Category Archives: eDiscovery

November 1, 2022 · 11:42 AM

Proportionality in eDiscovery is Ideal, but Difficult to Realize Without an Optimized Process

By John Patzakis

(Originally published October 24, 2022 by JD Supra and EDRM)

Image: Kaylee Walstad, EDRM

Proportionality-based eDiscovery is a goal that all corporate litigants seek to attain. Under Federal Rule of Civil Procedure 26(b)(1), parties may discover any non-privileged material that is relevant to any party’s claim or defense and proportional to the needs of the case. Litigants that take full advantage of the proportionality rule can greatly reduce cost, time and risk associated with otherwise inefficient eDiscovery.

While there is a keen awareness of proportionality in the legal community, realizing the benefits requires the ability to operationalize workflows as far upstream in the eDiscovery process as possible. For instance, when you’re engaging in data over-collection, which in turn incurs extensive labor and processing costs, the ship has largely sailed before you are able to perform early case assessments and data relevancy analysis, as much of the discovery costs have already been incurred at that point. The case law and the Federal Rules provide that the duty to preserve only applies to potentially relevant information, but unless you have the right operational processes in place, you’re losing out on the ability to attain the benefits of proportionality.

However, traditional eDiscovery services typically involve manual collection, followed by manual on-premises hardware-based processing, and finally manual upload to review. These inefficiencies extend projects by often weeks while dramatically increasing cost and risk with purposeful data over-collection and numerous manual data handoffs. The good news is that solutions and processes addressing the first half of the EDRM involving collection and processing are now far more automated than they were even a few years ago.

Recently EDRM hosted a webinar addressing these issues – “Operationalizing your eDiscovery Process to Realize Proportionality Benefits” – and more specifically, as the title reflects, explored how to operationalize your eDiscovery process to achieve lower costs, improve early case strategy, realize faster time to review and reduce overall legal risk.

Here are some key takeaways from the webinar:

  • A detailed legal analysis was provided highlighting the case of Raine Group v. Reign Capital, (S.D.N.Y. Feb. 22, 2022), which applied proportionality at the point of identification and collection, not just production. The court endorsed the use of detailed and iterative keyword searches to identify and preserve potentially relevant ESI.
  • A demonstration was shown on how to enable detailed and proportional search criteria, applied in-place, at the point of collection. Such a capability is key to realizing the blueprint for targeted and proportional ESI collection outlined in Raine Group.
  • The speakers also discussed how organizations should move upstream to focus on information governance to reduce the data funnel as soon as possible. The new generation of eDiscovery technology in the areas of collection, identification, analytics, and early data assessment, enables enterprises to operationalize proportionality principles.

The webinar culminated with the notion that an optimized process that applies proportionality upstream at the collection and identification stage reduces the data volume funnel by as much as 98 percent from over-collection models, yet with increased transparency and compliance. A link to the recording from the webinar can also be accessed here.

Leave a comment

Filed under Best Practices, Case Law, Case Study, ECA, eDiscovery, Enterprise eDiscovery, ESI, Preservation & Collection, proportionality

Tagged as , ,

September 20, 2022 · 10:46 AM

The Traditional Workplace is Not Coming Back, with Major Implications for eDiscovery

By John Patzakis

The world has in many ways returned to life as it was prior to the pandemic. Restaurants and hotels are packed again. Children are all back in their classrooms. Rock bands and philharmonics are playing in front of full audiences. But this is not so for the office.

Only about a third of knowledge workers are back in the office more than once a week, but, according to CNN, only 5 percent of employers are requiring in-office attendance five days a week. And it doesn’t look like these trends are going to change dramatically any time soon. In fact, the trend toward remote work should continue as office leases continue to expire. The vast majority of knowledge workers prefer some form of hybrid or remote work, and executives are increasingly coming to accept that reality. Remote and hybrid work is here to stay. And this has major repercussions for eDiscovery practices.

