The Joys of #DocumentReview – Confessions of an #eDiscovery Nerd

Document review is one of my favorite topics.

There, I said it. Condemned to dorkiness forever. Worse, consigned to the category of having a bent for the mundane, rather than the soaring flights of appellate briefing or the scintillating repartee of court. But bear with me while I argue for why it’s good and how as an industry, we can preserve its benefits.

I’m not sure that document review is necessarily mundane, but there’s certainly not much adrenaline to be found in it and it has been permanently stereotyped as a repetitive, low status task that was once the province of young associates. As it turns out of course, young associates don’t do it anymore. Or I devoutly hope they don’t. It’s been at least ten years since young associates (in any type of firm) were an economically reasonable work force for document review.

However, I’m one of the last cohorts of lawyers that really did cut their teeth on document review, before it was economic malpractice to expect it of me. I still think young associates should do it, but under fairly controlled conditions. These are the conditions that made document review good for a junior associate, in 2000 to 2003:

  • There weren’t nearly as many documents. The business documents in my cases were usually about four years old, and in many cases more than ten years old. In the early to mid-1990s the volume of business email and other electronically stored information generated in corporations had not yet ballooned.
  • Much of my time was spent evaluating and categorizing documents that had been produced to my clients, not making broad general determinations about responsiveness (although I did some of that too).
  • The electronic discovery and document review software industry was still in its infancy. There weren’t many choices and the few options presented documents in a linear fashion.
  • The lower volumes of documents made linear presentation appropriate.

Here is how document review benefitted me:

  • I immersed myself in the facts. I got to know the slang and terminology of the business, the witnesses’ voices and relationships, and the specific types of documents that flowed through the veins of the business.
  • I learned how to extract evidence from chaos. After playing in the boneyard with the facts, I could see patterns and relationships and determine if they matched the existing theory of the case.
  • I learned how to build a narrative from documentary evidence: which documents were good for witness prep, which ones were good deposition exhibits. I learned how to prioritize and aggregate the pieces of the puzzle.

The reasons why young associates should not be doing document review now include:

  • Volume: there is now so much information, that is so much more duplicative, and contains so much garbage that no human should be reviewing large amounts of ESI as a matter of course, much less a highly educated human asset billed out at hundreds of dollars of hour.
  • Staffing: law firms no longer have “excess” associate hours that can be absorbed by document review. Firms are hiring fewer new associates and clients are less willing to pay for their time doing any task, much less one that is perceived as menial.
  • Complexity: review software has become more sophisticated, requiring more training to use effectively. There are also more complex data types to review, such as structured databases and social media. While much of document review involves the same basic tasks (binary decisions about whether material is privileged and whether it goes out the door at all) the tactics and available tools for doing so efficiently have changed. Different types of review call for different software, which can in turn require different work flow and process management to make them most effective.
  • Effectiveness: higher volumes of lower value documents, combined with more pressure on associates to do more complex, higher value tasks means that associates spend less time reviewing and what they review is less valuable. And the infrastructure investment in a review project is likely to be more complex than it was ten years ago, whether that involves technology assisted review (TAR), defensible sampling methodology, tiered review or anything else.

However, all of the benefits of learning a case via immersion in “primary source material” still remain. New litigators who can’t spend large amounts of time reading invoices, correspondence and other topical minutiae are missing an important perspective. I don’t think there are simple, standardized ways to recapture that value because case sizes and economic constraints vary so much. Here are some preliminary thoughts:

Thoughtful use of TAR: TAR methods and software are still in the experimental phases. People have been saying for at least five years that TAR is going to eliminate human review. But it hasn’t and it is extremely unlikely to become “plug and play” unless it develops true artificial intelligence. However, it can be used to reduce volumes and take out “white noise,” creating a review universe that would be manageable and meaningful for new practitioners.

Residency or internship-style training for new attorneys: The professional training model for lawyers is problematic in ways well outside the scope of my topic here, but one area where law firms and other employers of new attorneys have to make decisions is how to give attorneys meaningful on the job training without charging clients by the hour. It would be a simple matter to give attorneys rigorous, immersive training in real case documents if law firms didn’t feel they didn’t needed to have those attorneys as economically productive billing units the minute they pass the bar.

