DiscoverReady’s New Year’s Resolutions

Happy New Year! As we turn the calendar to 2016 and reflect on what the year ahead might bring, I asked some of my DiscoverReady colleagues to share some of their resolutions for the new year. Here’s what they resolve to accomplish in 2016. . .

Phil Richards, Chief Technology Officer: I resolve to continue improving our e-discovery workflows to make those processes more closely mirror the science of information retrieval. I also want to do more work with clients to help them better understand their data from a “big picture” perspective. Companies are keeping too much information that has little or no business value, which drives up cost and risk—not just when it comes to discovery, but in other important functions, such as compliance and data security.

Amy Hinzman, EVP Review Operations: One of my resolutions is to persuade more clients and counsel to incorporate advanced analytics into their standard document review workflows. But the reality is that many matters still rely on good ol’ fashioned search terms, and so I also resolve to promote the routine use of our Search Term Optimization process to test and verify search terms, and boost the defensibility of search terms. And I resolve to move further towards “paperless” document review training.

Daniel Blair, VP Innovative Strategies: I resolve to educate more organizations on the need to conduct individualized data security risk assessments, and consider in-place protection for sensitive data. I also intend to encourage companies to explore how they can apply traditional e-discovery solutions in new ways, such as compliance initiatives and data privacy programs.

Sean McMechan, VP Project Management: One of my resolutions is to work towards a mobile app that will make all of our various project management reports available on smart phones. I also resolve to further automate our conflict resolution processes, so they are more seamlessly integrated in our workflows. And I will promote more use of our document repository solutions, which allow for easy reuse and comparison of coding calls across multiple matters—so many of our clients with significant litigation portfolios would benefit from this.

And what about my resolutions? I think Calvin put it nicely:

eDiscovery New Years Resolutions
Copyright © by Bill Watterson

Just kidding, folks. I resolve to ramp up my focus on the intersection of litigation and regulatory discovery with data security and privacy. And I also resolve to get even more creative about helping our clients find opportunities to make discovery more efficient, more effective, and less expensive. To accomplish that resolution, I think I need another one—valuable both in and outside of work—“listen more, talk less.”

The DiscoverReady team wishes you all the best in 2016!

Coming in 2016: Tougher New Data Privacy Rules in the European Union

European Commission and European Parliament officials last week agreed on a new set of data protection laws, intended to strengthen individuals’ privacy rights and create a more consistent set of regulations across the twenty-eight European Union member countries.

According to a press release from the European Parliament,

Data Privacy Rules European Union“The new rules will replace the EU’s current data protection laws which date from 1995, when the internet was still in its infancy, and give citizens more control over their own private information in a digitised world of smart phones, social media, internet banking and global transfers. At the same time they aim to ensure clarity and legal certainty for businesses, so as to boost innovation and the further development of the digital single market.”

Highlights of the new rules include provisions addressing:

  • Clear and affirmative consent to the processing of private data. Consumers will have more control over their private information, as consent must be manifested through some action clearly indicating acceptance of data processing. Silence can not constitute consent.
  • Plain language. The new rules prohibit “small print” privacy policies. Information must be given in clear language before data are collected.
  • Parental consent for children on social media below a certain age. Member states will set their own age limits for the consent requirement, but the limit must be between 13 and 16 years.
  • The right to be forgotten. This right, which will now be codified in the regulations, allows individuals to request that their personal information be deleted from the databases of companies holding it, provided there are no legitimate grounds for retaining it.
  • Breach notification. Companies will be required to inform national regulators within three days of any reported data breach.
  • Fines for violations of the regulations. Regulators may issue fines of up to 4% of companies’ total worldwide revenue for misuse of consumers’ online data, including obtaining information without consent.
  • Coordination among Data Protection Authorities. Cooperation among the national DPAs will be significantly strengthened to ensure consistency and oversight.

Importantly for those of us based in the United States, the new rules will extend to any company that has customers in the EU, even if the company is based elsewhere. The EU’s strict stance on privacy has often put their regulators at odds with American companies, which collect and mine data from social media and other web sites for purposes of advertising. But the tough EU privacy laws reflect a fundamental cultural difference between the U.S. and Europe when it comes to individual privacy; Eurpoeans view their right to data privacy as strongly as Americans view their constitutional right to freedom of speech.