This is because the legacy manual collection workflow involving travel, physical access and one-time mass collection of custodian laptops, file servers and email accounts is a non-starter for the new era of remote and distributed workforces. Manual collection efforts are expensive, disruptive and time-consuming as many times an “overkill” method of forensic image collection process is employed, thus substantially driving up eDiscovery costs.

When it comes to technical approaches, endpoint forensic crawling methods are now a non-starter. Network bandwidth constraints coupled with the requirement to migrate all endpoint data back to the forensic crawling tool renders the approach ineffective, especially with remote workers needing to VPN into a corporate network. Corporate network bandwidth is at a premium, and the last thing a company needs is their network shut down by inefficient remote forensic tools.

For example, with a forensic crawling tool, to search a custodian’s laptop with 20 gigabytes of email and documents, all 20 gigabytes must be copied and transmitted over the network, where it is then searched, all of which takes at least a day or so per computer. So, most organizations choose to force collect all 20 gigabytes. But while this was merely inefficient and expensive pre-pandemic, it is now untenable with the global remote workforce.

Solving this collection challenge is X1 Enterprise Collect, which is specially designed to address the challenges presented by remote and distributed workforces. X1 enables enterprises to remotely, quickly and easily search across up to thousands of distributed endpoints and data servers from a central location. Legal and compliance teams can perform unified complex searches across both unstructured content and metadata, obtaining statistical insight into the data in minutes, and full results with completed collection in hours, instead of days or weeks. The key to X1’s scalability is its unique ability to index and search data in place, thereby enabling a highly detailed and iterative search and analysis, and then only collecting data responsive to those steps.

X1 operates on-demand where your data currently resides — on desktops, laptops, servers, or the cloud — without disruption to business operations and without requiring extensive or complex hardware configurations. After indexing of systems has completed (typically a few hours to a day depending on data volumes), clients and their outside counsel or service provider may then:

  • Conduct Boolean and keyword searches of relevant custodial data sources for ESI, returning search results within minutes by custodian, file type and location.
  • Preview any document in-place, before collection, including any or all documents with search hits.
  • Remotely collect and export responsive ESI from each system directly into a Relativity or RelativityOne® workspace for processing, analysis and review or any other processing or review platform via standard load file. Export text and metadata only or full native files.
  • Export responsive ESI directly into other analytics engines, e.g. Brainspace®, H5® or any other platform that accepts a standard load file.
  • Conduct iterative “search/analyze/export-into-Relativity” processes as frequently and as many times as desired.

To learn more about this capability purpose-built for remote eDiscovery collection and data audits, please contact us.

Leave a comment

Filed under Best Practices, ECA, eDiscovery, eDiscovery & Compliance, Enterprise eDiscovery, ESI, Preservation & Collection

Tagged as , , , , , , ,

August 30, 2022 · 11:36 AM

5 Reasons Why Native Format Collection is Essential for Social Media Evidence

By John Patzakis

As succinctly noted by The Florida Bar Association in its publication, Florida Law Journal: “Social media is everywhere. Nearly everyone uses it. Litigants who understand social media — and its benefits and limitations — can immeasurably help their clients resolve disputes…it is inevitable that the social media accounts of at least one person involved in a dispute will have potentially relevant and discoverable information.“ “Social Media Evidence: What You Can’t Use Won’t Help You” Florida Law Journal, Volume 88, No. 1.

The high volume of relevant social media evidence means that lawyers are under an ethical duty of competence to address and account for it in their litigation and compliance matters. For this reason, there has been a strong demand for social media evidence collection software and services. However, Facebook, the most widely used social media platform, rolled out a completely new interface and data format in the latter part of 2020 for all their 2.4 billion users. This broke every social media evidence tool on the market, causing a major disruption of eDiscovery and compliance workflows. In response, social media evidence collection tools either exited the market, changed their model to services, or provided flat file screen shots as their output.

