Category Archives: Case Study

November 1, 2022 · 11:42 AM

Proportionality in eDiscovery is Ideal, but Difficult to Realize Without an Optimized Process

By John Patzakis

(Originally published October 24, 2022 by JD Supra and EDRM)

Image: Kaylee Walstad, EDRM

Proportionality-based eDiscovery is a goal that all corporate litigants seek to attain. Under Federal Rule of Civil Procedure 26(b)(1), parties may discover any non-privileged material that is relevant to any party’s claim or defense and proportional to the needs of the case. Litigants that take full advantage of the proportionality rule can greatly reduce cost, time and risk associated with otherwise inefficient eDiscovery.

While there is a keen awareness of proportionality in the legal community, realizing the benefits requires the ability to operationalize workflows as far upstream in the eDiscovery process as possible. For instance, when you’re engaging in data over-collection, which in turn incurs extensive labor and processing costs, the ship has largely sailed before you are able to perform early case assessments and data relevancy analysis, as much of the discovery costs have already been incurred at that point. The case law and the Federal Rules provide that the duty to preserve only applies to potentially relevant information, but unless you have the right operational processes in place, you’re losing out on the ability to attain the benefits of proportionality.

However, traditional eDiscovery services typically involve manual collection, followed by manual on-premises hardware-based processing, and finally manual upload to review. These inefficiencies extend projects by often weeks while dramatically increasing cost and risk with purposeful data over-collection and numerous manual data handoffs. The good news is that solutions and processes addressing the first half of the EDRM involving collection and processing are now far more automated than they were even a few years ago.

Recently EDRM hosted a webinar addressing these issues – “Operationalizing your eDiscovery Process to Realize Proportionality Benefits” – and more specifically, as the title reflects, explored how to operationalize your eDiscovery process to achieve lower costs, improve early case strategy, realize faster time to review and reduce overall legal risk.

Here are some key takeaways from the webinar:

  • A detailed legal analysis was provided highlighting the case of Raine Group v. Reign Capital, (S.D.N.Y. Feb. 22, 2022), which applied proportionality at the point of identification and collection, not just production. The court endorsed the use of detailed and iterative keyword searches to identify and preserve potentially relevant ESI.
  • A demonstration was shown on how to enable detailed and proportional search criteria, applied in-place, at the point of collection. Such a capability is key to realizing the blueprint for targeted and proportional ESI collection outlined in Raine Group.
  • The speakers also discussed how organizations should move upstream to focus on information governance to reduce the data funnel as soon as possible. The new generation of eDiscovery technology in the areas of collection, identification, analytics, and early data assessment, enables enterprises to operationalize proportionality principles.

The webinar culminated with the notion that an optimized process that applies proportionality upstream at the collection and identification stage reduces the data volume funnel by as much as 98 percent from over-collection models, yet with increased transparency and compliance. A link to the recording from the webinar can also be accessed here.

Leave a comment

Filed under Best Practices, Case Law, Case Study, ECA, eDiscovery, Enterprise eDiscovery, ESI, Preservation & Collection, proportionality

Tagged as , ,

June 15, 2022 · 12:33 PM

Industry Experts: Proportionality Principles Apply to ESI Preservation and Collection

By John Patzakis

Under Federal Rule of Civil Procedure 26(b)(1), parties may discover any non-privileged material that is relevant to any party’s claim or defense and proportional to the needs of the case. Lawyers that take full advantage of the proportionality rule can greatly reduce cost, time and risk associated with otherwise overbroad eDiscovery production. In a recent webinar, eDiscovery attorney Martin Tully of Redgrave LLP, addressed how to use processes and best practices to operationally attain this goal, particularly in the context of preservation and collection. In addition to being a partner at the Redgrave firm, Tully is currently the chair of the Steering Committee of the Sedona Conference Working Group on Electronic Document Retention and Production (WG1), providing additional import to his comments on the subject.

During the webinar, Tully noted that the “duty to preserve is directly aligned with what is within the scope of discovery….so if something is not within the scope of discovery – that is its either not relevant or its not proportional to the needs of the case — then there should not be an obligation to preserve it in the first place.” Tully discussed at length the recent case of Raine Grp. v. Reign Capital, (S.D.N.Y. Feb. 22, 2022), which holds that under FRC 26(a), parties “have an affirmative obligation to search for documents which they may use to support their claims or defenses.” In meeting these obligations, the court provided that a producing party may utilize search methodologies, specifically mentioning search terms. Tully explained that the court—in addressing the concept of reasonable, proportional discovery under the Rules – provides that producing parties are obligated to search custodians and locations it identifies on its own as sources for relevant information as part of its obligations under Rule 26, but that such identification and collection efforts should be proportional.

