eDiscoveryDaily

More Updates from the EDRM Annual Meeting – eDiscovery Trends

Yesterday, we discussed some general observations from the Annual Meeting for the Electronic Discovery Reference Model (EDRM) group and discussed some significant efforts and accomplishments by the (suddenly heavily talked about) EDRM Data Set project.  Here are some updates from other projects within EDRM.

It should be noted these are summary updates and that most of the focus on these updates is on accomplishments for the past year and deliverables that are imminent.  Over the next few weeks, eDiscovery Daily will cover each project in more depth with more details regarding planned activities for the coming year.

Model Code of Conduct (MCoC)

The MCoC was introduced in 2011 and became available for organizations to subscribe last year.  To learn more about the MCoC, you can read the code online here, or download it as a 22 page PDF file here.  Subscribing is easy!  To voluntarily subscribe to the MCoC, you can register on the EDRM website here.  Identify your organization, provide information for an authorized representative and answer four verification questions (truthfully, of course) to affirm your organization’s commitment to the spirit of the MCoC, and your organization is in!  You can also provide a logo for EDRM to include when adding you to the list of subscribing organizations.  Pending a survey of EDRM members to determine if any changes are needed, this project has been completed.  Team leaders include Eric Mandel of Zelle Hofmann, Kevin Esposito of Rivulex and Nancy Wallrich.

Information Governance Reference Model (IGRM)

The IGRM team has continued to make strides and improvements on an already terrific model.  Last October, they unveiled the release of version 3.0 of the IGRMAs their press release noted, “The updated model now includes privacy and security as primary functions and stakeholders in the effective governance of information.”  IGRM continues to be one of the most active and well participated EDRM projects.  This year, the early focus – as quoted from Judge Andrew Peck’s keynote speech at Legal Tech this past year – is “getting rid of the junk”.  Project leaders are Aliye Ergulen from IBM, Reed Irvin from Viewpointe and Marcus Ledergerber from Morgan Lewis.

Search

One of the best examples of the new, more agile process for creating deliverables within EDRM comes from the Search team, which released its new draft Computer Assisted Review Reference Model (CARRM), which depicts the flow for a successful Computer Assisted Review project. The entire model was created in only a matter of weeks.  Early focus for the Search project for the coming year includes adjustments to CARRM (based on feedback at the annual meeting).  You can also still send your comments regarding the model to mail@edrm.net or post them on the EDRM site here.  A webinar regarding CARRM is also planned for late July.  Kudos to the Search team, including project leaders Dominic Brown of Autonomy and also Jay Lieb of kCura, who got unmerciful ribbing for insisting (jokingly, I think) that TIFF files, unlike Generalissimo Francisco Franco, are still alive.  🙂

Jobs

In late January, the Jobs Project announced the release of the EDRM Talent Task Matrix diagram and spreadsheet, which is available in XLSX or PDF format. As noted in their press release, the Matrix is a tool designed to help hiring managers better understand the responsibilities associated with common eDiscovery roles. The Matrix maps responsibilities to the EDRM framework, so eDiscovery duties associated can be assigned to the appropriate parties.  Project leader Keith Tom noted that next steps include surveying EDRM members regarding the Matrix, requesting and co-authoring case-studies and white papers, and creating a short video on how to use the Matrix.

Metrics

In today’s session, the Metrics project team unveiled the first draft of the new Metrics model to EDRM participants!  Feedback was provided during the session and the team will make the model available for additional comments from EDRM members over the next week or so, with a goal of publishing for public comments in the next two to three weeks.  The team is also working to create a page to collect Metrics measurement tools from eDiscovery professionals that can benefit the eDiscovery community as a whole.  Project leaders Dera Nevin of TD Bank and Kevin Clark noted that June is “budget calculator month”.

Other Initiatives

As noted yesterday, there is a new project to address standards for working with native files in the different EDRM phases led by Eric Mandel from Zelle Hofmann and also a new initiative to establish collection guidelines, spearheaded by Julie Brown from Vorys.  There is also an effort underway to refocus the XML project, as it works to complete the 2.0 version of the EDRM XML model.  In addition, there was quite a spirited discussion as to where EDRM is heading as it approaches ten years of existence and it will be interesting to see how the EDRM group continues to evolve over the next year or so.  As you can see, a lot is happening within the EDRM group – there’s a lot more to it than just the base Electronic Discovery Reference Model.