The full Parliament will vote on the new regulations in the spring of 2016, and then member states will have two years to implement the provisions.

Stipulations for Discovery of ESI: America’s Next Top Model

In federal court—and in most state courts—parties must meet and confer at the beginning of the litigation to discuss various case management issues, and hopefully reach stipulated agreements about those issues. The discussions must address the discovery of electronically stored information, a subject that in too many cases causes needless amounts of disagreement, delay, expense, and overall angst among the litigants and counsel.

Why is the negotiation of ESI stipulations so difficult? For starters, many matters have an imbalance of e-discovery experience on opposite sides of the “v.” That imbalance can lead to protracted negotiations and difficulty in reaching practical, effective agreements. Another asymmetry often present in litigation can also pose ESI discovery challenges—where one party possesses a disproportionate amount of ESI subject to discovery (and thus bears an unequal burden), it can be more difficult for the parties to reach agreement. But even in symmetrical litigation, where both sides engage experienced, technically-savvy counsel, the complexity of e-discovery today (and the quick-changing nature of the technology we use) can still present obstacles to the efficient agreement of ESI stipulations.

Legal Technology Professionals Institute Stipulations of ESI Discovery

Enter LTPI to the rescue. The Legal Technology Professionals Institute is a non-profit trade association created for and run by legal technology professionals, which aims to represent the common interests of all participants in the legal technology industry. A cross-section of experienced industry professionals participate in its projects, with the goal of providing operational and ethical standards, best practices, guidelines, resources, forums, and public advocacy. I am proud to serve on LTPI’s Advisory Panel, and to work on one of the organization’s first projects—the publication of a model ESI Stipulations agreement.

Model ESI Stipulations Agreement

By creating a model agreement, we hope to give counsel and litigants of all levels of e-discovery experience a reasonable, practical starting place for their ESI discovery negotiations. The drafting team included legal technologists, defense-side litigation counsel, plaintiff-side litigation counsel, and in-house corporate counsel. Of course, there is no one-size-fits-all-cases agreement, and litigants will need to think critically about our suggested provisions before proposing or agreeing to them. But our document is a good place to start, and it covers a comprehensive list of issues. Please take a look at our public comment draft, which is open for feedback. This model agreement is a work in progress—we welcome your input, and intend to make frequent updates to reflect changes in technology and best practices.

And while you’re there, take a look at the very first project we launched, the Production Glossary. The glossary is designed as an educational resource on terminology used in connection with producing electronically stored information.  While a number of useful industry-wide glossaries exist, we could not find one that specifically discussed document production, nor one that discussed not only the “what,” but also the “why”—so we created one.

Finally, if you’re a legal technology professional, please consider joining LTPI. We’re looking for new members, especially if you’ve got great ideas for industry resources and the enthusiasm to bring your ideas to life!

Elektronische Beweismittel: ESI Discovery and the Volkswagen Emissions Cheating Scandal

ESI Discovery - Volkswagen Diesel Emissions ScandalMy household owns an Audi A3 “clean diesel” car, which unfortunately turned out to be not-so-clean. So, I’ve been closely watching the news about the Volkswagen emissions testing scandal. (In case you haven’t followed the story, last month Volkswagen admitted to cheating on U.S. pollution tests for more than 500,000 diesel engine vehicles, by installing software called “defeat devices.” The software detects when the car is hooked up to an emissions testing system, and reduces emissions during the test; once out on the open road, the emissions ramp back up, and the cars spew as much as 40 times the permitted amount of pollutants. Affected cars include Volkswagen’s Jetta, Beetle, Golf and Passat, and the Audi A3. Here’s a good recap of the situation from CNN Money.)

I’ve studied the news reports not just with personal interest, but also with professional interest in the significant e-discovery issues that inevitably will arise in the extensive investigations and litigation over this debacle. (The flood of lawsuits has already begun: As of this posting, 34 private suits have been filed., the U.S. EPA initiated regulatory action, and the U.S. Justice department launched a criminal investigation.) I planned to write a blog post about these e-discovery implications, but dang it, the estimable Craig Ball beat me to it, writing a great post earlier this week.

