The Hot Topics in eDiscovery webinar takes a look at modern eDiscovery, whether for litigation, regulatory or internal investigation purposes. They all involve much more than the old world of files and emails stored only on servers, laptops, and desktops. Indeed, if you are limiting your experience to just that, you’re likely missing out on the most meaningful and revealing information sources available.
Today’s eDiscovery processes must address a multitude of potential data sources that are increasing in size and scope every day. From social media and chat applications to cloud storage and Internet of Things (IoT) devices, the challenge today isn’t just collecting that data, but first figuring out what solutions, systems, devices, apps and more are used and where all the associated data resides.
In the Hot Topics in eDiscovery webinar, you will learn about:
- The importance of focusing on preservation first – it’ll make or break your case!
- Social Media Discovery™ and the value add it brings.
- Identifying and preserving data from third-party providers and cloud-based applications.
- International data collections – what you need to know about GDPR.
- Electronic custodian questionnaires – a new twist on an essential process.
- Artificial intelligence (“AI”) software – what does it really do and how effective is it?
Watch the Webinar
Webinar Q&A Session
We had a wonderful Q&A session at the end of the webinar, and we wanted to share our answers here as many of our online readers may have the same questions.
Who are some of the main vendors that offer electronic custodian questionnaires as a product?
A quick internet search will bring up a number of software solutions with new ones popping up all the time, but our preferred platform is TotalDiscovery. It’s completely online, instantly available, very affordable, amazingly secure and requires no software to be installed. It can be used and licensed just for Custodian Questionnaires, but it also has integrated Legal Hold, Data Collection, Processing & ECA functions that can be used if desired. That said, there are lots of good products available with varying capabilities and price tags. Know what features are ‘must-haves’ for your organization and schedule some demos!
When self-destructing social media platforms (e.g., Snapchat) came on the scene, many people suspected that, in actuality, these services kept backups of users’ data. Do we know that to be the case? If so, should we send preservation notices to them?
Unfortunately, there’s not a one-size-fits-all answer to this question. Some platforms never keep any permanent record of users’ communications (often the only instance is on the user’s device), while others will keep at least some information for a varying period of time. The first step is to identify which platforms are implicated in a given matter. Once you know that, you can either consult an expert (recommended) or research the retention practices of the identified solutions (checking the Terms of Service that everyone clicks through is an excellent starting point) yourself through general web research or by calling the company directly.
That all said, even if the company itself maintains some data, sending a preservation notice to a non-party like Snapchat is unlikely to result in any data being preserved. The non-party company itself really has no independent legal obligation to preserve such data, and thus, will often simply ignore a preservation notice. Indeed, many companies will reject or ignore a standard third-party subpoena, with only a court-ordered subpoena for production getting their attention.
The best approach is to retain an expert who can not only assist with better understanding how a given company’s solution retains data (or not), but more importantly, can assist you in determining the most efficient, effective and defensible way to collect and use that data.
What should be the single top priority for an organization to consider for 2020 in relation to eDiscovery practices?
We’ll give you two…
First, you should put serious thought into how you can use Social Media Discovery in every new case you start. Read more about how Social Media Investigations is the new smoking gun that alone can make or break a case – and it’s not just for personal injury and medical malpractice cases anymore.
Second, embrace automation and AI solutions wherever possible. We’re not just talking TAR – nearly every step in the eDiscovery workflow can now be largely automated. And it’s not hard to do.
In days past, when collecting data for litigation, teams of forensics technicians had to be sent out, boots on the ground, to kick employees off their computer while they tore out the hard drives and made physical copies – often taking many, many hours per employee. The travel, expert cost, lost productivity, employee distress and more made those collections extremely costly and disruptive. But with today’s automated collections, a quick email, a simple click on a link, and that same data can be captured automatically, even while the employees continue their work without interruption, annoyance or distress. Oh, and it costs a lot less too. (Note, for criminal, fraud investigations and the like, a bit for bit forensic capture may be the appropriate method. Again, consult your experts.)
The Legal Hold Notification processes, too, used to be performed manually using emails and spreadsheets in most organizations. Some organizations with larger litigation portfolios even had one or more full-time employees who largely focused on nothing but legal hold notifications, record keeping, and general management. Today, the entire legal hold process can be set up in minutes, with everything from routine reminders to reporting completely automated. And the same goes for Custodian Questionnaires.
There’s really not a single part of the eDiscovery workflow and process that hasn’t seen amazing leaps in automation and technology over the past several years. So how do you choose that one single thing? Find out what causes your organization the most stress, disruption and/or money and automate that first.
For one of our new clients, the biggest pain internally was their legal hold process. It was such a complex web of manual processes, spreadsheets going back years and never-ending custodian follow-ups, that it took a full-time team of three people to manage. And they barely kept their head above water. Fast forward a few months after they decided to migrate to our automated solutions, and now they collectively spend about 10-20 hours a week on legal holds (compared to about 120 hours collectively before). And it’s more secure, defensible and reliable than their previous solution too. Now they are looking at the next step – automating their data collections.
So, figure out where you’re spending the most time, the most money or simply experiencing the most frustration and start there. Not sure? We’d be glad to help with an overall process review.
What is the best AI software available in the market today to help legal professionals in eDiscovery?
Well, that’s a loaded question! For our purposes here, we’re going to assume the question is focused on AI solutions that assist in eDiscovery related areas like internal investigations, document reviews, second requests, and general case and issue research and analysis.
As a preliminary note, it’s important to understand that AI solutions not only can help determine responsiveness to document demands (e.g., Predictive Coding or TAR), but they can also assist counsel in general investigative work, deposition preparations, motion practice and more. For example, the same technology that helps you determine whether documents are generally responsive or not can be tuned and focused to help find the needles in the haystack on a given topic when reviewing documents produced by the opposing party. We also use those same tools to help ensure all potentially privileged materials are identified, that responsive and issue coding among similar documents are consistent, and much more.
That all said, what platforms do we recommend? Well, here at BIA, we currently use Brainspace more than any other platform, but we’re also beginning to use the NextLP platform as well, which has some interesting “emotional” intelligence functions that help highlight more emotional communications, for example. We also use Veritone specifically for audio file analysis. One thing we like about those solutions is that they plug into a number of different review tools, so your choice of analytics platform doesn’t necessarily lock you to a specific review platform too.
Beyond that, we’ve used a number of different tools over the years, as not every nail should be hit with the same hammer. We’ve found that it’s best to have the team trained and proficient in a number of core tools but to always be on the lookout for new ones and be willing to give new solutions a try.
Will AI eventually substitute the need for “humans” to do electronic discovery?
No. We wrote a blog on AI generally that included that topic and another blog on the human question specifically a while back. Long story short, AI is best – at least for the foreseeable future – on very regimented, predictable and often mundane tasks. What we expect AI to do is to eliminate or at least reduce those mundane tasks, hopefully allowing attorneys to focus that much more on the legal theories, arguments, and strategies in a given case.
Is Microsoft O365 eDiscovery Basic Services good enough?
For many cases and companies, the basic eDiscovery functions in Microsoft’s Office 365 (O365) are going to be sufficient to meet the most basic eDiscovery needs that a company generally handles internally. Larger more complex organizations should bring in an expert to evaluate their needs and make recommendations for how best to leverage the built-in solutions to O365.
