Category Archives: Preservation & Collection

Pre-Collection Keyword Searches: Where Angels May Fear to Tread but Not Attorneys with the Right eDiscovery Software

By John Patzakis

One of the key cases involving the principles of proportionality under Federal Rule of Civil Procedure 26(b)(1), is McMaster v. Kohl’s Dep’t Stores, Inc., (E.D. Mich. July 24, (2020).  McMaster generally supports the application of a process that effectively applies proportionality on an operational basis through an iterative exercise to identify relevant custodians, their data sources, applicable date ranges, file types and agreed upon keywords. Such a targeted, automated and proportional collection process can be applied to collect only the data that is responsive to this specific criteria.

However, the main ESI dispute in McMaster was that the attorneys could not agree on a list of search terms and sought a ruling of the courts to decide on which search terms should be used. As noted by the Magistrate Judge in McMaster, “Here is another case in which the Court is called upon to decide whose competing list of search terms is better suited for the search of large amounts of electronically stored information”, citing United States v. O’Keefe, 537 F. Supp. 2d 14, 23–24 (D.D.C. 2008), which stated: “for lawyers and judges to dare opine that a certain search term or terms would be more likely to produce information than the terms that were used is truly to go where angels fear to tread.”  Judge Whalen stated: “I, for one, have no interest in going where angels fear to tread. Therefore, if the parties cannot agree on appropriately limited search terms, they will share the cost of retaining an expert to assist them. If they still cannot agree, then Plaintiff may renew his motion regarding the search terms and will provide the Court with an expert report substantiating his position.”

The parties had been engaged in a Rule 26(f) exercise, which requires the parties’ counsel to “meet and confer” in advance of the pre-trial scheduling conference on key discovery matters, including the preservation, disclosure and exchange of potentially relevant electronically stored information (ESI). A very good authority on the Rule 26(f) eDiscovery conference is the “Suggested Protocol for Discovery of Electronically Stored Information,” provided by then Magistrate Judge Paul W. Grimm and his joint bar-court committee. Under Section 8 of the Model Protocol, the topics to be discussed at the Rule 26(f) conference include: “Search methodologies for retrieving or reviewing ESI such as identification of the systems to be searched;” “the use of key word searches, with an agreement on the words or terms to be searched;” “limitations on the time frame of ESI to be searched;” and “limitations on the fields or document types to be searched.”

Kelly Twigger, one of the best and brightest eDiscovery attorneys in the field in my opinion, commented in a recent webinar that eDiscovery collection capabilities that enable an iterative search and collection process in place would allow her to make more much informed decisions on keyword strategies. Twigger noted that software that provides keyword hits and other analytics on custodian laptops, fileservers and other network and cloud sources prior to collection, would enable her “to be able to define and agree upon the right search terms” with the requesting party. Twigger pointed out that while attorneys and judges rightfully avoid “where angels fear to tread” — agreeing on keywords without any visibility into the data — that concern can be alleviated when the right processes and technology are used.  

And such technology is important, because optimizing the process of developing keyword searches is no easy task. The typical approach of blindly brainstorming a list of terms that may be relevant and running the search on a dataset to be reviewed results in a wide range of inefficiencies. Negotiations over proper usage of search terms may become onerous and contentious. Judges are often tasked with making determinations regarding the aptness of the methodology, and, as we see in McMaster, are very reluctant to do so. Thus, the use of outside expertise and leveraging indexing in place technology is beneficial in building an effective and comprehensive pre-collection search term strategy and enabling you to tread where angels fear to.

1 Comment

Filed under Best Practices, Case Law, eDiscovery, Enterprise eDiscovery, ESI, law firm, Preservation & Collection

Relativity and X1 Publish Joint Legal Whitepaper on ESI Collection Best Practices

By John Patzakis

Relativity and X1 have published a joint legal whitepaper on the topic of full-disk imaging as a disfavored collection practice in civil litigation, with Relativity eDiscovery attorney David Horrigan as the lead author. The paper delves into all the legal reasons, including detailed analysis of case law, the Federal Rules of Civil Procedure, and the Sedona Principles establishing why forensic collection is not required in civil litigation. The paper primarily focuses on the principles of proportionality in its legal analysis as well as case law issued prior to the 2015 amendment to the Federal Rules of Civil Procedure, which gave greater prominence and clarification of the proportionality rules.


This is an important topic as a key problem in eDiscovery that drives inefficiencies and higher costs is that default collection methods often involve full-disk imaging—a forensic examination of an entire computer—when searching for responsive data. As the whitepaper notes, “it turns out full-disk imaging is not required for most eDiscovery collections. In fact, courts often disfavor the practice.”


