Jim Shook

Rather than trying to make predictions for 2012, which I tend to avoid, I thought it might be interesting to put together a short wish list of things that I hope for in 2012.  The usual suspects immediately sprang to mind:  that Legal and IT learn to effectively communicate; companies begin to defensibly delete their stale and legacy data, more eDiscovery moves in-house, etc.  Those all seemed to be a little much to absorb in January, so instead I put together a much more achievable “To Do” list with some additional resources to help.

Don’t Be Scared Of  “Archiving”

Despite surveys suggesting otherwise, our experience is that email remains the most important and painful eDiscovery repository in a company.  Email sprawl also creates operational costs and risks when it’s not properly managed.  Yet many legal departments either block or fail to assist the efforts of their IT counterparts when they decide to do something about email.  Many times, this failure is because they really do not understand email, or their understanding of an “archive” implies that they will be keeping everything forever.

In reality, modern archives enable companies to implement and enforce retention policies on email, which is a strong foundation to enable defensible deletion of email.  Better archives can also enable similar management of other content repositories, such as Sharepoint and fileshares.  A good archive, with associated policies, will improve and reduce the cost of operations, and make eDiscovery cheaper and easier.

Learn more:

• Advanced Discovery, Why (and How) To Archive Email

• EMC Corporation, A 15 Minute Guide To Archiving

Dive Into Machine Classification and Coding

Machine-based coding for document review is a hot topic.  We’re learning that in many cases, people just do not do a great job in reviewing and coding large volumes of information.  However, machines are built for this type of work because they are consistent, never tire and are cheaper than human review.  An open and shut case, right?

In reality, there remains a misunderstanding about how these technologies actually work, and how they can be successfully deployed and defended in a litigation matter.  Clearly they hold great promise, but there’s a lot of work to be done before they become mainstream.

Learn more:

• Honorable A. Peck, “Search, Forward”
• Ralph Losey,  “Secrets of Search Part 3”
• Maura Grossman  & Gordon Cormack,  Technology Assisted Review in EDiscovery

Be Proactive With Social Media

Many companies are using different types of “social media” to more effectively and rapidly reach their customers, partners and even their own employees.  Technologies such as Twitter, Facebook, wikis and blogs are being used daily, and it’s likely we’ll see some even newer technologies develop in 2012.

Yet social media is not a free ride.  Gartner’s Debra Logan predicted a year ago that by YE 2013, half of all companies will have produced social media content in response to an eDiscovery request.  But today, most companies do not have policies to regulate social media content, nor do they have much of an idea on how they might preserve and collect that ESI in response to a regulatory or litigation matter.

Learn more:

• Alitia Faccone, It’s Not Personal, It’s Business:  Or Is It?
• On Demand Webinar, No Longer A World Apart

Understand “The Cloud”

Ahhh, the Cloud.   Depending on your vantage point, Cloud Computing may be the answer to every issue you have or the most overhyped idea since push computing in the 90s.  The IT department is attracted to the cloud’s operational efficiencies and flexibility, and the business enjoys the rapid rate of deployment.

But don’t dive in without being informed.  “Cloud Computing” is actually an umbrella term representing a number of different deployment and service models.  Operational and cost benefits found with cloud computing should be weighed against the loss of control that comes with those deployments.  In some cases, that’s an easy trade-off.  In others, particularly where compliance is concerned, it can be more difficult.  Even in tougher cases, better informed teams might be able to get the best of both worlds by leveraging private or hybrid cloud deployments.

•  Jim Shook, “If Your Head Is In the Clouds, Keep Your Feet on the Ground”

• CIO Update, “Top 7 Legal Things To Know About Cloud, SaaS and eDiscovery”

2011 also saw the rise in importance of machine based classification and coding.  This was emphasized by the keynote speech given by Judge Andrew Peck at the Carmel Valley eDiscovery Retreat in July.  He gave what is considered one of the clearest statements yet by a judge that the use of new technology like predictive coding is an acceptable way to conduct search in appropriate civil litigation cases.  He memorialized his thoughts in a well written article a few months later.[2]

Issues about managing eDiscovery in the cloud and for social media gained attention due to cases such as Social Networking Katiroll Co., Inc. v. Kati Roll and Platters, Inc.[3] (Court ordered an individual defendant to re-post the previous Facebook profile picture to allow the plaintiff to print any posts it felt were relevant), Offenback v. L.M. Bowman, Inc.[4] (Judge ordered production of photographs and postings on Facebook), Piccolo v. Patterson[5] (Motion to compel Plaintiff to accept defense attorneys “friend request “was denied) and Zimmerman v. Weis Markets, Inc.[6] (Plaintiff ordered to provide all passwords and usernames for Facebook and MySpace to the defendant and preserve all existing information). The solutions to address these challenges will undoubtedly gain mindshare in the new year.