However, it’s important to remember O365’s eDiscovery limitations. The most significant being that regardless of whether you use the basic or advanced eDiscovery features in O365, those functions and solutions are still limited to the O365 universe and that means most servers, desktops and other common data locations must still be handled separately. So, for nearly all organizations, O365’s eDiscovery solutions will only handle part of your overall eDiscovery data collection needs.
It’s also worth noting that O365 doesn’t have complex proximity and other searching functions commonly used in eDiscovery practice. It’s largely geared toward high-level data identification, collection and basic filtering (think date filtering and basic Boolean search functions). And of course, there is little to no review or production capabilities built-in, so you’ll still need a review tool solution nonetheless.
Re: Facebook accounts, Is there a difference between “deactivation” vs “deletion”?
Those terms provide an interesting juxtaposition. Deactivation can lead to deletion. In many spoliation claims specific Facebook posts are deleted from a user’s account. The Katiroll case is an excellent example of that. The offended party knew posts had been there and the court ordered them to be restored. Facebook’s Terms of Service address the notion that once an account is deactivated Facebook will delete any posts to that account within a short time frame. They also state that while there may be residual copies in various backup locations, those too will be deleted over time. We have not yet seen a case where Facebook has tried to recover data from those backups.
What are the best practices to hold the data from social media platforms? Will a simple snippet work in legal framework or do we need specialized tool and technology to preserve the post or content?
There really is no black-letter guideline on this question. When it comes to admitting evidence, that’s a decision left exclusively to the judge in a given case, and thus, open to wide discretion. We’ve seen cases were judges have allowed the admission of simple webpage printouts of a social media site and others that have rejected the same for lack of foundation.
That said, when it comes to data collection of any type, we don’t mess around. After all, whether you’re collecting a Facebook page or the CEO’s email, the single most important consideration is to ensure it’s done defensibly. Without a defensible collection process, everything else is a waste.
So, we recommend hiring an experienced professional to do perform any type of social media (or really any other) data collection. Not only will that professional take steps to help ensure the foundation of the evidence for admissibility, but if you need someone to testify regarding the collection, you’ll be prepared. What’s more, you’ll likely be surprised how inexpensive it can be to collect a few social media sites.
For IoT, I understand in criminal cases or personal injury they are but what about antitrust matters, criminal white collar? Are people talking through these? Or is it for their location, meetings, etc.?
The use of information from IoT devices is limited only to your imagination. As nearly everything becomes connected to the internet, the vast amount of possibilities that opens up is simply staggering. Location data in your smartwatch might prove you were at the office the weekend before you quit, which might play into employee data theft cases.
Tracking of your activities, heart rate and more might play into medical malpractice or medical device lawsuits. Tracking of your sleep quantity and quality could potentially be used in professional malpractice cases. Chatting through unconventional resources such as gaming consoles is something to consider as well.
How do you collect e-mail from someone who may be the target of an investigation and resides in the EU and yet all of their e-mail data resides in the USA? It doesn’t make sense to obtain consent for a potential target.
This is a difficult question to answer however, the GDPR does attempt in its drafting to take the position that it governs data of EU residents wherever that data is located. Hence the need for caution. We are not aware of actions by the EU governing body yet that address this particular issue. Our advice here is to proceed with caution.
Have you come across any situations wherein the Custodian withdrawing their consent when for example, the custodian signs an agreement with the company that they are employed by understanding the company reserves the right to access their computers? Can they legitimately withdraw their consent?
If the provided consent is a condition of employment and specifically references employer-provided computers and other devices (tablets, smartphones), those are company assets then it stands to reason that the custodian/employee can be forced to allow access. Typical consent forms do include a provision that there is no expectation of privacy with respect to company-provided devices. If the custodian is using personal devices for work purposes, the same holds true and the custodian can be forced to provide access, typically through a court order. We have seen this in many matters over the years, and it does happen with frequency. As to the withdrawal of consent, and there is a legitimate purpose to obtain access, then, you may need to resort to motion practice seeking an appropriate court order.
It seems like TAR is geared toward relevancy, not hot vs. cold. Any improvements in the future?
The simple answer is yes – we expect Artificial Intelligence (AI) solutions, which include TAR solutions, to improve more and more rapidly as they continue to evolve. Indeed, we’ve seen these systems already rapidly advance in the few years since the legal industry embraced the use.
While we address this in the question above about AI generally, in short, it’s not a correct assumption that TAR can only be used for relevancy reviews. AI platforms currently used in eDiscovery are driven by statistics and the characteristics you deem important. So, what that means is that it’s all in how you use the platform and the statistics and characteristics you tell it are important. As we mentioned above, for example, we use TAR platforms not just for relevancy, but for privilege reviews, consistency and quality control and more. A lot of that just comes down to experience.
Remember, these systems aren’t the self-thinking artificial intelligence brains of science fiction; instead, they are analytical tools that are trained to do a specific job using a specific set of criteria and advanced mathematical statistics. If you train the AI system by showing it what documents and information you consider hot or cold, it can apply that to identify other similar hot documents or eliminate other cold documents. Indeed, above we mention how NextLP has created an “emotional intelligence” aspect to their platform. That doesn’t mean they’ve somehow trained their system to understand human emotions. What they’ve done is train their system on the common characteristics, content and other aspects generally found in communications that are more emotional in nature.
In the end, what you get from these platforms depends on what you feed them and how you design the workflows. As the saying goes, anyone can drive a Ferrari, but not quite like Mario Andretti. Similarly, a truly excellent AI/TAR consultant can really make those platforms sing and accomplish a lot more than you might expect!
Why is it important to keep custodian eDiscovery questionnaires/surveys outside of the organization through a vendor?
It’s not – companies can and often do manage their own solutions around Custodian Questionnaires. Indeed, most of our clients to whom we sell a license to TotalDiscovery (our preferred platform) run the Legal Hold and Custodian Questionnaire process themselves, relying on us for expert advice when needed. We’re even seeing more and more law firms license TotalDiscovery and then resell it to their clients on a case-by-case basis.
When deciding on which technology to use for Custodian Questionnaires, the important question isn’t whether it’s inside the organization or not, but rather, the overall cost, efficiency and data security of the system. And while just about any commercial survey engine can accomplish the basic tasks of a Custodian Questionnaire, not all will do it as effectively – and securely – as those designed for legal use.
Let’s first look at the worst choice you should avoid: free online survey engines. Those platforms may allow you to get the job done, but nearly all will retain the right to review and use your survey result data for their own purposes (in other words, there’s no such thing as a free lunch). Given that Custodian Questionnaires can gather very rather sensitive and privileged data, such free solutions can very quickly become extremely risky.
Whatever solution you use, then, must first and foremost, have robust data security practices and clear privacy policies.
To the extent this question asks whether organizations should consider building their own custom software themselves, that’s not recommended. While we have seen many organizations in years past develop their own Legal Hold Notice and Custodian Questionnaire solutions (the two tasks often go together), that’s unheard of today. Indeed, we often migrate customers out of such custom solutions they created in years past and into new solutions like TotalDiscovery, as it’s simply much cheaper, easier, and more effective than building and maintaining their home-grown solution. And the commercial solution usually has much better data security controls than anything most organizations can build or maintain internally.
