Category Archives: Uncategorized

Microsoft Outlines its O365 eDiscovery Strategy

Earlier this month, Microsoft eDiscovery expert Rachi Messing, who manages Microsoft’s Office 365 eDiscovery platform, headlined a webinar hosted by D4, LLC, where he provided extensive insights into Microsoft’s compliance and eDiscovery strategy and the company’s strong dedication to the effort. X1 also presented and discussed the integrated workflow of Microsoft Office 365 (“O365”) with X1 Distributed Discovery.

The adoption of cloud-based Microsoft Office 365 (“O365”) within enterprises is growing exponentially. The majority of enterprises have adopted O365 or plan to do so in the next two years. Microsoft provides an integrated eDiscovery capability as a module in O365, and is dedicating a lot of effort and resources to it in order to provide a go-to solution for the eDiscovery of all information located within O365. Messing noted that “the world of work is changing and Office 365 is a major force for this transformation.”

Messing also recognized in his presentation that effectively addressing eDiscovery within O365 is essential to facilitating cloud adaption. This is I think a very important point. The significant cost-benefits associated with cloud migration can be negated if an efficient and effective eDiscovery search and retrieval of that data is not available or is overly cumbersome. By providing such an eDiscovery capability within the O365 Security and Compliance Center, Messing correctly believes that this will encourage wider and faster adoption of Office 365.

Microsoft is making a lot of advancements with O365 and will continue to do so. However, Messing acknowledged a key gap, as while most organizations that have adopted O365 have done so while keeping a lot of data on premise, such as on desktops, fileshares, and on-premise SharePoint. Messing pointed to X1 Distributed Discovery as a solution to systematically address the on-premise data and non-Microsoft cloud sources that contain electronically stored information which need to be preserved and collected from.

X1 Distributed Discovery (X1DD) is uniquely suited to complement and support O365 with an effective and defensible process and has distinct advantages over other eDiscovery tools that solely rely on permanently migrating ESI out of O365. X1DD enables organizations to perform targeted search and collection of the ESI of up to thousands of endpoints and other sources, all in a unified fashion. The search results are returned in minutes, not weeks, and thus can be highly granular and iterative, based upon multiple keywords, date ranges, file types, or other parameters. Using X1DD, non-O365 data sources are searched in place in a very targeted and efficient manner, and all results can be consolidated into Microsoft’s O365 review platform or another review platform such as Relativity. This approach typically reduces the eDiscovery collection and processing costs by at least one order of magnitude (90%), and provides a very effective and complete eDiscovery capability for hybrid O365 and on-premise environments. X1DD is also a very effective migration and information governance platform to facilitate enterprise-wide transitions to O365.

You can review a recording of this webinar here.  And for a demonstration or briefing on X1 Distributed Discovery, please contact us.

Leave a comment

Filed under Uncategorized

Microsoft Office 365 is Disrupting the eDiscovery Industry in a Major and Permanent Fashion

The adoption of cloud-based Microsoft Office 365 (“O365”) within enterprises is growing exponentially. According to a 2016 Gartner survey, 78 percent of enterprises use or plan to use Office 365, up from 64 percent in mid-2014. O365 includes built-in eDiscovery tools in the Security and Compliance Center at an additional cost. Many, but not all, O365 customers are utilizing the internal eDiscovery module, to which Microsoft is dedicating a lot of effort and resources in order to provide a go-to solution for the eDiscovery of all information located within O365. o365-logoBased upon my assessment through product demos and discussions with industry colleagues, I believe Microsoft will achieve this goal relatively soon for data housed within its O365 platform. The Equivio eDiscovery team that transitioned over to Microsoft in a 2015 acquisition is very dedicated to this effort and they know what they are doing.

