Category Archives: m365

Kim v. Cushman & Wakefield: A Federal Court Confirms That Email Search Terms Don’t Work for Microsoft Teams

By John Patzakis

Blog header about the Kim v. Cushman & Wakefield case, discussing a federal court ruling on email search terms and their ineffectiveness for Microsoft Teams. Includes graphics of a gavel, documents, and message bubbles.

A recent decision out of the Central District of California should be required reading for any legal team that includes Microsoft Teams as data source in their discovery plan. In Kim v. Cushman & Wakefield U.S., Inc., 2026 WL 1353455 (C.D. Cal. Apr. 24, 2026), the court held that search terms that may be appropriate for email may not be sufficient for shorter, less formal communications on a collaboration platform like Teams.

The plaintiff, Ms. Kim, alleged pregnancy discrimination after being terminated upon her return from maternity leave. The defendant asserted the termination was part of a reduction in force; Ms. Kim alleged that rationale was pretextual. The discovery dispute arose when it emerged that the defendant had not searched Microsoft Teams at all—even though, as one of the defendant’s own witnesses testified, Teams was one of the primary communication methods used at the company. To its credit, upon discovering the gap, defense counsel immediately ran the existing email search terms against Teams and produced 47 pages of messages, two of which proved relevant to the pretext analysis.

That partial cure satisfied no one. The plaintiff demanded a nearly indiscriminate search of “all reasonably likely repositories,” while the defendant maintained it had already run the terms against Teams and “there’s nothing left.” The court’s response: “Neither position is quite right.”

The Teams Ruling: Keyword Searches Alone Are Not Enough
The heart of the opinion is the court’s recognition that rerunning email-oriented search terms against Teams data is structurally flawed. The defendant’s terms all required “Connie Kim” as an anchor—e.g., “Connie Kim” NEAR “terminat!”. As the court explained:

“It is arguable whether that may work well enough even for emails, but it cannot work for MS Teams chats about transition planning among managers who might say ‘the Smartsheet’ or ‘Brooke’s workload’ without mentioning Plaintiff by name. Keyword searches alone, without more advanced and thoughtful search techniques, will be inadequate for Teams data—a medium where conversations are shorter, more informal, and less likely to include full names than email.”

The court also underscored the certification obligation that attaches once a party elects to search: “An objecting party that elects to search and produce—rather than move for a protective order—undertakes an obligation to search reasonably. See Fed. R. Civ. P. 26(g)(1)(B).” And the Rule 26(b)(1) proportionality analysis weighed in the plaintiff’s favor as to Teams, since the messages already produced confirmed that relevant communications existed in that repository.

Notably, the court declined to dictate methodology, holding that how the defendant fulfills its supplemental search obligation— “whether through custodian-based collection, refined keyword queries, or technology-assisted review—is Defendant’s choice, so long as the search is reasonable and the production is complete.” The court also traced the root cause to a pro forma Rule 26(f) conference: had the parties conducted a substantive ESI conference identifying repositories, custodians, and communication platforms at the outset, the Teams gap would have been caught months earlier.

In his excellent writeup of this case, Michael Berman of E-Discovery LLC consulted eDiscovery expert Tom O’Connor of the Gulf Coast Legal Technology Center, who raised a critical practical question: what tool was actually used for the search? O’Connor explained that while keyword searches inside Teams work, Teams supports only basic keyword matching and a few command-style filters. Per O’Connor, the native “Teams search indexes chat differently than email,” in that it:

• “Prioritizes exact word matches;
• Does not index message metadata as richly as Outlook;
• Often misses partial-word matches; and
• Returns fewer results when the term is too specific.”

In other words, even well-crafted Boolean terms can silently underperform when run against Microsoft’s native Teams index.

Why Kim Illustrates the Case for X1 Enterprise
The Kim decision validates what we have long argued at X1: when addressing MS 365 data for eDiscovery, the search methodology applied to it must be purpose-built. As we detailed when we launched our advanced MS Teams support, X1 Enterprise enables a targeted, iterative search and collection of Teams data in-place, with the ability to target individual custodians and specific messaging threads—displacing any need to mass download channels—plus unified search across Teams, OneDrive, SharePoint, Mail, laptops, and file shares, and one-click upload into Relativity for review.