Flat file screen shots of social media are of very limited value, as what they generally entail is a screenshot pdf image file without searchable text or metadata, other than what is visible on the image itself. For this reason, X1 put in the historical and ongoing work and R&D investment, so that its users would have native post-level collection and parsing to ensure accuracy, key metadata collection, court authentication, and evidentiary completeness of the collected data. Nothing short of those capabilities are acceptable.

To further explain why screenshot will not suffice, here are 5 reasons why native, post-level collections are essential when preserving and seeking to produce social media evidence for judicial purposes:

  1. Defensibility and Authentication of Evidence:

    Many courts have rendered “smoking gun” and other key web-based evidence worthless because the proponent offered a simple printed copy of a social media webpage, and thus failed to meet evidentiary authentication requirements. (See Moroccanoil vs. Marc Anthony Cosmetics, 57 F.Supp.3d 1203 (2014), (Facebook screenshots inadmissible in a trademark infringement without supporting circumstantial information). Commonwealth v. Mangel 181 A.3d 1154 (2018) (Court disallows Facebook screenshot as evidence due to lack of supporting metadata),

    Another key decision is Edwards v. Junior State of America Foundation, No. 4:19-CV-140-SDJ, (US Dist. CT, E.D. Texas April 23, 2021), which applied the best evidence rule to social media evidence. The court ruled that the metadata and full context of the native files were essential to satisfy the Best Evidence Rule. The court held that screenshots were not an output that accurately reflected the substance and context of the native file, since they could not show that the messages were authentic, nor could they “be used to prove that (the Plaintiff) sent the Facebook Messages contained in the screenshots.” Failure to produce the native files prejudiced the Defendants “of the ability to substantiate or refute the authenticity of the alleged messages.”

    With native post-level collection, all critical metadata is captured and preserved, in full context, and post-level hash values are generated at the point of collection. For these reasons, X1 Social Discovery is the gold standard for evidentiary authentication of social media and web-based evidence.

  2. Text Searchable and Sorting of Posts

    X1 Social Discovery automatically indexes all text and metadata of all collected social media posts, comments, and web pages at the time of collection. This enables text and filtering across up to tens of thousands of social media posts, allowing the examiner to immediately hone in on the relevant evidence. Screenshots must be processed further with Optical Character Recognition (OCR), a process which is unwieldy, expensive and not workable in large volume matters.

  3. Comments Provided in Line and in Context

    Comments to social media posts are often critical evidence. With screenshots, associated comments to a post are not collected, or at best are truncated and not displayed inline. Conversely, post-level native collection of social media is ideal, because it enables the collection of the social media post as a parent item with all associated metadata and comments preserved and displayed inline. This contextual display is preserved throughout the investigation process, including through the generation of robust load files that preserve date stamps, other key metadata, and family post identification with associated comments.

  4. Analytics Support

    Analytics for investigation and eDiscovery purposes, such as link analysis, clustering and technology assisted review (TAR), operate on the text and metadata of the subject documents, emails and social media posts. Resorting to screenshots, including flat file pdf image captures, effectively prevents the use of game-changing analytics in your case. To take full advantage of analytics for social media and web-based evidence, native, post-level collections are essential.

  5. Seamless Upload in Review Platforms (No processing needed).

    Some believe that screenshots of social media and web-based evidence save time and money. Nothing could be further from the truth. Screenshots generate flat images that do not enable effective text extraction, and it is impossible to cull, process, and effectively output to attorney review platforms such as Relativity. Because of these limitations, litigants must incur dramatically increased processing costs and time delays to make the data workable in an investigative or litigation workflow. For instance, the images must be run through OCR, the various requisite metadata fields must be manually entered, and the truncated screen shots reassembled into context so they appear and read as they did in their original state, as well as other painstaking steps. All this will typically cost up to tens of thousands of dollars in additional processing fees.

