Clients demand low cost, low risk and low effort e-discovery.
The law (and outside counsel) demands admissibility and defensibility.
To defend challenges to admissibility we need to prove the integrity of the information system (Evidence Act). This supports our claim of authenticity (the evidence is what it purports to be) and best evidence.
Proof of anything requires documentation. The only way to prove authenticity of an individual record is with metadata. This requires appropriate (and secure) methods and tools for preservation and handling of potentially relevant data.
The integrity of the information system itself can be proven with evidence of compliance with a standard such as ISO 15489 (Records Management) or CGSB 72.34 (Admissibility of Electronic Records).
Good RIM practices are the foundation of the EDRM.
To defend challenges to defensibility we need to prove that our collection is complete (subject to objective claim of proportionality). This means our methods and tools for searching, collecting and reviewing must comply with the rules, developing case law and available and emerging technologies. Best practice is Standard Operating Procedure (litigation response plan) not Seat of the Pants.
Self-collection is frowned upon. Use of modern tools including machine learning is encouraged. Defensibility also requires co-operation and documentation.
NOT READY FOR PRIME TIME?
Most organizations that have gone through the pain of e-discovery recognize the benefits of a litigation response plan. Whether you are responding to a civil claim, a regulatory investigation, an access to information request, or participating in an arbitration, getting your hands on the relevant information quickly, efficiently and at a reasonable cost can be very tricky. Organizations that are ill-prepared are often taking big risks, wasting money and causing delays. For example:
GETTING STARTED - THE CRITICAL ELEMENTS
The basic elements of a litigation response plan include:
There are many references on the internet: search for "litigation preparedness" or "litigation readiness" or "litigation response plan." Here are a select few of the best:
Litigation Response Plan - series of videos and documentation from US lawyer Tom Howe. http://www.litigationresponseplan.com/
Stephen O'Leary - Litigation Response Planning. http://web.simmons.edu/~wilczek/ediscovery/oleary-armaboston.pdf
Government of Alberta, Litigation Readiness and Information Management, http://www.im.gov.ab.ca/documents/imtopics/Litigation_Readiness_and_IM_Tip_Sht_1.pdf.
Litigation Response Planning and Policies for E-Discovery, http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_036581.hcsp?dDocName=bok1_036581
Richard Medina, How to Develop and Implement Your Discovery Readiness Program - http://www.cmswire.com/cms/information-management/how-to-develop-and-implement-your-discovery-readiness-program-020464.php.
In a recent post here, Craig Ball asked for input on what one would "deem the essentials and wish-list items for technical competency in e-discovery lawyers." The slide show below is obviously dated, but it formed part two of a three part program I used to give to litigators in government and private practice. Part one covered the law and practice of e-discovery, and part three covered the technology of e-discovery itself - that is, what is processing, filtering, etc. Very few lawyers really want to spend the time on a course like this, but the feedback I received from lawyers who actually took the course was very positive. If I were doing it again today, I would have to add more details about mobile computing and the cloud.
The scope and method of data collection should be determined after a legal and strategic assessment of all the pertinent facts and issues in the proceedings, and in accordance with a plan, preferably as agreed with other parties, including regulators. Limited scope and improper self-collection (e.g. undocumented procedures) by clients can lead to serious problems down the road including:
On the other hand, full-bore forensic imaging can be costly, intrusive and unnecessary. There is no "right approach" or cheat sheet that covers all cases, because the proper scope and method of collection depend on many factors, including:
In addition to the legal and strategic issues around collection are the technical ones. There are many applications that purport to collect data forensically, and many experts out there with differing and sometimes confusing qualifications. Different methods, skills and tools must be used on different sources of data, For example, collecting Facebook pages is a very different exercise from collecting Blackberry text messages or deleted emails from an Exchange server.
Effective planning is the only way to ensure that collection is done appropriately for the matter at hand and in a cost-effective but defensible way.
Yesterday I had the pleasure of addressing a number of big firm law clerks and paralegals about the impact of e-discovery on litigation support. While eager to use available document management technologies, they complained that in many small document cases, lawyers couldn't justify the expense of scanning and coding into a database. They instruct their clerks do it the old fashioned way: photocopy everything multiple times, and prepare a narrative, unstructured list of productions in Word.
When I suggested that clients would be a lot better off paying for the efficiency of scanning and coding rather than multiple photocopied sets, I was informed that several clients of big law firms won't pay for photocopies at all. So, I suggested: if the firm is absorbing the cost of photocopies anyway, shouldn't it be trying to do things more efficiently?
