SM Advanced Technology Solutions for Litigation

InfoPAKSM

Advanced Technology Solutions for Litigation

goatley

New Stamp


Copyright © 2010 Autonomy and Association of Corporate Counsel

2


September 2010

Provided by the Association of Corporate Counsel 1025 Connecticut Avenue, NW, Suite 200 Washington, DC 20036 USA tel +1 202.293.4103 fax +1 202.293.4107 www.acc.com

The dramatic growth in the volume of electronic information and the need for greater compliance with rules and regulations are well known, but less known are the advances in technology which can solve the challenges facing corporations and counsel. Technological advances can address the issues and burdens for legal, compliance and information governance.

This InfoPAKSM will provide corporate counsel with an objective overview of technology and its defensible use. It will cover practical, technical, and legal considerations for selecting, deploying and leveraging litigation technology. It will look at the issues facing corporate counsel, solutions, and provide samples of ROI from real-world case studies.

The information in this InfoPAK should not be construed as legal advice or legal opinion on specific facts, and should not be considered representative of the views of Autonomy or of ACC or any of its lawyers, unless so stated. This InfoPAK is not intended as a definitive statement on the subject but rather to serve as a resource providing practical information for the reader.

This material was developed by Autonomy, a co-sponsor of the ACC Litigation Committee. For more information about Autonomy, visit their website at www.autonomy.com or see the “About the Author” section of this document.

ACC wishes to thank the members of the Litigation Committee for their support in the development of this InfoPAK.

For more ACC InfoPAKs, please visit http://www.acc.com/infopaks

3

Contents

I. Introduction/Overview ......................................................................................................... 5

II. Practical Considerations: Selecting Technology................................................................ 5

A. New Realities for Legal.........................................................................................................................6

1. Expertise Management and Legal Department Business Efficiency..........................6

2. Utilizing Tools and Technology to Manage Increased Regulation from Every Angle ............................................................................................7

3. Identifying, Categorizing, Indexing, and Applying Rules ..............................................8

B. A New Landscape for Corporate Legal Departments..................................................................9

III. Technical Considerations: Deploying Technology............................................................. 11

A. Managing eDiscovery and Compliance: Creating a Comprehensive Information Governance Program............................................................................................................................11

1. The Challenges of Information .........................................................................................14

2. Considerations and Reasons for a Comprehensive Information Governance Plan..........................................................................................................................................16 3. Building the Right Team to Tackle the Challenge of Creating a Comprehensive Information Governance Program ....................................................16 4. Archiving and Cloud Computing......................................................................................18 5. A Holistic Approach to Information Management.......................................................23

6. Reducing Costs and Risks While Building a Defensible Process ..............................23

IV. Legal Considerations: Leveraging Technology .................................................................. 27

A. Discovery Challenges: Rules, Regulations, and Case Law ............................................................27

1. Legal Background: The Duty to Preserve ......................................................................28

2. The Federal Rules of Civil Procedures (FRCP) ............................................................28

3. The Duty to Preserve.........................................................................................................30

4. The Courts and Custodian Self-Collection ...................................................................32

B. The Challenge of New Media: Voice, Video, and Social Networking .......................................33

C. Inside Counsel and Outside Counsel: An Evolving Relationship ................................................34

1. Doing More with Less ........................................................................................................35



4

2. Streamlining the End-to-End Process..............................................................................36

3. Predictability and Standardization in eDiscovery .........................................................37

4. Summary: Opportunities to Improve the Corporate Counsel/Outside Counsel Relationship ..........................................................................................................39

D. Court and Academia Acceptance: Defensible Search Technology ............................................39

1. The Challenges of Relying on Legacy Keyword Searches ..........................................40

2. A More Defensible Approach: Combined Searches Using Concept, Keyword and Boolean Search with Contextual Understanding...............................40 3. Defensibility of Your Process ...........................................................................................42

E. Information Governance ......................................................................................................................42

1. Background ...........................................................................................................................42

2. Information Governance and its Role in eDiscovery ..................................................43

F. Creating a Defensible eDiscovery Process.....................................................................................46

V. Appendix: Case Studies and ROI from Autonomy............................................................ 47

A. Case Study: A Top 10 Financial Institution ......................................................................................47

B. Case Study: Bloomberg ........................................................................................................................49

C. Case Study: The UK Ministry of Defence ........................................................................................51

D. Case Study: A Leading Commercial Bank ........................................................................................51

E. Case Study: Aegis Media ......................................................................................................................53

F. Case Study: Richards Butler ................................................................................................................55

VI. Endnotes................................................................................................................................. 57


5

I. Introduction/Overview With recent cases such as Pension Committee and Rimkus v. Cammarata (discussed infra), new regulations for financial services industries, and the specter of increased regulations for all corporate organizations, corporate counsel are facing the legal equivalent of the mythical beast Cerberus, the three-headed hound from Hell. These factors, when combined with the global financial crisis, created a need for corporate counsel to reduce their budgets, manage a massive increase in the volume and type of electronic data, and understand and comply with a corresponding increase in rules, regulations, and case-law requirements as they face increased litigation and investigation.

This would seem to be a daunting challenge for anyone, but the task is not Sisyphean. Corporate counsel managing the litigation and compliance process today must be well versed in more than just litigation. The challenges facing corporate legal departments require an understanding of the corporate environment, the dual role technology can play in managing electronically stored information (ESI) for both litigation and information governance purposes, and the manner in which rules, regulations, and case law require them to act. As counsel look to manage their budgets while at the same time creating a systemized, practical, and defensible strategy for managing ESI, they have to be able to understand the process and challenges more than ever before.

While it is clear that technology created this mess, it will also be required to ensure a viable, defensible, and effective solution. For corporate counsel, the key is in understanding the challenges of managing ESI and then creating an action plan to tackle this process. While many view the management of ESI for litigation purposes as a stand-alone project, it should be viewed as part of the broader picture of organizational compliance and information governance. Corporate counsel who take the broad view of a comprehensive information governance strategy that encompasses both eDiscovery as well as compliance and information management strategies will be able to more effectively, defensibly, and cost-effectively manage their ESI.

II. Practical Considerations: Selecting Technology

A. New Realities for Legal A May 2010 survey of general counsel revealed two key pieces of information about the GC’s role: 74% of those polled felt stronger in their position as trusted advisor to the board than a year previously; and those polled unanimously reported that GCs are increasingly expected to achieve more with fewer resources. The use of advanced technology can assist corporate counsel as they strive to do more with less. Additionally, any investment in technology can also be used to kill the proverbial two birds with one stone by providing benefits in two or more areas for the price of one; for instance, the solution implemented to defensibly manage eDiscovery can also be used for information governance and compliance purposes.



6

1. Expertise Management and Legal Department Business Efficiency A primary responsibility of corporate counsel is to partner with businesses within their organization, providing timely, top-quality advice in whatever geography the internal clients require it. The question, then is how the expertise available to the GC can best be accessed. This correlates to some fundamental building blocks of the corporate legal department: internal collaboration, external collaboration, and case and matter management.

a. Internal Collaboration As guardian of corporate integrity, corporate counsel needs to ensure that their expertise is available as a resource, initially at least, for intra-department sharing. Two key barriers to be overcome in order to achieve this are often geography and information silo, wherein departments, divisions, offices or regions store information in a repository or data source that is not easily accessible by or available to others in the organization.

For example, a global security services firm has a small headquartered team, and then a largely federal structure of small national lawyers including sole practitioners who are able to collaborate effectively across the organization. By comparison, a multinational bank headquartered in the UK has major teams in six key financial centers, but outside of these six centers, there are individual or pairs of lawyers having to cope on their own in over 40 others which requires planning and cooperation for effective collaboration. Counsel need to take steps, such as creating collaboration teams or a knowledge management program, to ensure that geographic barriers and personnel limitations do not affect their ability to collaborate effectively with their colleagues in the legal department and to provide services to the organization.

Counsel, like other professionals, are respected for their experience as well as technical acumen. They are usually keen to store their precedents, deal bibles, opinions and commentaries for their own use, but there is often a reluctance to share this information. Within most corporate legal departments, the majority of such stored data should be accessible by fellow-internal lawyers to benefit the organization during their tenure but to also ensure a continuity of practice should the lawyer leave the organization.

b. External Collaboration Corporate counsel and their departments must be able to be relied on as authoritative sources of information. It is invaluable for counsel to be able to access and be alerted to external news, commentary, and specialist services as well as to effectively communicate with peers outside the organization. It is essential that processes and procedures be in place, be they a collaboration tool or archiving solution, to manage these interactions. While external collaboration can easily be managed through manual legacy techniques, this is often not cost-or time-effective. By utilizing technology to assist counsel in managing this information and automating the process, the burden on counsel will be reduced and a more defensible practice of managing external collaboration will come into place.


7

c. Case and Matter Management. Depending on the organization, the burden of managing cases can be exceptional. Counsel can dramatically reduce the effort necessary to carry this burden through the use of work-flow tools to enable the orderly creation of case files and the archiving of email and documents with minimal tagging to achieve many simultaneous benefits, including more effective internal and external collaboration by:

■ Consistency of approach across legal teams in different locations and jurisdictions

■ Ability to demonstrate the provenance and deliver version control

■ Speed of archiving and ease of retrieval

■ Collaboration and sharing of expertise

2. Utilizing Tools and Technology to Manage Increased Regulation from Every Angle Increasingly, the corporate counsel needs to be a prime collaborator with internal colleagues that also support the enterprise and the corporate board of directors. Regulation is said to be increasing in volume and rigor even faster than legislation, though litigation may still be increasing at a faster pace. The concern for corporate counsel, as well as the board, is that regulatory breaches can trigger sanctions as harsh as those in litigation—including fines, removal of operating licenses, and even imprisonment.

In a corporation, compliance with regulation may be handled either by an independent dedicated compliance department reporting to the board, as part of an independent risk management function, or a compliance function reporting directly into the general counsel’s office. Whether or not the legal department “owns” regulatory compliance, corporate counsel will inevitably need to be engaged when breach occurs or when regulatory enforcement is likely. Although legal departments don’t often carry out internal monitoring, they do need to be involved once noncompliant activity is identified. Information access and collaboration with other professional departments such as Compliance, Audit, and Risk are extremely important.

While the additional effort of collaborating may sound like a daunting addition to the workload for already overworked corporate counsel, there are opportunities to ease the burden:

■ Approach to Regulatory Policy: In some ways, regulatory policy is easier to enforce than statutory or case-law-based legal policy. Many regulators decline to be entirely prescriptive as to how exactly an institution will effect their dictates, and corporations need clear and easy-to-follow guidelines as to how they can carry on business while still being compliant. A policy on whistle-blowing or personal account dealing, for example, can be made multi-jurisdictional, while still allowing for any local exceptions, leaving only the question of enforcement. Clearly, counsel need to pay attention to regulatory policies and ensure corporate compliance.

■ Information Capture: Given the daily volume of traffic in the digital domain— alphanumeric, audio or visual—the conventional multinational has limited chance of manual surveillance, save via self-certification, random samples or occasional audit checks. However, technology is capable of solving the issue of complex capture.

■ Information Analysis: Technology can also be used to check for non-compliance and add



8

depth to the analysis of information. The ability to analyze information also allows counsel to better prepare for litigation and any internal investigations in which they may be involved, and to meet their preservation obligation more easily.

■ Retention and Archiving: Though typically not the realm of corporate counsel, retention and archiving procedures, policies, and technology can directly affect the legal team. By being proactive and ensuring that corporate policies are compliant with the rules, regulations, and any agency guidelines, counsel can ensure that any organizational process around records and information management is systemized, repeatable, and defensible. By taking active steps to assist in the process, counsel can ensure that their needs are met in both the short and long term and that they are able to search for, identify, and preserve relevant information for litigation and investigation needs.

Because of the increasing incidence of regulation as well as the specter of legal sanctions, corporate counsel can feel secure in recommending the acquisition of new tools for monitoring and enforcing internal and external policies to the CEO, CFO, and board. These tools, especially when deployed as part of a comprehensive platform, can produce a significant return on investment and heighten the corporation’s risk avoidance. However, though universal surveillance is possible, counsel should nonetheless be aware of the limitations on its implementation, including international data privacy laws and the vagaries of local business requirements.

3. Identifying, Categorizing, Indexing, and Applying Rules On the broader issue of information management, corporate counsel should be aware of the need to account for the proliferation of data around their enterprise, as this also directly relates to their requirements around litigation and investigation. Means of accelerating communication can also lead to headaches of control, monitoring, archiving and discovery in the event of litigation. Though the management of technology for information management may come under the responsibility of the Chief Information Officer, they cannot perform their role effectively without the legal department at least guiding them on policy and procedure, ensuring that processes will pass regulatory muster and provide the systemized, repeatable and defensible process required.

a. Information-Generating Equipment The first recognition should be the technical alternatives that are available—justified by the expectations of the client and the speed of activity and response. Creating internal firewalls within the confines of office buildings are straight-forward, but the demand for laptops, mobile devices and Blackberry-enabled email require that rigorous security standards be set by Compliance and the IT department to limit the damage from the inevitable loss of such devices outside the office environment. The key for the legal department is to ensure that the data being transferred can be captured, monitored and archived for decision-making on how best to safeguard the corporation and to ensure the ability to effectively respond to any preservation obligation.

b. Information Medium A further recognition is that regulators are increasingly requiring audio and video to be included in evidence, much as they are included in the definition of a document and ESI under the FRCP. Most corporations actually negotiate with customers over the phone, even if final contractual engagement is in


9

electronic Word or even paper format. However, audio evidence can indicate mis-selling—for example, the failure to advise a borrower that they have the right to cancel the agreement within 5 days. The ability to monitor real-time telesales traffic is increasingly important. On the one hand, it can ensure that a defective sales pitch is rectified within a designated grace period. Further, it enables evidence to be given to regulators that the telesales person stayed within the guidelines set by the product management.

c. Information Profligacy A feature of the last 15 years of information management is to provide the employee with flexibility as to the generation of internal data. It assists ingenuity, collaboration and expertise capture. The upsides of such independence, albeit within the corporate firewall, however, need to be balanced with the requirement for transparency and ability to monitor. Further, it has become increasingly apparent that individual employees and contributors have difficulty managing information in compliance with corporate policies, and this is where automating the process through technology can assist both corporate compliance and counsel with managing information.

d. Confidentiality Limitations on employee access, corporate secrecy on M & A deals, management planning or HR data, for example, require limited visibility and high standards of security, while still enabling counsel to find information that may be needed for litigation-related and regulatory inquiries. Again, while manual processes could assist with this, it is clear that most organizations need technology to assist in managing this process in a scalable and effective manner.

For corporate counsel, it’s imperative that they have an understanding of the over-lapping worlds of risk, compliance, legal and audit, facilitated by the IT architecture. To work most effectively, the legal department should have the ability to advise on the issues that need to be addressed, even though the budget may well lie elsewhere and the implementation very firmly with the IT department.

B. A New Landscape for Corporate Legal Departments Corporate counsel often have multiple roles within their department, which can include litigation. With the responsibility for corporate litigation, counsel must manage the corporate litigation profile, the law firms that handle the cases, and in some corporate departments also manage the end-to-end process for litigation. Prior to the financial crisis, while the litigation budget could be large, it was often seen as an operational cost that needed to be flexible due to the uncertain nature of litigation.

The idea of the open-ended budget has, for all intents and purposes, ended. No longer can the litigation budget continue to grow unchecked. The GC and corporate financial overseers are asking litigation teams at corporations of all sizes to manage, control and reduce costs. Often times, these reductions in costs are not trivial, with many legal departments being asked to reduce their litigation costs upwards of 25% or more, even in light of increased litigation and investigation and a massive increase in the volume of data. Again, counsel are being asked to do more, often much more, with less.

Internally, litigation counsel are taking a multitude of approaches which include any or all of the following:

■ eDiscovery Vendor Consolidation: Through either an RFP process or existing vendor relationships, counsel are working to consolidate the number of vendors used for the



10

eDiscovery process down to a preferred provider list. By reducing the number of vendors, preferred pricing can be arranged while also reducing management costs.

■ Law Firm Consolidation: Most corporate legal are reducing the number of law firms to a preferred list. As with vendor consolidation, this preferred-provider relationship can help reduce costs while also providing a trusted resource that corporate counsel can turn to for advice, strategy and case management.

■ Technology Consolidation: Until recently, technological solutions for discovery, information governance, and records and information management were a hodge-podge of narrow programs that did not connect and often required duplicated and redundant efforts to maintain. With the availability of true end-to-end information governance platforms, costs and risk can be reduced through movement to a consolidated platform.