Some of the dominant points of contention in 2011 were around cost shifting and taxation of eDiscovery costs. The courts did not settle on a unanimous viewpoint regarding these concerns however a number of cases seem to indicate a shift toward taxing of eDiscovery costs to the losing party.[7]

The top concerns in 2011 however were around preservation and proportionality.  Those concerns were highlighted in the recent case of Pippins v. KPMG LLP .[8]   In this case, the plaintiffs, potential members of a nationwide FLSA collective and/or a putative New York State class, challenged KPMG’s treatment of accountants in its audit practice.  KPMG tried to narrow the scope of its preservation obligation to a random sample of 100 hard drives from among those it had already preserved for this and other litigation. Alternatively, KPMG sought to shift the cost of any preservation beyond the scope it had suggested because there were more than 7,500 potential opt-in plaintiffs to the FLSA collective nationwide. Not only did the Magistrate Judge order that KPMG must preserve the hard drives of computers used by anyone who might join in the action, he also denied their request for cost shifting.

Perhaps it is because of cases like these that the single biggest news this year is that the Advisory Committee on Civil Rules is considering amending the Federal Rules of Civil Procedure (FRCP) once again.   The process has energized many in the legal community to provide their input and influence in various forums to make sure their point of view is considered.[9] Some decision should come out of the committee early next year.

In all, with 2011 being such a bumper year for eDiscovery, 2012 will undoubtedly provide many new developments to keep eDiscovery professionals on their toes.

I for one believe that the President’s challenge should be embraced by every professional records manager in the United States, if not the world.  Here is one national leader, who openly acknowledges that records management within the US Federal Government is ripe for improvement.  Similar improvements are called for in the private, state and local government sectors of this country.  By-in-large, this profession is due for a significant shot in the arm and this Presidential challenge is that opportunity, so let’s make the most of it.

We have all seen New Year’s Resolutions for most everything one can imagine so, why haven’t we seen one for Records Management Programs?

Well, no longer, let’s try this one:

“In 2012, I vow to work towards improving my organizations ability to effectively and efficiently retain, preserve, protect and disposition our organization’s records in accordance with our approved retention schedule.”  I will accomplish this by employing some of the following steps:

1. Expose what it is costing my organization today to do business without effective records management;
2. Perform a prescriptive self assessment on my organization’s current records management program against a commonly accepted set of criteria, such as ARMA International’s GARP (Generally Accepted Records Principles);
3. Develop a return-on-investment (ROI), business case and total-cost-of-ownership (TCO) based upon the information uncovered in the first two steps and develop an Executive level presentation which clearly and concisely articulates those savings for my organization’s Executives;
4. Work to build out our organization’s information governance program based upon where we discover we are at today (following the self-assessment), not where you want to be.  Enhancements to our information governance program can and should take place as our program matures and execution is facilitated by automation when and where appropriate;
5. Begin immediately to limit the publication and processing of hard copy documents and presume that information should progress though its lifecyle in electronic form rather than paper, whenever practical and permitted by law; and
6. Employ a tool like contextual analytics / file Intelligence to analyze, index and categorize our organization’s information in various high priority repositories so, that decision makers know specifics about what information we have, in order to make the right decisions about what to do with it.  Decision makers must have this kind of detail in order to determine:

• what  information is a business record or not, if not a business record  we can likely defensively depose of them in-place;
• if it is a business record, and we already have a copy of it, we do not need to keep it and can defensively dispose of the duplicates in-place; and
• if the business record is not a duplicate however, it has already satisfied its retention requirements, we can then defensively dispose of it in-place.

If the discovered business record is currently in an existing inadequately secured repository, we will then take this opportunity to move the business record to a secure repository, where it can be secured, so that no unauthorized personnel (including the owner of the record) can change or delete the record until which time it has satisfied its retention period.

So, think about this.  Maybe, everything here is too much you and your organization to take on in one year.  If that is the case, start at the top of the list and do what you can.  Just remember that old saying, “A decision not to decide is still a decision” and one that has little to show for it. 

