Category Archives: Case Study

X1 Insight and Collection & RelativityOne Integration: Testing and Proof of Concept

Editor’s Note: The following is a blog post published by eDiscovery expert Chad Jones, Director at D4 Discovery, regarding D4’s extensive testing and validation of the integration of R1 and X1 Insight and Collection.  It is republished here with permission. 

Discovery is a complicated business. For a typical litigation, there are at least five separate stages, collection, processing, review, analysis, and production, and while the average discovery period lasts eight to ten months, the matters themselves can run for years. During the lifecycle of a common eDiscovery project, these five stages are usually performed by several different parties, which further complicates the process by introducing a variety of hand-offs and delays between organizations and individuals.

The proof of concept that follows was designed to validate Insight and Collection, a product created by X1 Discovery, Inc, and that now features a direct upload to Relativity and RelativityOne. With this product, X1 proposes to streamline the five-stage process by allowing enterprises to search locally, collect those search hits, process the results and push them directly to RelativityOne in a matter of minutes.

To evaluate the viability of the X1 Insight and Collection, D4, LLC. designed and executed the following Proof of Concept (POC). A leader in forensic collection services and a seven-time Relativity Best in Service, Orange Levelhosting partner, D4 staff leveraged its expertise in end to end eDiscovery to implement the workflow and document the results.

Background

Project

eDiscovery is a multi-stage process with a series of hand-offs between disconnected parties. This process can be extremely expensive and error prone. In addition to the costs, the time to review can often span weeks or even months to complete.

Stakeholders

Those who stand to benefit from X1 Insight and Collection are business and organization leaders looking to manage and control the cost and risks of discovery.

Solution Features and Benefits

There are several features of the X1 Insight and Collection: search-in-place, early case assessment visualizations, remote collection, processing on demand, publish to review in RelativityOne. Searching in place on the local machine has several benefits. It prevents needless over collection and saves the end user from the hassle of turning over her machine and losing productivity. It also gives case teams the opportunity to iterative refine search terms and review search hits on the fly.

Finally, searching in place replaces the need to collect data and load to a master repository for indexing and searching. This includes email containers – the ability to index, search and collect all email in place on the custodian’s computer or the corporate Exchange server without the need to migrate the entire container or full account is a strong and unique capability. With X1’s remote collection, once users target the specific files and emails they need, they can immediately collect and process that information. Once collected and processed, enterprise users have the option of creating standard load files or sending text, metadata and native files directly to RelativityOne.

Practical Details of POC

To test and vet the software, D4 built a mini-cloud environment, consisting of five custodian machines; one enterprise server; and one client server meeting the specs listed below:

Server 1

  • OS: Microsoft Server 2012 R2
  • CPU: 2.6 GHz minimum 8 processors
  • Memory: 16 GB RAM
  • Disk: 180 GB free hard disk space (software)
  • Disk 2: 1TB for collected data (or available network drive)

Server 2

  • OS: Microsoft Server 2012 R2
  • CPU: 2.6 GHz minimum 8 processors
  • Memory: 32 GB RAM
  • Disk: 180 GB free hard disk space (software)

Testing Desktop: (QTY 5)

  • OS: Microsoft Windows 7, 8 or 10
  • CPU: 1.8 GHz minimum 2 processors
  • Memory: 8 GB RAM

On each custodian machine we placed a mix of email and non-email data. From these data sets we ran a series of tests from which we collected data.

Although X1 Insight and Collection provides a variety of workflows allowing for a complex collection strategy, for the purposes of this proof-of concept, the collection was limited to a simple Boolean query of common football related terms across Enron data. We made two separate collections of email data: a collection to disc with load files and a collection direct pushed to RelativityOne. The terms used in the POC were: “football OR game OR trade OR QB OR league OR cowboys OR longhorns OR thanksgiving OR player.” Following the collections, the results of the load file export were test loaded to Relativity and the results of the dataset published direct to RelativityOne were evaluated in that workspace.

Test Results

The testing process considered four main areas: documenting search results; documenting upload/download times; metadata validation; and reports and exception handling. To test the search results the loaded data was indexed, and searches run to confirm the results. In both load formats, the search results remained the same as shown below.

It is important to note that in Relativity only the text was searched while in X1 all metadata was also included in the search. This is a common difference between review platforms and collection tools, as collection tools are able to search all components of the file, while review is limited to extracted metadata fields only.

Additional tests were performed to document search and exports speeds. One of the components of X1 Insight and Collection is its collection module which sits on the client server and manages the collection from a central location. In the initial test, we chose to export the files to disc and create a load file, while in the second test we leveraged X1s integration with RelativityOne and upload data to Relativity’s cloud instance via the Relativity API.