So, what do you think?  Are you a member of EDRM?  If not, why not?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Reporting from the EDRM Annual Meeting and a Data Set Update – eDiscovery Trends

The Electronic Discovery Reference Model (EDRM) Project was created in May 2005 by George Socha of Socha Consulting LLC and Tom Gelbmann of Gelbmann & Associates to address the lack of standards and guidelines in the electronic discovery market.  Now, beginning its ninth year of operation with its annual meeting in St. Paul, MN, EDRM is accomplishing more than ever to address those needs.  Here are some highlights from the meeting, and an update regarding the (suddenly heavily talked about) EDRM Data Set project.

Annual Meeting

Twice a year, in May and October, eDiscovery professionals who are EDRM members meet to continue the process of working together on various standards projects.  This will be my eighth year participating in EDRM at some level and, oddly enough, I’m assisting with PR and promotion (how am I doing so far?).  eDiscovery Daily has referenced EDRM and its phases many times in the 2 1/2 years plus history of the blog – this is our 144th post that relates to EDRM!

Some notable observations about today’s meeting:

  • New Participants: More than half the attendees at this year’s annual meeting are attending for the first time.  EDRM is not just a core group of “die-hards”, it continues to find appeal with eDiscovery professionals throughout the industry.
  • Agile Approach: EDRM has adopted an Agile approach to shorten the time to complete and publish deliverables, a change in philosophy that facilitated several notable accomplishments from working groups over the past year including the Model Code of Conduct (MCoC), Information Governance Reference Model (IGRM), Search and Jobs (among others).  More on that tomorrow.
  • Educational Alliances: For the first time, EDRM has formed some interesting and unique educational alliances.  In April, EDRM teamed with the University of Florida Levin College of Law to present a day and a half conference entitled E-Discovery for the Small and Medium Case.  And, this June, EDRM will team with Bryan University to provide an in-depth, four-week E-Discovery Software & Applied Skills Summer Immersion Program for Law School Students.
  • New Working Group: A new working group to be lead by Eric Mandel of Zelle Hoffman was formed to address standards for working with native files in the different EDRM phases.

Tomorrow, we’ll discuss the highlights for most of the individual working groups.  Given the recent amount of discussion about the EDRM Data Set group, we’ll start with that one today!

Data Set

The EDRM Enron Data Set has been around for several years and has been a valuable resource for eDiscovery software demonstration and testing (we covered it here back in January 2011).  The data in the EDRM Enron PST Data Set files is sourced from the FERC Enron Investigation release made available by Lockheed Martin Corporation.  It was reconstituted as PST files with attachments for the EDRM Data Set Project.  So, in essence EDRM took already public domain available data and made the data much more usable.  Initially, the data was made available for download on the EDRM site, then subsequently moved to Amazon Web Services (AWS).

In the past several days, there has been much discussion about the personally-identifiable information (“PII”) available within the FERC (and consequently the EDRM Data Set), including social security numbers, credit card numbers, dates of birth, home addresses and phone numbers.  Consequently, the EDRM Data Set has been taken down from the AWS site.

The Data Set team led by Michael Lappin of Nuix and Eric Robi of Elluma Discovery has been working on a process (using predictive coding technology) to identify and remove the PII data from the EDRM Data Set.  Discussions about this process began months ago, prior to the recent discussions about the PII data contained within the set.  The team has completed this iterative process for V1 of the data set (which contains 1,317,158 items), identifying and removing 10,568 items with PII, HIPAA and other sensitive information.  This version of the data set will be made available within the EDRM community shortly for peer review testing.  The data set team will then repeat the process for the larger V2 version of the data set (2,287,984 items).  A timetable for republishing both sets should be available soon and the efforts of the Data Set team on this project should pay dividends in developing and standardizing processes for identifying and eliminating sensitive data that eDiscovery professionals can use in their own data sets.

The team has also implemented a Forensic Files Testing Project site where users can upload their own “modern”, non-copyrighted file samples that are typically encountered during electronic discovery processing to provide a more diverse set of data than is currently available within the Enron data set.

So, what do you think?  How has EDRM impacted how you manage eDiscovery?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Skip the HASH When Deduping Outlook MSG Files – eDiscovery Best Practices

As we discussed recently in this blog, Microsoft® Outlook emails can take many forms.  One of those forms is the MSG file extension, which is used to represent a self-contained unit for an individual message “family” (email and its attachments).  MSG files can exist on your computer in the same folders as Word, Excel and other data files.  But, when it comes to deduping those MSG files, the approach to do so is typically different.

