Kazeon Systems, Inc

Fact-Based, not Faith-Based, Confidence Needed When Implementing eDiscovery Processes

2009-06-12T10:00:00Z

Regardless of how one approaches an eDiscovery project, having processes and tools in place to help guide you through the EDRM (electronic discovery reference model) are critical elements that influence how effective an eDiscovery project will be. Data retention policies, access to outside resources, and technology are all critical components to have in place in order to successfully complete an eDiscovery.

Yet an equally important question that organizations need to answer is how reliable is the information they discovered in their eDiscovery? Or, better put, how do they move from a faith-based approach of eDiscovery where they assume they have all of the information that they need to a fact-based approach where they have confidence that all of is the information found during the eDiscovery is accurate and defensible in court?

An eDiscovery strategy that does not provide accurate results and/or is not defensible in court could bring serious sanctions such as a negative inference ruling against an organization. Therefore when framing an accurate and defensible eDiscovery strategy, organizations should test their eDiscovery strategy as well as ensure it is applicable in the following areas:

How is the integrity of ESI (electronically stored information) maintained?
Is critical metadata maintained so as to provide a complete accounting of requested data?
Is chain of custody maintained throughout the process?
How is searching of ESI performed?

Using technology such as Kazeon's Information Server provides the ability to meet the accurate and defensible mandate. An independent study entitled "Search Accuracy and Relevance: Critical for Defensible eDiscovery" released by Reason-eD, LLC, shared its results after putting the Kazeon Information through a battery of tests. The study found:

Integrity, metadata and chain of custody were retained while Kazeon Information Server scanned and collected ESI.
Kazeon Information Server found unique search terms in over 40 file types during searches of large, complex ESI collections.

Reason-eD concluded that using the Kazeon Information Server organizations could put in place a mechanism to deliver an auditable, understandable, documented, and automated process for answering an eDiscovery request. But more importantly, organizations could use its results from the Kazeon Information Server as a means to defend in court the actions they had taken in responding to an eDiscovery request.

However implementing an eDiscovery solution is not enough - organizations need to test the solution as well. In a recent webinar, George Socha cautioned against just believing that an eDiscovery solution will work but that they actually need to test the solution as well. Companies that believe these processes will work without testing it are adopting a high risk strategy that is sure to show vulnerability if and when closely scrutinized.

Again, this is where solutions like the Kazeon Information Sever can effectively kill two birds with one stone. Reason-eD's testing showed that the Kazeon Information Server provides an eDiscovery solution that gives organizations a sense of confidence based on fact not faith that they are presenting accurate and defensible information before it comes under scrutiny in court.

Being able to answer the simple "How do you know and know that you know?" question is pivotal in building an accurate and defensible eDiscovery strategy. As Reason-eD's study showed, using an eDiscovery solution such as Kazeon's Information Server ensures that the integrity, metadata, and chain of custody are preserved during the eDiscovery process while providing an auditable process that can help organizations justify their position in court. In so doing, organizations can provide information requested during an eDiscovery process and know that their results are based on fact, not faith.

Comprehensive Analysis Capabilities Fuel Growing Adoption of In-House eDiscovery

2009-05-14T10:00:00Z

There are many factors that guide a company's approach to eDiscovery. But knowing which ones matter - and which ones don't - continue to be a source of frustration as companies grapple with the Federal Rules of Civil Procedure (FRCP) and how best to respond to an eDiscovery request. Two areas of immediate importance that plague companies are how best to take responsibility for the results of an eDiscovery request and then control the costs associated with the eDiscovery. And without any easy answers and growing costs for outsourced eDiscovery, more companies are examining at the merits and cost-savings of an in-place eDiscovery.

Understanding the technology that is supposed to deliver on an in-place eDiscovery as well as how it improves the overall efficiency of this process and a company's ability to meet their needs at all levels of the EDRM (Electronic Discovery Reference Model) is essential. To deliver on this Tom Gelbmann, the managing director of Gelbmann and Associates, advises in a recent webinar, "The technology has to deliver analysis at every stage, not just the final stage."

If you are approaching analysis as a specific step, and not a key extension of every step in the process then a company is going to fall short in its efficiency in everything from data analysis to reducing its chances of spoliation. This will have a cumulative impact on the cost, effectiveness and efficiency of your in-house eDiscovery procees. George Socha, President of Socha Consulting, also pointed out in that same webinar, "Companies should consider how best to 'get their electronic house in order' by understanding where electronic information resides on the network."

This intimate understanding of information is critical to properly identifying, preserving and presenting ESI (electronically stored information) necessary to answering an eDiscovery mandate. It is only when information stored on the network is properly understood that it is possible to be consistent in your management of eDiscovery results and therefore reduce your risk from lawsuits and manage your costs.

Success of an in-place eDiscovery hinges on factors such as:

Do you know and understand your content before beginning your eDiscovery project? Creating and maintaining a data map is essentially cataloging a company's records. Data mapping as it pertains to in-place eDiscovery is that no data is moved, on a map is created. This intimate understanding of your company's data gives a good idea of what your next step will be.\
Data shouldn't have to move for analysis. In-place eDiscovery is based on the assumption that it is much more efficient to analyze and review ESI at its source. Moving data for analysis and review can complicate decision making on relevance and importance, and cause over-collection of data. This type of targeted collection allows a much more focused and cost effective approach to ESI analysis.
Eliminate redundant data copies. When ESI is redundant many factors come into play, such as storage is increased, bandwidth is increased, and unnecessary copying. When multiple copies of a document are present there are increased risks of spoliation.