As Craig noted, electronic evidence will play a key role in this matter, because “computers were the instrumentalities of the fraud.” The scope of relevant electronic evidence in these cases will be broad, encompassing questions such as how exactly the cheat was effected, how it can be remedied, and who knew what and when. The types of pertinent information will be varied, including not just emails and the usual corporate documents, but computer source code, emissions testing records, vehicle performance data, and ESI metadata (which can be probative of when someone received or sent information). Effective preservation and collection will be particularly challenging, given that the most important custodians have a vested interest in NOT turning over their incriminating evidence.

The e-discovery battles will be hard fought. Some of the country’s most respected class action plaintiffs firms filed cases—and in one suit, the plaintiffs’ team includes a powerhouse defense-side firm, Quinn Emanuel. Volkswagen retained Kirkland & Ellis, no stranger to complex e-discovery in high-stakes litigation. So those of us working in the e-discovery trenches can expect to learn about some fascinating disputes in the months (and years) to come. Buckle up—this scandal has us roaring down the autobahn.

Have questions about complicated e-discovery challenges in big-ticket litigation? Contact me and let’s chat.

Litigating in California? Be Sure You’re Ethically Competent in e-Discovery

Last year the State Bar of California Standing Committee on Professional Responsibility and Conduct issued two draft opinions answering the question “What are an attorney’s ethical duties in the handling of discovery of electronically stored information?” After receiving public comment on the drafts, the Committee recently issued its final version, Formal Opinion No. 2015-193.

Ethics in ESI DiscoveryThe Committee answers this question unequivocally. Recognizing that “almost any litigated matter” now involves e-discovery, the Committee concludes that, to be competent as a litigator, an attorney must—at a minimum—have “a basic understanding of, and facility with, issues relating to e-discovery, including the discovery of electronically stored information (“ESI”).” For some matters, depending on the e-discovery issues involved, “the duty of competence may require a higher level of technical knowledge and ability. And “even a highly experienced attorney” may need some assistance in certain litigation matters involving ESI.

The State Bar of California Standing Committee on Professional Responsibility and Conduct’s Opinion on Ethics of Handling ESI Discovery

The Opinion offers a helpful, specific list of the e-discovery tasks a minimally competent litigator should be able to handle, either on their own or in association with competent co-counsel or expert consultants:

  • Initially assess e-discovery needs and issues, if any
  • Implement/cause to implement appropriate ESI preservation procedures
  • Analyze and understand a client’s ESI systems and storage
  • Advise the client on available options for collection and preservation of ESI
  • Identify custodians of potentially relevant ESI
  • Engage in competent and meaningful meet and confer with opposing counsel concerning an e-discovery plan
  • Perform data searches
  • Collect responsive ESI in a manner that preserves the integrity of that ESI
  • Produce responsive non-privileged ESI in a recognized and appropriate manner

As a lawyer with more than a decade of experience in e-discovery, I’m not embarrassed to say it—this list is challenging. For example, I would not consider myself competent to “perform data searches” on my own. While I understand quite a lot about search methodology, in my view the nuances of search and retrieval, whether using key word terms or more advanced analytics, require me to associate with a qualified expert to ensure my searches are effective and defensible. Likewise, I would bring in an expert consultant to help me “analyze and understand” a client’s ESI systems, at least with respect to the more technical aspects of the IT infrastructure.

Of course, if we engage experts to work with us, we must supervise their work—that oversight is a non-delegable duty for the attorney who is counsel in the litigation. We can do so by “remaining regularly engaged in the expert’s work, by educating everyone involved in the e-discovery workup about the legal issues in the case, the factual matters impacting discovery, including witnesses and key evidentiary issues, the obligations around discovery imposed by the law or by the court, and of any relevant risks associated with the e-discovery tasks at hand.” The rules of ethics also dictate we must ensure that the people we retain (including non-lawyers) comply with the same ethical obligations that govern us.

But as challenging as the list of competency tasks might be, it’s an appropriate list, and reflects the realities of litigating today. For most organizations, almost 100% of relevant information is stored electronically, and the large volumes of potentially relevant ESI make it exceedingly difficult to efficiently identify and collect what’s needed for discovery. The demands of modern litigation are forcing lawyers to up their game when it comes to ESI: “Attorneys who handle litigation may not ignore the requirements and obligations of electronic discovery.” Kudos to the California Bar for recognizing that, and providing guidance on what the required level of e-discovery competency looks like. Lawyers from every state, not just California, will benefit from that guidance.

Have questions about the implications of the California Opinion, or other aspects of ethics in e-discovery? Contact me and let’s chat.