, small, and midsized organizations. The report covered such areas as enterprise IT, asking tough questions about how these businesses approach the access, management, and retention of their data.
The 451 Research report states that less than half of the study respondents believed that information management was important for their enterprise. In general, larger organizations felt more strongly about managing their data properly compared to smaller companies. Only 32% of respondents who were in senior management felt a need for clear information management strategies, while over half of the respondents who were IT staff felt that setting up these strategies were important. With senior management, rather than IT staff, making the financial decisions about internal developments, the numbers indicated that future investment in information governance among those particular organizations was unlikely.
A survey conducted by AIIM (Association for Information and Image Management) specifically on information governance, reports that 31% of their respondents reported having problems with audits, regulating bodies, and courts due to issues with poor data storage and organization. Rather than taking a look at making existing processes more efficient, over a quarter of those surveyed reported that they just bought additional storage in response to increased data management needs. In addition, one-third of the surveyed enterprises said that 90% of their current IT expenditures are not adding value to their business.
The AIIM survey respondents also stated that most of their employees are likely to have multiple copies of files and emails across their devices (mobile, laptop, and desktop), and yet 12% of respondents still lack any official archiving policy for company emails. Companies, who do have these types of policies already in place, are often still conducting eDiscovery searches manually in the event of litigation. Many businesses have yet to implement official information governance policies, while those who do have them are not enforcing them, and/or are not training their staff to follow the new guidelines.
The 451 Research report respondents added that social media and the greater variety of types of data companies use today are making eDiscovery considerations much more complicated than previously. AIIM reports that 42% of their respondents are actually seeing increases in terms of physical paperwork, rather than moving toward paperless operations. Additionally, those surveyed are reluctant to move away from paper records and aren’t quite ready to trust the security of their record storage to cloud services providers.
To read more about Information Governance, download our most recent white paper: Information Governance: Managing Risks & Rewards.
Implementing an effective information governance strategy is one of the ways an enterprise can help protect itself against potential litigation. And yet, according to some recent surveys, many organizations remain either ignorant or unwilling to adopt a wide-reaching internal information governance strategy.
Download our newest white paper and learn important tips and developments in this area, including:
- How to reduce risks
- eDiscovery responsibilities
- Social media guidelines
- Key court case studies
- Future implications
Although it’s tempting to brush this responsibility ‘under the rug,' failing to assess your information governance needs appropriately can lead to liabilities, sanctions, and significant and costly penalties.
Click below to download your free copy today!
The Rules of Court, Black Letter law and 2013 Case Law pertaining to the electronic discovery landscape have evolved and changed at a lightning pace.
TERIS' latest CLE approved (general and ethics) seminar New & Newer Rules: Pertaining to eDiscovery in California is coming up next Thursday, May 16th, 2013 in Palo Alto, CA. This seminar will explain and analyze both the recent mandatory procedures as well as best practices so that the attorney or paralegal charged with navigating the electronic discovery process will remain compliant. TERIS' own Alexander H. Lubarsky, LL.M., Esq., will be speaking at the event.
Date: Thursday, May 16, 2013
Location: 2455 Faber Place, Suite 200, Palo Alto, California
Complimentary Wine & Cheese
Register online here!
By doing your research upfront, you can deal with e-discovery without breaking your budget. There are a number of ways that you can cut costs and avoid significant financial set back. Below are nine tips that can help you save money - while still meeting all of your e-discovery needs and responsibilities.
- Streamline your e-discovery operations.
- Pare your procedures down to what is absolutely necessary. Sometimes with e-discovery, services or products might appear necessary initially, but prove to be superfluous upon more closely looking into the process.
- Become familiar with your options
- To find the most effective ways of handling ESI and electronic discovery procedures, you should familiarize yourself with the technology and processes available. You can acquire this familiarity by browsing through Internet articles on the subject, following blogs, and perusing the websites of service and product providers.
- Consult experts
- In the long run, it might prove better to seek the advice and expertise of a professional rather than taking the risk by handling e-discovery matters yourself. You could find that you've overlooked a particular electronic discovery need or that you've purchased a piece of software or equipment that doesn't properly meet your needs.
- Understand the process and how it relates to your needs.
- This is another aspect of electronic discovery that often takes a lot of research. Knowing the e-discovery process and applying it to your unique situation will help you make more informed decisions when purchasing services and/or solutions.
- Divide and conquer
- Leverage the combined knowledge of your firm by holding a meeting to deal with the electronic discovery issues at hand. Assign stakeholders research duties into particular solutions and products, become knowledgable and share the knowledge among the team.
