Category Archives: Case Law

90 Percent of Law Firms Managed Social Media Evidence Collections in 2018

By John Patzakis

The International Legal Technology Association recently published a very informative and comprehensive law firm eDiscovery practice survey “2018 Litigation and Practice Support Survey.” ILTA received responses from 181 different law firms — small, medium and large — on a variety of subjects, including eDiscovery practice trends and software tool usage.  The survey reveals three key takeaways regarding social media and website discovery.

The first clear takeaway is that social media discovery is clearly increasing among law firms and in the field in general. 90 percent of responding law firms reported conducting social media discovery in 2018. Additionally, the responding firms reported a higher average volume of cases involving social media evidence, with a 46 percent increase in firms handling at least 20 matters per year involving social media evidence.

ILTA Survey v2

Source: ILTA 2018 Litigation and Practice Support Survey

In terms of identified software solution usage, the survey establishes that X1 Social Discovery is the clear leader in the web and social media capture category among purpose-built tools used by law firms. 63 percent of all surveyed law firms rely on X1 Social Discovery on either an in-sourced or outsourced basis. This is consistent with our own internal data, reflecting the industry’s standardization of social media evidence collection by the sheer volume of customers that have adopted X1 Social Discovery. Nearly 200 law firms and 400 eDiscovery services firms have at least one paid license of X1 Social Discovery.

And in addition to social media evidence collections, X1 Social Discovery registered as the most popular eDiscovery software used for webmail collection (i.e. Gmail, Yahoo, Aol, Office 365) with 32 percent of law firms relying on X1 for this purposes. X1 Social Discovery provides an extremely effective means to collect, search, tag, and export via loadfile or pst web-based email evidence.

The final takeaway is that the practice of using screen captures with general IT tools like Adobe and Snagit is still commonly employed by practitioners at law firms, but is virtually non-existent amongst service providers, who typically are on the forefront of adapting best practices. Screen capturing is neither effective nor defensible.  They are ineffective because the results are very narrow and incomplete, and the process is very labor intensive resulting in much higher costs to the client than using best practices. (See Stallings v. City of Johnston, 2014 WL 2061669 (S.D. Ill. May 19, 2014): the law firm spent a full week screen capturing contents of a Facebook account — which amounted to over 500 printed pages — manually rearranging them, and then redacting at a cost of tens of thousands of dollars).

In addition, simple screen captures are not defensible, with several courts disallowing or otherwise calling into question social media evidence presented in the form of a screen shot image. This scrutiny will only increase with Federal Rule of Evidence 902(14) now in effect. I have previously addressed Rule 902(14) at length on this blog, but in a nutshell, screen captures are not Rule 902(14) compliant, while best practices technology like X1 Social Discovery have the critical ability to collect all available metadata and generate an MD5 checksum, or “hash value,” of the preserved data for verification of the integrity of the evidence. The generation of hash values is a key component for meeting the requirements of FRE 902(14).

The ILTA Litigation Practice survey results can be accessed here. For more information about how to conduct effective social medial investigations, please contact us, or request a free demo version of X1 Social Discovery.

 

1 Comment

Filed under Best Practices, Case Law, eDiscovery, Social Media Investigations, Uncategorized

Government Regulators Reject “Paper” Corporate Compliance Programs Lacking Actual Enforcement

By John Patzakis

Recently, US Government regulators fined Stanley Black & Decker $1.8m after its subsidiary illegally exported finished power tools and spare parts to Iran, in violation of sanctions. The Government found that the tool maker failed to “implement procedures to monitor or audit [its subsidiary] operations to ensure that its Iran-related sales did not recur.”

Notably, the employees of the subsidiary concealed their activities by creating bogus bills of lading that misidentified delivery locations and told customers to avoid writing “Iran” on business documents. This conduct underscores the importance of having a diligent internal monitoring and investigation capability that goes beyond mere review of standard transactional records in structured databases such as CRM systems. This type of conduct is best detected on employee’s laptops and other sources of unstructured data through effective internal investigations processes.Law Journal2

The Treasury Department stated the Stanley Black & Decker case “highlights the importance of U.S. companies to conduct sanctions-related due diligence both prior and subsequent to mergers and acquisitions, and to take appropriate steps to audit, monitor and verify newly acquired subsidiaries and affiliates for….compliance.”

Further to this point, the US Department of Justice Manual features a dedicated section on assessing the effectiveness of corporate compliance programs in corporate fraud prosecutions, including FCPA matters. This section is a must read for any corporate compliance professional, as it provides detailed guidance on what the USDOJ looks for in assessing whether a corporation is committed to good-faith self-policing or is merely making hollow pronouncements and going through the motions.

The USDOJ cites United States v. Potter, 463 F.3d 9 (1st Cir. 2006), which provides that a corporation cannot “avoid liability by adopting abstract rules” that forbid its agents from engaging in illegal acts, because “[e]ven a specific directive to an agent or employee or honest efforts to police such rules do not automatically free the company for the wrongful acts of agents.” Id. at 25-26. See also United States v. Hilton Hotels Corp., 467 F.2d 1000, 1007 (9th Cir. 1972) (noting that a corporation “could not gain exculpation by issuing general instructions without undertaking to enforce those instructions by means commensurate with the obvious risks”).