Truly understanding your company's information will provide a much clearer picture in how successfully you can leverage an in-place eDiscovery and use technology to decrease yours costs. Products such as Kazeon's Information Server are specifically designed for in-house eDiscovery to help your company address the areas listed above, as well as decrease the time needed to retrieve only information relevant to the eDiscovery request forward for litigation purposes. Decreasing the time it takes to identify, preserve and present information dramatically increases your ability to make an accurate early case assessment as well as allows analysis to occur at every critical level of the process.

When determining your company's eDiscovery direction, deploying an in-place eDiscovery strategy can provide a robust analysis process that can give you a consistent approach to litigation. In-place analysis starts with having a solid understanding of a company's business information so a company understands how much control it has over its unstructured ESI and how efficient and effective its in-house eDiscovery solution would be. With this information in hand, companies can more confidently deploy solutions such as the Kazeon Information Server for its in-house eDiscovery processes with the confidence that it can lower its costs, risks and responsibilities of eDiscovery.

Steps to Follow in Building a Defensible Legal Hold Strategy

2009-04-28T10:00:00Z

As was discussed in a previous blog entry, companies continue to struggle with legal hold and the importance of knowing what events trigger a legal hold, and what documents to retain. In that entry, we examined how the Presidential Records Act provides some insight to comply with the legal hold requirements of the today's FRCP and how even the President is mandated to implement a records retention policy and put processes in place to hold and retain documents. Understanding legal hold and how to best approach this difficult topic can lead to a failure of the electronic discovery process for a company and put a company at considerable risk if it does not retain critical documents needed to answer an FRCP request.

Courts are taking increasing discretion in leveling penalties for corporate inability to comply with eDiscovery requests and negative inferences can lead to lost litigation and stiff court sanctions against the company. As electronic data sources, locations, and formats expand, it is critical for companies to understand where data resides on their network and have a records management policy that guides their response when a triggering event occurs that demands legal hold of relevant electronically stored information (ESI).

A major tenet of legal hold strategy as it pertains to the Federal Rules of Civil Procedure (FRCP) is ensuring it is defensible in court. Ensuring your eDiscovery process passes court muster is very important for defensibility of a very difficult process, and one, if not performed properly, can have adverse results. There are several cases of note that highlight the importance of this:

Victor Stanley v. Creative Pipe, Inc. This case set the standard for how the search of electronic documents should be handled and due to the plaintiff's inability to properly identify documents attorney-client privilege was lost on 165 documents.
Brookdale Univ. Hosp. & Med. Ctr., Inc. After being notified that privileged materials may have been inadvertently produced, the plaintiff repeatedly denied this had occurred. After 15 days of being able to review production information the plaintiff claimed 30 documents had been inadvertently provided and a search for more documents was ongoing. The defendants stated there were not 30 documents, but up to 500 e-mails that could be covered. The court ruled that the plaintiff's time to raise privilege arguments had passed and the original 30 documents were to be returned, but all other privilege of produced documents was waived.

With these case lessons learned it is necessary to follow these steps when faced with a legal hold scenario:

Direct communication with every source of relevant information is crucial involving all necessary key personnel in the litigation. This should minimize the chances of documents materializing at a later date.
Executive management must explain employee's responsibilities, convey specifics on information required, and ensure employees understand their role in the litigation.
Companies should put in measures to monitor and follow-up with key personnel ensuring compliance with legal hold and preservation of ESI.
Ensure processes are in place that shows a company acted in "good faith" in providing all relevant documents. Claiming ignorance about missing documents is not an acceptable defense.

Using products such as Kazeon's Information Server automate this process as it provides a defensible and repeatable approach to legal hold. It automatically manages this process and ensures all relevant documents have been found and held. It also places a legal hold on individual documents at their source, whether that is on a desktop, laptop, or file server, so strong control processes against the intentional or inadvertent destruction of important data remain.

As numerous court judgments have shown, inadequate legal hold processes are a sure path to the destruction of a company's defensibility of litigation involving electronically stored information. Strong, defensible processes are now a requirement to ensure a proper response to legal holds and companies need new products such as Kazeon's Information Server so they can support their good faith claims that they are taking the appropriate actions in regards to eDiscovery and legal holds.

ESI is still an elusive process in many organization and the inherent problems associated with trying to search, find and retain relevant documents in a legal hold scenario makes automating the process a must. Bringing strong processes and automation together make a good faith effort argument stronger, and makes it possible for a company to defend its eDiscovery strategy.

Presidential Records Act Provides Guidance to Understanding How to Preserve Documents for Today's Legal Holds

2009-04-14T10:00:00Z

In 1978 the Presidential Records Act (PRA) was passed which fundamentally changed the landscape of Presidential records by moving them from a classification of personal information to the public domain. The PRA is explicit in describing that retention of records created by the President of the United States as well as the Vice President is the responsibility of the President. The PRA guides the President in how records should be handled and guides the steps in the proper destruction of records and how they are retained to comply with this federal statute.

This "hold" on the records of the President is similar to a "Legal Hold" companies often face in relationship to the Federal Rules of Civil Procedure, and underscores the importance of knowing when to hold data whether it is for litigation, compliance, or even a Presidential record. An August 2008 study showed several areas of concern regarding eDiscovery, as well as a continuing lag in understanding electronic documents and what needs to be retained for legal purposes. The study cited the following:

Only 33% of respondents stated they were knowledgeable in what documents should be retained
38% of respondents have informal policies and procedures for retention and archiving of electronic documents
71% of companies responding stated their company did not provide training as it pertained to eDiscovery

These statistics are a reminder of how much education is needed for companies to understand eDiscovery and the issue of legal hold. A proper approach to legal hold is paramount for compliance with FRCP, and is central to the development of a records management policy and a move towards a proactive response to legal hold requests.