Professional project management: for many years law firms (and possibly government agencies as well) simply assumed that anyone could do document review and that if you pointed associates at boxes of documents a useful set of documents would arrive on a partner’s desk some time later. That might have been true when there were fewer documents and documents had more marginal value. Now it is critical to have staff whose professional function is to assure that the right tools are in place and fully supported, the users are effectively trained on the tools and there’s a quality assurance process in place. Lawyers generally don’t have all of those skills and they certainly don’t develop them unless they have an opportunity to learn them. Deciding which personnel are the best for discovery tasks frees up lawyers for case engagement and fact development

Lawyers should still be doing document review, but in the context of better and more informed management and use of technology.

The Elephant in the Cookie Tin – #eDiscovery, Warrants and New Technology – #GeorgetownEDI Part V

I studied just enough criminal law to graduate from law school and pass two bar exams, so the law of search warrants is a bit exotic for me: an area where strange beasts lurk. This year’s discussions at the Sedona Conference annual meeting and Georgetown Advanced eDiscovery Institute were the most I’d thought about search warrants in years. The themes were familiar however: how do we analogize new forms of evidence to familiar ones? The answer is, use your imagination, don’t let the newness freak you out, and you can get there from here.

Pretty much every area of the common law in the United States has barely made it to the age of the automobile. Fourth Amendment case law is no different. That isn’t to say we have no case law on search warrants executed for digital technology. Far from it, one Judge at said that few of the search warrants he sees anymore actually look for something tangible. But even the judges who are comfortable in this area still struggle with how to apply the doctrine of “unreasonable search and seizure” to the vast sea of social media information and the dense knot of personal, professional and public information available on portable devices.

As with discovery requests, judges expect specificity with warrants. One judge said “I’m not going to tell you what to put in your warrant, just that I won’t sign one that doesn’t comply with the Fourth Amendment.” Practically speaking, this means that a warrant should not say “all social media,” and whether it can say “all Facebook data,” requires an argument about scope. Search warrants are by their nature invasive, so in the case of a laptop or personal device, how much intrusion is too much? If you’re looking for financial records, can you look at someone’s personal photos? (Probably). If law enforcement has a warrant to search a file cabinet, they can still look in the manila folder marked “photos” for the tax records. But a warrant to search a file cabinet at the office doesn’t necessary extend to the bathroom medicine cabinet at home. Does a mobile device that contains both personal and professional information mean the person now has their filing cabinet in the bathroom? The judges’ favorite answer is “it depends.” Another judge also pointed out that, if one is looking for an elephant, the warrant permits you to search every place an elephant might be found, but you can’t use it as a license to go snooping in cookie tins. It is hard to say in the age of multi-gigabyte personal devices what is a digital “cookie tin,” but parties litigating search warrants should understand which parts of a defendant’s devices and personal data sources ranging from Dropbox to Twitter are linked together and how the defendant uses each of them.

The Georgetown panelists, judges and others, also discussed new technology and other areas of law such the Wiretap Act and the Fifth Amendment privilege against self-incrimination. For example, Google Glass permits non-consensual recording of others by the wearer. Is that a wiretap? One judge says, “No. You look exceedingly unattractive, but you aren’t intercepting a wire communication, so there is no crime.” Where parties have to provide a password to locked or encrypted media, does forcing a person to provide their password trigger Fifth Amendment protection? Generally the answer is no, because it is analogous to surrender the physical key to safe deposit box. Where biometric data (voice print, finger print etc) is necessary to access or search, the judges seem undecided as to whether a fingerprint lock on an iPhone is more like “testimony” thus invoking the privilege, or more like a key (or a hair sample).

This isn’t going to get any easier, but for now the consensus seems to be that the laws themselves still do the job. The concepts of “reasonable” and “probable cause” like “relevance” and “burden” in the civil context are broad and not technology specific. However, the rapid evolution of the law does place a greater burden on judges and lawyers to truly understand the technology and how it used in order to make accurate analogies and sound arguments.