The USDOJ manual advises prosecutors to determine if the corporate compliance program “is adequately designed for maximum effectiveness in preventing and detecting wrongdoing by employees and whether corporate management is enforcing the program or is tacitly encouraging or pressuring employees to engage in misconduct to achieve business objectives,” and that “[p]rosecutors should therefore attempt to determine whether a corporation’s compliance program is merely a ‘paper program’ or whether it was designed, implemented, reviewed, and revised, as appropriate, in an effective manner.”

With these mandates from government regulators for actual and effective monitoring and enforcement through internal investigations, organizations need effective and operational mechanisms for doing so. In particular, any anti-fraud and internal compliance program must have the ability to search and analyze unstructured electronic data, which is where much of the evidence of fraud and other policy violations can be best detected.

To help meet the “actual enforcement” requirements of government regulators, X1 Distributed Discovery (X1DD) enables enterprises to quickly and easily search across up to thousands of distributed endpoints and data servers from a central location.  Legal and compliance teams can easily perform unified complex searches across both unstructured content and metadata, obtaining statistical insight into the data in minutes, and full results with completed collection in hours, instead of days or weeks. Built on our award-winning and patented X1 Search technology, X1DD is the first product to offer true and massively scalable distributed data discovery across an organization. X1DD replaces expensive, cumbersome and highly disruptive approaches to meet enterprise investigation, compliance, and eDiscovery requirements.

Once the legal team is satisfied with a specific search string, after sufficient iteration, the data can then be collected by X1DD by simply hitting the ‘collect’ button. The responsive data is “containerized” at each end point and automatically transmitted to either a central location, or uploaded directly to Relativity, using Relativity’s import API where all data is seamlessly ready for review. Importantly, all results are tied back to a specific custodian, with full chain of custody and preservation of all file metadata. Here is a recording of a live public demo with Relativity, showing the very fast direct upload from X1DD straight into RelativityOne.

This effort described above — from iterative, distributed search through collection and transmittal straight into Relativity from hundreds of endpoints — can be accomplished in a single day. Using manual consulting services, the same project would require several weeks and hundreds of thousands of dollars in collection costs alone, not to mention significant disruption to business operations. Substantial costs associated with over-collection of data would mount as well, and could even dwarf collection costs through unnecessary attorney review time.

In addition to saving time and money, these capabilities are important demonstrate a sincere organizational commitment to compliance versus maintaining a mere “paper program.”

1 Comment

Filed under Best Practices, Case Law, Case Study, compliance, Corporations, eDiscovery & Compliance, Enterprise eDiscovery, Information Governance

New York Appellate Court Allows “Data Mining” of Social Media accounts for Relevant Information

By John Patzakis

The New York Appellate Division allowed discovery into the non-public information of the social media accounts of a former professional basketball player relevant to his personal injury claims arising out of an automobile accident. In Vasquez-Santos v. Mathew 2019 NY Slip Op 00541 (January 24, 2019), the court held that the defendant may utilize the services of a “data mining” company for a widespread search of the plaintiff’s devices, email accounts, and social media.social-media-cases3

Vasquez-Santos is an extension of a large body of court decisions that allow discovery of a user’s “private” social media messages, posts and photos where that information is reasonably calculated to contain evidence material and necessary to the litigation. Private social media information can be discoverable to the extent it “contradicts or conflicts with [a] plaintiff’s alleged restrictions, disabilities, and losses, and other claims” according the Vasquez-Santos Court.

The Court found that the defendant “is entitled to discovery to….defend against plaintiff’s claims of injury,” and noted that the requested access to plaintiff’s accounts and devices “was appropriately limited in time, i.e., only those items posted or sent after the accident, and in subject matter, i.e., those items discussing or showing defendant engaging in basketball or other similar physical activities.”

Also noteworthy was the Court’s finding that while plaintiff did not take the pictures himself, that was of no import to the decision. He was “tagged,” thus allowing him access to the pictures, and thus populated his social media account.

This decision is consistent with the general rule that while social media is clearly discoverable, there must be a requisite showing of relevance before the court moves to compel full production of a litigant’s “private” social media.

This case illustrates that any solution purporting to support eDiscovery for social media must have robust public search and collection capabilities. This means more than merely one-off screen scrapes but instead an ability to search, identify and capture up to thousands of social media posts on an automated and scalable basis.

X1 Social Discovery has the ability to find an individual’s publicly available content and to collect it in an automated fashion in native format with all available metadata intact to enable systematic and scalable search, review, tagging and analysis. We heard from one major law firm that screen captures of a single public Facebook account took several hours, with the resulting images not searchable or organized into a case-centric workflow. Now with X1 Social Discovery, they are able to accomplish this full capture in seconds. This is critically important to conduct proper due diligence on a case and to better assist legal and investigative professionals to make the requisite showings for the full discovery of social media evidence in civil discovery, as in Vasquez-Santos.

