Service Excellence: A Guide To Superior eDiscovery Project Management

Most eDiscovery providers can deliver the basic components of service. They have the software and hardware that allows them to process your data and host it in a proprietary or off-the-shelf application. Some vendors can process your data more quickly than others, some hosting platforms have nicer bells and whistles than others, but every vendor should be able to provide those basics.

What truly distinguishes an average supplier from an exceptional one in the world of eDiscovery is client service and project management. The inevitable bumps and curves in the road of a project are profoundly frustrating when communication is poor. With excellent, assertive and timely communication those bumps and curves can be anticipated and tolerated.

Perfection may be a goal in eDiscovery, but it’s rarely a reality. EDiscovery consumers need and deserve strong project management and communication – the stakes in big litigation are high and the costs of errors can grow when communication is late, unclear or inaccurate.

Excellent client service and project management in eDiscovery requires attention to detail as well as an understanding of the “big picture” goals. An approach that comprehends both the forest and the trees is required. Excellent project management should embody certain key qualities, and superior service is always marked by the presence of these characteristics.

Responsive. Your project manager should never let an email or a call go more than 30 minutes without a response during business hours. We all expect attentiveness and responsiveness in restaurants, and supermarkets, at the gym or the dry cleaners, and everywhere we purchase goods or services. Why would a consumer of hundreds of thousands of dollars in eDiscovery services expect anything less? Responsiveness is the first priority for any eDiscovery project manager.

Honest. Your project manager should be truthful about capacity and turnaround. More importantly, he or she should keep you fully informed of any issues or situations that have arisen that can affect your compliance or production in any way. Good communication eschews vagueness and states facts clearly without avoiding or obscuring difficult messages and truths.

Inquisitive. Your project manager should never be shy about asking questions. At the most basic level this means asking fundamental questions about requirements, deadlines, specifications and budgets. At its highest level this means asking the right questions to understand the ultimate business purpose behind a request, so that the project manager may help the client find the most efficient solution. A project manager who is afraid to ask questions will never be an effective advocate for the client because he or she won’t fully understand the client’s needs.

Organized. Your project manager should understand your goals and anticipate the requirements. Communication should reflect that overall organization and sense of structure. At the start of your project, you should be asked for specs and requirements up front – you should never have to repeat yourself, nor should you field multiple requests for basic information. An organized project manager knows exactly what they need to know and asks the right questions to get the information. In addition, when a good project manager is responding with information or a report, that communication should be clearly organized.

Timely. Responses and deliverables should come exactly when promised if not sooner. If a deadline can’t be met, your project manager should inform you just as soon as he or she is able to do so. If a response is promised by a certain time, the client should never have to ask for an update at that time. Nothing makes me cringe more than a message from a client at 4:10 PM asking for the 4:00 update they were expecting. No client should have to chase their project manager for a timely response.

Concise. Communication should always be clear and simple. When communicating with clients, every project manager should observe the “three sentence” rule – you can never rely on anyone reading more than three sentences of any email. I was once prone to issue long, technical explanations to clients, only to find that they didn’t seem to have understood the details. I instituted a personal rule that any message that couldn’t be said in three sentences or less needed to be communicated in multiple emails. The increase in comprehension was immediate.

Flexible. Rigidity has no place in big eDiscovery projects. Deadlines, goals and strategies change constantly. A good project manager will always try to find a way to accommodate your needs, will always attempt to find creative solutions, and will welcome the opportunity to find an innovative solution for your needs.

Your eDiscovery budget should buy more than basic, adequate service. There are dozens of vendors who can provide the fundamental eDiscovery services. Look for these hallmarks of excellent project management to ensure you’re getting the service you deserve.

Decoding eDiscovery Doublespeak

I once had a boss who was fond of calling the particulars of eDiscovery processing and production the "sausage factory," a tip of the hat to the old adage that "Laws are like sausages, it is better not to see them being made."

Any business in a service industry seeks to create the appearance that things are going smoothly. In the same way the waiter at a restaurant will never tell you that your entrée has been delayed because of a small fire in the kitchen, your eDiscovery vendor will seek to shield you from the ugly side of the sausage factory.

Most reputable vendors won’t lie to their clients. They will, however, engage in creative truth-telling, giving just enough information to keep you apprised overall without getting so specific that you see the inner workings of the operation. Sticking close to the truth while leaving just enough ambiguity to give some wiggle room is the usual modus operandi. This is generally accomplished through the use and deployment of select doublespeak phrases designed to sound just technical enough to persuade you they mean something while conveying absolutely nothing specific.