■ Implementation of an Enterprise-Wide Content and Information Management Program: While litigation is often about identifying the relevant information, corporate litigation counsel are now participating in the adoption of enterprise-wide records and information management programs, which can reduce costs and risks while also reducing the overall volume of data to be preserved and reviewed through defensible disposition practices.

■ Technology Implementation: The idea of outsourcing every step of the eDiscovery process is quickly becoming a relic as corporate counsel and corporate IT groups realize the value of bringing technology in-house to manage the eDiscovery and information governance process. With the availability of end-to-end solutions covering each step of the process (defined in detail by the Electronic Discovery Reference Model, or EDRM, described at www.edrm.net) increasing, most corporate legal departments are bringing the information management, identification, preservation, collection, early case assessment, and processing technologies in house in an effort to control and reduce costs.

■ In-Sourcing: As part of the process of bringing technology in-house, corporate legal departments are either bringing eDiscovery specialists in-house to manage the process or bringing in a third party to manage the process, acting as an embedded consultant.

■ Software as a Service: Corporate counsel are increasingly looking to cloud computing as an effective way to manage ESI for litigation, compliance, and governance purposes. Secure, private clouds provide opportunities to reduce capital expenditures and risk through a unified approach in a hosted environment.

■ ROI: With a new focus on return on investment, corporate counsel must look at the cost-benefit equation and often justify purchases and expenditure based on the return on investment.

While there is no single approach that is right for every organization, corporate counsel need to take an informed approach, looking at corporate culture, risk tolerance, litigation profile, size and global reach. Through this InfoPAK, it is hoped that corporate counsel will see how technology can assist them in managing eDiscovery, litigation costs, and reducing risks in a systemized, repeatable, and defensible manner in compliance with the various rules and regulations they will face.


11

III. Technical Considerations: Deploying Technology

A. Managing eDiscovery and Compliance: Creating a Comprehensive Information Governance Program

Every organization has an overarching goal, and corporate counsel’s is often to ensure compliance with legal, regulatory, and internal obligations. However, in today's economic climate, the corporation’s goal is often simply to survive. In order to increase its chances for survival, an organization needs its “information lifeblood"—enterprise content—to be available, consistent, and reliable, allow nimbler and better decision-making. By putting an information governance strategy in place, an organization is ensuring that their assets are viable, valuable, and protected.1

As the quantity of information that must be managed by corporate counsel and the organization alike have increased, the applications and techniques required to manage this data have had to adapt. The legacy techniques and applications that used to be simple “document management systems” have evolved. However, despite this evolution, these legacy systems cannot generally meet corporate counsel’s requirements today. A comprehensive information governance system built on advanced technology can meet the needs of both legal and compliance, and is virtually guaranteed to increase efficiency in almost any circumstance. While many corporate counsel are focused on managing data, particularly ESI, for litigation and investigation purposes, the broader needs of the organization and the legal department make it essential that corporate counsel consider discovery management as part of an overall information governance strategy.

The obvious benefits of a carefully-constructed information governance program are reduced manpower costs, elimination of much infrastructure redundancy, greater consistency in managing data, reduced legal and regulatory risks, and enhanced defensibility of document retention and destruction policies. Rather than relying upon the mercies of employees’ subjective judgment to collect and preserve data, a unified, automated information governance platform ensures consistency across all departments and under all circumstances.

Frequently lost in the discussion of tangible benefits to the enterprise and corporate legal departments, however, are the intangible benefits to the enterprise’s employees. The practice and management of law is, by its very nature, an extremely stressful endeavor. Because any oversight, no matter how innocuous, will likely be seized upon by a zealous opposing attorney, counsel and the legal staff tend to work long hours to ensure that all loopholes are closed—and then stay up late into the night worrying about whether they may have overlooked something.

With a strong, well-crafted information governance program in place, however, work becomes less stressful and more rewarding, and employee morale improves. Other benefits include strong defensibility against any legal or regulatory challenge, avoidance of the likelihood of fines or sanctions, and (much to the relief of the VIPs in the Executive Suite) insurance of full, good- faith compliance with Sarbanes-Oxley and FINRA requirements.



12

The chief points of resistance to implementing such an information governance plan tend to be threefold:

■ It’s too expensive.

■ It takes too long to learn how to implement the solution.

■ It’s not my job.

We can quickly address these arguments as follows:

■ It’s Too Expensive. Many enterprises have trouble seeing the return on investment (ROI) beyond only the most readily apparent costs, such as IT budget and spending with third-party vendors. Any information governance system can reach a break-even ROI if it avoids even a single, harsh fine or legal sanction; but as a practical matter, this sort of dire result is rare, and would be difficult to imprint with a dollar value if it did happen (ironically, the only way to quantify the cost of such an event is if it occurs).

An immediate recognition of cost savings, however, comes from acknowledging that automating any process frees up human capital for other tasks. Automation across the enterprise would free up many employees and resources for other, more productive duties. More work can be accomplished without hiring additional labor or buying more computers; those savings can be quantified in real currency.

Furthermore, by consolidating information across the enterprise into a single system, fewer resources need to be committed to managing the enterprise’s data. Many of today’s enterprises suffer from variability in business processes, disparate and poorly integrated systems, and inconsistencies in data structures and definitions. With a unified system, however, the process becomes much less complex, as access becomes consistent across the enterprise and fewer methods are required to get to data.

Rather than purchasing (and training employees on) dozens of different software interfaces depending upon the department and the specific need, all employees can be trained to use the same handful of applications, designed with similar interfaces. After training, should the initial learning curve prove too steep for some, utilizing fewer software options allows the employees to assist each other—saving more money on training. As all employees learn how to access the enterprise’s information pool with greater ease and speed, their productivity will skyrocket. And, as employees find their comfort level with the more-common interface tools, the system will be used more extensively, which will speed up the rate of ROI.

Finally, effective information governance can help the enterprise achieve its strategic objectives. Immediate benefits include greater effectiveness at gathering information for financial reporting, monitoring and measuring performance, complying with regulations, and managing risk. Outside the legal department, the enterprise can consistently produce the desired quality of information for making business decisions, with greater ease in developing high-quality information for decision-making.

■ It Takes Too Long to Learn and to Implement the Solution. This “learning curve is too steep” argument comes from a mistaken belief that implementation of effective, enterprise-wide information governance must be an immense and difficult challenge. While it is essential for counsel to work look toward comprehensive information governance, it is rarely feasible to


13

‘boil the ocean’ and implement a comprehensive program and solution simultaneously. It is more advantageous to begin with the greatest need, often times eDiscovery (litigation hold notification, preservation and collection and early case assessment), and build the solution over time. The key challenge for counsel is to keep sight of the overall goal: defensible, systemized, repeatable and cost-effective information governance. By continuing to look toward the big picture and ensuring that any implemented solution will work as part of a comprehensive information governance platform, counsel will see great improvements and will find that this concern is unfounded.

■ It’s Not My Job. The third argument shouts, “Who’s responsible for this, anyway?” One commentator shared this hypothetical, but all- too-common, scenario:

The phone rings. It is the General Counsel. The organization may be sued over patent infringement. Counsel knows that this could be “The Big One.” All sorts of data, documents, metadata, email, and other forms of information may be required. Counsel asks IT: Do you have, or can you get together, a list of all systems and the data they contain?” There is a long, silent pause on the phone. Then the IT manager says “Well, we do have a list of systems. Let me send it your way.” Counsel gets the list. It is nothing close to the data map it needs. Instead, it is a list of servers, their IP addresses, platform configuration, and their physical rack location in the data center. Good information for disaster recovery purposes, but not particularly helpful in court.

“Well, this is the best I’ve got,” comes the retort from IT. “We do not have a data map nor would we know how to create one—and, by the way, do you really think we have the bandwidth to work on this now?”

So who gets stuck with the job? You do. You might argue that “IT manages all the infrastructure and stuff, why couldn’t they just run an inventory on their systems?” And IT will reply that “Well, we do manage the infrastructure, but we know very little about the inputs, outputs, documents, records and other information on these applications. Go talk to the business side.” And you go to business, and business will tell you that “I just use the system and click these buttons on the screen. The system is a black box to me. I have no idea about all of the underlying data, metadata, and data structures. I suggest you talk to the operational folks.” And you talk to the operational folks, and they say, “What are you talking about? We just execute business processes. Don’t ask us about data and metadata. Go talk to the analyst who worked on the system design.” And you look for the analyst, and you eventually learn that …“Oh, she was a consultant and she left the project three years ago.”2

There has been much talk of conflict between legal and IT departments, in both corporate enterprises and law firms, for many years. Both professions tend to adopt tunnel-vision with respect to their departments’ singular goals:

“…[L]awyers' priorities are very different from those of IT professionals. The IT professional designs and builds projects within traditional business



14

frameworks and metrics, aligning business and IT goals to increase revenue, reduce cost, speed up processes and increase competitiveness. The legal professional's role is not so clearly defined. Lawyers' responsibilities run the gamut from complying with legal and regulatory requirements to avoiding unnecessary litigation to protecting intellectual property, and more. Meeting those responsibilities is no simple matter.”3

So who is responsible? The correct answer is: everybody. However, at the end of the day, corporate counsel needs to ensure that the preservation obligation is met and that relevant information is preserved as necessary. The corollary benefit of a comprehensive information governance program is that counsel can ensure that data that does not need to be retained is disposed of, reducing long-term costs and risks. While the records management team needs to institute sound policies and retention schedules and IT needs to design the appropriate systems to manage this information, corporate counsel need to be willing to spend the human and financial capital necessary to know what records management and IT have been doing, so that when the time comes to retrieve information for compliance and litigation purposes, they will not be so far out of the loop that they simply throw up their hands in despair. All of these departments need to come together during the early analysis and planning phases. During this early stage, each department should designate representatives who understand, if not the complexities of ESI itself, then at least the implications of a demand for production.

Strategic information governance implementation can be one of those rare situations where “management by committee” is most successful, and it often yields great benefits for corporate counsel if they can help manage and direct this committee. The committee should include department heads, employee end-users, legal staff, IT staff, and records managers. In their most effective implementation, committees assign clear responsibilities for each decision to individuals who can accept accountability for their respective outcome.

1. The Challenges of Information No doubt, you have a computer on your desk. You probably have a PDA or Smartphone with you, and you may even carry around a laptop computer. Perhaps you have assorted flash drives, portable hard drives, backup disks, and maybe even some old legacy diskettes stashed in a drawer somewhere.

That, in essence, is your “data map.” Do you know where all of it is? Now multiply that by the number of employees in your enterprise. After doing that, add in the enterprise-level resources: email servers, file shares, and perhaps even (as in one controversial California decision4) the volatile random access memory (RAM) of the servers themselves. If your company is sued tomorrow, do you know where all of the enterprise’s data is, and more importantly, how to get to it?

Consider the nature of the information being managed and the formats in which they are held.

“Structured information” usually takes the form of numbers or entries in database fields or spreadsheets and is by its nature well-defined and unambiguous. Someone’s address, age or date of birth, a department’s profit or loss at the end of the financial year, and the number of people employed on a part-time basis are familiar examples. These are easy to locate and are usually available in a specific database or IT system, although it may still be challenging to locate this information quickly and easily.


15

“Unstructured information,” however, is the bulk of today’s enterprise-wide electronic data. Typical sources of unstructured information include laptops, desktops, file-servers, SharePoint, email servers, wikis, and more. The challenge of unstructured information is that the data often cannot be understood without an understanding of the meaning of the information, which itself may be another, seemingly unconnected piece of unstructured data. For example, an invoice may not be understood without the corresponding purchase order, and a response to a request for information might not be understood without knowing what was requested or who issued the request. With respect to a single email message, access to many additional emails (such as the email thread) may be required to understand the context of that message.

Unstructured data includes documents, emails, and phone calls throughout the organization, and the ratio of unstructured to structured information in an organization increases each year. In today’s organizations, more than 80 percent of the data is likely to be unstructured, including emails, Microsoft Office or WordPerfect documents, software applications, hosted or cached web files, social media and instant messaging, recorded phone calls and voice messages, video and audio files, XML documents, and rich media. Due to the overwhelming abundance of electronic data, formerly structured data such as printed documents have fallen through the cracks, and because they are not now carefully categorized, have evolved into unstructured data.

Although vital information needed by the enterprise resides in both structured and unstructured information, most key business information will be in unstructured form within electronic documents and emails. Without an effective information governance plan in place, there is no practical way for counsel to track and manage this information.

But control is only one part of the problem. Knowing where all the data resides and how it is organized is useless unless you also have rapid access to the documents you need, can be sure that the information contained in them is accurate, and know that the requested data is only available to those who have been granted permission to see it. None of this, of course, can occur until you know what documents exist, where they exist, and what part of them may be useful.

A well-crafted information governance plan allows you to quickly locate all relevant documents and extract the information needed to complete processes, make decisions, and carry out business analysis. It becomes much easier to meet regulatory responsibilities and to demonstrate that conformance to compliance is being achieved.

Information governance also allows the enforcement of data management policies, such as document retention and destruction policies, litigation holds, and compliance with regulatory requirements. Finally, it also includes security policies that determine which employees or groups of employees, may access certain types of information, and from which locations they may access or retrieve the data.

Knowing what information the enterprise has enables counsel to manage risks, control costs, ensure quick response times, and realize the goals of providing greater organization to the information. By doing so, counsel can help ensure that the enterprise will be protected, critical business information remains secure, consistent information governance practices are in place across the enterprise, and ultimately that the information governance program is managed in a systemized, repeatable, and defensible manner.



16

2. Considerations and Reasons for a Comprehensive Information Governance Plan When considering implementation of an information governance plan, counsel should understand the reasons for and benefits provided by a comprehensive information governance solution so that, if necessary, counsel will be able to explain the need to the management team. Of course, the key to this is to define the information governance business plan as distributing tangible benefits across the enterprise. Mere declarations of intention to satisfy strategic or legislative requirements or to increase business performance, valid though they may be, are not likely to be specific enough to convince the executive management team.

The following considerations, however, make your business case infinitely stronger:

■ The need to meet government strategic and legislative requirements, which includes the need to demonstrate compliance with legislative and regulatory requirements, such as Sarbanes-Oxley or agency-specific rules, the implications of which are different in every organization.

■ Efficiencies gained through better working practices as a result of easier access to information, reduction in duplicated effort, more accurate information, and the ability to share information within departments, between departments, and between related organizations.

■ The capability to integrate different sources of information to deliver improved services through increased knowledge and reduced risk.

■ Improved knowledge-sharing through better access to information and central control. There are significant benefits to be made by reducing the amount of information lost within an organization, such as when an employee retires or resigns, or when legacy data systems are replaced. There are also benefits in making such information available, such as speeding up the training of new employees.

■ Cost savings related to lower training and maintenance costs associated with a simplified IT infrastructure.

■ Cost savings related to minimizing the need for physical storage of paper documents and electronic data.

■ Improved work/life balance by enabling flexible work schedules and telecommuting.

3. Building the Right Team to Tackle the Challenge of Creating a Comprehensive Information Governance Program

Corporate counsel cannot solve this problem alone. The challenges of managing information cover (and impact) the entire enterprise; however, counsel are in a unique position to drive the process successfully and ensure that the corporation is fully compliant with the FRCP and local rules, case law, and regulation. Counsel can also monitor compliance with the enterprise’s own document retention and destruction policies.

With counsel taking the leadership role, effective information governance requires a team staffed by Legal, IT, Information Security, Compliance, and Records Management. In the interest of practical success, it probably wouldn’t hurt to include a couple of end-user “clients” on the team as well:


17

“It’s so important to start with the human element. The success of any organizational endeavor is directly linked to the engagement of the members of the organization. If the needs of management and staff aren’t considered, you might as well shut off the lights and go home. Information management is truly a collaborative process. Make sure you have executive sponsorship, but don’t forget to engage your consumer in the strategy.

Be reflective of the needs of your clients rather than definitive. Use IT as the enabler, but it’s not always necessary that they take the lead. The most successful strategic implementations form a stakeholder committee that includes department heads, consumers, legal, technologists and records managers. But, before you put together a large group, let me caution you: Although all organizations want governance decisions to represent the interests of all stakeholders, the best committees assign clear responsibilities for each decision to individuals who can accept accountability for outcomes.

