Hide or Seek: How to Play the E-Discovery Game
I approach the monthly pleasure of writing these articles with an exotic blend of awe and dread. Dread, due mostly to the fear that I cannot possibly find anything worthwhile to say to you readers that can measurably improve your (a.) life; (b.) job or (c.) hairstyle. (I made that last one up; there always has to be three things. Just ask Rick Perry.)
The awe factor usually comes when I find out about halfway through that I am utterly wrong. Take this month as a perfect example. We've been examining "e-discovery" and the complex role that information technology plays in the distasteful subject of litigation. What could there possibly be to say that hasn't already been said about litigation preparedness? The world changed pretty dramatically in 2006 when the Federal Rules of Civil Procedure (FRCP) were amended to incorporate (some say vaguely) the inclusion of "electronically stored information," or ESI, and the ways and timelines in which that ESI were to be preserved and presented in the event of a litigation. But, c'mon, that was five years ago! In tech years, that's like, a really long time!
"The FRCP amendments... for some savvy lawyers, they are old hat, yes," admits Philip Favro, discovery attorney for Symantec Corporation. "But for many companies it's still new news. Many lawyers-both inside and outside counsel-are still learning how the rules apply in practice."
The REAL news is the movement afoot to change the rules again-to amend the amendments, Phil explains to me. "People are complaining about the additional costs and delays to litigation that are directly a result of the FRCP rules, and they want change. But there's no real consensus on what the new rules should be! So it's sort of stalled. Essentially, corporate America would like to have specific triggers for data discovery. They currently feel that at the drop of a hat they're being forced to preserve too much data and to do it in too short a time frame. They want more specific guidance as to what to preserve and when. Instead of the amorphous ‘reasonably anticipated litigation' standard that currently exists," he says.
What he's referring to (and I'll try to keep legal mumbo-jumbo to a minimum—Phil says that I "do OK for a layperson," but I get the feeling he's being generous) is the oddly ambiguous and fraught-with-peril requirement that any organization with ESI that might be demanded by opposing counsel in ANY "reasonably anticipated litigation" must be made available for review. If you cannot (or will not) make that evidence available, you can get into deep trouble. More examples of that later.
But, of course, it's not as simple as just that. The FRCP amendments may taketh away, but they giveth also. There is a "safe harbor" into which to steer. IF you maintain an acceptable records retention policy, and IF you have documented aforementioned policy amply and IF you have made all of your employees aware of said policy... whew... well, basically, you don't get into trouble. You might get a little yelled at, but not into butt-busting verdict trouble.
So, the rules say you have to look ahead and determine what might be problematic. But it also allows you to skirt a negative verdict—an "adverse judgment"—if you follow proper procedures.
The issue is: with today's extremely fractured and diverse information architectures, including universally accessible email systems, mobile devices, home PCs, smart phones, yadda yadda, controlling proper procedure is getting downright difficult.
Then add volume PLUS complexity. "One of the largest growth areas in technology has been the use of text analytics and computer-assisted coding," says Andrew Sieja, president and CEO of kCura. "We've seen a 7,000% year-over-year growth in text analytics use—mostly driven by groups wanting to perform predictive coding reviews. This trend will continue," says Andrew.
"Big data has been another growing issue," Andrew adds. "What once were more like anomalies—cases with 50 million documents or so—are becoming more common. As the amount of ESI per case increases, we've been tasked with meeting the needs of these increasing volumes."
Size Matters... a Little
It's easy to imagine, when the conversation starts to be measured in terabytes, that litigation preparedness and e-discovery is a game played at the largest of scales, and only the biggest and most sensitive companies need concern themselves. Not true, says Phil. "All companies realize there's a problem, but many are reluctant to do anything about it. That is, until they get in trouble." And he's right; e-discovery can easily become a back-burner issue. "Most companies, small or large, don't plan for e-discovery unless they've had an e-discovery event. But once they've gone through the school of hard knocks, they don't want to do it again. So they prepare." The second time.
"There's little defensible reason for that; preparing for e-discovery is not a rich man's game. Anybody can prepare for e-discovery. It's a matter of having your ducks lined up," says Phil. "The best practice is to prepare for litigation by having your content management together, your retention policies and your governance in place BEFORE you get sued, but that's rarely the reality."
Andrew agrees. "For most organizations, e-discovery is still a noun, but when an incident happens, it immediately becomes a verb. The business process of e-discovery becomes top of mind. There is a cost savings that comes with being ready for e-discovery and not needing to spend the time and money suddenly trying to cover yourself for the past several years. Of course, preparation helps mitigate the risk issue. Really, e-discovery should be taken into consideration for any piece of litigation, and shouldn't be an afterthought," says Andrew. "Actually, now that I think of it, that might make it more of an adjective."
At this point, I broach the million-dollar question: that despite the advocacy that companies like kCura and Symantec try to bring to the marketplace, there's data out there that suggests only about 1% of organizations are reportedly prepared for full-scale e-discovery activities. Statistically, that's zero. Why is that? Are companies currently residing in a river in Egypt? Or are there greater forces that prevent organizations from being prepared in advance, or being able to respond in a case-event?