One of the predominant themes at this year’s LegalTech February conference in New York was how large corporates were taking back responsibility for their own data. They are implementing solutions which let them store, index and search all their electronically stored information (ESI) so that they can meet the demands of knowledge management, litigation readiness and regulatory compliance. There are a number of drivers for these strategic initiatives – with the foremost being cost control. As one CIO commented; ‘We have 30 cases on the go around the world, 30 different law firms, 30 different vendors crawling over our data. I’ll take care of that and save a significant amount of money on economies of scale, and the law firms can do what they do best, which is provide professional advice, not act as a data collection bureaux.’
A further twist to this particular story is the increased use of analytics software to underpin the KM mantra ‘Search is King’. With studies showing that the use of traditional keyword searching only finds 50% of the relevant data, the attraction of analytics and the ability to group documents using linguistic matching technologies is evident. Companies do not know where the next demand for information will come from, and the ability to pour raw data into analytics tools such as Autonomy, Recommind or MetaLINCS, and then see what patterns exist, gives a significant advantage to the beleaguered in-house counsel.
So what is this concept of litigation readiness and does it have any lessons for law firms, either those looking to help clients, or those who might need to adopt some of the processes?
ESI Challenges
In order to understand where the requirement for litigation readiness springs from, it is necessary to understand the three main challenges of ESI. First, and foremost, is the sheer volume of material that has to be dealt with. There are any number of statistics bandied around, from the number of e-mails sent each day (with 90 billion being the latest estimate), through to the claim that 90% of corporate data exists in electronic form with only 30% of that information ever printed out, ending up with a Microsoft study that estimated a business user sends/receives about 50 e-mails per working day, roughly 12,000 messages a year. This information is held within e-mails, electronic files (e-files) such as Word, PowerPoint or Excel documents, and more ephemeral locations such as Instant Messaging systems and phone text messages. Not only is there a proliferation of data formats, the physical location of ESI has ballooned beyond the original sites of PCs and servers and into flash drives, back-ups, distributed storage and business continuity solutions. Like Topsy, it just grows and grows.
The second issue is that of metadata, the ‘data about the data’ that is stored within the various document formats. In the majority of cases, this information is incidental (though it should always be preserved when the ESI is collected), but in certain circumstances, particularly in fraud and other cases where establishing a time-line of events is critical, metadata can be crucial. Capturing and preserving metadata is a key element of ESI handling.
Finally the sheer size and complexity of ESI very often leads to a situation were Donald Rumsfeld’s quotation of ‘known unknowns’ comes to mind. The known questions with unknown answers include; ‘where is all the information’, ‘how do I produce it all’ and ‘what is a reasonable effort’. Grappling with these issues can cause many a lawyer to worry about the fundamental question in disclosure, ‘have we produced what we need to?’.
Procedural Changes and Practice Risks
Various legal systems around the world have been amending their procedural rules to deal explicitly with the issues surrounding Electronic Data Disclosure/Discovery (EDD). The English Civil Procedure Rules were altered in October 2005, the US Federal Rules in December 2006, and Australian procedures in the first part of 2007. As we have established already, the increased complexity, inter-dependency and digital only existence of data, coupled with the volumes that have to be processed, form the background to the concepts of litigation readiness.
Though the UK does not have the litigation culture, punitive damages and depositions which characterise the US system, the consequences of making mistakes in EDD can still have a significant impact upon the ability of a law firm to drive a case through to the desired result. In the following analysis elements of this article, the reasons behind some of the US ‘scare’ stories of EDD disasters will be explored, as one thing that is common to both jurisdictions is the ability of people to make mistakes, misunderstand each other and generally create havoc with a litigation lawyer’s carefully prepared case.