Employing more automated means, such as X1 Social Discovery, enables the examiner to quickly collect entire web pages and publicly available or otherwise properly accessed social media accounts, which can be hundreds of pages long. This comprehensive and thorough collection allows the examiner to collect far more potential evidence, preserving all relevant metadata, and having that evidence be immediately searchable and reviewable in a highly effective integrated review and analytics platform. All this enables a very fluid and scalable workflow that dramatically reduces downstream processing and review platform upload costs.

X1 Social Discovery is the only eDiscovery solution to provide post-level parsing for Facebook timeline posts in the new Facebook format, as well as for Twitter feeds. To learn more about this important functionality, please contact us for more information.

Leave a comment

Filed under Authentication, Best Practices, Data Audit, eDiscovery, Preservation & Collection, Social Media Investigations, Social Media Metadata

August 23, 2022 · 10:36 AM

Proportionality Focus Presents Challenges and Opportunities for eDiscovery Service Providers

By John Patzakis

Proportionality is now the hottest legal issue involving eDiscovery, with the largest number of eDiscovery-related cases in the past year addressing the subject. Relativity eDiscovery attorney David Horrigan recently led an informative webinar “Data Discovery 2022 Mid-Year Update” (access recording here) reporting that 642 published court decisions tackled legal considerations involving proportionality in discovery in the first half of 2022. As only a very small number of cases involve a published decision that we can access online, it is safe to assume that several thousand more cases litigated the proportionality issue during this time period.

Proportionality-based eDiscovery is a goal that all judges and corporate attorneys want to attain. Under Federal Rule of Civil Procedure 26(b)(1), parties may discover any non-privileged material that is relevant to any party’s claim or defense and proportional to the needs of the case. Lawyers that take full advantage of the proportionality rule can greatly reduce cost, time and risk associated with otherwise inefficient eDiscovery.

While there is keen awareness of proportionality in the legal community, attaining the benefits requires the ability to operationalize workflows as far upstream in the eDiscovery process as possible. For instance, when you’re engaging in data over-collection, which in turn runs up of a lot of human time and processing costs, the ship has largely sailed before you are able to perform early case assessments and data relevancy analysis, as much of the discovery costs have already been incurred at that point. The case law and the Federal Rules provide that the duty to preserve only applies to potentially relevant information, but unless you have the right operational processes in place, you’re losing out on the ability to attain the benefits of proportionality.

An example of a process that effectively applies proportionality on an operational basis would be an iterative exercise to identify relevant custodians, their data sources, applicable data ranges, file types and agreed upon keywords, following the process outlined in McMaster v. Kohl’s Dep’t Stores, Inc., No. 18-13875 (E.D. Mich. July 24, 2020), and Raine Group v. Reign Capital, (S.D.N.Y. Feb. 22, 2022), and collect only the data that is responsive to such specific criterion. Both McMaster and Raine Group decisions apply proportionality at the point of identification and collection, not just production. The latest enterprise collection tech from Relativity and X1 enable such detailed and proportional criteria to be applied in-place, at the point of collection. This reduces the data volume funnel by as much as 98 percent from over-collection models, yet with increased transparency and compliance. In other words, a collection process that is targeted, automated and proportional, instead of one that is overbroad and manual.

However, traditional eDiscovery services typically involve manual collection, followed by manual on-premise hardware-based processing, and finally manual upload to review. These inefficiencies extend projects by often weeks while dramatically increasing cost and risk with purposeful data over-collection and many manual data handoffs. However, the first half of the EDRM involving collection and processing are now far more automated than they were even a few years ago. The purchasers of eDiscovery services and software have clearly noticed and are demanding adaptation from vendors, especially service providers. This new normal of proportionality focus presents a very significant challenge to many service providers.