Further to these points, Tully weighed in on overbroad practice of full-disk imaging, noting that it should not be the default practice for eDiscovery collection: “Too often there is a knee jerk approach of ‘let’s just take a forensic image of everything – just because.’” According to Tully, alternative and more targeted search and collection methods were more appropriate for eDiscovery and can better effectuate proportional efforts: “Indexing in-place is key because it doesn’t just preserve in-place and reduce costs, but it can give you insight (into the data) to further justify your decision not to collect it in the first place, or if you need to, you are in much better shape to go back and collect the data in a tailored and focused way.”

Co-presenter Mandi Ross, CEO of Insight Optix also provided keen insight, outlining her typical workflow applying the aforementioned proportionality concepts through custodian and data source ranking and keyword searching performed in an iterative manner to identify key custodians, data sources, and the potentially relevant data itself. To effectuate this, Mandi noted that the enterprise eDiscovery collection and early data assessment process should enable a targeted, remote, and automated search capability, with immediate pre-collection visibility into custodial data.

In fact, both Tully and Ross emphasized in their comments that none of the cost-saving, targeted collection efforts permitted under the Federal Rules can be realized without an operational capability to effectuate them. Ideally, the producing party can employ a defensible, targeted, and iterative search and collection process in-place, prior to collection to effectuate the proportional discovery process approved by the court in this decision. However, without such a capability, the alternative is an expensive, over-collection effort, where the data is searched post collection. Enabling the search iteration and targeted collection upstream brings dramatic cost savings, risk reduction, and other process efficiencies.

A recording of the webinar on proportionality can be accessed here.

Leave a comment

Filed under Best Practices, Case Law, Case Study, eDiscovery, eDiscovery & Compliance, Enterprise eDiscovery, ESI, Information Management, Preservation & Collection, proportionality

July 21, 2020 · 9:02 AM

Another Criminal Conviction Overturned Due to Failure to Authenticate Social Media Evidence

By John Patzakis

The Supreme Court of Vermont overturned a felony conviction due to the prosecutions’ failure to properly authenticate social media evidence, finding that the printed records subpoenaed directly from Facebook were insufficient. (Vermont v. Allcock, July 10, 2020) Defendant Christina Allcock appealed her convictions for aggravated assault on a police officer and other related lesser offences, asserting the trial court erred in admitting Facebook messages that lacked sufficient evidentiary foundation. The Vermont Supreme Court reversed the main aggravated assault conviction, but affirmed the lesser charges.scales-justice-no-print

During trial, the State moved to admit a “Facebook Business Record” that included private messages sent from a Facebook account with defendant’s name that implicated her and served as key evidence in her conviction.  Law enforcement officers testified that they learned of these messages when the recipient contacted the police and provided screenshots of the messages on his phone. The police then executed a search warrant and obtained data from Facebook regarding the page registered in defendant’s name, in the form of the Facebook Business Record. The record listed the account holder’s name, email addresses, phone numbers, but there was no testimony at trial directly tying this information to the defendant.

The Vermont Supreme Court ruled that the Facebook content:

“[C]annot be authenticated merely by the fact that the account from which the messages were sent purported to be that of defendant Christina Allcock. The Court cited 2 R. Mosteller et al., McCormick on Evidence § 221 (8th ed.) (explaining that the purported signature or recital of authorship on the face of a writing is not sufficient proof of authenticity to secure the admission of the writing into evidence). Digital communications are no different from other writings in this regard. The ‘judicial skepticism toward the recital of authorship in documents’ is viewed as a necessary check on the perpetuation of fraud.” Id.

The court also noted that “the fact that the Facebook Business Record showed that the account was registered in defendant’s name likewise does not provide sufficient information from which a jury could conclude that the account belonged to defendant and that she sent the messages at issue…The critical question for purposes of authentication is whether the account did in fact belong to defendant.”

The court provided guidance on how the prosecution could have successfully authenticated the Facebook evidence, such as presenting “evidence that the Facebook page associated with the account in question had distinct information or personal photos not in the public domain” or unique identifying metadata associated with the account in question.

Vermont v. Allcock is yet another illustration why software that supports best practices is needed to properly collect and preserve social media evidence. The case is also a lesson that obtaining a mere printout of records from the social media provider itself is insufficient. Instead, the examiner who preserved the social media or other Internet must be able to present sufficient evidence that “in combination with circumstantial indicia of authenticity (such as the dates and web addresses), will support a finding” that the evidence presented is what the proponent asserts. Perfect 10, Inc. v. Cybernet Ventures, Inc. (C.D.Cal.2002) 213 F.Supp.2d 1146, 1154. (See also, Lorraine v. Markel American Insurance Company, 241 F.R.D. 534, 546 (D.Md. May 4, 2007) (citing Perfect 10, and referencing MD5 hash values as an additional element of potential “circumstantial indicia” for authentication of electronic evidence).