A copy of the whitepaper can be found here.

Leave a comment

Filed under Authentication, Best Practices, Case Law, eDiscovery, ESI, law firm, Preservation & Collection, proportionality

On TAP: Targeted, Automated, and Proportional Collection for Modern e-Discovery

By John Patzakis

Proportionality is now the hottest legal issue in the area of eDiscovery, with the largest number of eDiscovery-related cases in the past year addressing the subject. eDiscovery attorney Kelly Twigger leads a team who produced an excellent analysis of 2020 case law, noting “a big jump to 889 in 2020” of cases addressing proportionality, “which represented nearly a third (31%) of all (eDiscovery) case law decisions last year.” The report notes that “[p]roportionality arguments have become a weapon in arguing scope of discovery and the sharp rise in disputes has illustrated the need for more systematic and standardized approaches to assessing proportionality in cases today.” 

Proportionality-based eDiscovery is a goal that all judges and corporate attorneys want to attain. Under Federal Rule of Civil Procedure 26(b)(1), parties may discover any non-privileged material that is relevant to any party’s claim or defense and proportional to the needs of the case. Lawyers that take full advantage of the proportionality rule can greatly reduce cost, time and risk associated with otherwise inefficient eDiscovery.

Proportionality is getting a further boost as George Washington University Law School is developing an important proportionality benefit-and-burden model that provides a practical structure for assessing claims of proportionality. The model features a heat map mechanism to identify relevant custodians and data sources to enable a more objective application of proportionality, thereby facilitating negotiations and better informing the bench.

The GW Law model is much needed, as while there is keen awareness of proportionality in the legal community, attaining the benefits requires the ability to operationalize workflows as far upstream in the eDiscovery process as possible. For instance, when you’re engaging in data over-collection, which in turn runs up of a lot of human time and processing costs, the ship has largely sailed before you are able to perform early case assessments and data relevancy analysis, as much of the discovery costs have already been incurred at that point. The case law and the Federal Rules provide that the duty to preserve only applies to potentially relevant information, but unless you have the right operational processes in place, you’re losing out on the ability to attain the benefits of proportionality.

An example of a process that effectively applies proportionality on an operational basis would be an iterative exercise to identify relevant custodians, their data sources, applicable data ranges, file types and agreed upon keywords, following the process outlined in  McMaster v. Kohl’s Dep’t Stores, Inc., No. 18-13875 (E.D. Mich. July 24, 2020), and collect only the data that is responsive to this specific criteria. The latest enterprise collection tech from Relativity and X1 enable such detailed and proportional criteria to be applied in-place, at the point of collection. This reduces the data volume funnel by as much as 98 percent from over-collection models, yet with increased transparency and compliance. In other words, a collection process that targeted, automated and proportional, instead of one that is overbroad and manual.

To learn more about these concepts, please tune in on April 13, where attorney David Horrigan of Relativity and Mandi Ross of Prism Litigation Technology will be leading a webinar to discuss the legal and operational considerations and benefits of proportionality. The webinar will also feature a live exercise performing a pre-collection proportionality analysis on remote employee data. You can register here.

Leave a comment

Filed under Best Practices, Case Law, ECA, eDiscovery, eDiscovery & Compliance, Enterprise eDiscovery, ESI, law firm, Preservation & Collection, proportionality

Full Disk Imaging Not Required for eDiscovery Collections

In Fact, Courts and Legal Commentators Disfavor the Practice

By John Patzakis[1]

The collection and preservation of Electronically Stored Information (ESI) in the enterprise remains a significant and costly pain point for organizations. Leading industry research firm Gartner notes that eDiscovery collection and preservation processes “can be intrusive, time consuming and costly.”[2]  And recent court decisions imposing sanctions on corporate litigants who failed to meet their ESI preservation obligations are symptomatic of these pain points.[3]

A key issue regarding collection is that many in the eDiscovery services community standardized on full disk imaging as their default collection practice.  This is problematic for several reasons. For one, full-disk imaging is burdensome because the process often involves service providers traveling out to the individual custodians, which is very disruptive to employees, not to mention time consuming. Additionally, as eDiscovery processing and hosting fees are usually calculated on a per-gigabyte basis, costs are increased exponentially. In a word, this is overkill, with much more effective and efficient options now available.

Full disk images capture every bit and byte on a hard drive, including system and application files, unallocated space and a host of irrelevant user-created data. While full disk images may be warranted in some limited situations, the expense and burden associated with the practice can be quite extensive, particularly in matters that involve multiple custodians.

