- Education and Training
- Policies for Hold Triggers
- Policies for Hold Implementation
- Email Retention Policies
- ESI Maps with 26b2B ID
- Certified 37(e) Destruction
- Information Governance
- Artificial Intelligence based PreSuit protection (sort of like the Minority Report movie, but for civil wrongs, not crimes, and its not fiction, its real, albeit, cutting edge, and, oh yeah, Tom Cruise is not involved).
General. Litigation Readiness activities, which constitute the first pre-suit step of EDBP, are designed to facilitate the next four steps of EDBP: 2. Hold Notices, 3. Interviews, 4. Collections, and 5. Cooperation. These four steps occur in almost every case, even if discovery is stayed or the case is resolved early. Thus maximum efficiencies can be attained by establishing set procedures to follow for Hold Notices, Interviews, Collections and communications with opposing counsel and court. Taking the time to prepare policies and procedures for e-discovery in litigation allows an organization to avoid expensive ad hoc inventions and variations. Litigation Readiness, when done correctly, should allow for substantial savings on future litigation expenses and reduce risk. Conversely, the failure to create and implement a reasonable litigation readiness plan, including ESI retention policies and lit-hold policies, can have a detrimental effect on preservation activities once litigation strikes. This is shown in Scentsy Inc. v. B.R. Chase LLC, No. 1:11-cv-00249-BLW, 2012 WL 4523112 at *8 (D. Idaho Oct. 2, 2012). Also see: Losey, R., Oral Hold Notice Invalidated as “Completely Inadequate” such that it “Borders on Recklessness” (2012).
Education and Training. There is a rapidly growing body of legal knowledge that should be learned by any attorney or paralegal that practices in this field of law, just like any other. There are also special skills that require training. Education and training are an important part of the practice of law in general, but no where are they more important than in electronic discovery. This field is so new, and advancing so fast, that it is very hard even for specialists that do nothing but e-discovery to keep up. As a consequence, everyone in this field must be both student and teacher. We must all spend time to train and be trained.
Cybersecurity. Most law firms today are holding terabytes of client ESI in connection with litigation and investigations. Some are holding petabytes of client data. There is an enormous risk and liability involved with holding client data that the legal profession is just beginning to realize. This data has become a prime target of sophisticated computer hackers, including the Chinese government. Keeping client data secure from theft is an important ethical obligation of all attorneys. See the information resource on cybersecurity designed for attorneys, eDiscoverySecurity.com. As a best practice for most law firms, but not all, we recommend outsourcing to specialist data hosting companies, typically the larger e-discovery vendors with proven expertise in cybersecurity. See eg: The Importance of Cybersecurity to the Legal Profession and Outsourcing as a Best Practice – Part One and Part Two, (e-Discovery Team, 2014); and, Best Practices in e-Discovery for Handling Unreviewed Client Data, (e-Discovery Team, 2014).
Policies for Hold Triggers. Organizational policies and procedures should be created to govern how an organization will determine when Litigation Holds should be triggered. See The Sedona Conference® Commentary on Legal Holds: The Trigger and the Process, September 2010.
Policies for Hold Implementation. Related policies and procedures should be created for the implementation of the Holds. These written policies must be tailored to the particular needs of the organization and have built-in levels of proportionality of response. Id. The flow chart below adapted from the Sedona Commentary can be included as part of an organization’s standard policies and procedures.
Email Retention Policies. Written policies should be created or updated that are tailored to the particular needs of the organization and coordinated with the litigation hold procedures. This requires careful study before adoption and may involve different retention times for different classes of employees. See: The Sedona Conference® Commentary on Email Management, August 2007.
Maps of ESI with Rule 26(b)(2)(B. High level maps should be created that include designations of inaccessibility under Rule 26(b)(2)(B). Although detailed mapping of information systems and locations of ESI is no longer favored because of the high rate of change most organizations experience, at least some high level mapping is helpful for any complex systems. The creation of these maps is an IT function, not legal, but the designation of certain areas within the ESI storage architecture as protected under Rule 26(b)(2)(B) is an important legal service. See: The Sedona Conference® Commentary on Preservation, Management and Identification of Sources of Information that are Not Reasonably Accessible, August 2008. So too is the preparation of one or more IT representatives to provide depositions, affidavits, 26(f) conference input, and 16(b) hearing input to opposing counsel and the court.