In both cases, the results proved that X1 is incredibly powerful. Each time the system executed saved searches on five separate machines, pulled the data to the client server, extracted text and metadata and then either generated a load file or sent the deliverable straight to the cloud and into Relativity – all within minutes. The results, shown below, are amazing. In both cases the system completed all steps in under 13.5 minutes. Additional tests were performed to document search and exports speeds.

One of the components of X1 Insight and Collection is its collection module which sits on the client server and manages the collection from a central location. In the initial test, we chose to export the files to disc and create a load file, while in the second test we leveraged X1s integration with RelativityOne and upload data to Relativity’s cloud instance via the Relativity API. In both cases, the results proved that X1 is incredibly powerful. Each time the system executed saved searches on five separate machines, pulled the data to the client server, extracted text and metadata and then either generated a load file or sent the deliverable straight to the cloud and into Relativity – all within minutes. The results, shown below, are amazing. In both cases the system completed all steps in under 13.5 minutes.

Further testing showed that while X1 gets the essential metadata components extracted from the data, there are some features we are used to seeing in established eDiscovery processing tools that are lacking in this product. We also found the exception reporting to be lacking. In our RelativityOne tests, we found 40 files were excluded from upload, yet when reviewing the available exception reporting we had trouble seeing what caused those file failures. These issues notwithstanding, the POC proved successful. X1 Insight and Collection proved to be a powerful search engine and collection tool, capable of collecting over 6,000 documents from five separate machines and uploading those files to RelativityOne in less than fifteen minutes!

Conclusion

X1 Insight and Collection offers multiple benefits to the enterprise user looking to take control of the eDiscovery life cycle. By simplifying the course of an eDiscovery project, X1 limits the number of touch points in the traditional vendor-driven process. Internal users can search and vet terms in real-time before collection. This not only mitigates the opportunity for error, but it greatly reduces the time to review, which is what this solution really seems to be all about. X1 seems to have been designed with the internal investigation in mind. Offering a light tagging feature, X1 gives users a light ECA option that with a couple mouse clicks becomes a collection and processing tool that connects directly to all the features of RelativityOne. When combined with Relativity ECA, Analytics and Active Learning, this might be all the solution the typical enterprise would need.

Leave a comment

Filed under Best Practices, Case Study, compliance, eDiscovery, Enterprise eDiscovery, Information Governance, reviewing

Dark Web Evidence Critical to all Cyber Investigations and Many eDiscovery matters

The dark web is a component of the World Wide Web that is only accessible through special software or configurations, allowing users and website operators to remain anonymous or untraceable. The dark web forms a small part of the deep web, which is the part of the Web not indexed by web search engines. The dark web has gained more notoriety over the past few years and several large criminal investigations have resulted in seizures of both cryptocurrencies and dark web pages and sites. Criminal enterprises involving counterfeiting, hacking, ID and IP theft, narcotics, child pornography, human trafficking, and even murder for hire seek a haven in the mist of encrypted communications and payment, such as Bitcoin, to facilitate their nefarious schemes. dark web

While mining the dark web is critical for many law enforcement investigations, we are also seeing increased focus on this important evidence in civil litigation. Fero v. Excellus Health Plan, Inc., (Jan. 19, 2018, US Dist Ct, NY), is one recent example. Fero arises out of a data breach involving healthcare provider Excellus Health Plan, Inc. According to the complaint, hackers breached Excellus’s network systems, gaining access to personal information millions of individuals, including their names, dates of birth, social security numbers, credit card numbers, and medical insurance claims information. The Plaintiffs brought a class action asserting claims under various federal and state laws.

Initially, the court dismissed the plaintiffs’ case, citing a failure to establish damages and actual misuse by the hackers who allegedly stole their information. However, after conducting a more diligent investigation, the plaintiffs submitted with their motion for reconsideration evidence that the plaintiffs’ PII was placed on the dark web.  This evidence was summarized in an expert report providing the following conclusion:  “it is my opinion to a reasonable degree of scientific certainty that PII and PHI maintained on the Excellus network was targeted, collected, exfiltrated, and put up for sale o[n] DarkNet by the attacker for the purpose of, among other things, allowing criminals to purchase the PII and PHI to commit identity theft.”  Fero, at 17.  Based on this information, the court granted the motion for reconsideration and denied the defendant’s motion to dismiss. In other words, the dark web evidence was game-changing in this high-profile class action suit.

Cases like Fero v. Excellus Health Plan illustrate that dark web evidence is essential for criminal and civil litigation matters alike. Dark Web investigations do require specialized knowledge and tools to execute. For instance, X1 Social Discovery can be easily configured to conduct such dark web investigation and collections.