Leave a comment

Filed under Best Practices, Case Law, Case Study, eDiscovery, law firm, Social Media Investigations

eDiscovery Collection 3.0: Much Better, Much Faster, Much Cheaper

In his recent blog post, X1 CEO Craig Carpenter discussed the inability of any software provider to solve a critical need by delivering a truly scalable eDiscovery preservation and collection solution. As Craig pointed out, in the absence of such a “holy grail” solution, eDiscovery collection remains dominated by either unsupervised custodian self-collection or manual services, driving up costs while increasing risk and disruption to business operations.

Desktop_virtualization

Craig outlined how endpoint forensic imaging are still employed on a limited basis. Many companies have also tried network crawling methods with repurposed forensic tools. (A “collection 2.1” method, if you will).  While this can be feasible for a small number of custodians, network bandwidth constraints coupled with the requirement to migrate all endpoint data back to the forensic crawling tool renders the approach ineffective. For example, to search a custodian’s laptop with 10 gigabytes of email and documents, all 10 gigabytes must be copied and transmitted over the network, where it is then searched, all of which takes at least several hours per computer. So, most organizations choose to force collect all 10 gigabytes. The case of U.S. ex rel. McBride v. Halliburton Co.  272 F.R.D. 235 (2011), illustrates this specific pain point well. In McBride, Magistrate Judge John Facciola’s instructive opinion outlines Halliburton’s eDiscovery struggles to collect and process data from remote locations:

“Since the defendants employ persons overseas, this data collection may have to be shipped to the United States, or sent by network connections with finite capacity, which may require several days just to copy and transmit the data from a single custodian . . . (Halliburton) estimates that each custodian averages 15–20 gigabytes of data, and collection can take two to ten days per custodian. The data must then be processed to be rendered searchable by the review tool being used, a process that can overwhelm the computer’s capacity and require that the data be processed by batch, as opposed to all at once.”

Halliburton represented to the court that they spent hundreds of thousands of dollars on eDiscovery for only a few dozen remotely located custodians. The need to force-collect the remote custodians’ entire set of data and then sort it out through the expensive eDiscovery processing phase, instead of culling, filtering and searching the data at the point of collection drove up the costs. As such, this network crawling based architecture is fundamentally flawed and cannot scale.

What is needed is the ability to gain immediate visibility into unstructured distributed data across the enterprise, through the ability to search and collect across several hundred endpoints and other unstructured data sources such as file shares, and return results within minutes instead of days or weeks. The approaches outlined above and by Craig Carpenter do not come close to meeting this requirement and in fact actually perpetuate eDiscovery pain.

Solving this collection challenge once and for all is basis for X1 Insight and Collection, which is our eDiscovery collection 3.0 solution.  X1 Insight and Collection (XIC) enables enterprises to quickly and easily search across up to thousands of distributed endpoints and data servers from a central location.  Legal and compliance teams can easily perform unified complex searches across both unstructured content and metadata, obtaining statistical insight into the data in minutes, and full results with completed collection in hours, instead of days or weeks. Built on our award-winning and patented X1 Search technology, XIC is the first product to offer true and massively scalable distributed data discovery across an organization. XIC replaces expensive, cumbersome and highly disruptive approaches to meet enterprise discovery, preservation, and collection needs.

Targeted and iterative end point search is a quantum leap in early data assessment, which is critical to legal counsel at the outset of any legal matter. However, under today’s industry standard, the legal team is typically kept in the dark for weeks, if not months, as the manual identification and collection process of distributed, unstructured data runs its expensive and inefficient course.  To illustrate the power and capabilities of XIC, imagine being able to perform multiple, detailed, Boolean keyword phrase searches with metadata filters across the targeted end points of your global enterprise. The results start returning in minutes, with granular statistical data about the responsive documents and emails associated with specific custodians or groups of custodians.

Once the legal team is satisfied with a specific search string, after sufficient iteration, the data can then be collected by XIC by simply hitting the “collect” button. The responsive data is “containerized” at each end point and automatically transmitted to either a central location, or uploaded directly to Relativity, using Relativity’s import API where all data is seamlessly ready for review. Importantly, all results are tied back to a specific custodian, with full chain of custody and preservation of all file metadata. Here is a recording of a live public demo with Relativity, showing the very fast direct upload from XIC straight into RelativityOne.

This effort described above — from iterative, distributed search through collection and transmittal straight into Relativity from hundreds of endpoints — can be accomplished in a single day. Using manual consulting services, the same project would require several weeks and hundreds of thousands of dollars in collection costs alone, not to mention significant disruption to business operations. Substantial costs associated with over-collection of data would mount as well, and could even dwarf collection costs through unnecessary attorney review time.

XIC operates on-demand where your data currently resides — on desktops, laptops, servers, or even the cloud — without disruption to business operations and without requiring extensive or complex hardware configurations. Beyond enterprise eDiscovery and investigation functionality, organizations can offer employees the award-winning X1 Search, improving productivity while maintaining compliance.

As Relativity Product Manager Barry O’Melia said in the live X1/R1 integration demo, it is something you have to see for yourself to believe. So please check out the demo here, or contact us to arrange for a private demo.

Leave a comment

Filed under Best Practices, Case Law, Case Study, eDiscovery, Enterprise eDiscovery, Uncategorized