A good governance structure allows staff to work in the most efficient and effective way possible by giving them access to information assets. And don’t forget about usability. If implementations of information management controls are cumbersome, they will fail. It’s amazing how easily staff will get around your controls or refuse to use your system if it isn’t useful. The reason most information governance efforts falter is they didn’t take the business units’ methods of working in mind.”5

Here are some questions counsel can ask, along with considerations that will help lead to the right answers. The questions are designed to be presented to the internal team created to oversee and build an information governance strategy, the legal team, as well as any key stakeholders who would be involved in creating an information governance strategy:

■ How much time and money can we save in information management? Gartner estimates that, on average, staff spend some 30 percent of their time “managing documents.” Let’s suppose that your enterprise has 1,000 employees who have a need to access data, and let’s estimate their average salary to be $100,000 per year, for a total payroll cost of $100 million. If the time they spend “managing documents” can be reduced by even 10 percent, freeing up employees for more productive tasks and allowing elimination of redundant staff positions, the real savings can be more than $10 million per year.

■ How much physical space can we save? Space costs are reduced because fewer paper files, filing cabinets, and computer systems are needed. Commercial office space rents for a premium price, but less space will be required as systems are consolidated, paper files are digitized and shredded, and as central computer servers can be located in remote, discreet, or just cheaper locations.

■ How much will we save in shipping, distribution, and travel costs? With the enterprise’s information available electronically, remote locations or telecommuting workers can access the enterprise’s records (or, more specifically, those which they are authorized to access) via virtual private networks. Electronic documents can be instantly published or distributed to users. Users can therefore process information more quickly. Shipping and distribution costs



18

for bulky or important documents are substantially reduced.

■ How much time and money can we save in responding to regulatory and legislative requests? In some organizations this can be a significant cost, especially if still being done via manual processes. Government agencies tend to be indifferent to the time, expense and manpower required to respond to voluminous requests and often require production within a very short time frame. An information governance plan with proper discovery procedures, in conjunction with the advanced technology that can quickly identify relevant data, will allow the enterprise to gain control over this risk by establishing plans of action before they become necessary.

■ How much can we minimize our risk of non-compliance? Counsel is responsible for managing compliance processes and the final delivery of information required by regulation and law. Failure to comply with these rules can attract unwelcome publicity (e.g., Goldman Sachs, Qualcomm, or any number of other companies), legal judgments, fines, and criminal sanctions, which would in turn require additional costs to resolve. This liability can be dramatically reduced if the executives can demonstrate good faith by proving that reasonable information governance procedures to ensure compliance were established and followed. An enterprise-wide system makes it much easier to prove good faith and to address compliance matters in a correct and timely manner.

■ How can we improve our efficiency by sharing knowledge within the enterprise? In many organizations, information resides on an individual’s computer desktop or in their network share folder, uncategorized and unclassified. If that employee is absent, on vacation, away on business, or terminated, vital information may be inaccessible or lost, risking spoliation. Even if the data itself is accessible, its value may be limited if all associated information is not available to provide context. A corporate information governance plan can dramatically improve knowledge sharing within the organization and ensure that employees are able to quickly and easily search for, identify, and locate relevant information.

■ How can we make our employees happier and save a few bucks in the process? New ways of working require that employees working remotely have instant access to accurate enterprise information and can also share their own information efficiently. Many enterprises depend on field representatives, whose job requires them to be away from their offices for months at a time. Other enterprises hire qualified employees located hundreds of miles from their nearest office location, and rather than pay to relocate them, allow them to work from home. Still other organizations, mindful of the cost savings of shared physical resources and reduced office space, allow or encourage their employees to “telecommute” into the enterprise.

4. Archiving and Cloud Computing One of the many decisions facing corporate counsel is whether or not it makes sense to host data internally or to move data to the cloud—a software as a service (“SaaS”) option. Most organizations begin their move to the cloud through archiving, which has evolved from a tactical IT solution for optimizing email systems or meeting specific regulatory burdens into a core element of any proactive information governance strategy. Additionally, it is clear that many organizations are increasingly investing in archiving as a way to manage not only the storage costs of exploding ESI, but to enhance eDiscovery, defensibly execute deletion policies, and eliminate the proliferation of content to unmanaged sites, such as user created PST and NSF files (the storage formats created by Microsoft Outlook and Lotus Notes, respectively, for storing email data locally).


19

a. Archiving Advanced archive solutions are designed to capture and retain all forms of ESI for a specific retention period or to fulfill a legal hold order and execute policy-based deletion with a defensible audit trail for the lifecycle of any managed object. This is in stark contrast to traditional archive systems, which merely managed email.

Beyond these basic functions, archives provide access and potentially valuable insight to the data for business users, ranging from basic search/export solutions to those archives that run advanced analytics based on context, concepts, or patterns in the data for enterprise search, records management, and early case assessment. More advanced systems have the ability to automatically classify information, separate and manage official records from junk, identify a communication stream that indicates fraudulent actions, and give legal teams deep insight into their data.

b. Beyond Backup It is very clear that backup-only systems are no longer a viable governance scheme. While they may provide comfort insofar as there are incremental snapshots of all corporate data preserved, often on disk or tape and sent to warehouses for safe keeping, this quickly yields mountains of ESI that cannot be deleted, searched, or easily produced. A single custodian on legal hold will hold the entire snapshot, so even a modest level of litigation means all data is kept forever. Many organizations have learned the hard way that this ever-growing liability pool is cheap to buy into but expensive to get out of. Tape is cheap, but finding information and making it accessible from backup is very costly. Given the wide availability of archiving technologies, courts are increasingly less willing to consider claims of undue burden for accessing data stored this way.6

c. Litigation Readiness The most dramatic impact of an archive is on the costs of eDiscovery. Proactively collecting ESI to a managed state, where all potentially responsive data is at your fingertips and robustly searchable, eliminates the majority of the risk and expense associated with any discovery effort. Archives enable immediate legal holds on existing and future content, and a defensibly-executed deletion policy can confine the scope of any inquiry.

While archiving systems have traditionally been cost justified as a cheaper storage tier, the most valuable aspects of an archive is are clearly its ability to service eDiscovery, limit risk, and drive down collection, processing, and review costs. All archives leverage or license some form of search technology for this purpose, but unfortunately, this critical piece of technology often goes overlooked, which can have disastrous consequences when looking to the defensibility of search processes. Many first-generation, on-premise archives still run on what is now very aged search technology. Initially chosen and licensed because it was inexpensive, some of these systems cannot meet the high demands of legal search. They do not scale across hundreds of terabytes or reliably capture all target documents across thousands of file types and hundreds of languages without compromising the integrity of the results or requiring considerable exception handling.

Additionally, counsel should be aware of the growing body of evidence, discussed infra, challenging the effectiveness of keyword searches in identifying relevant information. More recently, a new breed of archives, the “consolidated” archive, which handles all file types, including email, office documents, as



20

well as audio and video, has emerged. The most defensible platforms have a deeper focus on advanced search and information processing. These systems are designed to operate at scale and enable legal teams to search by concept, cluster information, and analyze communication patterns to rapidly cull and perform early case assessment across many terabytes of archived ESI. This next generation of technology can span the most complex data types, such as multi-language, audio, video, social media content, and some of the most costly eDiscovery exceptions, as well as collapse the traditional collect/process/analyze workflow into a single scalable platform. These advanced consolidated archive solutions also provide the ability to manage data onsite or in the cloud.

d. Archiving: Cloud or On-premise Companies are increasingly opting for archiving in the cloud as they seek to reduce costs and reap the benefit of on-demand service models. Analysts expect that well over 50% of all archiving will be hosted or cloud-based by the year 2013 (Gartner Research note G00173258).

“Cloud computing” has become a confusing catchall for a variety of on-demand business models: outsourced storage, resource computing, Software as a Service (SaaS), and hosted development platforms (“platform as a service”), to name a few. The common denominator is that computing services or resources are delivered over the Internet, leveraging a scalable common back-end server infrastructure. The benefits of cloud-based models are very clear: the on-demand cost model eliminates the expense and overhead of managing software, servers, disaster recovery, and resiliency; resources are dynamically scalable without expense or downtime; installation time is measured in days rather than months; in-house expertise is no longer needed; and the upgrade lifecycles of traditional software are eliminated altogether.

The added promise of cloud-based solutions is that customers can stay on the cutting edge of what software can provide without bearing the initial or ongoing infrastructure expense. The efficiencies of scale leveraged by a cloud service provider are much greater than any single company can garner or afford. Furthermore, a vendor’s focus on delivering value to the market will drive innovation to the customer at a faster rate when the barriers of traditional software are removed.

On-premise archiving systems have reached the end of a maturity curve. The advent of more advanced mail platforms, discreet journaling functions, and much larger and cost-effective primary storage architectures has retired the mailbox management business that drove the ROI of many first-generation archive platforms. Archives are no longer about cheaper storage or backup and recovery. The market now demands intelligent systems that add value to the data stored in the archive, and do so with a cost-effective and flexible delivery model.

While the buzz about cloud computing seems relatively recent, cloud-based archiving is in fact a very mature business model, combining both the benefits of outsourced storage management with high-value applications for end-user access, eDiscovery, and information governance. In the highly-regulated financial services industry—where communications must be captured, stored for 3 years, and actively monitored for policy violations—the bulk of the sector has maintained cloud archives for years, effectively outsourcing not only overhead, but also the risk and rigor required to comply with SEC regulations.

Despite the numerous and increasingly obvious advantages of cloud-based archiving and integrated eDiscovery services, the devil, as they say, is in the details. It can be risky to outsource storage,


21

software, and security to a third party when the vendor lacks experience and proven technology. Unlike SaaS solutions, which hose a business application or offer email hygiene services, or those vendors who provide virtualized infrastructure, cloud archiving is a combination of both storage and application services with unique technical and business challenges. Cloud archive operators must capture, index, and store potentially massive amounts of business-critical data, and provide application services utilizing the information under rigorous SLAs and regulatory scrutiny.

The knowledge and expertise needed to run a large-scale, efficient, and secure data repository and related services are demanding, and some of the key considerations should be:

1. Scale: Managing huge data volumes of indexed content and the related applications at scale is extremely challenging. Database-dependent systems will inevitably bottleneck, and inferior search and indexing platforms will eventually top out. In the worst case, this leaves huge quantities of content in an unmanaged, un-retrievable state. Autonomy’s long history in this market has produced a mature a grid-based storage/computing design that scales capture, storage, indexing and retrieval to infinite levels under any SLA, with a long list of blue chip clients who trust petabytes of data to the platform.

2. Private vs. Public Cloud: Multi-tenancy, virtualized- or dynamic-brokered outsourcing of storage and computing resources are design hallmarks of public cloud vendors such as Amazon, Salesforce, and Google. While this provides great efficiencies for public cloud computing, these models are inappropriate for the security and regulatory requirements of archiving and eDiscovery. A vendor should control and secure every increment of travel and capture for customer data, down to physically distinct storage and infrastructure, and if needed, deliver the client to the disk, rack and data center where a given message resides, with failover and high availability.

3. Security: Security is the most fundamental principle of a viable hosted archive: Unfortunately, many cloud archives new to the market are an amalgam of outsourced data services, virtualized storage, sub-contracted services, software-based multi-tenancy. These are risky practices; even the largest companies have failed to secure customer data properly. Look for a company that responsibly secures the most sensitive data of some of the world largest corporations and where that data is hosted in the state-of-the-art and high-security data centers. Additional considerations should include the availability of 24/7 surveillance, as well as protection from biometrically controlled doors, exterior and interior CCTV cameras, glass break and motion detectors, alarm panels, audible alarms, lights and silent alarms. Another quality counsel should look for is that the data center has undergone an annual Statement of Accounting Standard number 70 or “SAS 70” audit, with ethical hacking audits and high availability, and failover testing as a routine practice.

4. Control and Access: Any cloud provider should be able to clearly demonstrate, both contractually and technically, how data is managed, who has access, and, most importantly, what party owns the information and infrastructure required to securely service SLAs for access and/or return the data.

5. Jurisdictional, Regulatory, and Compliance Requirements: Cloud archiving by definition manages sensitive data across jurisdictional boundaries where requirements for data handling and storage infrastructure may be regulated and audited. Vendors who routinely manage sensitive data from capture through discovery and production should be able to clearly demonstrate expertise and compliance with these requirements, including FISMA, SOX, HIPAA, ITAR, FINRA regulations, as well as those that govern personally identifiable



22

information, transatlantic compliance, and the subtleties of international privacy requirements. For multinational organizations, it is also essential to ensure that the cloud environment has a safe harbor designation for international data handling.

e. The Future of the Cloud: Information Governance from Cradle to Court As more consumers see the benefit of strategic information governance for managing information risk, eDiscovery, and storage costs, cloud-based approaches to archiving as well as related downstream eDiscovery services will become the dominant standard across all industries. The increase in regulatory scrutiny, legal costs, and eDiscovery services will raise the bar for innovation and cost-efficiency to a level tht can only be attained by a cloud-based approach.

The legal community is often characterized as lagging behind the technology curve, but in many ways they will drive this transition, and already have. Legal teams are already accustomed to hosted review platforms for the late stages of the EDRM (Electronic Discovery Reference Model, www.edrm.net). Data is routinely outsourced to eDiscovery service providers even when review is managed in-house, and outsourced review services are becoming more prevalent in the market. Unfortunately, the steps leading up to a review and production phase are currently risky and costly. They entail rough collections, multiple copies, disparate indexing processes and the handling of data by multiple parties. Cloud-based governance platforms eliminate this churn, and corporate counsel are increasingly teaming with IT management to drive a more strategic approach to managing ESI.

There is no reason (other than habit) to move or re-index a piece of relevant content in an archive from the point of capture, throughout initial discovery, to early coding and case assessment, and on to multiparty review. Technologies for securely archiving, indexing, and managing complex data types at high volumes are readily available in a cloud model as well as traditional software. The natural cost pressures that cloud computing drives will usher in a new standard of information governance and eDiscovery, and a new marketplace for consolidated information risk management.

The corporate world’s view on governance issues came sharply into focus with the amendments to the FRCP, and the result is that the legal department’s concerns about information risk are now among the strongest business drivers for archiving today. Control and visibility over how electronic assets are captured, managed, classified, held for litigation, and ultimately destroyed is critical to limiting organizational risk and costs when confronted with possible litigation.

Corporate governance and compliance officers’ attention to strategic archiving has sharpened in the wake of recent events in the global financial markets. Increased regulation and transparency requirements have exposed the risks of poor governance and resolutely shifted the driver for archiving away from simple email-centric storage platforms to the need to govern all content types and source targets, including instant messages (IMs), records, application data, web transactions, multi-channel communications, and voice and rich media.

As companies become increasingly aware of the importance of information governance to enforce clear policies and limit risk, it no longer makes sense to consider the legacy models for archiving in which archives are proliferated as standalone isolated installations, or, worse yet, turned into permanent storage centers for all enterprise information, no matter its business need. The modern demands of managing diverse electronic data require an advanced strategy and technology, where intelligent archiving is part of a pan-enterprise information risk management platform and eDiscovery, records management, risk


23

mitigation and information management policies govern the lifecycle of any organizational asset based on the meaning of the content, either managed in-place or moved to an archive.

5. A Holistic Approach to Information Management A successful information governance program cannot be created in a vacuum, and counsel should look beyond litigation to achieve a broad understanding of the needs of the organization. The enterprise must take the broad view to be successful, and the right team is only the beginning. These needs will vary based on industry/vertical/geographic reach, but they must be considered.

One of the greatest challenges facing corporate counsel is finding information. Many people believe that an enterprise-wide data map is the first step in locating relevant information. However, it is often difficult to prepare and maintain an enterprise-wide data map, as corporate systems are constantly changing. There will be active and archival servers, disaster recovery and backup systems, USB drives, DVDs, external hard drives, PDAs, laptop computers, and decommissioned systems to account for. Expect to find many "hidden" systems, utilities, and home-grown applications that that were never known to IT. One alternate approach is to create custodian-based data maps that are based on internal systems such as asset management systems, HR systems, and active directories, verifying their accuracy and supplementing the data sources through an interview process.

However, the biggest challenge—even greater than knowing where data lives—is being able to identify relevant information for either discovery or information management purposes. While search is often core functionality for any device or platform, counsel should be aware of scholarly research and court cases that have called into question the effectiveness of legacy search methods, discussed infra, including keyword search. When creating an information governance program, counsel should look for a platform that is able to utilize advanced search functionality, such as concept search and contextual analysis, alongside legacy search methods to ensure the most accurate results.