Legal Hold is quite simply preserving all relevant information when litigation or potential litigation is anticipated. That is certainly a simplified outlook as it pertains to electronic evidence as electronic documents are mostly decentralized across storage systems, laptops, desktops, email, and servers to name a few. In short, it is a lot easier said than done.

Responding to an eDiscovery request is always a challenge, but with the proper preparation companies can ease this burden. Understanding how to prepare for a legal hold is the first step in ensuring your company meets its obligations under FRCP. Outside a company's normal response to statutory or regulatory requirements to preserve documents, some areas that can trigger a legal hold preservation of documents for a company are:

Potential or threatened litigation or investigation is anticipated
If a preservation letter from opposing counsel or agency is received
Service of a complaint, discovery request, or court order is received.

If one of the above occurs then a legal hold should be triggered and the following needs to occur:

Routine destruction of documents related to the litigation should stop
The company's record management process should guide by records management policy
The records management policy should spell out clear guidelines and processes to protect relevant documents and ensure all key personnel identified in the policy as necessary to protecting information are engaged in the process.

As processes are being determined companies quickly realize electronic documents can be elusive in an organization due to their unstructured nature and the tendency to be dispersed across the organization. Automating the process of eDiscovery with products such as Kazeon's Information Server can provide an end-to-end legal hold solution that simplifies the difficult process of identifying and producing relevant information in a legal hold scenario.

One of the tenants of the PRA is that the President "shall take all such steps necessary to assure that the activities, deliberations, decisions, and policies that reflects the performance of his constitutional, statutory, or other official or ceremonial duties are adequately documented and that such records are maintained as Presidential records pursuant to the requirements of this section and other provisions of law." This is to be done through the implementation of records management controls. So, it stands that if the President is mandated to implement a records management program to hold documents then companies will also be well served by implementing their own records management policy.

Understanding and preparing for a legal hold can be a complicated and daunting task, but one that companies must prepare to face. As companies continue to struggle with how best to deal with FRCP, it is imperative that all phases of the eDiscovery and litigation process are fully understood and a process defined on how to respond when a triggering event occurs. After all, these processes are critical in ensuring the proper response to a legal hold, just as the President must implement processes for PRA. As we continue with this topic, we will take a deeper look into legal hold and provide further information on how to approach this important topic in a forthcoming blog entry.l

eDiscovery Processes and Procedures: The Information Analysis Steps Part II of II

2009-01-23T11:00:00Z

Responding to an eDiscovery request is definitely not a task that most enterprise organizations eagerly anticipate. But the pain of an eDiscovery is often a result of poorly written or non-existent internal policies and procedures. An organization that takes the time to put internal policies and procedures in place may not only avoid this scenario but also lower its overall cost of doing an eDiscovery.

In a previous blog entry, I discussed the initial information gathering steps an organization should take when responding to an eDiscovery request. In this blog entry, I take a look at the steps an organization should follow to analyze the electronically stored information (ESI) pertinent to the eDiscovery after it has completed a preliminary collection and identification of the data.

To read steps 1 - 4 in an earlier blog entry, click here.

Step 5 - Collect and preserve a subset of the data. Once the early case assessment is done, organizations can identify a subset of data that satisfies the criteria of the eDiscovery request. Since a legal hold affects present and future records that are involved in litigation, or reasonably anticipate needing in the foreseeable future for pending litigation, organizations should collect and preserve this data in an unalterable format for further review and analysis. This subset of data may either be kept in-place or in a secure, targeted repository. However to try to cover legal hold is one bullet point is an oversimplification of the process since it is such an important aspect of preservation so DCIG will cover this more thoroughly in a future blog entry.

Step 6 -Analyze the collected information. Now that a subset of the ESI is collected and preserved, an organization needs to analyze it so only ESI that is germane to the eDiscovery request is shared. To do this, an organization needs software that analyzes the ESI. The software should perform simple or complex search queries against the collected ESI with reports that contain sufficient detail to determine which ESI is relevant to the eDiscovery request.

Searching and analyzing the ESI is easier said than done. The collected ESI may exist in any of a number of common file types (Adobe Acrobat files, Excel spreadsheets, Word Documents, etc.), less common file formats (Lotus 1-2-3, WordPerfect) and email repositories. Further, the search should support the creation of complex search queries that do more than just match specific words. It needs to examine the context of the data within the emails and files so only the results most germane to the search criteria are returned.

Step 7 - Perform further analysis and review in-house. An article entitled "eDiscovery Attorneys: Hot or Not?" that appeared a couple of years ago on Law.com included a statement that said, "The problem with eDiscovery is that the laws and technology are imperfect." The article goes on to point out that there even though there are tremendous number of vendors, consultants and law firms, reasonable eDiscovery expectations are incredibly difficult to set.

While those statements are still true, one statement that the article goes on to make that has changed in the last two years is that the technology your firm uses will be no different than what is used by third party vendors. The fact is that the eDiscovery software that organizations use in-house may well be different than what outside vendors use to perform eDiscoveries. Vendors tend to use eDiscovery software that focus primarily on the initial processing, review and analysis. But as organizations bring the eDiscovery in-house and continue to further analysis and review, they will find that software from other vendors such as Kazeon Systems are better suited for ongoing analysis and review in-house since is it also addresses these aspects as well as the management and preservation of data.