Mary: Hello, my name is Mary Mack and I’m the executive director of ACEDS, the Association of Certified eDiscovery Specialists. I want to welcome you to a very warm summer school webinar series on our ACEDS webinar channel. We have with us our fabulous affiliate BIA and they’re bringing us an educational program for us today. And as always, your questions are very very important. A Q&A tab is down at the bottom. We’ve already received a bunch from folks that put their questions in at the registration time, so just add your questions there. The slides are available for download in your counsel. What we’re going to be covering today is an eclectic group of hot topics in eDiscovery.
We depend on our great affiliates to help us with our educational mission. And BIA, besides creating wonderful blog content, also is one of our premier partners to bring us webinar education. They’ve just started a podcast, and our friend Mark MacDonald is going to be the moderator for this particular webinar. And he oversees BIA’s business development. He’s got over 10 years of hard-won experience in our wonderful eDiscovery industry, and he’s been in all sorts of different areas of eDiscovery from data analysis to manage attorney reviews, both form the law firm and the corporate side. And he is obviously a CEDs and one of my favorite. So Mark MacDonald, will you please take the reins and introduce our presenters?
Mark: Thank you very much, Mary. We certainly appreciate you, and thanks to everyone for joining. We’ve got a lot to cover today. So I’m going to do a couple of quick intros, we’ll jump right in. For those questions we don’t get to today, as always, we will answer them and then put them on the BIA blog and we’ll send it to everybody afterward.
So today we’ve got Brian Schrader, president and founder of BIA; industry trendsetter for over 20 years. Really the most important thing you need to know about Brian is that when he was 11 years old he used his paper route money to buy his first computer, a Commodore 128. From there the rest is history.
Barry Schwartz, senior ADV and in charge of our ADV group, 10 years at BIA, resident expert in all things managed review services, GDPR, advanced AI, and analytics. And guys, I’m going to leave it there and let you take it from there, how’s that?
Brian: Sounds good Mark, this is Brian. So first, thank you, everybody, for attending today, and as we go through, as Mary said, we’ll give quite a number of topics today. We’re going to try and hit them all, and if you have any questions we’ll try to hit as many of those at the end and feel free to submit those as we go along.
So today we’re going to cover four pretty different topics, but they’re all kind of obviously connected together. The first is talking more about the ever-expanding data universe. When we first got into this industry, there was, the biggest challenge was finding thumb drives and USB drives and DVDs and CDs that people would store data and stick in their desk drawers. That’s obviously changed quite a bit. We’re going to talk a lot about social media, specifically because that’s become quite the hot topic as far as data collection goes. We’re going to talk about cross border discovery challenges and the GDPR in particular. We’re going to talk a little bit about preparation pre-discovery, which is the topic that’s been around for a while, but we find that it’s a great topic of interest for people to kind of better understand how to prepare because preparation makes all the difference in the world both in terms of cost efficiencies and effectiveness of eDiscovery.
Last but not least we’re going to hit some trends in technology-assisted review. Actually yesterday there was a – well recently I don’t know if it was yesterday, I saw an article about a recent survey done by Kaplan who in the survey, out of the people that had been surveyed, 80% of the corporations said they are using TAR to some degree and 100% of the law firms they spoke to are using TAR in some degree. Finally, it’s gone from everybody talking about it to now, it seems like everybody does use it. So we want to talk a little bit about the practical applications and some of the things you might not think about using tar for.
So let’s dive right in. We do have an ethics component to this. Throughout the presentation, you’ll see that ethics logo at the top in the little miniature form next to some topics and items that we talk about, in case law that we talk about because the ABA Model Rules talk about the importance that a lawyer should keep abreast of changes in the law practice including the benefits and risks associated with relevant technology. And more and more bar associations are talking about how important it is that lawyers keep on top of technology and understand it, or at least know what they don’t understand and bring in those that do because it is being seen as really a base requirement of competently representing your clients. And so more and more courts are kind of latching onto that, so we talk about it throughout this presentation.
So let’s jump into the first topic, the ever-expanding data universe. And so as I said before when we first started it was just computers and servers, laptops, and backup tapes, and pretty standard stuff. Now its chat and instant messaging and text messaging and social media and cloud apps, the internet and things, and a whole lot more. There are more places to store data than you could ever even imagine the possibilities. But let’s talk about some of the main ones. And the first one we’re going to talk about really is just one of the older ones, kind of with a new twist on it. Text messaging and instant messages have been around for a long time. They never have been quite as central to cases as they are today. More and more cases we’re seeing talk about pulling chats from systems like Slack and Microsoft Teams which we use here internally. Other sources like that, we’re working down specifically with a client came to us yesterday with a chat system that apparently has no real ability natively to pull out information.
And so two things to kind of keep in mind: Number one, if you’re going through litigation today and you’re not asking questions about chat system, be that like I said Teams or Slack, corporate chat systems, or Yammer or Snapchat or for the various instant messaging services that tend to disappear over time. It’s something that is more important now than ever because in the past most of those chat programs are used more for personal. People tended to spend more time on instant messaging and chat systems discussing personal items not so much business. Today it’s almost every business that has some sort of chat system installed, and it can become where the most important conversations happen. So it’s definitely something to think about and something you want to make sure you’re asking about in every single one of your cases. But beyond that, the most significant place that we’ve seen in the data collections in non-traditional places is social media, not that social media is not traditional, but it’s becoming so much more involved in cases today. Everything from employment and labor disputes to harassment cases, of course, those kinds of things come up on social media. Personal injury cases we’ll talk about some of those here in a minute. But social media because it’s becoming even more central to our lives, every business now has some sort of social media presence really, it is becoming important for every case to at least again consider it. It may seem like a case involving contract disputes or something might not involve social media, but we have to remember that social media is at the end of the day communications solution. And so just like you’re looking at email, you should be looking at chats, you should be looking at social media as well. And we’ll talk a little bit about how social media can win cases hands down in personal injury especially and medical malpractice cases and things of that nature. So 53% of lawyers reported an increase in lawsuits related to social media in the past two years and that was a couple of years ago I think. That is from a year or so ago. So increasing, even more, we talk about disputing medical malpractice or insurance claims, personal injury claims, that’s a big place for it. And it’s not, at one point people started to look to social media and say well this is private.
Courts have made it clear that access to social media will be compelled, especially public stuff, and even private. If you’re sharing messages on social media platforms with friends, and those are walled off from the public, they’re still fully discoverable, just like your email, or your private email would be. It’s really no different, course you’re looking at it just like another communication solution. It’s being used in criminal cases. This convicted felon was out on parole and he had posted drug paraphernalia and guns and photos onto his Facebook page I believe, and ended up violating his probation and resulted in going back to prison for at least another year. So even in criminal cases, it’s becoming an important thing. And as we note here it’s not just about messages, you can get geo-locations, you can know where people were on certain platforms and when they post, and you can identify other potential witnesses in the case when you look at a witnesses social media. You can see who they’re interacting with whether it’s your pictures or content or conversations, you can see whether the jury is tweeting during your trial. You’re using geofencing where we look at, for example, if we would have put a geofence around the eastern district courthouse we could have told the attorneys at the Al Chapo case that the jurors were tweeting, and unfortunately, no one came to us and asked us to do that. Plus you can also find out all sorts of affiliations of course, especially on things like LinkedIn and other professional platforms. So social media is not just about kind of that oh posting cat videos or funny pictures or things. There are all sorts of content on there, and just like email was 10 years ago, people don’t think about what they’re putting in social media. They’re not as careful, and they likely reveal what would behold the truth in a lot of circumstances. So it’s very very important.