But as I see it, the O365 revolution presents two major takeaways for the rest of the eDiscovery software and services industry. The first major point comes down to simple architecture. Most eDiscovery tools operate by making bulk copies of data associated with individual custodians, and then permanently migrate that data to their processing and/or review platform. This workflow applies to all non-Microsoft email archiving platforms, appliance-based processing platforms, and hosted review platforms. As far as email archiving, a third-party email archive solution requires the complete and redundant duplication, migration and storage of copies of all emails already located in O365. This is counter-productive to the very purpose of a cloud-based O365 investment. We have already seen non-Microsoft email archiving solutions on the decline in terms of market share, and with MS Exchange archiving becoming much more robust, we will only see that trend accelerate.

eDiscovery processing tools and review platforms are also fighting directly against the O365 tide.  This is especially true for processing appliances (whether physical or virtual), which address O365 collections through bulk copy and export of all of the target custodians’ data from O365 and into their appliance, where the data is then re-indexed. Such an effort is costly, time consuming, and inefficient. But the main problem is that clients who are investing in O365 do not want to see all their data routinely exported out of its native environment every time there is an eDiscovery or compliance investigation. Organizations are fine with a very narrow data set of relevant ESI leaving O365 after it has been reviewed and is ready to be produced in a litigation or regulatory matter. What they do not want is a mass export of terabytes of data because eDiscovery and processing tools need to broadly ingest that data in their platform in order to begin the indexing, culling and searching process. For these reasons, most eDiscovery software and compliance archiving tools do not play well with O365, and that will prove to be a significant problem for those developers and the service providers who utilize those tools for their processes.

The second major O365 consideration is that organizations, especially larger enterprises, rarely house all or even most of their data within O365, with hybrid cloud and on-premise environments being the norm. The O365 eDiscovery tools can only address what is contained within O365. Any on-premise data, including on-premise Microsoft sources (SharePoint, Exchange and Office docs on File Shares) cannot be readily consolidated by O365, and neither can data from other cloud sources such as Google Drive, Box, Dropbox and AWS. And of course, desktops, whether physical or virtual, are critical to eDiscovery collections and are also not supported by the O365 eDiscovery tools, with Microsoft indicating that they do not have any plans to soon address all these non-O365 data sources in a unified fashion.

So eDiscovery software providers need to have a good process to perform unified search and collection of non-O365 sources and to consolidate those results with responsive O365 data. This process should be efficient and not simply involve mass export of data out of O365 to achieve such data consolidation.

X1 Distributed Discovery (X1DD) is uniquely suited to complement and support O365 with an effective and defensible process and has distinct advantages over other eDiscovery tools that solely rely on permanently migrating ESI out of O365. X1DD enables organizations to perform targeted search and collection of the ESI of up to thousands of endpoints, as well as O365 and other sources, all in a unified fashion. The search results are returned in minutes, not weeks, and thus can be highly granular and iterative, based upon multiple keywords, date ranges, file types, or other parameters. Using X1DD, O365 data sources are searched in place in a very targeted and efficient manner, and all results can be consolidated into Microsoft’s Equivio review platform or another review platform such as Relativity. This approach typically reduces the eDiscovery collection and processing costs by at least one order of magnitude (90%). For a demonstration or briefing on X1 Distributed Discovery, please contact us.

1 Comment

Filed under Cloud Data, compliance, eDiscovery, Uncategorized

Declining Law Firm Productivity Tied to Information Governance Challenges

A new legal industry study finds a substantial decline in attorney productivity in recent years, significantly reducing law firm profitability. In its 2017 Report on the State of the Legal Market, Thomson Reuters notes that “over the past 10 years, the average billable hours worked by all lawyers across the market declined from 134 billable hours per month in 2007 to 122 through the late part of 2016.” This equals a reduction of 144 billable hours per year per lawyer. The report, by multiplying that total by the average worked rate ($463) for all lawyers in 2016, determined the productivity decline is costing law firms about $66,672 per lawyer per year.