In our ongoing effort to debunk the mysteries of eDiscovery, here are a few choice examples of vendor doublespeak.

“Contention in the environment.” This ambiguous gem is used to explain delays brought about by causes your vendor would prefer not to disclose. When you hear this phrase, alarm bells should sound, as it means something bad has happened but they’re not ready to tell you what.

Example: “We were not able to make as much progress as expected with this data due to contention in our environment.”

Translation: “We can’t meet the deadline we promised to meet. This is due to (1) the fact that requirements exceed our capacity, or (2) an internal problem like a storage failure or software issue but we are never ever going to tell you that.”

“Data specific” / “Non-standard data.” When software chokes on your data for a reason that’s beyond the understanding of the developers, they explain that the problem is “data specific” or due to “non-standard data” which means they probably won’t work too hard to solve the issue, since it’s “your fault.”

Example: “These files, which are non-standard, can’t be processed. The issue is data-specific and does not affect any other files. Our developers are investigating the issue.”

Translation: “We have no idea why these files weren’t processed. We don’t know where else this problem may exist but we are guessing it’s limited to the files you noticed. A ticket has been opened with our development team which will languish in a queue for months before someone closes it because it’s become stale.”

“Analyst / operator error”  Someone messed up and the vendor can’t blame it on anything else. This is typically followed by an assurance that additional Q.C. steps have been added to the process to ensure it never happens again.

Example: “An incorrect custodian value was applied to these documents due to analyst error. We have added a step to our Q.C. process to ensure this error doesn’t occur again.”

Translation: “An analyst made a mistake they really shouldn’t have been able to make in the first place. We have added another item in a checklist which is often ignored because we’re always rushing to keep up with deadlines.”

“Rolling deliveries.” Incremental data deliveries are typically designed to obscure an inability to achieve the throughput needed to deliver your data on time. Breaking the data up at least gives you something to work with so you don’t have downtime during which you wait and silently curse your vendor.

Example: “We have begun processing your 100 GB dataset and will start rolling deliveries on Monday.”

Translation: “We can’t get through your 100 GB in time for review to start, so we’ll begin dropping increments of data into the database for review.”

“Data density.”  This meaningless phrase is used to explain any delay in indexing, regardless of the quality, quantity, or type of data involved. Any time indexing slows for any reason, it’s identified as a data problem and the cause is the “density” of the data, a quality which is impossible to measure, gauge or predict.

Example: “These documents have yet to be indexed due to the density of the data. We will continue to keep you updated on the progress of the indexing process.”

Translation: “Your documents are indexing very slowly. We don’t have an explanation of why the index is hung up, but when this has happened before it clears itself up magically, so we assume these documents are somehow ‘denser’ than others.”

“Final search sweep” / “Data audit.” These catchphrases appear when the vendor has suddenly found data that they should have found in the past. This may be due to an error or a lag in indexing, but that won’t matter to you when 50,000 new documents appear right before your discovery deadline.

Example: “Our standard data audit identified additional documents responsive to your search terms. These 34,000 documents are currently being batched for review.”

Translation: “We missed these documents. Here they are. Good luck. We will expect your request for a credit at the end of the month.”

Keep your eye out for these phrases or others like them – they reliably signify that things aren’t going as well as your vendor would like you to know, and the sooner you ferret out the whole truth the better your reality will be. At the same time, don't throw the baby out with the bathwater. eDiscovery is complex and the data can be unwieldy. While nothing should be taken at face value, this is not to say you should take your business elsewhere. Most vendors do have something of value to offer, it's up to you to make sure that's what they deliver.

5 Questions You Should Be Asking Your eDiscovery Vendor

EDiscovery is a multi-billion dollar industry, and the market gets bigger every year. Competition is notoriously fierce, and vendors will do whatever they think they need to do to get and keep your business. Sometimes that means providing “above and beyond” service. More often, though, that means working to create or maintain the illusion of excellence.

Whether you’re sifting through RFP responses, listening to a sales pitch or asking questions about a live “in-progress” project, a good portion of what you hear from your vendor is designed as much to obscure the truth as it is to reveal it. Half-truths, “spin” and even outright puffery are common, and if you don’t ask the right questions before and during your project, you’ll be wearing rose-colored glasses without even knowing it.

