- 0 Comments
Two years ago we published an article on techniques for recovering old, erased or otherwise hidden data from computers for use in litigation. (See the article Electronic Discovery in the Legal References section of our website.) But that is only one aspect of the problem. A more common problem now is how to deal with the sheer volume of data companies have.
“One of our clients has 42,000 backup tapes holding 2500 terabytes of data,” says Bob Gomes, CEO of Renew Data Corporation, a computer forensics company headquartered in Austin, Texas. “The Library of Congress has only 10 terabytes of data.”
And this will only get worse as computer storage continues to grow and more and more data only exists in electronic format. This affects both parties in a discovery request.
“There is such a volume of content out there that you have to be a litigant with deep pockets if you are going to ask an army of lawyers to read every document in a discovery request,” says Geoffrey Bock, Senior Vice President for the Patricia Seybold Group in Boston. “Fortunately, we are getting better tools to organize, categorize, and analyze documents.”
An E-mail is Forever
The ability to easily create and distribute electronic communications has completely altered the nature of discovery.
“As business uses e-mail and text messaging, you are not dealing with formal documents such as memoranda, contracts and research reports,” says Bock. “You are dealing with a wide range of ephemera and idle comments.”
But those “ephemera” are not very ephemeral. Even a quick e-mail asking someone to lunch will stay around on the company servers and backup tapes for years after the user thinks it has been deleted.
“E-mail has become the trace engine of litigation,” says Bock. “Bill Gates may be casually saying something to his staff about crushing someone, but if you use e-mail, all of a sudden it is discoverable five years down the road.”
The same applies to voice mail, as Hewlett-Packard CEO Carly Fiorina found two years ago during the fight to stop H-P’s merger with Compaq.
From a business standpoint, the biggest problem is limiting the amount of data that companies retain. When dealing with paper documents, it is fairly easy to just toss a note in the trash or to set up a policy to shred old files after a certain number of years. But that can’t be done with electronic documents.
“We’ve talked with over one-fifth of the Fortune 500 companies regarding retention policies, and they all have the same problem,” Gomes continues. “None of them can implement document destruction polices because no one can get rid of what’s on backup tapes since you cannot selectively delete files from them.”
Adding to the complexity is the growing number of regulations covering what data must be retained, in what manner and for what length of time. Well-known examples include the Health Insurance Portability and Accountability Act (HIPAA) and Sarbanes-Oxley, but those are just the tip of the iceberg. Researchers for the Milford, Massachusetts-based Enterprise Storage Group (ESG) last year found over ten thousand state and federal laws and regulations pertaining to data creation, storage, access and retention.
Some of these records must be kept for extensive periods of time. OSHA, for example, requires the retention of certain employee and medical records of individuals exposed to toxic chemicals for thirty years after an audit. HIPAA requires hospitals to keep medical records for two years beyond a patient’s death. ESG estimated that, as a result of these factors, “[T]he worldwide capacity of compliant records will increase at a compound annual growth rate of 64%.”
Those are just the records that the government requires companies to keep or face financial or criminal penalties. It doesn’t include all the data that companies need to run their business.
Narrowing the Scope
Whether you are a large corporation or a law firm, managing discovery data can’t be done efficiently on a case-by-case basis. It requires a strategy.
“Litigation is not an event, but a process,” says Gomes. “The average large corporation has 125 non-frivolous lawsuits going on at a time, with two to three a month coming in and going off.”
Managing ongoing litigation requires putting in place some infrastructure to competently manage the floods of information involved. Part of this involves standardizing e-discovery procedures.
“E-Discovery is fundamentally a set of analytic processes and there are a set of predefined steps to go thru,” Bock explains. “Law firms need to categorize those steps and find ways to automate them.”
Given the huge amount of information to sort through, a first step usually is to meet and confer to narrow down the scope of the request. Just using the old “any and all” type of document request that is common when dealing with paper discovery is cost prohibitive when dealing with electronic data. This is particularly true when requesting files from backup tapes.
“Attorneys don’t always know what they are asking for in e-discovery,” says Scott Stevens, an account executive for computer forensics firm New Technologies, Inc. “They don’t understand how much data there is in a megabyte or how many files are on a 20 GB backup tape, which results in a lot of large bills.”
Before that data can be searched or examined, it must first be loaded back onto a computer. This restoration process alone can take several hours for a single tape with the cost running in the hundreds of dollars. That is not counting the time needed to then look at the data and decide if it is responsive to the discovery request. The request should, therefore, be narrowed down to the exact files needed. In a case such as the one Gomes was working on where the client had 42,000 backup tapes, just the cost of fully complying with the plaintiffs’ request would have affected the case outcome.
“If the plaintiffs had won on their discovery request, the case would have settled just because of the cost to produce,” he says. “But the judge disallowed full discovery, just requiring the defendants to produce from backup one tape and 70 users.”
Finding Out What’s There
Once the scope has been narrowed down to those files which will be most relevant, there is still the matter of locating the files and deciding what to produce. This is where tools come in. There is simply too much data to go through manually. One of the first steps is to remove all duplicates so that you only have one copy of each relevant document. The number of copies can get quite extensive.
“Let’s say I have a Microsoft Word file saved in MyDocs and I e-mail it to ten people who also save it,” says Gomes. “If those get backed up daily for five years, there are more than 20,000 copies of that document on tape.”
Then you need a means of quickly and easily searching and analyzing the information.
“Part of the problem is the cost of discovery because of the amount of content to go through,” says Bock. “There are automated tools which can substantially reduce the wholesale cost of discovery.”
He advises evaluating such tools based on three features:
Content forensics – The ability to organize content from disparate sources and to make sure it can be brought up on the system.
Content analysis – The ability to use advanced tools to analyze content and determine meaning.
Visualization – The ability to create inferences based on the content analysis and present these relationships to the user visually.
A tool that he recommends is Attenex Patterns, software originally developed in-house at Seattle’s Preston, Gates & Ellis for managing documents in the Exxon Valdez litigation and now being offered commercially by Attenex Corporation. Other options include AccessData’s Discovery Cracker, Fios’s Prevail and Kroll Ontrack’s ElectronicDataViewer. Another option is to use an enterprise search engine. (See article on page 2.) But regardless which product you choose to analyze potential documents, you want to put it to use early in the case.
“You need an analysis framework for quickly and cost effectively sorting through the e-discovery request and determining whether there are any ‘smoking guns’ in the e-discovery,” says Bock. “You may make the determination early on that you want to settle rather than provide the documents.”
In 1999 the American Bar Association adopted its Civil Discovery Standards. Recently, the ABA’s Litigation Section created a task force to re-examine these standards in relation to changes in electronic discovery. In November, the task force submitted some proposed amendments for public comment. These Amendments affect the existing Standards 29 and 30 as well as adding three new Standards.
The changes spell out in detail some of the sources where electronic data may be stored and give expanded criteria a court may use in deciding whether to compel production and how to allocate costs. It also changes how to deal with deleted data. Under the current Standard 29(a)(iii): “Unless the requesting party can demonstrate a substantial need for it, a party does not ordinarily have a duty to take steps to try to restore electronic information that has been deleted or discarded in the regular course of business but may not have been completely erased from computer memory.”
The revised Standard deletes that wording and replaces it with:
“Electronic data as to which a duty to preserve may exist include data that have been deleted but can be restored.”
The new Standards 31-33 deal with discovery conferences, attorney-client privilege, attorney work product and technological advances, as they pertain to electronic discovery.
To view and comment upon the proposed Standards, go to the Task Force’s web page http://apps.americanbar.org/dch/committee.cfm?com=CL320041