Recently, Joe Church of Digital Shield led a very informative and instructive webinar on this topic. Joe is one of the most knowledgeable people that I’m aware of out there on dark web investigations, and his detailed presentation did not to disappoint. Joe’s presentation featured a concise overview of the dark web, how its used, and how to navigate it. He included a detailed lesson on tools and techniques needed to search for and investigate key sources of evidence on the dark web. This webinar is a must see for anyone who conducts or manages dark web investigations. Joe also featured a section on how to specifically utilize X1 Social Discovery to collect, search and authenticate dark web evidence. You can review this very informative 30 minute training session (no sign in required) by visiting here.

Leave a comment

Filed under Best Practices, Case Law, Case Study, Cloud Data, dark web, eDiscovery, Preservation & Collection, Social Media Investigations, Uncategorized

SEARCH REVEALS HUNDREDS OF IMPROPER JUROR SOCIAL MEDIA POSTS PER DAY (PART 2)

In response to our post two weeks ago identifying widespread social media abuse by jurors that could quite possibly lead to mistrials, a frightened prosecutor and others have inquired about how exactly juror’s social media data should be collected and what the various techniques are. So this follow-up post discusses the mechanics of proactively monitoring jurors that are both empaneled and potential members of your pool.

First and foremost, it is important to understand what not to do. Do not fire up Twitter.com and start following jurors. They will receive a notice that they’re being followed, which is improper under various legal ethics rules. Also, it is not effective technically, as you cannot access or search past tweets very effectively (which are often just as important as ones in real time), and it is very difficult to monitor up to several dozen jurors in your pool.

The right software will allow you to employ several techniques and methods, which are most effective when used in conjunction to comprehensively and ethically search for all publicly available juror social media.

The first method is to set a geo-fence around the courthouse and immediate area. This will collect tweets and Instagram posts in real time, as well as going back several days if needed, to collect any tweet that is geo-located in that area. Here is an example of such an effort:geo fence

Another advantage of this method is that it will capture any geo-located social media posts by not only jurors at the courthouse but also by opposing counsel or witnesses, which happens more often than you would think. Expert witnesses in particular can be prolific on social media as they promote their services and their personal brand. They also often Tweet and share approvingly links to industry articles and blog articles, which can then be considered to be part of their opinion record.

The second method is to set keywords such as #juryduty or “jury duty” across the public feed of social media sites. This will cast a wider net, returning posts from all over the country if not the world. But with the right tools you can quickly be able to filter out the ones that are within your geographical location. This will also capture posts that are not Geotagged by the user.  If your case has any media attention, even just locally or within industry media verticals, it is a very good idea to set up keywords that can identify any mention of your case in public feeds.

And just for fun, here are the top 5 controversial juror posts from just the past few days:

bad tweets

And finally, once you have identified an impaneled juror or a member of the potential pool, and have their social media profile names,  you can quickly and anonymously collect all their past and ongoing public social media content through special software such as X1 Social Discovery. This also has the advantage of instantaneous and unified search across all available social media streams from multiple jurors. You also can set up email alerts so that if a juror or other person of interest posts anything, you will immediately be alerted to that post. This is also an effective technique when following opposing counsel or key witnesses. And it’s often a good idea to your monitor your own clients as well.

For more information about how to conduct effective social medial investigations, please contact us, or request a free demo version of X1 Social Discovery.

1 Comment

Filed under Best Practices, Case Study, Legal Ethics & Social Media, Social Media Investigations, Uncategorized

Search Reveals Hundreds of Improper Juror Social Media Posts Per Day

The Federal Judicial Center (“FJC”) recently published a report surveying 952 federal district court judges to identify the scope of jurors’ improper use of social media during trial and how the courts are addressing the problem. The FJC’s report, Jurors’ Use of Media During Trials and Deliberations, reflects that despite various prevention efforts, jurors continue to use Facebook, Twitter, Google and other sites in several, and that the courts continue to struggle to detect such usage. According to the survey results, 30 judges identified incidents of improper juror social media usage,

Such misconduct can easily result in a mistrial or even reversal of judgement. In State v. Smith, Sept. 10, 2013, the Tennessee Supreme court vacated a first degree murder conviction on the sole grounds that one of the jurors communicated with a prosecution witness during trial via Facebook. The court lamented that Internet and social media “has exponentially increased the risk….of extra-judicial communications between jurors and third parties.” This decision is but one example of this common occurrence of juror misconduct through social media use, requiring attorneys and jury consultants to engage in on-going passive monitoring of publicly available social media information.

