Tag Archives: e-discovery

Nuix 101: Replace an Encrypted Zip

This video will show you how to replace an encrypted zip file in your Nuix Case.

To see more Nuix how to videos visit their Youtube playlist here: https://www.youtube.com/playlist?list=PL63768553A2B1803F

You Can Teach an Old Lawyer New Tricks

BP-Busienss-Man-Photo“Just print it out for me.”

Famous last words said by many an attorney in today’s technology-laden litigation field. There was a time, (cue nostalgic flashback music), when the largest matters would consist of a few hundred boxes of paper. Today, the sky’s the limit when it comes to the amount of records that can exist in a single case.

When the information age started spilling over into the legal profession, there were few, if any, technical solutions to the technology problem we were all facing. When a client inbox needed to be collected and reviewed for discovery, we did just that: “print it all out.” It did not take long before the very same approach would just about fill the Grand Canyon with dead trees.

As the amount of information being created by our business clients continued to grow, the technology designed to combat the problem got better and faster. Innovation came fast and hard over the next few years, resulting in the birth of eDiscovery.

Today, we find ourselves firmly in the adolescence of industry growth, with more specialists, uniform standards and best practices. The software solutions continue to advance at a trailblazing pace and, at times, even claim to be smarter than we humans. However, keeping up with this technology can be (and often is), a job in and of itself.

So, how are those tasked with supporting the efforts inside of a law firm supposed to keep pace? More importantly, assuming you can keep pace, how do you fight the “just print it out” mentality that exists in virtually all firms across the land? A recent study [1]was conducted that concluded that there is “a profound lack of technological savvy among law firms.” [2]

The most impressive advancements over the last couple of years have surrounded buzzwords like predictive coding and advanced analytics. In a nutshell, these are specialized software tools designed to speed up the pace of review to eliminate as much hourly billable labor as possible during the discovery process. One major caveat is, that if leveraged improperly, one can find herself in a pretty hairy situation. Thus, giving credence to the statement that technology is only as good as those using it [3]. This is no real secret and has played into the trepidation within law firms to hurry up and wait to see how other firms have implemented these new solutions.

The mission of this article is to provide an oversimplified how-to primer on leveraging one (of many), advanced analytical tools as a quality control measure prior to final document production, as opposed to an alternative review methodology. In other words, there’s no need to change the way that you’re currently managing and reviewing discovery documents. This will show you (and your reluctant attorney), how to dip your toe into the shallow end of the fancy whiz-bang tech world by taking the advanced out of advanced analytics.

Let’s assume that your firm has been engaged by your client to represent them in a bet the company type litigation that involves the collection, hosting, and review of a quarter-million documents. For the sake of simplicity, let’s assume all of the documents in question are emails (and their attachments), from 10 key players within the company over a time frame of five years. Your firm has already gone through the process of:

  • selecting a vendor to assist with collecting the email data in a forensically sound manner;
  • converting the records into a easily reviewable format;
  • culling them down using basic filters; and
  • hosting them in a web-based review platform that your attorneys can access from anywhere.

At this stage, the common practice is to have a war-room of contract attorneys conduct the first-pass review of these records for responsiveness and to identify any potentially privileged documents. Typically, after varied levels of quality assurance checks, what results is then produced to opposing counsel. This is a tried and true approach that has become its own industry since the economic downturn a few years ago.

photo.JPG  2448×3264The courts, unfortunately, have given very little leeway in terms of providing realistic deadlines for production, even though the amount of data keeps growing at a break-back pace. Some courts have even started imposing sanctions for consistently missing production deadlines. [4] As a result, the directive handed down in these scenarios is always that of speed. Review more documents in less time. In turn, being that we’re all human, this has led to a number of errors. The worst among them is producing a privileged document because it was improperly tagged. This can have some serious ramifications, because it is not just the document that is privileged, but also the entirety of its content. There are countless horror stories and case studies specifically dealing with the aftermath of this particular scenario. However, for the purposes of this example, we’ll take a look at one way to prevent this from happening by utilizing “Email Thread Analysis.”

Many service providers, due to the slow adoption of advanced and predictive technologies, have started offering these services at little to no additional cost. It should not take you long to find one amongst your existing approved vendor list that would jump at the opportunity to show off their wares.

In this scenario, let’s assume that you and I are two of ten key custodians in question. We both work in the research and development division of a successful tech startup company. I sent you an email back in 2006 that contains information about the project that we’re working on together. Within the body of this email, I make reference to a number of topics that would be considered trade secrets, deeming the record privileged under the parties’ agreement. You respond back the following day with all of the original text from my email in the body of your email. This continues back and forth over the next six weeks, totaling five emails before the email chain stops.