Challenge yourself, that is the only way you are going to be able to improve things records management wise within your organization.  Don’t forget ROI and TCO they are your keys to successfully defending your efforts and the resources you will be asking your management to spend.

HAPPY NEW YEAR and let me know if I can help you, (having successfully done this seven times in my 30+ years implementing records management programs in both the public and private sectors.)

Since the amendments to the Federal Rules of Civil Procedure there has been much discussion on this topic, but limited practical solutions to the problem.  The Pension Committee decision has made notifying & managing custodians & “key players” effectively a core requirement for most legal departments.

The challenge with the legal hold notification, preservation & collection processes for most organizations is the “ad hoc” nature of defining systems of record, ESI & custodians & executing preservation in a defensible manner.  Notifying custodians a timely manner and keeping an audit trail to defend the process consumes significant time & resources and is inherently risky…if the organization relies on the custodian for preservation.

The Preservation Order

The ability to issue a legal hold notification or a preservation order to all custodians & key players has become an essential component in any defensible legal preservation process.  This usually includes a mix of end-users (creators) and IT & records custodians.

Managing Your Key Players

In the post-Pension Committee environment the standards have be raised and defensibility can hinge on how well the organization executed in two key areas:

• Ability to manage the legal hold notification process

• Ability to mitigate risks of spoliation

The first process is intended to prevent the second…but lessons learned in the age of “Big Data” & “Choice Computing” is that there is too much risk to the organization to rely on custodians & key players to preserve.  Most custodians are not IT experts and although may have good intentions…they don’t know their “systems of records”, retention & disposition policies, back up procedures etc.

The leading practice is to notify all relevant custodians & “key players” of the duty to preserve all potentially responsive information, whether in electronic form or paper form as quickly as possible, request and obtain an acknowledgment from each custodian, retain the acknowledgment and send periodic reminders.

In most cases it may not be reasonable to rely on the custodian involved to preserve responsive information making defending the process more challenging.  The more pragmatic action is to instruct the recipient to take no action until notified otherwise and rely on business processes & technology to identify, preserve & collect in a defensible manner.

Managing Preservation & Collection as a Business Process

Relying on manual processes, spreadsheets and “old school” methods is problematic and cumbersome for managing & tracking legal hold notices.   The “one off” nature of using spreadsheets & other outdated tools makes the process harder to defend.  The risk of spoliation, fines and sanctions makes relying on the custodian to preserve and disclose all sources of responsive information risky to protect the organization’s interests.

A good process includes a defensible hold notification process & a collection plan which is not controlled & managed by the custodian.  The successful execution requires process & technology.  An audit trail of events throughout the case has become an essential element of defending not only what is being produced, but also what has not been produced & why…Privilege, Confidentiality, Classification etc. There is also the continued need to demonstrate the authenticity of the information being offered into evidence and that effective chain of custody procedures were in place since actual or constructive notice of the duty to preserve.

Preservation & collection should be managed & controlled by “legal”…not the custodian.  Collections must be done in a forensically sound manner & requires people, process & technology that go far beyond desktop tools.

Leverage tools in the data center to identify, systems of record, ESI & custodians…work with & leverage custodians…but don’t rely on them!!

The growing trend is to understand the custodian’s behavior for creating, managing, storing and retaining information…from their perspective…where do they put it?  What applications, devices, and service providers do they use?  Identify portable devices, home computers, Cloud…etc…look for spoliation risks to the organization outside of identified systems of record.

Understanding all these different elements of the People, Process & Technology in your eDiscovery process is the key to controlling costs & mitigating risks.

If you would like to discuss this topic further…please post a comment to this blog post.

Setting up an effective records management program in a large organization is tough.  If it were easy, more would have already done so and the Presidential Memorandum on this subject with reference to an Executive Order would not have been necessary.  President Obama and his administration are to be applauded for putting this all too often ignored challenge out there hoping to advance the effectiveness in which the government manages one of our nation’s most valuable assets “our information”.

Many say, this is just another unfunded federal mandate which is destined to go nowhere.   I for one am hoping those nay sayers are wrong.  However, to prove them wrong, meaningful planning must be done and effective steps of the plan successfully executed upon.