Critically, X1 does not rely on the limited native Microsoft Teams index that O’Connor describes. X1’s patented technology builds its own full-featured index of Teams data, enabling precisely the “more advanced and thoughtful search techniques” the Kim court demanded. That includes detailed Boolean queries with nested operators, proximity, and wildcard/stemming support that execute consistently across both email and chat data—so counsel is not forced to choose between Outlook precision and Teams looseness. X1 also includes the ability to search on emojis, which is critical for Teams and other chat platforms, where a reaction emoji may be the entire substance of a manager’s response to a message about a “transition plan.”

X1’s patented in-place search and classification capabilities extend this further. Through the X1 API, organizations can programmatically execute searches and apply AI-driven classification models directly where the data lives—before anything is collected. Applied to the Kim fact pattern, that means counsel can iteratively test and refine looser, Teams-appropriate search terms against live data, measure the results, and classify what comes back—building a defensible, documented search methodology of exactly the kind the court invited when it referenced “refined keyword queries” and “technology-assisted review.” And because it all happens in place, the proportionality benefits are built in as only potentially responsive data is collected.

The lesson of Kim is straightforward. Courts now expect parties to identify collaboration platforms like Teams at the Rule 26(f) stage, to search them with techniques suited to informal chat data, and to do so reasonably and completely. Meeting that expectation requires solutions designed for the job.

Learn more about the X1 Enterprise Platform, or contact our sales team to schedule a live demo.

Leave a comment

Filed under Best Practices, compliance, Corporations, Data Audit, Data Governance, ECA, eDiscovery & Compliance, Enterprise eDiscovery, Enterprise Search, ESI, Information Access, Information Governance, Information Management, law firm, m365, MS Teams

Why X1’s AI In-Place Architecture Is a Genuine Departure from Legal AI’s Status Quo

By John Patzakis

X1 AI In-Place Architecture — AI hub connecting to distributed enterprise data sources including Microsoft 365, email, cloud, and endpoints

The legal technology market has a buzzword problem. Terms like “AI-powered,” “intelligent review,” and “automated analysis” have been applied so broadly—and so inconsistently—that they have largely lost their ability to signal anything meaningful about how a product actually works. Against that backdrop, X1’s announcement last week of AI In-Place for X1 Enterprise represents a genuinely different approach to applying AI within enterprise legal and compliance workflows. The reason for this basis is X1’s unique architecture.

To understand why, it helps to start with the dominant model that most legal AI tools share. The overwhelming majority of AI-enabled eDiscovery and governance platforms are built on a collect-first assumption: data must be moved out of its native environment—copied, ingested, centralized in a vendor-controlled repository—before any AI model can be applied to it. This is not an incidental design choice; it reflects the fundamental architecture of how most of these platforms were built, long before AI became part of the product story. The result is what practitioners have come to call the “prompt wrapper” problem: an AI interface sits in front of a conventional data pipeline, and the underlying mechanics—the cost, the risk, the latency—remain largely unchanged. A large language model with a “middleware” workflow does not solve the structural problem of what happens to sensitive data before the AI touches it.

X1’s AI In-Place architecture inverts that assumption. Rather than requiring data to travel to an AI system, X1’s patented distributed micro-indexing technology deploys AI models directly into lightweight micro-indexes at the data source itself—across Microsoft 365 environments, file shares, cloud repositories, and endpoints. The AI executes where the data lives, and the data does not move. The implications run across multiple dimensions: data never leaves the enterprise perimeter, security policies and endpoint controls remain intact throughout the process, and the computational overhead and massive AI token costs associated with large-scale data ingestion is avoided entirely. For matters involving a terabyte of data or more—where centralized collection is not merely expensive but operationally infeasible—this architectural distinction is not incremental. It changes what is actually possible.

The workflow mechanics reinforce the point. AI models are deployed into X1’s distributed micro-indexes behind the firewall, execute against enterprise data in place, and surface AI-enriched insights—tags, classifications, risk scores—into a central console without the underlying data ever being collected or copied. That means targeted collection decisions, early case assessment, and information governance actions can be driven by AI-informed analysis conducted across the full enterprise data landscape, not just against a subset of data that has already been moved. The distinction matters because the scope of analysis in the collect-first model is constrained by collection costs; in the in-place model, analysis scope is no longer tethered to collection volume. Investigations and governance programs can, in principle, cast a much wider net analytically while actually reducing the volume of data that requires review.

Mandi Ross, CEO of Insight Optix, offered a perspective that cuts to the core of what makes this architecture commercially significant: “Enabling AI directly where the clients’ data resides fundamentally changes the economics, speed, and risk profile of enterprise data discovery, investigations and compliance workflows. With X1 Enterprise AI In-Place, we can deploy AI models, pre-trained or customized for specific matters, data queries, or compliance requirements—securely within client environments, dramatically accelerating time to insight without sensitive information being collected, duplicated, or centralized outside their control.”