Litigators, #BigData and #InfoGov – #GeorgetownEDI Part IV

Plenty of folks have asked me, when I say I do eDiscovery, “Oh, so you do records management?” The answer is not really. Records and Information Management (“RIM”) and Information Governance (“IG”) share a Venn diagram with eDiscovery, but there are large areas where the two exist independently and require different knowledge and skill sets. I’m happy to help as much as I can, but RIM isn’t the same as eDiscovery or litigation readiness. I can offer value on some specific issues because a corporate litigant’s information management culture impacts litigation and the eDiscovery experience feeds back into information governance.

EDiscovery specialists often back into RIM and information governance over time because eDiscovery challenges can be the fire that forces a company to rebuild its information governance house. The cost and complexity of commercial litigation with high volume data requires litigators to think about how their clients manage their data. After the crisis has passed, litigators can offer value from lessons learned in litigation when an organization is revamping or developing an IG plan. This year’s Georgetown Advanced eDiscovery Institute included several panels discussing Big Data and Information Governance. In the last few years the panelists have moved from passively describing Big Data “There’s a lot of it! It’s bigger than Mt. Everest! There’s more every day than there was in the history of time until 1992!” to talking about its value and organizational function. This year there were robust discussions about whether Big Data changes how we think of and use technology assisted review and whether the concept of “defensible deletion” is dead.

The panelists also offered some nice new buzzwords and phrases including “ROT” = Redundant, Obsolete and/or Trivial data and “Baked-in Information Governance” (IG that requires less effort on-the-fly). Incidentally, “Information Governance” is not just “RIM on steroids,” according to this year’s Institute faculty. RIM is more centered around the mechanics of content management and IG is more multidisciplinary policy making at an enterprise level. Also, who ones IG stakeholders are varies between organizations, although generally they include some combination of Legal, IT, Risk, Security, Records and Privacy and may include HR and the business lines.

The other buzz phrase in the information governance discussion was the “black swan”, the unanticipated, high impact (often catastrophic) event. Litigation and scandal (which then results in regulatory inquiry or litigation) are prototypical black swans. Some include data breaches as an example, although at this point I don’t believe they qualify as black swans because they can no longer be described as “unexpected”. The theme that emerged was “don’t waste your black swans.” Most people don’t react to information governance challenges with urgency: the sky isn’t falling until my sky is falling. So when your sky falls, or a black swan falls out of your sky, learn from it. Develop your culture of information governance in a way that allows you to reduce the cost and disruption of future crises by making data more accessible and better organized or your process more transparent. Learn to mine your data. Understand all the types of data your organization creates and maintains. Think through why you have certain data types and how best to use or dispose of all the data types. These are long term, iterative discussions, but overall they result in a healthy organization (with less ROT).

Fun with #SocialMedia #eDiscovery, @MartinTully, @AdamCohenLegal et al at #GeorgetownEDI

Discovery of social media can be one of those areas that is exciting in theory, but distressing in real life. The panel on social media at Georgetown Advanced eDiscovery Institute last month covered a wide range of issues including privacy (or lack thereof), admissibility, spoliation and the applicability of the Federal Rules to new technology. As panelist Adam Cohen remarked, “Social media is all your eDiscovery nightmares rolled into one.” Social media is voluminous, cloud-based, structured in a non-linear fashion, rapidly evolving and diverse. But the rules that were designed for paper and have been applied to email still govern tweets and reddits.

Neither relevance nor admissibility requirements disappear when the requestor says, “because Social Media!” Courts and lawyers are still struggling with basic, easily avoided issues like admissibility. For example, an unauthenticated screen shot of a social media post went to the Second Circuit recently. Offering a screen capture without step by step authentication is roughly the equivalent of photographing an email on someone’s computer screen and offering the photo: you might resort to it if you could document when and how you did it, and that it was the person’s computer and so forth, but wouldn’t it be easier to get the document by an agreed procedure and make a bates-stamped photocopy? Likewise, relevance still means the same thing as it does any other time, so a request for “all social media” without an argument why “all” of it is relevant as opposed to a targeted swath of it is no different than any other fishing expedition. Panel moderator Martin Tully pointed out that the Civil Rules don’t allow one to get open ended discovery solely to rummage about in a party’s underwear drawer.