- Keep up with the news and note electronic discovery changes
- Electronic discovery and ESI are still somewhat new and developing procedures, and rulings and regulations regarding electronic discovery are still changing on a regular basis. If you want to minimize your electronic discovery costs, it is imperative that you are aware of any new development in electronic discovery so you can discontinue a function if you no longer are responsible for it.
- Listen to your IT staff
- The team who best understands electronic discovery and the demands it places on your firm might just be your IT staff. They will be familiar with searching for data in your firm's computers and they will be able to critique a package of e-discovery software on its merits and flaws.
- Determine the best production format for your situation
- When you are in position to dictate the production format, consider which is best. You may be most familiar with one to two types of formats – but there are other options that can result in efficiencies and savings.. Weigh the pros against the cons and go with the option that gives you an advantage.
Although electronic discovery can place a burden on a firm, there are many ways to reduce costs and simplify the process. Being vigilant and putting sufficient time and effort into researching the possibilities can help you find affordable and practical electronic discovery solutions. The tips explained above are just some basic ways to save time and money in electronic discovery – but there are obviously many others.
Make no mistake, today’s e-discovery environment is complex and rapidly evolving. Without the right vendor, performing e-discovery services can be a costly and risky venture. But partnering with a trusted, sophisticated litigation support provider that specializes in e-discovery services can turn a risky venture into a smooth process.
Change Is the only Constant: Don’t Be Left Behind.
The e-discovery market is constantly changing. Every year, there is a new a class of e-discovery technology focused on addressing some section of the EDRM. These technologies can become outdated quickly. Case in point, judges have accepted technology-assisted review of data only recently. See Da Silva Moore v. Publicis Groupe, Civ. No. 11-1279 (ALC)(AJP), 2012 WL 607412 (S.D.N.Y. Feb. 24, 2012); Global Aerospace, Inc. v. Landow Aviation, L.P., Case No. CL 61040 (Vir. Cir. Ct. April 23, 2012); In re Actos (Pioglitazone) Prods. Liab. Litig., 2012 WL 3899669 (W.D.La. July 30, 2012). But it is anticipated to become the norm quickly in 2013.
Invest in an expensive limited solution in-house, you may end up with quickly outdated and unsupported technologies. Partner with an e-discovery vendor who uses cutting-edge e-discovery technology and knows the ins and outs of e-discovery services, save your capital investment and the time and effort otherwise spent in constantly trying to optimize it.
In-Sourcing May Be Inefficient and Expensive.
In-sourcing expenses add up quickly. Starting an in-house e-discovery department includes the time and expense of finding, training and attempting to keep qualified employees; purchasing or leasing equipment and consistently updating your chosen e-discovery tool -- not to mention spending a considerable amount to license it. You also will need to improve your equipment to keep pace with the latest e-discovery technology requirements. All this for a service you may not even use on a consistent basis.
With outsourcing, you only pay for e-discovery services when you need them. Moreover, vendors offer alternative fee arrangements that may help keep down litigation costs.
It should be noted that a majority of law firms and corporations, at the very least, outsource data hosting. With its concomitant installation, maintenance and security issues; firms do not have the bandwidth nor the resources to deal with the hassles of data hosting.
Outsourcing Leverages E-Discovery Expertise . . .
E-discovery services are technical and require expertise and know how. At a trusted vendor, highly-skilled e-discovery specialists perform e-discovery work every day and have seen and solved the gamut of e-discovery issues. Last year, most e-discovery sanction cases resulted from corporations committing errors resulting from their inability to deal with voluminous data. A sophisticated vendor is an expert in dealing with large volumes and has established workflow and protocols in place to avoid such costly errors.
Centralized discovery management also provides the benefit of reducing the errors and costs typically associated with transmitting data.
. . . And Robust Security.
At this year’s LegalTech conference, an expert in law firm data security noted that “law firms are the soft underbelly” to their clients’ data. He explained that cyber-criminals do not even dispatch their best to hack into law firm data. Evan Koblentz, “LegalTech Day One: Relativity 8, Statistical Sampling, Law Firm Security,” Law Technology News, January 30, 2013, http://www.law.com/jsp/lawtechnologynews/PubArticleLTN.jsp?id=1202586212889&thepage=3. Firms may minimize the risk of compromising their clients’ sensitive data by partnering with a vendor who employs a rigorous data security protocol that has been audited and certified by a recognized independent third party.
Such a trusted vendor, with its expertise, efficiency and security, may ease navigation of a constantly changing data world.