In order for federal government Records Officers, Chief Information Officers and General Counsels to be successful in leveraging this opportunity to launch there long floundering records management programs, beef up their e-discovery plans and demonstrate better responsiveness to open government; they must be prepared to develop an action plan to address the following activities (the following reflects only a few of the more important ones).

1. Expose what it is costing their organization to do business without effective records management;
2. Perform a prescriptive self assessment on their current records management program against a commonly accepted set of criteria, such as ARMA International’s GARP (Generally Accepted Records Principles);
3. Develop a return-on-investment (ROI), business case and total-cost-of-ownership (TCO) based upon the information uncovered in the first two steps and develop an Executive level presentation which clearly and concisely articulates them for their agency’s Executives;
4. Build out their organization’s information governance program based upon where they discover they are at today (following the self-assessment), not where you want to be.  Enhancements to their information governance program can and should take place as their program matures and execution is facilitated by automation when and where appropriate;
5. Begin immediately to limit the publication and processing of hard copy documents and presume that information should progress though its lifecyle in electronic form, whenever practicable and permitted by law; and
6. Employ a tool like contextual analytics / file Intelligence to analyze, index and categorize information in various high priority repositories throughout their agency (decision makers must know specifics about what it is they have, in order to make the right decisions about what to do with it.)  They must have this kind of detail in order to determine:

• Is the information object a business record or not, if not can likely defensively depose of it;
• If it is a business record, do they already have a copy of it, if we do, then there is no need to keep it and they can defensively dispose of the duplicate;
• If the discovered business record is not a duplicate, has it already satisfied its retention requirements, if yes ,then they and can defensively be disposed of;

If the discovered business record is in an existing inadequately secured repository, they should take this opportunity to move this business record to a secure repository where it can be secured, so that no unauthorized personnel (including the owner of the record) can change or delete this record until which time it has satisfied its retention period.

Additional Media Resources:

White House looks to beef up management of electronic records

We Can’t Wait: Bringing Records Management into the Twenty-First Century

With gesture toward e-discovery, Obama orders government-wide records management reforms 

Jim Shook, Director, E-Discovery and Compliance Practice EMC Corp

If The Bard were around today, his work on eDiscovery would undoubtedly include an update to one of his more famous turns of phrase:   “To de-dupe or not to de-dupe – what is the question?”

We all want to save money during eDiscovery, and the typical enterprise contains a substantial amount of duplicate information that increases the costs and risks of processing and review.  For example, we know that a single email message to four colleagues can immediately result in five copies of that message – the sender’s copy, along with a copy for each recipient.  With replies and forwards, the number seems to increase almost exponentially.  Similarly, laptops and fileshares abound with duplicates of documents from collaborative efforts or resulting from saving an “extra” copy of a document sent with an email message. All of these extra copies drive up eDiscovery costs.

How De-Duplication Can Help In eDiscovery

The temptation in eDiscovery is to quickly get rid of all of these extra copies – to de-duplicate the information so that we can spend less in collecting, processing and reviewing that information.  We commonly see duplication rates of 15 to 30% depending upon the source data and the environment.  Thus, a company spending $1,000,000 for collection and review in a case could, in theory, save $150,000 to $300,000 just by eliminating duplicate data.

In reality, de-duplication for eDiscovery can be a tricky and worrisome process.  It’s important to understand exactly what – and how – you will be de-duplicating data to insure that you get exactly what you expect and do not run afoul of preservation requirements or compliance concerns.

The Technology Behind De-Dupe

A typical “document” can have many different parts, so when we perform de-duplication, we need to understand which of those parts are being used to determine whether two documents are the same.  Without being too philosophical, it’s clear that no two documents can ever be completely identical.  At minimum, even if they are identical in all other respects, they will be stored in two different locations.  In some cases, even that fact – the location or “path” of the document — could be important.

To take a closer look at this issue, let’s start with the file “badStuff.doc”, a file containing text information created in Microsoft Word, which is saved on a laptop.  This file has several different types of information, including:

- File contents:  The file itself consists of all of the words and information that are saved as the body or text of the document.

- Document Metadata:  Many documents contain “metadata” stored that is hidden inside a document.  (For a more complete discussion of metadata, see J. Shook, “Metadata Is Closer Than It Appears”, 4/28/11).  The file “badStuff.doc” has these metadata fields with information labeled as Author, Title, Subject, Keywords, etc.  This information does not appear in the basic editing screen in Word, but is easy to locate using the Properties feature.  This file also contains other hidden metadata such as versioning or redline information, font names and sizes, formatting information such as bold, italics, etc.  These latter categories may not seem very important, but keep in mind that a document containing the word “the” may not be considered a duplicate of a document with the same word in bold:  “the”.