6. Reducing Costs and Risks While Building a Defensible Process Once a comprehensive data map has been created, there are many ways in which the cost savings to the corporate legal department can be quickly realized:

a. Protecting the Enterprise by Providing Better Advice. As discussed, the proliferation of email has resulted in yet another repository for matter-related information, and searching multiple repositories consumes increasingly more time—time that could be spent on more important tasks. In addition, email stored in users’ folders cannot be shared, leading to inefficient or incomplete information when working across a team, and the duplication of attachments needlessly causes further strain on storage. With multiple copies floating around, it is almost impossible to ensure that critical content is being managed effectively for records retention and that the organization’s email record policies are followed. In addition, when employees leave the enterprise, their inboxes are often deleted or lost as a matter of course, risking the destruction of legal records as well as the loss of critical intellectual property.

A wise solution, which would easily integrate into the information governance plan, is to create a unified repository for storing emails alongside other types of documents, by project, matter or other criteria. Counsel can then create a complete matter or project file, which can be easily shared across offices and managed for records retention. Email messages and documents can be searched, eliminating the need for



24

general counsel and staff to search multiple repositories to locate matter-related information. Once stored within the repository, emails and attachments can then be eliminated from email servers, reducing hardware and IT support costs while ensuring that unregulated copies of content don’t fall outside the control of the information governance program. Users can get a comprehensive view of the project or matter so new team members can be brought up to speed easily, while the risk of content loss through employee turnover is eliminated.

An information governance system also allows documents of any type or source to be grouped together by matter, essentially creating a mini-library. This “matter-centric” approach allows for less time-consuming research by both lawyers and business people. Additionally, by storing more than current legal documents in the library, such as other contracts, regulatory filings, and even relevant articles from law firm newsletters, corporate counsel can react to situations more quickly.

Full access means a fuller grasp of the issues, and easier access means that lawyers can gain that grasp more quickly. This increases responsiveness, and it improves the legal department’s perceived value among the business units. Furthermore, business is becoming increasingly global. More litigation is multi-district, more deals are cross-border, and more legal matters require legal teams to work across wide geographical distances and time differences. When all members of the legal team can collaborate and have full and easy access to—and can easily find—all pertinent information, the result is better legal work, faster.

The legal department can also establish and implement a single coordinated management and retention strategy to ensure the timely destruction of content, conserving storage costs while preventing the premature deletion of content that might put the enterprise at legal or regulatory risk.

b. Securely Managing Compliance Materials. Corporate counsel needs to be able to respond efficiently to information requests by regulators, aid the company in compliance, and provide content controls that can reduce the personal liability of the company’s officers under the Sarbanes-Oxley Act. With centralized record keeping, the board of directors, corporate secretary, and senior executives can have complete knowledge and accounting of all information presented and decisions made, significantly decreasing the time and financial cost of monitoring compliance.

An information governance system also allows users to find and re-find original documents and precedents. Especially in heavily regulated industries, the same file must often be produced multiple times—once for the original complaint, again for a subsequent regulatory review, and often a third time for a seemingly inevitable shareholder suit. With a comprehensive information governance platform, multiple productions can be managed in an efficient and consistent manner. In an era of changing electronic discovery requirements and heightened regulatory issues, self-contradictions can be expensive.

Companies employ records retention policies largely to enable them to appropriately and legally destroy documents that could potentially cause trouble later. By consolidating and organizing corporate information, an information governance system can help ensure that all records—including potentially risky ones—are destroyed on schedule, never to cause trouble. Conversely, an information governance system can also ensure the retention of documents that must be retained. Leaving documents in employees’ hands puts companies at risk of violating litigation hold notices or its own records retention


25

policies. And because it is difficult to know what he or she may have had on his or her hard drive, wiping the hard drives of terminated employees is especially risky. By storing all key information in an information governance system, companies can better retain (and destroy) appropriate documents.

c. Reducing In-House and Outside Counsel Expense Another benefit that a comprehensive information governance platform can provide to corporate counsel is increased visibility. By requiring all outside counsel to post their work product in a secure location within the enterprise’s information governance system, in-house counsel can gain incredible visibility across all matters and all firms it is currently managing. This also reduces the need of its staff attorneys to call outside counsel in search of information or updates.

Some legal departments have even set up “brief banks” to showcase their “best-in-class” documents and language. With these brief banks, attorneys don’t have to start from scratch every time with every matter, and they know they are using the best language. It is much easier to determine the most suitable, concise and clearest structure and wording for a particular matter. By using the information governance platform as a knowledge management tool, those best-in-class documents are stored in a convenient place and easily accessed by everyone who needs them, affording the attorneys the opportunity to create a better final work-product.

Either way, an information governance system enables law departments to buy less work product from their outside law firms. Work product that already exists can be used again without buying it again from a firm. Even if existing work product is not exactly on point, huge time savings can be gained by the head start provided by an already existing work. In this way, firms may “collaborate” with each other to assist the organization—without even communicating. The combination of a less burdensome workload and increased efficiency enables corporate counsel to do more with less and reduces the need to rely on outside counsel.

d. Managing the Matter File. Since no matter consists of only a single document, an information governance system allows lawyers and clients to manage multiple related documents in a single folder. In addition, a matter often outlives some members of the team that originally worked on it. With all documents in one single, searchable place, knowledge is no longer only in the head of the person who created it—the information stays in the system. Attorneys and businesspeople within the corporation will grow accustomed to doing a search when they need information, instead of picking up the phone or sending an email, and hoping that they are asking the right person. There will also be no question about what information has been gathered—it is all together. Often, as above, these similar documents can be used as templates for a new agreement; reuse of work product in this way saves substantial attorney time and ensures consistent work.

e. Early Case Assessment. Early Case Assessment (ECA) requires the right process, the right people, and the right technology in order to work effectively. Because effective ECA often requires investment before a controversy has even been identified—let alone what the amount in controversy may be—many attorneys find it counterintuitive. A willingness to spend money up front on ECA processes, however, will create significant savings over the life of the matter.

In addition to helping counsel determine the amount in controversy up front, or even determining whether a matter should be litigated at all, investment in ECA will reduce the volume of documents



26

requiring human review later on. The principal advantage of ECA is that it allows counsel to get real insight into the mass of data and determine the value of any claims against the enterprise, or even if those claims have any value at all. Additionally, the most advanced ECA solutions enable counsel to analyze data where it lives, prior to preservation and collection, reducing the time needed to understand the case to hours or days (from what typically took weeks or months!). This is even more important when one considers that the best time to settle a matter is often in the initial stages; a quick, early case assessment often affords a more sensible settlement, potentially saving millions of dollars.

In a typical workflow, ECA products are used after collection and before review, to assess case facts and estimate the scope of electronic discovery. However, the fact is that ECA should begin as early as possible—before lawsuits have been filed, before torts have occurred, perhaps even before products potentially causing problems have even left the drawing board.

“Early case assessment is a process. It predates eDiscovery and extends beyond the limits of EDD's range. ECA is a traditional aspect of the work done by in-house and outside counsel as they decide what to do about a new matter. It starts when the attorneys pick up the first whiff of a lawsuit, and covers a broad swath of potential preliminary decisions to make and actions to undertake.”7

Efficient ECA is worthy of its own analysis and is beyond the scope of this InfoPAKSM. However, successful and well-organized ECA processes cannot succeed without an information governance plan firmly in place; inversely, information governance must account for general ECA processes in order to be successful. Successful ECA requires counsel to ask, among other questions:

■ Do I have quick and ready access to electronically stored information? What content can help me better address the issues listed above?

■ What types of ESI are we going to confront? Email? Structured data? Office files (e.g., word processing, spreadsheets)? The contents of wikis, blogs, and other social media?

■ Where might the ESI be located? On what systems? In what geographical locations? Who knows about it, controls it, can get me to it, or can get it to me?

■ When do I need to begin preserving ESI? How should I do that? What forms of preservation should I consider? What legal hold process? How soon can I collect ESI for early analysis? Will it be part of a preservation process, or something separate?

■ Is there any portion of this ESI that I need to get to someone else quickly, and if so, in what form?8

Answers to all of these are much more easily found with an effective enterprise content management system in place.

f. Implementing Information Governance Policies. With a comprehensive information governance system in place, some of the enterprise’s most onerous tasks—document destruction, document retention, and litigation holds—become considerably easier and much more defensible. Counsel has an affirmative duty to avoid data loss or spoliation. One immediate need is to ensure that backup tapes or other storage media are not deleted or overwritten until everyone


27

is certain that such media are not subject to hold. In addition, as part of the implementation, counsel is solely responsible for creating a sound methodology for the management of litigation holds—one that is defensible, repeatable, and completely objective (and, ideally, automated).

Despite the numerous dire warnings and high-profile judicial sanctions, most enterprises still do not have defined processes that cover the document retention and destruction lifecycles, including notifying custodians not to delete information (and ensuring that the notification is obeyed). From in-house counsel’s perspective, litigation hold management alone may justify the time and expense of implementing the entire information governance system.

g. Storage Benefits In addition to version control and tracking, an information governance system enables existence of fewer versions of a document, saving the expense of storing a large number of residual versions and duplicates that remain when a team member emails each version to all members of the team. All these duplicates can also take up significant real estate on hard drives and backup tapes—every time one document is emailed to ten people, ten copies are sent to the email server. This can create an ongoing headache for the IT department, who must pay for storage and oversee and maintain the corporation’s records retention policy. The most advanced information governance platforms are able to manage data across the enterprise, across all repositories, and allow counsel to manage a single copy of a document through effective single-instance-storage, rather than having to worry about searching for and identifying multiple copies of the document.

The legal department, which is the ultimate stakeholder, should drive the information governance process. In most cases, IT will be responsible for the successful implementation of the software and systems, but effective information governance will require buy-in from all departments across the enterprise. One frequently overlooked consideration is that, by keeping attorneys responsible for supervising the process, it becomes much easier to maintain and assert attorney-client privilege.

IV. Legal Considerations: Leveraging Technology

A. Discovery Challenges: Rules, Regulations, and Case Law Unfortunately, the legal department challenges don’t simply end with budgetary and technology considerations. In recent cases, such as Pension Committee and Rimkus v. Cammarata, corporate counsel face unprecedented challenges as the rules and regulations are changing at a dizzying pace. It is necessary, but difficult, to keep abreast of the changes to the law and to separate the hype from the reality, especially with vendors often providing imperfect interpretations of the case law and modifying the definitions and requirements of defensible processes, legal holds, and early case assessment to meet their needs rather than those of the legal practitioner.

The biggest challenge for corporate counsel, as evidenced by the never-ending tide of litigation on the topic, is to meet the duty of preserving documents and enforcing proper legal holds.



28

1. Legal Background: The Duty to Preserve The duty to preserve potentially relevant electronically stored information (ESI) when litigation or an investigation is reasonably anticipated or in progress is well defined. The penalties for failure to preserve relevant ESI have included evidentiary sanctions, adverse rulings, and fines, not to mention negative media coverage. As part of a defensible process, corporate counsel must be able to issue, manage, and track the lifecycle of hundreds of legal holds simultaneously while ensuring all potentially relevant ESI is preserved.

While electronic data has been covered under the Federal Rules of Civil Procedure (FRCP) for well over 30 years, the December 2006 amendments introduced the concept of ESI, the early attention requirements, and the need for a systemized, repeatable, and defensible process for managing the eDiscovery process.

2. The Federal Rules of Civil Procedure (FRCP) The FRCP amendments of December 2006 were the most sweeping changes to the federal rules in more than 30 years. They were designed to provide guidance on dealing with the challenges of attempting to discover and produce electronic data. Although electronic data had been discoverable under the FRCP, and amendments did not modify the duty to preserve, the goal was to give litigants a framework for dealing with electronically stored information (ESI).

The amendment to Rule 34(a) defined electronically stored information (ESI) as “including writings, drawings, graphs, charts, photographs, sound recordings, images, and other data or data compilations—stored in any medium from which information can be obtained either directly or, if necessary, after translation by the responding party into a reasonably usable form.” The amended rules essentially codified the holdings of the Zubulake cases and promoted the need for systemization and defensibility around the discovery process. The amendments themselves can be broadly divided into requirements of early attention and a systemized process.

The FRCP amendments gave litigants the structure to deal with discovery of ESI in the federal court system. Most state courts have moved toward adopting either the FRCP requirements or their own set of requirements around ESI. Check with your local jurisdiction to determine what rules may apply to you, as this paper discusses the approach necessary for litigation in the federal court system.

a. The Early Attention Requirements The amendments requiring early attention include the pretrial conference of FRCP Rule 16(b), the discovery planning conference of FRCP Rule 26(f), and FRCP Rules 33 and 34, which speak to the form of production for ESI. The Judicial Conference Commentary on the Amendments stated that "[t]he proposed amendments to Rule 16, Rule 26(a) and (f) and Form 35 present a framework for the parties and the court to give early attention to issues relating to electronic discovery, including the frequently-recurring problems of the preservation of the evidence…." The rules committee was clear in making it understood that they viewed preservation of evidence as one of the most frequent challenges in the process.

The rules comprising the “early attention” requirements mandate that litigants take action early on in the


29

case, as early as 90 days after the case begins, to deal with eDiscovery issues. The meet and confer conferences of Rules 16(b) and 26(f) have their own set of requirements. The pretrial conference scheduling order of Rule 16(b) includes both “provisions for the disclosure or discovery of electronically stored information” and any agreements the parties reach for asserting claims of privilege or of protection as trial preparation material after production. The discovery planning conference of Rule 26(f) requires parties to discuss issues relating to the disclosure or discovery of ESI, including the form of production and any issues relating to claims of privilege, as in Rule 16(b).

Additionally, FRCP Rules 33 and 34 were amended to require litigants to deal with the form of production early on in the case, stating that “if a request does not specify the form or forms for producing electronically stored information, a responding party must produce the information in a form or forms in which it is ordinarily maintained or in a form or forms that are reasonably usable” and that a party need only produce ESI in one format. Rules 33 and 34 have a preference for native file production, but also allow the possibility that data may be produced as an image file that is text searchable with the metadata intact.

The overall goal of the early attention requirements is to empower litigants to attempt to resolve any potential eDiscovery issues early in the case to reduce time, effort, and cost of the discovery, review, and production of ESI. The early attention requirements also place a premium on parties being prepared for the pretrial and discovery planning conferences; counsel who are able to take an early look at their data to analyze facts and concepts will have an advantage over their opponents.

b. The Systemized Process Requirements The FRCP amendments that can be classified as those requiring a systemized process include the “safe harbor” provision of FRCP Rule 37(e), the reasonably accessible data and “clawback” provisions of FRCP Rule 26(b), and the opportunity for an opponent to have access to your network absent a defensible process of FRCP Rule 34(a). These amendments all share a common theme to fall under the theoretical protections provided: litigants must have a systemized, repeatable, and defensible process for managing eDiscovery.

The “safe harbor” provision of Rule 37(f) provides protection against sanctions for the destruction of evidence due to the “routine, good-faith operation of an electronic information system.” While there is much debate over how deep, or how shallow, the “harbor” is, this provision requires a litigant to have “routine” and “good faith” procedures in place for handing ESI—that is, litigants are required to have a systemized, repeatable, and defensible process in order to fall under the “safe harbor” protections.

The reasonably accessible data and “clawback” provisions of Rule 26 provide that “[a] party need not provide discovery of electronically stored information from sources that the party identifies as not reasonably accessible because of undue burden or cost,” and that “[i]f information is produced in discovery that is subject to a claim of privilege or of protection as trial-preparation material, the party making the claim may notify any party that received the information of the claim and the basis for it.” Rules 26(b)(2)(B) and 26(b)(5)(B). Rule 26(b)(5)(B) goes on to further state that ”[a]fter being notified, a party must promptly return, sequester, or destroy the specified information and any copies it has; must not use or disclose the information until the claim is resolved.” To invoke these protections, though, it is essential that the organization have a systemized, repeatable, and defensible process of handling ESI.

An additional concern is that Rule 34(a) allows an opponent access to your computer systems if you lack a defensible process. Although this Rule “is not meant to create a routine right of direct access to a party’s electronic information system, although such access might be justified in some circumstances.



30

Courts should guard against undue intrusiveness resulting from inspecting or testing such systems.” Much like the above provisions, to prevent opponent access to your computer systems, it is important that the organization be able to show that a systemized, repeatable, and defensible process of ESI identification, preservation, and collection.

3. The Duty to Preserve As stated above, meeting the preservation obligation is one of the biggest challenges corporate counsel face. With recent cases such as Pension Committee and Rimkus each renewing the spotlight on what is a defensible legal hold process, it is important that counsel are aware of their obligation and what is required to ensure a defensible process.