In fact we recently did our own search of the Twittersphere with X1 Social Discovery, and uncovered several hundred improper Juror tweets in a single day (1/13/2016). Here is a small sampling:

juror tweets

 

 

 

 

 

 

 

 

 

 

 

 

 

(click to enlarge)

It is thus no surprise lawyers are increasingly using Twitter to investigate and monitor potential and impaneled jurors. However, this type of monitoring activity can lead to serious attorney ethics violations if direct or even indirect communications are sent to the juror as a result of such monitoring activities. (See e.g. New York County Law Association Formal Opinion No. 743, May 18, 2011). Proxies hired by attorneys, including eDiscovery service providers, investigators and jury consultants are subject to these restrictions, which can also apply to social media communications with witnesses or opposing parties who are represented by counsel.

For this reason, X1 Social Discovery features a specialized “public follow” feature that enables access to all the past Tweets of a specified user (up to 3200 past tweets) and any new Tweets in real-time without generating a formal “follow” request with the resulting problematic communication.. These legal ethics rules concerning indirect social media communications underscores the importance of employing best practices technology to search and collect social media evidence for investigative and eDiscovery purposes.

Collecting evidence in a manner that prevents, or at minimum, does not require that attorneys and their proxies directly or indirectly communicate with the subjects from whom they are collecting social media evidence is a core requirement for solutions that truly address investigative and eDiscovery requirements for social media. In addition to preserving and authenticating social media evidence in a proper manner, X1 Social Discovery provides fast and comprehensive searching of the data in a manner unmatched by any other technology.

It can even potentially prevent a possible mistrial through early detection of a juror’s improper Tweets or Facebook postings.

UPDATED:  Attorney Ignatius Grande, co-chair of the New York State Bar Committee on Social Media, contacted me in response to this post, to point to the Committee’s recently published Social Media Jury Instruction Report. The report describes the scope and challenges from juror social media use during voir dire and trial, as well as proposed amendments to standard jury instructions address such juror misconduct.

 

Leave a comment

January 27, 2016 · 6:12 PM

Dr. Michael Levitt: World Famous Scientist, Nobel Laureate, and X1 Power User

Michael Levitt Nobel Prize in Chemistry 2013

Michael Levitt
Nobel Prize in Chemistry 2013

Recently I had the distinct honor of speaking with Dr. Michael Levitt, a 2013 Nobel Prize winner for Chemistry, and highly regarded Professor of Structural Biology at Stanford University. The Nobel Committee awarded Dr. Levitt a Nobel in recognition of his research in computational biology, “for the development of multiscale models for complex chemical systems.” He is also a “huge fan” of X1. When Dr. Levitt and I spoke, he discussed his daily use of X1 Search and how it is essential to his research and professional productivity. “X1 saves me many hours per week,” per his unsolicited email to us at X1 that initiated our dialogue, “I cannot survive without it.”

A computer-savvy scientist, Dr. Levitt relies on a Macintosh laptop with VMWare virtualization running a Windows OS, where he stores 200 gigabytes of data, including 40 gigabytes of over 300,000 emails, and of course relies on X1 to make sense of it all. “Next to my computer itself, X1 is the one tool I can’t do without,” explained Dr. Levitt.  “People use the term ‘big data’ a lot these days, but the most important ‘big data’ for me is the 200 gigabytes on my laptop that consists of decades of research, important communications with fellow academics, and other key resources.  X1 enables me to find what I am looking for instantaneously. It is a very effective interface to all of my information.”

Dr. Levitt credits X1’s lightning-fast, iterative and faceted search capability, along with X1’s reliability and stability, as enabling him to quickly and tactically sift through 200 gigabytes of emails and academic research. “X1 is an intimate part of my workflow — it is essentially an extension of my mind when I engage in information retrieval, which is many times an hour during my workday.”

In addition to locating his research and other critical data, X1 proved very handy to Dr. Levitt in managing an important email response project. “When I was awarded the Nobel, I received over two thousand congratulatory emails. I used X1 to cross reference my sent folder to make sure I replied to them all. That X1 shortcut saved me several hours alone!”

Dr. Levitt’s testimonial echoes similar sentiments expressed by many high-powered business professionals at top financial institutions, major law firms, consulting companies and science and engineering firms. They all rely on X1 to dramatically enhance their productivity by quickly locating their information amongst an ever-increasing avalanche of emails and other data.

We here at X1 extend our congratulations to Dr. Levitt for his 2013 Nobel prize in Chemistry, as well as our sincere thanks to him for reaching out to us and sharing his enthusiastic feedback on X1 search, which, incidentally, is completely gratis. “Just keep developing great software” is all he asked for in return.

___________________________________________________________________

For more information about X1 Search 8, including a free 14 day trial, please visit here >

1 Comment

Filed under Case Study, Desktop Search