So how can services firms adapt to this new paradigm? Here are few strategies:

First, services firms should move upstream to focus on information governance to reduce the data funnel as soon as possible. The new generation of eDiscovery technology in the areas of collection, identification, analytics and early data assessment, enables enterprises to operationalize proportionality principles. However, this ideally involves high-end strategic consulting to bring these processes together and operationalize them. This also enables services firms to develop direct and ongoing relationships with corporate law departments, IT and other key corporate stakeholders.

Second, service providers should pivot to managed services (like most other IT consultants) instead of a reactive project-based mindset. Fire drill eDiscovery projects by definition lack any process and result in data-overcollection and many other inefficiencies that thwart the realization of proportionality principles. Establishing a managed service relationship “bakes in” the service provider into an established eDiscovery workflow, including information governance, pre-collection analytics, targeted collection and integrated processing and hosting to enable far more proportional eDiscovery efforts, across multiple matters per client.

Third, services firms should find ways to develop or otherwise acquire their own differentiating tech or establish meaningful partnerships with tech platform providers. These partnerships should entail more than merely using the software, but the development of proprietary workflows or even technical integrations that enable unique service offerings that operationalize proportionality.

At the end of the day, eDiscovery is a technical process that is subject to technology disruption just like any other technology-based services industry. eDiscovery services firms that not only adapt to but embrace this change as a strategic opportunity will be the ones who prosper the most.

Leave a comment

Filed under Best Practices, collection, ECA, eDiscovery, Enterprise eDiscovery, Preservation & Collection, proportionality, Relativity

Tagged as

August 17, 2022 · 10:38 AM

Important SaaS Architecture Considerations for Legal Tech Software

by Kunjan Zaveri

With nearly all eDiscovery software now being offered on a SaaS basis, the cloud architecture decisions supporting the vendor’s platform are pivotal. Decisions on architecture design can lead to either very successful or very poor outcomes. The right architecture depends on the company’s SaaS delivery strategy, their customer profile and size, and the volume and nature of their anticipated transactions. These considerations are especially important in the legal tech space, which has some unique requirements and market dynamics such as heighted security and customization for large clients, and channel support (requiring platform portability), which are generally not as relevant to general SaaS architecture considerations.

At a high level, it is important to understand the two main SaaS architectures: multi-tenancy and single-tenancy. In cloud computing, tenancy refers to the allocation of computing resources in a cloud environment. In SaaS, tenancy is categorized into two formats: single-tenant SaaS and multi-tenant SaaS. In the single-tenant SaaS environment, each client has a dedicated infrastructure. Single-tenant products can’t be shared between clients and the buyer can customize the software according to their requirements. Multi-tenancy is an architecture where a single instance of a software application serves multiple customers. In a multi-tenant SaaS environment, many organizations share the same software and usually the same database (or at least a portion of a common database) to save and store data.

Single-tenancy and multi-tenancy SaaS each have their advantages and disadvantages, and the selection of either approach by a legal tech SaaS vendor should depend on their overall product and go-to-market strategy. Here are some of the advantages of a single-tenancy architecture:

1. Improved Security

With single-tenancy, each customer’s data is completely isolated from other customers with fewer and more trusted points of entry. The result is better overall security from outside threats and the prevention of one customer accessing another’s sensitive information, either intentionally or inadvertently.

2. Reliable Operations and Individual Tenant Scalability

Single-tenant SaaS architectures are considered more reliable as there is not a single point of failure that can affect all customers. For example, if one client uploads a massive amount of corrupt data that taxes resources and crashes the system, it won’t affect another clients’ instances. Single-tenancy is actually more scalable within an individual client instance, while multi-tenancy can better scale the addition and management of many customers.

3. Customization

Many large customers need specific features or unique security measures that require custom development, which can be very difficult in a multi-tenancy environment. Companies that use single-tenancy architecture can upgrade their services individually. Rather than waiting for the software provider to launch a universal update, users can update their accounts as soon as the download is available or decline patches that are not needed by a specific customer.  