One of the many benefits of X1 Social Discovery is its ability to preserve and display all the available “circumstantial indicia” or “additional confirming circumstances,” in order to present the best case possible for authenticating social media evidence collected with the software. This includes collecting all available metadata, including account and message IDs and generating a hash value checksum of the preserved data for verification of the integrity of the evidence. It is important to collect and preserve social media posts, messages, accounts and general web pages in a thorough manner with best-practices technology specifically designed for litigation purposes.  There are over twenty unique metadata fields associated with individual Facebook posts and messages. Any one of those entries, or any combination of them could provide unique circumstantial evidence that would establish foundational proof of authorship, which is one of the many reasons why thousands of legal and investigative professionals rely on X1 Social Discovery.

Leave a comment

Filed under Authentication, Best Practices, Case Law, Case Study, Preservation & Collection, Social Media Investigations, Social Media Metadata

July 15, 2020 · 9:38 AM

Lawson v. Spirit Aerosystems: Federal Court Blasts “Bloated” ESI Collection, Rendered TAR Ineffective

By John Patzakis

Technology Assisted Review (TAR), when correctly employed, can significantly reduce legal review costs with generally more accurate results than other traditional legal review processes. However, the benefits associated with TAR are often undercut by the over-collection and over-inclusion of Electronically Stored Information (ESI) into the TAR process. These challenges played out in spades in the recent decision in Lawson v. Spirit Aerosystems, where a Kansas federal judge issued a detailed ruling outlining the parties’ eDiscovery battles, use of Technology Assisted Review (TAR), and whether further TAR costs should be shifted to the Plaintiff. The ex-CEO of Spirit Aerosystems brought his suit accusing Spirit of unlawfully withholding $50 million in retirement benefits over his alleged violation of a non- compete agreement.

Lessons Learned from New Technology-Assisted Review Case Law ...

The Lawson court outlined two ways in particular how ESI over-collection can detrimentally impact TAR. First, the more data introduced into the process, the higher the cost and burden. Some practitioners believe it is necessary to over-collect and subsequently over-include ESI to allow the TAR process to sort everything out. Many service providers charge by volume, so there can be economic incentives that conflict with what is best for the end-client. In some cases, the significant cost savings realized through TAR are erased by eDiscovery costs associated with overly aggressive ESI inclusion on the front end. Per the judge in Lawson, “the TAR set was unnecessarily voluminous because it consisted of the bloated ESI collection” due to overbroad collection parameters.

The court also outlined how the TAR process is much more effective when the initial set of data has a higher richness (also referred to as “prevalence”) ratio. In other words, the higher the rate of responsive data in the initial data set, the better. It has always been understood that document culling is very important to successful, economical document review, and that includes TAR. As noted by Lawson court, “the ‘richness’ of the dataset…can also be a key driver of TAR expenses. This is because TAR is not as simple as loading the dataset and pushing a magic button to identify the relevant and responsive documents. Rather, the parties must devote the resources (usually a combination of attorneys and contract reviewers) necessary to “educate” or “train” the predictive algorithm, typically through an ongoing process…” According to the courts’ decision, the inefficiencies in the process resulted in an estimated TAR bill of $600,000 involving the review of approximately 200 GBs of data. This is far too expensive for TAR to be feasible as a standard litigation process, and the problems all started with the “bloated” ESI collection.

To be sure, the volume of ESI is growing exponentially and will only continue to do so. The costs associated with collecting, processing, reviewing, and producing documents in litigation are the source of considerable pain for litigants, including the Plaintiff in Lawson, who will, per the courts’ ruling, incur at least a substantial amount of the TAR bill under the cost-shifting order. The only way to reduce that pain to its minimum is to use all tools available in all appropriate circumstances within the bounds of reasonableness and proportionality to control the volumes of data that enter the discovery pipeline, including TAR.

Ideally, an effective and targeted collection capability can enable parties to ultimately process, host, review and produce less ESI.  This capability should enable a pre-collection early case assessment capability (ECA) to foster cooperation and proportionality in discovery by informing the parties early in the process about where relevant ESI is located and what ESI is significant to the case. And with such benefits also comes a much more improved TAR process. X1 Distributed Discovery (X1DD) uniquely fulfills this requirement with its ability to perform pre-collection early case assessment, instead of ECA after the costly, time consuming and disruptive collection phase, thereby providing a game-changing new approach to the traditional eDiscovery model.  X1DD enables enterprises to quickly and easily search across hundreds of distributed endpoints from a central location.  This allows organizations to easily perform unified complex searches across content, metadata, or both and obtain full results in minutes, enabling true pre-collection ECA with live keyword analysis and distributed processing and collection in parallel at the custodian level. To be sure, this dramatically shortens the identification/collection process by weeks if not months, curtails processing and review costs from not over-collecting data, and provides confidence to the legal team with a highly transparent, consistent and systemized process. And now we know of another key benefit of an effective collection and ECA process: much more accurate and feasible technology assisted review.