Step 8 - Continually refine the eDiscovery process to make it forensically pure. The eDiscovery task is already complex and bound to become more so in coming years. Therefore the onus is on companies to maintain the integrity of ESI subject to a legal hold for whatever the duration is of the legal hold. Minimally this will require companies to maintain an audit log that tracks how ESI data subject to the legal hold is accessed. Information the audit log needs to capture includes what the data and time the ESI data was accessed, who accessed it and what data they viewed. Further, depending on the duration of the legal hold (which can last years or even decades) organizations may need to copy and store the ESI to an appropriate form of media that further helps to preserve the integrity of the data.

How information is stored will also change over time and a company needs to adapt its eDiscovery policies and procedures to match these changes. Already high capacity, consumer storage devices make it easier for individuals to store ESI outside of corporate networks and the growing interest in companies storing their ESI with Internet providers in the form of cloud storage is bound to create new dilemmas in performing eDiscoveries.

Responding to an eDiscovery request is not a task that any organization particularly enjoys but it is now a part of how organizations need to expect to do business. No company should assume that it is immune from the possibility of an eDiscovery. If anything, organizations should assume exactly the opposite - that at some point they will be subject to an eDiscovery request and probably sooner rather than later. It is because of reasons like this that organizations should put in place eDiscovery policies and procedures so they know how to act when they are confronted with an eDiscovery request as well as take the initiative to obtain solutions like the Kazeon Information Server so organizations can access, search and produce information germane to that request.

eDiscovery Processes and Procedures: The Information Collection Steps - Part I of II

2009-01-16T11:00:00Z

eDiscovery is a focus in numerous DCIG blog entries. DCIG analysts have previously examined what laws are prompting the need for companies to perform eDiscoveries, keys to selecting the right eDiscovery solution and why recent Wall Street scandals foretell the need for companies to prepare for expanded eDiscovery requirements going forward as more government regulations seem almost certain to emerge. But an eDiscovery request is not a task that a company necessarily needs to dread. Rather, by establishing and putting in place best practices and procedures now, an organization can take much of the uncertainty out of an eDiscovery request and even use the looming threat of eDiscovery requests as motivation to lower an organization's cost of performing eDiscoveries.

A natural inclination of many organizations when first presented with a legal eDiscovery request is to quickly comply with the inquiry and seek to exonerate itself from any allegations of wrong doing. However if an eDiscovery occurs without an organization first having previously established internal and agreed-upon processes in place and then following them, an eDiscovery request ends up turning into a fire drill and leaves the company with no time to assess the information it has gathered. To help prevent this from occurring, here are some steps that an organization can take now to ensure it is appropriately prepared to respond to an eDiscovery request in the most efficient and effective ways possible:

Step 1 - Quantify exactly what information is requested in the eDiscovery request. About the worst thing an organization can do is immediately search their data repositories for requested information in an attempt to comply. Rather, an organization should first quantify exactly what information the requesting party needs. If the legal request only needs information from certain individuals or departments in the organization, it makes no sense to search for data in locations in the organization where it could not possibly be kept or from individuals who would never handle that information.

Step 2 - Create an intelligent data map. Organizations may have multiple types of data (files, emails, PSTs) stored in multiple types of content repositories (SharePoint, Documentum, Symantec Enterprise Vault) that reside in multiple locations (corporate data centers, laptops/desktops, remote offices). The trouble is, "How do you track it?" Mark Diamond, the CEO and President of Contoural, recently wrote an excellent article that explained how creating an intelligent data map of electronically stored information (ESI) may not only expedite searches for data within an organization but save enterprises hundreds of thousands of dollars in eDiscovery costs. In essence, a data map creates a layout or schematic of what your information landscape looks like. Aside from information about where the data is physically located, it includes:

The names of the individuals responsible for managing the data
The types of systems or applications that contain the data
How data can be accessed in those specific data stores
Who creates and manages the data retention policies.

Creating this data map takes the anxiety out of doing an eDiscovery as it helps an organization accurately and quickly pinpoint where the data resides which contributes to defining the scope of the eDiscovery.

Step 3 - Do an in-place analysis and review of the data. Once organizations know what data they need, leaving the data in-place (i.e. in its current location) expedites the eDiscovery in couple of ways. First, all of the data accessed and searched during the initial ediscovery may not be information that is needed to satisfy the terms of a particular eDiscovery so it makes no sense to move it. Second, it helps to preserve the integrity of the data. If all of the data is moved or copied to a secondary location, questions about the original permissions on the file can arise so by leaving it in its original location, an organization can avoid these issues.

Step 4 - Perform an early case assessment (ECA). This is a critical step in the eDiscovery process. At this point an organization can finally make an assessment based on the information it has gathered so far as to whether or not there is any merit in the pending litigation and how to best proceed. An organization can more thoroughly analyze the merits of the case as well as postulate some possible defenses. From this information, the organization can begin to quantify how much time and money it will cost to defend the case and weigh the pros and cons of defending the case versus mediating it.

Performing an ECA is only possible if an organization has its ESI house in order. The Federal Rules of Civil Procedure (FRCP) only provides an organization 60 - 90 days to respond to an eDiscovery request. So if an organization is consumed with locating and producing the ESI requested during this entire time period, the organization may never get to the point where it can do an ECA or, if it does perform one, the assessment may lead to the organization making an incomplete or inaccurate conclusion as to how to best proceed.