Forewarned, of course, is forearmed, and asking tough questions at the outset of a vendor relationship can save you time, expense and frustration when a project goes “live.” Critical thinking about communication is the key to successful management of outsourced eDiscovery services. Keep in mind that everything you hear from your vendor serves a sales function – the good is always trumpeted while the bad and the ugly are minimized and obscured. Pushing a bit harder for real information is a fundamental best practice in eDiscovery vendor relationships.

To that end, here are five key questions every eDiscovery consumer should be asking of their vendors. Keep in mind, of course, that the "right" answers depend on the situation. Interpreting the answers does require some additional critical thinking and expertise, which you may apply yourself or gain from an eDiscovery consultant.

1. What can I really expect from my project managers?

Project management is the key to client service in eDiscovery, and it’s an area where you’re very likely to hear exactly what you want to hear whether or not it’s true. You’ve probably been told that you’ll have a “dedicated” project manager who will be available to you any time you need him or her. Your nonsense detector should be on overload already – the notion that a project manager will be assigned exclusively to your project day and night should never pass the smell test.

Ask your vendor what the actual staffing structure will be – how many project managers will be assigned to your matter? What coverage hours should be expected? How many other projects will they be working on? How can you be sure that the project managers are all well-informed about your particular requirements? What’s the usual workload of the vendor’s project managers? What do they do to ensure retention and knowledge transfer?

2. Which processes involve manual intervention?

Good software and automation are the foundation of any robust eDiscovery process. Repeatable results are the cornerstone of your ability to effectively represent that you’ve complied with discovery demands and orders. You can be sure that your vendor strives for automation in the pursuit of accuracy and efficiency. You can be just as sure that their efforts do sometimes fail, and that manual processes fill the gaps.

Every manual process is a potential point of failure. Every situation in which human intervention is required presents an inevitable risk of human error. Pushing your vendor to identify these potential points of failure puts you in a position to press for particular accuracy and completeness in these areas.

3. How are hosting charges calculated?

Hosting charges for large matters can become significant and are a common area where expectations fail to connect with reality. That’s because your vendor’s sales people are trained to underestimate items like hosting and your vendor’s operations team is trained to bill for everything.

You might expect that the 100 GB of .pst files you sent for processing will generate 100 GB of hosting fees every month. That expectation is reasonable, but in most cases it’s wrong. That 100 GB of .pst data is likely to result in 150GB of hosting without even tiffing the data. Litigation databases typically have records linking to separate native files for both parent emails and their attachments, which means that you are likely paying to store attachments twice – once embedded in the parent email, then again as a separate attachment file. In addition, many vendors charge you for storage of the database itself, which can ultimately become quite large. If you add tiff images, the storage footprint for your 100 GB of email could grow to 200 GB or more.

At the outset, ask your vendor how hosting costs are calculated. Then hold them to their answer by requesting a monthly report detailing the sources of your hosting charges. In this way you can avoid unexpected costs that can tip your project over budget in a very short time.

4. What types of files are not handled natively?

Good processing software should handle common file types natively without conversion. Any conversion process risks spoliation, data loss, or alteration of metadata. It may surprise you to learn that many vendors can’t handle some common email formats natively - .ost files are a common example, and some vendors can’t process .nsf, mbox or other common types without converting them to .pst. Most vendors also employ Microsoft’s “scanpst” utility to repair .pst files that appear to be corrupt. What’s disturbing is that conversion or repair processes are often undertaken without notifying the client. Bearing in mind the possibility of data loss and spoliation, clients should be notified of any conversion or repair effort. And yet, if you don’t ask, vendors most likely won’t tell. Request a list of any and every common file type that your vendor can’t process natively, and you’ll be well aware of the risks before they turn into issues.

5. How are indexing and search results validated?

Complete and accurate search results are essential to every eDiscovery effort. Search terms are often used to cull data at the outset, which means that data without search terms falls out of the process completely. This is wonderful if and only if you’ve successfully captured everything you may need to review. Missing documents and data can result in sanctions and adverse inferences, so the completeness and accuracy of searches is absolutely vital.

Ask your vendor how indexes are updated and how analysts and clients are kept informed of indexing status. In addition, ask how indexing exceptions and errors are logged and reported. Searches are not complete until they’re actually complete.