The duty to preserve is clearly defined and extends only to relevant information; neither the 2006 amendments nor recent case law have changed the scope of the duty. Though Judge Scheindlin’s Pension Committee decision made a big splash for holding that “the failure to issue a written litigation hold constitutes gross negligence because that failure is likely to result in the destruction of relevant information” in the Second Circuit, it is this discussion of the duty to preserve that is the crux of the case:

“By now, it should be abundantly clear that the duty to preserve means what it says and that a failure to preserve—records, paper or electronic—and to search in the right places for those records will inevitably result in the spoliation of evidence.” (Pension Committee v. Banc of America Securities, 2010 WL 184312 [S.D.N.Y.], at *1 [emphasis added])

Although the applicability of some of Pension Committee’s holdings has been questioned, the holding on the duty to preserve is universally applicable and did not change any of the prior decisions on the subject. Further, “[t]he duty to preserve evidence, once it attaches, does not extend beyond evidence that is relevant and material to the claims at issue in the litigation.” (Hynix Semiconductor Inc. v. Rambus Inc., 2006 WL 565893 [N.D.Cal., Jan. 5, 2006]), at *27, where the court reiterated the need for reasonable anticipation of litigation to trigger the preservation obligation.)

While some may argue that access to electronic data storage systems or search and collection would extend or expand the duty, this is simply not the case, and even as early as 2004, the Zubulake court held that there is no duty to “preserve every shred of paper, every e-mail or electronic document, and every backup tape…Such a rule would cripple large corporations.” (Zubulake v. UBS Warburg LLC, 220 F.R.D. 212, 217 [S.D.N.Y. 2004] [“Zubulake IV”])

In another notable recent case, Rimkus Consulting Group v. Cammarata, Judge Lee Rosenthal took a broad look at the preservation obligation and levels of culpability (2010 WL 645253 [S.D.Tex., Feb. 19, 2010]). The court discussed how it was difficult to draw bright-line distinctions between acceptable and unacceptable preservation efforts, as it is always done either prospectively or with the benefit and distortion of hindsight. Additionally, the extent of the duty to preserve also requires a careful analysis of specific facts and circumstances, with the acceptability of preservation efforts depending on reasonableness, proportionality, and consistency.

For another example of failures in meeting the preservation obligation, the Northern District of Illinois examined a defendant’s failure to properly issue a hold notice in Jones v. Bremen High School Dist. 228,


31

2010 WL 2106640 (N.D. Ill., May 25, 2010). The defendant failed to properly issue a legal hold on several fronts, waiting 2 years to notify all custodians of the hold obligation and failing to supervise and offer guidance from outside counsel as to what to preserve. These actions led to sanction-worthy spoliation of data. However, in contrast to Pension Committee, the court noted that: “In the Northern District of Illinois, a party's failure to issue a litigation hold is not per se evidence that the party breached its duty to preserve evidence.” Furthermore, the court held that “reasonableness is the key to determining whether or not a party breached its duty to preserve,” and though it may not be necessary or reasonable for a party to stop automated document disposition routines, they must take positive action to preserve material evidence.” The Jones court reaffirmed the idea that counsel must take affirmative action beyond a hold notice to ensure the preservation obligation is met. The case did not break new ground, as even in 2004, in the Zubulake case, the court held that “Counsel must take affirmative steps to monitor compliance so that all sources of discoverable information are identified and searched. …[and] counsel and client must take some reasonable steps to see that sources of relevant information are located.” (Zubulake v. UBS Warburg LLC, 2004 WL 1620866 at *8 [S.D.N.Y., Jul. 20, 2004])

Even with a hold notice being issued, the courts will look beyond the notice and ask litigants what they did to preserve the data. The Pension Committee, Rimkus, and Zubulake courts all made it clear that counsel must take “affirmative steps” to ensure compliance with the preservation obligation, but the question of what is a reasonable, affirmative step has not been resolved by the courts. It is clear, however, that doing nothing is unacceptable, and the courts have not hesitated to ask litigants what steps were taken to ensure that potentially relevant ESI was preserved. Highlighting the need to take adequate steps to preserve relevant information and to provide a complete audit trail when requested, the court ordered American Blind in Google Inc. v. American Blind & Wallpaper Factory, Inc., 2007 WL 1848665 (N.D. Cal., June 27, 2007) to provide declarations stating “what they did with respect to preserving and collecting documents.” (Emphasis in original). Despite assertions that preservation notices were sent to custodians, American Blind could not show additional efforts to preserve data, and the court determined they failed to meet the preservation obligation and ordered severe evidentiary sanctions and monetary sanctions.

Additional cases where the court required parties to outline steps in the preservation process include Exact Software North America, Inc. v. Infocon, Inc., 2006 WL 3499992 (N.D. Ohio, Dec. 5, 2006), where the court demanded that the company outline steps taken to preserve, search, and collect ESI in response to a discovery request and Samsung Electronics Co., Ltd. v. Rambus, Inc., 439 F.Supp.2d 524, 565 (E.D. Va. 2006), where the court used strong language in holding that “for a company merely to tell employees to 'save relevant documents,'... [was the] sort of token effort [that] will hardly ever suffice.” It is clear that litigation counsel should be prepared to document and provide an audit trail to the court, showing what steps were taken to meet the preservation and what was done beyond merely sending out a legal hold notice.

From Zubulake to the present cases, it is clear that in order to ensure defensibility of the legal hold process and meet the obligation, best practices suggest that a written hold notice be issued and that counsel take affirmative steps to ensure compliance with this. While there is no requirement of using technology to ensure that relevant information is located and preserved, it is clear from the cases on custodian self-collection that automation can greatly assist in the process.



32

4. The Courts and Custodian Self-Collection Custodian self-collection, where litigants ask individual employees (i.e., custodians) to determine potentially relevant data and preserve and collect that data, often fails to meet the systemized, repeatable, and defensible requirements of the FRCP amendments.

Self-collection is inherently risky because technical limitations, lack of legal understanding, and improper preservation techniques that modify or alter the metadata are all grounds for potential errors in self-collection efforts. Even with proper instruction and training, employees typically lack the expertise to determine relevance, preserve ESI, and collect ESI in a defensible manner. Furthermore, some employees may not understand or remember that relevant ESI may be stored as sent email messages or drafts of documents.

While custodian self-collection is generally not recommended, it may be useful in smaller matters with simple, well-defined issues, or with secondary or tertiary custodians. However, on the whole, self-collection will likely fail to comply with the FRCP requirements of a systemized, repeatable or defensible process. It is rarely systemized, as different criteria and search techniques will typically be used by different custodians across the same case. It may not be repeatable, as individual custodians must use their best judgment for preservation, leading to inconsistent results across cases. Additionally, self-collection may not be defensible as counsel who rely on custodian self-collection cannot have confidence in the accuracy and thoroughness of the process or determine how much relevant information custodians may have intentionally or inadvertently failed to produce.

Additionally, many courts take an unfavorable view toward custodian self-collection and question whether such a process can be defensible absent the necessary precautions to verify the accuracy of the search. In Cache La Poudre Feeds, LLC v. Land O’Lakes, Inc., 2007 WL 684001 (D.Colo., Mar. 2, 2007), the court faulted Land O’Lakes for directing employees to produce relevant information and relying on those same employees to exercise their discretion to determine what was relevant. In Wachtel v. Health Net, Inc., 2006 WL 3538935 at *8 (D.N.J., Dec. 6, 2006), the defendant “relied on the specified business people within the company to search and turn over whatever documents they thought were responsive, without verifying that the searches were sufficient.” The court held that this process was “utterly inadequate” as “many of these specific employee-conducted searches managed to exclude inculpatory documents that were highly germane to Plaintiffs' requests.” Whether or not HealthNet employees were self-filtering, inculpatory documents were not produced and the defendant was held liable for this omission.

What the cases do show us is that if custodian self-collection is used, it is essential that an organization monitor employee compliance with legal holds, as courts have held the organization liable for the bad faith of individual employees, highlighting the need to quickly preserve potentially relevant data. In larger cases, such monitoring can prove impossible as individual monitoring cannot scale, highlighting the benefits of automating the preservation process. For example, in Hawaiian Airlines, Inc., 2007 WL 3172642 (Bkrtcy. D.Hawaii ,October 30, 2007), the court held a party liable for spoliation by a custodian, in opposition to the legal hold that was issued and acknowledged, holding that “Mesa facilitated [the witness] misconduct” because it made no effort to preserve the data beyond the notice. The court said it was not reasonable to simply tell the witness to preserve evidence and trust him to comply.


33

B. The Challenge of New Media: Voice, Video, and Social Networking The challenge facing corporate counsel in managing ESI is well documented. Additionally, this challenge only increases with a 60% annual growth rate for unstructured data.

The web and websites have always presented a challenge for counsel, as it is often difficult to capture data from a point in time for any dynamic site. Those challenges, however, are dwarfed by the challenges facing corporate counsel around the areas of social media and rich media. Worldwide, there has been a dramatic increase in the use of technologies such as Facebook, Twitter, YouTube, LinkedIn and many other websites; in fact, we often read about these social network and media sites in the news (or while visiting their pages). On top of that, the rapid adoption of advanced corporate communication packages including unified messaging/communications and video/web-conferencing has further added additional data sources. Though counsel could hire outside counsel or outsourced reviewers to visit social media sites searching for relevant content or listen to every voicemail or web-conference recording, this just is not practical. Currently, the most common approach is to turn a blind eye to these data sources, but with increased media attention, increased levels of technical expertise in the judiciary, and the FRCP definition of ESI, this would not be a recommended course of action.

The main challenge facing corporate counsel when dealing with social and rich media is determining how to search, identify, analyze and manage the information they provide. While the majority of search platforms can manage and understand emails, office documents, PDFs, and other more traditional forms of ESI, almost all platforms fail when it comes to searching and identifying relevant information across the web. Compounding the challenge, there are even fewer platforms, still, that are able to analyze and understand rich media formats such as audio and video. In searching for the right technology platform to manage the eDiscovery and information governance processes, counsel should look to solutions that can handle these data sources, as all signs point to the fact that social media and rich media will become more and more a part of everyday life in the corporate world. Compound this with the fact that counsel should be aware of the same search limitations around legacy versus advanced search techniques that becomes even more apparent when dealing with the more casual and conversational means of communication provided through social media sites, audio and video.

Social media use is on the rise. The popularity of sites such as Facebook, Twitter, YouTube, and LinkedIn, to name but a few, is rapidly rising. With users in the hundreds of millions, it is likely your employees are using these sites. Additionally, in many cases, your marketing and public relations group is also using social media sites as a way to reach customers, increase business, and maintain a favorable public profile. However, despite the rise in popularity, there is a darker side to the use of social media: it is often extremely difficult to monitor these sites to ensure corporate policy and regulations are monitored/maintained and to ensure that reputation remains intact.

In the United States, there is no doubt that the FRCP requires production of any and all relevant data, including ESI, which includes “other data or data compilations stored in any medium from which information can be obtained.” Clearly, social media sites are covered under this description—after all, their main purpose is generally to be data compilations from which information can be obtained. The only challenge facing corporate counsel is how to do so effectively. With cases that have already looked at the need to maintain, find, and produce audio recordings and web pages that are relevant to a given litigation, there is little to be gained from simply attempting to argue that social media sites and rich media should not be discoverable.



34

In many cases, much of the commentary and information on social media sites is publically available and can be manually searched for. Though this is time-consuming and difficult, there is a need to search for relevant data when there is the possibility that custodians are using these sites. Manual investigations are not scalable, however, and counsel should look to the emerging group of technology solutions that can address their needs around social media as well as easily integrate into their existing eDiscovery and information governance practice.

This challenge is only compounded by the requirements of the Civil Procedure Rules in the United Kingdom (CPR), the Federal Rules of Civil Procedure in the United States (FRCP), as well as a myriad of other regulations including the FSA COBS 11.8 and the recent FINRA regulation requiring that these sites be monitored. While there is limited case law on how counsel must manage these data sources, they need to be aware of the need to monitor, track, and potentially manage employee use of social media and networking sites. The use of these technologies has the potential to create a gaping hole in an otherwise sound eDiscovery and information governance program, including the potential for spoliation and issues around the litigation hold. While one could argue the use of these sites should be prohibited, most organizations are finding that the benefits outweigh the burdens. That being said, counsel should be prepared to interview custodians and ask questions about their use of social media sites, as well as be prepared to perform discovery on their use, with the potential to require subpoenas and motions to get evidence. Corporate counsel can look toward regulators for some guidance on social media—with the recent FINRA regulations covering social media sites, guidance from the FSA on audio recordings, and a rising cacophony from EU privacy regulators on privacy issues and management of data, a spotlight is focused on social media, and it will likely not be long before there are court decisions on the topic.

C. Inside Counsel and Outside Counsel: An Evolving Relationship The ongoing challenges of the economy and massive volume of ESI are having a profound impact on the relationship between inside and outside counsel. Corporate counsel’s priorities have been reset to focus on cost containment while managing risk and facing more scrutiny of compliance with rules and regulations. Simply put, counsel are being asked to do more with fewer resources. One of their most important and valuable resources are their outside lawyers, and so in turn, outside counsel is being asked to do more with less.

The key for corporate counsel and outside counsel to work more effectively to meet their common objectives is looking to new and more effective approaches of managing litigation and associated discovery management, arguably one of the most costly areas of legal services. Additional concerns include addressing the common conflicts that arise in this realm, such as the fact that outside counsel are typically more conservative than their clients about litigation. When litigation is anticipated they prefer that clients act quickly to preserve any and all potentially responsive ESI to avoid risk of spoliation and sanctions. However, if corporate counsel view the dispute as weak on merits, they may not want to disrupt the organization with electronic discovery or start amassing voluminous amounts data that they will then have to pay to have reviewed.

When it comes to litigation review, in-house counsel are requiring their outside law firm to use more cost effective methods and resources. For example, they are interested in new approaches to review, such as computer-assisted review with bulk tagging, and combined keyword and conceptual search with meaning-based analysis to find critical documents faster. They are requiring contract reviewers that offer


35

lower costs, preferred hosting providers with negotiated and alternative fee arrangements. Some law firms find these approaches difficult to quickly adapt to. They are falling behind those that are embracing change and generating more value in their relationship with clients by supporting their objectives.

Lawyer and renowned author Richard Susskind suggests that lawyers ask themselves what elements of the current workload can be done faster, cheaper, and better. He reveals that inside counsel are asking their outside counsel to jointly utilize new methods of working and cautions that in-house legal will “no longer tolerate expensive lawyers for tasks that can be done with the support of modern systems and techniques.”9 Mr. Susskind posits that change will be driven in a meaningful way by the uptake of new and disruptive legal technologies, sparked by the demands of in-house counsel. For entrepreneurial lawyers, he foresees different legal roles and jobs emerging which may be highly rewarding and very different from those of today.

1. Doing More with Less Conventional approaches to eDiscovery and litigation review include a number of manual tasks—low-hanging fruit for automation and efficiency gains. For example, the litigation hold lifecycle, including hold notifications, data preservation, and data collection, is largely a manual process, \ involving long lists of names and email addresses, and requiring manual tracking of acknowledgements and follow up. Collection is typically the burden of the IT department, who have the tools to take snapshots of data for collection. This method is disruptive to the IT team as well as to the custodians. Another common approach is custodian self-preservation, a method that is time consuming for custodians and fraught with risk.

Outside lawyers are increasingly uncomfortable with manual approaches to legal hold due to the risk for client and law firm should any failures occur in the process. Process failures such as custodial deletion of data, lost or overwritten backup tails, or the failure to send hold notification to custodians have lead to now infamous fines and sanctions. The good news is that new methods and tools are available to automate the full litigation hold lifecycle, from notification all the way through to collection, that produce great savings in time and dollars, reduce risk and keep inside and outside counsel apprised of the status of legal holds.

Outside counsel can greatly assist clients in defining legal hold policies, preparing documentation, and validating the reasonableness and defensibility of the system. Together with corporate counsel, the extended legal team is best served by an approach and technology platform that is flexible enough to adapt to changes in the legal issues and scope, such as a narrowing of date range or changes to key terms, issues and custodians. Inside counsel should look for a tool that is able to make changes in legal hold policies, notifications, preservation, and collection immediately, in real-time. This is critical to demonstrating good faith efforts to meet the legal duty to preserve and reducing risk of spoliation.