In part 2 of this two part series, I will take a look at what steps an organization should take in analyzing the data after the preliminary data is collected and preserved in order to best satisfy the terms of an eDiscovery request.

Keys to Cutting In-House eDiscovery Costs without Creating New Legal Liabilities

2008-12-02T19:10:00Z

A SearchStorageChannel.com article that appeared in early 2008 estimated the cost of outsourced eDiscovery at about $1500 per gigabyte. While those costs may sound high, they are justifiable when a company factors in the need for qualified personnel to search, access and retrieve data securely and authoritatively as part a legal eDiscovery. However these same costs can quickly become untenable for enterprise companies that need to access and search terabytes if not petabytes of information. Therefore it is not surprising that more enterprise companies are exploring the option of performing eDiscoveries in-house to minimize these litigation costs.

DCIG research has shown that when enterprise companies move eDiscoveries in-house, costs can drop precipitously - perhaps to under $5/GB - in cases where large amounts of data are involved. However as companies go to select in-house eDiscovery solutions such as the Kazeon Information Server, they need to ensure that the data the solution accesses and searches as well as the results that it produces are measurable, reproducible and can withstand the scrutiny of external auditors. Otherwise if you can not reliably reproduce the results, whatever money you save up front is spent later on defending the method you used to perform the eDiscovery.

Though there is no definitive way to ensure an eDiscovery solution delivers on every requirement a company may have, there are some keys to selecting the right solution for performing in-house eDiscovery. The right solution should:

Do in-place analysis, review and legal holds. Keeping data in its current location helps prevent data spoliation due to unnecessary movement of data, and makes the eDiscovery process more efficient by collecting only relevant data in a very targeted fashion. It also avoids the expense of needing to procure additional storage hardware and software to manage the additional copy and the expense of network bandwidth, while enabling companies to use their existing storage resources more efficiently.

Access, search and even hold data at any location within an enterprise where data may accumulate. For instance, companies may view file servers and Microsoft Exchange and SharePoint data stores as logical places where corporate data will collect but there are many more. Data may also reside in corporate archives, backup repositories, databases and laptops and desktops. In-house eDiscovery tools need to transparently access, search and place legal holds on data in these different locations. This can become logistically difficult, especially when these data stores may be in remote and branch offices or only connect sporadically to the main corporate network, so the tool should possess the ability to reach into these respective data stores.

Match your company's fluctuating search and access requirements. Companies may not fully grasp what it means to access, search and cull the terabytes or even petabytes of data that they possess in their enterprise. While the solution should be simple to deploy, the solution must also contain a high degree of sophistication so that companies can easily scale its capacity and performance capabilities. Features to look for include agent-less deployments which can access data at different geographic locations (data centers, remote offices), different data types (files, emails, PST, ZIP, etc.) and different data repositories (active content in the forms of file shares and email servers as well as file and email archives). Using these capabilities, companies can access and search as much corporate data as they need and produce needed results in the time frame requested.

The solution should create a data map that documents where the data is located. This is an important capability especially in light of the FRCP Meet & Confer requirements - it is critical to have a solution that can quickly discover ESI across the enterprise and provide a data map of it so that the legal team (inside and outside counsel) can make defensible early case assessments (ECA) about the litigation, thus avoiding unnecessary costs and liabilities/risk. Similarly, the ideal solution should be able to easily create a custodian map for analysis.

The savings a company can realize by deploying its own in-house eDiscovery solution versus using a third party can be substantial but only if a company selects a solution that meets its needs. Products that only partially fulfill the requirements of EDRM, fail to access and search all corporate data stores or cannot scale to meet enterprise requirements can leave a company hanging and still put it in a position where it needs a third party to do the work. But by quantifying what its needs are from the outset and then selecting the right solution, a company can eliminate the escalating costs of third party providers as well as the time and effort required to respond to new legal requests for data.

Federal Rule 502 Opens the Door to Driving Down Organizational eDiscovery Costs and Risks

2008-11-11T19:00:00Z

If compliance and eDiscovery were not already on the radar screen of every business prior to this current financial crisis, they better show up there pretty quickly. History tells us that anytime there is a financial crisis, more government regulations emerge that call for more visibility into corporate data stores and shorter time frames in which to produce requested information. But as Congress starts to have hearings and draft new legislation in response to this crisis, a question that companies need to answer now is who will pay for the technologies that they need to comply and which line item on whose budget should pay for it?

In the last few years, companies in all industries have faced an almost unprecedented wave of changes to existing rules as well as the introduction of new rules with which they are expected to comply. For instance, the Federal Rules of Civil Procedure (FRCP) were updated in December 2006 so that the inability to produce electronically stored information is now unacceptable. Corporate legal counsel must meet to negotiate what material will be disclosed, how it will be produced and in what timeframe. According to FRCP 26(f), most of this activity must be completed within 120 days of lawsuits being served in court.

However there is some good news on this front. To comply with the FRCP, companies are sometimes put in the position where they need to spend exorbitant amounts of money to produce information as well as avoid sharing information that is not germane to a case. If companies are not careful, they can inadvertently share information that is beyond the scope of what they are required to disclose.

In so doing, they provide the court and/or prosecution new information to pursue other lawsuits. To prevent this from happening, companies first do in-depth reviews of all documents that they plan to share which, in some cases, adds tremendous costs to the process, especially if there are time constraints and large volumes of data to review. The costs are incurred because companies need to hire third party consultancies to come in and do this review for them which tend to require a manual review process.