One of the main causes for diminished lawyer productivity is the exponential proliferation of their stored emails and documents and the associated inability to recall important work product and previous e-mail communications. Another industry study assessing the productivity of lawyers and other high-end information knowledge workers found that such professionals on average spend 11.2 hours a week dealing with challenges related to document creation and management. As the table below from the IDC report demonstrates, lawyers and paralegals lose as much as 2.3 hours a week searching, but not finding, the right documents and emails and another 2 hours recreating documents they failed to locate.

Time Spent on Document Management Challenges

productivity-for-law-firms-table2Source: IDC’s Information Worker Survey, June 2012

Applying the same lawyer cost calculations used by Thomson Reuters in their 2017 report (4.3 hours per week X $463 average hourly rate X 49 annual worked weeks) reveals that an effective search capability can dramatically improve law firm productivity by as much as $97,500 annually per lawyer. Even normalizing this analysis for recovered billable time (assuming every hour of gained productivity results in less than a full hour of actual billable time) a law firm of a 1000 attorneys would realize tens of millions per year in recovered billable hours, in addition to important intangible benefits including enhanced work product, improved client satisfaction and attorney morale.

Many law firm attorneys tell us that without the right search solution, they can spend hours looking for a past proposal, a key client communication from several months prior, or many other forms of work product and client communications that are stored in emails, local drives or cloud file shares. If lawyers and paralegals cannot quickly find such information assets, then that represents a serious information governance failure. Time wasted rummaging around for past emails and documents is not billable time and directly cuts into a firms’ profit margin. To be sure, a law firm’s two most important assets are its professionals and their body of work product and other key information. As such, a top priority for law firm management should be to ensure their attorneys have the right productivity search solution to quickly find and retrieve the firms’ information assets.

However, the recurring theme we hear is that outside of the data managed by X1, enterprise search is a source of major frustration for law firms and other organizations. This is confirmed by survey after survey where the vast majority of respondents report dissatisfaction with their current enterprise search platform. Simply put, the traditional approach to enterprise search has not worked. This is largely because most search solutions deployed in recent years focused on IT requirements — which see search as either a technical project or a commodity — rather than an intimate end-user driven requirement that is core to their professional productivity.

And for lawyers especially, “good enough” is not good enough when it comes to their search. It does not make sense to invest in an enterprise search solution for business productivity search, unless there is a significant improvement in the end-users search experience for emails, files and SharePoint data.

At X1, however, many of our customers report dramatic improvements with their productivity search, with firm-wide X1 rollouts being major wins at their organization. We believe that X1’s unique focus on the end-user is the key. You won’t find many other business productivity search solutions where the end users drive demand, instead of the tool being imposed on the end-users by IT or systems integrators. We continually hear countless testimonials from business professionals, at law firms and companies large and small, who swear by their X1 and cannot imagine working without it. In speaking with industry analysts and other experts in the enterprise search field, this is an almost unheard of phenomenon, where end-user satisfaction with the companies’ enterprise search platform is usually around 10-15 percent, verses the 80-85 percent satisfaction ratio we see with X1.

Importantly, X1 is a platform. Users need a single-pane-of-glass view to all of their information – email, files, SharePoint, archives like Veritas Enterprise Vault, OneDrive, Box and other network and cloud sources.  X1 Search provides a user-friendly interface to all information that lets attorneys find what they are looking for in an instant.  But the thousands of X1 end users know all this. The key takeaway for CIOs and other IT executives is that search is an inherently personal user experience, and the number one requirement, by far, for a successful search initiative is enthusiastic end-user adoption. If the lawyers and other business professionals in your organization are not passionately embracing the search solution, then nothing else matters.