During a traditional linear review, each email within the thread would exist as its own record and designated to a batch to which a contract reviewer would be assigned. Let’s assume that three of the five emails were assigned to one reviewer, and the other two were assigned to another. During the review, these records typically do not get grouped together for side-by-side comparison. Being that all of the content in the original message that made the document privileged also exists in every other email in the thread, it is safe to assume that every email in the conversation should be flagged as privileged. Due to the review being conducted in such a manner, it is not uncommon for one of these emails to slip through the cracks.

The simple solution in this case is to ask your provider run a simple report leveraging email thread analysis technology to identify all anomalies of this nature. In return, you’ll have a list of every single document that is about to be produced that would otherwise contain privileged information. The screen shot below illustrates an example using a five email reply chain.

Paralegal Today Q1 2014

The first branch in this tree shows the originating email in this conversation flagged as privileged. You can tell this by the red circle indicator to the left of the subject line. The second email, or first reply, is also flagged as privileged. As soon as we get to the third email, we see the green tag indicating that this record was flagged as responsive. As you can see, all subsequent emails have been flagged as privileged.

A well-versed provider with the access to the right tools can automate the process of identifying every record that has been tagged within a conversation in contradiction with others.  Usually, you would have someone put an extra pair of eyes on the record in question, along with the surrounding communication to verify that this was not in error.

While this is not an end-all be-all solution to be leveraged across all matters, it is one of many weapons that you should have in your arsenal to prevent potentially costly and embarrassing missteps. Your attorneys will not have to learn anything new, and when asked how you magically found this document, you can say “I used advanced analytics”.



Kris Wasserman is a Sales Engineer and passionate technology evangelist with over 10 years of experience working hands-on with litigators, in-house counsel, and litigation support professionals in the face of complex ESI-laden matters and regulatory investigations as an eDiscovery Project Manager. He serves as one of many subject matter experts at Superior Discovery in New York City, providing technical sales support to the business development team. Kris has recently begun providing monthly educational seminars for attorneys and legal support staff for the sole purpose of streamlining the adoption of the latest technology solutions in a client-specific and practical manner.  For more information contact Kris at KWasserman@SuperiorDiscovery.com or follow him on Twitter @KrisWasserman.

[1] ILTA’s 2013 Technology Survey http://www.iltanet.org/MainMenuCategory/Publications/WhitePapersandSurveys/2013-Tech-Survey.html

[2] Does Technology Leap While Law Creeps? http://abovethelaw.com/2014/02/does-technology-leap-while-law-creeps/

[3] EDI-Oracle Study: Humans Are Still Essential in E-Discovery http://www.lawtechnologynews.com/id=1202628778400/EDI-Oracle-Study%3A-Humans-Are-Still-Essential-in-E-Discovery

[4] Perils of E-Discovery Reflected in Sanctions
Opinion http://www.gibsondunn.com/publications/Documents/EvansPerilsofEDiscovery.pdf

This article was featured in “The Paralegal Today” magazine on May 1st, 2014. 

PT Q1 2014 vX.inddWhat’s Inside Each Issue
Here is an in-depth list of all the fabulous articles, columns and features found within the pages of Paralegal Today.

Mission Statement
As the only independent magazine serving the paralegal community, Paralegal Today ’s mission is to provide intelligent, thought-provoking and practical material to its readers, such as: career and technical information to help readers excel in the workplace, coverage of national news, trends and professional happenings that affect paralegals, as well as colorful and informative pieces on unique areas and people in the profession. We encourage our readers to reach out to us with their thoughts, questions and suggestions. Paralegal Today pledges to work tirelessly to benefit its readers in the most professional and unbiased manner possible.

Brief History
In 1983, Paralegal Today put together its first issue for the paralegal community. Then a Dallas-based national publication, the magazine promised to “be as helpful and approachable as a good friend next door.” In December of 1989, James Publishing Inc. of Costa Mesa, Calif., acquired Paralegal Today. With a new look and new ideas, Paralegal Today reached out to its readers with intelligent, timely and informative articles. Paralegal Today is the independent source of information on the paralegal field. Readers subscribe to Paralegal Today to stay abreast of developments within the field and to advance their careers. Utilizing its broad-based, national contacts and resources to keep pace with the evolution of the legal assistant profession, Paralegal Today provides the tools needed by every paralegal to attain his or her career goals. After all, what are good friends for?

Is Your Data Growing Mold…?

Everything you need to know about Data Retention

In lieu of the closing of another tax season I felt it would be a good time to touch on data retention.  Is it perhaps time for you to do some spring cleaning?

If your inbox were a fridge, would you say that some of those old emails are starting to resemble a science experiment?