It is established law that the duty to preserve evidence, including ESI, extends only to relevant information[4]  The vast majority of ESI on a full disk image will typically constitute irrelevant information. As stated by one court, “imaging a hard drive results in the production of massive amounts of irrelevant, and perhaps privileged, information.”[5] The highly influential Sedona Conference notes: “Civil litigation should not be approached as if information systems were crime scenes that justify forensic investigation at every opportunity to identify and preserve every detail.”

And that: “Forensic data collection requires intrusive access to desktop, server, laptop, or other hard drives or media storage devices.”  While noting the practice is acceptable in some limited circumstances, “making a forensic copy of computers is only the first step of an expensive, complex, and difficult process of data analysis . . . it should not be required unless circumstances specifically warrant the additional cost and burden and there is no less burdensome option available.”[6]

This disfavoring of forensic imaging is also reflected in the increased emphasis of proportionality under recent amendment to Federal Rule of Civil Procedure 26(b)(1). The over-arching theme from case law and the Federal Rules is that ESI preservation efforts should be reasonable, proportionate, and targeted to only relevant information, as opposed to being overly broad and unduly burdensome.

Courts do require that ESI be collected in a forensically sound manner, which does not mean a full forensic disk image is required, but generally does entail that metadata is not altered and a documented chain of custody is maintained. More advanced enterprise class technology can accomplish remote searches across multitudes of custodians that are narrowly tailored to collect only potentially relevant information while preserving metadata at the same time. This process is better, faster and dramatically less expensive than manual disk imaging.

In fact, The Sedona principles do outline such an alternative to forensic disk imaging: “Automated or computer-assisted collection involves using computerized processes to collect ESI meeting certain criteria, such as search terms, file and message dates, or folder locations. Automated collection can be integrated with an overall electronic data archiving or retention system, or it can be implemented using technology specifically designated to retrieve information on a case-by-case basis.”

This language maps directly to the capabilities of X1 Distributed Discovery (X1DD), which enables parties to perform targeted search and collection of the ESI of up to thousands of endpoints over the internal network without disrupting operations. The search results are returned in minutes, not weeks, and thus can be highly granular and iterative, based upon multiple keywords, date ranges, file types, or other parameters. This approach typically reduces the eDiscovery collection and processing costs by at least one order of magnitude (90%). This method is sound from an evidentiary standpoint as the collected data is preserved in its native file format with its metadata intact. X1DD features a solid chain of custody and robust logging, tracking and reporting.

And in line with the concepts outlined in the revised Sedona Commentary, X1DD provides a repeatable, verifiable and documented process for the requisite defensibility. 


NOTES:

[1]John Patzakis is the Chief Legal Officer of X1.

[2] “Market Guide for E-Discovery Solutions” Gartner, June 30, 2016

[3] (Matthew Enter., Inc. v. Chrysler Grp. LLC, 2016 WL 2957133 (N.D. Cal. May 23, 2016). (Imposing severe evidentiary including allowing the defense to use the fact of ESI spoliation to rebut testimony from the plaintiff’s witnesses and payment of attorney’s fees incurred by the defendant) Internmatch v. Nxtbigthing, LLC, 2016 WL 491483 (N.D. Cal. Feb. 8, 2016), a U.S. District Court imposed similar sanctions based upon the corporate defendant’s suspect ESI preservation efforts.

[4] Hynix Semiconductor Inc. v. Rambus Inc., 2006 WL 565893 (N.D.Cal. Jan. 5, 2006) at *27. (“The duty to preserve evidence, once it attaches, does not extend beyond evidence that is relevant and material to the claims at issue in the litigation.”)  As noted by the Zubulake court, “Clearly [there is no duty to] preserve every shred of paper, every e-mail or electronic document, and every backup tape…Such a rule would cripple large corporations.”  Zubulake v. UBS Warburg LLC, 220 F.R.D. 212, 217 (S.D.N.Y. 2004) (“Zubulake IV”).

[5] Deipenhorst v. City of Battle Creek, 2006 WL 1851243 (W.D.Mich. June 30, 2006) at *3.  In noting that the “imaging of computer hard drives is an expensive process, and adds to the burden of litigation for both parties,” the Deipenhorst court declined to require the production of  full disk images absent a strong showing of good cause. See also, Fasteners for Retail, Inc. v. DeJohn et al., No 1000333 (Ct. App.Ohio April 24, 2014).

[6] The Sedona Principles, Third Edition: Best Practices, Recommendations & Principles for Addressing Electronic Document Production, 19 Sedona Conf. J. 1 (2018).

Leave a comment

Filed under Authentication, Best Practices, ECA, eDiscovery, ESI, Preservation & Collection