Ross identifies three dimensions the in-place approach changes: economics, speed, and risk. On economics, a significant lever is the reduction in review population size—AI-informed pre-collection filtering means fewer documents proceed to human review. Additionally, costs associated with collection and processing, including expensive AI token utilization, are all but eliminated. On speed, running analysis in situ, without waiting for collection and ingestion cycles, compresses time to first insight—critical in time-sensitive investigations and regulatory responses. On risk, data that does not move cannot be breached in transit, does not reside in vendor infrastructure outside the client’s control, and does not generate the compliance exposure of large-scale cross-boundary transfers. Her comment reflects what experienced practitioners understand but marketing language tends to obscure: the most consequential question about any legal AI tool is not what the AI does, but what happens to the data before and during its operation.

The enterprise deployment model reflects design discipline that distinguishes AI In-Place from retrofitted solutions. Organizations retain centralized governance over AI usage while processing remains local under existing security policies and endpoint controls. AI capabilities are fully optional and configurable at the data source level—important for organizations operating across multiple jurisdictions with differing regulatory requirements—and customer data is never used to train, fine-tune, or enrich underlying AI models, addressing a standard due diligence concern in enterprise AI procurement.

The practical use case implications are significant across several domains. In legal and eDiscovery contexts, in-place TAR and pre-collection analytics allow AI-informed decisions about what to collect before collection begins, directly reducing review volumes and costs. In information governance, AI-driven classification and policy enforcement can operate continuously across the full enterprise data estate rather than against periodic snapshots, enabling more responsive and defensible governance programs. In security and investigations, real-time insider risk detection at petabyte scale—across endpoint and cloud environments simultaneously—becomes feasible where centralized architectures make it impractical. In each case, analytical scope is no longer constrained by collection logistics.

Most legal AI products apply AI to data after it has already moved through the conventional collection pipeline. AI In-Place asks a more fundamental question: whether the pipeline itself should be reconceived. We will demonstrate it live on Wednesday, June 24—for those evaluating enterprise AI in legal, compliance, or governance contexts, it is worth seeing what a genuinely different architecture looks like in practice.

Register for the June 24 AI In-Place™ Product Tour →

Leave a comment

Filed under Best Practices, Cloud Data, Corporations, Cybersecurity, Data Audit, Data Governance, ECA, eDiscovery & Compliance, Enterprise AI, Enterprise eDiscovery, Enterprise Search, ESI, GDPR, Information Access, Information Governance, Information Management, m365, MS Teams, OneDrive, SharePoint

Bringing AI to the Data: How X1 Search v11 Redefines Secure Enterprise Search

By John Patzakis

At X1, we believe the future of enterprise AI depends on a simple but often overlooked principle: data should not have to move in order to become intelligent. With the launch of X1 Search v11, we are introducing a fundamentally different approach—one that embeds AI directly into our index-in-place architecture. Rather than forcing organizations to centralize and copy their data into external platforms, we enable AI to operate exactly where that data already lives. You can read the full press release here: https://www.x1.com/x1-introduces-ai-powered-x1-search-delivering-secure-ai-in-place-for-individual-and-enterprise-users/

This release represents an important milestone for us and for our customers. As Chas Meier noted, “X1 Search v11 marks an important milestone in how organizations can safely apply AI…without compromising the security controls enterprise environments demand.” That statement reflects our core design philosophy: AI must adapt to enterprise security, compliance, and governance requirements—not the other way around.

With X1 Search v11, we are delivering AI capabilities directly within our micro-index. That means organizations can apply advanced intelligence—classification, categorization, and contextual analysis—across emails, files, and collaboration data without ever relocating that information. Everything happens in place, within existing security boundaries, whether on endpoints or across enterprise systems.

For large enterprises, this architecture unlocks an even more powerful capability: the ability to deploy their own trained and curated large language models directly into the X1 index. Instead of relying solely on generic, hosted AI services, organizations can operationalize models tailored to their data that reflect their internal policies, regulatory requirements, and business workflows. These models run directly against their data, in place, delivering highly relevant and controlled outcomes.

This approach stands in sharp contrast to traditional hosted AI platforms. In those models, organizations must copy and transfer massive amounts of sensitive data into third-party hosted AI platforms before any meaningful analysis can occur. That process introduces serious risks. Moving data to outside providers complicates compliance, potentially compromises IP, and creates new attack surfaces that most enterprises simply cannot accept.