Discussion of social media usually includes a discussion of “the death of privacy”. Social media has changed the perception of what is and is not private because of how people use it. Case law has had to find the right analogies to existing communication forms, but again the rules developed for paper and oral communication still fit. Social media offers many different privacy settings and is not inherently different from email for purposes of relevance. A social media post made available for viewing by 300 friends is less private than a direct message, but a direct message is no less discoverable than an email. A twitter message may be very public, like shouting in a crowded room, but may be completely irrelevant if one never shouts about content relevant to the litigation.

The good news is eDiscovery providers that specialize in social media are working to develop collection technologies that aggregate social media content and allow it to be tagged and reviewed in a fashion that roughly corresponds to its presentation in the user interface. For a practitioner part of the challenge is effectively analogizing social media evidence to other kinds of evidence. But once a litigator finds the right argument, Rules of Evidence and Civil Procedure still apply and are actually quite effective.

Are you listening? In-house counsel lay it on the line about #eDiscovery #Risk and #Process – #GeorgetownEDI

I’ve been outside counsel my whole career and the thing that impresses me the most about in-house counsel, from my seat in the ballpark, is that they have a job to do. So they’re mostly no B.S: they don’t have to convince you to buy what they’re selling. When an inside counsel says “you’re not warming my heart,” outside counsel had better perk up their ears and take good notes.

This year at the Georgetown Advanced eDiscovery Institute in-house counsel from some of the largest companies in the world in each of their respective sectors (finance, tech, retail, insurance) spoke on a panel about how they handle eDiscovery. The dominant themes were consistency, process control and risk management. Not all of them have set up a freestanding eDiscovery shop in their organization, but they have all built out a significant eDiscovery management capacity because that is the best way for them to arrive at a repeatable business process. They want to maximize efficient and consistent data identification, collection and processing, which often means having as few different players and transactions as possible.

The speakers described minimizing the number of service providers and identifying and selecting sophisticated service providers for repeat business. This decision-making applies specifically to outside counsel as well. An organization with a lot of high value litigation needs a discovery “beach master” on their case team to handle discovery who knows the organization and knows the legal strategy. What I found surprising was the in-house lawyer speaking was clearly still dealing with some firms who put a junior associate on electronic discovery because it is perceived as a low status task.

Another counsel spoke of conflicting risk mindsets between outside and inside counsel. Every inside counsel I’ve ever spoken to says “outside counsel are too risk averse.” Inside counsel manage risk just like any other business factor. They don’t want litigation counsel telling them they can’t take custodians off of hold because “something” might happen, particularly if outside counsel can’t offer a knowledgeable, risk based evaluation of why a particular group of custodians is on hold in the first place. Outside counsel as a profession are still doing a poor job of aligning themselves, logistically and economically, with in-house litigators.

The goal with centralizing in-house eDiscovery is to eliminate process “drift” and allow focused, incident specific response when and where it is actually needed. Putting together the right team and ediscovery strategy allows for a proportionate litigation response that works for the business. Outside counsel need to know that in-house counsel constantly have to do more with less. Again, what is most astonishing for me about these messages is that clearly these inside counsel were used to delivering them and probably saying variations recently, to actual outside law firms. How can it be that in-house counsel at a Fortune 100 country is still saying “there’s some good lawyers out there that just don’t understand the technology.” Of course there are, but how are they getting in those doors?

There’s a time and place for outside service providers – counsel, consultants, software and eDiscovery providers. When my clients need outside counsel, they really need them. And it’s nice to be loved, but anyone who’s been doing it for a fraction of the amount of time I have knows that you don’t just sit around waiting for the work to come to you. There’s a big part of being in any service profession that involves convincing people of your worth and your purpose in the world. With inside counsel people might not always be happy to talk to them (so they tell me), but there’s a reason they have a job. And “we” don’t get jobs if “they” don’t think we understand their values and incentives.

So here’s what I took home:

  • Don’t just listen passively, but anticipate what your client needs in terms of risk and cost.
  • “Your” litigation isn’t their only litigation. Litigation isn’t special, it happens all the time. Make it a repeatable business process, quantify the economic risk.
  • Understand the value proposition in eDiscovery. Cheap isn’t always the right price. Fair price for good quality is the goal.
  • For heaven’s sake, know the technology enough to be an intelligent consumer and advisor.