- File system metadata (file attributes):  The “badStuff.doc” file is tracked and managed by the operating system, in this case Windows XP, as an object.  The operating system maintains information about the file including its name, the location where it is stored (the filepath), date of creation, last access and modification, and other information such as access control lists for security.  Typically this information is not stored within the file itself, but is held by the operating system to assist it in tracking and maintaining the file.

Determining Duplicates

Most frequently, de-duplication is performed by using the hash value or “fingerprint” of a file.  (For a thorough discussion of hash values in eDiscovery, see Ralph Losey’s excellent e-Discovery Team blog entry and Ralph’s related Law Review article).   The hash of a file is normally based upon its contents – the “file contents” that we listed above.  The hash typically does not take into account the file system metadata (nor should it, because then almost nothing would ever be a duplicate).

For example, if I make a copy of “badStuff.doc” on a flash drive for my colleague Alice, and send it to Bob as an email attachment, they will both have an equivalent “copy” with the same hash value.  If Alice opens the file to read it, then the file’s system metadata for the access date will change but the file itself will retain the same hash fingerprint.  If Bob opens the file and then saves it back to his hard drive, without making any changes, the Modified and Accessed dates will change – although the hash value will stay the same.

Let’s say that Bob goes into the document and finds an error – he inserts a comma that was missing and then re-saves the document.  The documents are no longer duplicates for purposes of hash values.  Because the file contents have changed — the addition of the comma – the hash value will completely change.  Even a minor change will produce a substantial change in the value of the hash, so we cannot use hash values as a tool to determine whether documents are almost duplicates.

Advanced De-Duplication:  Email

Email messages are even trickier, as they include far more fields and information than just the typical fields (To, From, Date, Subject, Body, etc.) that we normally see.  Email messages with the same exact origin — one that Alice sends to three different people at the same time – will include, in their metadata, different information about routes, time, mail servers, etc.  Normally, eDiscovery tools and experts are aware of these issues and include in hash calculations only those fields that are useful in determining whether messages are duplicates.

Putting It All Together

Let’s apply this information to a sample eDiscovery case.  Alice, Bob and Carol are key players in an insider trading scandal, and the company’s eDiscovery Team is identifying and collecting relevant evidence.  It turns out that a file called “badStuff.doc” is very relevant, which was stored on everyone’s laptops, along with a copy located on Bob’s fileshare directory and another attached to an email message stored in the company’s email archive – five copies in total.  The lawyers simply instructed the company’s IT Liaison to “de-duplicate everything”. In this case, the IT team collected laptop data first, so Alice’s fileshare copy, and Bob and Carol’s laptop copies are removed from processing as duplicates – they have the same hash value as Alice’s laptop copy (which came first) and so we removed them.  Another IT person collected data from fileshares and the email message stored in the archive, so both of those copies are also being preserved.

The parties agree to a “global” production of all data and to perform further de-duplication on production.  In that case, Alice’s version of “badStuff.doc” would be produced — but not Bob’s fileshare copy (because it’s a duplicate) and not Bob or Carol’s laptop copies (because we dropped those at collection).  The email attachment may be produced, depending on the tools and processes that we use.  If we produce the data by de-duplicating by custodian, then we’ll have a different result because Bob’s fileshare version will not be dropped.

Is this important?   As with so many other things, and to the significant frustration of most lawyers, the answer is “it depends”.  Certainly we’ve met at least part of our duty to provide the other side with all relevant information – they have a copy of “badStuff.doc”.   But was it important in this case that Bob and Carol also had their own copies?  Again, in our case the email might show that they received a copy at some point – but what if actually having a copy is more important in this particular matter?  Or what if the emails with that attachment had been deleted (according to a retention schedule), prior to the investigation?  In that case, there would be no link to Carol ever having received the document (despite the fact that we found it on her laptop) and it’s a hit-or-miss proposition on whether we produce Bob’s version.  If we collect in a different order, we may produce a copy from Bob and drop the versions held by Alice and Carol.  Is this worrisome?