Beyond security concerns, the traditional model also breaks down operationally at scale. Enterprises are not dealing with small data sets; they are managing dozens of terabytes of distributed, unstructured data. Attempting to duplicate and transfer that volume is not just costly; it is infeasible. The result is delays, fragmentation, and incomplete analysis—undermining the very promise of AI.

We have taken a different path. By bringing AI to the data through our distributed micro-indexing technology, we eliminate the need for data movement entirely. Models can be deployed directly to where data resides, enabling real-time analysis while preserving security, reducing infrastructure overhead, and scaling seamlessly across the enterprise.

We see X1 Search v11 as more than a product release—it is a shift in how enterprise AI is deployed. Organizations no longer have to choose between innovation and control. With AI in place, they can achieve both.

To see this in action, we invite you to join our upcoming live product tour on Thursday, April 23, providing a guided walkthrough of the new AI-enriched capabilities and flexible model deployment features.

Leave a comment

Filed under Best Practices, Business Productivity Search, Desktop Search, Enterprise AI, Enterprise eDiscovery, Enterprise Search, ESI, Google Workspace, Information Access, Information Management, m365, MS Teams, X1 Search 11

X1 Brings “AI In-Place” to the Enterprise—A Major Breakthrough for Secure, Scalable AI Deployment

By John Patzakis

Our latest announcement represents a true inflection point in enterprise AI. With X1 Enterprise’s newly introduced capability for AI in-place, organizations and their service providers will, for the first time, be able to deploy and execute large language models (LLMs) directly where enterprise data lives—without moving or copying that data.

This is more than a product enhancement; it is a fundamental shift in how AI is applied across the enterprise.

The Foundation: Efficient Text Extraction Is Critical for AI
Large language models (LLMs) are the core engines that power today’s AI revolution. These models rely entirely on textual input to perform reasoning, summarization, search, and analysis. That is why text extraction is the critical first step. LLMs can only operate once another process extracts the text from emails, documents and chats. Traditionally, that meant copying or exporting data to external systems hosted by third party vendors, a process fraught with risk, cost, and compliance challenges.

Solving the “Data Movement Problem” for Enterprise AI
So, the key barrier to enterprise AI adoption has been the reluctance to move sensitive corporate data to external AI platforms. Whether for security, governance or cost reasons, most enterprises simply cannot send their data outside their environment.

X1’s innovation solves that problem head-on. Instead of shipping sensitive data out to an AI system, X1 brings the AI to the data. Enterprises can now deploy their own proprietary models or open-source LLMs within the secure perimeter of their existing infrastructure, whether on premises or in the cloud. X1’s index-in-place architecture performs the text extraction and indexing where the data resides. By extending that same principle to AI—forward-deploying LLMs directly to enterprise data sources—X1 now enables AI in-place. The result: organizations can apply the analytical power of LLMs across their data without ever moving it.

Once the LLMs are deployed into the X1 micro-indexes, X1 will then auto-apply AI-informed tags, which a user can query globally from a central console and act upon through targeted data collection or remediation. Imagine petabytes of data on file servers, laptops M365 and other sources all AI-classified and then queried and collected on a highly targeted basis.

This means enterprises can now unlock powerful new use cases no matter the scale—AI-assisted compliance, risk monitoring, GRC audits, eDiscovery, and more—while maintaining full control of their data and eliminating the need for costly, risky data transfers.

Enabling Collaboration Between Enterprises and Their Advisors
William Belt, Managing Director and Consulting Practice Leader at Complete Discovery Source, described the impact succinctly:

“Enabling AI in-place where our corporate client’s data lives is game-changing. We look forward to working with our clients to deploy AI models that are either pre-trained or customized for a specific matter or compliance requirement utilizing the X1 Enterprise platform.”

This capability creates a new bridge between corporations and their professional advisors—consulting firms, law firms, and service providers—who can now collaborate directly with their clients to develop, fine-tune, and deploy customized AI models for specific business or legal needs.

Rather than relying on generic cloud-based AI tools, organizations can now build targeted, matter-specific LLMs that are tuned to their unique data and compliance requirements, all executed securely in-place through the X1 Enterprise Platform.

A New Era for Enterprise AI
With this release, X1 is redefining the architecture of enterprise AI. Its ability to perform distributed micro-indexing and in-place AI analysis across global data sources enables secure, scalable, and cost-effective intelligence—without ever duplicating or relocating sensitive data.