A second area to improve upon manual tasks for efficiency gains is review. Review is largely a manual process, whereby each document is read by a legal professional trained for review or investigation. The process is manual even if the reviewer is reading it and coding it on a computer. It’s often referred to as ‘”linear review” because the reviewer is typically reading through a custodian’s documents in chronological order, for example reading through their (e)mail box or folder of electronic documents from a shared computer drive. The reviewer is reading and looking for documents that are privileged or



36

confidential, responsive or non-responsive and coding them as such.

With ever increasing volumes of ESI, this approach is causing review costs to skyrocket and sometimes even exceed the amount in controversy. This causes parties to move to settle, not based on the facts, but rather on the cost of discovery. Justice is not served and Rule 1 of the FRCP, “just, speedy and inexpensive discovery,” is not met. A recent survey of inside counsel presented at the 2010 Civil Litigation Conference reported that among the companies surveyed, spending on discovery averaged 16 to 24 cents of every dollar of profit.10 Discovery review is the largest piece of the litigation budget, and inside legal are highly motivated to reduce this cost. However, many corporate counsel feel that outside counsel have not been proactive enough in addressing this issue, initiating discussion with their outside counsel about review methods and costs.

One approach to reduce eDiscovery review costs is to improve efficiency through non-linear review that integrates advanced concept searching, contextual analysis, and automated clustering. Non-linear review is the process of reviewing documents that have been grouped together by computer technology based on common themes, patterns, and context. The groupings are the result of conceptual search running simultaneously with keyword search. This provides a more conceptually connected set of information for the reviewer to quickly evaluate for responsiveness, privilege and confidentiality, among other things, and apply codes or tags in bulk across sets of documents, greatly speeding the review process.

Automated technology exists that has the intelligence to understand the meaning of the data and automatically group together documents with shared concepts and context. For example, if a reviewer searches “shred” to find documents about shredding files, it will also find documents about shredding files and related ideas such as deleting documents and disposing of files. It will also find documents about shredding other things, like cheese and lettuce, and identify these as a group. When the reviewer reads these documents and sees the commonality among them, review goes much more quickly and enables bulk coding or other efficient and proactive coding methods. Additionally, the ability for the review platform to understand meaning and context allows the technology to assist by automatically suggesting coding for the current document based on past decisions.

Using advanced, non-linear review has seen dramatically improved efficiency in the review phase, with an increase in review speeds by more than 300 percent over traditional methods.11 The potential for reducing review costs is so compelling that many inside counsel are initiating discussions about utilizing new methods for review with their litigation firms.

2. Streamlining the End-to-End Process Corporate legal departments and law firms face significant obstacles to achieving a fast and cost effective eDiscovery process. The most common one is the dependency on multiple, disconnected methods and tools to complete the process, including manual tasks, home grown in-house tools, and services and platforms from different technology providers or outside counsel. It is often not uncommon for an organization to use a combination of three to five tools and services, one for issuing hold notices and another for tracking them, one for collections, one for processing, one for pre-review and finally one or more for review and production. Moving from one tool or service platform to another requires costly and time-consuming data hand-offs or conversions and an information exchange, not to mention creating multiple copies of data which must be managed as part of a comprehensive records and information management program.


37

With such a disjointed process, it is difficult for lawyers to get a 360-degree view of the entire process. This makes it extremely challenging for outside counsel and a 30(b)(6) witness to explain the process to the court or an adversary in a satisfactory manner. It creates unnecessary risk of eDiscovery disputes over the approach, process, or methods in-house and outside counsel utilize. One solution that is gaining acceptance is the use of a single platform providing end-to-end eDiscovery and information governance with the ability to create comprehensive and detailed reports to track the data at each step of the process, enabling organizations to demonstrate an auditable and defensible practice in accordance with the Federal Rules of Civil Procedure (FRCP).

Because disjointed tools lack the ability to form a unified, conceptual understanding of the data, they are unable to streamline the process of quickly identifying and holding only relevant information for each case. As a result, in a process where speed and accuracy are of paramount importance to success, law firms are often left with their hands tied while they wait for access to their clients’ data. And clients are frustrated by the delay in obtaining a fact-based assessment of the matter. Many are looking to bring more of the eDiscovery process in-house.

Streamlining the end-to-end eDiscovery process can be one of the most beneficial initiatives to undertake with your outside counsel. Approaches to streamlining the process include moving to a single platform for most, if not all, of the tasks across the EDRM, and sharing that platform across inside and outside counsel. By linking together the processes, tools, and people—using them on a common platfor—inside and outside counsel can jointly transform a slow, reactive, manual and costly process to one that is fast, proactive, automated and cost-efficient.

For example, a streamlined platform that provides legal hold notification, preservation, and the ability to discover data in place allows inside and outside lawyers to securely access preserved ESI. With such rapid access, inside or outside lawyers can make a fact-based assessment of the matter and substantially compress the timeframes and costs associated with eDiscovery. Many organizations and firms are making this change today and already saving money on every matter.

A streamlined process on a common platform links inside and outside counsel with the benefits of greater efficiency and effectiveness, and reduces the risks associated with disjointed methods and tools. Utilizing an end-to-end platform that can directly chain together corporate legal departments and their law firms enables inside counsel to take a more proactive approach to managing ongoing eDiscovery with better visibility and support from their outside counsel.

3. Predictability and Standardization in eDiscovery Litigation is, by nature, ad hoc and unpredictable; however, corporate counsel are seeking to move toward greater control and predictability over eDiscovery costs. One approach is to understand the organization’s litigation profile and scope of discovery, identify the elements of the process that are repetitive and predictable, and create standards and protocols for repetitive tasks, thereby reducing inefficiencies. This defined process avoids reinventing the wheel for every matter and reduces costs, risk, and time to respond.

For law firms, the conventional approach has been to focus on a single matter at a time. The movement toward standardization requires outside counsel to take a more holistic view of their client’s litigation needs. Corporate counsel have a more complete view of their litigation portfolio, but typically do not dive into the details of each step of the process, leaving that to outside counsel. On the other hand,



38

outside counsel are intimately familiar with discovery in a particular case or group of cases but may not see the client’s breadth of matters to recognize opportunities to standardize.

In the face of large and ever growing volumes of ESI, inside counsel are introducing new procedures in the eDiscovery process to reduce the amount of data that is collected and the amount that is reviewed. Methods such as Discover-in-Place that enable culling before collection and conceptual, meaning based early case assessment with intelligent culling of collected data are being introduced as standard protocols in eDiscovery. A survey by Cogent Research reported that conducting thorough ECA reduced expenses by 28-50% and was found to assist attorneys in their ability to prepare a more accurate litigation budget.

Are these new methods of intelligent culling before review considered reasonable and defensible by the bench? Yes—provided the process is well documented. In September 2006, U.S. Magistrate Judge John M. Facciola, a leading national voice on eDiscovery, commented on the practice of triaging out non-responsive documents on a regular basis before review, writing:

“It’s hard to imagine a greater waste of money than paying a lawyer $250 an hour to look at recipes, notices of the holiday party, and NCAA Final Four pool entries while doing a privilege review. A company that permits that situation to occur is wasting its shareholders’ money as surely as if it were burning it in the parking lot.”12

Many lawyers will say that no two legal matters are the same and each must be considered and managed based on its unique facts and merits. While that is genuinely true for managing legal strategy, what is also true is that the basic tasks in discovery are common across a wide variety of legal and regulatory matters. Although outside counsel may, at first, hesitate to concur that these tasks are repetitive or can be done on a single platform utilizing standard methods and tools, forward thinking lawyers are embracing this change. It allows them to focus more on the facts and deliver real value to clients, and avoid complexities of uncontrolled, expensive and risk-laden eDiscovery. Repetitive and predictable tasks can be transformed into a series of steps and procedures. These can then be automated and standardized across a range of legal matters. Collection and ECA are good candidates for automation and standardization. They will provide hard dollar savings to organizations when an ad hoc approach is replaced with a standardized process. The net result is that less data will be reviewed and the process will be less disruptive to the organization.

One of corporate counsel’s chief complaints is the tendency to over-collect to ensure broad preservation and avoid sanctions under the FRCP. By standardizing this highly repetitive process and utilizing intelligent search and real-time policy tools, the process will better align with the needs of the business and outside counsel’s concern over risk of spoliation and quicker access to data. By implementing standard methods across the EDRM that enable good faith efforts and utilize advanced software tools, the law firm can deliver more value in their legal services and more readily argue that the eDiscovery process meets the FRCP standards for reasonableness.


39

4. Summary: Opportunities to Improve the Corporate Counsel/Outside Counsel

Relationship The relationship with outside counsel is one of the most important to the legal leadership team. As the economy begins to improve and modest growth returns, many organizations are cautious about adding resources to support their growth. Legal departments are following suit and adopting new methods and tools to increase productivity of current staff and streamline linkages with outside counsel to gain cost advantages in a reasonable and defensible manner. For example, they are:

■ Automating manual tasks such as internal legal holds and review conducted by outside counsel;

■ Requesting that outside counsel leverage nonlinear review methods including conceptual search and meaning-based, computer-assisted tagging and coding to reduce the cost of review;

■ Engaging with outside counsel to identify repetitive tasks, such as collection, processing, ECA, and bringing some in-house;

■ Standardizing and automating the collection and culling processes, utilizing conceptual, meaning-based technology to reduce data volumes needing review by as much as 50%;

■ Linking together inside and outside counsel on a single platform to access client ESI. This allows law firms to provide new services to clients such as 48-hour early case assessment or outsourced legal holds, dramatically changing the landscape of corporate risk.

■ Moving to a single platform across the EDRM to reduce the number of disjointed processes and reduce the cycle time so outside lawyers can quickly make a fact-based assessment of a matter. A single platform also eliminates the need for inefficient handoffs of information between technology and service providers.

■ Streamlining and simplifying the process on a single platform to better comply with FRCP requirements and help outside counsel avoid sanctions.

D. Court and Academia Acceptance: Defensible Search Technology At the core of any eDiscovery or information governance solution is the ability to find and understand information and identify it as relevant. This requires robust search capabilities, and in addition to robust capabilities, the search process must be defensible and reasonable. For example, in meeting the preservation obligation, litigation counsel must take reasonable steps to identify and preserve relevant information. The challenge that counsel face, however, is that there is no static or cut-and-dry definition of reasonableness. What is reasonable in one case may not be reasonable in another, and what is reasonable today may not be reasonable tomorrow. The FRCP and Federal Rules of Evidence talk of reasonableness and the case law defines reasonableness. Though it is a moving target, counsel should be aware of this requirement.

One area where technology has rapidly advanced over the last several years is search and identification technology. Legacy methods including keyword and Boolean search techniques have been joined by proximity searches and fuzzy searches as well as by advanced search techniques including concept search, contextual analysis, and automated clustering. Corporate counsel face a myriad of challenges when trying to determine what search techniques to use.



40

However, recent scholarship and case law has examined and discussed the effectiveness of different search techniques, including the legacy standard-bearer, keyword search. The result of some of this research is quite interesting and it has been shown that keyword searches may identify only 22% of relevant documents.

1. The Challenges of Relying on Legacy Keyword Searches The limitations, shortfalls, and over-inclusiveness of keyword and Boolean search have been documented in numerous papers.13

“A Boolean search is an exact-match engine in that a Boolean search engine will only return documents that exactly match the query, and the documents will be returned in no particular order….If “AND” is used, then the engine will retrieve only documents which contain every term so joined. Such queries generally return too little. If “OR” is used, then the search engine will return any and every document which contains any one or more of the so joined terms. Such queries generally return too much….”

“In short, language is a ‘form of life.’ Others have catalogued types of indeterminacy arising from this truth. Thus, it is not surprising that lawyers and those to whom they delegate search tasks may not be particularly good at ferreting out responsive information through the use of simple keyword search terms. Furthermore, people make up words the fly, including new codes that function as language. People in different parts of the country, in different parts of an organization, or in different age groups devise their own private languages for the context of their then current environment. For example, what does POS mean? What is 1337?”

Though legacy search techniques including keyword, Boolean, and stemmed searches are considered the standard-bearer for eDiscovery and compliance related searches, the ineffectiveness of these techniques is well documented. In the NIST-TREC studies, keyword searches were shown to find approximately 22% of the potentially relevant data, missing 78% of relevant documents, while also returning an inordinate amount of non-relevant data. Keyword searches will also often fail to find or identify documents with slang, abbreviations, or misspelled words. While many have argued that keyword searches are the standard, it is questionable whether or not a technique that returns on 22% of relevant data and information can truly be considered reasonable. A better approach is required to find all potentially relevant documents and comply with the requirements of a defensible process under the FRCP and case law.

2. A More Defensible Approach: Combined Searches Using Concept, Keyword and Boolean Search with Contextual Understanding

While keywords and term lists will most likely continue to be the basis for negotiation with the opposing side at the meet and confer, it does not mean that keywords and term lists are defensible when searching for relevant data to meet the preservation obligation. There is a strong argument regarding work product when one is using concept search, contextual analysis, and automated clustering technology, which may


41

prevent one from negotiating on concepts. However, the value of using advanced technology internally to meet the preservation obligation outweighs the potential risks.

Corporate counsel examining their eDiscovery and information governance programs need to create an approach that is systemized, repeatable, and defensible through technologies that are able to understand the content of any type of information—text or voice-based, structured or unstructured—regardless of where it is stored, of the format in which it was created, or the applications associated with the data. There is ample scholarship to support the argument that organizations can rely on an approach that combines advanced concept search alongside legacy techniques such as keyword and Boolean search.

The key concern for any organization is whether their search techniques and categorization methodology are reasonable, as reasonableness is the standard that will be applied to the review of process. The Zubulake court held that “[i]t is not sufficient to notify all employees of a litigation hold” and that counsel “must take affirmative steps to monitor compliance so that all sources of discoverable information are identified and searched.” However, the court noted that it may not be possible to locate all data and that only reasonable steps were required. “This is not to say that counsel will necessarily succeed in locating all such sources, or that the later discovery of new sources is evidence of a lack of effort. But counsel and client must take some reasonable steps to see that sources of relevant information are located.”

Recent US cases point to the potential pitfalls of relying on keyword searches alone and question the reasonableness of such searches. In Victor Stanley, Inc. v. CreativePipe, Inc., WL 2221841 (D.Md., May 29, 2008), Magistrate Judge Grimm wrote that “[a]ll keyword searches are not created equal; and there is a growing body of literature that highlights the risks associated with conducting an unreliable or inadequate keyword search or relying exclusively on such searches for privilege review.” This case highlights the risks of relying on keyword searches alone, as the keyword searches missed privileged documents. These privileged documents were produced to the opposing side, and Judge Grimm held that privilege was waived due to an inadequate process. The Victor Stanley case highlights the defensibility challenge of keyword searches and provides counsel with a better understanding of the unreliability of legacy search methods.

In addition to the challenges to legacy keyword searches, other cases have shown support for advanced search (e.g., a conceptual search), such as that offered and used by Autonomy. In Disability Rights Council of Greater Washington v. Washington Metropolitan Transit Authority, D.D.C., 2007 (June 1, 2007), 242 F.R.D. 139, Judge Facciola discussed the search and review of a large amount of data, relevant to the situation PMI is currently facing. Judge Facciola pondered “how will [the large volume of ESI] be searched to reduce the electronically stored information to information that is potentially relevant?” He went on to state that “[i]n this context, I bring to the parties' attention recent scholarship that argues that concept searching, as opposed to keyword searching, is more efficient and more likely to produce the most comprehensive results.” Courts are beginning to recognize the value of conceptual search technology to ensure the most comprehensive results.

As with all cases, it takes some time for precedent to develop and for more courts to become aware of the technology benefits of advanced search. While it will often be necessary to educate the judge regarding technology, there are many reasons to do so. In addition to making the judge aware of the benefits of using advanced search (including reduced cost, greater accuracy, and a more defensible process), counsel choosing and utilizing advanced technology can greatly reduce costs.

However, other courts have begun to take notice of the studies and precedent regarding search technology and defensibility. In Asarco, Inc. v. United States Envtl Prot. Agency, 2009 WL1138830



42

(D.D.C. Apr. 28, 2009), the plaintiff contended that the defendant’s keyword search was conducted in bad faith as and the court ordered an additional keyword search utilizing additional terms. However, most importantly, the court clearly stated that “keyword searches are no longer the favored methodology” based on other decisions and scholarly research. The Asarco case highlights the changing view of the judiciary toward keyword searches and makes it clear that counsel should begin to look at other technologies, such as concept searching and other advanced search methodologies.