Conclusion

Ideally, systems that de-duplicate data will de-duplicate objects while maintaining a “stub” of information with metadata and a “pointer” to the original file.  In our case, then, there would be several stubs of information establishing where we found all of the documents, each of which “pointed” to a single instance of the file itself, since it was identical.  This way, when we searched, viewed or produced the file, we would maintain the information that it actually resided in several locations, and not just one.  In this way, we can still obtain many of the benefits of de-duplication without the problems.

So when you’re looking to save money with de-duplication, do your homework and be careful what you ask for.  The some rule applies when the other side is providing you with de-duplicated information: understand what you are getting – and if it matters in your case.

Consider this complex and ambiguous definition of the duty to preserve from the Supreme Court of Texas:

A party must preserve “what it knows, or reasonably should know is relevant in the action, is reasonably calculated to lead to the discovery of admissible evidence, is reasonably likely to be requested during discovery, [or] is the subject of pending discovery sanctions.”  Trevino v. Ortega, 969 S.W.2^nd 950 (Tex. 1998).

During the federal rulemaking process, the Advisory Committee on Civil Rules holds conferences around the country for public comment. These conferences are for the committee to consider competing opinions on issues of concern that will need to be addressed by the rulemaking initiative. The dialogue began in earnest in May 2010 at the Duke Civil Litigation Conference which brought together more than 180 federal judges, practitioners, and academics to discuss issues of access, fairness, cost, and delay in the civil litigation process.  The movement to amend the rules gained steam at the Discovery Subcommittee meeting in Dallas in September and took up the bulk of the discussions at the Sedona Conference’s Annual Meeting in October of this year.

Even ahead of the meeting, the Sedona Conference issued a survey to its Electronic Document Retention and Production members seeking input on questions around the difficulties around the duty to preserve. 95 percent of respondents indicated that preservation issues have become increasingly significant in civil litigation over the past five years. Additionally, respondents indicated that significant preservation issues arose in 91 percent of $1 million plus matters “sometimes,” “often” or “always,” and 80 percent of cases from the respondents needed court intervention to resolve the preservation issue.

While it is clear that preservation has become a more complex and risky process, there is no consensus that this pain is directly due to the FRCP.  Amending the rules to specify what constitutes a trigger and dictate an across the board scope and duration can be fraught with issues and will only add complexity and ambiguity.  It also has the strong potential to create more reasons for litigation over eDiscovery.

That’s why if there are to be any amendments to the FRCP to ease some of the eDiscovery burdens litigants are facing it should be an amendment to Rule 37 regarding associated sanctions.  One participant explained it best:

The problem isn’t in the triggers as much as it is in the execution.  That is, clients and lawyers are worried that their reasoned judgment will be second guessed and sanctioned by the court later. Protecting reasonable preservation will encourage a reasoned and documented preservation process that would provide a “safe harbor” from spoliation claims and sanctions to good-faith litigants. http://1.usa.gov/uOY6d5

The subcommittee apparently agreed.  The Advisory Committee met on November 7-8^th in Washington D.C. to continue the preservation rule discussions and consider “the Subcommittee’s present thinking…that the rulemaking focus should be limited to sanctions regulation.”   If the full Committee also agrees, the Subcommittee will try between the November and March meetings to develop a specific proposal.

Stay tuned!

Tom Reding

Recently, the Higher Labor Court of Berlin-Brandenburg Germany ruled that an employer has the right to access and review an employee’s work-related e-mail during his / her absence from work.

The ruling makes it very clear that an employee’s rights to use the company’s e-mail system for private communications does not preclude the employer from reviewing an employee’s business related e-mail.

The circumstances behind this ruling were as follows:

• The plaintiff (employee) could not work due to a long-term illness.
• The employer was unsuccessful in locating the employee to get her consent, so that they  could access and read her business related e-mails, in order to respond to a customer’s request.
• After several weeks, the employer circumvented the employee’s password, read and printed the employee’s business related e-mails.  (The employer did not read or print any e-mails labeled “private”.

The plaintiff (employee) requested a court order prohibiting her employer from accessing her e-mail account during any future absences without her explicit consent but, was unsuccessful in obtaining such an order.

The Higher Labor Court rejected the plaintiff’s reasoning that, because she and all other company employees were permitted to use the company’s computer system for private e-mail, her employer should therefore, be considered a so-called “provider of telecommunications services” and thus be required to observe the “secrecy of telecommunications” according to Germany’s Telecommunications Act (Telekommunikationsgestz).