To take some of the risks and costs out of the eDiscovery process, Rule 502 was recently added to the Federal Rules of Evidence and signed into law by President Bush on September 19, 2008. The intent of this new rule is to help control eDiscovery costs and give companies some protection in the event that they inadvertently share information. If they do accidentally share information that is beyond the scope of the case, they are not automatically called into account for it.

Rule 502 frees companies to look at technology such as the Kazeon Information Server that searches, classifies and acts on documents without requiring the introduction of specialized and costly third party consulting firms to do it for them. But here's the catch - companies may already have a line item in their budget to hire an outside consulting firm to do eDiscoveries the old way. However now that Rule 502 exists, it gives companies more freedom to perform eDiscoveries themselves since there is less risk associated with sharing information. The new problem becomes who in the organization - IT or Legal - owns the budget and is responsible for purchasing a solution like the Kazeon Information Server?

Obviously there is no one right answer to this question but, as a rule of thumb, it can be argued that the budget for this technology should reside with the IT department. While the Kazeon Information Server does eDiscoveries and certainly can be paid for by Legal, it also performs other functions such as classifying files and documents and then taking action on them. Managing these functions is historically done by corporate IT.

The difficulty in implementing new technology that expedites eDiscoveries was to date limited by the need to restrict how much information companies could share and under what circumstances. Rule 502 removes some of those barriers and, in so doing, creates new opportunities for companies to lower their short and long terms costs associated with eDiscoveris while solving other strategic information management problems.

eDiscovery must no longer remain an afterthought in corporate budgets but needs to become its own line item in IT and/or legal budgets. Sufficient evidence has accumulated over the last few years to demonstrably show that eDiscovery deserves as much or more attention than other areas within the IT and Legal decision making processes.

eDiscovery will only receive the appropriate level of attention within companies if they allocate monies for it. Rule 502 mitigates some of the risks of eDiscovery while opening the door for corporate IT and Legal to collaborate and bring eDiscovery in-house. But that will only occur if Legal and IT come together to make the best possible decision for the company that will prepare it to pro-actively anticipate and prepare for litigation rather than reacting to litigation as the company does now.

Some Suggestions for Re-Introducing Credibility Back into the Socha-Gelbmann eDiscovery Survey

2008-09-24T18:00:00Z

Socha-Gelbmann's recent decision to drop rankings from its annual eDiscovery survey was met with relief by some vendors but now the bigger decision that faces Socha-Gelbmann is how to evolve its eDiscovery survey from here. As pointed out in a previous blog, questions about how they arrived at their conclusions in the survey as well as the scope of the survey and the size of the analyst firm performing the survey were becoming more common place. But it's easy to criticize a report. The tough part is making suggestions as to how the report needs to evolve going forward to make sure it reflects the changing nature of the eDiscovery software space.

There is rarely ever just one thing that analysts need to do when changing directions on a report to address all of the concerns that users and vendors may have about it. But in this case, two new components that Socha-Gelbmann could add to its report would add more credibility to the report and serve both users and vendors in a more constructive manner.

First, Socha-Gelbmann could break its evaluation of eDiscovery software down into two distinct categories: one for eDiscovery software that is intended for use by third party hosting and consulting service providers and law firms and another that evaluates eDiscovery software primarily intended for use by corporations, in-house. Bringing it into these two categories serves a couple of important purposes:

Corporations can make more accurate assessments of the eDiscovery software they are considering for purchase. Legal and IT end-users in corporations need eDiscovery software that provides a breadth of functionality beyond just the initial search and hold to provide more robust functions such as the management of their data from its creation to its disposition. Third party service providers and law firms do not necessarily place as much weight on eDiscovery software that performs these functions as end-users likely would.

It will add more credibility to Socha-Gelbmann's eDiscovery survey going forward. Right now one has to question the impartiality of the results of the survey since of the over 150 companies Socha-Gelbmann met with in building the survey, 87% of them were third party service providers and law firms. By breaking its survey of eDiscovery software into two separate categories, companies can more accurately discern which eDiscovery software is best suited for them and which ones are more appropriate for third party providers and law firms.

The second component of eDiscovery software that Socha-Gelbmann could examine more closely within their report is how the eDiscovery software processes corporate data. The Electronic Discovery Reference Model (EDRM) suggests a certain order of performing the steps of information management, identification, preservation, collection, processing, review and analysis. However there is no prerequisite for the eDiscovery software to do it serially or even perform all of the tasks as outlined by the EDRM.

Part of the difficulty lies with EDRM is that it presumes that the processes and procedures that service providers and law firms follow are the same ones that end-user companies need to perform. That is not necessarily the case. Companies may not want to follow these steps in the order suggested by the EDRM framework, or even perform all the steps outlines in the framework. Further, service providers and law firms are in the position of operating outside the corporate firewall. Therefore they have to take certain precautions in accessing, searching and managing corporate data that end-users functioning inside the corporate firewall do not necessarily need to take.

Furthermore, it's important to provide corporations, and perhaps even service providers and law firms, the ability to perform in-place analysis of information even before collection. This capability provides early-case assessment benefits and prevents over-collection of data which will have to be retained unnecessarily. In contrast, in-place analysis capabilities lead to targeted collection and efficient, relevant Legal Hold. The EDRM framework does not currently advise corporations to consider and implement early-case assessment capabilities to make their eDiscovery processes more efficient and defensible.