The interesting thing is about how big social media is a part of the daily business. Now obviously email is not social media, but it’s put here for comparison purposes. 99.1% of workers utilize email and maybe surprising to you that 62.8% use external social networking for business. So external social networking a lot of times that’s LinkedIn for business, but it’s also more and more Twitter and Facebook, Instagram, and other things as well. Instant messaging is used by 58.4% of people now for business. These again are things that used to be thought of as social technologies or personal life things are now being used in the workplace. External social networks for personal use, those are again more like Facebook and Instagram, and internal social media platforms are also being used as well. There are companies that are creating platforms that are like Facebook for the internal. I think Facebook has an offering to, Barry, what’s the name of that platform? I can’t remember off the top of my head, I know you were just dealing with it.
Barry: It’s called Workplace.
Brian: Workplace. Yes, thank you. Workplace. It was work something or workforce, but it’s workplace, which is a kind of Facebook for just the office. So there are all sorts of places like that and again the reason we highlight these is because people don’t think about these solutions as being really business solutions, but they are more and more business solutions today.
So let’s talk about some real-life examples, and the best ones we have are personal injury cases we’ve been involved in because that’s where social media is really used. We do thousands of these requests a year. And one of them is what we call the “Lying Lifeguard” claimed an injury, Achilles tendon injury and couldn’t work. And lo and behold on her blog that we had found and social media site, photos of her climbing waterfalls in Bali and Australia, not exactly something you could do with Achilles tendon injury. And so clearly she wasn’t anywhere near as impaired as she may have wanted the court to believe and that pretty much ended that case. Another one, a bogus brain birth injury. There was a claim of medical malpractice with a child at birth. And the parents were claiming that the child had never been really mobile or athletic and was unable to enjoy the same activities of other children. Lo and behold their social media posts however talked about how the child had grown up attending football and soccer camps and was able to run a hundred-yard dash as fast as the 8th graders when as the child was in 6th grade or something like that. So again that pretty much ended the case, because it went directly against all of their clients. And so these are just some of the examples of social media being used, in like I said, personal injury cases.
But recently we did a case, and I can’t really go through the details of it, but for thousand dollars’ worth of social media investigation, the insurance company was able to very quickly, within the first couple of months, get summary judgment on a five hundred thousand dollar claim. And so you know the thing with that, social media, unlike other things in the eDiscovery, social media really cheap. It’s usually, like I said, maybe a thousand a couple thousand depending on how many websites and things you got to look at. But it’s really cheap. They could win the whole case for you.
So if you’re not looking at this data, you really should. When you talk about ROI, there’s not much in eDiscovery that gives you quite the same return on investment that social media investigation can do. And you should really do it early on. And one of the things we’ve been telling our clients as well is that they should be doing it on their own clients. We had a client recently, or a law firm we were working with, and lo and behold found out that their client was lying to them about an injury. Their Facebook posts showed that they were out having fun and dancing when they were supposedly injured and not able to move. So it’s just as important. We’re starting to see some plaintiffs firms to use it on their intake process, and running the social media because again, these are contingency cases. Some law firms pay accounts upfront it’s better to find out early on if there’s something that’s going in your client’s social media post that is going to either cause a problem or completely prevent the case from the very beginning.
So look at some most notable social media cases here. I’m not going to go through every single one because they’re pretty straightforward and all of the citations are there and you’ll be able to get this slide presentation afterward as well so you don’t have to worry about writing all of this stuff down. But you can look at some of this stuff. The first one had to do with trademark infringement. It’s not even personal injury or anything, it was all about trademark infringement and Twitter and LinkedIn posts were used to establish the claims in that case. Conviction in the second-degree assault based on Facebook evidence. Facebook shows that an employee termination was legitimate, in an employee labor law case. Social media considered as a factor in establishing minimum contacts for jurisdictional considerations.
Who would have thought, when we’re talking about jurisdiction and long arm statues and things of that nature that social media might come into play? And the last one is a case where the judge stated it’s not black letter law but it’s a pretty strong statement that it now should be a matter of professional confidence for an attorney to take the time to investigate social networking sites because as the cases above that point out, it’s just another source for evidence. It’s not limited to personal injury, it’s not limited in that kind of sense. It can be the smoking gun in the case that we used to all look at email to be. So definitely something you should think about.
And that brings on the case a question of okay well if social media is so important, there have to be preservation obligations. Of course. Just like any other evidence. You have to worry about preserving the data. And in some of the cases, I know that Barry, you’ve looked at a lot of these cases in a lot of depth and why don’t you come and run through them really quick?
Barry: Sure, thank you, Brian. The Gatto case is interesting in that the plaintiff here had a workplace injury suit against United Airlines and had deleted his Facebook posts when he noticed that there was an IP address accessing his Facebook that wasn’t expected. So he deleted his account and the person looking at his account was United’s attorney. And the United filed the motions for spoliations and one of the takeaway issues here is knowing that the Terms of Service are for the various social media platforms that are being used. And in Facebook’s case, they have a very short term period upon which after an account is closed, that they maintain the data. And it’s week or months or a month, not forever. When United noticed that the Facebook post was gone, they asked Gatto to restore it and it was not possible to be restored. In the Regal Entertainment Case, the counsel had not advised their plaintiff to preserve their Facebook account, and as a result Regal won a sanction for that, however, they did lose the case. They won four thousand dollars in cost for their discovery efforts, however, they did lose by a couple of million dollars in the final analysis. And in the next case down, the Katiroll Case, it’s interesting, it’s a trademark case and a trademark infringement case. The plaintiff was the established restaurant and a competitor opened up, used their same trade style, the same color of the font, same color of the logo, same font style, same menu style, and so forth.
And the defendant had deleted their posts and the plaintiff was able to have those posts re-established because the account for the defendant was still active on Facebook. So you know that’s an important lesson because that evidence is there, as Brian was discussing with the criminal case, what’s there is there and it is meaningful to the opposing party perhaps. In the Hawkins case – yes?
Mark: Sorry I want to tap in for one second because in regards to when you know somebody has deleted their Facebook account, can you just really quickly give a highlight on what that process might be to encourage or get the court to encourage them or force them to re-establish it?
Barry: Well that’s a two-fold question, Mark. The reason being is that you may not know that it was deleted until after the fact that Facebook had no longer maintained those records. So that is one aspect. The other aspect is that if you see a Facebook post that is important for your side of the case and it hasn’t been defensively and preserved, you can take a snapshot of the site and use that as an indicator that there was data up, there was information up, that should have been preserved. And hopefully retaining somebody such as us to do a social media defensible collection can be done in time. So there’s two-fold, one if the account is deleted versus two, whether the data was taken down. So there are two aspects to that.