4. Portability

With single-tenancy, a vendor can host their platform in their own SaaS environment, a channel partner’s environment, or enable their customers to install the solution behind their firewall or in their private cloud. Multi-tenancy SaaS does not allow for this flexibility.

Multi-tenant SaaS Advantages

Multi-tenancy is commonly utilized as most SaaS offerings are consumer or otherwise high-volume commoditized offerings, which necessitates such an architecture. Here are some of the key advantages of multi-tenant SaaS architecture over single-tenant:

1. Lower Costs

Since computing services are all shared under a multi-tenant architecture, it can cost less than a single-tenant structure. Scaling across the customer base is easier as new users utilize the same uniform software and resources as all the other customers.

2. Efficient Resources Spread Across all Customers

Because all resources are shared and uniform, multi-tenant architecture uses resources that, once engineered, offer optimum efficiency. Since it’s a changing environment where resources are accessed simultaneously, multi-tenant SaaS software needs to be engineered to have the capacity for powering multiple customers at once.

3. Fewer Maintenance Costs

Maintenance costs are usually associated with a SaaS subscription and aren’t passed through to the customer or incurred by the channel partner like with a single-tenant structure.

4. Shared Data Centers

Unlike a single-tenant environment, a vendor doesn’t have to create a new instance within the datacenter for every new user. Customers have to use a common infrastructure that removes the need to continually add partitioned instances for each new tenant.

So which architecture is the right one for a legal tech SaaS vendor? It completely depends on the company’s strategy, pricing, and nature of the offering. To illustrate this point, consider the examples of two hypothetical legal tech SaaS vendors: Acme and Widget.

Acme provides do it yourself data processing on a high-volume, low-cost basis, handling about 700 matters a week at an average project value of $400. Acme’s customer base is primarily small to medium size law firms and service providers who have multiple projects on different cases over the course of a year. Acme’s clients do not want to fuss with hardware or any software maintenance requirements.

Widget offers an enterprise-grade compliance and security data analytics platform, sold at an average sale price (ASP) of $400,000, but as high as $2 million for a dedicated annual license. Widget has 32 active enterprise customers and hopes to grow to 70 customers in three years with an even higher ASP. About a third of Widget’s clients prefer that Widget host the solution in Widget’s cloud instance. Another group of clients are large financial institutions that, for security and governance purposes, insist on self-hosting the platform in their own private cloud. The rest are instances sold through channel partners who prefer to host the platform themselves and provide value added services. Many Widget customers have particularized compliance requirements and other unique circumstances that require customization to support their needs.

For Acme, the correct choice is multi-tenancy. Acme offers a commoditized SaaS service, and it needs a high volume of individual customers to drive more transactional revenue growth. A single-tenancy architecture would prevent the company from scaling, would be too expensive, and unmanageable. However, some legal tech companies who have opted for this architectural approach have made the mistake of pursuing a more low-market commoditized strategy without making the initial considerable investment in engineering expertise and resources to build such an architecture.

In contrast, single-tenancy is the optimal architecture choice for Widget. While single-tenancy cloud is slightly more challenging to support, Widgets’ premium enterprise offering requires portability for the channel and rigorous security minded clients as well as customization, and thus is a clear fit for single-tenancy. In the future, Widget may have closer to a thousand customers or be acquired by a much larger company that will want to deploy the solution to their extensive client base. It would be a good idea for Widget to architect their single-tenancy platform in a manner, such as employing microservices, that will allow it to readily port it to a multi-tenancy environment when warranted.

So, for legal tech executives, the question to ask is whether your strategy and product offering is more in line with Widget or Acme. But the bottom line is to make sure your strategy drives your choice of architecture and not the other way around.

Kunjan Zaveri is the Chief Technology Officer of X1. (www.x1.com)

Leave a comment

Filed under Best Practices, Cloud Data, eDiscovery, Enterprise eDiscovery, SaaS

Tagged as , , ,