As a digital forensics and e-discovery firm, we spent a lot of our time educating clients about the ever-evolving world of digital information and evidence collection. Whether it’s through a webinar, CLE class, or simple consultation, one of the most frequent questions that come up is, “how can I reduce the overall cost of an e-Discovery effort?”
Without hesitation, we tell law firms and legal departments that it is crucial to focus on the early stages of the e-discovery process. There is nothing that can better control the cost and scope of an e-discovery effort than to put a bit of critical thinking into the early stages.
Too often, we find that stretched-thin legal teams apply little thought toward formulating strategies for effective information collection. It happens all the time, so let’s look at a simple example.
Let’s suppose there is a law firm looking to get ahead of potential litigation involving the CFO of their client’s business. The legal team decides it needs to understand the client’s risk exposure and tasks a paralegal to “get all the CFO’s emails.” Obviously, this vague set of instructions can leave a lot up for interpretation. Nonetheless, the paralegal moves ahead and asks the client’s IT department to assist.
The IT department, with no specific training in legal holds or proper forensic preservation, delivers a zip file of all the emails it has on its current email server, which ends up being about six months worth. The IT department sheepishly admits that the other emails are unavailable due to an archiving glitch. The paralegal forwards the zipped bundle of emails to the team. The collection task seems complete. Or is it?
Mistake #1: Not understanding potential sources of ESI.
We can see a half dozen procedural and technical issues with this collection process, but let’s focus on a common mistake that looms large — not understanding potential sources of electronically stored information (ESI).
In our example, the legal team requested just one source of ESI, the CFO’s corporate email account. In today’s hyperconnected world, corporate email should be the starting point for discovery. Rarely is business communications performed solely via email; most of the time, it is not.
In the modern workplace, employees are using a variety of methods to communicate. We now share information through messaging apps, project management apps, team collaboration software, and a variety of social media platforms. And because our professional lives blend into our personal lives, people often access business information on one or more personal devices.
So why is the legal team only interested in the employee’s business email? Most likely, they requested the lowest-hanging fruit, repeating a standard discovery request that seems to have worked well for the past 20 years. If the team intended to uncover useful information to help guard against potential litigation, then this effort was woefully inadequate.
In 2019, it is critical to understand that potentially responsive information is more likely found in a variety of places. What about CFO’s text messages? Her personal email? Slack Account? Sharepoint? Or a dozen other applications in which communication can occur?
Legal teams need to make a shift in thinking so that potentially responsive information is not left behind.
LET THE EDRM MODEL BE YOUR GUIDE
The popular EDRM model describes the first step of any e-discovery effort as Identification*. We believe that what happens in this stage will have more impact on the scope, cost, and success of an e-discovery effort than any subsequent effort.
(*We aren’t forgetting about Information Governance, the first step in the EDRM model. However, this step isn’t usually considered the first active step in an e-Discovery effort.)
Unfortunately, experience shows us that identification is the step that is most likely to be short-changed in the interest of expediency, especially in smaller legal cases.
Before a collection request occurs, it is essential to understand the best methods to uncover relevant information. In the identification process, you first seek to understand where potentially relevant ESI could be stored. You need to understand the IT systems, structures, policies, and custodians of data. You need to understand who may have potential evidence, where it might be stored, and how to accurately identify, preserve, and collect that data.
We recommend that all professionals working in e-discovery take a moment to review the guidelines available at the official EDRM website. If you haven’t reviewed the site’s e-discovery framework in a while, you might be surprised how helpful it really is.
ENTER THE DIGITAL FORENSICS PROFESSIONAL:
Whether your case is big or small, we always recommend that you have the counsel of a digital forensics expert. While that might sound self-serving for us to say, a digital forensics professional can provide you with invaluable insight and guidance to help you develop your data identification, preservation, and collections plans. They have expertise in IT infrastructure, enterprise applications, data storage conventions, and data recovery techniques. A digital forensics professional can guide you and your efforts toward effective and defensible discovery requests.
Remember our example, where the IT department wasn’t able to produce comprehensive records due to an archiving glitch? The digital forensics professional will be able to help here, as well. Your legal team may not be able to to properly push-back on IT staff when technical issues arise. Getting a data recovery professional on your team that speaks the “language of IT” is vital. Forensics professionals have tools specifically designed to recover damaged data, including corrupted email archives.
Additionally, your forensics professional will be able to recommend other tactics to recover the missing email, suggesting alternate methods to obtain the missing information (what about the CFO’s personal phone? Or in the backup iTunes made? or iCloud storage?). We know from experience that seemingly lost data can be retrieved in many different ways. Your digital forensics professional will help you think outside the box for solutions.
We’ve only talked about one major mistake that legal professionals make in e-discovery efforts. We have two more significant errors to share, but we’ll address those in a future post.