Certified 37(e) destruction. Old ESI that is no longer needed by the organization should be purged from systems, but this must be done in a manner that tries to bring the process within the semi-safe-harbor protection of Rule 37(e), Federal Rules of Civil Procedure, and complies with all existing litigation holds. Great care must be taken to avoid destruction of ESI that might be subject to a litigation hold and these efforts must all be carefully documented. The destruction is guided by the Rule 37(e) requirements of good faith and routine operation of an electronic information system.
Depending on the circumstances, typically situations involving large scale data purges, an organization may want to have a third party supervise, audit, and certify good faith and compliance with mandated routines. These routines and retention policies should be completed and in place before the destruction of data. Outside counsel can serve as an independent auditor to certify that the ESI destroyed was not subject to holds and was otherwise carried out in good faith so as to entitle the organization to Rule 37(e) protection. Also see generally: The Sedona Conference® Commentary on Inactive Information Sources, July 2009.
For good suggestions on mistakes to avoid in 37(e) purges, which in turn also suggests particular procedures to follow, including creation of a log or record of what was destroyed, see the final installment to the Rambus litigation saga examining the plaintiff’s shred days before filing suit. Hynix Semiconductor Inc. v. Rambus Inc., Case No. C-00-20905 RMW, USDC ND Calif. (Sept 21, 2012).
Information Governance. This is a large catch-all type category, that includes the above policy initiatives and litigation readiness activities, and much more. It addresses a need larger than litigation readiness, one which all large organizations have, for global policies and procedures to govern all information, both paper and electronic. The policies include:
- Policies governing the retention and destruction of ESI of every form, not just email;
- IT and employee security issues;
- Information privacy and security issues;
- Employee permitted use issues.
See: The Sedona Guidelines: Best Practice Guidelines & Commentary for Managing Information & Records in the Electronic Age, November 2007; The Sedona Conference® Commentary on Information Governance (Dec. 2013) (describes eleven principles on IG practice that all organizations should strive to adhere to).
For the latest in this area see the Information Governance Initiative that was launched in 2014. Their goal is to develop best practices for information governance using an interdisciplinary approach. The IGI website contains a broad list of activities they consider to be within the scope of Information Governance:
- Information security
- Data science
- Electronic discovery
- Business management
- Business intelligence
- Records management
- Risk Management
- IT and Infrastructure Management
As you can see IGI considers Electronic Discovery to be a subset of Information Governance. In that sense Information Governance activities, which, according to IGI’s explanation, includes such things as Business Intelligence and Management, goes well beyond the scope of the EDBP. Our mission is limited to a collection of legal best practices for electronic discovery.
Artificial Intelligence based PreSuit protection. This is the use of predictive analytics of corporate email, and other ESI, to detect and prevent law suits before they happen. See: PreSuit: How Corporate Counsel Could Use “Smart Data” to Predict and Prevent Litigation. I call this data analytics based program PreSuit™. It is based on search methods I have developed. It is not tied to any specific predictive coding software, although the software must have certain basic minimum capabilities. These are listed along with other details of the program at PreSuit.com.
I understand that a few other attorneys are also beginning to develop such software agnostic services under the general name of email analytics. A few vendors have developed software specifically designed for this task, including one called Email Auditor by UBIC. I know that several others are now under development. I am unsure of how or whether they they can be used with the methods I’ve developed.
PreSuit™, once fully developed, could become the ultimate in corporate compliance. PreSuit™ has the potential to become the ultimate in corporate compliance. It can detect burgeoning misconduct in the workforce so that corrective action can be taken to avoid litigation. It relies on the use of what I call “smart data,” which is ESI that includes a probability of connection with wrongful conduct. For full details see PreSuit.com. It may sound like Minority Report science fiction, but AI-enhanced review now makes this kind of Big Data possible. See LegalSearchScience.com.
PreSuit™ works by realtime monitoring of an organization’s email communications to identify correspondence and connections that have a high probability of association with illegal and wrongful actions of all kinds, including discriminatory conduct, other kinds of torts and statutory violations, breach of contract, fraud, trade secret theft, etc. By using artificial intelligence to audit and analyze corporate communications, and other ESI, wrongful conduct can be detected early, before it matures into litigation. General counsel can take appropriate corrective actions before the conduct becomes even more serious and expensive to correct. Once PreSuit™ is fully developed, it will be the ultimate in litigation avoidance.
More detailed descriptions of best practices for Litigation Readiness will follow. In the meantime, if you have any suggestions and care to contribute to this project, or any questions (nothing case specific please), please leave a comment below.