Don't Be An E-Discovery Ostrich
A favorite analogy in legal circles is based upon the ostrich's habit of sticking its head in the sand when it is threatened—pretending to be blissfully unaware, with the hope that the threat will go away.
In the world of e-discovery, “ostrich” is frequently used as shorthand for companies that perform e-discovery on what they consider to be “best-efforts”—meanwhile burying their head in the sand, paying minimal regard to the fact that their processes are incomplete and that they may be risking sanctions.
Sometimes the ostrich strategy actually works! However, as both litigators and companies become more sophisticated in the e-discovery process, this strategy grows riskier each day. Since the e-discovery process is usually very complex, there is almost always some risk to be managed, even in today’s compliance-sensitive environment. Therefore, it’s critical for companies to understand the risk that they are accepting, instead of acting the part of the ostrich.
Three common e-discovery practices that can hide a significant amount of risk are: 1. employee-based litigation holds; 2. forensic imaging; and 3. custodian self-collection.
Many companies create their litigation holds by sending a notification to specific employees; custodians who have been identified as being relevant to a specific matter. The employees typically are notified that they are “on litigation hold” and should not delete any information that may be relevant to the facts of the case. In turn, employees are usually required to acknowledge receipt of the notice and agree that they will comply.
While such notices are almost always a key part of an e-discovery solution, they can be extremely risky when they are the main or sole basis for litigation hold. Reliance on human nature alone can undermine the entire process. For example, will an employee attempt to delete relevant information that might be embarrassing or that tends to paint the employee in an unkind light? The opposite problem is also an issue—an employee may be completely uninterested in the case and ignore the notice from legal, or act irresponsibly in preventing deletion. Even for employees with no actual self-interest in a matter, a skilled adversary (opposing counsel) may use the possible self-interest to call the process into question.
Another area of risk develops when a company is overly reliant upon a forensics-based collection process. With a forensic model, a company typically handles both its hold and collection process by taking a snapshot of the storage in affected systems such as laptops, desktops and servers. Properly done, the image creates a copy of all content located on that system—including deleted files, application programs, so-called slack space and so on. This copy is then used in the e-discovery process. At first glance, this appears to be an effective solution: how can you get in trouble if you have collected and preserved everything? The reality, of course, shows that there are several areas of risk.
The first risk is that a company may incorrectly believe that its work is done, having preserved system images from the main employees targeted in a matter. However, this ignores the fact that good e-discovery is an ongoing feedback process that should be continuously refined. For example, Sue and Joe may be the initial targets in a case. However, a quick review of their email might reveal that Jenny and Bill were also involved in the case—requiring that their electronically stored information (ESI) is also preserved. In a forensic process, the images from Sue and Joe would normally be created and then set aside until later in the case, and Jenny and Bill’s involvement might not be realized until later, after content has been compromised.
A second problem is that forensic imaging almost always results in a significant over-collection of data. Consider that many work laptops hold a minimum of 30GB-40GB of data and applications. A forensic image will capture all of that information, along with slack space and deleted items. At some point, all (or a substantial portion) of that information must be restored, culled and then reviewed. At a cost of $18,750 per gigabyte for legal review, over-collection can generate huge litigation costs—which may, in turn, drive a decision to accept an otherwise unfavorable settlement.
Finally, companies using forensics may become over-reliant on their process, believing that forensic imaging has been “court validated” and the imaging process alone is sufficient to comply with their compliance obligations and enough to enable authentication of the information. The reality is that no solution is “court validated”—process is always important. So while forensic imaging is an important tool in some cases, it is just one piece of the overall puzzle and often proves to be inefficient and costly.
A third and very common risk is created when users are required to collect their own ESI for e-discovery. In this model, users are asked to create a folder on their desktop or a network share (or one may be created for them), and asked to “drag and drop” to that folder any files, email or other electronic information that they deem relevant to a case. Once complete, the employee may be asked to sign an affidavit stating that they have complied with their responsibility. Legal or IT then assembles all of the data from the targeted employees for downstream processing.
This process is actually very risky. As with the notification process, relying entirely on employees raises the specter both of employees ignoring content to protect their own interest and those that are disinterested in the process or do not completely understand their IT infrastructure. Even employees acting diligently may have issues because they cannot locate or simply forget about important content. Others may simply not understand the legal issues in the case sufficiently to comprehend what content is important or relevant.
E-discovery is a complex and important task for many enterprises today. Companies with even a modest amount of litigation should evaluate their process both for hidden risk, and for efficiencies that can save them money and reputational damage. Corporate counsel are best advised to keep their company’s head out of the sand.