A few years ago, I was assisting a client and collecting emails from their email archiving system for discovery, outputting the selected emails to individual MSG files (per their request).  Because this was an enterprise-wide search of email archives, the searches that I performed found the same emails again and again in different custodian folders.  There was literally hundreds of thousands of duplicate emails in this collection.  Of course, this is typical – anytime you send an email to three co-workers, all four of you have a copy of the email (assuming none of you deleted it).  If the email is responsive and your goal is to dedupe across custodians, you only want to review and produce one copy, not four.

However, had I performed a HASH value identification of duplicates on those output MSG files, I would find no duplicates.  Why is that?

That’s because each MSG file contains a field which stores the Creation Date and Time. Because this value will be set at the date and time the MSG is saved, two emails with otherwise identical content will not be considered duplicates based on the HASH value.  Remember how “drag and drop” sets the Creation Date and Time of the copy to the current date and time?  The same thing happens when an MSG file is created.

Hmmm, what to do?  Typically, the approach for MSG files is to use key metadata fields to identify duplicates.  Many processing vendors use a typical combination of fields that consist of: From, To, CC, BCC, Subject, Attachment Name, Sent Date/Time and Body of the email.  Some use those fields only on MSG files; others use it on all emails (to dedupe individual emails within MSG files against those same emails within an OST or a PST file).

So, if you’re hungry to eliminate duplicates from your collection of MSG files, skip the HASH and use the metadata fields.  It’s much more (ful)filling.

So, what do you think?  Have you encountered any challenges when it comes to deduping emails?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

When Lawyers Get Sued, They Have Preservation Obligations Too – eDiscovery Case Law

In Distefano v. Law Offices of Barbara H. Katsos, PC., No. CV 11-2893 (JS) (AKT) (D. ED NY Mar. 29, 2013), New York Magistrate Judge A. Kathleen Tomlinson found that the defendant (an attorney who was being sued by the plaintiff she previously represented for breach of contract, negligence/legal malpractice, and breach of fiduciary duty/duty of care) had a duty to preserve information from a discarded computer and ordered a hearing for the defendant to address a number of questions to determine the potential relevance of the destroyed data and whether the defendant had a sufficiently culpable state of mind.

The plaintiff alleged professional negligence by the defendant related to her representation of his franchise business for Cold Stone Creamery stores.  During a Discovery Status Conference, it was revealed that the defendant had gotten rid of her computer before the litigation began, as she noted in her affidavit that she was advised by a third-party individual who fixed her office computers that they could not be repaired.  As she used AOL for email correspondence, she contacted AOL “to inquire if emails from several years ago could be recovered by AOL”, but was told that they “could not recover emails from several years ago for the stated email address”.  After receiving the defendant’s affidavit, the plaintiff filed a motion for spoliation.

With regard to the defendant’s duty to preserve information related to her representation of the plaintiff, Judge Tomlinson stated:

“The Court concludes that Katsos’ duty to preserve documents arose as early as late February 2009, when Michael DiStefano terminated the attorney-client relationship between Plaintiffs and Defendants.”  On February 24, 2009, the plaintiff send the defendant a letter terminating the representation “immediately” and stated that he would “communicate with you further, in writing, so as to explain the reasons why I am discharging you.”  Noting that the “language of Michael DiStefano’s letter gives the appearance that Distefano was not satisfied with Katsos’ work”, Judge Tomlinson also noted that “[i]n assessing whether litigation was reasonably foreseeable in these circumstances, the Court cannot ignore the fact that Katsos is an attorney and should have been attuned to the prospect of litigation.”

