United States: Attorneys Should Never Forget Who Is Responsible

This article originally appeared in the National Law Journal.

After several high-profile court decisions and, more recently, the imposition of the amended Federal Rules of Civil Procedure relating to electronic evidence, attorneys and their clients are now more than ever under pressure to manage discovery of electronic evidence correctly in any litigation, regulatory inquiry or law enforcement matter.

Undoubtedly, any professional consultant or service provider who has helped manage electronic evidence for a large litigation or investigation has encountered the daunting task of documenting the process used to find responsive records amid terabytes of data. Data collection often occurs in multiple locations, including sites on the other side of the world. When the group of individuals key to the investigation or litigation changes or expands over time, or when client technology is archaic, inconsistent or poorly documented, it can be difficult to demonstrate due professional care.

Nevertheless, demonstrating the accuracy and completeness of the process used to collect and cull the data is critical to any litigation or investigation. This will only gain in importance as regulators, law enforcement officials and courts become increasingly sophisticated regarding electronic evidence. Therefore, producing parties must be able to account for 100% of the data collected, including explanations of all assumptions used in de-duplicating, filtering, rendering, displaying and exporting the data. Further, they must be able to defend any challenges related to spoliation, technologies, conversions or calculations used in their reports -- sometimes under rigorous examination by increasingly savvy regulators, law enforcement officials, courts and auditors.

Of course, legal education does not exactly focus on the technical skills and concepts necessary to effectively manage e-discovery, so most lawyers rely on technology-focused vendors to help manage and process the data to find responsive records.

This in itself can be nerve-wracking for the responsible attorneys. How are they to know if the evidence advisers are doing a thorough job if the attorneys themselves do not understand how the software works? Or where various types of documents are within the client's electronic records? And what happens if on the eve of trial it becomes apparent that hundreds or even thousands of potentially relevant documents were not even identified in the initial searches?

Not to be alarmist, but mistakes can happen without a consistent process in place. One of the primary errors comes in accounting for files after they have been processed -- or even worse, filtered -- rather than starting with the original body of data. This can greatly reduce the number of files included in the electronic evidence report and makes it impossible without starting over to know what was eliminated from the field.

For example, a service provider may arbitrarily define the universe of documents for processing without discussing the exclusions with the client or attorneys. Such definitions include limiting the processing scope to company e-mail files or Microsoft Office documents while ignoring personal e-mail files or other file types that may contain relevant information. Further, providers sometimes make no attempt to recover password-protected or recoverable deleted files. In many cases, these restrictions in scope are not documented and are found only after careful review of the results and interviews of the teams that performed the work for the client. Similar to the decision to account for records only after they have been processed or filtered, undocumented scope restrictions make it impossible to account for 100% of the data without completely reprocessing the original sources. Obviously, this is expensive for the client and disruptive to its business. Most important, it is entirely avoidable by doing things right the first time.

There are no easy fixes to avoid these lapses. One extra comfort to litigators or companies responding to e-discovery requests may be found by hiring e-discovery professionals who operate under an established process. For example, professionals who are members of firms licensed by the American Institute of Certified Public Accountants (AICPA) work under strict professional guidelines. These guidelines include the principles outlined in AICPA's Litigation Services and Professional Standards Report. AICPA, Statement on Standards for Consulting Services, No. 1, para. 6. It is important to note that, in addition to the certified public accountants who are members or partners of the firm, AICPA member firms themselves are licensed and held to the highest standards of quality and professionalism.

The AICPA report offers four main guidelines for litigation services. It states that service providers should demonstrate professional competence, exercise due professional care, show adequate planning and supervision and obtain sufficient relevant data. By following these general guidelines, many common e-discovery pitfalls can be avoided.

Clearly, most electronic data professionals are not bound by the AICPA guidelines, and such overt regulation is not necessary. However, the guidelines are useful as a basis for a general discussion of e-discovery protocols to help attorneys choose qualified vendors and establishing expectations for discovery in their cases.

The concept of professional competence is a fairly obvious one for anyone planning to hire a professional for any service. Whether a doctor, a lawyer or an electrician, the professional should have the right education and certifications to perform that service well. The same theory applies to e-discovery service providers.