Finally, corporations need to consider scale and performance strongly; they should be considering solutions that process billions of documents and 100's of TB, as opposed to service providers who typically process 100's of GB, since they are fed relevant datasets outside the firewall.

In this respect, Socha-Gelbmann could take the lead in suggesting the creation of two EDRM models. One EDRM model could be specifically used for the measurement of eDiscovery software that is used by service providers and law firms where Information Management is removed from the model (such as is shown below).

Note: The "X" through "Information Management" in the above graphic is my edit and not necessarily endorsed by anyone associated with the EDRM.

The second EDRM model would retain the current model that includeds Information Management and be used to measure eDiscovery software implemented in end-user environments. In so doing, it would not only increase the awareness of the EDRM model among corporations but make it more relevant in the process.

Determining how to evolve an annual report is never an easy task. However a market segment that is as dynamic and rapidly changing as the eDiscovery software space requires more frequent changes than most. By breaking the eDiscovery software space into two separate markets, suggesting some alterations to EDRM itself and then evaluating software based upon those criteria, the Socha-Gelbmann eDiscovery survey would not only better serve users and vendors, it might help Socha-Gelbmann re-establish credibility in the eyes of the some of the companies it now proclaims to serve.

No Tears Shed over Socha-Gelbmann's Recent Decision to Kill Rankings in its Annual Survery

2008-09-12T18:00:00Z

The Socha-Gelbmann Electronic Discovery survey will continue but its rankings are gone. The announcement that was recently posted on Socha Consulting's blog that it is killing its ranking that made up a component of its annual survey since its inception caused a small stir among the vendors covered in the report. However apparently very few vendors shed any tears over Socha-Gelbmann's decision to drop these rankings from its annual report, even among those it benefited.

Vendors do not dispute that a need for such rankings by a third party analyst firm exists. Yet how the Socha-Gelbmann survey arrived at the numbers in its rankings and the conclusions it drew from them were coming under increasing criticism by the vendors and end-users it was supposed to serve. Even vendors like Kazeon Systems, which for the most part received favorable ratings, felt that a change was in order.

The crux of the criticism about the rankings in the Socha-Gelbmann report stems from two principle areas. The first is the types of the companies covered in this report. The rankings included data from over 150 organizations. Of these, 107 of these organizations were third party service providers and another 29 were law firms. It was the minority of end-user corporations covered in the report (only 19) that was causing some heartburn among vendors.

The problem with polling and relying so heavily upon data provided by service providers and law firms is that they need different features in an electronic discovery and/or information management software tool than what end-user corporations may need. Part of this has to do with the business model of service providers and law firms. They only focus upon a few processes within the broader Electronic Discovery Reference Model (EDRM) such as Processing, Review and Analysis. So it only makes sense they will use software tools that specifically focus on these processes which will result in more favorable rankings of this software but ends up skewing the rankings overall.

Conversely end-user companies may need a software product that covers the entire spectrum of EDRM, not just a subset of it. Information Management, Preservation, Production, Processing and Presentation processes may all carry more weight among end-user corporations since they use the tool as part of their broader, ongoing corporate data management practices. Yet if only 19 end-user corporations are included in the survey, tools that are specifically designed to serve them are not as likely to come out as well in the rankings as the tools preferred by service providers and law firms who use the software in a very different manner.

The other criticism of Socha-Gelbmann's rankings is less about the quality of the report and more around the growth of the industry. When electronic discovery and information management was still a nascent industry (such as in 2003 when Socha-Gelbmann put out its first report), two analysts could satisfactorily analyze the vendors and products in the space and generate a thorough report. Now conservative estimates put the number of products at over 100 with tens of thousands of companies of all types using this software. In this respect the industry has outgrown the size of the analyst firm trying to cover it.

Objective rankings of vendors are something users need as much as vendors so users can make appropriate technology choices and vendors know in which areas they need to improve. But when the sources of the data used in a report start to skew the outcome of the report, it is time to call into question both the report and those producing the report. To Socha-Gelbmann's credit, it recognized some of these factors and is re-analyzing the best way to produce their annual report going forward. In a forthcoming blog entry, I'll share some thoughts as to how Socha-Gelbmann may want to refocus some of the report going forward to more appropriately reflect these different market segments.

eDiscovery: Budgeting for the Inevitable

2008-05-29T10:00:00Z

I was always told that there are two inevitabilities in life: death and taxes. But in business, it's a little different. The two inevitabilities here are regulations and lawsuits. Federal laws such as Sarbanes-Oxley, HIPAA, Graham Leach Bliley, as well as state and local regulations, are making the need for eDiscovery a near certainty.

Most companies are taking this new reality seriously. Companies are committing necessary resources to develop compliance and risk management policies in order to respond to and manage the cost of litigation. These legal actions impact operational costs while taking up corporate time, energy, and resources that are better used for selling, marketing, research and development, employee retention, or other business driven priorities.

Confronting this spike in legal work is driving up budgets for eDiscovery as it has become a critical part of every company's response to litigation. This is forcing companies to address the challenge of identifying, collecting, preserving and processing their electronically stored information (ESI) regardless of where it resides on their corporate network by automating some or all of their in-house eDiscovery processes.

However, as companies are coming to find out, conducting a corporate eDiscovery fire drill every time they need to respond to legal inquiry is costly and impractical. Companies no longer have the staff or budgets to dedicate to meet the growing number of legal requests they receive from the courts for their electronically stored information. Equally problematic, courts no longer give companies open-ended time frames in which to produce this information.