To determine the defendant’s culpable state of mind, Judge Tomlinson ordered a hearing on May 13 for the defendant to “be prepared to testify regarding, among other things, the following areas:

  1. Katsos’ normal document preservation/retention/deletion/destruction practices;
  2. the number of computers utilized in her office prior to 2009, when the computers were purchased, and the specific circumstances surrounding the breakdown of each of those computers;
  3. the service agreements for those computers and the vendor(s) used;
  4. whether Katsos maintained a network server;
  5. AOL’s automatic deletion policies to the extent they were explained to Katsos;
  6. a complete list of every email address used by Defendant Law Offices of Barbara H. Katsos, PC and Defendant Barbara Katsos or her staff to communicate with Plaintiffs;
  7. Katsos’ attempts to gain access to the email accounts used by her paralegals and interns referenced in Paragraph 5 of Katsos Aff. II and page 16 of Plaintiffs’ Memorandum;
  8. the document preservation steps undertaken by Katsos when Plaintiffs instituted an adversary proceeding against her in March of 2010;
  9. the retention and utilization of the services of Jan Sloboda.” (the third-party individual that advised her to replace her computers)

The plaintiffs were also ordered to identify “general categories of documents that have been adversely affected” to help determine the relevance of the data in question and were permitted to question the defendant at the hearing.

So, what do you think?  Was this an appropriate course of action to determine whether sanctions are appropriate?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Image is Everything, But it Doesn’t Have to Cost Anything – eDiscovery Best Practices

Do you remember this commercial?  Can you believe it’s 23 years old?

Let’s recap.  So far, in our discussion of free utilities for collection of data for eDiscovery, we’ve discussed the pitfalls of using drag and drop, the benefits of Robocopy (illustrating with the same example copy) and the benefits (and pitfalls) of Richcopy for targeted collection.  But, are there any free tools that will enable you to perform a bit-by-bit forensic image copy that includes deleted files and slack space data?  Yes, there is.

Forensic Toolkit (FTK) is a computer forensics software application provided by AccessData.  The toolkit includes a standalone disk imaging program called FTK Imager.  FTK Imager is a free tool that saves an image of a hard disk in one file or in segments that may be reconstructed later. It calculates MD5 or SHA-1 hash values of the original and the copy, confirming the integrity of the data before closing the files.

With FTK Imager, you can:

  • Create forensic images of local hard drives, floppy diskettes, Zip disks, CDs, and DVDs, entire folders, or individual files from various places within the media.
  • Preview files and folders on local hard drives, network drives, floppy diskettes, Zip disks, CDs, and DVDs – including files located in container files such as ZIP or RAR files.
  • Preview the contents of forensic images stored on the local machine or on a network drive.
  • Mount an image for a read-only view that leverages Windows Explorer to see the content of the image exactly as the user saw it on the original drive.
  • Export files and folders from forensic images.
  • See and recover files that have been deleted from the Recycle Bin, but have not yet been overwritten on the drive.
  • Create MD5 or SHA-1 hashes of files and generate hash reports for regular files and disk images (including files inside disk images) that you can later use as a benchmark to prove the integrity of your case evidence. When a full drive is imaged, a hash generated by FTK Imager can be used to verify that the image hash and the drive hash match after the image is created, and that the image has remained unchanged since acquisition.

Like all forensically-sound collection tools, it retains the file system metadata (and the file path) and creates a log of the files copied.  You can also provide Case Number, Evidence Number, Unique Description, Examiner, and any Notes for tracking purposes to aid in chain of custody tracking.

To download FTK Imager, you can go to the AccessData Product Downloads page here.  Look for the link for FTK Imager in “Current Releases” (it’s currently the seventh item on the list) and open the folder and select the current version of FTK Imager (currently v3.1.2, released on 12/13/12).

Next week, we will begin to discuss how to use FTK Imager to preview files, create forensic images, recover deleted files and use hash values to validate your image.

So, what do you think?  Have you used FTK Imager as a mechanism for eDiscovery collection?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Rejects Defendants’ Claim of Undue Burden in ERISA Case – eDiscovery Case Law

 

In the case we covered on Monday, the court ruled for the defendant in their effort to avoid what they felt to be undue burden and expense in preserving data.  Here is another case where the defendant made an undue burden claim, but with a different result.

In the case In re Coventry Healthcare, Inc.: ERISA Litigation, No. AW 09-2661 (D. Md. Mar. 21, 2013), Maryland Magistrate Judge Jillyn K. Schulze rejected the defendants’ claim of undue burden where they failed to suggest alternatives to using the plaintiffs’ search terms and where they could enter a clawback order to eliminate the cost of reviewing the data for responsiveness and privilege.

In this Employee Retirement Income Security Act (ERISA) class action, a discovery dispute arose when the defendants filed a motion to curtail the relevant time frame for discovery due in part to the burden it would impose on them. The plaintiffs sought discovery from February 9, 2007 to October 22, 2008; the defendants asked the court to limit it to January 1, 2008 to June 30, 2008.