For enterprises and their partners, this represents a new era of possibility: true AI at enterprise scale, in-place.

X1 will host a webinar on Wednesday, December 10, featuring a detailed overview of this new capability and a live demonstration. You can register here.

Leave a comment

Filed under Cloud Data, Corporations, Cybersecurity, eDiscovery, eDiscovery & Compliance, Enterprise AI, Enterprise eDiscovery, Information Governance, m365

The Business Case for In-House eDiscovery: Lessons from Two Prominent Corporate eDiscovery Counsel

By John Patzakis

Building a Business and Legal Case for In-House eDiscovery

In a recent webinar hosted by Ad Idem, a non-profit legal education provider for in-house counsel, attorneys Kelly Twigger and Eric Stansell offered a compelling roadmap for corporate legal departments looking to bring eDiscovery and information governance (InfoGov) in-house. Their insights cut through the complexity of traditional discovery models and emphasized the strategic, operational, and legal advantages of internalizing these processes. For legal professionals navigating mounting data volumes and rising litigation costs, their discussion provided both practical guidance and a call to rethink legacy workflows.

Eric Stansell, Senior Counsel for Discovery at Tyson Foods, opened with a candid reflection on how his role was created to address the company’s need for a more efficient eDiscovery program. He emphasized that building a business case for in-house capabilities starts with understanding the “why”—whether it’s cost savings, risk reduction, or process defensibility. Stansell emphasized that standardizing internal processes not only improves consistency but also enhances defensibility and reduces exposure by limiting data sprawl across external vendors.

Kelly Twigger — who is one of if not the top eDiscovery lawyer in the field in my opinion — built on Stansell’s narrative by stressing the importance of conducting a thorough assessment before launching any in-house initiative. She encouraged legal teams to break down business cases into manageable chunks, identifying quick wins such as revising email retention policies. Twigger noted that internal culture shifts and stakeholder alignment are just as critical as technology adoption. Her approach favors incremental change backed by measurable ROI, rather than sweeping transformations that risk overwhelming legal and IT teams.

Both speakers underscored the importance of engaging multiple stakeholders. Stansell shared Tyson’s experience with cross-functional collaboration, highlighting how legal, IT, audit, and compliance teams must be involved from the outset. As one example of such collaboration, Stansell noted that eDiscovery enterprise search and collection software procured by the legal team can also address key IT security priorities such as PII data audits and internal investigations.

Twigger also delivered a deep dive into the proportionality principles now codified under the Federal Rules of Civil Procedure, urging legal teams to build factual arguments early in the discovery process. She explained that proportionality isn’t just about cost—it’s about narrowing scope through targeted custodians, refined date ranges, and iterative search terms. Stansell added that understanding custodians’ roles and historical relevance can help avoid unnecessary data collection, further supporting proportionality claims in court.

One of the most pressing issues Twigger addressed was the evolving case law around hyperlinked files. She traced the trajectory from Nichols v. Noom, Inc.—where hyperlinks were deemed not attachments—to more recent rulings that treat them as discoverable content depending on technological capabilities. Twigger cited In re Uber and Young v. Salesforce to illustrate how courts are increasingly expecting parties to preserve and produce hyperlinked documents, especially when shared via chat platforms or collaborative tools.

Twigger warned that failing to understand your organization’s tech stack could lead to costly missteps. She recommended that in-house counsel proactively assess their systems—especially Microsoft 365 environments—to determine what’s feasible when it comes to hyperlink preservation and production. She also highlighted X1 Discovery’s capabilities, noting that X1’s software can automate the collection of contemporaneous versions of hyperlinked documents in M365, support targeted Teams chat collection as well as many other data sources, making X1 a valuable solution for defensible in-house eDiscovery.

In closing, both Twigger and Stansell made it clear that bringing eDiscovery and InfoGov in-house isn’t just a cost-cutting measure—it’s a strategic imperative. With the right mix of technology, process, and cross-functional collaboration, legal departments can gain control, reduce risk, and improve outcomes. Their insights serve as a blueprint for legal teams ready to evolve beyond reactive discovery and toward a proactive, integrated approach.

The recording of the webinar can be accessed here.

Leave a comment

Filed under Best Practices, Case Law, Cloud Data, Corporations, ECA, eDiscovery & Compliance, Enterprise eDiscovery, ESI, Information Governance, m365, MS Teams, Preservation & Collection