The What and Why of Litigation Readiness
The common analogy is that, if litigation support and EDD are the ambulance at the bottom of the cliff, then litigation readiness is the fence at the top that stops you falling over. As we will see during the remainder of the article, litigation readiness is inexorably bound up with a sound records management policy, and this in itself is a good efficient business practice. Indeed for some firms in the financial sectors, the demands of Sarbanes Oxley, the Financial Services Act, Basel 2 and MiFID make a sound records management strategy an essential element of their business. Increasingly, the way in which a business handles electronic data has a value in its own right and that value is being assessed in merger and acquisition situations.
As well as the regulatory and compliance drivers, there are increased risks for firms involved in global transactions and a poor or badly prepared response to litigation can result in significant brand tarnishment, or even the destruction of the company. In the end, Arthur Anderson won their case in the US Supreme Court, but by that point it was a totally pyrrhic victory. On a more pragmatic level, there is a good business case for controlling the spiralling costs of EDD and, let us not forget, a key element of the rules changes in both the US and England is the requirement for lawyers to specifically address the challenges of EDD. Though the US adopted their rules changes some 15 months after the English changes, there has been a far greater volume of experience and case law emerging from the US and where those lessons apply to this side of the Atlantic they are explored.
Cobblers’ Children?
Before we explore in more detail what corporate strategies can be employed in order for businesses to become litigation ready, it is worth pausing for a while and exploring when law firms might find themselves in a situation where they have to manage ESI. The saying ‘cobbler’s children have the poorest shoes’ comes to mind here, as I would suggest that most firms are acting under the assumption that they will never have to get involved in an EDD exercise. Whilst they might not have to make eDisclosure in the strictest definition of the term, there are a number of scenarios which could cause the tidal wave of EDD to fall upon an unprepared partnership. UK law firms are emerging from the benign environment of one of the longest bull markets we have seen for over a decade, and those of us with longer memories can remember a previous time when conditions were a lot tougher and clients in desperate straits resorted to suing those individuals and firms they held responsible for getting them into trouble – their (ex) lawyers. Even if the circumstances are not quite as acrimonious as being sued, clients are increasingly asking law firms for copies of ESI reaching back 5, 10 or even 20 years. Has your firm got copies of the WordPerfect letter that was e-mailed to the client in 1996? Could you retrieve it, and if you can, how much would it cost? If you had to respond to a Data Access Information Request, could you? What about all the e-mail traffic mentioning the disgruntled employee who is taking you to an industrial tribunal? The following strategies and approaches might be as relevant to the law firm helping clients implement them, as to the clients themselves.
Establishing a Litigation Readiness Base
At the start of any litigation readiness strategy, firms need to understand where their data resides. This ‘motherhood and apple pie’ statement of the obvious is infinitely more complex in today’s world of multi-national companies with worldwide infrastructures. Though the majority of the information they need will reside on user’s PCs, e-mail and file servers and the disaster recovery infrastructure (back-up tapes, WAN, SAN, archive solutions), there will be circumstances where they will need to explore the more obscure locations such as instant messaging, audio files, USB memory sticks, etc. The information audit will require documented interviews with key individuals, production of data maps and strategies for retrieving ESI from the various ‘silos’ located around the organisation.
Once organisations have an understanding of the universe they are operating within, it is then possible for them to reduce the amount of archival material, always making sure they follow a documented and ‘principled’ approach -ie one approved by the firm’s lawyers. This is not in any way to suggest that they are getting rid of evidence or vital material – it is simply that, if they identify that they have stored information in a number of places, then they are trying to reduce the totality of what they have. When litigation comes knocking on the door, and corporates haven’t got rid of the numerous superfluous copies of the data, they might well end up having to review them just to prove they are irrelevant, which can be a very costly exercise. In particular companies want to obtain legal opinion and clear criteria on when to include (or not) back-up tapes in litigation and how they can communicate this to their opposition.
Essentially firms are applying the business’ records management policy to ESI, and having got rid of the superfluous archival material, they can then look at the paper and electronic equivalents and explore how they can reduce the number of copies of the same efile floating around within the organisation. Having devised and implemented a policy, we are starting to see the development of an audit protocol to revisit the process to ensure it is still being followed.