The defendants relied on Rule 26(b)(2)(C)(iii) to establish that the burden of producing the data outweighed any benefit it offered the plaintiffs. Judge Schulze noted that the “party seeking to lessen the burden of responding to electronic records discovery ‘bears the burden of particularly demonstrating that burden and of providing suggested alternatives that reasonably accommodate the requesting party’s legitimate discovery needs’”.

Here, the defendants claimed they tested the plaintiffs’ proposed search terms on the custodians’ data and hit 200,000 documents. They claimed it would cost roughly $388,000 to process, host, and review the data for responsiveness and privilege. However, the defendants did not suggest “any alternative measures that could reasonably accommodate Plaintiffs’ discovery needs other than negotiating more refined search terms.”

In response, the plaintiffs argued they had tried to collaborate with the defendants to “develop appropriate searches for ESI by limiting the searches to certain designated custodians” and by shortening the discovery period by three months.

Judge Schulze found that the narrowing of the discovery period would reduce the costs, and that “a clawback order can protect Defendants against a claim of waiver, such that Defendants need no longer bear the cost of reviewing the ESI for responsiveness and privilege.” Finally, “[t]o further reduce any undue burden, Plaintiffs may need to refine their proposed search terms to narrow the pool of potentially relevant documents.”  With these options available, Judge Schulze found that the defendants had not met their burden to show that producing the evidence would be unduly burdensome.

So, what do you think?  Should the defendant’s request have been granted?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case Summary Source: Applied Discovery (free subscription required).  For eDiscovery news and best practices, check out the Applied Discovery Blog here.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Minnesota Implements Changes to eDiscovery Rules – eDiscovery Trends

Last week, we reported on potential amendments to the discovery provisions of the Federal Rules of Civil Procedure that could be adopted within the year.  States are busy with changes too.  One such state is Minnesota, which has amending its rules to emphasize proportionality, collaboration, and informality in the discovery process.

As reported by Brendan Kenny in Law Technology News (Minnesota Amends Civil E-Discovery Rules), on February 4, Minnesota’s Supreme Court adopted amendments to the Rules of Civil Procedure, scheduled to take effect on July 1 of this year. Notable were amendments to Rules 1 and 26, as follows:

  • Rule 1: To address proportionality concerns, the following was added to the existing rule: “It is the responsibility of the court and the parties to examine each civil action to assure that the process and the costs are proportionate to the amount in controversy and the complexity and importance of the issues” by considering the “needs of the case, amount in controversy, parties’ resources, and complexity and importance of the issues at stake in the litigation.”
  • Rules 26: Rule 26.02(b) was amended, requiring that the scope of discovery “comport with the factors of proportionality, including without limitation, the burden or expense of the proposed discovery weighed against its likely benefit, considering the needs of the case, the amount in controversy, the parties’ resources, the importance of the issues at stake in the action, and the importance of the discovery in resolving the issues.”  Also, Rule 26.06 was amended to require the parties to “confer [on discovery] as soon as practicable — and in any event within 30 days from the initial due date for an answer”.

As discussed in the article, here are some other notable changes:

Rule 37.03 will authorize courts to sanction any party who does not disclose information or witnesses by

  1. Precluding the party from using that information or witness.
  2. Ordering the party to pay the other party’s “reasonable expenses.”
  3. Informing the jury of the party’s failure, or (4) imposing “other appropriate sanctions.”

Rule 37.06 allows the court to require a “party or attorney to pay to any other party the reasonable expenses, including attorney’s fees, caused by the failure” to “participate in good faith in developing and submitting a proposed discovery plan as required by Rule 26.06”.

Also, Rule 115.04 will allow courts to resolve motions to compel through an informal telephonic conference with the court, an option not previously in either Minnesota or federal court.

A link to the full set of amendments can be found here.

So, what do you think?  Has your state recently adopted any rules changes to address discovery?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Agrees with Defendant that Preserving 5 Terabytes of Data is Enough – eDiscovery Case Law

In United States ex rel. King v. Solvay, S.A., No. H-06-2662, 2013 U.S. Dist. LEXIS 30752 (S.D. Tex. Mar. 5, 2013), Texas District Judge Gray Miller granted the defendant’s request for a protective order where the plaintiffs only offered generalized, unsupported claims to support their request to extend and expand discovery.