Brian: In the Kaitroll federal case for example, hopefully, I’m saying that right, in that case, if I remember correctly the court – the plaintiffs – had seen that the plaintiff’s Facebook page had all of this information and noticed that it was gone one day. The court said I believe the court made them put the post back up as well as.
Barry: That’s exactly correct.
Brian: they did say to the plaintiff well you knew this was there, there’s a limited amount. There were still sanctions and things issued, but it was one of these things about, okay, well you knew it was there, you saw it was there, you’d taken, they had taken some preservation steps, the plaintiffs themselves did around the defendant’s Facebook page. They had some printouts or some forensically sound copies I believe of the information. But it was interesting that Barry is right, you don’t always know what was there and what was deleted. But this case makes perfect example that you can get yourself into hot water if you’re not telling your client that you need to preserve this stuff, just like you would tell that they need to preserve their email or anything else. And if they don’t, why don’t we skip down to the last one because that’s the one I think it is really amazing. Where the council is saying they told their client.
Barry: It’s the poster child.
Brian: Yeah, it’s the poster child. Five hundred plus thousand dollar sanction, I’d call that quite the disincentives for what happened. Why don’t you go ahead and do that?
Barry: In that case, the council had advised the client to clean up their Facebook posts and their profile, and delete pictures and deactivate their account. And as a result, the attorney was sanctioned over half a million dollars, and his client was sanctioned almost two hundred thousand dollars for following the attorney’s inappropriate advice.
Brian: So clearly preservation obligations and social media are a big thing to keep in mind. They can, just as much as social media, make or break a case. Failing to preserve social media can make or break a case just like any other exfoliation could. So a couple of last points about social media, some of the things people ask us all the time. One of the things you can examine, so public profiles of social media accounts. Keep in mind that a lot of these platforms, people can see who is looking at them. So you might want to just, it’s always better to have an investigator or a kind of neutral party go through and collect information, you review it later. But you can look at posts that are public. There is nothing inappropriate about that from an ethics perspective. You should be considering these. So you should be at least thinking about social media in every single case. Going to an expert because they can oftentimes help you understand how social media might play into a case where you might not even think, like trademark infringement, who would have thought?
Things that you don’t do. Do not, do not, do not friend or follow parties or jurors or judges. Judges are a little bit of a grey area, but definitely don’t follow, do not try and friend your opposing parties or jurors. Don’t simply print out social media profiles. Some courts, again that’s a little bit of a crapshoot because some courts will allow you. At the end of the day whether evidence is admissible is up to their guidelines obviously, but it’s the judge’s decision. So some courts will let you print out a social media page, like a Facebook page to PDF and consider that good enough. But not every court will. So again, this is, I can’t stress how inexpensive these collections are compared to anything else in litigation really, rediscovery. So it’s worth having somebody who knows what they’re doing to preserve those pages just to make sure you don’t face any problems with getting that evidence admitted later on. And finally, this should go without saying, but don’t hack social media accounts. If you find out somebody’s password. This happens a lot in kind of family disputes more than anything, where some are like oh I know my spouse’s password or I know my whatever friends password. Obviously don’t try to hack in or look into the accounts and look behind private walls or try and use somebody else’s credentials. They tell you oh I’ve got the credentials for that person’s Facebook group site you can look into – just don’t. If it feels wrong, it’s wrong. It’s definitely going to be wrong here. Just don’t try to sneak around and poke into somebody’s Facebook or other private accounts. Either you can compel that private stuff, use subpoenas, or you can get a professional to come in and help you manage that process as well.
So some of the other kinds of data areas we’ll talk about pretty quick because these are topics we’ve covered in the past that are becoming more common. The Cloud, sure. The Cloud in 2010 and 2011 was a new thing. Today whether you know it or not, almost everybody’s got something in the Cloud somewhere. You know Twitter and Facebook and a lot of those things, well maybe Facebook not so much, but they were on their own. Even Netflix runs and Amazon I believe. So the Cloud is just a marketing term. It’s a better data center experience essentially. You might hear people talk about a private Cloud, but that just means that instead of shared resources, and when we talk about resources we’re talking about storage and computers and servers and databases and whatever, Clouds really take all of that stuff, mash it into one big piece, and then let everybody use the individual resources that they need to.
A private Cloud just generally refers to someone’s data center. It really is. It’s a really nice marketing term, but a private cloud is really just a data center run on virtual machines probably. So in essence, the funny thing about Cloud computing is, it’s really a return to the client-server mode. It’s this idea of everything running on a central machine somewhere and more and more of our computers becoming more like dumb terminals of the path. But it’s not something that should scare you or concern you at all. It really just kind of talks about the architecture of the computer systems and it has very little to do with whether or not you can collect data. Your obligations still stay the same. What are some examples? Well, of course, salesforce.com is probably one of the biggest examples and in the business world of a Cloud it was, I don’t know who the first was, they’d like to say they’re the first, they were really truly the first kind of Cloud internet in business really. They were the Cloud before it was called the Cloud. Oracle and Netsuite there, Quickbooks, Sage, Dynamics, Gmail of course, Office 365, Macmail, Hotmail, all of these things. Office 365 and Google Docs, Evernote, AWS, all sorts of different things are in the Cloud these days.
And again, this isn’t something that should scare anybody or concern like oh what’s in the cloud, what are we going to do? Again, it’s just really about the machine architecture. The computer is the computer is the computer, the data is the data is the data. It’s still there, it’s still available, you just gotta know where to look. And we’ll talk a little bit about how to find it here in a second.
So cases implement Cloud computing pretty much everything. So intellectual property, commercial disputes, employment labor, product liability, criminal. You know, how would product liability possibly involve the Cloud? A lot of companies are building their database systems such as tracking the product liability claims in things like the database system that Salesforce uses, I think it’s called force.com. You can build entire solutions on it, all customized and you could use it to track a product manufacturing, product complaints, whatever have you. There’s really pretty much anything that involves electronic information today that could implicate the Cloud. And so the thing to remember about that is that at the end of the day it doesn’t change your base obligations just because something is stored in salesforce for example, doesn’t mean that your responsibilities to maintain that information, to preserve that information, to put a legal hold on that information, to collect and review that information and produce it is no different because it’s in the Cloud as if it was a server on your client’s data center.
And the best case for that is this Brown versus Tellermate case. It’s a couple of years old now but it’s still probably one of the best cases I’ve seen that deals with this issue because it has so many different parts to it. So essentially what happened here, in this case, is that a salesperson had been fired for non-performance and was saying well, they had met all the performance criteria and met their sales quota, and they wanted to use the Salesforce information to prove that – the person wanted to pull the information from the company’s sales force to prove that phone calls were made, and quotas were made, and activity was there, and sales were there, and everything because everything they do, for anybody who uses Salesforce or really any CRM to its fullest extent, you can use it to check and see all the different communications. How are your salespeople really performing? Are they sitting in the office twiddling their thumbs waiting for the phone to ring? Or are they making calls every day like good salespeople should? And so in this case, which was all about whether or not the salesperson performed – they wanted to use the Salesforce data. The attorney went into the court and said, Your Honor, we have no control, we don’t own Salesforce and the information is in Salesforce’s computers, we can’t do anything about it.