Leave a comment

Filed under law firm, productivity, Uncategorized

Criminal Conviction Overturned Due to Failure to Authenticate Social Media Evidence

Law Journal for webUnder our ongoing effort to monitor legal developments concerning social media evidence, we again searched online legal databases of state and federal court decisions across the United States — this time to identify the number of cases in January 2017 where evidence from social networking sites played a meaningful role in the litigation. The initial search returned over 2,000 results. That is far too many to review manually, but through random sampling to eliminate duplicates and de minimis entries — defined as cases with merely cursory or passing mentions of social media sites — we counted over 1,200 cases accessible through Westlaw and/or Google Scholar for January 2017.

And as only a very small number of cases — approximately one percent of all filed cases — involve a published decision or brief that we can access online, it is safe to assume that tens of thousands more cases involved social media evidence during this time period. Additionally, these cases do not reflect the presumably many hundreds of thousands of more instances where social media evidence was relevant to a corporate or law enforcement investigation yet did not evolve into actual litigation. Even so, this limited survey is an important metric establishing the ubiquitous nature of social media evidence, its unequivocal and compelling importance, and the necessity of best practices technology to search and collect this data for litigation and compliance requirements. There is no question that nearly every criminal investigation and civil litigation matter involves at least some social media and internet-based evidence.

The following are a brief synopsis of five notable cases from the survey:

Brown v. State, (Ga: Supreme Court, January 23, 2017). In this case, the prosecution presented key evidence from a variety of social media sources, including a “cropped screenshot” from a YouTube video, several incriminating Facebook postings and a copy of a photograph downloaded from a Twitter account. The items were admitted into evidence and the defendant was convicted on all counts. However, a motion for new trial was brought on the basis of challenging the authenticity of the social media evidence introduced as screen shots. The court overturned the conviction on one of the counts (count of criminal gang activity). The Georgia Supreme Court upheld that ruling but determined that improper authentication was a harmless error as to the remaining counts that Defendant was also convicted on.

State v. Kolanowski, (Wash: Court of Appeals, January 30, 2017).  In another case involving the failure to authenticate social media evidence, a criminal defendant unsuccessfully sought to admit a screenshot of Facebook evidence that he maintained would have served as critical impeachment against the prosecutions’ main witness.  During pretrial motions, the State sought to exclude Facebook records that lacked foundation, and the defendant sought to admit a March 2015 screenshot of what purported to be a 2:49 a.m., February 8, 2014 Facebook post. The authenticity of that screenshot was successfully contested. It is apparent from the record that various metadata and other circumstantial evidence was not available (which could have been collected using best practices technology) that very well may have served to establish a proper evidentiary foundation.

ZAMUDIO-SOTO v. BAYER HealthCARE PHARMACEUTICALS INC. (US Dist. Ct, ND California, January 27, 2017). In this matter, a major product liability claim was barred on statute of limitation grounds based exclusively on the Plaintiff’s comments on her Facebook post.  Plaintiff’s Facebook comments drew a connection to her injury and the alleged defective product in question, and was posted on May 26, 2011, more than two years prior to her filing suit against Bayer. The court determined that Plaintiff’s Facebook post started the clock for her to bring her claim within the two year statute of limitations period. However, as she did not file her suit until January 2015, the court ultimately barred her action.

Jacobus v. Trump, (NY Supreme Court, January 9, 2017) This high-profile libel case is notable in that the claim against then-candidate Donald Trump was exclusively based upon social media evidence in the form of two separate tweets. Plaintiff Jacobus is a Republican political consultant and frequent commentator on television news channels and other media outlets, who was contacted by the Donald Trump campaign to potentially serve as a key staff member. After several meetings, Plaintiff ultimately did not join the campaign, based upon what she asserts was a mutual decision.  A few months later, Jocobus appeared on CNN where she made some comments that were critical of Trump. In response, Trump tweeted:  “@cherijacobus begged us for a job. We said no and she went hostile. A real dummy!”  A day later, on February 3, 2016, Plaintiff’s then lawyer sent Trump a cease and desist letter. Two days after that, Trump posted the following tweet about Plaintiff: “Really dumb @CheriJacobus. Begged my people for a job. Turned her down twice and she went hostile. Major loser, zero credibility!” Ultimately the court construed Trump’s comments to be “hyperbolic” opinion, based upon subjective perception of events, and thus did not constitute defamation under the law, and thereby dismissed Jacobus’s claim.