This is forcing companies to adopt a more proactive stance and deploy eDiscovery solutions before they receive the legal discovery request. So as companies start to bring in-house eDiscovery and compliance solutions like Kazeon Systems' Information Server, companies can know ahead of time where their data resides, categorize and classify document and email content and then only produce the information that the is required for the 26(a) initial disclosures or 26(f) meet and confer, instead of delivering a week's or month's worth of backup data.

But as companies become more proactive, they are running into an unexpected problem: how to pay for eDiscovery. Historically budgeting for eDiscovery has come out of some sort of emergency funds. It may come from the external law firm budget or it may come from the IT budget, but this is a zero sum game. So now what companies are finding out is that as they go through a more formal process to procure and deploy a proactive eDiscovery solution, they find out they have not properly budgeted for this expense.

IT and corporate general counsel both play a role in eDiscovery but have budgets that they manage separately. As a result, current line items in their budgets do not neatly map into eDiscovery solutions. Line items like archiving, compliance and security tend to appear in IT budgets while a line item for external law firms shows up on the General Counsel's budget. So who must pay for the eDiscovery solution since technically it is applicable to both?

eDiscovery is as much a part of the new business reality as new federal and state regulations. So while companies have already started to put in place processes to reduce the risk associated with eDiscoveries, they must include a new line item in their budgets to pay for the up-front expenditures needed to minimize downstream costs and risks. A proactive approach to controlling the risks associated with eDiscovery provides recognition to the importance of protecting your company's assets and reputation as well as your bottom line. This starts by creating a line item in your budget for eDiscovery which ultimately prevents your company from failing to fund an event that is, in all likelihood, inevitable.

eDiscovery; Proactive Approach or Corporate Fire Drill

2008-05-16T13:38:00Z

If your company strategy toward Electronic Discovery (eDiscovery) process amounts to nothing more than a corporate fire drill, you are not alone; but the potential costs and risks associated with this reactive approach are staggering.

An eDiscovery process can touch many areas within your company, and meeting the obligations of the Federal Rules of Civil Procedure (FRCP) regarding eDiscovery processes can be a daunting task. According to the National Law Journal over 90 percent of business documents today are created and stored electronically. When you factor in the many avenues in which corporate data is created and stored, whether it is e-mail, spreadsheets, or electronic documents, the need for adopting a proactive eDiscovery process becomes apparent.

It is well established that not having a formal process towards eDiscovery is a costly and risky strategy. Studies performed by DCIG have shown that costs can approach $2000 per gigabyte of information for collecting and preserving electronic data. This does not include the costs associated with a legal review that a proactive approach to eDiscovery can help mitigate

Traditional reactive approaches to eDiscovery expose companies to skyrocketing costs as they try to wade through the processing and review of e-mail and documents which too often cause delays in determining which documents are subject to discovery. A proactive approach towards eDiscovery shortens the time it takes to identify, collect, process, and analyze electronically stored e-mail and documents thereby reducing costs and delays in responding to eDiscovery requests.

In developing a proactive approach to eDiscovery, there are several areas which a company needs to consider:

1. Is a company better served through outsourcing eDiscovery to a third party? Or is bringing up-front eDiscovery in house through the use of an eDiscovery tool such as Kazeon Systems' IS1200 a more prudent option? When making this decision companies need to consider all issues and risks and decide which model best fits their corporate strategy. Usually the decision is one based on cost and control. How can a company have the most control over its data and implement the eDiscovery process for the lowest cost?

2. Does your company have a good understanding of the laws pertaining to eDiscovery? The revised FRCP governs eDiscovery in legal proceedings. Ensuring there isn't any legal counsel confusion regarding eDiscovery is critical during these times since, in order to comply with FRCP, there are steps that companies need to take including:

Verifying that electronically stored information (ESI) is accessible and discoverable
Faster, hassle-free information for 26(a) initial disclosures
Prepare for 26f meet and confer to define scope
Knowing the guidelines on when cost or effort is excessive and not justifiable in producing an e-document
The loss of evidence through routine e-mail purging

3. Developing an adequate records management program. If you do not have a good handle on your electronically stored information, then any eDiscovery request is going to be a costly and time consuming effort. Companies no longer have open-ended time frames in which to answer an eDiscovery request and there have been high profile examples in which civil penalties have been levied against companies for delays in responding to eDiscovery requests. One such example as reported by the New York Times was Morgan Stanley's $15 million agreed upon fine with the SEC for failing to produce e-mails in a timely manner.

4. Finally, companies should develop policies and procedures to ensure they have a plan in place when eDiscovery occurs. This should be a combined effort between corporate management, corporate IT and legal counsel to ensure a good understanding of the challenges in responding to eDiscovery requests. A consistent approach to these types of requests will go a long way in making sure management, IT and legal are all on the same page when a company needs to perform an eDiscovery.

Legal fire drills generate a lot of activity and sometimes solve the problem but they are no longer a viable substitute for a well managed and documented corporate eDiscovery process. Companies must understand that a reactive approach to eDiscovery results in unacceptable delays and could lead to critical omissions and/or revelations. These may damage the organization's reputation in the market while also increasing costs and taking up valuable time. By following the above suggestions your company can begin to implement a thoughtful and prudent pro-active eDiscovery infrastructure that will benefit not only your ongoing information management initiatives, but help you respond to reactive eDiscovery requests with unprecedented completeness and accuracy across your enterprise.