Paper discovery (P-Discovery) is not free. If your clients aren't paying for it, you are.
In Siemens Canada Limited v. Sapient Canada Inc, 2014 ONSC 2314 (CanLII), Master DE Short makes a number of important observations covering many aspects of e-discovery, in particular, how parties need to co-operate on the meaning of "proportionality." I begin with some of the key points:
In 2007 Sapient won a five-year, $70 million SAP implementation project for Enbridge. Sapient subcontracted with Siemens for conversion and other services. Sapient assigns 120 employees and contractors to the project while Siemens as subcontractor assigns 38. Joint project staff are granted access to Sapient’s project document repository (ResultSpace).
Delays mount up and Sapient terminates the Siemens subcontract. In July 2009 Siemens sues for breach of contract for $20 million. Sapient counterclaims for $10 million for delay.
Siemens carries on discovery the old fashioned way, ignoring the 2010 rule amendments (in particular the requirement of a Discovery Plan). Siemens identifies all 38 project staff as custodians and collects all their data; performs key word searches, reviews and eventually produces some 120,000 documents. (Since it no longer has access to ResultSpace, all Siemens productions come from other sources such as email.)
Sapient also works traditionally (i.e. no meet & confer, no Discovery Plan). But they decide to unilaterally invoke the new principle of proportionality as follows:
Sapient initially produces just over 21,000 records, one-sixth of Siemens’ production, even though it has three times as many project staff.
During oral discovery, Sapient questions a Siemens representative on a document that was never produced. When pressed, Sapient admits that it inadvertently neglected the ResultSpace repository. In October 2012, two years after production was supposed to be complete, Sapient produces another 20,000 documents - effectively doubling its production.
Siemens brings a motion for further productions, including more custodians, transparency, and all documents relating to “project status”. Siemens attaches a “state-of-the-art” fifteen-page Discovery Plan (which is not appended to the reasons). While the parties agree on some elements, the main disagreement is about scope.
Is it really necessary (or proportional) for Sapient to add more custodians when so many documents have already been produced already, and the existence of any new emails that might be material to the issues is only speculative?
Is it really necessary for Sapient to find all emails relating to “project status” when this is already well documented in project status reports, meeting minutes and elsewhere?
Should the scope of relevance in the Discovery Plan be expressly limited by the words Subject to the principle of proportionality, as argued by Sapient?
Siemens was granted partial relief. Sapient was ordered to:
Despite the Master’s concerns that what is “proportional” can be interpreted differently by each party, and that otherwise producible documents might be withheld as a result, the Master agreed that it would be useful to preface the scope of relevance with the words Subject to the principle of proportionality in order to show that the parties have paid attention to the provisions of rule 29.1.03(3)(e).
No costs were awarded under rule 29.1.05 because the parties did not comply with the Discovery Plan rule.
 “The discovery plan shall be in writing, and shall include any other information intended to result in the expeditious and cost-effective completion of the discovery process in a manner that is proportionate to the importance and complexity of the action.”
 “On any motion under Rules 30 to 35 relating to discovery, the court may refuse to grant any relief or to award any costs if the parties have failed to agree to or update a discovery plan in accordance with this Rule.”
These are the words of a Canadian Senator, in relation to his advice to a fellow Senator, whose expenses were being audited. Is it OK to "clean up" your calendar, or your email, or your Facebook page, prior to an investigation? Does it make any difference if there is civil litigation pending or likely?
The auditors received a copy of the Senator's calendar from the Senator, which they describe as a "non-forensic" copy. They then compared it with a copy from the server, and surprise! There were approximately 500 deletions. The deletions on the produced copy were explained as having been made because of the "clean up" advice, to remove entries irrelevant to the audit, and to protect third party privacy.
My purpose here is not to comment on the political issues of this affair, but those that may be instructive for the purposes of e-discovery.
It will be interesting to see what happens as this Canadian political audit and now police investigation unfold. In the end, lawyers advising their clients should consider at least three things:
A senior manager is fired and sues his employer for wrongful dismissal. He believes there are e-mails in the possession of his employer that clearly show improper conduct. For him, the issue is not litigation preparedness, nor is it how to collect and review millions of e-mails. His concern is extracting out of the employer those key e-mails that will help him prove his case. In the event that he still possesses some of his own e-mails, for example on a laptop, his practical problem is how to extract and review his own e-mails in a cost-effective manner. For many years now, the global electronic discovery industry has focused on the biggest cases and the biggest law firms involving millions of dollars of costs. Little effort has been made to assess what is truly needed and proportional for the vast majority of cases where access to the electronic documents actually makes things more efficient for parties.