More importantly, ask your vendor how search syntax and results are validated. Search execution is both an art and a science, and incorrect searches are an exceptionally common issue in eDiscovery projects. Asking for a documented validation process for search construction and execution puts you in the driver’s seat for this vital stage of your project.

Perfection is rarely a goal in eDiscovery. In the history of the industry, the examples of flawless project execution are few and far between. Every eDiscovery consumer should be armed with tough questions for their vendors so that the inevitable will never take you by surprise.

No, BYOD Will Not Solve Your eDiscovery Problems

A recent article on Dell Computer’s “Tech PageOne” blog suggests that the advent and growth of BYOD (“Bring Your Own Device”) policies will serve to shield companies from eDiscovery costs. The article suggests that the use of personal devices for business purposes will place those devices beyond the control of employers, thus excusing them from the obligation to produce the data they contain. Privacy concerns, the article posits, would ultimately trump any compliance, discovery or production obligations.

Now before you rush off and rewrite your internal security policy to allow, encourage, or even require BYOD, let’s think this through. BYOD will not serve to excuse employers from their preservation and production obligations. Preservation obligations don’t arise from convenience, they arise from statutory and common law duties. For a company that allows BYOD, internal procedures and policies must address collection from personal devices – anything less would be negligent. It’s not difficult to envision a court imposing sanctions for discovery omissions created by the existence of relevant data beyond a litigant’s custody and control where the litigant should have reasonably anticipated the need to preserve and produce that data.

Instead of assuming privacy concerns and “custody and control” arguments will excuse fundamental compliance and discovery obligations, employers who permit BYOD are obliged to consider the retention implications of such a policy and to put sufficient controls in place to allow discovery of data held on those devices to occur. Requiring employees to sign privacy waivers is a far more likely outcome. Indeed, a waiver policy would also serve important data protection goals for such situations as departing employees whose personal devices hold proprietary or sensitive information.

Rather than reducing eDiscovery costs, BYOD is more likely to increase them, as data is stored in different formats and structures on diverse and non-uniform devices, necessitating manual collection and culling efforts. It’s also true that storage of identical data in different formats across multiple operating systems increases the likelihood that conventional de-duplication methodologies will fail, resulting in over-processing and unnecessary review.

BYOD may look great to manufacturers like Dell, who would, I’m sure, love to circumvent corporate procurement policies and discounts by selling business devices to individual employees. A thoughtful approach to the risks and rewards of BYOD should account not only for the security implications of such policies but the potential eDiscovery issues as well. Those issues are almost certain to tip the scales against BYOD without strict controls and privacy waivers.

Your Privileged Communications: An Open Book

A recent Lexis/Nexis survey revealed some disturbing truths about the protection of privileged communication between law firms and clients. The survey of 282 respondents in 15 practice areas across 40 states, asked attorneys what security measures they take to protect privileged communications sent via email. 77 percent said that they include the confidentiality statement with the email. 

What's even more disturbing is that only 22 percent said that they encrypt privileged emails. Fewer still make use of fundamental security measures like password-protecting documents or sending links to documents rather than sending the files themselves. In fact, the survey also found that 52.5 percent of lawyers have used free consumer file sharing services like Dropbox for privileged communications.

A full summary of the survey can be found here: http://businessoflawblog.com/2014/05/file-sharing-lawyer/

Lawyers can no longer live in denial of their responsibility to use technology in a safe and secure manner. Attorneys need to recognize that their fiduciary duties to their clients include a duty to be conscious of the security requirements of communication in the digital age. No attorney should choose convenience over protecting the confidentiality of their communications and their clients' data. 

Compliance Obligations: They're Not Just for Parties Anymore

It is axiomatic that parties to a litigation can find themselves on the hook for fees and sanctions when spoliation is found, but the case of Logtale, Ltd. v. IKOR, Inc. in the Northern District of California highlights the principle that counsel can be sanctioned as well, when counsel is found to have neglected their duty to ensure a client’s search for responsive documents and information is complete. In this case the defendants and their counsel were each assessed a portion of a $1.4 million sanction award.

Neither counsel nor their clients can take discovery obligations lightly - attorneys need to ask the right questions in order to fully understand the landscape of their clients' data to ensure that their own representations of compliance are true and accurate. Anything less than that exposes both the client and counsel to potential liability.

All the salient details can be found in the always interesting ELL blog.

http://ellblog.com/another-reminder-that-attorneys-are-responsible-for-the-e-discovery-behavior-of-their-clients/