The Higher Labor Court said, allowing use of a company e-mail system for private communication is merely a side effect of the employment relationship and does not fall under the scope of the Telecommunications Act.

As a non-German outsider, it appears that under certain circumstances an employer in Germany who may have a business need to read an employee’s e-mail may be granted the ability to do so, when the employer is unable to obtain the employee’s permission to do so.  This ruling represents to this non-German outsider, that the EU Privacy Laws regarding e-mail and other electronic communications has its limitations as discovered in this court ruling.

The author finds this most noteworthy.

Jim Shook, Director, E-Discovery and Compliance Practice EMC Corp

Companies large and small continue to grow the size of their in-house departments to manage litigation.  The recent 8^thAnnual Litigation Trends report from international law firm Fulbright and Jaworski found that 53% of larger companies have 5 or more in-house attorneys managing litigation, up from 46% last year.  The growth is far more significant in smaller companies, where 16% now have at least 5 litigation attorneys, more than triple the number from last year.

Why are companies increasing the size of their in-house litigation departments?  The survey does not try to answer the question, but our anecdotal evidence shows that companies are trying desperately to better control their costs and risks in litigation, particularly in the area of electronic discovery.  Although it’s been almost five years since the amendments to the Federal Rules of Civil Procedure, eDiscovery remains a difficult and expensive process for most companies.

As companies add in-house lawyers, they often look to have them handle more of their eDiscovery, slowly but surely evolving ad hoc eDiscovery into a standard, mature business process.  To accomplish this task, counsel needs more capabilities from their technology solutions.  We’ve seen a number of needs resulting from this process, including:

• Better early case assessment capabilities.  The term “ECA” (early case assessment) can mean many things, but at its core is about delivering information to inside or outside legal, very early in a matter, to better assess the cost, risk and value of a matter.  In ECA, because earlier is better, the best solutions will provide access to the most common ESI in its native state, before the collection process; and provide tools to rapidly understand that ESI.

• Access to More ESI Repositories.  In the “old” days, eDiscovery focused almost exclusively on email messages.  More recently, as noted in IDC’s “Corporate eDiscovery Technology Trends Survey” (2010), the most common repositories include file archives and collaborative applications (e.g. Sharepoint).  As the number and size of ESI repositories grows, the ability to easily connect to and search these varied ESI repositories becomes more critical each day.

• Enhanced Regulatory Response Capabilities.  While eDiscovery normally focuses on US litigation matters, the Fulbright survey identified a strong increase in regulatory investigations.  Such investigations tend to mirror the eDiscovery litigation process in many ways – finding, collecting and handing ESI over to a third party.  In addition, many of these regulatory agencies are outside the US and may have complex privacy requirements.  Tools that work with languages other than English and also enable precise collection capabilities are critical to meeting the needs of regulatory responses.

EMC is leading the way in enabling more eDiscovery processes to be managed by in-house counsel, in partnership with their law firms.  In our Kazeon 4.6 release, announced this week, you’ll see a number of enhancements that meet these and many other requirements.

The Lawyers guide to eDiscovery Technology

The interaction at the luncheon was eye opening to those who held those beliefs.  It quickly became obvious by their presence and their questions that IT professionals are very interested in the workings of an eDiscovery matter and want to know how they can best help. If they know the reasons why certain data is being requested, they can be of great assistance in making sure the preservation and collection is done not only to the letter of the law but also according to its spirit.  This benefits Legal (and the organization as a whole) in a number of ways: less irrelevant data collected, more defensible preservation and collection, less resources engaged, etc.

My co-presenter, Rich Vestuto, Merrill’s V.P. of Client Services, had some amusing anecdotes of legal requests that created massive IT log jams.  A log jam can be a blessing in disguise as it makes both sides finally realize that the status quo is no longer sustainable and that a change is sorely needed.  Some attendees stated that although they would like to be more proactive, it seems as though until some pain is felt by the organization, no changes appeared to be forthcoming. For the lawyers in the room, Rich shared some war stories about issues he encountered as a 30(b)(6) witness and some unfortunate outcomes for those attorneys who were not  prepared for their meet and confer.

In all, simply getting IT and legal together in a room accomplished an immediate goal of some mutual understanding.  The participants left with a sense that the other side is not so different in terms of the pressures they are under and that a little interaction goes a long way when dealing with the intricacies of eDiscovery.