By Julia Romero Peter
VP of Business Development, TERIS
If you have had any exposure to eDiscovery and the wonderful world of all things ESI, you are probably wondering if there is a secret dictionary or handbook out there to help you navigate the jargon – especially since this industry seems to use more acronyms and catch phrases than the Feds do! So today, I will humbly attempt to shed some light on a few of them for you.
ESI - Electronically Stored Information
Albeit, this is an easy one, but at least admit that at first you wondered...
ESI is used to refer to all information or data found in computers, tablets, mobile phones, servers, the cloud, social media sites, etc. (Basically, it refers to anything stored digitally that may need to be processed, hosted, and reviewed.)
ECA - Early Case Assessment
This is by far one of the most overused and under-defined terms in our repertoire, though you don’t have to go far to find a variety of definitions. For example:
At the LegalTech NY 2010 conference, the panel defined ECA as “the implementation of litigation analysis and management protocol that provides for the assembly and review of appropriate information on an expedited basis (30‐90 days) in order to provide a preliminary assessment of the case and the optimal method for proceeding.” [1]
In an article in the January 2006 edition of Counsel to Counsel [2], Lawyers Eric W. Iskra and Charles L. “Chuck” Woody, of Spilman, Thomas & Battle PLLC, wrote:
“Under the ECA method, counsel take an aggressive stance, gathering information as quickly as possible to ensure the company can determine the most favorable way to resolve the case instead of simply reacting to opposing counsel. This process involves making a concerted effort to complete all the major work within the first 90 to 120 days of a lawsuit’s filing.”
In an article published in the Buffalo Business Journal [3], author Matt Chandler talked with Lisa Smith, a partner with a Buffalo-based law firm, Phillip Lytle LLP, who described ECA as a cost-benefit analysis used to determine what a successful outcome would entail for a client.
"There may be times when you can spend five years on a case and prevail at trial," she says, "but that may not be a success to your client." Smith says there are several factors that need to be considered during an early cases assessment, including deciding the ultimate goals in the case. "It front-loads the decision-making and we decide: Do we want to look at settling, arbitration or litigation?"
The ECA lifecycle includes:
-
Risk-benefit analysis
-
Preservation of information and securing legal holds on documents that may be relevant to the case
-
Collection of relevant documents/ESI for review by attorneys and experts
-
Information processing, filtering, searching, and analysis
-
Information hosting for document review, commenting, and editing by attorneys and experts
-
Producing documents for presentation to all parties involved in the case
-
Reusing any relevant information in future cases
Notwithstanding this and similar definitions and explanations in practice, ECA usually amounts to sophisticated culling, reporting, and clustering of data that is neither early nor an assessment of a case. It is nothing more than a reactive attempt to play catch-up.
In order to truly conduct an ECA with a return on investment (or ROI), you need to start the process before you collect your first gigabyte of data. ECA should occur when you are assessing whether to file or defend a suit, or immediately thereafter. Conducting your case’s assessment at this point will ensure that you not only have a defensible approach, but that you minimize eDiscovery costs across the lifecycle of the case, especially down the line when you’re conducting a document/information review.
At the end of the day, the most expensive phase of eDiscovery is attorney review. It’s simple logic: if you process less data, you will be billed less by counsel.
Processing
This is the second most overused and under-defined term in our industry. Every attorney, corporation, and service provider defines processing differently. It can include the Electronic Discovery Reference Model (EDRM), information governance, the cloud, social media, and big data.
EDRM - Electronic Discovery Reference Model
The EDRM is not the be-all and end-all of eDiscovery, but it is a good place to start. While every law firm, consultant, and ESI provider claims they follow the EDRM, few actually cover the entire EDRM, which includes:
-
Information Management
-
Identification
-
Preservation
-
Collection
-
Processing
-
Review
-
Analysis
-
Production
-
Presentation
Information Governance
Like ECA, this is another term for which there is no consistent definition – the various players define it in a manner that best suits the service they offer. I define information governance as the entire kit and caboodle relating to a company’s information/data, be it paper documents or ESI – not just document retention policies and document retention, but the true life cycle of information, which includes:
-
Hiring of the custodian
-
Assignment of data sources - mobile phone, tablet, PC/MAC, server, shares, wikis, etc.