3. Defensibility of Your Process The Federal Rules require that a litigant be able to search all types of electronic data. This includes not only email, office documents, spreadsheets, and other text-based documents, but also voice, video, and multimedia data. The eDiscovery solution/technology utilized needs to be able to search the entire document or file, including the metadata, without altering the metadata.

Another important idea is that the technology should be able to withstand legal challenges in court. While there are the Daubert/Frye challenges to technology, these have yet to be used outside of traditional criminal law cases. However, it is important to choose a vendor with a track record in the space and the expertise and technology to support your needs. Counsel should look for a strong history of litigation support and use in countless thousands of cases, including hundreds of cases that have gone to trial, to ensure that the technology is battle tested and proven.

E. Information Governance Enterprises today produce ever-increasing volumes of information in varying forms and formats. Compound annual growth rates in the enterprise are estimated at 60% and will result in a six-fold increase in the volume of electronic information through 2010. (IDC Enterprise Disk Storage Consumption Model report, October 2008). Since 2004, the world economy began producing more transistors (core building blocks of computer chips) at a lower cost than grains of rice. This latter event enabled rich media such as voice and video to become a part of enterprise information infrastructures, along with continued increases in messaging channels, unstructured office content, and structured/transactional content. Finally, corporations today rely heavily on several information types, for even the simplest transactions.

A given process often requires the use of general office documents, email, transactional content, and voice for execution. As noted throughout, these data sources are discoverable for eDiscovery purposes, and present their own distinct challenges. These data sources should be considered in light of information governance functions, which need to seamlessly manage and analyze all of this disparate information to be effective. Understanding all of this unstructured information is a core requirement for any plan to effectively govern and enforce associated obligations.

1. Background Enterprises have always had a requirement to preserve documents and records for the long term to satisfy compliance, legal, and knowledge management requirements. The history of records management is centuries old and has previously been concerned primarily with managing paper documents. In the last decade, however, there has been a dramatic switch from paper to the use of a wide range of electronic media as the preferred method of communicating within businesses. Electronic


43

information is quicker to create, quicker to transmit, and quicker to respond to. It is also easier to transport, access, copy, modify, and duplicate. Enterprises are now completely dependent on electronic information and communications.

The benefits of this reliance on electronic operations are obvious, but there are also challenges to be addressed relating to storage, rights of access, accuracy, availability, and disposal of information. An enterprise’s information belongs to the enterprise and should be treated as a corporate asset, but it is often treated as personal data as if it belongs personally to staff members. It is imperative that control of vital information be retained by the business.

In addition to the growth of electronic information, executives in every sector, both public and private, have seen a huge increase in their regulatory and legislative responsibilities over the last eight to ten years. These responsibilities have arisen for three main reasons:

■ The need for new or modified legislation to address the increased use of electronic information.

■ The need to demonstrate fairness and good governance in business practices following a number of high profile and well publicized business scandals such as those at Enron, Tyco International, Adelphia, Peregrine Systems, and WorldCom.

■ An increase in the rights of individuals to obtain enterprise information being held by businesses and other entities (e.g., through litigation).

These factors have placed a huge new responsibility on the enterprises and, in many cases, specifically on the senior management of the business who may be held personally responsible for the retention and disposition of information under certain legislation.

2. Information Governance and its Role in eDiscovery Discovery activities associated with litigation or regulatory inquiries are often viewed as a completely separate process from accessing or managing enterprise information for other purposes. While discovery presents certain unique requirements, in essence, the ability to identify, access, and produce information is similar to other challenges. For example, entities subject to FOIA requests must have the ability to identify relevant information and produce it within a reasonable period of time. Additionally, records needed to fulfill audit requirements must be located and reviewed to verify compliance with internal or external policies.

Establishing an approach and set of solutions that effectively governs information beyond discovery obligations will provide greater efficiencies and effectiveness while reducing costs and risks for the enterprise. As the legal and regulatory environment for most enterprises becomes more rigorous, significant obligations on all types of content and information channels will only make a comprehensive approach more necessary. Entities need to find methods to address these disparate needs if they are to effectively manage risk and drive the value of information within their environments. Achieving this objective can start with the items outlined below:

■ Understand the Information You Have. The basis of any effective information management strategy is using methods to understand content. Establishing what a given piece of information means is a predicate to managing almost any obligation. For example, entities have to establish that a given document is a contract to apply the appropriate retention paradigm and understand the parties and content in an email to appropriately preserve and



44

discover it.

Understanding information is also imperative for organizations to evaluate risk at a given point in time. And while many organizations have well-developed quantitative risk management programs, few are focused on qualitative risks—especially those that arise in unstructured content.

■ Leverage a Scalable, Defensible Platform to Automate Traditionally Manual Processes. Historically, enterprises have relied heavily on manual methods to understand, organize, and manage information. When content volumes and complexity were more limited, this method, while difficult, was at least minimally sufficient. Today, and into the future, a model that relies so heavily on manual methods to understand the growing volume and complexity of information will likely fail.

Computing power and advancements in software analytics now provide solutions that can automate these traditionally manual processes. These advanced solutions go far beyond the legacy methods of information governance and eDiscovery, providing users with the ability to understand the meaning of information and eliminating the risks and failures of manual and keyword-based searches. This ability to understand meaning in the same way human beings do allows enterprises to address some of the most critical information risk areas through automation and understanding, while also meeting the FRCP requirements of a systemized, repeatable, and defensible process.

■ Make Your Information Governance Multi-Channel. The information used by organizations to conduct normal operations often arises and moves through more than one channel. Many business transactions may occur on the phone, over email, or through a web channel, as well as through social media sites. In fact, some individual transactions may incorporate elements of all of these channels. Corporate counsel must be prepared to address the multi-channel nature of information, especially as future technologies will continue to evolve in this area and a larger share of the population becomes technology-savvy. Additionally, the fact that the FRCP now covers all forms of ESI makes it more important than ever that counsel are prepared to manage this information for both eDiscovery, governance, and regulatory purposes.

■ Apply Automated, Policy-Driven Control. Over the past decade, most organizations have developed policy manuals and outlined, documented controls for information. However, despite these well-documented controls, actually applying them to relevant information is often lacking and presents a risk for corporate counsel. By leveraging a single platform for both eDiscovery and information governance, utilizing advanced technology to understand the meaning of all formats of information, counsel can implement new policy through the technology itself. For example, once a given piece of information is established to be a corporate record or relevant to litigation or investigation, policy can be invoked to assign a retention period and place appropriate controls on the information. Policy-driven controls can also apply several different rules if information is subject to more than one set of obligations. Finally, policies can help proactively identify information that may violate regulatory, statutory, or corporate rules and alert compliance officers, lawyers, or other responsible parties to mitigate potential risk.

■ Ensure All Content is Searchable and the Technology is Forensically Sound. Counsel must be able to access the breadth and volume of information throughout the organization, regardless of location or format. As noted, the FRCP requires that all forms of data, including


45

all forms of ESI, be searched for relevant information in order to meet the preservation obligation; furthermore, in order for counsel to enforce an effective information governance program, all forms of information need to be searchable. This is critical both for compliance and regulatory purposes. Many search engines available today miss relevant information because of performance-enhancing shortcuts designed to improve the response time and relevancy of information access requests from employees, such as partial indexing, metadata-only indexes, or jump-outs in the search results. Additionally, many search engines alter metadata when building an index, particularly the time when a document was last accessed, which could be crucial evidence in litigation. When these shortcut techniques are applied over even a modest number of files, the result is an arbitrary and incomplete set of documents. The inability to assess all relevant data and quickly develop an informed initial case strategy creates additional risks, and prevents enterprises from accurately assessing their position in a given matter. In order to protect themselves and the enterprise, corporate counsel should ensure that any technology chosen for the search and identification of relevant data for both eDiscovery and information governance purposes provides not only a full index of the data but also that they ensure that the index is completed in a forensically sound manner without altering the metadata.

■ Manage Content in Place. The idea of managing data in place, or “where it lives,” is a more recent concept. Advances in technology now allow the enterprise, as well as corporate counsel, to manage, analyze, identify, and preserve data in place. Several years ago, there was a movement toward implementing a centralized repository for all information and that corporate users would be able to access all data remotely. However, this idea proved impractical and organizations have not been able to deploy such a storage and management solution. The current challenge is now how to manage data across the enterprise, in a systemized, repeatable, and defensible manner that will meet the needs of the organization as well as the needs of corporate counsel.

Managing content in place has evolved as the solution of choice. In order to avoid disrupting productivity, managing in place provides the flexibility for users to create content without needing to move the information into a central managed repository. Such manage-in-place solutions provide ready access to information for those responsible for normal business operation, greatly improve the efficiency of managing information assets, and significantly reduce storage costs.

Additionally, as the volume of ESI continues to dramatically increase, managing in place provides the critical ability for counsel and the business to adopt an information governance solution that does not rely exclusively on the manual efforts of users and administrators. These solutions automate the consistent application of policy to unstructured content based on the conceptual understanding of information in all file formats. Further, these information governance policies can be extended to help manage content in place by invoking actions across disparate systems to apply consistent rules. This also extends the ability to automate processes, such as real-time classification, to quarantine batches of content based on conceptual similarity, allow the content to be accessed and controlled simultaneously, and make it available for ongoing business purposes while permitting governance activities such as retention or eDiscovery to occur without disruption.

■ Account for Many Languages and Many Jurisdictions. Businesses and governments today operate in a highly-interconnected global marketplace. Even mid-sized companies will conduct business in dozens of different jurisdictions. This requires information governance strategies, as well as eDiscovery capabilities, to be language-independent and allow



46

organizations to access and understand potentially relevant information regardless of its origin.

The ability to adhere to different and sometimes conflicting information governance obligations across jurisdictions is also important. Corporate counsel need methods to apply the right controls at various points and not assume one set of rules or policies will suffice globally.

■ Proactively Address Scalability Needs. Enterprises today produce ever-increasing volumes of information in varying forms and formats. Compound annual growth rates for most organizations are estimated at 60%, with large enterprises now regularly managing over a petabyte of information. Given these information growth rates, counsel must look at solutions and models that can scale accordingly. Information governance and eDiscovery strategies should look at scale as both a function primarily of processing, and secondarily storage. Often enterprises consider storage as the primary requirement of information growth, but in reality, the need to understand, act, and process information will continue to take on greater importance.

F. Creating a Defensible eDiscovery Process As corporate counsel prepare themselves to meet their obligations under the FRCP and case law, as well as maintain regulatory compliance, it is clear that a systemized, repeatable, and defensible process must be in place. In order to create a defensible process, counsel should look to the following areas:

■ Create a comprehensive information governance and eDiscovery program to ensure that rules, regulations, and statutory requirements are met.

■ Have an effective method for enforcing the legal hold and preservation obligations that goes beyond mere notification of legal holds and includes the ability to automatically enforce the preservation of ESI.

■ Utilize reasonable methods for the search, identification, and preservation of ESI, including advanced technology.

■ Create an audit trail of actions in order to prove the defensibility of their process.

Guidance from courts and regulators on these issues is clear—business as usual will no longer suffice. Though these can seem like insurmountable tasks, they can easily be tackled with the right partners, including outside counsel and vendors with experience in the space.


47

V. Appendix: Case Studies and ROI from Autonomy

To be successful, corporate counsel need to ensure that their eDiscovery program is systemized, repeatable and defensible. In addition, the recent financial crisis has made it essential that any investment in technology provide a return on investment (ROI). In addition to the sheer cost savings that technology can provide for eDiscovery and investigation purposes, technology that can be leveraged outside eDiscovery as part of a comprehensive information governance platform can provide even greater ROI. What follows are examples of ways in which organizations have been able to implement technology, create a defensible process, and provide value and ROI.

A. Case Study: A Top 10 Financial Institution

Background This leading global financial services firm has assets of over $2 trillion, more than 200,000 employees and world-wide operations.

The organization purchased large portions of the assets of a failing financial institution, taking on a significant amount of institutional risk that fell under regulatory scrutiny. Control and analysis of the electronic data had to be established within a short period of time to meet internal governance and government requirements, including TARP requirements and a FDIC requirement to collect and store the electronic content for seven years.

The Need: Archiving and Compliance Under tremendous internal and government pressure, this customer moved quickly to evaluate options for establishing control over vast quantities of hardware and both structured and unstructured data located in the systems from the acquired financial institutions. The sheer volume presented an enormous challenge because the data was subject to litigation and needed to be collected in a defensible and FRCP-compliant manner. As a result, the Governance, Legal and IT teams collaborated to establish the baseline requirements needed to secure, index, analyze, collect, archive, and hold data across all media types that would be potentially relevant to regulators and litigants. The firm recognized that traditional utilities and methods for collection were not going to be viable.

Requirements

■ Locate and collect data from over 70,000 work stations and file servers and 2,500 backup tapes scattered over numerous locations in several geographically-separated areas

■ Collect content from key enterprise applications including corporate email, ECM and ERP systems

■ Effectively pre-cull and de-duplicate an expected volume of 500 TB of data

■ Complete the initial processing of 10,000 priority workstations within a defined timeframe



48

■ Process over 2.8 TB every 24 hours for 180 days, to complete the entire project by the government mandated deadline

■ Prioritize the collection of data from leased hardware to avoid the necessity of purchasing tens of thousands of obsolete systems and licenses

■ Provide a secure, long-term archive environment that supports legal hold and sophisticated eDiscovery operations

■ Maintain defensible chain of custody throughout the process

■ Future collection requirements included SharePoint system data and 20 TB of content located on NAS storage systems.

The Solution The challenge of collecting an estimated 500 TB of email and other electronic files from geographically separated systems within 180 days was a once-in-a-lifetime occurrence, yet the underlying requirements aligned with this organization’s best practices requirements for efficient pre-culling and collection of large quantities of remotely located content.

The organization needed a solution that would scale and provide an end-to-end eDiscovery solution with automation and systemized processes that their existing manual system lacked. It had to be able to remotely process over 10,000 systems during the initial government-monitored test phase. A traditional solution would require physical hardware connections to centrally-located collection servers that are only capable of processing an average of 27 workstations in a 24-hour period. After shipping 10,000 workstations to a central location, a legacy solution would require over 370 days for the first 10,000 systems and over seven years to collect 500TB of content.

The ability to intelligently pre-cull and de-duplicate all forms of data allowed the team to focus collections on priority content which eliminated the cost and time of a forensic bit-by-bit manually-driven copy utility that would have collected vast quantities of irrelevant content and provided no additional value to the investigators or legal teams. In parallel, a tape restoration project was mounted of unprecedented scale.

Regional collection centers were deployed into existing facilities to reduce network latency and bandwidth requirements, further reducing the cost and time requirements. The grid-based model eliminated the collection silos typical in legacy solutions, ensuring that the investigators and legal teams have access to the full corpus and an FRCP-compliant system for searching and analyzing content.

Functional Highlights ■ Device Identification—by means of out of the box integration with enterprise directories

■ Intelligent Distribution and Collection—catering to network limits, geographic distribution and any scalability requirements

■ Legal Hold—information protection by means of forensic hold and in-place management of assets

■ User Notification—embedded workflow systems for user management and verification

■ Intuitive Central Dashboard—simplifying and reducing the management of the entire process


49

while providing a global view

■ Intelligent Storage—reduced footprint using de-duplication and SIS (Single Instance Storage) algorithms

■ Post Collection Features—such as asset media wiping/shredding via industry standard systematic overwrites

The Benefits The solution provides a fundamental quantitative and qualitative shift in enterprise collection. It makes possible what would have been, until now, an unachievable target using existing manual legacy technology, for all except the simplest collection scenarios. To date, the firm has archived over 350TBs of data and has successfully automated and streamlined its compliance operations.

B. Case Study: Bloomberg

Background Bloomberg is the leading global source of data, analytics and news. Each day, more than 260,000 financial professionals rely on a range of high-quality information services inside 200,000 Bloomberg Terminals worldwide.

The Need With every Bloomberg Terminal costing $1,900 a month, the value to Bloomberg of displacing competitive terminals and extending existing client accounts with ongoing functionality enhancements is material to the company’s bottom line and business strategy.

The Solution Basic keyword search and manual classification were replaced with contextual and conceptual meaning-based search across Bloomberg News and Bloomberg Messages. The advanced technology allows Bloomberg to grow its business by helping users make more informed investment decisions even faster. Is also facilitates new product offerings such as Bloomberg Healthcare and a number of internal applications.