Planning for Litigation
Having got the ESI house in order, companies can start to plan for the day that litigation does arrive. The key aim here is to preserve the relevant information within their online environment so they can avoid having to go to the back-up tapes or business continuity solutions. As I heard at one conference from an evangelical records manager, ‘A back-up tape is not an archive!’. Attempting to use tapes as a means of re-building an ESI universe from the past is a costly and time-consuming exercise. If firms preserve in a timely manner, they can avoid this option and we are seeing the installation of litigation ready e-mail archiving as a key technical element of this process. Businesses are establishing ‘preserve now’ teams that have an identifiable process to follow. The whole approach has senior management backing and comes complete with a tested plan and auditable checklists for identifying relevant ESI and making best efforts to preserve it.
Having completed the first stage of their litigation readiness strategy, some firms are then taking the next step and reviewing the entirety of the litigation hold process and deepening the communication between the firm’s legal and IT functions. The aim here is to streamline the procedures and scale of the litigation exercises. An element of this review is also an examination of the level of services being provided by both outside counsel and litigation support vendors, with an extension of this kind of audit being the exploration of using ‘outsourced’ services, such as legal review teams in India or South Africa. As was mentioned at the beginning of the article, there are real economies of scale to be achieved for some worldwide organisations.
Tactical Litigation Readiness
Having dealt with litigation readiness at a strategic level, what are we seeing emerging from the USA at a more tactical level?
The main aim of the lawyers involved in litigation is to be the first to put a reasonable EDD plan in place, use it to gain an advantage in the ‘meet and confer’ stages and then try to cost shift the bulk of expenditure over to the other side. In order to achieve this objective, lawyers are issuing litigation holds speedily, with a specific focus and as often as needed. Counsel, both external and in-house, are proactively involving IT throughout the EDD exercise and are paying particular attention to avoiding spoliation (evidence destruction, normally of metadata) via maintenance processes. Businesses are deploying the ‘preserve now’ teams and saving information in its online form, thus obviating the expensive need to resort to restoring back-up tapes. Preservation of metadata is a paramount concern and the overall approach is to collect the accessible data on a broad front and then cull downstream, once more case parameters are known. Where applicable, sampling techniques are used to reduce the volume of documents sent through to the review process, and increasing use is being made of the next generation of software tools with built-in analytical functionality.
All of the above is built upon a solid records management policy, with clearly defined policy, procedures and documentation. Once these structure are in place, then it becomes a lot easier to demonstrate that the IT policies for ESI align with, and enforce, records management polices. The theme of demonstration continues with defined processes for litigation hold, preservation procedures, technology audit, data mapping and production.
Making it Happen
All very well and good, I might hear you say, but how do I get this to happen and what challenges might I face?
First and foremost is the significant challenge of obtaining management support. Businesses (particularly law firms) tend to believe they are immune until an event occurs to prove otherwise. Records management policies and procedures are notoriously hard for firms to embrace and, unless there is significant and forceful backing from senior management, you will be facing a long hard battle. Having obtained the go-ahead, the next issue is to balance out the competing voices with incompatible requirements. The instinct of the lawyers is to keep everything ‘forever’ (which also falls in line with the US Sarbanes Oxley credo of retaining a wide spectrum of material for long periods). In the other corner is the more European, data protection inspired, approach, of removing what you no longer need to hang on to. Multi-national organisations might well find it impossible to be compliant with every last piece of regulation, and often they need to steer the ‘least worst’ course through competing priorities.
In summary, it is fair to say that litigation readiness is not for everyone (particularly within the UK), but for some market sectors it is a significant topic that firms with a clear strategic vision of their future would do well to address. The key to addressing the issues is to make better communication between the legal and IT functions a fundamental driver. Putting the electronic house in order is good business practice anyway, but one day it might save you significant financial and commercial capital and ensure you don’t need that ambulance at the foot of the cliff.
Andrew Haslam is one of the UK’s leading consultants in E-disclosure, and can be
contacted at www.allvision.co.uk.
© Andrew Haslam Allvision Computing