-
Maintenance, upgrades, and backups of data sources
-
Creation and enforcement of retention policies
-
Legal holds/identification
-
Preservation
-
Collection
-
Processing
-
Review
-
Analysis
-
Production
-
Presentation
The Cloud
The origin of the term ‘cloud computing’ is a bit hazy. At a conference in 2006, Google’s Eric Schmidt referred to Google services as “belonging in a cloud somewhere,” thus putting the term ‘out there’ for the world. However, there are other references to cloud computing that date back to the 1990s, including an application made to the US Patent and Trademark Office in 1997 to protect the term as a service mark. (It was later abandoned.) [4]
The National Institute of Standards and Technology (NIST) defines cloud computing, in part, as:
“… a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” [5]
Cloud computing is not a new concept. For the past several years, this subject has come up at just about every industry conference under the sun. The fact is that the cloud is just a collection of servers…somewhere. The ‘somewhere’ is probably in an SSAE 16 SOC Type 2 facility, which is, without a doubt, a lot safer than your computer or your counsel’s.
Social Media
Dictionary.com defines social media as “web sites and other online means of communication that are used by large groups of people to share information and to develop social and professional contacts: Many businesses are utilizing social media to generate sales.” [6]
I believe that any litigator who ignores social media is neglecting a goldmine of information, and this is especially true for employment cases. Most individuals really have no censor and post just about everything on social media sites, and not just the obvious sites like Facebook and Twitter. There are hundreds, if not thousands, of sites where members share information such as Waze, Words with Friends, Scramble, Foursquare, etc. Many of these sites include geotags and other useful information.
Do NOT neglect this source of ESI. It is easy to collect and review; and can potentially change the outcome of a case.
Big Data
Big data is a relatively new term. It need not send you running for the tools, but it does take planning and some capital expenditures to tackle.
According to IBM, “every day, we create 2.5 quintillion bytes of data — so much that 90% of the data in the world today has been created in the last two years alone. This data comes from everywhere: sensors used to gather climate information, posts to social media sites, digital pictures and videos, purchase transaction records, and cell phone GPS signals to name a few. This data is big data.” [7]
Basically, the archiving and data management tools built in the 1990s and earlier 2000s can no longer adequately house the data sizes of larger corporations. When your data size is in the petabytes, solutions tend to be bogged down. You could either pay for another solution or execute a well-planned and developed information governance protocol that includes the remediation of data outside legal holds and applicable retention periods. We recommend the latter.
So there you have it. When deconstructed, ESI lingo isn’t nearly as mysterious as it sounds, though like all technologies, it has the annoying tendency to spawn vague jargon.
[1] “Legal Tech NY 2010: Early Case Assessment — how far left can you go?” http://www.theposselist.com/2010/02/09/from-legal-tech-ny-2010-early-case-assessment-how-far-left-can-you-go/
[2] Early Case Assessment, Counsel to Counsel, January 2006, pp. 9 http://www.martindale.com/pdf/c2c/magazine/2006_Jan/C2C0106_BP_Spilman.pdf
[3] Early case assessment can save time and money, by Matt Chandler, Buffalo Business First, March 31, 2008, http://www.bizjournals.com/buffalo/stories/2008/03/31/focus8.html?page=all
[4] United States Patent and Trademark Office Trademark Status & Document Retrieval http://tsdr.uspto.gov/#caseNumber=75291765&caseType=SERIAL_NO&searchType=statusSearch
[5] The NIST Definition of Cloud Computing http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf
[6] http://dictionary.reference.com/browse/social+media
[7] What is big data? http://www-01.ibm.com/software/data/bigdata/
The increasing popularity of cloud services and storage is making eDiscovery tricky - and expensive. Utilizing third-party data centers for storage doesn’t mean organizations are off the hook to provide information. It does mean, however, that retrieving that data often gets a lot more complicated. Here are seven ways in which cloud computing and electronic discovery are impacting each other.
1. Accessibility Challenges
With a growing number of private customers and companies storing sensitive data in the cloud, the problems associated with accessing or retrieving those digital records have become a real issue. If the cloud service provider lacks the proper backup records, or isn’t able to easily comply with the request for data retrieval, the time and effort needed to extract that data will increase exponentially.
