E-Discovery: Common pitfalls
In a complex business dispute, litigation or regulatory investigation, all organisations face one certainty – the discovery process. Whether you are a litigation lawyer at a law firm or in-house counsel, responding to a discovery request or regulator’s notice involves a myriad of complex requirements for proper data collection, processing, hosting, review and production.
Traditionally, the discovery process has involved primarily hard copy documents. However, the low cost of electronic data storage, coupled with a behavioural shift towards increased reliance on electronic communication, means that many of the potentially relevant documents in your organisation will be stored electronically, including emails and Word and Excel documents. And data volumes are often immense. Therefore, the discovery process now requires requests for, and the provision of, a considerably larger proportion of electronic documents.
Also, the ‘new’ High Court Rules (High Court Amendment Rules (No 2) 2011) came into force on 1 February 2012. The changes to the rules promote electronic discovery (“eDiscovery”), reflects the ever-increasing volume of data (in particular, electronic data) in modern litigation, and the need to effectively and efficiently handle the discovery process.
There are three main phases to the discovery process:
Collection: This phase requires an organisation to identify the data sources, and appropriately collect the documents and the associated metadata (data about data, e.g. author, date and time information) in a forensically sound manner to ensure that the evidence and the chain of custody are preserved. This phase often involves an organisation’s IT staff and/or Forensic expertise to collect the data. An organisation’s key decision-makers and legal advisors are also essential to determine what data should be collected.
Processing: This involves indexing the documents and converting documents such as pdfs or other scanned documents (e.g. hard copy documents) into text-searchable documents using a process called Optical Character Recognition (OCR). Processing may also involve decrypting password-protected documents. Processing the data enables the documents to be filtered in order to reduce the electronic data sizes at the earliest stages in the discovery process. Filtering techniques include key-word searches, date-range filters etc. This phase often involves Forensic expertise to process and filter the data. Although an organisation’s key decision-makers and legal advisors are also essential in order to determine what filters to apply.
Review: This is a critical component to most litigation. Reviews are usually conducted by legal staff (in-house and/or external) and are used to identify responsive documents to produce, and privileged documents to withhold.
In our experience, when managing the eDiscovery process, the key questions to ask are:
Are the right people involved in key eDiscovery decisions?
When an organisation needs to comply with discovery or a regulator’s notice, there are often tight deadlines in which to respond, making the discovery process very stressful. In a tight deadline or stressful situation, the temptation is to quickly make decisions, which may mean that key people are excluded from the discovery decision-making process.
In our experience, successful discovery occurs when all key stakeholders are involved in the decision-making process from the outset. The key decision-makers for a successful discovery process include external legal advisors, in-house legal advisors (if applicable), IT, business leaders or key management personnel, Privacy Officers (if applicable) and Forensic experts who are familiar and experienced in the eDiscovery process. This list of people encompasses all of the different disciplines and expertise required in the eDiscovery process (from collection to review).
What data should be collected?
Relevant documentation for the discovery process may reside in a number of different places, such as hard copy documents, individual computers, laptops, servers, smartphones, the cloud, back-up tapes, social media, externally hosted web-based email servers and document management systems.
The time and effort required to obtain data from each of these data sources needs to be considered. While some data sources might be well structured and easy to use, others may require significant time and effort when it comes to extracting information.
Also, it might not be appropriate to collect all of these data sources for the discovery process. One of the key principles of the new High Court Rules is ‘proportionality’. High Court Rule 8.2(1) requires the parties to cooperate to ensure that discovery and inspection are “proportionate to the subject matter of the proceeding.” And 1(d) of the Discovery Checklist requires the parties to consider the likely costs of the discovery and “assess and discuss … whether that estimated cost is proportionate to the sums in issue…” Therefore, given that proportionality is a key principle of the new Rules, to collect and process all data sources might be disproportionate to the issue or subject matter. However, if a party decides not to collect data from certain data sources, they should be able to justify this decision if questioned by the other party, the regulator or the Court – which could be several months (or years) in the future.
When managing the discovery process, in our experience, organisations should clearly understand the objectives and use this to determine what data sources should be collected. Organisations should also clearly document what data sources to collect, and more importantly, what data sources should not be collected and why.
Have you collected all of the data?
Sometimes, despite making and documenting data collection decisions, key data might not be collected. For example, instead of collecting all sent and received emails, only the sent emails were extracted; or a key user’s computer has not been collected; or there is an obvious gap in the data collected (e.g. October data is missing).
In our experience, running data analytics over the collected data will highlight any gaps or anomalies that might indicate that data is missing. And in our experience it is important that this is done early in the discovery process and before any processing, filtering or reviewing has begun in order to avoid wasted time and costs.
Have you filtered the data appropriately?
Filtering the data is an important step in the discovery process as it assists in reducing the number of the documents for review. But the filtering phase needs to be carefully managed in order to ensure that documents are not unjustifiably excluded (e.g. relevant, discoverable documents are not returned) and that the High Court Rules are adhered to.
High Court Rule 8.14 requires parties to make a reasonable search for documents. What is reasonable depends on the circumstances and includes factors such as the numbers of documents involved, the ease and cost of retrieving a document and the need for discovery to be proportionate to the subject matter of the proceeding. However, the reasonable search requirement needs to be balanced with the temptation to brutally apply filtering techniques so as to drastically reduce the amount of documents for review. By doing this, there is a risk that the Court will find that you did not comply with the discovery process. In our experience, some of the filtering ‘fish-hooks’ to watch out for are:
Narrow or pre-agreed key words. Whilst one of the key principles of the High Court Rules is cooperation, there is a danger that parties may agree on the key word searches too early in the discovery process. For example, once the discovery process commences it might become apparent that the initial key word searches are not returning appropriate results; and therefore the key word searches need to be tweaked to better align with the words used in the data. This might be because of the syntax used, for example “computer” will not return “laptop” etc.
Documents with no dates. Sometimes documents have no dates. These might have been scanned by a scanner which does not record document dates. Therefore, if a date range filter is applied, these documents will not be returned.
De-duplicating documents. Clause 8 of the listing and exchange protocol in the Rules details how to deal with duplicate documents. It is important that de-duplicating documents are properly managed in order to comply with the Rules, and also to avoid reviewing multiple, duplicated documents. However, when de-duplicating documents it is important that email ‘families’ are properly de-duplicated. For example, an email and an attachment are only considered to be a duplicate if the entire email and attachments are contained together elsewhere. So, if a relevant document (e.g. a word document) is a stand-alone document, but is also attached to an email (a ‘child’ document and therefore part of the email ‘family’), both documents need to be discovered. The ‘parent’ email that includes the attachment also needs to be provided.
How can we help?
Deloitte Forensic has assisted many organisations manage the electronic discovery process in an efficient, secure and easily accessible manner. If you or your organisation needs electronic discovery assistance, please do not hesitate to contact either Jason Weir or Melanie Maddox.
The requirements of discovery are covered under the new High Court Rules. This article does not attempt to circumvent appropriate legal advice that should be obtained about how the discovery process should be conducted. We have provided some considerations for managing the discovery process. If your organisation’s discovery process is not managed properly, you could find yourself in a situation where you are unable to provide information that you are required to disclose. This is especially problematic when the other parties to litigation are able to do so effectively.