The Benefits High Performance and Extreme Scalability

Speed and size matter in Bloomberg’s world. Financial professionals can move the markets with fast access to the breaking news available from the Bloomberg Terminal. The unique ability to scale to a massive volume of users and information without sacrificing performance is demonstrated in many ways across Bloomberg’s information service offerings:

■ Indexing a library that consists of 120 million articles in 12 languages inside Bloomberg News and more than 200,000 articles are added on a daily basis

■ Search response times are guaranteed at sub-100 milliseconds

■ Indexing six million messages every day inside the company’s proprietary email system at Bloomberg Messages

■ During peak periods, such as 9 a.m. ET, as many as 1,000 emails are sent every second by



50

Bloomberg users. Those messages are searchable on the system within five seconds.

■ All Bloomberg messages are retained and searchable for a period of 50 working days

■ The hardware requirements to scale to these loads are standard: Bloomberg uses commodity Linux boxes.

Meaning Based Information Processing

Bloomberg deploys a number of advanced capabilities to support their user-base with the analysis of news, information, events and companies.

Real Time Scrolling News: Bloomberg users can set up agents to monitor information 24/7 on specific concepts. Every time a story matches the criteria, the news is populated in real time across a user’s computer screen. 1.26 million trading alerts are powered every day, demonstrating the value of this feature for Bloomberg’s user base.

Cluster Visualization: This technology serves to streamline equity research by visually depicting the intensity of news coverage about companies, indexes, sectors and geographies, relative to the level of coverage normally received. The Heat Maps, as Bloomberg calls them, give users visibility into burning topics, trends and areas that require more or less attention in their portfolios.

Headline Clustering: All of Bloomberg’s news stories are read through in real time, clusters of related coverage from different sources are identified and results sets automatically collapsed to prevent information overload. At the same time, the full range of information sources is available if required.

Automatic Classification: Every piece of content from Bloomberg and non-Bloomberg sources is classified into a 2.1 million node taxonomy with rules that are conceptually created. This has reduced the need for Bloomberg editors to manually tag articles for classification.

Innovation: The competitive landscape that Bloomberg competes in is fierce. To build market share against rivals, Bloomberg is committed to extending functionality in the information services across the organization on an ongoing basis. The enhancements include:

Instant Messages: “Instant Bloomberg,” the instant messaging service for Bloomberg users is added to the index.

Greater Scale: The Bloomberg email system has expanded its retention of messages from 50 working days to one year. This translates to a searchable archive of 1.5 billion messages.

Bloomberg Law: The Oracle Text search engine installation that failed to scale was replaced without significant increases in costly hardware.

Bloomberg Pharmaceuticals: Directed navigation capabilities will be rolled out on this yet to be launched Bloomberg service for pharmaceutical data.

Bloomberg Television: Bloomberg is currently exploring Autonomy’s conceptual video and audio search for the company’s ten television networks.


51

C. Case Study: The UK Ministry of Defence

Background The UK Ministry of Defence (MoD) is responsible for defending the United Kingdom and promoting international peace and security. The scale and complexity of these responsibilities makes the MoD one of the largest and most diverse UK Government Departments. Like all large government organizations, the MoD has to continuously improve its business processes and develop new ways to process, manage and share the vast amount of information it both creates and receives each day. As part of its modernization and change program, it has implemented a single information architecture that will eventually provide IT services throughout the MoD. This will mean that MoD staff will have an IT infrastructure that supports collaborative working, provides faster and more secure communications and will enable teams to store and retrieve information anytime, anywhere.

The Need The MoD found that personnel were investing considerable time locating information across the various systems at its Whitehall headquarters, causing costly delays. In addition, the MoD needed to implement an Electronic Document and Records Management (EDRM) system to meet the UK Government’s requirements for compliance and records management and other obligations under the Freedom of Information Act. They sought out and implemented a solution that provided a single platform to manage their data, one that also provided advanced search, included the ability to understand meaning, conceptually analyze the data, and provide contextual analysis in order to speed access to information.

The Solution and Benefits The ability to find information from document libraries, as well as many other portals and intranets, has fundamentally changed the way the MoD works. The MoD is able to meet the UK Government requirements and legislative responsibilities for Compliance and Records Management. The infrastructure facilitated the development of a “Freedom of Information” toolkit, which enables the MoD to fulfill its commitments to Central Government and the public in this area. The EDRM component of the new DII(F) infrastructure will be rolled out across the entire MoD—up to 330,000 users.

D. Case Study: A Leading Commercial Bank

Background This bank is one of the largest financial institutions in the US, with operations around the globe and more than $1 trillion in assets. The company offers banking, insurance, investment, mortgage and consumer finance services through a range of distribution channels across North America and the world. The bank understands the importance of advanced technology in maintaining its competitive position in the premier financial services market.

The Need This client needed to protect sensitive customer and prospect data while leveraging contact centers to drive revenue growth requires an intelligent data privacy solution.



52

When the organization was evaluating solutions, it realized that traditional data protection software lacked the multi-channel synchronization and meaning-based analysis necessary to perform real time monitoring, capture and analysis of all customer interactions in a consistent, compliant and actionable manner.

The Solution The bank’s mortgage division selected technology that would protect sensitive customer data while boosting intelligence within the business and enable increased employee productivity. The technology synchronizes employees’ desktops and web usage with live customer interaction by understanding the meaning of all interactions. This enables the bank to capture multi-channel data, tag and classify each interaction, and comply with industry regulations in real time, while protecting private information.

The bank’s business and compliance executives are able to establish customized trigger events that target specific interactions important to the company. Because the technology is application-independent, triggers are enabled from a wide range of mission critical applications, such as CRM and helpdesk suites, email and IM systems, and browser based applications.

By intelligently monitoring the end-users’ desktop activity, the recording can be started or stopped, have metadata attached to an interaction, or an interaction classified according to business rules. In addition, interactions that are subject to compliance or other corporate criteria can be identified, such as those that contain particular credit card, product, customer, or competitive information, and take action as necessary.

The Benefits ■ Delivers an unprecedented level of compliance.All contact center interactions, including

email, IM and audio recordings, are managed within regulatory and corporate policies. This bank can set triggers to identify sensitive materials within interactions and automatically mask or mute the information based on its business needs, ensuring customer-sensitive data is not made available without an appropriate level of security.

■ Performs gap analysis on all leads. Allows the bank to better understand how agents are managing leads and qualifying prospects. All calls are classified, and where the agents mark the lead as “unworkable,” it facilitates gap analysis. By understanding such gaps, the bank can take steps to better educate agents, thus improving the number of lead conversions and driving top line revenue.

■ Reviews how agents use sales tools and applications. Enables the bank to monitor the actions on agents’ desktops in order to identify areas for improvement and provide coaching where necessary, thus improving efficiency and maximizing resources.

■ Uncovers key areas of erosion in the sales process. Sorts and understands calls in order to identify common drop-out points within the call process. Reducing the drop-out rate by just 1% can result in a substantial lift in top-line revenue and overall profitability. The platform can also be used to improve the coaching of agents at all stages of this process.

The bank currently has around 2,000 agents on this platform for voice and screen recording and for agent evaluations, which supports agents across the company’s five call centers. The company’s business challenges were easily and competitively addressed by adding advanced technology that could


53

classify and categorize calls based on desktop information, resulting in better segmentation of customers and transactions, while delivering PCI Compliance to the agent desktop and protecting against serious security threats at the desktop level.

E. Case Study: Aegis Media

Background By the very nature of its business, the media and communication services arm of London-based Aegis Group plc is in 24/7 communication with clients, editors and others. Much of this communication is conducted using email. The company’s London office alone handles 4.5 million incoming messages each month and stores 1.5 million folders in its file system. Due to growing pressure to retain electronic information for increasing periods of time to meet both internal business and Sarbanes-Oxley requirements, Aegis Media’s data stores were doubling year-on-year. “In an attempt to get storage under control, we tried to get staff to spend more time managing their email databases and to use file servers for storing attachments, but, in reality, this simply was not happening,” says James Morris, group infrastructure manager of Aegis Media’s United Kingdom and Ireland operations. “We just had to keep throwing more storage space at the problem.”

The Need The company faced increasing costs to accommodate storage requirements that were growing 100-150% each year, and the IT staff had found that mailbox quotas and user guidelines were simply not enforceable. The challenge was further complicated by an upcoming migration to Microsoft Exchange from its Lotus Domino email environment. Because another Aegis Group company, Synovate, was using Exchange, a global migration was inevitable, so a solution that would support both new and old email environments was needed. Any information archived in Notes had to be fully preserved and accessible when the move to Exchange occurred.

The Solution Aegis Media began searching for both an onsite archiving solution and an email migration solution. After an extensive evaluation process, the company chose solutions that allowed them to provide centrally managed and administered control of email policies across Aegis Media’s global network, enabling email administrators to selectively offload email and file servers automatically. Approximately 10 Gigabyte is archived nightly to the company’s EMC Clariion SAN.

Aegis Media first archived its Notes data to Autonomy Enterprise Archive Solution (EAS). Then the company started its transition to Microsoft Exchange using TransVault. “With the data in EAS and TransVault to migrate it, migration to Exchange was a totally transparent background process, with no time pressures on the IT department and no adverse impact whatsoever on end users,” says Morris. Using TransVault, Aegis Media IT creates a copy of the EAS-archived Notes data, converting email messages and, where needed, email addresses, to ensure that they will work in the new environment. Shortcuts (stubs) to the archived Notes data are put in the corresponding Outlook mail folders so users can still retrieve those messages. Populating these shortcuts to a 1.5 Gigabyte mailbox takes only a few minutes and uses a fraction of the space on the Exchange server.



54

“We wanted to preserve transparent access to Notes data but without overburdening our new Exchange servers,” explains Morris. “There could easily have been multiple terabytes of legacy Notes data moved to the new servers but, thanks to Autonomy EAS and its Single Instance Storage technology, we were able to free up four terabytes of data storage.” The savings in storage space was not just a one-time occurrence. Aegis Media estimates that it has slashed the rate of storage growth from approximately 100% year-on-year to just 25%.

Aegis Media was able to cut its storage requirements in half, from 100 Gigabyte per month to 40 Gigabyte and reduced the strain on its file and email servers. By reducing the overall volume of storage required, capital savings in storage costs and email server costs are generated. In addition, Aegis Media now has a much more stable and responsive email environment.

Because the solution centrally captures email messages, files and attachments in a scalable, searchable archive and eliminates the proliferation of personal email archives distributed around Aegis Media’s network, the hassle and cost to respond to discovery requests and audits has been cut significantly. “In the past, discovery requests meant sending copies of our Notes databases and backup tapes to a third party and paying for recovery of the information,” says Morris. “But with EAS’ search capabilities and TransVault data conversion, all of our email, including legacy Notes data, is quickly discoverable, which is sure to save us more time and money down the road.” With onsite archiving, Aegis Media has reaped additional benefits as well—from eliminating the fee paid to the application service provider that hosted its Notes application, to increased administrator productivity since every email-related task is faster and more efficient.

The Benefits Aegis Media chose solutions that not only met but exceeded their storage optimization and email migration goals.

“The initial driver for our implementation was storage optimization, but we are also benefiting tremendously from improved data retention, easier compliance with Sarbanes-Oxley and internal business requirements, reduced IT overhead and more.” — James Morris, Associate Director, IT Infrastructure, Aegis Media.

■ Smooth migration to Exchange, with archived Notes data fully preserved and easily accessible

■ Freed up 4 terabytes of disk storage space and cut storage requirements in half

■ Reduced annual rate of storage growth by 75%

■ Improves performance from email and file servers and significantly reduces backup time

■ Reduces time and cost to respond to discovery requests and meet evolving compliance and regulatory needs


55

F. Case Study: Richards Butler

Background Richards Butler, now a part of Reed Smith LLP, is an international law firm with more than 400 staff in London and 300 throughout Asia, the Middle East and South America. The firm’s contributions to the legal industry are widely recognized, particularly its dispute resolution practice, which accounts for over 50% of the firm’s total income. Ranked as one of the top ten litigation firms in the UK, the dispute resolution practice is by all measures one of the largest and most respected in Europe and Hong Kong.

The Need Throughout the past ten years, the firm’s Commercial Disputes Group (CDG) has worked on numerous large, high-profile international cases in conjunction with other law firms in the US and beyond. As is common practice, litigation support services were used to manage the cases across multiple firms and generally those services were specified by the client or another law firm sharing the case. While the firm played a key role in the disputes, lawyers at the firm found that they had to learn multiple litigation support and eDiscovery systems provided by different firms or clients.

"Electronic discovery was pioneered in the US, but it is now a major focus in England and elsewhere,” said Lee Hanley, IT Director at Richards Butler. “We recognized the need to run the process with our own state-of-the-art litigation support system and to increase our expertise in electronic discovery.”

Requirements Richards Butler began a search for a single, best-of-breed in-house electronic discovery and litigation support system that would set the firm apart in international litigation. To select the right solution for the firm, Hanley and the partners at Richards Butler identified several key criteria the system would need to meet. It would need to be:

■ Scalable to manage very large cases and manage clients from abroad

■ Easy and quick to deploy to handle large cases waiting in the wings

■ Performance-driven to allow easy access to clients in different locations, simplified classification of documents, custom report creation and data distribution

■ Proven to be successful with satisfied, long-standing customers, including large firms with demanding requirements

■ Accessible through Citrix and equipped with standard technology

■ Adaptable to synchronization with local scanning and coding bureaus

The Solution After thorough investigation of several solutions and interviews with firms using the solutions, Richards Butler chose the only solution that met all of the firm’s key criteria, one based on advanced meaning based technology that could support its needs now and in the future. The firm was particularly impressed with its scalability, ease of use and rapid deployment.



56

Installed widely throughout the US and with a majority of the Magic Circle and other top litigation firms in London, their new solution was handling many large cases with millions of documents. It was also one of the few solutions reviewed that could be hosted, used standard technology such as Crystal reports and was easily integrated with Citrix.

The Benefits ■ Deployed solution throughout Richards Butler’s global offices within four weeks of purchase

■ First case live within a month

■ Managed eDiscovery and litigation support for three international cases which included half a million pages of review and 20 lawyers across 6 firms

■ Subequent 100% increase in pages with addition of major $140 million global case on system

■ Increased internal eDiscovery expertise with 40 staff trained on system

■ Increased efficiency in the litigation support process eliminated the need to retrain staff on various systems for different cases


57

VI. Endnotes ____________________________ 1 Kimberly Samuelson, Information Governance Isn’t So Bad After All, CIOUpdate.com, June 23, 2010, http://www.cioupdate.com/features/article.php/3889396/Information-Governance-isnt-so-Bad-After-All.htm. 2 Ganesh Vednere, “The Quest for eDiscovery: Creating a Data Map” Infonomics, Nov./Dec. 2009, available at http://www.aiim.org/infonomics/quest-for-ediscovery-creating-data-map.aspx. 3 John Bace, Think Tank: Are businesses ready to meet the requirements of e-discovery regulations? ComputerWeekly, June 11, 2010, available at http://www.computerweekly.com/Articles/2010/06/11/241561/think-tank-are-businesses-ready-to-meet-the-requirements-of-e-discovery-regulations.htm. 4 Columbia Pictures Industries v. Bunnell, 2007 U.S. Dist. LEXIS 46364 (C.D. Cal. June 19, 2007). 5 Samuelson, supra. 6 See U.S. v. Abbott Laboratories, 1:10-mc-00001, U.S. District Court, Western District of Virginia 7 George Socha & Tom Gelbmann, Don’t Box ECA, Law Technology News, June 1, 2010, available at http://www.law.com/jsp/lawtechnologynews/PubArticleLTN.jsp?id=1202458746630&Dont_Box_ECA. 8 See Socha & Gelbmann, ibid. 9 Richard Susskind, The End of Lawyers (2009). 10 See Searle Survey, Litigation Cost Survey of Major Corporations, Conference Papers, 2010 Civil Litigation Conference, Duke University. 11 See Autonomy website, http://www.autonomy.com/content/News/Releases/2010/0615.en.html. 12 US Magistrate Judge John M. Facciola, “Sailing on Confused Seas: Privilege Waiver and the New Federal Rules of Civil Procedure,” FED. COURTS L.REV., Sept. 2006. 13 See George L. Paul and J.R. Baron, “Information Inflation: Can The Legal System Cope?” pages 22-24,

Richmond Journal of Law and Technology (2006), http://law.richmond.edu/jolt/v13i2/article10.pdf.

Date post:	11-Feb-2022
Category:	Documents
Upload:	others
View:	3 times
Download:	0 times

SM Advanced Technology Solutions for Litigation

Documents