Data is duplicated. It’s at the core of how networks, well… work.  In the simplest of examples, you send an email, a copy is stored in your sent items, and another copy is stored in the recipients inbox.  If you’re both working at the same company it doesn’t take long for this to compound continuously and bloat your servers with unnecessary copies of the same file over and over again. From an IT perspective, this data is one big massive store that needs to “managed”.  Whether it be back up for disaster recovery, (another copy), archiving, (a new copy), subject to a legal hold, (copy, copy, copy), etc. etc…

For a geeky breakdown of how data is duplicated across wide area networks check out http://www.snia.org/sites/default/education/tutorials/2009/spring/data-management/JacobFarmer_Crash_Course_Wide_Area_Replication.pdf from the folks at SNIA.org.

For a great backup solution that offers inline deduplication checkout ExaGrid.com. In a nutshell: [Begin Shameless Plug] Backup Windows Cut by 43% on Average, File Restores 64% Faster than Previous Backup Solution on Average, Data Backed Up has Doubled on Average (108%) in Two Years.

From a personal standpoint, if you’re like me, you’ve got a box or a drawer somewhere labeled Important Documents. Off of the top of my head, I couldn’t tell you what’s still in there.  I think there’s a copy of the certificate of participation I received for playing in an intramural, (aka beer), dodge-ball league back in 2004.  Obviously not as important as the Certified Litigation Support Professional doc sitting right next to it, but a certificate none the less, so it found it’s way into the box.

For super oversimplified pointers on what personal (hard copy) documents you can shred, and what you should keep, check out LifeHacker’s post at http://lifehacker.com/5977082/what-documents-should-i-shred-and-what-should-i-keep.

If you’re really interested in the granular, our friends over at GetYourShitTogether.org can provide you with the questions that you didn’t even know you needed answers to… until it was too late. Check out the GYST checklist at http://getyourshittogether.org/forms/GYST_Checklist.pdf.

From a corporate compliance or litigation risk standpoint, the ramifications can be pretty serious. (Boring bits start now). There’s a mountain of data that sits on your corporate servers that can likely be shredded. Some of this information is often synonymous with skeletons or buried bodies.  The problem facing most, is the identification and defensible (aka documented), deletion of this information.

See the sidebar “Morgan Stanley Has a Very Bad Day” in Christine Taylor‘s “When eDiscovery Goes Wrong” post at http://christineltaylor.com/wp-content/uploads/When_eDiscovery_Goes_Wrong.pdf

  • [Begin Plagiarism] Judge Elizabeth Maass told the investment bank to pay a full $604.3 million claim made against it by billionaire financier Ronald Perelman, plus $850 million in punitive damages. The nature of the damages? Morgan Stanley repeatedly failed to produce emails that were vital to Perelman’s suit. [End Plagiarism]

Unfortunately there is no, (and probably never will be), any one-size-fits-all rule that can be applied across industry verticals.  Additional obstacles abound, due to the amount of hands that need to be in the cookie jar when it comes making organizational decisions about what can go, and when. Not to mention, the constantly evolving rules that are trying to keep up with the technology that supports the way we all do business.

In maintaining the information overload nature of this post, and in an effort to truly hook you up to the fire-hose, I’ve expertly curated the information that will likely matter to you most, from those in the know:

(1) Is your company – gasp – an “e-hoarder”? by Cher Estrin (LinkedIn | Twitter | Blog)

  • [Begin Plagiarism] We’re not psychiatrists, never played one on TV, heck we’ve never even stayed at a Holiday Inn Express. That said, we’ve been around a few ediscovery blocks so we’re willing to offer up a dime store diagnosis of whether your company may be guilty of e-hoarding. [End Plagiarism]

(2) If you’ve actually read this post the day it went live, you’ve got time to register for a free webinar entitled “Clean Up the eDiscovery Leftovers“.

  • [Begin Plagiarism] The case has closed. The appellate process is over. Time to release the legal hold right? Well for some yes, but for the majority of organizations the answer is unfortunately no. Organizations fail to develop consistent processes around the release of legal holds, resulting in the over-preservation of electronically stored information (ESI). Not only does retaining this ESI result in increased storage costs but more importantly for legal teams, it exposes organizations to increased legal risk down the road as ESI that could have been safely deleted can be tied to future new cases. [End Plagiarism]

(3) For a high-level, and current, overview of the rules, ramifications, and relevant readings – redirect your browser to:

Data Retention and eDiscovery: New Rules Mean New Approaches Are Required” by Rory Welch (Twitter | LinkedIn | Wired)

  • [Begin Plagiarism] The proposed amendments to the FRCP would mandate that parties to a legal action come together in conference to create a discovery plan, which state the parties’ views relating to matters of the discovery, disclosure, and preservation of ESI that may be required to be submitted at trial. [End Plagiarism]

E-discovery: How to draft and implement an effective document retention policy” by Brian Esser (LinkedIn | IC) and Judy Selby (Twitter | LinkedIn | IC)