And there were also claims because instead of preserving that information, they just assigned that old salesperson account to a new person who then began overwriting all sorts of stuff through his normal activities. Obviously the new salesperson wasn’t intentionally doing it, it was just because they reassigned the exact same account to a new person it started dirtying up the waters. Well come to find out Salesforces own contract, and you’ll find this in most enterprise-level cases in those enterprise-level meaning business solutions like Salesforce that are really sold to corporations, and enterprises are going to have a clause in it, almost every one of them, that says your data is yours. It is owned by you the customer, not by Salesforce the company. And so faced with that, the court wasn’t too happy because not only a council misrepresented it, it wasn’t necessarily intentional, but counsel didn’t know the truth.
They didn’t know the reality, didn’t really investigate it, and didn’t know what they were talking about. And instead of going out and learning about it or finding someone who knew about it, they just made assumptions based on what they thought to be the case. It ended up not to be, the court ended up sanctioning the court and the council, issued an adverse inference that excluded the defendant from using their strongest defense strategy at the case because all this evidence had not only then sort of destroyed or dirtied up or muddied because the preservation wasn’t done correctly, but also because the misrepresentations in court that the company had no ability to do anything when in truth it was all, they had full power over their data and they could get it at any time they wanted to.
The last thing that we’ll talk about real quick is the Internet of Things (IoT). This is probably the most cutting edge thing as far as data collection goes these days, depending on what you’re talking about. I don’t need to go through all the statistics, you can just see 42 billion connected devices by 2022. I don’t know what is that, six devices per person in the world or something? It’s a huge amount of things. What is the internet of things? Everything from the Smartwatch on your wrist to the smart toaster in your kitchen. It’s anything that can store information and is connected into the Cloud or the overall internet.
More and more devices from smart scales to pretty much everything has all this information. Here’s some examples: car dash cameras, thermostats, manufacturing monitors, wearable trackers, home assistants like Amazon and Google, security devices, devices for seniors. Why do we even bring this up? Why are these important? Because these devices, and I actually just wrote an article about this, called “Alexa, Can You Be Used against Me in Court?”, because we’re starting to see cases where people are requesting the history from the Alexa device. I’ve seen some other cases where criminal investigations have subpoenaed Amazon for records of suspect’s recordings, because who knows what might have been accidentally recorded by that device? Maybe during a murder scene someone yelled out at Alexa for help, and at any moment now my Alexa device is going to start talking to us but probably should mute that, there we go. So there’s all sorts of information. If you’re in a personal injury suit and you’re claiming you can’t be mobile or whatever, well great. You guys see you’re wearing a Smartwatch. Let me see all of the information about your physical activity over the last six months.
It’s the idea of what information is available out there from these internet of things devices that are only limited by your imagination. So again this is a great place to have someone who is really familiar with these topics be able to go through and help you figure out how devices like this might factor into your case. And again it’s not just about personal injury, it can be about all sorts of other devices. Just showing you the rapid growth of these devices over time. The interesting thing here is that if look at this kind of growth of devices over the next projected through 2025, one interesting thing we saw about this is here’s kind of like all the standard devices right like computers, laptops, cell phones, things that we’re familiar with, and that doesn’t really grow that much. It grows from 10.1 billion to 12.7 whatever. It’s really the internet of things devices that goes crazy, and because more and more devices are being connected over time and it’s going to just become a huge source of information especially as we go forward in the future.
Oil-field example, there’s sensors on machinery that sends alerts with data and technicians that troubleshoot and fix places remotely, but well things go wrong, some of that information diagnostics could factor into product liability issues, could factor into negligence suits, could factor into environmental damage suits, all sorts of different places. Wireless sensors and enable chemical companies to monitor the location and condition of cars used to transport its most hazardous products involved in an accident, you can see that information being pulled in for use there. And it just kind of G-sensors and jet engines. I think I heard something along the lines of there’s a terabyte of information created with each new Boeing aircraft flight? So it’s a huge amount of information.
We already kind of talked about identifying and handling these resources. Again, it’s best to find somebody who has had experience in this because if you haven’t had the experience, it’s hard to think about how some of this might play into the case in front of you today. The biggest question first is, what is are we talking about in a case? What is even the potential world of these devices that might be out there? Once you do that, then you’ve gotta figure out where the data is. The data on my Fitbit might only go back a couple of days on my device on my watch but could go back years in a Cloud database somewhere. Who controls the data? Again, is it a corporate device or is it a personal device? Even with most personal devices the person still generally controls the data. Usually, there are some differences between that, but at the end of the day in most places, it is still your data, or at least you have access to that. And again, how to format it? How to collect it and review it, different things have different solutions. And we’re faced with this all the time where people come to us and say, here’s some product we’ve never heard of, wasn’t really designed for your discovery, how do you get through that? And how do you identify and use that information? It’s always a challenge. We talked a little bit about this already – what type of devices.
And the last thing we’ll talk about is now that you know all these issues, how do you go about identifying this? We’ve talked about all these different things – internet devices to all these Cloud devices to Facebook to Twitter to everything else – how do you figure out what is there in the first place? Well, involve the custodians. Image that. Just talk to the people who are involved. You actually have to go out and have those old fashioned custodian interviews. And one of the best things, it’s the best identification method available, these guys that were involved in the cases know where all the information is. What is out there, what could be out there, where all that information lies. Then years past where we could rely on the IT personnel today, it’s more about going to the custodians because a lot of times IT doesn’t even know an organization about all the different things that companies are using.
So the last thing I’ll say is how to find out a lot about this. You can do the custodian interviews, but the best thing to do is custodian questionnaires. We use a product called TotalDiscovery. Full disclosure, we created TotalDiscovery and we sold it off several years ago. But that’s what we use for custodian questionnaires. There are other tools out there, Legal Hold Pro has a toll, Total Discovery tools. I would recommend, at the end of the day custodian questionnaires, electric custodian questionnaires are just surveys. They’re just a list of questions. And you can ask questions not only about where people keep their data, and what systems they use, if they use social media, whatever. But you can also ask them were you involved in the development of this product? Were you at this board meeting? What was said on this day? You can ask them factual questions as well because these are all covered by the attorney-client privilege. I would recommend, do not use free engines like survey monkey out on the internet because the reason they are free is that they use your data. You want to go and look for a system that doesn’t use your data, and you gotta pay for it. It comes with security.
Qualtrics is a platform for that. Again, Legal Hold Pro and Total Discovery are two probably the more common platforms just because they’re completely web-based and there’s no software involved. Couple others out there as well. But it’s quick. You can run this, you can get the information, you can collect it all in one place, you can figure out which custodians really are central to the case where most of the data reside. It is probably one of the best tools. And again, really really cheap part of the discovery process. Highly recommend using custodian questionnaires. So that all being said, let’s talk about cross border eDiscovery challenges. And for that, I’ll hand you over to our international data expert, Barry Schwartz.