In addition to relevant experience and publications, several designations are helpful in identifying competent professionals in the e-discovery arena. They include certified information systems auditor; certified information systems security professional; certified information security manager; certified information technology professional; certified fraud examiner; certified protection professional; seized computer evidence recovery specialist; certified computer examiner; certified forensic computer examiner; EnCase certified examiner; project management professional; and certified records manager.

Further, in light of Daubert v. Merrill Dow Pharm. Inc., 509 U.S. 579 (1993), and Kumho Tire Co. Ltd. v. Carmichael, 526 U.S. 137 (1999), it may be prudent to consider the credibility, reputation, experience and relevance of the service provider. These factors will come into play should the consultant or vendor have to testify in regard to the quality of the data acquisition and processing. Perhaps more important, the chosen consultant often will have to respond to the inquiries of regulators, law enforcement officials or the client's auditors regarding the accuracy and completeness of their work.

To make sure the team takes due professional care, it stands to reason that sufficient planning and supervision will be necessary. The team will need to lay out its objectives and translate them into activities needed to meet those objectives. Further, successful planning includes regular communication with the client and attorneys involved so that the team can accommodate and document changes in scope.

In planning an e-discovery engagement, some traditional project management tools can help. These include project charters that describe the engagement's scope and define communication protocols, time lines and data collection work plans that document the approach for consistent and thorough data collection.

Supervision helps to support adherence to a defined process and delivery of a quality product. It is important that a supervisor endorse key data processing steps, such as the confirmation of de- duplication settings or keyword terms, prior to processing. Failure to segregate duties during key processing phases, regardless of the individual's experience, can pose a very dangerous risk to the engagement, as anyone can make a typographical error or get distracted.

It is important to document all of the data from the original source (e.g., known system files, database files, nonuser documents, etc.) through each collection and culling phase so that the records will be as complete as possible. While all files may not need to be processed through the review database, depending on the nature of the engagement and type of data collected, all files should be accounted for and the work thoroughly documented.

It is important to note that all media should have some sort of identification label for tracking in the document-review database to fulfill requirements regarding the chain of custody and control. Barcode numbers tied to the media may serve this purpose and allow for quick data entry with minimal input errors. When maintained correctly in the review database, a reliable media identification system will allow the review team to quickly tie an important e-mail, along with other important metadata about the file path and source, back to its original media source.

Electronically stored information resides in many locations beyond a local hard drive, and investigations and litigation often involve the collection of data from multiple sources -- including network shares, backup tapes, personal computers, personal digital assistants and any other form of digital storage device that may contain relevant information. On a by-custodian basis, e-discovery professionals should document the total number of items collected in a master report that lists all items from all sources.

Beyond initial processing, accounting for how data were filtered via keywords or other metadata strategies, as well as any processing, indexing or other exceptions that may limit the search, is important. Data filtering accounting should break down the number of "search hits" by term or criteria on an aggregate or by-custodian basis. Index exceptions reporting should identify all items not properly indexed (hence not available for keyword searching) and the appropriate reason -- e.g., password-protected, corrupted or unsupported file type. While it may not be appropriate from a cost/benefit perspective to recover all index exceptions, it is important to report that exceptions do exist and that reasonable steps were taken to recover, re-index and search potentially relevant files.

Finally, e-discovery professionals should prepare their work papers under the assumption that they will be scrutinized by opposing counsel, a judge, regulators or other parties. As a result, the working papers should include all information necessary to demonstrate the accuracy and completeness of the work. The professional ultimately responsible for the report should be able to explain the procedures performed, sources of information and interrelationships among the working papers.

While attorneys may not need or want to be deeply involved in the technical details of computer systems operations, search techniques and electronic data discovery processes, they should be armed with the basics required to evaluate the quality and completeness of the work done. Those basics can go a long way in laying the groundwork for a discovery project that produces a full complement of responsive data so that the client company and the attorney both live up to their responsibilities to the court and to the process. By conducting projects according to a few simple guidelines, attorneys can avoid many common mistakes, along with the costly setbacks they can represent.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.