  • [Begin Plagiarism] Lots of data can mean only one thing when it comes to litigation: crippling discovery costs. One of the leading document review tools had a 100 percent increase in the number of documents hosted from 2010 to 2011, from fewer than 5 billion to nearly 10 billion. When faced with this explosion of electronic data, your first and best line of defense in limiting discovery costs is having a well-drafted document retention policy and following it to the letter. [End Plagiarism]

What you probably didn’t know…

Many corporate clients that find themselves as serial litigants will rely on outside counsel to manage their discovery data.  These firms, in turn, rely on technology and professional service providers that specialize in managing electronically stored information in a number of different capacities. Larger firms have an army of outside vendors that they call upon for connected, but discreet tasks.  Think forensic acquisition, data culling, document hosting, and attorney review.

In the last decade it has become a widely accepted practice to have this data sit outside the firm firewall due to volume and turn-around constraints.  It’s hard enough for you to keep track of your own company’s information. Are you keeping an eye on your outside counsel’s retention policies.  Are they creating skeletons that you didn’t even know to look for? Take it a step further, and the subcontractors employed during the discovery process create a spiderweb of exposure that can be lurking right under the surface waiting to bite you in years to come.  Are your subcontractors using subcontractors?

Due to the competitive nature of the industry, many eDiscovery providers (worth their salt), typically offer a clear and concise picture up front to let you know how your data is going to be handled, and will often provide full transparency into any subcontractors they have vetted.  However, in the onset of a high-stakes matter, the fine print is often overlooked due to higher priority concerns.

If/when you are ever in doubt refer to the list of data types below to understand what is created during the eDiscovery process, and ask how it is handled… not just of your representative counsel, but of their preferred providers as well.

    • All project-related material that corresponds with specific matters and/or work orders. This includes email correspondence, contracts, Chain of Custody forms, etc. and any data that is tied to any project request handled by a subcontractor employee. Primarily, identified as external communication or exchange of specific detail regarding potential, ongoing, or completed work.
    • Raw data originating from an outside entity, and submitted to subcontractor for the purpose of processing via media, ftp/sftp and/or email correspondence. This includes data forensically extracted and/or original data that is provided/created by a client, and accompanied with executed Chain of Custody (COC) documentation.
    • Any data or database derived or as a result of any internal application or network processes. Specifically, any exports, replicated, hosted or outputted data that stems from any service application used or managed by subcontractor.
    • Any data derived or as a result of any internal application or network processes, but used primarily for the purpose of prepping, experimentation, cataloging, preliminary/in-depth analysis, and/or investigation.
    • The copy of data provided to an outside party in the form of digital media or upload.
    • Data identified as internal and external documents related to general business operations. External documents are typified by invoices, payment invoices, tax returns, etc. and are in some format presented to outside entities as needed. Internal documents such as pricing, payment forecasts, sales statistics, employee files, bank statements, etc. are used inside the company’s daily functions.
    • Any other data which is not classified by one of the above categories. This is usually created by analyst / user / employee as bi-product for given task.

The purpose of classifying the data types is not only to delineate and organize on an internal network, but also to apply different retention policies to each.  Most providers will offer, at minimum, three to four different options to their clients and associate a price-point with each:

    • Subcontractor will retain matter-specific data (Source, Case/Production, Deliverable) online housed on a fast storage network server for requested period, and will guarantee immediate access at any given time. There is an associated cost with this option that will be submitted for client approval prior to charges being incurred.
    • Subcontractor will retain matter-specific data (Source, Case/Production, Deliverable) online on a slower storage network server for requested period, and will guarantee immediate access at any given time. There is an associated cost with this option that will be submitted for client approval prior to charges being incurred.
    • Subcontractor will back up the matter-specific data (Source, Case/Production, Deliverable) on an off-line storage medium such as Tape or External HDD. Restoration within a time-frame of 24 to 72 hours would be required in order to access the archived data. There is an associated cost with this option that will be submitted for client approval prior to charges being incurred.
    • Subcontractor will completely remove the matter-specific data (Source, Case/Production, Deliverable) from network server upon prior notification. Certificate of destruction is available upon request.

Key Take Away

Take the blinders off. Make sure you know where your data is housed, and have a full grasp of your exposure.

Be proactive. Don’t wait for your first eDiscovery nightmare to implement a retention plan. Start by asking your outside providers to supply a copy of their retention plan, and use that to help you create a template of your own.

Revisit often.  The rules governing what information needs to be stored and/or preserved, what information  is reasonably within your control not only vary by industry, but are constantly evolving in today’s fast-paced age of information.

Ask an expert.  They’re out there, they’ve been there before.  Don’t be afraid to ask for directions. Personally I would recommend the belts and suspenders approach — consult a technology expert, and eDiscovery counsel before making decisions in a vacuum.