In this False Claims Act, the plaintiffs, qui tam relators whose claims led to investigation by several state attorneys general, claimed the defendants engaged in off-label promotion of drugs, violated the anti-kickback statute, and retaliated against them.

The defendant, Solvay Pharmaceuticals, now doing business as Abbott Products (after Abbott acquired Solvay in 2010), filed a motion seeking a protective order from having to respond to the relators’ discovery requests about ongoing fraud, which it claimed were irrelevant to the claims in the lawsuit.

During the course of discovery, the company imposed a litigation hold and preserved more than 2,500 eMail backup tapes, more than 56,000 network share backup tapes, and roughly 5 terabytes of data on its network share drives—all dating from the 1990s through 2010 – and covering 89 custodians, both former and current employees. But the relators requested more. If the litigation hold were to expand to accommodate the relators’ requests, it would require the company to dedicate additional server space to store the data. Moreover, the company argued that it would cost at least $480,000 to process the eMails it was already preserving, and the review of those eMails would cost $2.3 million, excluding quality control, privilege review, and production costs. Adding the additional data from after Abbott acquired Solvay would drive these costs substantially higher. The relators objected, suggesting that the company’s “sweeping generalizations” about the potential burden were inaccurate. In the alternative, the relators agreed to an end date of December 31, 2012 or to depose witnesses to determine the appropriate cutoff.

Under Federal Rule of Civil Procedure 26(c)(1), courts can limit discovery to protect parties from undue burden or expense. Judge Miller agreed with the defendant that a few references that conduct was continuing “‘to the present’ in a 267-page complaint containing more than 768 paragraphs does not justify the burden and expense associated with unfettered discovery ‘to the present’ in a case in which discovery is already going to be incredibly expensive and time-consuming.” Although Judge Miller was willing to extend the relevant time frame to include some claims outside of the relators’ personal knowledge because the real party in interest was the United States, he was not willing to go so far as to permit the “generalized claims of ongoing conduct to form the basis for a fishing expedition.”  As a result, he granted the motion for a protective order, limiting the time frames for Solvay’s discovery obligations.

So, what do you think?  Was the judge right to limit the defendant’s discovery obligations?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case Summary Source: Applied Discovery (free subscription required).  For eDiscovery news and best practices, check out the Applied Discovery Blog here.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

You Don’t Have to Be Rich to Use Richcopy – eDiscovery Best Practices

A couple of weeks ago, we discussed the pitfalls of using drag and drop for collecting files for eDiscovery and illustrated an example using a blog post that I wrote about a month ago in a Word document for the post Five Common Myths About Predictive Coding.  If you followed the steps along with one of your own files, you noticed that the resulting file appeared to have been modified before it was created, which reflects spoliation of the metadata during the copy process.

Last week, we discussed the benefits of Robocopy, how to access it via the command line prompt (if you have Windows Vista or later) and how to get it (if you don’t).  Then, we performed an example copy (using an Excel script I use to create the copy) and took a look at the results to show how the date metadata was preserved during the copy.  If you’d still like a copy of the Excel Robocopy script, feel free to request it by emailing me at daustin@cloudnincloudnine.comm.

If you want to be able to perform a forensically sound targeted collection, but would prefer a GUI based tool for performing the copy (instead of a command-line tool like Robocopy), then perhaps you should consider Richcopy.  RichCopy is a free computer utility program developed by Ken Tamaru of Microsoft to copy file directories.  It has some advantages, but also some pitfalls, to consider as a targeted copy and collection tool.

One of the benefits of Richcopy (in addition to the GUI interface) is that it copies several files simultaneously (“multi-threaded”), which can drastically reduce the time required for multi-gigabyte file copy operations (earlier versions of Robocopy didn’t support multi-threaded copying, but the current one does, with the /MT[:n] command).

Unfortunately, Richcopy has not been updated in nearly four years by the developer, so you may run into issues (for example, it apparently doesn’t handle file names longer than 255 characters) and, as a free utility, it’s not supported by Microsoft.  Also, Help doesn’t open up throughout much of the application, so getting additional information from the help file is not always easy.  Consider yourself warned.

You can download a copy of Richcopy from the link in this TechNet magazine article.  I did so, and performed the same copy of the Word document for the post Five Common Myths About Predictive Coding that I performed in the other cases.  Let’s see how Richcopy handled that file copy.