Johnson v. ABF Freight System, Inc. US Dist. Court, MD Florida, January 27, 2017. This opinion is based upon a motion to compel discovery of the Plaintiff’s Facebook account. The Defendant asserted that Plaintiff’s Facebook account would be relevant to his damages claims arising out of a serious personal injury claim. The Court granted the motion to compel, but limited the production of the Facebook account to a certain date range and also only information that related to his employment and business activities and efforts to gain employment.

There is no question that the volume of cases involving social media evidence is increasing on a monthly basis. In addition to case law, another metric reflecting the industry’s standardization of social media evidence collection is the sheer volume of sophisticated customers that have now adopted X1 Social Discovery. Nearly 500 eDiscovery and computer forensics services firms have at least one paid copy of X1 Social Discovery. I cannot think of a single service provider in the eDiscovery space that performs at least some ESI collection services that does not have at least one paid X1 Social license. Social media evidence collection is now a standard practice in many law enforcement matters as well. So, if you are one of the minority of digital investigative or eDiscovery professionals who have not adopted X1 Social Discovery, please contact us for a demo today.

Leave a comment

Filed under Uncategorized

Federal Evidence Rule 902(14) is Immediately Applicable for ESI Collections

X1 and Reed Smith recently hosted a timely webinar on new Federal Rule of Evidence 902(14) and its expected impact on eDiscovery and computer forensics collection practices. Reed Smith senior partner and eDiscovery practice chair David Cohen led the discussion, providing a substantive and detailed discussion on the new rule, including its nuances and expected practice impact. FRE 902(14) provides that electronic data recovered “by a process of digital identification” is to be self-authenticating, thereby not routinely necessitating the trial testimony of a forensic or technical expert where best practices are employed, as certified through a written affidavit by a “qualified person.” A detailed discussion of Rule 902(14) can be found here.

The webinar, which also provides a detailed overview of the rule, features excellent analysis and insight from David Cohen on how he anticipates the new rule will be applied. In fact, the key takeaway from the webinar is that while FRE 902(14) technically goes into effect on December 1, 2017, Cohen correctly noted that ESI collected in a Rule 902(14) compliant manner any time prior to the rule’s effective date can be subject to the new rule’s provisions once the rule goes into effect. This is important, because digital evidence is routinely collected well in advance of trial. Electronic evidence that an examiner collects today may not be actually introduced at trial until one year or more from now, so practitioners need to understand and account for Rule 902(14) immediately.

Cohen believes that FRE 902(14) will be widely applied and will overall increase the utilization of eDiscovery and computer forensics practitioners. This is because the rule provides a streamlined and very efficient process to establish a foundation for ESI collected in a Rule 902(14) manner. This will increase predictability by eliminating surprise challenges, and will encourage, instead of discourage, the use of forensics and eDiscovery practitioners by allowing written certifications in the place of expensive and burdensome in-person trial testimony. Cohen also noted that while most cases do not proceed to trial, a much higher percentage involve dispositive court motions (such as a motion for summary judgment in civil actions) and he expects FRE 902(14) to be widely used in support of such motions.

I have covered eDiscovery and computer forensics law for over 15 years, and in my opinion, FRE 902(14) is the single most important legal development directly impacting ESI collection practices to date. All eDiscovery and computer forensics professionals have a professional responsibility to keep current with key legal and technological developments in the field. There is no question FRE 902(14) is such a development, and all those involved in ESI preservation and collection from both a technical, legal and managerial perspective need to be fully briefed on the law.

Viewing the video recording of the webinar is a good start, and it can be accessed here.

1 Comment

Filed under Uncategorized