2. Changing Estimates
The promotion of cloud storage as a faster, easier solution for keeping data secure has given rise to the incorrect assumption that getting data out of the cloud is just as easy as the initial upload process. This isn’t necessarily true, especially with regard to legal proceedings. With looming deadlines for the delivery of pertinent information, companies too often underestimate how long it will take to retrieve evidence.
3. Missing Permissions
When corporate data is hosted by cloud service providers who operate with consumer-grade services, permissions problems soon appear. Many users are accessing the cloud without the knowledge or consent of their IT team, let alone their corporate counsel. This leaves businesses vulnerable due to the individuals’ ignorance of eDiscovery compliance requirements.
4. Terms of Service
Every cloud service provider has an extensive set of terms and conditions its users must abide by. Although these may be perfectly adequate for daily operations, such guidelines often fail to support eDiscovery requirements that are common at the enterprise level.
5. Lack of Accountability
Data can’t be collected if its existence isn’t recorded anywhere, and many cloud storage providers fail to keep detailed log records indicating when and where actions occurred. Without the ability to track these actions, companies may remain unaware of the use of external cloud sources, especially by employees who are no longer with the company. This renders information undiscoverable.
6. Policy Changes
With the increase in company use of cloud storage, it’s clear that vendor policies must shift to address potential eDiscovery needs. The definitions for requiring electronically-stored information to be collected and preserved in a defensible manner have not changed, regardless of whether data is stored with a third party provider.
7. Adapting
Adjustments in the way cloud storage is handled are taking place from the ground up, as service providers begin incorporating eDiscovery requirements into their infrastructure. Even offshore data centers are not exempt from discovery.
Although cloud service providers may not have specific metrics in place which address the requirements of discovery, this is no reason for companies to absolve themselves of responsibility. Every company is still responsible for maintaining legal and compliance obligations, regardless of whether they utilize a third party. With proper planning, and a system for keeping trackable tabs on their data, companies can save time and money by utilizing the advantages of the cloud, while not getting caught out in the rain in case of eDiscovery.
The term “cloud” is being thrown around a lot lately. In fact, some would argue it’s become the phrase du jour for the tech world. There’s Apple’s iCloud, Google’s cloud computing services, and Amazon CloudDrive, just to name a few. With the amount of new services popping up that utilize the cloud, it’s quickly becoming a hot topic for the movers and shakers of the tech world.
What is the cloud?
Think of it this way: Almost everyone who uses a computer knows what a USB flash/stick/thumb drive is. The tiny little drives store gigabytes of information and can be accessed at any time on different devices as long as they’re quipped with USB ports.
The cloud operates the same way – except it’s a virtual drive. For example, with Apple’s iCloud, a user can store music, pictures, movies and documents, and just about anything on Apple’s servers can be accessed on any Apple device. So, use an Apple Macbook to write up that business proposal, store it to the Apple’s cloud servers, and then access it later at work on an iPad or an iPhone.
Apple isn’t the only game in town, though. Dropbox.com has offered free online storage services for some time now, even before the cloud became the “next big thing.”
Not just a fad
There are plenty of fads that come and go in the tech world but count on cloud computing to become a fixture in the daily life of businesses and people. According to the International Data Corporation (IDC), customers are expected to $42 billion on cloud computing alone.
IDC also projects that "by 2020, a significant portion of the Digital Universe will be centrally hosted, managed, or stored in" cloud services. “And even if a single byte in the Digital Universe does not ‘live in the cloud’ permanently, it will, in all likelihood, pass through the cloud at some point in its life.”
What This Means for Ediscovery?
Though more and more businesses and organizations are considering switching over to the cloud for their data storage and archiving needs, it’s becoming increasingly clear that most of these groups simply have no electronic discovery (ediscovery) plan set for cloud computing.
According to a Forbes survey, “The Cloud and eDiscovery,” ediscovery plans were uncommon among respondents, with only about 16 percent of those using cloud-based services creating one before migrating to a cloud-based form of data storage.
A whopping 58 percent simply didn’t know if they had a plan or not. When facing litigation, those organizations will be left struggling in a high-pressure situation to gather necessary cloud-based data. Inevitably this will lead to high costs and difficulty making quick, sound legal decisions.
Solution: Ediscovery plans are essential for any organization using the cloud for information storage. These plans should cover each cloud-based service being used, and they should spell out how the information is to be accessed, service-level agreements for how quickly it's retrieved, who own custody of the data, and any other advanced services that are to be included.