You’ll see below that the main form of Richcopy provides the ability to select the source and destination paths, and specify options (as indicated by the red box).  Once you have the parameters set, click the green “Go” button (as indicated by the red circle) to perform the copy.  Progress and logging information will appear in the two status windows below.

The Options button opens a dialog for specifying a variety of options, including copy parameters, thread counts, file attributes and error handling, files to be included and/or excluded (by name, extension or attributes, such as excluding system files) and logging.  As you’ll see below, I set the “files to be included” option to copy the example file I’ve been using in the other tests.

The result?  I did get a copy of the selected file which contained preserved file metadata (i.e., the Created date and the Accessed date reflect the original date and time when the file was created and last accessed).  However, it also copied empty folder for all of the folders underneath the source folder.  I couldn’t figure out how to turn it off and the aforementioned Help file issues didn’t enable me to identify a workaround.

If you absolutely require a GUI interface for free targeted file collection, Richcopy may be a better alternative than Robocopy, but not necessarily the best alternative.  Next week, we’ll begin discussing another free GUI alternative that not only supports targeted collection of files, but also supports bit-by-bit imaging to capture deleted files and slack space data!

So, what do you think?  Have you used Richcopy as a mechanism for eDiscovery collection?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Court Forces Defendant to Come to Terms with Plaintiff Search Request – eDiscovery Case Law

In Robert Bosch LLC v. Snap-On, Inc., No. 12-11503, (D. ED Mich. Mar. 14, 2013), Michigan District Judge Robert H. Cleland granted the plaintiff’s motion to compel with regard to specific search terms requested for the defendant to perform.  The judge denied the plaintiff’s request for sanctions to award attorneys’ fees and expenses incurred in bringing its motion to compel.

The plaintiff filed a motion to compel the defendant to perform the following two search terms for discovery purposes (where “!” is a wildcard character):

  • (diagnostic! and test!), and
  • ([ECU or “electronic control unit”] and diagnostic!)

Under Fed. R. Civ. P. 34(a)(1)(A), a party must produce relevant documents and electronically stored information. While the defendant did not dispute that the search terms are relevant, they argued that the terms were so broad and commonly used in day-to-day business that searching the terms would be burdensome and result in overproduction by including large portions of their business unrelated to the case.  The defendant’s arguments were twofold:

  1. Overbroad: The defendant claimed that “the word ‘diagnostics’ is included in at least one custodian’s email signature and that ‘the vast majority of documents in Snapon’s Diagnostic Group include the word `Diagnostics,’ thereby effectively reducing the disputed terms to `test!’ and `(ECU or “electronic control unit”).’”
  2. More Appropriate Alternatives: The defendant contended that the term “diagnostic” would be sufficiently searched by already agreed upon searches which pair “diagnostic” with “more narrowly tailored conjunctive terms, such as ‘plug’ and ‘database,’ that are not as common as ‘test’ and ‘ECU.’” The defendant also claimed that the search terms were unnecessary because they agreed to run searches of all of the variations of the names of the accused products.

Judge Cleland stated that he found the defendant’s arguments “unpersuasive”, stating that “[e]ven though Snap-on has agreed to search all variations of the names of the accused products, the disputed search terms may uncover relevant documents that do not contain the accused products’ names. The court is not convinced that the terms “test” and “ECU” are significantly more common than “plug” and “database” such that searching (diagnostic! and plug) is reasonable but searching (diagnostic! and test!) is burdensome.”

Judge Cleland also suggested techniques “to limit any overproduction”, including not producing emails in which the term “diagnostic” was found only in the signature portion and using proximity connectors (agreed-upon with the plaintiff) in the searches.  He also recommended that the defendant “should communicate the proposed techniques to Bosch prior to running the searches” and that the “parties should discuss and agree upon the details of the techniques so that the searches are conducted without generating further motion practice on the matter.”

The judge, however, denied the plaintiff’s request for sanctions in the form of reimbursement of attorneys’ fees and expenses for filing the motion to compel, indicating that the defendant “has provided logical reasons for objecting to the disputed search terms”.

It’s interesting that the defendant didn’t provide document retrieval counts and try to argue on the basis of proportionality.  Perhaps providing the counts would reveal too much strategy?  Regardless, it seems that the wildcard search for “test” could be argued as potentially overbroad – there are 60 words in the English language that begin with “test”.  It looks like somebody is getting “wild” with wildcards!

So, what do you think?  Could the defendant have made a more effective argument, based on proportionality?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.