Barry: Well I don’t know if I’d go that far Brian, but thank you. With cross border eDiscovery, there are several concerns or challenges that we need to face. One of them is the technological considerations. The internet is pretty well available almost worldwide. So connecting, getting the data, reviewing the data isn’t so much an issue anymore. But, you have to be concerned with language, regional rules and applications, and attorney practice policies and so forth. I was just talking with a client this morning in Europe, and they had a discovery question on how to do document review with hundreds and hundreds of issues that needed to be coded for because that is what the request contained. There are also the issues of being able to understand documents and local idioms, phrases, customs, and so forth because what makes sense in American English may not make sense in British English or in French or German. Things like that are of concern to attorneys in the US when dealing with foreign language and foreign location custodians. And then the big issue with cross border eDiscovery challenges today is data privacy and security. How do you do international collections? Well, we have a solution for that which is remote collections, or the collections can be done locally and sent to the Cloud. There are issues with where the data can reside. In some instances, we have cases in the Far East and Europe where clients want to keep the data local. So then we need to have solutions with respect to that.
And then the big elephant in the room still is GDPR. Now let me talk about a couple of issues with respect to GDPR, which is the European law which governs privacy and use of data for EU residents, and regulation in the EU equals law in the US. In the GDPR the overriding concern is the privacy in the EU is a fundamental right. And thereby requires the custodian to be informed of the reasons why their data is being collected. You need to be specific in what is being collected. We can’t just collect all emails from a custodian. Typically, the custodian needs to participate in what is being collected. We have to explain why it is being collected and how it is going to be used. One of the key considerations is obtaining the clear consent of that custodian, noting that the custodian’s consent can be withdrawn at any time. That has implications in the US and I don’t think that there’s an answer to this when a custodian withdraws consent and that custodians documents have been used in pleadings and so forth. That’s too late in our opinion, but I don’t believe that that particular issue has yet been tested in the courts. There is an exception to the custodian’s consent and that is a legitimate interest to do the collection. And again, that has not yet been tested in the courts.
Brian: I’ll just chime in there on the legitimate interest. Quite the government thing to do, right, but out a very grey term. And so it’s the legitimate interest may be an exception to a lot of this, but a lot of the commentaries will say that there is nothing that is certain that the European courts would look at American discovery, which is a lot broader than most European solution, would be seen as a legitimate interest. It is a significant question. To us reading that, do you read the statute to be like oh, of course, it’s a legitimate exception! But you have to remember that this is all looked at through the views of a European lens, not an American litigation lens. And so that’s why people are very reluctant. There is no real understanding of what a legitimate interest could be, it’s a completely undefined term.
Barry: That’s correct, and to our knowledge, it hasn’t been tested yet in the courts. And then with financial repercussions, we’ve already about the 50 billion dollar fine I believe against Google, and lesser fines against other companies like Marriott and so forth. And that is a critical concern because the penalty is a percentage of your net worth, not just a calculable normal fine. So beware when you’re dealing with European data.
Brian: Just a net revenue, Barry.
Barry: Well it is a big penalty regardless and there are similar laws popping up all over the US. California’s data privacy law is going into effect on January 1st, and we see now that our clients are distributing service provided addendums, which are related to consumer privacy across the country and a catch-all clause is being included in those now that says well, we have the California law that is going into effect, and we’re also saying that our addendum is going to apply to any similar laws that go into effect. So corporations are getting wise to this particular risk and they’re papering their risk by sending addendum contracts out to their various vendors and resources. And as Brian was mentioning, in the Kaplan report he also quoted that 53% of corporate respondents and 71% of law firms today are concerned that the GDPR is impacting their eDiscovery efforts. And going back to one of my earlier points, in Law 360 today, most enforcement is circulating around data custodian consent and the proper use of that data once it is collected. And we advise our clients that when in doubt, always retain local counsel who can advise you on your privacy obligations in foreign jurisdictions.
And this is interesting. We inserted this meet and confer section into our presentation because it’s an old topic, but it has become a hot topic today. Rule 26 meet and confers go to the whole notion that Brian mentioned at the outset which is preparation, preparation, preparation. Being aware of the various timing requirements, what subjects are good to be covered, what issues regarding disclosure and collection need to be addressed, issues regarding privilege, what local rules come into play, and any other court orders that are on the table that are impacting you and your opposing counsel need to be discussed upfront so that you have a plan in place that you’ve agreed to that obviates any risks down the road that you haven’t done anything appropriately. And to that end, having an ESA protocol in place early in a matter is critical in our opinion. And as I said, we see this over and over again. Almost daily we’re talking with clients who do not have a protocol in place, have not clearly discussed what they’re going to be providing in terms of production and identifying or identification of custodians and search terms, privilege considerations, production methods, deduplication, and all these other bullet points here that aren’t being addressed early in the case. And doing that early in the case allows for minimizing of any surprises. Well, we got a production, its PDFs, and they’re not searchable. Oh my, was that covered in the protocol?
Brian: Yeah let me just throw in there. So the model protocol, like Barry said, if you’re not doing a model protocol, we have sample forms and there are sample forms all over the place for this stuff, it covers all these kinds of topics, it makes sure everybody is on the same page, it’s going to save clients a lot of money because it’s just so much easier to agree to this stuff. It’s not so much of an argument anymore. There used to be a lot of arguments about what metadata was going to be produced or were you going to do native excels or whatever. So much of that is just standard practice but still having this document clawbacks. Generally, these protocols will have a better processor on clawbacks than the federal rules provide for and they’re in their fight if you agree to it. But one of the things that where we see protocols come in really really handy is corporate clients. We have corporate Clouds so we deal matter over matter with. And by having a standard protocol that the corporation uses in every case will not only make it so that the whole eDiscovery process in individual cases goes smoother with less disputes, but also it becomes a workflow. It becomes the basis for turning this into a business process, meaning that it’s done exactly the same way every time. And anybody whose every studied any kind of Six Sigma or Kanban or any of these workflow and business management things, one of the basic tenets of all of that is to have a clear, concise, easy to use, repeatable process that just works every time. And so you can save yourself tons of money if you’re a corporate litigant who especially is involved in a number of litigations just by having this process that you follow every single time – the same process. Just wanted to throw that in there too.
Mark: Okay guys, we’ve got about six minutes left and one topic to cover still.
Brian: It’s relatively quick because we’re just going to talk about some updates in talk.
Barry: So with the TAR, which is a broad topic in and of itself, word of wisdom virtually every case the BIA touches today, we use technology in some fashion – advanced artificial intelligence. And the way the various aspects of AI and TAR that we utilize, and can be utilized in every case, is email threading so that only the most inclusive email and its attachment are reviewed. Near deduplication which allows for group of documents that have similar content that then allows reviewers to get through those documents much more quickly. It can be used for relevancy review. Is it relevant, is it not relevant? Other areas that are really really important with respect to technology assisted review is looking at your opposing party productions. What documents did they include that you didn’t have? Or what did they not include that they should have included? As well as with third-party reviews, the same with privileged reviews. Being able to group your privileged documents together to that your privileged calls are consistent across documents so that redactions are consistent and correct across documents as well. And it can also be utilized to look at specific issues, hot issues as an example or a production issue. You can be as specific as you want and as narrow as you want because you can have subsets of documents to review. With relevancy review it also allows for looking at the documents that are most likely to be responsive to whatever issue you’re looking at first. And as I said, we’re using it in most cases and attorneys today, as Brian said at the outset, 88% of corporate respondents and virtually 100% of law firm partners have used predictive coding in their practices and in their businesses.