Leave a comment

Filed under Best Practices, Case Law, Case Study, collection, ECA, eDiscovery, Enterprise eDiscovery, ESI

March 18, 2020 · 9:36 AM

Remote ESI Collection and Data Audits in the Time of Social Distancing

By John Patzakis

The vital global effort to contain the COVID-19 pandemic will likely disrupt our lives and workflows for some time. While our personal and business lives will hopefully return to normal soon, the trend of an increasingly remote and distributed workforce is here to stay. This “new normal” will necessitate relying on the latest technology and updated workflows to comply with legal, privacy, and information governance requirements.

From an eDiscovery perspective, the legacy manual collection workflow involving travel, physical access and one-time mass collection of custodian laptops, file servers and email accounts is a non-starter under current travel ban and social distancing policies, and does not scale for the new era of remote and distributed workforces going forward. In addition to the public health constraints, manual collection efforts are expensive, disruptive and time-consuming as many times an “overkill” method of forensic image collection process is employed, thus substantially driving up eDiscovery costs.

When it comes to technical approaches, endpoint forensic crawling methods are now a non-starter. Network bandwidth constraints coupled with the requirement to migrate all endpoint data back to the forensic crawling tool renders the approach ineffective, especially with remote workers needing to VPN into a corporate network.  Right now, corporate network bandwidth is at a premium, and the last thing a company needs is their network shut down by inefficient remote forensic tools.

For example, with a forensic crawling tool, to search a custodian’s laptop with 10 gigabytes of email and documents, all 10 gigabytes must be copied and transmitted over the network, where it is then searched, all of which takes at least several hours per computer. So, most organizations choose to force collect all 10 gigabytes. The case of U.S. ex rel. McBride v. Halliburton Co.  272 F.R.D. 235 (2011), Illustrates this specific pain point well. In McBride, Magistrate Judge John Facciola’s instructive opinion outlines Halliburton’s eDiscovery struggles to collect and process data from remote locations:

“Since the defendants employ persons overseas, this data collection may have to be shipped to the United States, or sent by network connections with finite capacity, which may require several days just to copy and transmit the data from a single custodian . . . (Halliburton) estimates that each custodian averages 15–20 gigabytes of data, and collection can take two to ten days per custodian. The data must then be processed to be rendered searchable by the review tool being used, a process that can overwhelm the computer’s capacity and require that the data be processed by batch, as opposed to all at once.”

Halliburton represented to the court that they spent hundreds of thousands of dollars on eDiscovery for only a few dozen remotely located custodians. The need to force-collect the remote custodians’ entire set of data and then sort it out through the expensive eDiscovery processing phase, instead of culling, filtering and searching the data at the point of collection drove up the costs.

Solving this collection challenge is X1 Distributed Discovery, which is specially designed to address the challenges presented by remote and distributed workforces.  X1 Distributed Discovery (X1DD) enables enterprises to quickly and easily search across up to thousands of distributed endpoints and data servers from a central location.  Legal and compliance teams can easily perform unified complex searches across both unstructured content and metadata, obtaining statistical insight into the data in minutes, and full results with completed collection in hours, instead of days or weeks. The key to X1’s scalability is its unique ability to index and search data in place, thereby enabling a highly detailed and iterative search and analysis, and then only collecting data responsive to those steps. blog-relativity-collect-v3

X1DD operates on-demand where your data currently resides — on desktops, laptops, servers, or even the cloud — without disruption to business operations and without requiring extensive or complex hardware configurations. After indexing of systems has completed (typically a few hours to a day depending on data volumes), clients and their outside counsel or service provider may then:

  • Conduct Boolean and keyword searches of relevant custodial data sources for ESI, returning search results within minutes by custodian, file type and location.
  • Preview any document in-place, before collection, including any or all documents with search hits.
  • Remotely collect and export responsive ESI from each system directly into a Relativity® or RelativityOne® workspace for processing, analysis and review or any other processing or review platform via standard load file. Export text and metadata only or full native files.
  • Export responsive ESI directly into other analytics engines, e.g. Brainspace®, H5® or any other platform that accepts a standard load file.
  • Conduct iterative “search/analyze/export-into-Relativity” processes as frequently and as many times as desired.

To learn more about this capability purpose-built for remote eDiscovery collection and data audits, please contact us.

Leave a comment

Filed under Best Practices, Case Law, Case Study, ECA, eDiscovery, eDiscovery & Compliance, Enterprise eDiscovery, ESI, Information Governance, Preservation & Collection, Relativity