Brian: I’ll just say really quickly there, one of the things I just wanted to make clear on technologist review and AI specifically, it’s not just for predictive coding anymore. It’s not just for, hey we have a million documents let’s review fifty thousand or a hundred thousand and then use that artificial intelligence to make the decision on whether or not the other nine hundred thousands are responsive or not. That’s the traditional use of it. And by the way, for whoever that thinks that’s new, the basis of that technology was introduced 200 years ago, and it’s been the same technology that Amazon and Netflix and Pandora have been using to predict your next favorite movie is going to be or show or whatever. But more important than that, kind of what TAR has been traditionally been used for is all this other stuff. It makes deduplication that much better, it makes email threading that much better, it makes conceptual clustering that much better. It allows you to do all sorts of cool stuff that you could never do before. It allows you to do all sorts of efficiencies, making sure you have similar calls and similar redactions. It’s all about using this technology for much more than just technology assisted review, or predictive coding. I think that’s probably the most recent experience. There’s one recent one we did here, Barry, you want to just cover really quick since you were involved in this case?
Barry: Sure. It was a client who had, as you can see here, 115 or 116 thousand documents. One attorney was able to plow through and identify with a high rate of precision in recall only having to review just over four thousand documents. And as a result, this is the most traditional TAR application of reviewing a few documents to get to the end result, that client saved 127 thousand dollars, versus a straight linear contract review that would have been done in the old days which the old days might have been two, three, four years ago.
Brian: And so that brings us here. We were hoping to save five or ten minutes, we’ve got a couple of minutes. We’ll be happy to stay on for longer than the call is to go through some questions. I’m hoping that Mark, you’ve got some questions cued up that everybody’s been asking during the slides, so why don’t you go ahead and shoot.
Mark: Thanks. The first one is about Microsoft Office 365, is the basic eDiscovery service provided through 365 enough?
Brian: I’ll take that one. So this is interesting because we use Office 365, and I’ve had a lot of experience with this. We help customers deal with Office 365. It’s a great platform for your Office 365 materials. So is the basic good enough? It’s hard to answer that question without knowing exactly what your needs are. It’s going to be good for some small cases. It’s going to be good for some basic eDiscovery. If you want to do more advanced stuff if you’ve got huge amounts of custodians and huge amounts of data, the advanced functions and the advanced capabilities inside of Office 365 compliance center are going to be better for you, although there is a higher cost to that. So really, when it comes to answering that question, it’s good to get specifics. Consult with someone who knows these solutions and can understand your business better, and then help you figure out whether or not that basic tool is going to solve those needs. It’s definitely not a one size fits all solution. That being said –.
Barry: Let me add one point with 365 and that is the searching capability within 365 is somewhat limited. You’re not able to do the complex searching they might be able to do in a more advanced platform.
Brian: Yes. And the other important thing to keep in mind is two things. First off, obviously anything outside of Office 365, any webmail and social media platforms, and they may have placed on servers in most cases, are not going to be reached. Office 365 eDiscovery and compliance center is going to deal with the information you have in Office 365. What does that mean? Well it’s obviously a 365 email, its teams, its OneDrive, its solutions like that. It doesn’t always mean now you can have it set up, you can have Office 365 set up to track data on local computers in certain solutions, but not always. So it’s important to remember that Office 365 is a great place to start, but it is never going to be a complete solution to your eDiscovery needs in the case. It’s going to solve your Office 365 needs and collections, but there’s a lot of other places to worry about as well.
Mark: We’ll do one more because we’re a little over time. What should the single top priority be for an organization to consider in 2020 in relation to eDiscovery best practice?
Brian: There’s so many of them, we just went through so many of them. I would say the single most important thing to worry about is preserving data because that’s where it all starts. If you don’t take the right steps, and I say that because as we talked about in the beginning, there’s so much data out there in so many places. And if you don’t start a case by really going in, talking to your custodians, doing custodian questionnaires, understanding your business, talking to the ITR, understanding your client’s business, talking to the IT team, and really understanding what data is out there. If you don’t know what’s there, you can’t protect it. And if you don’t protect it, you’re either going to lose data that is crucial to a defense, or you’re going to be facing exfoliation motion and losing your case. There have been cases in the last year or two even where companies have been fined millions of dollars just for preservation lapses, having nothing to do with whether or not their underlying claims in the case report. I would say it’s that digging and figuring out what the universe of data looks like at the very beginning of a case because you gotta preserve that data pretty quick, and if you don’t do it as Barry said, a lot of this stuff is Facebook. You get something, you delete something, and its gone a couple of days later. I think that’s the most important.
Barry: We have time for one more question Mark, how about one more?
Mark: Well this is again about custodian questionnaires. There’s a follow-up to what you said earlier. Why is it important to keep custodian questionnaires long-term? And could you again maybe restate some of the vendors that supply that.
Barry: I’ll take that one, thanks, Mark.
Brian: Oh, thank you Barry.
Barry: Well preserving that data is just like even though it can be considered attorney work product, and it typically is attorney work product, the information that’s collected and utilized helps guide your case and you may want to go back and look at the answers again. And we’ve seen this happen in several instances where a custodian questionnaire was created, answered, and reviewed three or four years ago, and it has gone back. It’s a source document for information to guide the attorneys and in-house personnel on where data is and who was involved with the case and so forth. And that it’s a repository of that kind of information. And it also allows you to triangulate questions so that you can see whose answering a specific question in a given way. And then in terms of vendors, there’s BIA, there’s Xterra, there’s Approved and a couple others that have defensible questionnaires where the data is not like Survey Monkey where it’s up in the Cloud and used for other purposes. These vendors have it in closed systems so it’s valuable in.
Brian: Secure systems, yeah. So most of the Google pro tools cover it even Cloud-based solutions, but they’re private, the data is your data, they’re not going to use it for anything else, and it’s really a completely different approach to it. These kinds of free survey engines are using your data to power other things as well and analyzing it. You don’t want to do that just from attorney-client privileged perspectives. So anyway. But those are great solutions out there, and if you’re not using them today and most of them a couple of hundred bucks or something it’s really cheap to run through those solutions and highly highly highly recommend it because you’d be amazed how much information you can learn from a good custodian questionnaire.
Mark: So with that, I’ll thank the ACEDS community and everybody else that attended today’s webinar, Brian, Barry, great job. You guys sprinted through a marathon worth of information and did a great job as always. For those questions that we didn’t get to answer, and there was quite a few of them, we will do that. We will send everybody on this webinar a link to the BIA blog, and also answer some individually where appropriate. Mary and the team at ACEDS again, thank you very much. We certainly appreciate these opportunities.
Mary: Well thank you, Mark, and thank you, Brian and Barry, for a wonderful webinar. Thank you BIA for making you all available to us, and thank you, everyone, for listening in on the ACEDS’ webinar channel. Stay tuned for tomorrow’s ask the expert, we’ll have the ubiquitous Jerod and Kaylee.